When I add a non-openSUSE RPM repo, zypper throws an error about an invalid key, and it gives me the option to ignore it. I want to include that GPG file and include the preference for that warning to not be displayed again on other openSUSE systems that I pre-install. But I can’t figure out where that key and “don’t warn me about this in the future” are being stored. There’s a bunch of stuff in /var/cache/zypp , but I tried deleting that entire directory and it still remembers the foreign repo key and doesn’t ask me to ignore or abort. So the preference is stored elsewhere. Any ideas?
You need to import key using “rpmkeys --import”; see man rpmkeys. Keys are stored in RPM database as pseudo-package with name gpg-pubkey***.
Oh … and if this repo is in format that provides public key information, zypper should offer you to “always trust” it when you add this repo - effectively, it then imports key for you.
Thanks a lot arvidjaar. Specifically, the Google Talk plugin is what was giving me the errors, but I finally found the key: https://www.google.com/linuxrepositories/
Here in openSUSE,
You don’t have to know where keys are stored or manually enter the keys for authentication.
You can simply automatically accept the keys when they are prompted,
I describe this command at https://en.opensuse.org/User:Tsu2/BASH_zypper
You only need to run the following command when you refresh your repos
The problem is that for the Google Talk/Hangouts repo, (http://dl.google.com/linux/talkplugin/rpm/stable/x86_64), zypper/YaST throws an ugly error about an unknown key, and later before actually installing the package it throws another error about a broken package. This isn’t the normal “Trust” option that you get when adding a new openSUSE / OBS repo.
Very likely it is a Google oddity. But it only bugs me once, subsequent updates don’t give any trouble. It’s just that I’d like to prevent this scary error for my users that choose to install Google Talk / Hangouts on their own systems.
If the certs are faulty, and it appears that they are… First there is a problem with the repo keys, then it looks like the rpm checks for signed code but the certs aren’t available…
If you want to avoid these problems,
Install the repo, setting the repo gpg check to “no” as follows
zypper ar --no-gpgcheck http://dl.google.com/linux/talkplugin/rpm/stable/x86_64 Google_Talk_plugin
After that, you can install the plugin non-interactively as follows