I can’t remember which distro upgrade it was (either 15.2 to 15.3 or 15.3 to 15.4) but I do remember encountering messages about packages getting downgraded or being told that some cannot be installed. Browsed through the forum and found this old post which said it may have something to do with the merger of SLE and Leap. Because I was in a hurry back then, I just hit Yes to proceed and defer asking about those.
Now the time to defer has arrived and I got curious if I have a properly patched Leap box or if I have been using a hodgepodge for the longest time. So I did:
u@localhost:~> zypper lifecycle
Product end of support
Codestream: openSUSE Leap 15 2024-11-30
Product: openSUSE Leap 15.4 2023-11-30
Package end of support if different from product:
audit Now, installed <versionNumber>, update available <anotherVersionNumber>
...
[more items listed but redacted for brevity]
I couldn’t tell in and by itself what that meant, so I went back through my handwritten notes whenever I do distro upgrades, and two things caught my eyes.
The first one is verifying the repos. So I checked what I currently have and got this:
u@localhost:~> zypper repos -u
Repository priorities are without effect. All enabled repositories share the same priority.
# | Alias | Name | Enabled | GPG Check | Refresh | URI
---+-------------------------------+---------------------------------------------------------------------------------------------+---------+-----------+---------+-------------------------------------------------------------------------------------
1 | openSUSE-Leap-${releasever}-1 | openSUSE-Leap-15.4-1 | No | ---- | ---- | hd:/?device=/dev/disk/by-id/usb-SanDisk_Ultra_USB_3.0_4C530000050105103550-0:0-part2
2 | repo-backports-debug-update | Update repository with updates for openSUSE Leap debuginfo packages from openSUSE Backports | No | ---- | ---- | http://download.opensuse.org/update/leap/15.4/backports_debug/
3 | repo-backports-update | Update repository of openSUSE Backports | Yes | (r ) Yes | Yes | http://download.opensuse.org/update/leap/15.4/backports/
4 | repo-debug | Debug Repository | No | ---- | ---- | http://download.opensuse.org/debug/distribution/leap/15.4/repo/oss/
5 | repo-debug-non-oss | Debug Repository (Non-OSS) | No | ---- | ---- | http://download.opensuse.org/debug/distribution/leap/15.4/repo/non-oss/
6 | repo-debug-update | Update Repository (Debug) | No | ---- | ---- | http://download.opensuse.org/debug/update/leap/15.4/oss/
7 | repo-debug-update-non-oss | Update Repository (Debug, Non-OSS) | No | ---- | ---- | http://download.opensuse.org/debug/update/leap/15.4/non-oss/
8 | repo-non-oss | Non-OSS Repository | Yes | (r ) Yes | Yes | http://download.opensuse.org/distribution/leap/15.4/repo/non-oss/
9 | repo-oss | Main Repository | Yes | (r ) Yes | Yes | http://download.opensuse.org/distribution/leap/15.4/repo/oss/
10 | repo-sle-debug-update | Update repository with debuginfo for updates from SUSE Linux Enterprise 15 | No | ---- | ---- | http://download.opensuse.org/debug/update/leap/15.4/sle/
11 | repo-sle-update | Update repository with updates from SUSE Linux Enterprise 15 | Yes | (r ) Yes | Yes | http://download.opensuse.org/update/leap/15.4/sle/
12 | repo-source | Source Repository | No | ---- | ---- | http://download.opensuse.org/source/distribution/leap/15.4/repo/oss/
13 | repo-source-non-oss | Source Repository (Non-OSS) | No | ---- | ---- | http://download.opensuse.org/source/distribution/leap/15.4/repo/non-oss/
14 | repo-update | Main Update Repository | Yes | (r ) Yes | Yes | http://download.opensuse.org/update/leap/15.4/oss
15 | repo-update-non-oss | Update Repository (Non-Oss) | Yes | (r ) Yes | Yes | http://download.opensuse.org/update/leap/15.4/non-oss/
Looks normal, but I’m not yet at a “seasoned user” level so I’m not quite sure. Then I checked out the second thing which caught my eyes:
rpm -qa gpg-pubkey
So I decided to look into that and this is what I got:
u@localhost:~> rpm -qa gpg-pubkey
gpg-pubkey-25db7ae0-645bae34
gpg-pubkey-307e3d54-5aaa90a5
gpg-pubkey-29b700a4-62b07e22
gpg-pubkey-3fa1d6ce-63c9481c
gpg-pubkey-39db7c82-5f68629b
gpg-pubkey-3dbdc284-53674dd4
gpg-pubkey-65176565-61a0ee8f
Now I combed through the .asc files in download.opensuse.org and checked these out when I noticed something. Of all the keys listed in the terminal output above:
-
gpg-pubkey-3fa1d6ce-63c9481c is not listed anywere
-
gpg-pubkey-39db7c82-5f68629b is a key under Tumbleweed (and I’m using Leap!)
So now I’m not sure what this means. How come I have GPG keys for Tumbleweed when I’m running Leap, and where did the GPG key listed in number 1 above come from?
I’m starting to think something is very wrong with my Leap box. Please help.