Hi, 2015-12-23 18:14 GMT+09:00 Patrick Uiterwijk <[email protected]>: > Hi, > > The latest build of your package is correctly signed: > hn-python2-python-test-2.7.11-3.el7.centos.x86_64.rpm: RSA sha1 ((MD5) PGP) > md5 NOT OK (MISSING KEYS: (MD5) PGP#1256a871)
Thanks for pointing me out. I installed gpg keys manually with the following commands. $ sudo curl -sL -o /etc/pki/rpm-gpg/hnscl-python2.pubkey.gpg https://copr-be.cloud.fedoraproject.org/results/hnakamur/hnscl-python2/pubkey.gpg $ sudo curl -sL -o /etc/pki/rpm-gpg/hnscl-python2-python.pubkey.gpg https://copr-be.cloud.fedoraproject.org/results/hnakamur/hnscl-python2-python/pubkey.gpg $ sudo rpm --import /etc/pki/rpm-gpg/hnscl-python2.pubkey.gpg $ sudo rpm --import /etc/pki/rpm-gpg/hnscl-python2-python.pubkey.gpg And I confirmed python-libs rpm is signed. $ rpm -K hn-python2-python-libs-2.7.11-3.el7.centos.x86_64.rpm hn-python2-python-libs-2.7.11-3.el7.centos.x86_64.rpm: rsa sha1 (md5) pgp md5 OK However I still got the 'is not signed' error with yum install. $ sudo yum install -y -v hn-python2-python Loading "fastestmirror" plugin Config time: 0.008 Yum version: 3.4.3 ...(snip)... Package hn-python2-python-libs-2.7.11-3.el7.centos.x86_64.rpm is not signed $ echo $? 1 I editted my *.repo files to use file:/// url for gpgkey instead of https:// urls, still no luck. $ cat /etc/yum.repos.d/hnakamur-hnscl-python2.repo [hnakamur-hnscl-python2] name=Copr repo for hnscl-python2 owned by hnakamur baseurl=https://copr-be.cloud.fedoraproject.org/results/hnakamur/hnscl-python2/epel-7-$basearch/ skip_if_unavailable=True gpgcheck=1 #gpgkey=https://copr-be.cloud.fedoraproject.org/results/hnakamur/hnscl-python2/pubkey.gpg gpgkey=file:///etc/pki/rpm-gpg/hnscl-python2.pubkey.gpg enabled=1 enabled_metadata=1 $ cat /etc/yum.repos.d/hnakamur-hnscl-python2-python.repo [hnakamur-hnscl-python2-python] name=Copr repo for hnscl-python2-python owned by hnakamur baseurl=https://copr-be.cloud.fedoraproject.org/results/hnakamur/hnscl-python2-python/epel-7-$basearch/ skip_if_unavailable=True gpgcheck=1 #gpgkey=https://copr-be.cloud.fedoraproject.org/results/hnakamur/hnscl-python2-python/pubkey.gpg gpgkey=file:///etc/pki/rpm-gpg/hnscl-python2-python.pubkey.gpg enabled=1 enabled_metadata=1 As a workaround, I confirmed I can install my rpms with yum --nogpgcheck option. $ sudo yum install -y --nogpgcheck hn-python2-python However I'd like to install rpm without --nogpgcheck option. Could you give some advice? Best regards, Hiroaki Nakamura > > Please note that the very first build in a COPR is not always signed due to a > bug (or at least, used to be), but any further builds should be signed. > > With kind regards, > Patrick Uiterwijk > Fedora Infra > > ----- Original Message ----- >> Hello. >> >> How to make sure rpms to be signed on copr? >> >> I tried to build my Python2 rpm. It was built successfully but is was >> not signed. >> https://copr.fedoraproject.org/coprs/hnakamur/hnscl-python2-python/ >> >> I built other rpms and they are signed. >> https://copr.fedoraproject.org/coprs/hnakamur/varnish-head/ >> https://copr.fedoraproject.org/coprs/hnakamur/libvmod-header/ >> >> I don't why my Python2 rpm was not signed. >> I'd like to know the way to make sure rpms are signed on copr. >> >> >> By the way, thanks for a great service like copr! >> It is very useful! >> >> Best regards, >> Hioraki Nakamura >> _______________________________________________ >> copr-devel mailing list >> [email protected] >> https://lists.fedorahosted.org/admin/lists/[email protected] >> > _______________________________________________ > copr-devel mailing list > [email protected] > https://lists.fedorahosted.org/admin/lists/[email protected] -- Hioraki Nakamura )[email protected]) _______________________________________________ copr-devel mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
