Hi. I assume what is the second half of the 7.5 update went OK on my DT but has failed to complete on the wife's laptop with the following report...
warning: /var/cache/yum/x86_64/7/updates/packages/scap-security-guide-0.1.36-9.el7.centos.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f533f4fa: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
The GPG keys listed for the "CentOS-7 - Updates" repository are already installed but they are not correct for this package.
Check that the correct key URLs are configured for this repository.
Failing package is: scap-security-guide-0.1.36-9.el7.centos.noarch
GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
I'm not clear what I should check/alter. Perhaps someone could point me in the right direction? Thanks.
Latest update fails package scap-security-guide
-
- Posts: 128
- Joined: 2013/02/28 07:57:46
-
- Posts: 128
- Joined: 2013/02/28 07:57:46
Re: Latest update fails package scap-security-guide
I've noticed that the failing laptop has a file...
/var/cache/yum/x86_64/7/updates/packages/scap-security-guide-0.1.36-9.el7.centos.noarch.rpm
which the DT doesn't have ! What should I do with it please ? Cheers.
/var/cache/yum/x86_64/7/updates/packages/scap-security-guide-0.1.36-9.el7.centos.noarch.rpm
which the DT doesn't have ! What should I do with it please ? Cheers.
-
- Posts: 128
- Joined: 2013/02/28 07:57:46
Re: Latest update fails package scap-security-guide
The above line only appears following an update attempt. I have now checked the CentOS-7 Key file against the Centos Site and that's OK.
-
- Posts: 128
- Joined: 2013/02/28 07:57:46
Re: Latest update fails package scap-security-guide
There's obviously an update in progress as I've updated the mirrors on the DT and that now also fails the same thing. Hopefully the KEY file will eventually catch up !
Re: Latest update fails package scap-security-guide
Exclude that package from the update for now. It has been signed with the wrong CentOS key. Still official so not an indication of anything malicious, this appears to be human error. The key in use is actually
pub 2048R/F533F4FA 2015-11-27 CentOS AltArch SIG - PowerPC (https://wiki.centos.org/SpecialInterestGroup/AltArch) <security@centos.org>
pub 2048R/F533F4FA 2015-11-27 CentOS AltArch SIG - PowerPC (https://wiki.centos.org/SpecialInterestGroup/AltArch) <security@centos.org>
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 128
- Joined: 2013/02/28 07:57:46
Re: Latest update fails package scap-security-guide
Thanks for that. Sorry for being so long-winded !