New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Install doc for SUSE has issues, prompt with ominous error, 'File 'repomd.xml' from repository 'graylog' is unsigned' #15510
Comments
Download the gpgkey from
|
I tried and this seems to give the same warning. Not sure if i'm missing something. |
Keeping track of this coming up via community: |
Abe also brought this up on slack. |
What's the resolution? Is |
it is.
It appears to. I have very little first hand experience with suse but in testing, the
at this time it is expected. I did get confirmation that we don't sign the repo metadata which is what causes this warning. I've asked for it to be reviewed and addressed internally. For the meantime, we will update our documentation to include a note communicating this. |
Via https://go2docs.graylog.org/5-0/downloading_and_installing_graylog/suse_installation.htm
1. importing key fails, does not do what it claims it does
Command
rpm --import https://packages.graylog2.org/repo/debian/keyring.gpg
fails with:This does appear to be caused by importing a binary debian key when the proper key is an el (enterprise linux, rhel) ascii key. I tried to look back at past versions of documentation but this command appears to have been present for many years.
Bernd offered the following which does "work" without error though i don't think the command does what the documentation is stating (importing a key that can be referenced via a package repo).
sudo rpm --import https://downloads.graylog.org/repo/el/stable/GPG-KEY-graylog
2. repo is 'repomd.xml' from repository 'graylog' is unsigned
When either installing graylog, via
sudo zypper install graylog-server
OR even doing a repo update viasudo zypper ref
the following WARNING is presented:I could not find any way whatsoever to resolve this error. I'm also not certain or not if this error was always present. I can infer from the GPG command the intention is to have the repo work correctly without warnings, but this is not currently the case. I wasn't able to find much information about this in terms of if this is just a configuration issue on the client side with the repo and signing key(s), OR an issue with the repo itself. Need help from dev/eng to reivew and resolve.
Expected Behavior
Documentation for graylog should work as described, and without errors and issues.
Current Behavior
Several errors and warning are present. Unclear if this is "working as expected" and the user is meant to continue through the errors or not. IMO this should not be the case and we shouldn't be instructing people to ignore errors nor warnings, especially about repo security.
Possible Solution
Review the install docs for SUSE, update accordingly. If we can't support SUSE, we should document that. (NOTE that this doesn't mean graylog won't work and users cannot install it, just that its not a recommended/preferred OS to use)
Steps to Reproduce (for bugs)
Testing with SLES 15 SP3.
Context
Reported via Graylog Community forum.
Your Environment
Suse Linux Enterprise Server (SLES) 15 SP3.
The text was updated successfully, but these errors were encountered: