Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1365147 - /etc/pki/rpm-gpg/RPM-GPG-KEY-26-fedora is a dangling symlink
Summary: /etc/pki/rpm-gpg/RPM-GPG-KEY-26-fedora is a dangling symlink
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: abrt
Version: 26
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: abrt
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-08-08 13:26 UTC by Vít Ondruch
Modified: 2018-05-29 11:48 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-05-29 11:48:08 UTC


Attachments (Terms of Use)

Description Vít Ondruch 2016-08-08 13:26:39 UTC
On my Rawhide, I can see following error in my journal:

aug 05 13:56:52 localhost abrt-server[2562]: Can't load public GPG key /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-primary

And indeed, I don't have the file on my filesystem and this was resolved as part of bug 1364378.

Nevertheless, I am curious how ABRT get to this file, since I was told by rel-eng that you should not refer to this file at all. Please see my log of conversation of IRC:


-dgilmore- vondruch: what is expecting rawhide to be signed?
>vondruch< dgilmore, I don't expect that ...
 dgilmore, I just expect that g-s will work
 dgilmore, and ABRT will work
>vondruch< dgilmore, https://bugzilla.gnome.org/show_bug.cgi?id=769540
-dgilmore- vondruch: the repo files by default have gpgcheck=0
>vondruch< dgilmore, may be its a bug in package kit the?
-dgilmore- vondruch: in this case gnome-software must be doing something horribly wrong
>dgilmore< or packagekit is
 if the repo says do not check gpg signatures
>vondruch< dgilmore, srp 05 13:56:52 localhost abrt-server[2562]: Can't load public GPG key /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-primary
>dgilmore< then gnome-software should not check
>vondruch< dgilmore, this is what I see reported from ABRT ....
-dgilmore- vondruch: okay, whatever is trying to load the file is broken
>vondruch< dgilmore, ok ... I'll forward this to both parties ....
-dgilmore- vondruch: loading /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-primary will always be wrong also
>dgilmore< because secondary arches use a different key
 so for some arches the wrong file will be getting loaded
 it sounds like someone has implemented something without understanding how thinsg actually work
 and has mad some incorrect assumptions
 made
-dgilmore- vondruch: /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-primary is not referenced in any configuration file
-dgilmore- vondruch: we have a -primary and -seconday file
 vondruch: we symlink the file to an arch specific location
-dgilmore- vondruch: so assuming that you are on x86-64 it should be loading gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-26-x86_64

Comment 1 Vít Ondruch 2016-08-08 13:27:24 UTC
$ rpm -q abrt
abrt-2.8.2-2.fc25.x86_64

$ rpm -q fedora-repos
fedora-repos-26-0.1.noarch

Comment 2 Jakub Filak 2016-08-08 21:02:57 UTC
Thank you for the report. You were right, ABRT does not directly link to that file but it links to the file's directory '/etc/pki/rpm-gpg' which is configured in the /etc/abrt/gpg_keys.conf file. ABRT loads all files from that directory and one of those files is the /etc/pki/rpm-gpg/RPM-GPG-KEY-26-fedora file which is a dangling symlink to RPM-GPG-KEY-fedora-26-primary.

$ rpm -qf /etc/pki/rpm-gpg/RPM-GPG-KEY-26-fedora 
fedora-repos-26-0.1.noarch

$ ls -al /etc/pki/rpm-gpg/RPM-GPG-KEY-26-fedora 
lrwxrwxrwx. 1 root root 29 Jul 26 22:12 /etc/pki/rpm-gpg/RPM-GPG-KEY-26-fedora -> RPM-GPG-KEY-fedora-26-primary

$ cd /etc/pki/rpm-gpg
$ ls -al $(readlink RPM-GPG-KEY-26-fedora)
ls: cannot access 'RPM-GPG-KEY-fedora-26-primary': No such file or directory

Comment 3 Peter Robinson 2016-08-08 21:58:35 UTC

*** This bug has been marked as a duplicate of bug 1364378 ***

Comment 4 Dennis Gilmore 2016-08-09 09:26:55 UTC
Reopening as abrt is doing the wrong thing,

abrt needs to not makes its own assumptions about keys and if they should be imported. Rawhide has gpg checking disabled in the repo config files. the repo config files also point to an appropriate file for the key for the release/architecture in question. /etc/pki/rpm-gpg/RPM-GPG-KEY-26-fedora is a legacy link that really should just be removed at this point. It is not the correct file on secondary architectures. It is also not the correct file for any addon repos like rpmfusion. 

So please change abrt to use use the repo files to get appropriate keys and if gpg checking is even enabled.

Comment 5 Fedora End Of Life 2017-02-28 10:04:23 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 26 development cycle.
Changing version to '26'.

Comment 6 Fedora End Of Life 2018-05-03 08:03:12 UTC
This message is a reminder that Fedora 26 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 26. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '26'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 26 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged  change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.

Comment 7 Fedora End Of Life 2018-05-29 11:48:08 UTC
Fedora 26 changed to end-of-life (EOL) status on 2018-05-29. Fedora 26
is no longer maintained, which means that it will not receive any
further security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.