From: | "Josserand, Jesse F (NE)" <Jesse(dot)Josserand(at)GDIT(dot)com> |
---|---|
To: | Craig Ringer <craig(dot)ringer(at)enterprisedb(dot)com> |
Cc: | "pgsql-pkg-yum(at)postgresql(dot)org" <pgsql-pkg-yum(at)postgresql(dot)org> |
Subject: | RE: public keys |
Date: | 2020-11-20 03:49:18 |
Message-ID: | CY1P110MB0520C32CA869F86A93D7686C96FF0@CY1P110MB0520.NAMP110.PROD.OUTLOOK.COM |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-pkg-yum |
Thank you!
[TekSynap - Technology Moving at the Speed of Thought]<https://www.teksynap.com/>
Jesse F. Josserand | Sr. Systems Architect/SysAdmin/DB Analyst
M: 601-590-0304 | D: 228-469-2019 | jesse(dot)josserand(at)teksynap(dot)com<mailto:jesse(dot)josserand(at)teksynap(dot)com>
www.TekSynap.com<https://www.teksynap.com/> | 1760 Reston Parkway, Suite 515, Reston VA 20190
Assigned to GDIT Project, 294 Thames Avenue, Bay St. Louis, MS 39520
Jesse(dot)Josserand(at)GDIT(dot)com<mailto:jesse(dot)josserand(at)gdit(dot)com>
[Connect with TekSynap on LinkedIn]<https://www.linkedin.com/company/teksynap/>
|
[Save vCard]<https://www.teksynap.com/teksynap_signatures/Jesse_Josserand/?vcard=1>
From: Craig Ringer <craig(dot)ringer(at)enterprisedb(dot)com>
Sent: Thursday, November 19, 2020 8:06 PM
To: Josserand, Jesse F (NE) <Jesse(dot)Josserand(at)GDIT(dot)com>
Cc: pgsql-pkg-yum(at)postgresql(dot)org
Subject: Re: public keys
[External: Use caution with links & attachments]
On Fri, Nov 20, 2020 at 1:12 AM Josserand, Jesse F (NE) <Jesse(dot)Josserand(at)gdit(dot)com<mailto:Jesse(dot)Josserand(at)gdit(dot)com>> wrote:
I’m trying to do a cold yum install of postgresql 12 rpm’s, but do not want to use '--nogpgcheck' when doing so.
Where can I get the public keys?
I don't know what you mean by a "cold" install.
The keys are packaged in the repo-rpms.
$ rpm -ql pgdg-fedora-repo
/etc/pki/rpm-gpg
/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG
/etc/yum.repos.d/pgdg-fedora-all.repo
They're also available from the repository itself:
https://download.postgresql.org/pub/repos/yum/<https://urldefense.us/v2/url?u=https-3A__download.postgresql.org_pub_repos_yum_&d=DwMFaQ&c=kBZcWdBOH-UDm7cX7sUnio9i4Dr7DDged-ltBm3Bq7Y&r=VoGeNuaMEvhw8o6d2z8AFlsYnDQQIax5bnlq6kweepI&m=6VWigrKL-nUlWs54YpM57r4-28LgNBUwHJAhyd2FfCY&s=fNJZdWefq-f6Dp6J8HIIxfcNzzbMY1da32c-ttkwKGQ&e=>
The key you want is:
$ gpg --fingerprint 1F16D2E1442DF0F8
pub dsa1024 2008-01-08 [SCA]
68C9 E2B9 1A37 D136 FE74 D176 1F16 D2E1 442D F0F8
uid [ unknown] PostgreSQL RPM Building Project <pgsqlrpms-hackers(at)pgfoundry(dot)org<mailto:pgsqlrpms-hackers(at)pgfoundry(dot)org>>
sub elg2048 2008-01-08 [E]
It should probably be published prominently on yum.postgresql.org<https://urldefense.us/v2/url?u=http-3A__yum.postgresql.org&d=DwMFaQ&c=kBZcWdBOH-UDm7cX7sUnio9i4Dr7DDged-ltBm3Bq7Y&r=VoGeNuaMEvhw8o6d2z8AFlsYnDQQIax5bnlq6kweepI&m=6VWigrKL-nUlWs54YpM57r4-28LgNBUwHJAhyd2FfCY&s=bpTLvueRCmSc8KFW_SjgKMSwo1sGBPa4dhtZ_1Lm8KY&e=> by key-id and fingerprint, so it can be verified somewhat independently of the actual download repos, but AFAICS ( https://www.google.com/search?q=site%3Ayum.postgresql.org+1F16D2E1442DF0F8<https://urldefense.us/v2/url?u=https-3A__www.google.com_search-3Fq-3Dsite-253Ayum.postgresql.org-2B1F16D2E1442DF0F8&d=DwMFaQ&c=kBZcWdBOH-UDm7cX7sUnio9i4Dr7DDged-ltBm3Bq7Y&r=VoGeNuaMEvhw8o6d2z8AFlsYnDQQIax5bnlq6kweepI&m=6VWigrKL-nUlWs54YpM57r4-28LgNBUwHJAhyd2FfCY&s=vevA9hIH-KnAqdM9b02-LndKdqgH7tTJGqAOxiJweMQ&e=> ) it is not.
so consider filing an issue for that:
https://redmine.postgresql.org/projects/pgrpms/<https://urldefense.us/v2/url?u=https-3A__redmine.postgresql.org_projects_pgrpms_&d=DwMFaQ&c=kBZcWdBOH-UDm7cX7sUnio9i4Dr7DDged-ltBm3Bq7Y&r=VoGeNuaMEvhw8o6d2z8AFlsYnDQQIax5bnlq6kweepI&m=6VWigrKL-nUlWs54YpM57r4-28LgNBUwHJAhyd2FfCY&s=LkHnoJU9lF5udICJkokTztc22NcxahX5o40UoZDlzsM&e=>
I also note that nobody's signed the key to attest its validity on the keyservers. That's not necessarily required for rpms, but might be a good idea. When I get a chance to verify it with Devrim via a side channel I'll sign it and push my signature.
From | Date | Subject | |
---|---|---|---|
Next Message | Laurenz Albe | 2020-11-27 07:13:34 | Strange proj dependencies |
Previous Message | Craig Ringer | 2020-11-20 02:06:26 | Re: public keys |