Hello.
On Thu 2002-11-14 at 16:02:26 -0700, Vincent Danen wrote:
>
> On Thursday, November 14, 2002, at 03:35 PM, bascule wrote:
>
> >using urpmi via sudo, will the key checking be done as root or as
> >the user runing sudo, that would explain some messages i get about
> >'bad' keys since i haven't got the mandrake ones installed as user,
> >just wanted to check the behaviour here
>
> IIRC, and I've not looked to confirm this, it *should* be done as root.
> Actually, I know this is the case, now that I come to think of it.
>
> sudo basically runs urpmi as root. To that end, it will be using
> root's environment, not the user environment.
That is not completely correct. sudo only changes the uid and gid and
removes some variables from the environment (for security reasons).
So, to be more precise, it will be using a reduced user environment.
You can easily see that this is indeed the case by the fact that sudo
explicitly offers a switch (-H) to change $HOME to the target user's
one.
> I know this because when I build updates, root has the private key to
> sign packages, and using sudo, I sign the packages with that key. The
> user doesn't even have the public key (which is a nuisance, but a
> different story). So when I want to verify a package, if I just do
> "rpm -K *.rpm", I get unknown sigs. If I do "sudo rpm -K *.rpm",
> they're verified correctly.
>
> I suspect the same should be for urpmi. IIRC, urpmi shouldn't do
> anything strange or different to inherit info from the user executing
> sudo.
I used to observe the same problem as the original poster (but did not
understand the origin at that time) and added Mandrake's keys to my
key ring as solution.
I just removed them again in order to create a test case to illustrate
the issue, but noticed that I no longer can reproduce the problem.
Obviously the problem has been fixed in the meantime (I am using
urpmi-4.1-5mdk from cooker), although I cannot see it in the
changelog.
But you can see anyhow that there is a difference. Try running
sudo gpg --list-keys
versus
sudo -H gpg --list-keys
The former will list your key ring, the latter will list root's key
ring. At least that the case for me.
bascule, I suggest to update any rpm related packets and try again.
Bye,
Benjamin.
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
