Hello
I am trying to verify the templates downloaded from:
https://qubes.3isec.org/rpm/r4.2/templates/qubes-template-jammy-minimal-4.2.0-202405182317.noarch.rpm
https://qubes.3isec.org/rpm/r4.2/templates/qubes-template-noble-minimal-4.2.0-202405211137.noarch.rpm
On a fedora-40 based template I use the following procedure:
[aaa@bbb ~]$ gpg2 --keyserver keyserver.ubuntu.com --recv-keys 8B3F30F9C8C0C2EF
[aaa@bbb ~]$ gpg2 --export --armor 8B3F30F9C8C0C2EF > unman.asc
[aaa@bbb ~]$ sudo mv unman.asc /etc/pki/rpm-gpg/unman.asc
[aaa@bbb Downloads]$ rpm -K qubes-template-jammy-minimal-4.2.0-202405182317.noarch.rpm
and I get:
qubes-template-jammy-minimal-4.2.0-202405182317.noarch.rpm: digests SIGNATURES NOT OK
So that means it doesn’t pass the verification check. I’ve used the same procedure many times and it worked so I don’t understand what happens. Does anybody know what is the problem?
Thank you in advance
unman
October 6, 2024, 2:27pm
2
Hello Mr Paranoia
You need to import the key in to the rpm keyring:
Then the verification with `rpm -K` will work.
unman
Hello Unman
Thanks for your fast reply and for providing ubuntu templates.
Anyway though… there seems to be a problem when installing the templates.
[aaa@dom0 ~]$ qvm-run --pass-io <> ‘cat /path/to/template-in-source-qube.rpm’ > /path/to/template-in-dom0.rpm
[aaa@dom0 ~]$ sudo dnf install /path/to/template.rpm-in-dom0
and I get the following output:
Qubes OS Repository for Dom0 2.7 MB/s | 3.0 kB 00:00 Dependencies resolved.