Hi folks, There is a bug in the Fedora Blocker Bugs <https://qa.fedoraproject.org/blockerbugs/milestone/40/final/buglist> app that has a lot of us stumped on how to resolve it, so I wanted to highlight it in the hopes that someone might know how to either fix it or maybe even verify if a few of the ideas that have been suggested would work or not.
The bug in question is #2242759 <https://bugzilla.redhat.com/show_bug.cgi?id=2242759> and a brief summary of the problem is this: Using dnf system-upgrade log --number=-1, an entry like "Signature 10d5 created at Wed Sep 27 16:33:34 2023 invalid: signature is not alive" is generated for each rpm in the upgrade list. Raspberry Pi 4 does not have a hardware real time clock so when the Pi is booting Fedora system time is at some (arbitrary?) date and time. During a normal boot chronyd is executed and will set the clock: "chronyd[571]: System clock wrong by 944623.935135 seconds". If the gpg key used by DNF during the system-upgrade has a valid period more recent than the boot time, system-upgrade will fail. A few suggestions* that have been made in the bug to either work around it or resolve it are: disable chronyd.service and enable systemd-timesyncd.service. tell users to 'sudo touch /usr/lib/clock-epoch' rebuild systemd in F38 (this is probably for F39 now as this bug and its comments are a few months old) Stop checking signature time on packages. Make sure that the time before the upgrade is set properly by using systemd-timesyncd, or by some other mechanism *These suggestions are pulled directly from comments in the bug and may appear out of context in this email as this is meant to raise awareness of the problem, and hopefully find folks who can help. Please read the bugzilla for more in-depth detail of solutions offered, testing and log outputs from other users. This bug has rolled over since Fedora Linux 39 and it would be great to see it get resolved before Fedora Linux 40 is released, so if you have some knowledge in this area and/or have some time to weigh in on one of the possible workarounds listed above and in the bug, or could even provide a better workaround or fix, that would be highly appreciated! And also a big thank you too to all the folks who have been working on this bug trying to fix it the last few months. Please comment on the bug or feel free to reach out to me, or better again to Fedora QA in the #quality:fedoraproject.org chat room on matrix. Kindest regards and many thanks, Aoife -- Aoife Moloney Fedora Operations Architect Fedora Project Matrix: @amoloney:fedora.im IRC: amoloney
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
