[CentOS] Re: How to import/install the key for signing pxljr-1.1-1.i386.rpm

Wed Nov 28 22:43:26 UTC 2007
Andrew Allen <andy.allen at virgin.net>

On Wed, 2007-11-28 at 00:47 +0100, Nicolas Thierry-Mieg wrote:
> 
> Scott Silva wrote:
> > on 11/27/2007 1:03 PM Andrew Allen spake the following:
> > 
> >> How do I import and install the key for signing the above rpm (driver
> >> for HP Colour laserjet 3500 printer) which I've downloaded from the kde
> >> repo? - I want to use yum localinstall, but when I do I get the message
> >> 'package not signed'.
> >>
> >> Thanks for help,
> >> Andy
> > 
> > You could change gpgcheck=0 in your yum.conf. You can change it back 
> > after you install.
> > I haven't found a commandline option to yum to not check for signed 
> > packages.
> > Something like --nogpgcheck would be nice.
> > 
> 
> just use rpm since you've downloaded the package:
> rpm -K <package>.rpm checks the package (checksums and sigs if available)
> rpm -i <package>.rpm installs it, whether it's signed and checked or not
> 
> to import the kde-redhat repo public key: as it says on the front page 
> of their website http://kde-redhat.sourceforge.net/
> rpm --import http://kde-redhat.sourceforge.net/gpg-pubkey-ff6382fa-3e1ab2ca
> 
> that's a single line in case it wrapped
> 
> but since you say 'package not signed' and not 'public key not found' or 
> some such, the problem is probably not that you don't have the key. 
> Rather, I guess the package really isn't signed. Not 100% sure because I 
> don't yum, I apt, but the message is pretty explicit.
> rpm -i will work
> 
> you should talk to the kde-redhat devs, if it's really their package 
> it's probably unintended that the package is unsigned.
> 
> regards
Thanks for the help - I had to use rpm -i <package>.rpm as it does
appear that the package is not signed!

Andy
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos