2011/11/2 Michael Schwendt <mschwendt(a)gmail.com>:
After
rpm -ivh
http://download1.rpmfusion.org/free/fedora/development/x86_64/os/rpmfusio...
there is a problem installing some packages from RPM Fusion. For example:
# yum install a52dec
[...]
---> Package a52dec.x86_64 0:0.7.4-15.fc11 will be installed
[...]
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID 00a4d52b: NOKEY
Public key for a52dec-0.7.4-15.fc11.x86_64.rpm is not installed
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-16-x86_64
Importing GPG key 0xADF25D9C:
Userid : RPM Fusion free repository for Fedora (16)
<rpmfusion-buildsys(a)lists.rpmfusion.org>
Package: rpmfusion-free-release-16-1.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-16-x86_64
Is this ok [y/N]: y
Public key for a52dec-0.7.4-15.fc11.x86_64.rpm is not installed
Thx for having reported theses issues.
To me every packages provided within the fc16 repository must be
signed (or re-signed) with the fc16 key.
So there are two problems.
- The compat symlink which is wrong
- The non .fc16 packages that aren't resigned with the proper fc16 key.
I've also noticed two deviations from the fedora-release to the
rpmfusion{,nonfree}-release
- The former only provides a (primary) key for the %{version} release
it belongs to where the latter provide several keys
- The former doesn't use gpgcheck on the related rawhide repository
where the latter have it enabled.
I'm not sure to have all the implication of this deviation in mind yet.
Nicolas (kwizart)