New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
can't rpm erase, package with invalid hash lodged inside rpmdb #2460
Comments
|
This is a Fedora matter, see https://bugzilla.redhat.com/show_bug.cgi?id=2170878 for details. |
|
I just wonder, what benefit it has to check some signature for uninstallation? The package needed to be installed somehow, it was trusted once, it is recoded in rpmdb. So why it can't be removed? |
|
In the It is a little non-obvious, but the composition works (suggested in links given below) It is nice to be able to do The argument So if it is the case that
Perhaps, its useful to not remove easily in a sense that, when the admin doing the uninstalling does so, It is a self-warning that he might not be able to install it back again easily without the proper sufficient-level GPG key. The below works and it brings back the hash error message If the cryptographic sign checking can be easily bypassed by an admin with I think the repository package gpg keys are best checked by the software that do download (repo-tools such as REFS:
|
Description
rpm query commands on invocation show annoying/distracting hash/digest errors.
When using rpm I think there are two non-easily identifiable packages are messed up.
The
rpm -eerase option does not have a--nodigestargument unlike the install/upgrade/verify options.The below logs show that unnamed packages through up hashdigest errors.
From the key signature
a109b1ecI deduced the packages to be livna-release and libdvdcss.I recently did an upgrade from fedora-37 to fedora-38,
For the most part, other than a few dependency hiccups with some packages like ffmpeg-libs, libplacebo, libchromapaint, which were resolved, the update went smoothly. Fedora-38 boots and works with no issues.
Attempting to force install livna-release is also not possible
I have tried moving out the gpgkeys manually from /etc/pki and /etc/yum.repos.d, no effect.
Logs
Ref
The text was updated successfully, but these errors were encountered: