Problems signing rpms
|
View:
New views
12 Messages
—
Rating Filter:
Alert me
|
 |
Problems signing rpms
by Chris-394
::
Rate this Message:
I'm building clamav rpm's for 2009.1 and am having an issue signing them
with my gpg key. Previously when I was running 10.1 I had no problems. I'm using the below command: [chris@localhost ~]$ rpmbuild -bb--sign /home/chris/rpm/SPECS/clamav.spec Enter pass phrase: Pass phrase check failed My ~/.rpmmacros file has all the same info as I used in building rpms for 10.1: %_topdir /home/chris/rpm %_tmppath /home/chris/rpm/tmp %_signature gpg %_gpg_name Chris Pollock (New email address as of 04/21/07) <cpollock@...> %_gpg_path ~/.gnupg %distribution MandrivaLinux %vendor Mandriva And I've ensured that I entered my passphrase correctly. Any ideas as to what the problem may be? There are no problems building without the sig and guess I could upload them to the site I usually do unsigned however I'd feel better if they were. Thanks Chris -- KeyID 0xE372A7DA98E6705C |
|
|
Re: Problems signing rpms
by Thomas Backlund
::
Rate this Message:
|
|
|
Re: Problems signing rpms
by Charles A Edwards
::
Rate this Message:
On Thu, 02 Jul 2009 17:57:31 -0500
Chris wrote: > I'm building clamav rpm's for 2009.1 and am having an issue signing > them with my gpg key. Previously when I was running 10.1 I had no > problems. I'm using the below command: > > [chris@localhost ~]$ rpmbuild > -bb--sign /home/chris/rpm/SPECS/clamav.spec > Enter pass phrase: > Pass phrase check failed > > My ~/.rpmmacros file has all the same info as I used in building rpms > for 10.1: > > %_topdir /home/chris/rpm > %_tmppath /home/chris/rpm/tmp > > %_signature gpg > %_gpg_name Chris Pollock (New email address as of 04/21/07) > <cpollock@...> If you you wish to change it you will should rescind that key and then create a "new" key for your embarqmail address. Charles -- Having the fewest wants, I am nearest to the gods. -- Socrates ---------------------- Mandriva Linux release 2010.0 (Cooker) for x86_64$ On SuperSize....http://www.eslrahc.com Registered Linux user #182463 2.6.30-server-2mnb AMD Athlon(tm) 64 X2 Dual Core Processor 6400+ ---------------------- |
|
|
Re: Problems signing rpms
by Thomas Backlund
::
Rate this Message:
|
|
|
Re: Problems signing rpms
by Chris-394
::
Rate this Message:
On Thu, 2009-07-02 at 19:18 -0400, Charles A Edwards wrote:
> On Thu, 02 Jul 2009 17:57:31 -0500 > Chris wrote: > > > I'm building clamav rpm's for 2009.1 and am having an issue signing > > them with my gpg key. Previously when I was running 10.1 I had no > > problems. I'm using the below command: > > > > [chris@localhost ~]$ rpmbuild > > -bb--sign /home/chris/rpm/SPECS/clamav.spec > > Enter pass phrase: > > Pass phrase check failed > > > > My ~/.rpmmacros file has all the same info as I used in building rpms > > for 10.1: > > > > %_topdir /home/chris/rpm > > %_tmppath /home/chris/rpm/tmp > > > > %_signature gpg > > %_gpg_name Chris Pollock (New email address as of 04/21/07) > > <cpollock@...> > > Your key was created for your earthlink address. > > If you you wish to change it you will should rescind that key and > then create a "new" key for your embarqmail address. > > > Charles[chris@localhost ~]$ gpg --list-public-keys was taking place I created another uid as you can see below gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key /home/chris/.gnupg/pubring.gpg ------------------------------ pub 1024D/98E6705C 2005-11-23 uid Chris Pollock (New email address as of 04/21/07) <cpollock@...> uid Chris Pollock <cpollock@...> Here's the output of rpm --checksig on a package I made in 2008 well after I made the ISP change: clamav-0.94-1.1.101mdk.i586.rpm: (sha1) dsa sha1 md5 gpg OK This is the first packages I've tried to sign since I switched to 2009 so I'm a bit confused as to why it doesn't work Chris -- KeyID 0xE372A7DA98E6705C |
|
|
Re: Problems signing rpms
by Chris-394
::
Rate this Message:
On Fri, 2009-07-03 at 02:14 +0300, Thomas Backlund wrote:
> Chris skrev: > > I'm building clamav rpm's for 2009.1 and am having an issue signing them > > with my gpg key. Previously when I was running 10.1 I had no problems. > > I'm using the below command: > > > > [chris@localhost ~]$ rpmbuild > > -bb--sign /home/chris/rpm/SPECS/clamav.spec > > Enter pass phrase: > > Pass phrase check failed > > > > My ~/.rpmmacros file has all the same info as I used in building rpms > > for 10.1: > > > > %_topdir /home/chris/rpm > > %_tmppath /home/chris/rpm/tmp > > > > %_signature gpg > > %_gpg_name Chris Pollock (New email address as of 04/21/07) <cpollock@...> > > %_gpg_path ~/.gnupg > > %distribution MandrivaLinux > > %vendor Mandriva > > > > And I've ensured that I entered my passphrase correctly. Any ideas as to what the > > problem may be? There are no problems building without the sig and guess I could upload > > them to the site I usually do unsigned however I'd feel better if they were. > > > > > Does your %_gpg_name match whats in your gpg key ? > (matching uid in 'gpg -K' output) [chris@localhost ~]$ gpg --list-keys gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key /home/chris/.gnupg/pubring.gpg ------------------------------ pub 1024D/98E6705C 2005-11-23 uid Chris Pollock (New email address as of 04/21/07) <cpollock@...> uid Chris Pollock <cpollock@...> > Is your gpg keys correctly installed in ~/.gnupg ? As far as I know, I have no problem signing messages, wouldn't I if they were incorrectly installed? > > Is the permissions correct on the .gnupg files ? > (700 on directory, 600 on the files) > > -- > Thomas drwx------ 4 chris chris 4096 2009-07-02 21:17 .gnupg/ -rw-r--r-- 1 chris chris 2137 2009-01-02 20:24 cpollock.asc drwx------ 2 chris chris 4096 2009-02-26 17:37 dirmngr-cache.d/ -rw-r--r-- 1 chris chris 321 2009-02-08 11:19 dirmngr.conf -rw-r--r-- 1 chris chris 321 2009-02-08 11:06 dirmngr.conf.gpgconf.bak -rw-r--r-- 1 chris chris 851 2009-07-01 10:42 gpg-agent.conf -rw-r--r-- 1 chris chris 853 2009-02-08 11:19 gpg-agent.conf~ -rw-r--r-- 1 chris chris 853 2009-02-08 11:06 gpg-agent.conf.gpgconf.bak -rw-r--r-- 1 chris chris 9289 2009-02-06 19:59 gpg.conf -rw-r--r-- 1 chris chris 9178 2009-01-03 15:40 gpg.conf~ -rw-r--r-- 1 chris chris 9209 2009-01-02 20:21 gpg.conf.gpgconf.bak -rw-r--r-- 1 chris chris 432 2009-02-08 11:19 gpgsm.conf -rw-r--r-- 1 chris chris 422 2009-01-02 19:06 gpgsm.conf~ -rw-r--r-- 1 chris chris 432 2009-02-08 11:06 gpgsm.conf.gpgconf.bak srwxrwxr-x 1 chris chris 0 2009-02-08 11:19 log-socket= drwxrwxr-x 2 chris chris 4096 2009-01-03 22:18 private-keys-v1.d/ -rw------- 1 chris chris 6497756 2009-07-01 17:46 pubring.gpg -rw------- 1 chris chris 6497756 2009-07-01 17:10 pubring.gpg~ -rw-rw-r-- 1 chris chris 17087 2009-02-26 17:37 pubring.kbx -rw-rw-r-- 1 chris chris 18116 2009-02-26 17:37 pubring.kbx~ -rw------- 1 chris chris 600 2009-07-02 21:16 random_seed -rw-r--r-- 1 chris chris 327 2009-02-08 11:19 scdaemon.conf -rw-r--r-- 1 chris chris 327 2009-02-08 11:06 scdaemon.conf.gpgconf.bak -rw------- 1 chris chris 1311 2009-01-07 17:37 secring.gpg -rw------- 1 chris chris 1480 2009-07-01 17:46 trustdb.gpg Does anything look amiss? -- KeyID 0xE372A7DA98E6705C |
|
|
Re: Problems signing rpms
by Thomas Backlund
::
Rate this Message:
|
|
|
Re: Problems signing rpms
by Chris-394
::
Rate this Message:
On Fri, 2009-07-03 at 13:02 +0300, Thomas Backlund wrote:
> > > Does anything look amiss? > > > > > What is the output of: > rpmbuild -bs -v --sign /home/chris/rpm/SPECS/clamav.spec Hmm, there appears to be a problem here: [chris@localhost ~]$ rpmbuild -bs -v --sign /home/chris/rpm/SPECS/clamav.spec Enter pass phrase: gpg: skipped "Chris Pollock (New email address as of 04/21/07) <cpollock@...>": secret key not available gpg: signing failed: secret key not available Pass phrase check failed > and: > > rpm -qa '*rpm*' '*gnupg*' [chris@localhost ~]$ rpm -qa '*rpm*' '*gnupg*' urpmi-6.25.5-1mdv2009.1 gurpmi-6.25.5-1mdv2009.1 rpm-mandriva-setup-1.91-1mdv2009.1 rpmdrake-5.16.5-1.1mdv2009.1 librpm4.6-4.6.0-2.1mnb2 rpm-manbo-setup-build-2-16mnb2 rpmbuildupdate-0.8.1-3mdv2009.0 gnupg-1.4.9-8mdv2009.1 librpm-devel-4.6.0-2.1mnb2 rpm-4.6.0-2.1mnb2 rpm-helper-0.22.1-2mdv2009.1 rpm-manbo-setup-2-16mnb2 rpm-build-4.6.0-2.1mnb2 librpmconstant0-0.1.3-5mdv2009.1 rpm-mandriva-setup-build-1.91-1mdv2009.1 > -- > Thomas Chris -- KeyID 0xE372A7DA98E6705C |
|
|
Re: Problems signing rpms
by Thomas Backlund
::
Rate this Message:
|
|
|
Re: Problems signing rpms
by Chris-394
::
Rate this Message:
On Fri, 2009-07-03 at 16:27 +0300, Thomas Backlund wrote:
> Chris skrev: > > On Fri, 2009-07-03 at 13:02 +0300, Thomas Backlund wrote: > > > >>> Does anything look amiss? > >>> > >> > >> What is the output of: > >> rpmbuild -bs -v --sign /home/chris/rpm/SPECS/clamav.spec > > > > Hmm, there appears to be a problem here: > > > > [chris@localhost ~]$ rpmbuild -bs -v > > --sign /home/chris/rpm/SPECS/clamav.spec > > Enter pass phrase: > > gpg: skipped "Chris Pollock (New email address as of 04/21/07) > > <cpollock@...>": secret key not available > > gpg: signing failed: secret key not available > > Pass phrase check failed > > > Yep, there is your problem... > > And you never responded to if the question if gpg sees the key with > > gpg -K [chris@localhost ~]$ gpg -K gpg: using character set `utf-8' gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key /home/chris/.gnupg/secring.gpg ------------------------------ sec 1024D/98E6705C 2005-11-23 uid Chris Pollock <cpollock@...> ssb 2048g/F5604046 2005-11-23 So now I'm really confused because --list-keys shows: [chris@localhost ~]$ gpg --list-keys cpollock@... gpg: using character set `utf-8' gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key pub 1024D/98E6705C 2005-11-23 uid Chris Pollock (New email address as of 04/21/07) <cpollock@...> uid Chris Pollock <cpollock@...> sub 2048g/F5604046 2005-11-23 -- KeyID 0xE372A7DA98E6705C |
|
|
Re: Problems signing rpms
by Thomas Backlund
::
Rate this Message:
|
|
|
Re: Problems signing rpms
by Chris-394
::
Rate this Message:
On Fri, 2009-07-03 at 17:25 +0300, Thomas Backlund wrote:
> > [chris@localhost ~]$ gpg -K > > gpg: using character set `utf-8' > > gpg: using PGP trust model > > gpg: key 98E6705C: accepted as trusted key > > /home/chris/.gnupg/secring.gpg > > ------------------------------ > > sec 1024D/98E6705C 2005-11-23 > > uid Chris Pollock <cpollock@...> > > ssb 2048g/F5604046 2005-11-23 > > > > So now I'm really confused because --list-keys shows: > > > > [chris@localhost ~]$ gpg --list-keys cpollock@... > > gpg: using character set `utf-8' > > gpg: using PGP trust model > > gpg: key 98E6705C: accepted as trusted key > > pub 1024D/98E6705C 2005-11-23 > > uid Chris Pollock (New email address as of 04/21/07) > > <cpollock@...> > > uid Chris Pollock <cpollock@...> > > sub 2048g/F5604046 2005-11-23 > > > > > > Hmmm. > Looking on your filelist once again I see: > -rw------- 1 chris chris 6497756 2009-07-01 17:46 pubring.gpg > -rw------- 1 chris chris 1311 2009-01-07 17:37 secring.gpg > -rw------- 1 chris chris 1480 2009-07-01 17:46 trustdb.gpg > > the secring seems to be an older version... > > Do you have backups of those files ? > If so, try to check if the backups are correct. > > If not, you have to add your new mail adress again... > > -- > Thomas > > [chris@localhost ~]$ gpg -K gpg: using character set `utf-8' gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key /home/chris/.gnupg/secring.gpg ------------------------------ sec 1024D/98E6705C 2005-11-23 uid Chris Pollock <cpollock@...> uid Chris Pollock (New email address as of 04/21/07) <cpollock@...> ssb 2048g/F5604046 2005-11-23 I copied over the secring.gpg file that I made the same day I made the new uid from a backup and rpmbuild is happily now making my signed rpms. [chris@localhost i586]$ rpm -v --checksig clamd-0.95.2-1mdv2009.1.i586.rpm clamd-0.95.2-1mdv2009.1.i586.rpm: Header V4 DSA signature: OK, key ID 98e6705c Header SHA1 digest: OK (975c02d67357a42e5698b3050deadae945434be7) MD5 digest: OK (424750ca8fe413cfc997cb41683c99cb) V4 DSA signature: OK, key ID 98e6705c Thanks for the assist it was much appreciated and I'm just glad I keep backups. Chris -- KeyID 0xE372A7DA98E6705C |
signature.asc (204 bytes) | Free embeddable forum powered by Nabble | Forum Help |
