Description of the issue (screenshots if relevant):
You’ve seen this before…
Relevant informations (hardware involved, software version, logs or output…):
Basically the packages are systemd package stack, lib64gck1_0, and lib64gcr-base3_1 have Invalid key (aka: Bad signature).
To satisfy dependencies, the following packages are going to be installed:
Package Version Release Dist DEpoch Arch
(medium "main (Einsteinium3.0-1)")
lib64mspack0 0.5 0.1.alpha omv 2015.0 x86_64
(medium "main updates (Einsteinium3.0-2)")
bluez 5.49 1 omv 2015.0 x86_64
dmsetup 1.02.146 1 omv 2015.0 x86_64
evolution 3.28.0 2 omv 2015.0 x86_64
evolution-ews 3.28.0 1 omv 2015.0 x86_64
lib64bluez3 5.49 1 omv 2015.0 x86_64
lib64devmapper-devel 1.02.146 1 omv 2015.0 x86_64
lib64devmapper-event-devel 1.02.146 1 omv 2015.0 x86_64
lib64devmapper-event1.02 1.02.146 1 omv 2015.0 x86_64
lib64devmapper1.02 1.02.146 1 omv 2015.0 x86_64
lib64edataserverui1.2_2 3.28.0 3 omv 2015.0 x86_64
lib64gnome-autoar0_0 0.2.3 1 omv 2015.0 x86_64
lib64icalvcal3 3.0.3 1 omv 2015.0 x86_64
lib64lvm2app2.2 2.02.177 1 omv 2015.0 x86_64
lib64lvm2cmd-devel 2.02.177 1 omv 2015.0 x86_64
lib64lvm2cmd2.02 2.02.177 1 omv 2015.0 x86_64
lib64perl5.20 5.20.3 3 omv 2015.0 x86_64
lvm2 2.02.177 1 omv 2015.0 x86_64
perl 5.20.3 3 omv 2015.0 x86_64
perl-base 5.20.3 3 omv 2015.0 x86_64
7.7MB of additional disk space will be used.
24MB of packages will be retrieved.
Proceed with the installation of the 20 packages? (Y/n) Y
The following packages have bad signatures:
/var/cache/urpmi/rpms/bluez-5.49-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Thu Mar 22 13:49:19 2018, Key ID e58ab9ce37a7779a))
/var/cache/urpmi/rpms/dmsetup-1.02.146-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:07 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/evolution-3.28.0-2-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Fri Mar 23 14:17:54 2018, Key ID ddae979e8c79c1fb))
/var/cache/urpmi/rpms/lib64bluez3-5.49-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Thu Mar 22 13:49:20 2018, Key ID e58ab9ce37a7779a))
/var/cache/urpmi/rpms/lib64devmapper-devel-1.02.146-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:07 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/lib64devmapper-event-devel-1.02.146-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:08 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/lib64devmapper-event1.02-1.02.146-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:08 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/lib64devmapper1.02-1.02.146-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:07 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/lib64edataserverui1.2_2-3.28.0-3-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Fri Mar 23 11:20:18 2018, Key ID 1c1f0d5402faf262))
/var/cache/urpmi/rpms/lib64lvm2app2.2-2.02.177-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:06 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/lib64lvm2cmd-devel-2.02.177-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:06 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/lib64lvm2cmd2.02-2.02.177-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:05 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/lib64perl5.20-5.20.3-3-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Thu Mar 22 13:24:06 2018, Key ID f6155fac0c56f380))
/var/cache/urpmi/rpms/lvm2-2.02.177-1-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Sat Mar 17 23:20:03 2018, Key ID 6e5e7d9fab3958db))
/var/cache/urpmi/rpms/perl-5.20.3-3-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Thu Mar 22 13:23:50 2018, Key ID f6155fac0c56f380))
/var/cache/urpmi/rpms/perl-base-5.20.3-3-omv2015.0.x86_64.rpm: Invalid Key ID (OK (RSA/SHA1, Thu Mar 22 13:24:05 2018, Key ID f6155fac0c56f380))
Do you want to continue installation ? (y/N) N
This is a consequence of the ongoing work on ABF regarding the conversion form urpmi to dnf (and rpm5>rpm.org). Developers are aware of the issue and working to resolve.
Officially I can not recommend to anyone to install packages with this error.
However it is almost certain that the packages are OK. (I have installed them myself and have seen no issues so far.)
Edit: Note: What exactly is happening currently is that for some reason when QA moves packages from testing repos to updates repos they are not being signed. So the exact problem in not “bad signatures” as it says but no signature. Again, we are working to resolve.
Edit2: In other words packages in testing repos are not signed and are signed when QA moves the packages to updates repo.
In progress.
bluez-5.49-1-omv2015.0.x86_64.rpm:
Header V4 RSA/SHA512 signature: OK, key ID bf81de15
Header SHA1 digest: OK (67d701cfff8f1d847453f0ddbed7e32a82c22ed5)
MD5 digest: OK (5c83930462806bb2ebdbe1e70b7dd711)
If you have already already download the packages with bad signatures, you might have to remove them from /var/cache/urpmi/rpms/ to force loading the valid new packages.