trying to install chef-client package via local yum repo
up vote
1
down vote
favorite
I am trying to make chef-11.16.4-1.el6.x86_64.rpm available to our servers via a local yum repo that we've built.
it is not available in RHEL Repos, so i had to manually download and save it in our repo.
so here is what i did on yum repo server:
1. cd /packages/rhel65-base/; wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.16.4-1.el6.x86_64.rpm
2. createrepo /packages/rhel65-base/
Yum client was able to see the new package available:
[user1@testserver01 ~]$ yum list chef
Loaded plugins: amazon-id, rhui-lb, security
Installed Packages
chef.x86_64 11.16.0-1.el6 installed
Available Packages
chef.x86_64 11.16.4-1.el6 local-rhel65-base
But when trying to install the latest package of chef, it ends with below error:
warning: rpmts_HdrFromFdno: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
Assuming that the chef rpm has not been signed, i tried to sign it myself by following https://iuscommunity.org/pages/CreatingAGPGKeyandSigningRPMs.html but still couldn't get it working.
Some useful info i can find in Chef's website is the SHA1 checksum value of this package.
Anyone got ideas/suggestions to solve this issue? thanks!
yum rpm gpg chef
asked Aug 11 '15 at 15:08
taki
47110
add a comment |
up vote
1
down vote
favorite
I am trying to make chef-11.16.4-1.el6.x86_64.rpm available to our servers via a local yum repo that we've built.
it is not available in RHEL Repos, so i had to manually download and save it in our repo.
so here is what i did on yum repo server:
1. cd /packages/rhel65-base/; wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.16.4-1.el6.x86_64.rpm
2. createrepo /packages/rhel65-base/
Yum client was able to see the new package available:
[user1@testserver01 ~]$ yum list chef
Loaded plugins: amazon-id, rhui-lb, security
Installed Packages
chef.x86_64 11.16.0-1.el6 installed
Available Packages
chef.x86_64 11.16.4-1.el6 local-rhel65-base
But when trying to install the latest package of chef, it ends with below error:
warning: rpmts_HdrFromFdno: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
Assuming that the chef rpm has not been signed, i tried to sign it myself by following https://iuscommunity.org/pages/CreatingAGPGKeyandSigningRPMs.html but still couldn't get it working.
Some useful info i can find in Chef's website is the SHA1 checksum value of this package.
Anyone got ideas/suggestions to solve this issue? thanks!
yum rpm gpg chef
asked Aug 11 '15 at 15:08
taki
47110
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I am trying to make chef-11.16.4-1.el6.x86_64.rpm available to our servers via a local yum repo that we've built.
it is not available in RHEL Repos, so i had to manually download and save it in our repo.
so here is what i did on yum repo server:
1. cd /packages/rhel65-base/; wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.16.4-1.el6.x86_64.rpm
2. createrepo /packages/rhel65-base/
Yum client was able to see the new package available:
[user1@testserver01 ~]$ yum list chef
Loaded plugins: amazon-id, rhui-lb, security
Installed Packages
chef.x86_64 11.16.0-1.el6 installed
Available Packages
chef.x86_64 11.16.4-1.el6 local-rhel65-base
But when trying to install the latest package of chef, it ends with below error:
warning: rpmts_HdrFromFdno: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
Assuming that the chef rpm has not been signed, i tried to sign it myself by following https://iuscommunity.org/pages/CreatingAGPGKeyandSigningRPMs.html but still couldn't get it working.
Some useful info i can find in Chef's website is the SHA1 checksum value of this package.
Anyone got ideas/suggestions to solve this issue? thanks!
yum rpm gpg chef
asked Aug 11 '15 at 15:08
taki
47110
I am trying to make chef-11.16.4-1.el6.x86_64.rpm available to our servers via a local yum repo that we've built.
it is not available in RHEL Repos, so i had to manually download and save it in our repo.
so here is what i did on yum repo server:
1. cd /packages/rhel65-base/; wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.16.4-1.el6.x86_64.rpm
2. createrepo /packages/rhel65-base/
Yum client was able to see the new package available:
[user1@testserver01 ~]$ yum list chef
Loaded plugins: amazon-id, rhui-lb, security
Installed Packages
chef.x86_64 11.16.0-1.el6 installed
Available Packages
chef.x86_64 11.16.4-1.el6 local-rhel65-base
But when trying to install the latest package of chef, it ends with below error:
warning: rpmts_HdrFromFdno: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
Assuming that the chef rpm has not been signed, i tried to sign it myself by following https://iuscommunity.org/pages/CreatingAGPGKeyandSigningRPMs.html but still couldn't get it working.
Some useful info i can find in Chef's website is the SHA1 checksum value of this package.
Anyone got ideas/suggestions to solve this issue? thanks!
yum rpm gpg chef
yum rpm gpg chef
asked Aug 11 '15 at 15:08
taki
47110
asked Aug 11 '15 at 15:08
taki
47110
asked Aug 11 '15 at 15:08
taki
47110
asked Aug 11 '15 at 15:08
taki
47110
asked Aug 11 '15 at 15:08
taki
47110
47110
add a comment |
add a comment |
3 Answers
3
active
oldest
votes
up vote
0
down vote
If the package isn't signed, the simplest solution is probably yum --nogpgcheck install chef. If you have a local repository, you can set:
gpgcheck=no
In the corresponding .repo file.
answered Aug 11 '15 at 15:31
larsks
10.5k32739
yes, it works with nogpgcheck option, but i am looking for help with installing the rpm with gpg enabled. thanks
– taki
Aug 11 '15 at 15:39
2
That wasn't clear from your question. Can you update your question with details of the steps you went through to (a) sign the package and (b) import the signing key on your systems? And include any errors you get, or places where the behavior you see is different from the expected behavior.
– larsks
Aug 11 '15 at 15:46
add a comment |
up vote
0
down vote
The problem here is that you haven't configured your server to accept the key that signed the package as a valid GPG key for this repo.
The easiest solution is of course to run yum with nogpgcheck, though it's obviously also less secure. But if you've downloaded the package and verified it, and are keeping it in a place where it shouldn't be possible to tamper with it, it may be acceptable.
If this isn't acceptable, you need to fetch the public part of the key that was used to sign the package and place it on the server where you're trying to install the package. You should be able to do it by simply copying the key there and running rpm -i /path/to/RPM-GPG-KEY-REPONAME.
The key should normally be placed in /etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME. Also check the repo file for your repo in /etc/yum.repos.d so that it contains the following lines:
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME
gpgcheck=1
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
add a comment |
up vote
0
down vote
This is an old question but still valuable to answer I believe to prevent misleading information. The package is signed as you can see from the message :
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
However the key isn't installed... I tried to search for this package key but couldn't find an url for it (This is what led me here in fact). When found/validated you can import it via:
rpm --import <url>
The solution from @larsks disabled the checking of the gpg key...
answered Jul 25 '16 at 14:13
ROunofF
1011
add a comment |
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
If the package isn't signed, the simplest solution is probably yum --nogpgcheck install chef. If you have a local repository, you can set:
gpgcheck=no
In the corresponding .repo file.
answered Aug 11 '15 at 15:31
larsks
10.5k32739
yes, it works with nogpgcheck option, but i am looking for help with installing the rpm with gpg enabled. thanks
– taki
Aug 11 '15 at 15:39
2
That wasn't clear from your question. Can you update your question with details of the steps you went through to (a) sign the package and (b) import the signing key on your systems? And include any errors you get, or places where the behavior you see is different from the expected behavior.
– larsks
Aug 11 '15 at 15:46
add a comment |
up vote
0
down vote
If the package isn't signed, the simplest solution is probably yum --nogpgcheck install chef. If you have a local repository, you can set:
gpgcheck=no
In the corresponding .repo file.
answered Aug 11 '15 at 15:31
larsks
10.5k32739
yes, it works with nogpgcheck option, but i am looking for help with installing the rpm with gpg enabled. thanks
– taki
Aug 11 '15 at 15:39
2
That wasn't clear from your question. Can you update your question with details of the steps you went through to (a) sign the package and (b) import the signing key on your systems? And include any errors you get, or places where the behavior you see is different from the expected behavior.
– larsks
Aug 11 '15 at 15:46
add a comment |
up vote
0
down vote
up vote
0
down vote
If the package isn't signed, the simplest solution is probably yum --nogpgcheck install chef. If you have a local repository, you can set:
gpgcheck=no
In the corresponding .repo file.
answered Aug 11 '15 at 15:31
larsks
10.5k32739
If the package isn't signed, the simplest solution is probably yum --nogpgcheck install chef. If you have a local repository, you can set:
gpgcheck=no
In the corresponding .repo file.
answered Aug 11 '15 at 15:31
larsks
10.5k32739
answered Aug 11 '15 at 15:31
larsks
10.5k32739
answered Aug 11 '15 at 15:31
larsks
10.5k32739
answered Aug 11 '15 at 15:31
larsks
10.5k32739
10.5k32739
yes, it works with nogpgcheck option, but i am looking for help with installing the rpm with gpg enabled. thanks
– taki
Aug 11 '15 at 15:39
2
That wasn't clear from your question. Can you update your question with details of the steps you went through to (a) sign the package and (b) import the signing key on your systems? And include any errors you get, or places where the behavior you see is different from the expected behavior.
– larsks
Aug 11 '15 at 15:46
add a comment |
yes, it works with nogpgcheck option, but i am looking for help with installing the rpm with gpg enabled. thanks
– taki
Aug 11 '15 at 15:39
2
That wasn't clear from your question. Can you update your question with details of the steps you went through to (a) sign the package and (b) import the signing key on your systems? And include any errors you get, or places where the behavior you see is different from the expected behavior.
– larsks
Aug 11 '15 at 15:46
yes, it works with nogpgcheck option, but i am looking for help with installing the rpm with gpg enabled. thanks
– taki
Aug 11 '15 at 15:39
yes, it works with nogpgcheck option, but i am looking for help with installing the rpm with gpg enabled. thanks
– taki
Aug 11 '15 at 15:39
2
2
That wasn't clear from your question. Can you update your question with details of the steps you went through to (a) sign the package and (b) import the signing key on your systems? And include any errors you get, or places where the behavior you see is different from the expected behavior.
– larsks
Aug 11 '15 at 15:46
That wasn't clear from your question. Can you update your question with details of the steps you went through to (a) sign the package and (b) import the signing key on your systems? And include any errors you get, or places where the behavior you see is different from the expected behavior.
– larsks
Aug 11 '15 at 15:46
add a comment |
up vote
0
down vote
The problem here is that you haven't configured your server to accept the key that signed the package as a valid GPG key for this repo.
The easiest solution is of course to run yum with nogpgcheck, though it's obviously also less secure. But if you've downloaded the package and verified it, and are keeping it in a place where it shouldn't be possible to tamper with it, it may be acceptable.
If this isn't acceptable, you need to fetch the public part of the key that was used to sign the package and place it on the server where you're trying to install the package. You should be able to do it by simply copying the key there and running rpm -i /path/to/RPM-GPG-KEY-REPONAME.
The key should normally be placed in /etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME. Also check the repo file for your repo in /etc/yum.repos.d so that it contains the following lines:
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME
gpgcheck=1
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
add a comment |
up vote
0
down vote
The problem here is that you haven't configured your server to accept the key that signed the package as a valid GPG key for this repo.
The easiest solution is of course to run yum with nogpgcheck, though it's obviously also less secure. But if you've downloaded the package and verified it, and are keeping it in a place where it shouldn't be possible to tamper with it, it may be acceptable.
If this isn't acceptable, you need to fetch the public part of the key that was used to sign the package and place it on the server where you're trying to install the package. You should be able to do it by simply copying the key there and running rpm -i /path/to/RPM-GPG-KEY-REPONAME.
The key should normally be placed in /etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME. Also check the repo file for your repo in /etc/yum.repos.d so that it contains the following lines:
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME
gpgcheck=1
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
add a comment |
up vote
0
down vote
up vote
0
down vote
The problem here is that you haven't configured your server to accept the key that signed the package as a valid GPG key for this repo.
The easiest solution is of course to run yum with nogpgcheck, though it's obviously also less secure. But if you've downloaded the package and verified it, and are keeping it in a place where it shouldn't be possible to tamper with it, it may be acceptable.
If this isn't acceptable, you need to fetch the public part of the key that was used to sign the package and place it on the server where you're trying to install the package. You should be able to do it by simply copying the key there and running rpm -i /path/to/RPM-GPG-KEY-REPONAME.
The key should normally be placed in /etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME. Also check the repo file for your repo in /etc/yum.repos.d so that it contains the following lines:
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME
gpgcheck=1
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
The problem here is that you haven't configured your server to accept the key that signed the package as a valid GPG key for this repo.
The easiest solution is of course to run yum with nogpgcheck, though it's obviously also less secure. But if you've downloaded the package and verified it, and are keeping it in a place where it shouldn't be possible to tamper with it, it may be acceptable.
If this isn't acceptable, you need to fetch the public part of the key that was used to sign the package and place it on the server where you're trying to install the package. You should be able to do it by simply copying the key there and running rpm -i /path/to/RPM-GPG-KEY-REPONAME.
The key should normally be placed in /etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME. Also check the repo file for your repo in /etc/yum.repos.d so that it contains the following lines:
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-REPONAME
gpgcheck=1
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
answered Aug 12 '15 at 14:13
Jenny D
10.5k22745
10.5k22745
add a comment |
add a comment |
up vote
0
down vote
This is an old question but still valuable to answer I believe to prevent misleading information. The package is signed as you can see from the message :
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
However the key isn't installed... I tried to search for this package key but couldn't find an url for it (This is what led me here in fact). When found/validated you can import it via:
rpm --import <url>
The solution from @larsks disabled the checking of the gpg key...
answered Jul 25 '16 at 14:13
ROunofF
1011
add a comment |
up vote
0
down vote
This is an old question but still valuable to answer I believe to prevent misleading information. The package is signed as you can see from the message :
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
However the key isn't installed... I tried to search for this package key but couldn't find an url for it (This is what led me here in fact). When found/validated you can import it via:
rpm --import <url>
The solution from @larsks disabled the checking of the gpg key...
answered Jul 25 '16 at 14:13
ROunofF
1011
add a comment |
up vote
0
down vote
up vote
0
down vote
This is an old question but still valuable to answer I believe to prevent misleading information. The package is signed as you can see from the message :
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
However the key isn't installed... I tried to search for this package key but couldn't find an url for it (This is what led me here in fact). When found/validated you can import it via:
rpm --import <url>
The solution from @larsks disabled the checking of the gpg key...
answered Jul 25 '16 at 14:13
ROunofF
1011
This is an old question but still valuable to answer I believe to prevent misleading information. The package is signed as you can see from the message :
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
However the key isn't installed... I tried to search for this package key but couldn't find an url for it (This is what led me here in fact). When found/validated you can import it via:
rpm --import <url>
The solution from @larsks disabled the checking of the gpg key...
answered Jul 25 '16 at 14:13
ROunofF
1011
answered Jul 25 '16 at 14:13
ROunofF
1011
answered Jul 25 '16 at 14:13
ROunofF
1011
answered Jul 25 '16 at 14:13
ROunofF
1011
1011
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f222544%2ftrying-to-install-chef-client-package-via-local-yum-repo%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
