Transaction failed: Signature verification failed.
OpenPGP check for package “fedy-5.0.51-1.fc41.noarch” (/var/cache/libdnf5/copr:copr.fedorainfracloud.org:kwizart:fedy-8f2fd395ea3c7964/packages/fedy-5.0.51-1.fc41.noarch.rpm) from repo “copr:copr.fedorainfracloud.org:kwizart:fedy” has failed: Problem occurred when opening the package.
xxxxx@asus-fedora:~$
If I am seeing this correctly…
There are ca. 187 packages that are not updated due to this situation… or is it just this one package that is not being updated ? Because if I close the window and do a new dnf upgrade, all these packages are coming up again, as not installed.
Hi Barry, the Konsole ran and installed all the other packages without the copr “kwizart” when I used your suggestion ( sudo dnf update --disablerepo=kwizart ).
Thanks for the tip. Question, is it necessary to install “kwizart” and if so, how can I get the necessary key as well, so that it functions as intended ?
It is important for us all to remember that packages installed from 3rd party locations, whether copr or otherwise, may interfere with updates and that disabling those repos and/or removing the related packages when an update fails will often solve the issue.
You could try running the clean-rpm-gpg-pubkey command that will remove keys that are out-of-date. Then when you do another update you should be offered the latest copr repo key.
I got a notice for new updates, when I tried to down load them, I got a message that something went wrong.
Here is the printout from the error:
package fedy-5.0.51-1.fc41.noarch cannot be verified and repo copr:copr.fedorainfracloud.org:kwizart:fedy is GPG enabled: /var/cache/PackageKit/41/metadata/copr:copr.fedorainfracloud.org:kwizart:fedy-41-x86_64/packages/fedy-5.0.51-1.fc41.noarch.rpm could not be verified.
/var/cache/PackageKit/41/metadata/copr:copr.fedorainfracloud.org:kwizart:fedy-41-x86_64/packages/fedy-5.0.51-1.fc41.noarch.rpm: Verifying a signature using certificate C4805F795A3024A71AD1D39CC27EFD7A2DA862E5 (kwizart_fedy (None) kwizart#fedy@copr.fedorahosted.org):
Certificate C27EFD7A2DA862E5 invalid: certificate is not alive
because: The primary key is not live
because: Expired on 2024-09-01T15:42:50Z
Key C27EFD7A2DA862E5 invalid: key is not alive
because: The primary key is not live
because: Expired on 2024-09-01T15:42:50Z: Verifying a signature using certificate C4805F795A3024A71AD1D39CC27EFD7A2DA862E5 (kwizart_fedy (None) kwizart#fedy@copr.fedorahosted.org):
Certificate C27EFD7A2DA862E5 invalid: certificate is not alive
because: The primary key is not live
because: Expired on 2024-09-01T15:42:50Z
Key C27EFD7A2DA862E5 invalid: key is not alive
because: The primary key is not live
because: Expired on 2024-09-01T15:42:50Z: digest: SIGNATURE: NOT OK
I also did as you suggested pertaining to removing the old keys…( clean-rpm-gpg-pubkey )
This was the result of that command:
Hi Barry,
I think it is working okay, and I believe that " kwizart_fedy " is removed…
Although when I gave in the command; sudo rpmkeys --list I got the following printout:
d651ff2e-5dadbbc1: RPM Fusion free repository for Fedora (2020) <rpmfusion-buildsys@lists.rp mfusion.org> public key
94843c65-5dadbc64: RPM Fusion nonfree repository for Fedora (2020) <rpmfusion-buildsys@lists
.rpmfusion.org> public key
2da862e5-5d6e89fa: kwizart_fedy (None) kwizart#fedy@copr.fedorahosted.org public key
0c1289c0-58c6ad7d: TeamViewer GmbH (TeamViewer Linux 2017) support@teamviewer.com public k
ey
7fac5991-45f06f46: Google, Inc. Linux Package Signing Key <linux-packages-keymaster@google.c
public key
d38b4796-570c8cd3: Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@ google.com> public key
e99d6ad1-64d2612c: Fedora (41) fedora-41-primary@fedoraproject.org public key
Hi Thomasz, Thank you for your reply, I looked at your suggestions as listed below. Honestly speaking, that is all a bit too complicated for my level of knowledge.
What I would need is simple but clear instructions as to how to deal with this problem.
First of all are you saying that “ALL” the keys need to be installed, regardless of repo ? Or are some not necessary for Fedora to operate normally?
If you say they are all necessary, then How can I check which ones are missing, and how do I install them “correctly” with out conflicts ?
I hope you can appreciate my situation and perhaps offer some SIMPLE but EXACT instructions.
First of all, since you removed your COPR repo it may be good idea to enable it again if you want to continue using the software from it: sudo dnf copr enable kwizart/fedy.
Then, to actually solve your issue (some dnf command failed) choose one solution from these two.
Solution 1:
Add the --enableplugin=expired-pgp-keys parameter to the failed dnf command. So for example sudo dnf upgrade --enableplugin=expired-pgp-keys.
This works only for dnf4, no dnf5. You may need to replace dnf with dnf4, so sudo dnf4 upgrade --enableplugin=expired-pgp-keys.
Hi Thmasz, I have copy / pasted the results of the “Konsole” following your instructions for Solution number 1 below.
$ sudo dnf upgrade --enableplugin=expired-pgp-keys
No matches were found for the following plugin name patterns while enabling libdnf plugin
s: expired-pgp-keys
Updating and loading repositories:
Repositories loaded.
Nothing to do.
frank@asus-fedora:~$ sudo dnf4 upgrade --enableplugin=expired-pgp-keys
Last metadata expiration check: 0:01:06 ago on Mo 13 Jan 2025 00:10:13.
Dependencies resolved.
Nothing to do.
Complete!
frank@asus-fedora:~$ sudo dnf copr enable kwizart/fedy https://copr.fedorainfracloud.org/api_3/rpmrepo 100% | 509.0 B/s | 816.0 B | 00m02s
Enabling a Copr repository. Please note that this repository is not part
of the main distribution, and quality may vary.
Please do not file bug reports about these packages in Fedora
Bugzilla. In case of problems, contact the owner of this repository.
Is this ok [y/N]: y
frank@asus-fedora:~$ sudo dnf4 upgrade --enableplugin=expired-pgp-keys
Copr repo for fedy owned by kwizart 610 B/s | 1.2 kB 00:01
Dependencies resolved.
Nothing to do.
Complete!
frank@asus-fedora:~$ sudo dnf upgrade
Updating and loading repositories:
Copr repo for fedy owned by kwizart 100% | 1.4 KiB/s | 1.5 KiB | 00m01s
Repositories loaded.
Nothing to do.
I hope this is the result that should have come from this transaction.
If you think any / something else needs to be done, please let me know.
Thank you for your replay and clear instructions on hopefully resolving this problem.
I like Fedora, even though I am not technically skilful in applying software applications / changes.
You patience and support is great-fully appreciated.