Sebastian created HIVE-24789:
--------------------------------
Summary: Unable to verify hive-1.2.2 integrity
Key: HIVE-24789
URL: https://issues.apache.org/jira/browse/HIVE-24789
Project: Hive
Issue Type: Bug
Components: Hive
Affects Versions: 1.2.2
Reporter: Sebastian
h3. *Steps to reproduce*
Run the following commands -
{noformat}
curl -fSL -o KEYS https://archive.apache.org/dist/hive/KEYS
export HIVE_VERSION=1.2.2
curl -fSL -o hive.tar.gz
https://archive.apache.org/dist/hadoop/common/hadoop-${HADOOP_VERSION}/hadoop-${HADOOP_VERSION}.tar.gz
curl -fSL -o hive.tar.gz.asc
https://archive.apache.org/dist/hadoop/common/hadoop-${HADOOP_VERSION}/hadoop-${HADOOP_VERSION}.tar.gz.asc
export GNUPGHOME="$(mktemp -d)"
gpg --import KEYS
gpg --verify hive.tar.gz.asc hive.tar.gz
{noformat}
h3. *Expected Result*
{noformat}
gpg: Signature made Sun Apr 2 20:16:19 2017 UTC
gpg: using RSA key F2384CC9084FCC30
gpg: Good signature from "Vaibhav Gumashta (CODE SIGNING KEY)
<vgumas...@apache.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2FF7 1C57 D64C 9AB4 F21A 68D7 F238 4CC9 084F CC30
{noformat}
h3. *Actual Result*
It seems that the file [KEYS|https://archive.apache.org/dist/hive/KEYS] file is
missing the key *F2384CC9084FCC30*
{noformat}
$ gpg --verify hive.tar.gz.asc hive.tar.gz
gpg: Signature made Sun Apr 2 20:16:19 2017 UTC
gpg: using RSA key F2384CC9084FCC30
gpg: Can't check signature: No public key#
{noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
