Upstream ticket against rpm here:
You go to Google website, download .rpm package and install with su/sudo rpm -i google*.rpm that installs a specific repository and choose on the fly stable or other always updated using dnf ā¦ simple ā¦
There are workarounds for mutable Fedora installs but thatās not useful for Silverblue users. Google will have use a standard configuration for their packaging while rpm addresses this edge case upstream.
I rolled up to silverblue 39 beta this morning and tried to use the built in chrome third party repo in software. Got the same error. Downloaded .rpm from google, rpm-ostree installed liberation-fonts, then rpm-ostree installed their .rpm and that landed it.
user@fedora ~/Downloads> ls
google-chrome-stable_current_x86_64.rpm
user@fedora ~/Downloads> sudo rpm-ostree install google-chrome-stable_current_x86_64.rpmā¦Writing OSTree commitā¦ done
Staging deploymentā¦ done
Freed: 67.9 MB (pkgcache branches: 0)
Added:
google-chrome-stable-117.0.5938.88-1.x86_64
1 Like
So, what exactly is the solution here ?
Iām using Fedora 38 (Workstation) and have been installing Chrome via the .rpm package on Googleās website.
Whenever there is an update on available via the āSoftwareā app, Iām unable to proceed with any system or other updates as long as Chrome is in the way. (Getting the āsignature not okā error message).
Are you downloading the rpm then attempting to install it? Or are you installing from the google chrome repo with normal updates.
I have never had an issue with google chrome, but I have the google-chrome repo enabled which is available thru the āhamburger menuā in the gnome software app. Chrome is automatically updated and properly signed when I update in that manner.
You can check if the google-chrome repo is enabled with dnf repolist
Iām downloading and installing Chrome via the .rpm package on Google Chromeās website everytime a new version becomes available, as the one initially available on the Software app is out of date I believe.
I do have the google-chrome repo enabled as well via the hamburger menu. ādnf repolistā shows it as well.
Not true.
The currently installed chrome on my system is
$ dnf list installed google-chrome-stable
Installed Packages
google-chrome-stable.x86_64 117.0.5938.92-1 @google-chrome
Trying to install something newer has the potential of installing an unstable version.
That was initially installed using sudo dnf install google-chrome-stable and then is automatically kept up to date with each system upgrade. Installing with rpm-ostree should do the same.
Ah yes youāre right. It does have the latest version on the Software app.
I see what happened. The reason I turned to installing Chrome from outside the Software app via downloading a .rpm package was because I get the āUnable to install āGoogle Chromeā as not supportedā error message whenever I do try to install it through the Software app.
I have the Google Chrome repositories enabled in the hamburger menu.
What would be the reason for this error message ?
I had the same issue and error trying to install Chrome from Gnome software in Fedora 39. I also downloaded Chrome from the website and it installed with no issues.
But do you encounter the āsignature not okā error now whenever there are updates for Chrome via the software app ?
No in software it only showed it wasnāt supported.Iām guessing it was an issue that Gnome 45 was still in beta.I have not tried to remove Chrome and try and reinstall it with software now that Gnome 45 has been released.
There seems to be an issue in the way the software manager (gnome software) handles keys.
I just installed google-chrome-stable on my F39 VM with dnf, and other than some messages about expired keys it was able to do the install.
$ sudo dnf install google-chrome-stable
Last metadata expiration check: 0:18:54 ago on Fri 29 Sep 2023 10:04:02 AM CDT.
Dependencies resolved.
====================================================================================================================================
Package Architecture Version Repository Size
====================================================================================================================================
Installing:
google-chrome-stable x86_64 117.0.5938.132-1 google-chrome 104 M
Installing dependencies:
liberation-fonts noarch 1:2.1.5-7.fc39 updates-testing 7.5 k
Transaction Summary
====================================================================================================================================
Install 2 Packages
Total download size: 104 M
Installed size: 324 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): liberation-fonts-2.1.5-7.fc39.noarch.rpm 72 kB/s | 7.5 kB 00:00
(2/2): google-chrome-stable-117.0.5938.132-1.x86_64.rpm 49 MB/s | 104 MB 00:02
------------------------------------------------------------------------------------------------------------------------------------
Total 41 MB/s | 104 MB 00:02
google-chrome 969 B/s | 14 kB 00:15
Importing GPG key 0xD38B4796:
Userid : "Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>"
Fingerprint: EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796
From : https://dl.google.com/linux/linux_signing_key.pub
Is this ok [y/N]: y
warning: Certificate 7721F63BD38B4796:
Subkey 1397BC53640DB551 is expired: The subkey is not live
Subkey 78BD65473CB3BD13 is expired: The subkey is not live
Subkey 6494C6D6997C215E is expired: The subkey is not live
Key imported successfully
Importing GPG key 0x7FAC5991:
Userid : "Google, Inc. Linux Package Signing Key <linux-packages-keymaster@google.com>"
Fingerprint: 4CCA 1EAF 950C EE4A B839 76DC A040 830F 7FAC 5991
From : https://dl.google.com/linux/linux_signing_key.pub
Is this ok [y/N]: y
warning: Certificate A040830F7FAC5991:
Policy rejects subkey 4F30B6B4C07CB649: Policy rejected asymmetric algorithm
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : liberation-fonts-1:2.1.5-7.fc39.noarch 1/2
Running scriptlet: google-chrome-stable-117.0.5938.132-1.x86_64 2/2
Installing : google-chrome-stable-117.0.5938.132-1.x86_64 2/2
Running scriptlet: google-chrome-stable-117.0.5938.132-1.x86_64 2/2
Verifying : liberation-fonts-1:2.1.5-7.fc39.noarch 1/2
Verifying : google-chrome-stable-117.0.5938.132-1.x86_64 2/2
Installed:
google-chrome-stable-117.0.5938.132-1.x86_64 liberation-fonts-1:2.1.5-7.fc39.noarch
Complete!
1 Like
Install : OK, fine but does it work, synchronizing same account on other devices, Google Workspace, Drive cloud ressources ā¦ otherwise youāre just lost in space ā¦
Thanks a lot ā that helped with Fedora 39 and Google Chrome update error
Fixed it for me:
- download latest rpm
sudo rpm -U google-chrome-stable_current_x86_64.rpm
something interesting i found on online and it actually works so this is something to share on upstream and others to see/check and test since i found that there is difrent URL and GPG key paths on Fedora repo file than what i found online and editing the google-chrome.repo on details down i can layer google chrome and dont get any gpg signature errors and this is tested on F39 silverblue and F40 beta silverblue
[google-chrome]
name=google-chrome
baseurl=http://dl.google.com/linux/chrome/rpm/stable/$basearch
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
there is also at first installation i edit the repo file and take gpg check 0 install chrome and then put gpg check back to 1 and again all works so i guess using default repo files are still valid, but on first install gpg check need to be off and after that seems fine again to use
Using kinoite 39, setting gpgcheck=0 made it possible to install chrome but after restoring it to 1, upgrades fail with a signature error.
1 Like