Running into a bit of an issue installing xcat on a machine with FIPS mode
enabled. I am seeing some issues with signing on RPMs in the XCAT repos.
These look to be the affected packages:
Error: Transaction test error:
package perl-Net-HTTPS-NB-0.14-2.noarch does not verify: no digest
package xCAT-genesis-base-x86_64-2:2.14.5-snap201811190037.noarch does not
verify: no digest
package syslinux-xcat-3.86-2.noarch does not verify: no digest
package grub2-xcat-2.02-0.76.el7.1.snap201905160255.noarch does not verify:
no digest
package elilo-xcat-3.14-6.noarch does not verify: no digest
package yaboot-xcat-1.3.17-rc1.noarch does not verify: no digest
Looks like some signatures are missing:
rpm --checksig -v perl-Net-HTTPS-NB-0.14-2.noarch.rpm
perl-Net-HTTPS-NB-0.14-2.noarch.rpm:
Header V4 RSA/SHA1 Signature, key ID ca548a47: OK
Header SHA1 digest: OK
Payload SHA256 digest: NOTFOUND
V4 RSA/SHA1 Signature, key ID ca548a47: OK
MD5 digest: NOTFOUND
Here is what we expect to see:
rpm --checksig -v xCAT-openbmc-py-2.16.5-snap202303030907.noarch.rpm
xCAT-openbmc-py-2.16.5-snap202303030907.noarch.rpm:
Header V4 RSA/SHA256 Signature, key ID ca548a47: OK
Header SHA256 digest: OK
Header SHA1 digest: OK
Payload SHA256 digest: OK
V4 RSA/SHA256 Signature, key ID ca548a47: OK
I can use some DNF flags to get around this, but I don't believe that is the
ideal solution... Could these packages be rebuilt to include the proper digests?
Thanks,
Scott Groel
Clemson University
Executive Director - Research Computing and Data Infrastructure
Email: [email protected]<mailto:[email protected]>
Phone: (864) 656-9235
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user
