superyupkent Posted October 14, 2004 Report Share Posted October 14, 2004 Hi everyone, I have been reading up on the use of quotas under linux, unfortunately when I decided to start off I noticed that the command quota & quotacheck are not available/installed. When trying to run urpmi quota, I receive: The following packages have bad signatures: /var/cache/urpmi/rpms/quota-3.09-1mdk.i586.rpm: Invalid Key ID ((sha1) dsa sha1 md5 gpg GPG#26752624 OK) Do you want to continue installation ? (y/N) Obviously I choose no there, so how can I add this support? It's good to note that I am not in the position to access my server physically. Thanks, Alex Quote Link to comment Share on other sites More sharing options...
chris z Posted October 14, 2004 Report Share Posted October 14, 2004 (edited) if the source is reliable, ignore the "bad signature........" message & install it. it's just telling you that it can't match any known GPG keys becuase you probably don't have them downloaded on your computer. i (& many others) do it all the time. it will install fine without the GPG key match. if the RPM is borked for some reason, then it will will error out during the install & won't install at all. also note, the quota-3.09-1mdk rpm is available on the MDK CD's or from a "main" source. if you'd do urpmi quota in terminal as root you shouldn't get that error at all. Chris Edited October 14, 2004 by chris z Quote Link to comment Share on other sites More sharing options...
arthur Posted October 14, 2004 Report Share Posted October 14, 2004 and be sure to include quota support in your kernel... Quote Link to comment Share on other sites More sharing options...
superyupkent Posted October 15, 2004 Author Report Share Posted October 15, 2004 @ Chris Z The weird things is that if I put urpmi apache (or another very known binary) I dont get that GPG error. Is there a way to get those GPG keys and get rid of that message? @arthur How can I check if quota support is compiled in the kernel? And if not, is there any way I can update it into my kernel without downtime? Thanks Quote Link to comment Share on other sites More sharing options...
chris z Posted October 15, 2004 Report Share Posted October 15, 2004 (edited) a brief tute on GPG keys (from how i understand it)............ every package is signed with a GPG key to assure the user (downloader) that the file hasn't been tampered with (IE: the server was hacked and all the files were replaced by bogus ones, virus infected files, badly compiled files, etc.). to read the key, you (the user) need the public GPG key. the main public GPG key for Mandrake repositories is installed with the distro so that's why you won't get errors installing apps from the Mandrake CD's. files from other repositories usually link to a public GPG key on their website or keep it in the root of the repository. you can download and import that key with the command "gpg --import (name of file)". for instance, if you go to This PLF Repository, you'll see the file "pubkey" listed. that contains all the GPG keys for the PLF apps on that site. so, for instance, you could do gpg --import ftp://ftp.free.fr/pub/Distributions_Linux...ake/10.0/pubkey in terminal as root to put those GPG keys on your system. then, when you go to install an app from that source, the keys will match & you won't get the "invalid sig" error. if you don't have the key, you will get that error. but, since it's highly unlikely that official Mandrake (or PLF, or Contrib, or Cooker, etc.) files have been tampered with, you can ignore the "bad key" message and go ahead and install the programs without fear. they'll work fine. if you want the added security of knowing all the keys match & all of your downloads are certified, then you'll have to add a key for all of your sources & keep them all up to date. a bit too much to go through, IMHO, but the choice is yours. as for the Quota support in the kernel......... i don't use Quota(s), so i have no idea. maybe Arthur, or somebody else could answer that or elaborate more. Chris Edited October 15, 2004 by chris z Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.