On Sun, 15 Feb 2015, Jan Rękorajski wrote: > On Sat, 14 Feb 2015, Jeffrey Johnson wrote: > > > > > On Feb 13, 2015, at 10:06 AM, Jeffrey Johnson wrote: > > > > > > > >> On Feb 13, 2015, at 3:17 AM, Elan Ruusamäe <g...@pld-linux.org> wrote: > > >> > > >> On 12.02.2015 19:55, Jeffrey Johnson wrote: > > >>> OK. So you have a workaround (by disabling header signature > > >>> verification) for -Va for the moment. > > >>> and also have an alternative means to verify header signatures using a > > >>> shell loop. > > >> i'm surprised that rpm -Va and rpm -V $pkgname use different codepath. > > >> so you're saying that (with my current package patch) header > > >> verification is disabled for both? (as no header verification errors are > > >> printed). > > >> > > > > > > They (rpm -Va and rpm -V) don’t use different code paths: there is hidden > > > state associated > > > with pubkey retrieval to minimize network/rpmdb access. > > > > > > > Try a patch similar (this is from cvs, not from rpm-5.4.15) to the attached > > (I've forgotten where > > the patch came from, perhaps PLD or ROSA). > > > > The issue is/was resetting stateful variables when more than one pubkey is > > present. Which > > explains why an RSA key was identified as DSA, and also explains why "rpm > > -V pkg" works, > > but "rpm -Va" doesn't. > > We have similar patch already applied (from Mandriva), this doesn't fix > anything. Also disabling openmp doesn't fix anything.
Debug run for a random package. No key verification disabling hacks applied. It looks like you're loosing DSA key somewhere. # rpm -Vvv issue D: pool fd: created size 392 limit -1 flags 0 D: pool iob: created size 48 limit -1 flags 0 D: pool mire: created size 136 limit -1 flags 0 D: pool lua: created size 64 limit -1 flags 0 D: pool ts: created size 1200 limit -1 flags 0 D: pool gi: created size 176 limit -1 flags 0 D: pool db: created size 328 limit -1 flags 0 D: pool dbi: created size 472 limit -1 flags 0 D: rpmdb: cpus 4 physmem 7956Mb D: opening db environment /var/lib/rpm/Packages thread:lock:log:mpool:txn D: opening db index /var/lib/rpm/Packages thread:rdonly:auto_commit mode=0x0 D: opening db index /var/lib/rpm/Nvra thread:rdonly:auto_commit mode=0x0 D: pool mi: created size 152 limit -1 flags 0 D: pool h: created size 360 limit -1 flags 0 D: pool fi: created size 560 limit -1 flags 0 D: pool dig: created size 424 limit -1 flags 0 D: pool ctx: created size 112 limit -1 flags 0 D: pool bf: created size 56 limit -1 flags 0 D: pool hkp: created size 128 limit -1 flags 0 D: opening db index /var/lib/rpm/Pubkeys thread:rdonly:auto_commit mode=0x0 D: PUB: AF3F93BC E4F1BC2D V4 DSA D: SIG: AF3F93BC E4F1BC2D V4 DSA-SHA1 POSITIVE D: PUB: 732FDFDE EAE6F8B8 V4 RSA D: SIG: 732FDFDE EAE6F8B8 V4 RSA-SHA1 POSITIVE D: UID: RSApub (PLD Linux Distribution 3.0 (Th)) <th-ad...@pld-linux.org> D: pool u: created size 288 limit -1 flags 0 < a very long wait here, +10 for trying to connect to non-working keyservers, a.k.a. hkp://keys.rpm5.org Disabling keyserver lookup only removes the delay, key veryfication still fails. > D: ========== DSA pubkey id af3f93bc e4f1bc2d (h#4283454898[0]) error: rpmdb (h#4283454157): Header V4 DSA signature: BAD, key ID e4f1bc2d ........ c /etc/issue ........ c /etc/issue.net D: pool tsi: created size 48 limit -1 flags 0 D: pool te: created size 368 limit -1 flags 0 D: pool ds: created size 232 limit -1 flags 0 D: pool al: created size 64 limit -1 flags 0 D: ========== +++ issue-3.0-6.noarch noarch/linux 0x0 D: pool ps: created size 40 limit -1 flags 0 D: opening db index /var/lib/rpm/Providename thread:rdonly:auto_commit mode=0x0 D: Requires: pld-release = 3.0 YES (db provides) D: Requires: rpmlib(PayloadIsLzma) <= 4.4.6-1 YES (rpmlib provides) D: Conflicts: issue-alpha < 3.0-1 NO D: Conflicts: issue-fancy < 3.0-1 NO D: Conflicts: issue-logo < 3.0-1 NO D: Conflicts: issue-nice < 3.0-1 NO D: Conflicts: issue-pure < 3.0-1 NO D: opening db index /var/lib/rpm/Filepaths thread:rdonly:auto_commit mode=0x0 D: Dirs: /etc YES (db files) D: opening db index /var/lib/rpm/Conflictname thread:rdonly:auto_commit mode=0x0 D: Conflicts: issue < 3.0-1 NO D: closed db index /var/lib/rpm/Filepaths D: closed db index /var/lib/rpm/Nvra D: closed db index /var/lib/rpm/Pubkeys D: closed db index /var/lib/rpm/Conflictname D: closed db index /var/lib/rpm/Providename D: closed db index /var/lib/rpm/Packages D: closed db environment /var/lib/rpm/Packages D: pool gi: reused 0, alloc'd 1, free'd 1 items. D: pool mi: reused 11, alloc'd 3, free'd 3 items. D: pool tsi: reused 11, alloc'd 1, free'd 1 items. D: pool ts: reused 0, alloc'd 1, free'd 1 items. D: pool te: reused 0, alloc'd 1, free'd 1 items. D: pool ps: reused 0, alloc'd 1, free'd 1 items. D: pool al: reused 0, alloc'd 1, free'd 1 items. D: pool ds: reused 24, alloc'd 14, free'd 14 items. D: pool fi: reused 0, alloc'd 2, free'd 2 items. D: pool db: reused 0, alloc'd 1, free'd 1 items. D: pool dbi: reused 0, alloc'd 6, free'd 6 items. D: pool h: reused 3, alloc'd 3, free'd 3 items. D: pool lua: reused 0, alloc'd 1, free'd 1 items. D: pool hkp: reused 0, alloc'd 2, free'd 2 items. D: pool mire: reused 1, alloc'd 3, free'd 3 items. D: pool bf: reused 0, alloc'd 3, free'd 3 items. D: pool ctx: reused 7, alloc'd 2, free'd 2 items. D: pool iob: reused 1, alloc'd 1, free'd 1 items. D: pool dig: reused 1, alloc'd 2, free'd 2 items. D: pool u: reused 0, alloc'd 1, free'd 1 items. D: pool fd: reused 28, alloc'd 2, free'd 2 items. D: exit code: 0 -- Jan Rękorajski | PLD/Linux SysAdm | baggins<at>pld-linux.org | http://www.pld-linux.org/ _______________________________________________ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en