Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

please document how to use distribution-gpg-keys{,-copr} #16

Open
praiskup opened this issue Feb 18, 2019 · 2 comments
Open

please document how to use distribution-gpg-keys{,-copr} #16

praiskup opened this issue Feb 18, 2019 · 2 comments

Comments

@praiskup
Copy link
Member

I fail to see how to use the contents of the package; when I do
dnf copr -y enable JDOE/PROJECT && dnf install PACKAGE

I still see:

warning: /var/cache/dnf/praiskup-less-beta-c4ca9153f233d8ab/packages/less-550-1.fc29.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID 75f6cde0: NOKEY
Copr repo for less-beta owned by praiskup                                                                                                                                                                    568  B/s | 977  B     00:01    
Importing GPG key 0x75F6CDE0:
 Userid     : "praiskup_less-beta (None) <praiskup#[email protected]>"
 Fingerprint: C986 8339 F7AE 3E58 E080 32A4 2148 194C 75F6 CDE0
 From       : https://copr-be.cloud.fedoraproject.org/results/praiskup/less-beta/pubkey.gpg
Is this ok [y/N]: ^C
Didn't install any keys
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'dnf clean packages'.
Error: GPG check FAILED

Is this expected? Seems like the gpg keys are still downloaded from Copr backend, even though I see I have that key in /usr/share/distribution-gpg-keys/copr directory.
@xsuchy
Copy link
Member

xsuchy commented Feb 18, 2019

That is because JDOE/PROJECT can be 5 minutes old, while distribution-gpg-keys is being updated every 2-4 weeks. It will be alway a bit behind.

But since you mentioned ... I can imagine in copr dnf's plugin the logic:

if -e /usr/share/distribution-gpg-keys/copr/copr-JDOE-PROJECT.gpg
replace the gpg key in JDOE-PROJECT.repo and use the one from distribution-gpg-keys-copr

I may implement it one day.

@praiskup
Copy link
Member Author

That is because JDOE/PROJECT can be 5 minutes old, while distribution-gpg-keys is being updated every 2-4 weeks. It will be alway a bit behind.

For the praiskup/less-beta case, it's 17 months old.

But since you mentioned ... I can imagine in copr dnf's plugin the logic:

So the answer to my question is "I have to manually edit the repo file so it points to the local file:// gpg key" right? Could this be documented somewhere?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xsuchy @praiskup