I'm part way through QA'ing the kernel-2.4.20-33.9.legacy.src.rpm on a
RH9 box (well I'm doing an rpmbuild on it atm).
However I can't find a way to get it to pass the --checksig checks.
I'm clearly doing something wrong but I can't see it.
rpm --checksig -v kernel-2.4.20-33.9.legacy.src.rpm
kernel-2.4.20-33.9.legacy.src.rpm:
Header SHA1 digest: OK (78fb849eb14b27ebf6e2cd1c60860a0db1b88e7c)
MD5 digest: OK (4cc45153c0860aed29640e2df3dff349)
V3 DSA signature: NOKEY, key ID 5178e2a5
shows the package is signed by the unknown keyid 5178e2a5, which
http://pgp.mit.edu:11371/pks/lookup?search=0x5178e2a5&op=index says is
"Dominic Hargreaves" key (which seems right). If I download the
public key from:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5178E2A5
and rpm --import it I get:
rpm -qi gpg-pubkey
<snip>
Name : gpg-pubkey Relocations: (not relocateable)
Version : 243a1329 Vendor: (none)
Release : 3f2be04f Build Date: Fri Jun 18 17:01:26 2004
Install Date: Fri Jun 18 17:01:26 2004 Build Host: localhost
Group : Public Keys Source RPM: (none)
Size : 0 License: pubkey
Signature : (none)
Summary : gpg(Dominic Hargreaves <dominic.hargreaves@xxxxxxxxxxxxx>)
Description :
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: rpm-4.2 (beecrypt-2.2.0)
mQGiBDhC5hoRBADyhJEb4DkUavard0thxSDCOBO1Trf9Ev5MboIpb1ZrNTqICEvtjb29hbaJ
5qexUQ2S+Z+tz/A94U2EuX9ijCiW012CQQvXY6mKryQHd6sPkTLolFO0cAQjahVHhjNHurB1
8UmkbqApY6NioukuR45n6bS4/gbAT3+IFa1i4IHqnwCg/9uabGJ2Iuegw7Jg5q2Vvq+ThS0E
<snip>
and the --checksig -v *still* shows that keyid 5178e2a5 is unknown.
What am I doing wrong? Should I get the public key some other way?
-- Jon
--
fedora-legacy-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-legacy-list
