|
During an upgrade, the following error message appears:
- Importing GPG key 0x6D745A60:
- Userid : "Release Engineering <infrastructure@rockylinux.org>"
- Fingerprint: 7051 C470 A929 F454 CEBE 37B7 15AF 5DAC 6D74 5A60
- From : /tmp/tmp.aQJPrMzhag/gpg/RPM-GPG-KEY-rockyofficial
- warning: /var/cache/dnf/rockybaseos-bcfb0ced2825da33/packages/rocky-repos-8.10-1.9.el8.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 5e209b0f: NOKEY
- Public key for rocky-repos-8.10-1.9.el8.noarch.rpm is not installed. Failing package is: rocky-repos-8.10-1.9.el8.noarch
- GPG Keys are configured as: file:///tmp/tmp.aQJPrMzhag/gpg/RPM-GPG-KEY-rockyofficial
[15:16:58] pre-upgrade : PRE-UPGRADE | Check and replace CentOS with RockyLinux ...| - Error: GPG check FAILED
This indicates that the system is unable to verify the authenticity of the package due to a missing or untrusted GPG key, causing the upgrade to fail.
Ensure the necessary GPG keys are installed by running:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
If the key is missing, manually download and import it:
curl -o /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial https://download.rockylinux.org/pub/rocky/RPM-GPG-KEY-rockyofficial
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
Verify that the correct key is installed:
rpm -q gpg-pubkey --qf "%{name}-%{version}-%{release} %{summary}\n"
If the repository metadata is outdated, refresh it:
sudo dnf clean all
sudo dnf makecache
Check the repository configuration file (/etc/yum.repos.d/Rocky-Sources.repo) and ensure the GPG key path is correctly defined:
[rocky]
name=Rocky Linux $releasever - BaseOS
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
If none of the above solutions work and the source of the packages (such as the official Rocky Linux repositories or internal repository) is trusted, bypass the GPG check with:
yum update --nogpgcheck -y
However, this should be a last resort, as it disables security verification of package authenticity.
|
