Hi,
On Tue, Jun 22, 2004 at 01:37:46PM -0500, Adam Thornton wrote: > On Tue, 2004-06-22 at 08:36, Richard Pinion wrote: > > Do you have any words of wisdom? I don't know what could cause corruption on this issue. I have updated (via http/ftp tho) several times the Tao/s390 on real iron too w/o any problems. If yum barfs about the packges signatures -> my initial key was made only last end of this year and i rolled in new key for signing (longer lasting one) within this update2 (on the DVD all the packages are signed with the new key). That should not manifest itself as 'cpio errors' tho. > > Either the RPM archives are corrupt, or the ISO is not handling filename > mapping for long file names correctly. > The DVD-image is fine. I know - i made it. > If Tao supplies a list of md5sums for its included files, you can check > out the first possibility easily enough. > Actually every RPM does contain integrity checksums and those are signed with my secret part of the key, so doing something like rpm -K package.rpm examples: $ rpm -K tao-release-1.0-TL12.s390.rpm tao-release-1.0-TL12.s390.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#81407f67) on machine that doesn't have 'rpm --import <my-public-key-part>' and on the machine that does. $ rpm -K tao-release-1.0-TL12.s390.rpm tao-release-1.0-TL12.s390.rpm: (sha1) dsa sha1 md5 gpg OK So even in the first example, the integrity itself is OK. One could get the list of keys imported on the rpmdb with $ rpm -qa | grep pubkey gpg-pubkey-81407f67-40af5498 So obviously there is no need for md5sums for the actual set of files .... HTH -- Pasi Pirhonen - [EMAIL PROTECTED] - http://iki.fi/upi/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
