[CentOS] Centos 5 yum update needs gpg key import

Thu Jul 12 19:53:01 UTC 2007
Johnny Hughes <johnny at centos.org>

Scott R Ehrlich wrote:
> Quoting Karanbir Singh <mail-lists at karan.org>:
> 
>> Scott Ehrlich wrote:
>>> Media checked fine with both md5sum and sha1sum.   I believe I obtained
>>> my DVD version from kernel.org, and were obtained within the last couple
>>> of months.
>>
>> what does this say : 'rpm -qf /etc/yum.repos.d/CentOS-Base.repo'
> 
> sudo rpm -qf /etc/yum.repos.d/CentOS-Base.repo
> centos-release-5-0.0.el5.centos.2
> 
> 
>> and what does this say : 'rpm -V centos-release'
> 
> this shows nothing.

Before we take this any further ... was the key you imported to a
repository other than an official CentOS one. (for example, RPMForge,
ATRPMS, etc.).

The default CentOS-Base.repo has this line in it:

gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

All packages in the official repos should be signed with that key ... if
you only have the CentOS Default repos enabled, you should not have been
able to install a package that needed updating without yum asking you if
you wanted to install that key.

If you had to add the CentOS-5 key ... then something is not setup in
the default way.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20070712/39e50c03/attachment-0005.sig>