GNOME Bugzilla – Bug 769540
g-s shows just fragment of packages, when RPM GPG key is not available
Last modified: 2018-01-24 17:11:13 UTC
I am running Fedora Rawhide and at the moment, there seems to be missing F26 RPM GPG key, which should be shipped in fedora-repos package, but it is not [1]. In such case, the g-s shows just a few packages and basically it is useless. In my journal, I can see errors such as: ``` Aug 05 10:02:16 localhost.localdomain gnome-software-service.desktop[1890]: 08:02:16:0658 Gs failed to call gs_plugin_refine on packagekit-refine: Curl error (37): Couldn't read a file:// file for file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64 [Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64] ``` Although it is quite soon after Fedora branching and this issue will be likely resolved pretty soon, is there any chance to provide better UX for this case? E.g. ignore the error, or inform users that something is wrong. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1364378
Just forgot to add that I workarounded the issue using ```$ sudo ln -s /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-25-primary /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64``` but that is suboptimal.
So the best idea I came up with was to do a quick "sanity check" at startup with some "oh no!" style dialog, asking the user to check the logs and report a bug. I'll check with Allan when I get back.
Just for the sake of completeness, I requested the keys to be added to Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1308092 And later had discussion on IRC: -dgilmore- vondruch: what is expecting rawhide to be signed? >vondruch< dgilmore, I don't expect that ... dgilmore, I just expect that g-s will work dgilmore, and ABRT will work >vondruch< dgilmore, https://bugzilla.gnome.org/show_bug.cgi?id=769540 -dgilmore- vondruch: the repo files by default have gpgcheck=0 >vondruch< dgilmore, may be its a bug in package kit the? -dgilmore- vondruch: in this case gnome-software must be doing something horribly wrong >dgilmore< or packagekit is if the repo says do not check gpg signatures >vondruch< dgilmore, srp 05 13:56:52 localhost abrt-server[2562]: Can't load public GPG key /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-primary srp 05 13:56:52 localhost abrt-server[2562]: Deleting problem directory Python-2016-08-05-13:56:51-2498 (dup of Python-2016-08-05-13:41:16-19463) >dgilmore< then gnome-software should not check >vondruch< dgilmore, this is what I see reported from ABRT .... -dgilmore- vondruch: okay, whatever is trying to load the file is broken >vondruch< dgilmore, ok ... I'll forward this to both parties .... -dgilmore- vondruch: loading /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-primary will always be wrong also >dgilmore< because secondary arches use a different key so for some arches the wrong file will be getting loaded it sounds like someone has implemented something without understanding how thinsg actually work and has mad some incorrect assumptions made
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/gnome-software/issues/78.