Bug 171105

Summary: connect to install source gives warning
Product: [openSUSE] SUSE Linux 10.1 Reporter: Jean-Daniel Dodin <jdd>
Component: YaST2Assignee: Ladislav Slezák <lslezak>
Status: RESOLVED FIXED QA Contact: Stanislav Visnovsky <visnov>
Severity: Normal    
Priority: P5 - None CC: suse-beta
Version: RC 3   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: yast2 logs of the distro that builds the inst-source from cd's
screen copy of the message
access the june 01 of the usb hard drive inst-source

Description Jean-Daniel Dodin 2006-04-30 15:22:54 UTC 
minimal text install.
install-source made by 10.0 with yast from 5 cd.
each time I connect to this install source, I'm said than
"signature check failed" (in english on a french install)
and asked if the message had to be displayed again. even I
said NO, it was always displayed again.

probably several bugs: why did the signature fail? why the message in english on a french install (and part on the message screen is in french).

after a while, I could no more connect to the source

yast logs with bug #171104
Comment 1 Michael Gross 2006-05-03 13:55:09 UTC 
What sort of installation source is that? Also attach the logs for the machine you created the source as well as for the failing machine.
Comment 2 Jean-Daniel Dodin 2006-05-03 15:26:00 UTC 
Created attachment 81784 [details]
yast2 logs of the distro that builds the inst-source from cd's

don't know is it will be usefull (simply copy the cd content)
Comment 3 Jean-Daniel Dodin 2006-05-03 15:26:47 UTC 
Created attachment 81785 [details]
screen copy of the message

I can reproduce the problem and now can do a screenshot
Comment 4 Jean-Daniel Dodin 2006-05-03 15:27:57 UTC 
here what I am. I have the inst-source at hand also if necessary
Comment 5 Michael Gross 2006-05-05 06:34:43 UTC 
Reassigning to Jiri for a comment.
Comment 6 Lukas Ocilka 2006-05-11 15:13:54 UTC 
1.) Checking signatures is Duncan's part of the source code -> dmacvicar.
2.) Part of the text is en English because it didn't get translated in time.
3.) Information whether the message should be displayed again is in memory only, so every other run of the packager will open it up again (current design).

The only question is: Why did the signature check fail?
Comment 7 Duncan Mac-Vicar 2006-05-22 09:15:03 UTC 
First, this is not SUSE 10.1, or the user is upgrading using y2pmsh or any unsupported method, but the logs show clearly this is not zypp but the old package manager, which does not have signature checking. So I suspect this are the wrong logs.

2006-05-02 14:49:48 <1> peter-suse(23353) [Y2PM] Y2PM.cc(commitPackages):1399 Commiting packages...
2006-05-02 14:49:48 <1> peter-suse(23353) [packagemanager] PMManager.cc(poolSetInstalled):184 Going to set 1 installed objects...
2006-05-02 14:49:48 <1> peter-suse(23353) [packagemanager++] PMManager.cc(poolSetInstalled):231 installed objects set!
2006-05-02 14:49:48 <1> peter-suse(23353) [packagemanager] PMManager.cc(poolAdjust):361 START 74 Selectables
2006-05-02 14:49:48 <1> peter-suse(23353) [packagemanager++] PMManager.cc(ClearSaveState):548 SaveState cleared!

He has packman source also, which in the case he be using zypp, it could fail. A 3rd party source can fail.

2006-04-22 19:58:11 <1> peter-suse(27222) [packagemanager++] InstSrcManager.cc(writeNewRanks):221 ===[known sources]===================                    2006-04-22 19:58:11 <1> peter-suse(27222) [packagemanager++] InstSrcManager.cc(writeNewRanks):221 A* [0] InstSrc(<-1)(InstSrcDescr(<-4)(UnitedLinux:Packman
-10.0-0 from http://packman.iu-bremen.de/suse/10.0(/))|(NULL))

Anyway please attach the right logs.
Comment 8 Duncan Mac-Vicar 2006-06-01 12:37:38 UTC 
ping?
Comment 9 Jean-Daniel Dodin 2006-06-01 13:13:16 UTC 
this is probably a duplicate of #175845 (or similar), now set as "resolved".

To be able to install a 10.1, the inst-source had to be done with a previous distro :-), here a 10.0. So it's normal if the result is not signed (? it was a copy of the cd, can this give a signature problem?)

I just try it from a 10.1 (with the change inst source module), there is the very same message as if the quoted bug. I beg the five gpg signature files of the cd don't matche what is asked for a hard drive signature.

i give the 10.1 yast2 log as attachement (just the today's part)
Comment 10 Jean-Daniel Dodin 2006-06-01 13:15:30 UTC 
Created attachment 86559 [details]
access the june 01 of the usb hard drive inst-source

this inst-source was made with the suse 10.0 specialized module.
Comment 11 Duncan Mac-Vicar 2007-02-06 11:40:10 UTC 
Ok, lets make something clear.

A source not having a signature is perfectly valid.

The real problem here is the title of the dialog, "Signature check failed" is totally wrong, as the signature check has never been performed. The right title in "unsigned repository" or unsigned source to avoid using more words for source/catalog/repository.
Comment 12 Ladislav Slezák 2007-02-09 14:48:26 UTC 
The title has been fixed in yast2-packager-2.15.9