On Sun, 30 Nov 2003 03:54:28 +0100, A.J. Bonnema wrote: > Michael Schwendt wrote: > > Visit the home pages of the package repositories in your sources list > > and retrieve the missing GPG keys. > > > > E.g. read the instructions at http://rpm.livna.org/ > > > > > > http://rpm.livna.org/RPM-LIVNA-GPG-KEY > > http://www.fedora.us/FEDORA-GPG-KEY > > > > Ok, thank you very much, that did it. I thought I had all the keys, but > obviously fedora.us-key was missing. > > Still the error message is at least misleading. > It says: "Package aalib-1.4.0-0.fdr.0.8.rc5.1 does not have a GPG signature" > > In other words, it says the package is the problem, where it should you: > hey, the Fedora.us key is missing, please import. > > Should this be a bug in bugzilla? Or a feature request? (new ground to me). Sounds a bit like it could be a known bug or deficiency. Checking http://bugzilla.redhat.com might answer whether it is known already. If it isn't and if you can demonstrate that the downloaded aalib package is really signed (rpm -Kv aalib*.rpm) and verifies as good, submitting a bug report shouldn't hurt anyone. Such misleading error messages are not good. --
Attachment:
pgps9p3UMTQVl.pgp
Description: PGP signature
