Am 28.02.23 um 10:34 schrieb Kamil Paral:
That's most certainly this problem:
https://ask.fedoraproject.org/t/popular-third-party-rpms-fail-to-install-update-remove-due-to-security-policies-verification/31594 <https://ask.fedoraproject.org/t/popular-third-party-rpms-fail-to-install-update-remove-due-to-security-policies-verification/31594>
Yes, it certainly is this problem.
AFAICT, the cause seems to be my old gpg-signing key (created 2013) is
using "digest algo 2" signature digests (whatever this means).
I don't understand these security measures much, but creating a new key
using modern tools should be sufficient to resolve this.
Which tools whould you suggest? So far, for me, all such attempts, using
seahorse on fc37 failed.
Though the newly created key seems to comply to the new rules, now gpg
-sign and rpm --resign fail:
# rpm --resign libmail-2.3.5-1.fc38.x86_64.rpm
libmail-2.3.5-1.fc38.x86_64.rpm:
gpg: signing failed: Permission denied
gpg: signing failed: Permission denied
error: gpg exec failed (2)
No idea, about what's going on.
See the article
to learn how to detect and uninstall already affected packages present
on your system first.
Well, ...
IMHO, this stuff + FC38's rpm and dnf are not in a release-ready shape.
Too many cryptic and non-understandable/non-readable error messages, far
too radical changes, far too little backward compatibility and far too
little help.
Ralf
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
