Closed JSM2703 closed 1 month ago
m2Giles
commented
5 months ago You don't have the fedora 38 gpg key in /etc
You should be able to get them from here https://rpmfusion.org/keys
/etc can drift from the image since it is writable. You can always check /usr/etc for what we ship for the defaults in /etc
m2Giles
commented
4 months ago To help resolve this we're going to make sure that additional repositories are not enabled on the image.
40 -> 39 rollbacks were having issues with gpg keys
m2Giles
commented
4 months ago New images now do not have RPM fusion enabled. This should hopefully stop the missing gpg key problem because you shouldn't be syncing with those repos now.
Note this still doesn't mean that a 40 -> 39 is guaranteed to work. We have seen issues in the past that installing 39 and rolling to 38 without being on 38 before would boot into emergency mode. But if you were on 38 prior it would work.
Describe the bug
❯ rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/bluefin-dx:gtsPulling manifest: ostree-image-signed:docker://ghcr.io/ublue-os/bluefin-dx:gts Checking out tree 08db862... done Enabled rpm-md repositories: copr:copr.fedorainfracloud.org:ublue-os:akmods updates fedora rpmfusion-free-updates-testing rpmfusion-free-updates rpmfusion-free rpmfusion-nonfree-updates-testing rpmfusion-nonfree-updates rpmfusion-nonfree updates-archive Updating metadata for 'updates'... done Updating metadata for 'rpmfusion-free-updates-testing'... done error: Updating rpm-md repo 'rpmfusion-free-updates-testing': Failed to download gpg key for repo 'rpmfusion-free-updates-testing': Curl error (37): Couldn't read a file:// file for file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-38 [Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-38]
What did you expect to happen?
rebase to gts should not give an error
Output of
rpm-ostree statusExtra information or context
As in the bluefin:latest the GPG keys were not there in /etc I have created them manually but still rebase gives errors :
jasper@bluefin /etc/pki/rpm-gpg🔒 :package: $ ls -la .rw-r–r–@ 1.7k root 4 Mar 13:58 RPM-GPG-KEY-rpmfusion-free-fedora-38 .rw-r–r–@ 1.7k root 4 Mar 13:58 RPM-GPG-KEY-rpmfusion-nonfree-fedora-38
But still get the same error when trying to rebase to bluefin-dx:lts
❯ rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/bluefin-dx:gtsPulling manifest: ostree-image-signed:docker://ghcr.io/ublue-os/bluefin-dx:gts Checking out tree 08db862… done Enabled rpm-md repositories: copr:copr.fedorainfracloud.org:ublue-os:akmods updates fedora rpmfusion-free-updates-testing rpmfusion-free-updates rpmfusion-free rpmfusion-nonfree-updates-testing rpmfusion-nonfree-updates rpmfusion-nonfree updates-archive Updating metadata for ‘updates’… done Updating metadata for ‘rpmfusion-free-updates-testing’… done error: Updating rpm-md repo ‘rpmfusion-free-updates-testing’: Failed to download gpg key for repo ‘rpmfusion-free-updates-testing’: Curl error (37): Couldn’t read a file:// file for file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-38 [Couldn’t open file /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-38]