public inbox for [email protected]
help / color / mirror / Atom feedFrom: Magnus Hagander <[email protected]>
To: pgsql-pkg-yum <[email protected]>
Cc: [email protected]
Cc: [email protected]
Subject: Re: Non-signed packages in PostgreSQL 14 repo for RHEL 9
Date: Wed, 17 Apr 2024 09:03:22 +0200
Message-ID: <CABUevExhB_Etd4PuTTcMejQSgGM+w2GKUH3-LtuGRYgWtKp0iA@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
Hi!
Forwarding this one to the RPM maintrainers.
//Magnus
On Wed, Apr 17, 2024 at 8:58 AM <[email protected]> wrote:
> Hi,
>
>
>
> I’m not sure where to forward this to, since it’s not a bug in PostgreSQL,
> per se.
>
> But I noticed that there are unsigned packages in this repository:
> https://download.postgresql.org/pub/repos/yum/14/redhat/rhel-9-x86_64/
>
> I’m using reposync (reposync(1) - Linux manual page (man7.org)
> <https://www.man7.org/linux/man-pages/man1/reposync.1.html;) to mirror
> the repository but it fails with –gpgcheck since there are unsigned
> packages.
>
> This is the GPG key I’m using to verify the packages:
> https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL
>
> Every other package in the repository is signed and works as expected.
>
>
>
> Output from reposync:
>
> (946/952): postgis33_14-devel-3.3.6-3PGDG.rhel9 23 kB/s | 8.9 kB
> 00:00
>
> (947/952): postgis33_14-client-3.3.6-3PGDG.rhel 569 kB/s | 293 kB
> 00:00
>
> (948/952): postgis33_14-3.3.6-3PGDG.rhel9.x86_6 5.6 MB/s | 4.0 MB
> 00:00
>
> (949/952): postgis33_14-gui-3.3.6-3PGDG.rhel9.x 943 kB/s | 211 kB
> 00:00
>
> (950/952): postgis33_14-docs-3.3.6-3PGDG.rhel9. 10 MB/s | 4.8 MB
> 00:00
>
> (951/952): postgis33_14-llvmjit-3.3.6-3PGDG.rhe 9.4 MB/s | 1.1 MB
> 00:00
>
> (952/952): postgis33_14-utils-3.3.6-3PGDG.rhel9 345 kB/s | 43 kB
> 00:00
>
> Removing postgis33_14-3.3.6-3PGDG.rhel9.x86_64.rpm: Package
> postgis33_14-3.3.6-3PGDG.rhel9.x86_64.rpm is not signed
>
> Removing postgis33_14-client-3.3.6-3PGDG.rhel9.x86_64.rpm: Package
> postgis33_14-client-3.3.6-3PGDG.rhel9.x86_64.rpm is not signed
>
> Removing postgis33_14-devel-3.3.6-3PGDG.rhel9.x86_64.rpm: Package
> postgis33_14-devel-3.3.6-3PGDG.rhel9.x86_64.rpm is not signed
>
> Removing postgis33_14-docs-3.3.6-3PGDG.rhel9.x86_64.rpm: Package
> postgis33_14-docs-3.3.6-3PGDG.rhel9.x86_64.rpm is not signed
>
> Removing postgis33_14-gui-3.3.6-3PGDG.rhel9.x86_64.rpm: Package
> postgis33_14-gui-3.3.6-3PGDG.rhel9.x86_64.rpm is not signed
>
> Removing postgis33_14-llvmjit-3.3.6-3PGDG.rhel9.x86_64.rpm: Package
> postgis33_14-llvmjit-3.3.6-3PGDG.rhel9.x86_64.rpm is not signed
>
> Removing postgis33_14-utils-3.3.6-3PGDG.rhel9.x86_64.rpm: Package
> postgis33_14-utils-3.3.6-3PGDG.rhel9.x86_64.rpm is not signed
>
> Error: GPG signature check failed.
>
>
>
> Best regards,
>
> Gunnar Andersson,
>
> Trafikverket
>
view thread (2+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: Non-signed packages in PostgreSQL 14 repo for RHEL 9
In-Reply-To: <CABUevExhB_Etd4PuTTcMejQSgGM+w2GKUH3-LtuGRYgWtKp0iA@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox