Results 1 to 5 of 5

Thread: repomd.xml from adobe repo is unsigned. Hmm...

  1. #1
    Join Date
    Feb 2017
    Location
    Very Far Away
    Posts
    14

    Default repomd.xml from adobe repo is unsigned. Hmm...

    Hello! I was wondering if anyone else was getting this message when zypper dup'ing:
    Code:
    File 'repomd.xml' from repository 'adobe' is unsigned, continue? [yes/no] (no):
    I would opt for "no". Any further advice? Thank you!

  2. #2
    Join Date
    Sep 2012
    Posts
    4,129

    Default Re: repomd.xml from adobe repo is unsigned. Hmm...

    How should we know where this repository points to? Post output of "zypper lr -d adobe".

    But at the end, I do not see how accepting it would be worse than manually downloading software from the same site. If you are really concerned, contact maintainer of this repo.

  3. #3
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    8,201

    Default Re: repomd.xml from adobe repo is unsigned. Hmm...

    If you're confident about the integrity of the repository, you can disable the gpgcheck as follows
    Code:
    zypper mr --no-gpgcheck repo_uri repo_name
    or
    Code:
    zypper mr --gpgcheck-allow-unsigned-repo repo_uri repo_name
    Of course, if you don't or can't know for sure whether the repository is faulty or perhaps you could be under attack, you should decline updating from that repo as you suggest.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  4. #4
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    9,154
    Blog Entries
    3

    Default Re: repomd.xml from adobe repo is unsigned. Hmm...

    Quote Originally Posted by Icearchery View Post
    Hello! I was wondering if anyone else was getting this message when zypper dup'ing:
    Code:
    File 'repomd.xml' from repository 'adobe' is unsigned, continue? [yes/no] (no):
    I would opt for "no". Any further advice? Thank you!
    If this is for flash-player, then install from the packman repo. That will avoid the problem. You get the same flash-player, but it has been repackaged for packman and the packman repo is properly signed.

    When I last tried the adobe repo (for opensuse 41.2, as I recall), the repo was not signed but individual packages were signed with the adobe key.
    opensuse Leap 42.3; KDE Plasma 5;
    opensuse tumbleweed; KDE Plasma 5 (test system);

  5. #5
    Join Date
    Feb 2017
    Location
    Very Far Away
    Posts
    14

    Default Re: repomd.xml from adobe repo is unsigned. Hmm...

    Thank you tsu2 and nrickert, your answers have been most helpful and kind.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •