Details
-
Bug
-
Status: Closed (View Workflow)
-
Minor
-
Resolution: Fixed
-
10.1(EOL)
-
SUSE
Description
When galera or MariaDB packages are being installed from MariaDB 10.1 repo on openSUSE (and SLES?), the installation produces warnings:
Retrieving package galera-25.3.15-1.sles13.suse13.1.x86_64 (1/1), 10.8 MiB ( 53.3 MiB unpacked)
|
Retrieving: galera-25.3.15-1.sles13.suse13.1.x86_64.rpm ...........................................................................[done (1.3 MiB/s)]
|
galera-25.3.15-1.sles13.suse13.1.x86_64.rpm:
|
Header V4 DSA/SHA1 Signature, key ID 1bb943db: NOKEY
|
V4 DSA/SHA1 Signature, key ID 1bb943db: NOKEY
|
|
|
galera-25.3.15-1.sles13.suse13.1.x86_64(MariaDB): Signature verification failed [4-Signatures public key is not available]
|
Abort, retry, ignore? [a/r/i] (a): i
|
Checking for file conflicts: ..................................................................................................................[done]
|
(1/1) Installing: galera-25.3.15-1.sles13.suse13.1 ............................................................................................[done]
|
Additional rpm output:
|
warning: /var/cache/zypp/packages/mariadb/rpms/galera-25.3.15-1.sles13.suse13.1.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 1bb943db: NOKEY
|
The part "Signature verification failed [4-Signatures public key is not available]" might be specific for my machine, since I don't see it in buildbot, but the warning from the last line happens everywhere. No big harm as it seems, but not pretty – is anything wrong with it?
Attachments
Activity
If you mean a step in buildbot, I'm not so worried about that, in buildbot it's just warnings; I'm more concerned about real-life installation, at least we need to mention the solution in the repo configuration tool; or, even better if it's possible to somehow tell zypper in the repo file that it should import the key.
I'm talking about in the real world. Like you I'm not so worried about buildbot's warnings. Our installation instructions definitely need to be updated to include a step to import the key... if I can't figure out how to tell zypper to do it.
From what I can figure out, the best solution seems to be to install the key manually using the 'rpm --import' command. I've added the following step to the entry in the repo configuration tool for openSUSE:
{{
sudo rpm --import https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
}}
We need to add a step that imports the MariaDB GPG key prior to installing. On CentOS and Fedora, yum offers to import the key for you, but zypper isn't doing that and I'm not sure what the commands are. I'll look into it.