Hi, I’m adding the 1password repository for fedora on my silverblue (see here) but I had to disable the gpg check as I am unable to import the key.
when I run the rpm command to import it I get the following error.
error: can’t create transaction lock on /usr/share/rpm/.rpm.lock (Read-only file system)
error: https://downloads.1password.com/linux/keys/1password.asc: key 1 import failed.
I have the seemingly identical issue with tailscale from https://pkgs.tailscale.com/stable/fedora/36/tailscale.repo
When I do rpm-ostree install tailscale or rpm-ostree compose tree they fail with:
error: importing RPMs: package tailscale-1.26.2-1.x86_64 cannot be verified and repo tailscale-stable is GPG enabled: /proc/self/fd/15/cache/repomd/tailscale-stable-rpmostree-unset-releasever-x86_64/packages/tailscale_1.26.2_x86_64.rpm could not be verified.
/proc/self/fd/15/cache/repomd/tailscale-stable-rpmostree-unset-releasever-x86_64/packages/tailscale_1.26.2_x86_64.rpm: digest: SIGNATURE: NOT OK
I have imported https://pkgs.tailscale.com/stable/fedora/repo.gpg and it is existing as /etc/pki/rpm-gpg/RPM-GPG-KEY-tailscale-stable
Just ran into the same issue with 1password on Silverblue, copying the key under /etc/pki/rpm-gpg alone didn’t work, I got the same error about Bad GPG signature as @sariluca
I had to comment out the remote gpgkey reference and point it to the key I copied to /etc/pki/rpm-gpg. This is how the Fedora repos are configured too, so I thought it might work. Not sure why the HTTP version didn’t work or if it was supposed to work that way.