On 02.07.2015 02:24 AM, Harris, Peter A wrote:
[PAH-TEST-134-62-62] x2go-release-epel> ls 3622fd378b433fadfe2447d160f0503c8e55fb6508403c2f5812332055ea7021-other.sqlite cachecookie 3b4d858dc9502dd70495a7478354dda38d1b5920981e1e763b6b3d4cc479b215-filelists.sqlite packages 3e2ca432eee448392bed25e4ace4fc5cc5bd7c9c03ba52235a6350e3c0fe6d3d-primary.sqlite repomd.xml
What happens if you open that with sqlite3 and use the SELECT query I've provided earlier?
SELECT * FROM packages WHERE name='libXcompshad3';
I've that's indeed also giving back libXcompshad3 output (description and other metadata)... I'm lost.
[PAH-TEST-134-62-62] x2go-release-epel> sha512sum 3e2ca432eee448392bed25e4ace4fc5cc5bd7c9c03ba52235a6350e3c0fe6d3d-primary.sqlite f499aed1fe3fb84e786e7bccceb663dbadf11191ba6dc6d612a260ec34764f52f74d126fdefb05d49d8df34e44f1150f8bbc40254eef7d27fcbbf8c574fe0b57 3e2ca432eee448392bed25e4ace4fc5cc5bd7c9c03ba52235a6350e3c0fe6d3d-primary.sqlite
My checksums match yours. Crap. There goes this theory.
And the install still fails as before.
Next I used yumdownloader to download x2goserver and all its dependencies (except libXcompshad3 which it cannot see). I then used sha512sum to compare those files with the ones that came down through rsync. Since the rsync is not tunneled it may be no different than http download as far as any firewall is concerned, if indeed they are doing any virus checking. I have had no problems with RedHat or Epel. Anyway, the sums for all but perl-Capture-Tiny were the same. Has that changed since June 30 22:30 UTC?
I think so, some extra packages were not signed at all. I did that manually as described in my wall of text eMail. As adding a signature naturally changes an RPM, there's nothing to worry about.
This said, I will have to re-sign all packages because the current method isn't... consistent (using two different keys for packages and repo data.)
Mihai