Assalam Alikum,

I got the mandrake 9.2 CDs lately (thanks to the guy who gave them to me :) ) and I wanted to add the extras, I could follow the steps in the read me file but I faced the problem of the signature keys.....can you please give me the steps needed from A to Z in the form of 1, 2, 3, steps?

Max

I have chosen to ignore the signature and proceed in updating but after I have finished, the kiker menu became shorter and most of the available options disappeared :( why is that?
Someone should talk guys

Max

now the kicker has fewer options!
And you say mandrake rocks!!!

Max

Originally posted by mborn
now the kicker has fewer options!
And you say mandrake rocks!!!

Max
hi mborn!
mandrake beats redhat anyday :-p

peace!

the truth out of a gentooer's mouth :rolleyes:

I can now rest in peace :D

Sorry for late, My Motherboard was fried!
mborn: run update-menus

I need the steps that I should follow, so I can do it if I need to, how should I do the update from extra CDs, in the form of 1, 2, 3,... !
I hereby attest that i shall get back to RH if I dont get the info within no time; :)

MAX

OoO, RH is the O.

the steps are described in the readme
under the INTEGRITY section
and there is a warning about this in the UPDATES section


You may get warnings or error messages about the packages signatures,
this is due to a missing GPG key.
To avoid seeing these messages add the MandrakeSecurity team GPG using
the method described in the *Integrity* section of this file.



what you need is to grab the relevant keys from the internet

the important key for updates is 22458a98

connect to the net and run


gpg --keyserver www.mandrakesecure.net --recv-keys 22458a98
gpg --armor --export 22458a98 > mdk_sec.asc
rpm --import mdk_sec.asc


repeat these steps for the other keys.

unfortunatly two of the packagers irresposibly used expirable keys on these packages so yopu may still get key errors with the Contrib and Norlug packages.

AFAIK there is nothing I can do about this problem (I'm open to advices)


a later version of the extras fixed the menu's problem (this is the version that Safrout has and the one which will be widely distributed).

but the problem is easily solved by opening a terminal and running this command as root

update-menus


Mandrake rocks, yes, is bug free no

cheers,
Alaa

but I cont surf the net from Linux!?
Isn't there any other possibility to fix this without the net? I mean If I say that I agree to install without the keys, will it be OK?
Also, are the extras with Safrout updated than the ones I had from a friend here?

Max

yes you can get the kys of the web from any OS that can access the internet from http://www.mandrakesecure.net/cks/

save the keys to some text file then run


rpm --import /mnt/windows/path/key_file


maybe I should add this to the readme

you can also skip the signature checking by running urpmi commands with the option --no-verify-rpm
so to update system you'd run


urpmi --no-verify-rpm --updates --auto-select


to make rpmdrake ignore signatures use

rpmdrake --no-verify-rpm


tab3an ignoring signatures is not a good idea at all specialy for the security updates.

and yes the version of extras safrout has is more uptodate.

I keep extras in sync with the mirrors, tab3an I should have used a versioning scheme like putting the date or something on them, but hey I'm learning :-)

cheers,
Alaa

you mean I should find each key for each package to be updated?
if yes, then I think I dont need these keys!

Max

Ps.
Should u please be generous with an example of a package to be updated and another to be added, also be patient with me and my ignrance of this key thing :)

THANX

la2 please read the integrety section in my readme
if it ain't clear enough tell me which parts are confusing so I can fix it (you don't want others to suffer do you?)

anyway no you need a key for each packager.

under the integrity section I listed all the keys that are used in these CDs, you need to get these keys.

the most important ones being the Mandrake Security Team's key which is 22458a98

go to http://www.mandrakesecure.net/cks/
paste the key id in the box titled Search by 4 byte keyID: and hit search

you'll get a page describing the key and all the people who signed it
scroll down until you get this

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: CryptNET Keyserver Version 0.1.0
Comment: http://www.mandrakesecure.net/


starting from BEGIN PGP PUBLIC KEY BLOCK to END PGP PUBLIC KEY BLOCK

this is the key, you need to copy this and paste it into a file

now after you do so you need to import it into rpm's keyring


rpm --import file_with_key_in_it


should do the trick

afterwards installing any file signed by this key should not trigger any warnings unless the file is actualy corrupt.

so if you get the Mandrake Security Team's key you can install updates without worrying about it

now as I mentioned before some packages are signed with expired keys so you can't check their integrity anymore, I suppose you can still get they keys from the keyserver but it'll still trigger an error

these packages are slowly being replaced but I have no solution for this at the moment.

the packages where you might meat this problem are the ones in the NORLUG repository and the some of the Contrib repository (NORLUG is on CD1 and Contrib on cd 2).

again its all in the README, please read it carefully and send bug reports.

cheers,
Alaa

I shall do all this when I finish my su problems

Max