PROBLEM WITH "WARNING : NOKEY" WHILE INSTALLING A SOURCE RPM

hello friends

i wanted to install “lsb-builddenv” but a warning didn’t allow it to be installed:

"
warning: lsb-buildenv-4.0-4.2.src.rpm: Header V3 DSA/SHA1 Signature, key ID 62b21ea4: NOKEY
"

is there a way to install this source rpm without connecting to the net.

please help me and thanks.

It’s a warning. It should have installed the package, didn’it?
You don’t need to connect to the Internet to install a source rpm - but you should have got it from somewhere (?). Install source rpms as user with rpm -i and you’ll find the sources, spec file, etc in subdirectories of your ~/rpmbuild.

You can use lskeys to see the signing keys you have installed. The latest version is available here: list-export-remove-rpm-gpg-keys.

You can install a key with **rpm --import **followed by the key file (which can be a local file or a URL).

Because there is no way to control the authenticity of home repo signatures, I encourage you to read this post about-feature-3212047 and vote up for feature 312047.

hello
i installed it by sudo rpm -i lsb-buildenv-4.0-4.2.src.rpm but the above warning appeared and i used the "sudo rpm -q " to if it is installed or not but the message said that it is not installed.
please explain more about the ls keys and with details please and can i do it for “cdrtools-3.01a05-1.5.src.rpm” because i need to install it to and there will be the same warning:
"
warning: cdrtools-3.01a05-1.5.src.rpm: Header V3 DSA/SHA1 Signature, key ID 3a802234: NOKEY
"
i downloaded the rpms from this site:
"
lsb-buildenv-4.0-4.2.i586.rpm openSUSE 11.4 Free Download
"
thank you.

You should not install source rpms with sudo (they are not packages!). You should install and build sources as user. You don’t need to and you should not build applications from sources as root!

On rpm based systems, like openSUSE, Fedora or Mandriva, package signing keys are stored in the rpm database. lskeys is just a simple script that lists the keys you have imported, including creation and expiration date, and allows you to delete and export keys (save a key to file). The script also works on Ubuntu with apt-get keys.

You don’t need to compile cdrtools. Just install the package cdrkit-cdrtools-compat on openSUSE.

If you need to build from sources, install the devel_rpm_build pattern and copy the rpmbuild skeleton in your home directory. Don’t build as root!

sudo zypper in -t pattern devel_rpm_build
mkdir ~/rpmbuild
cp -r /usr/src/packages ~/rmpbuild

Then install the source rpm as user with the command:

rpm -i  cdrtools-3.01a05-1.5.src.rpm

You should find the spec file in ~/rpmbuild/SPECS and the tar.gz or tar.bz2 archive in ~/rpmbuild/SOURCES. Build package and source with:

cd ~/rmpbuild/SPECS
rpmbuild -ba cdrtools.spec

It’s just an example. But again, you don’t need to compile cdrtools yourself on openSUSE.
The warning you get is normal if the package is signed with an untrusted key.

hello
i use the csh shell and i don’t have any information about key.
is it possible to tell for this situation and for the “cdrtools-devel-3.01a05-1.5.i586.rpm” and “lsb-buildenv-4.0-4.2.i586.rpm” how to do that the mentioned warning disappeared and the two rpm successfully will be installed.
i apologize for asking too question.
thank you.

Why are you using the C shell under Linux? Anyway it doesn’t matter. You can run a Bash script from the C shell, provided the first line of the script indicates the shell to be used. This is the case for the lskeys script and any properly written shell script.

If you start to worry because things were installed successfully … you’re going to have a hard time trying to figure out why errors did not occure. If you install a package from repo, the signing key will be imported (normally after user confirmation) the first time you refresh the repo. Once you have accepted and added the key, you don’t get the warning anymore, at least not for packages signed with this key.

On 12/16/2011 08:16 AM, javads wrote:
>
> hello
> i use the csh shell and i don’t have any information about key.
> is it possible to tell for this situation and for the
> “cdrtools-devel-3.01a05-1.5.i586.rpm” and
> “lsb-buildenv-4.0-4.2.i586.rpm” how to do that the mentioned warning
> disappeared and the two rpm successfully will be installed.
> i apologize for asking too question.
> thank you.
>
>
I don’t know what “lsb-buildenv” is. But if you want Joe Schilling’s
“cdrtools”, there a number of repos which have them already packaged for
you. Go to the “Package Search” page of opensuse.org. While there, click
on “Search options” and tick “Include users’ home projects” (since some
packages are not offered ‘officially’ or 'semi-officially).

for openSUSE 12.1
http://download.opensuse.org/repositories/multimedia:/apps/openSUSE_12.1/
(this repo seems semi-official and contains other ‘multimedia’ packages.)
http://download.opensuse.org/repositories/home:/namtrac/openSUSE_12.1/
(I subscribe to this repo -this was the first to offer cdrtools;
there are few more now - this contains only Schilling’s tools.)

for openSUSE 11.4
http://download.opensuse.org/repositories/home:/hennichodernich/openSUSE_11.4/
(I subscribed to this repo; there are more.)

When in YaST and click on cdrtools, let YaST delete ‘compatible’
packages (3 or 4 of them) and install Schilling’s tools.

hello
i have copy the file below from the “http://forums.opensuse.org/english/other-forums/development/programming-scripting/467014-list-export-remove-rpm-gpg-keys.html#post2406130”:
"
#!/bin/bash
#: Title : lskeys
#: Date Created : Thu Oct 27 22:44:20 PDT 2011
#: Last Edit : Fri Nov 18 23:17:02 PST 2011
#: Author : Agnelo de la Crotche (please_try_again)
#: Version : 2.0
#: Description : lists, exports, deletes RPM GPG keys
#: Syntax : lskeys [option]
#: Options : -e --export : exports selected key
#: : -d --delete : ereases selected key

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

declare -l linux dist
declare -a K E N T S

if ( which lsb_release &>/dev/null ) ; then
linux=$(lsb_release -si | tr -d " ")
else
linux=$(sudo find /etc ! -name “meta*” ! -name “lsb*” ! -name “system*” ! -name “jpackage*” -name “*-release” -exec basename “{}” -release “;” 2>/dev/null | sort | head -1)
fi

case $linux in
fedora|suse|suselinux|mandrivalinux) dist=rpm ;;
ubuntu|linuxmint|debian) dist=apt ;;
*) exec echo “unsupported distro” ;;
esac

“x$1” == “x-e” -o “x$1” == “x–export” ] && EXPORT=1
“x$1” == “x-d” -o “x$1” == “x–delete” ] && DELETE=1

i=0

function listkeys {
case $dist in
rpm)
for k in $(rpm -qa gpg-pubkey*) ; do
let i++ ; K$i]=$k ; N$i]=${k/gpg-pubkey-/}
eval $(LC_ALL=C rpm -qi $k | gpg --with-key-data 2>/dev/null | awk -F “:” ‘/^pub/ { gsub(/\x3/,":", $10) ; if ($6 ~ /-/ ) printf “%s;%s;”, $6, $10 ; else printf “%s;%s;”, strftime("%Y-%m-%d", $6), $10 ; if ( $7 ~ /-/ ) printf “%s” , $7 ; else if ( $7 ) printf “%s”, strftime("%Y-%m-%d", $7) ; printf "
" }’ | sed “s|(.);(.);(.)|T$i]="\1";S$i]="\2";E$i]="\3";|")
done
;;
apt)
eval $(LC_ALL=C apt-key list | sed -e ‘/^sub/d’ | sed -e :a -e '$!N;s/
uid /; /;ta’ -e ‘P;D’ | sed -n 's/pub //p’ | sed 's/>;.//;s| |;|;s|(.) [expires: ([0-9-]
)]; (.)|\1;\3;\2|;s|; |;|g’ | awk -F “;” '{ K=$1 ; sub(/.//, “”, K) ; N=$1 ; sub(///, “-”, N) ; printf “K%i]=”%s”;N%i]="%s";T%i]="%s";S%i]="%s";
“, NR, K, NR, N, NR, $2, NR, $3 ; if ($4) printf “E%i]=”%s”;", NR, $4 }’ 2>/dev/null)
;;
*) return 1 ;;
esac
}

function viewkey {
case $dist in
rpm) rpm -qi $1 ;;
apt) apt-key export $1 ;;
*) return 1 ;;
esac
}

function deletekey {
case $dist in
rpm) rpm -e $1 ;;
apt) apt-key del $1 ;;
*) return 1 ;;
esac
}

function isExpired {
keyTime=$(echo “${@//-/ } 00 00 00” | awk ’ { print mktime($0) }’)
sysTime=$(awk ‘BEGIN { print systime()}’)
$keyTime -lt $sysTime ] && return 0 || return 1
}

listkeys

i=1
while $i -le ${#N@]} ] ; do
KCL=$(tput setaf 7) ; TCL=$(tput sgr0) ; SCL=$(tput setaf 2)
“${E$i]}” ] && isExpired ${E$i]} && { KCL=$(tput setaf 1); TCL=$(tput setaf 1) ; SCL=$(tput setaf 1); }
printf "%2s] %s%s%-20s%s%-13s%s%-13s%s%s%s
" $i $(tput bold) $KCL ${N$i]} $TCL “${T$i]}” $(tput setaf 1) “${E$i]}” $SCL “${S$i]}” $(tput sgr0)
let i++
done
let i–

declare -u j=0

while $j -lt 1 -o $j -gt $i ] ; do
read -p “view key [1-$i or Q to quit]: " j
“$j” == “Q” ] && break
j=$(($j*1))
echo
“${K$j]}” ] && viewkey ${K$j]}
if “$EXPORT” ] ; then
GPG=”$(echo $dist | tr “:lower:]” “:upper:]”)GPG-${N$j]}.key"
echo $GPG
viewkey ${K$j]} | sed -n ‘/BEGIN/,/END/p’ > $GPG && printf "
Key %s%s%s%s successfully written in %s%s/%s%s
" $(tput bold) $(tput setaf 3) ${N$j]} $(tput sgr0) $(tput bold) $(pwd) $GPG $(tput sgr0)
elif “$DELETE” ] ; then
declare -u YN
YN=""
while “x$YN” != “xY” -a “x$YN” != “xN” ] ; do
read -p "Delete key ${K$j]}? [y/n] " YN
“$YN” == “Y” ] && deletekey ${K$j]} && printf "
Key %s%s%s%s successfully deleted.
" $(tput bold) $(tput setaf 3) ${K$j]} $(tput sgr0)
done
fi
done
"
and saved it by the name “a.c” and i wanted to convert it as an exe file (by code “gcc -o b a.c”) but it did not convert. because i wanted to run the given exe file to be installed then i use the code lskeys and rpm --import.

HELLO
I HAVE THE SAME PROBLEM AND I DO’NT KNOW HOW TO USE THE CODE THAT EXIST IN THE “http://forums.opensuse.org/english/other-forums/development/programming-scripting/467014-list-export-remove-rpm-gpg-keys.html#post2406130
ANY BODY KNOWS?
THANKS

On 2011-12-17 12:56, javads wrote:

> #!/bin/bash

> and saved it by the name “a.c” and i wanted to convert it as an exe
> file (by code “gcc -o b a.c”) but it did not convert.

Of course you can not. It is still a bash script, not a c program,
regardless of the name you give it.

If you want a c executable, learn c, or ask somebody to do it, or pay for it.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

HELLO
I THINK, IT IS NOT IMPORTANT TO CONVERT IT AS A “C PROGRAM” AND THEN CONVERT IT AS A “EXE FILE” BUT IT IS IMPORTANT THAT HOW TO USE THIS CODE TO SOLVE THE PROBLEM THAT javads SAID FOR {PROBLEM WITH “WARNING : NOKEY” WHILE INSTALLING A SOURCE RPM}.
THANKS ALL.

hello friends and thank you all
i agree with farid12 and i want to solve and remove the warning.
thank you again and help.

On 2011-12-17 14:16, farid12 wrote:
> I THINK, IT IS NOT IMPORTANT TO CONVERT IT AS A “C PROGRAM” AND THEN
> CONVERT IT AS A “EXE FILE”

Absolutely impossible.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

@javads,
You just need to save this script in a text file (as you already did), make it executable and put it somewhere in your path (like in ~/bin or /usr/local/bin).

  • Save it as a file with name lskeys.
  • Copy the file lskeys to /home/javads/bin (create this directory if needed)
  • Make the script executable (I guess it’s much easier than you thought):
chmod 755 /home/javads/bin/lskeys
  • Provided the directory ~/bin (which is a short form of /home/javads/bin ) is in your path, you can run the script by just typing its name:
lskeys

But the script won’t make the warning disappear. It will just list the keys you have installed. To get rid of the warning, you have to import the signing key of that package (with rpm --import) . Then this key will be listed with lskeys and you won’t get this warning while installing packages which have been signed with this key. But you will get other warnings if you install other packages signed with untrusted keys ( = keys you haven’t imported).

hello friends
thnak you all for your reply.