All geek questions in one place

Rpm -K message WRONG KEYS

I work on a CentOS 5.4 host with rpm version 4.4.2.3-18.el5 and gpg version 1.4-2 I signed rpm with the command

> rpm --define '_signature gpg' --define '_gpg_path /path/to/keys' --define '_gpg_name mygpgname' -K myrpm.rpm

The command succeeds and repeating the command gives a warning that rpm has already been signed using the key.

However, when I try to verify the signature with rpm -K, it returns the result NOT OK (MISSING_KEYS).

 > rpm -K myrpm.rpm > GNUPGHOME=/path/to/keys rpm --define '_signature gpg' --define '_gnupghome /path/to/keys' --define '_gpg_name mygpgname' -K myrpm.rpm myrpm.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#12345678)

I am assuming that somehow I am setting the path to the keys. I also tried setting GPGPATH = / path / to / keys with no luck.

Does anyone have any suggestions on how I can get rpm -K to find the missing keys?

+4
source share
1 answer

Did you import your public GPG key with the rpm --import <key> command?

If you do not want to store your GPG key in the default RPM configuration database, you need to specify the _gpg_path definition in your command. Note: the last command is missing _gpg_path, although it has almost all the other gpg * definitions that you most likely need.

Personally, I install such definitions in the $ (HOME) / file. rpmmacros so as not to type them many times on the command line.

+5
source

Source: https://habr.com/ru/post/1345123/

More articles:


All Articles