Re: rpm output

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Samuel Sieb wrote:
> On 10/25/23 13:35, Patrick Dupre via users wrote:
>> rpm -qi $(rpm -qa | grep pubkey)
>> error: rpmdbNextIterator: skipping h#     132
>> Header RSA signature: BAD (header tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:
>>    Failed to parse Signature Packet
>>        because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.
>>        because: Malformed MPI: leading bit is not set: expected bit 8 to be set in   101000 (28))
>> Header SHA1 digest: OK
>> error: rpmdbNextIterator: skipping h#     134
>> Header RSA signature: BAD (header tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:
>>    Failed to parse Signature Packet
>>        because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.
>>        because: Malformed MPI: leading bit is not set: expected bit 8 to be set in  1111100 (7c))
>> Header SHA1 digest: OK
>> error: rpmdbNextIterator: skipping h#     137
>> 
>> 
>> 
>> How can I associate the pubkeys with the package?
> 
> They aren't part of a package.  They are independent data items.  I'm not
> sure if it's a pubkey or a package.
> 
>> Should I rebuild the rpm databasis?
> 
> That won't do anything.  The database is fine, it's the signature of
> something in it that isn't.
> 
> Try running "rpm -qa --nosignature | grep pubkey" and see if that runs
> without the error.  That option isn't documented for querying, so I don't
> know if it will have any effect.

There is some guidance for how to handle this in Common
Issues:

https://discussion.fedoraproject.org/t/third-party-rpms-with-an-invalid-signing-key-might-cause-errors-during-package-operations/80077

As a brief example (I'd recommend reading the article in
full):

    $ rpm -q --nosignature --querybynumber 132

should report the first affected package.  Repeat for the
other numbers in the errors and then remove the packages via

    $ sudo rpm -e --nosignature <packages>

-- 
Todd

Attachment: signature.asc
Description: PGP signature

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux