On 2010-06-18 at 13:00-04 James Ralston wrote:
> warning: rpmts_HdrFromFdno: V3 DSA signature: NOKEY, key ID 5e3d7775
> Public key for system_bios_PowerEdge_2850-A06-20.noarch.rpm is not installed
> Retrieving GPG key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-libsmbios
> GPG key at file:///etc/pki/rpm-gpg/RPM-GPG-KEY-libsmbios (0x5E3D7775) is
> already installed
>
> The GPG keys listed for the "Firmware updates" repository are already
> installed but they are not correct for this package.
> Check that the correct key URLs are configured for this repository.
An additional piece of information that might help: we rsync the
fwupdate repository locally on a nightly basis, and we verify the PGP
signatures after we do so.
I went back and checked our logs, and found:
As of 2010-05-25 at 04:00-04, we had no difficulty verifying the PGP
signatures of the RPM packages in the fwupdate repository.
As of 2010-05-26 at 04:42-04, PGP signature verification of
packages in the fwupdate repository failed.
Looking at our local copies of the rpm files, they all have mtime
values that fall between:
2010-05-25 12:35:22-04
2010-05-25 12:36:19-04
E.g.:
$ ls -lsa system_bios_ven_0x1028_dev_0x02fb-A00-20.noarch.rpm
876 -rw-r--r-- 1 root root 885675 May 25 12:36
system_bios_ven_0x1028_dev_0x02fb-A00-20.noarch.rpm
So, I strongly suspect that on 2010-05-25 at 12:35:22-04, something or
someone went through and re-signed all of the RPMs in the fwupdate
repository. But I think the version of rpm used to do so produced
corrupted signatures.
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
Please read the FAQ at http://lists.us.dell.com/faq
