I’ve got the percona-release RPM installed, which configures the YUM repository (https://www.percona.com/doc/percona-…um_repo.html):
rpm -qi percona-release
Name : percona-release Relocations: (not relocatable)
Version : 0.1 Vendor: (none)
Release : 3 Build Date: Mon 22 Sep 2014 04:09:02 AM EDT
Install Date: Thu 10 Jan 2019 09:52:07 AM EST Build Host: vps-centos5-x64-03.ci.percona.com
Group : System Environment/Base Source RPM: percona-release-0.1-3.src.rpm
Size : 5921 License: GPL-3.0+
Signature : DSA/SHA1, Mon 22 Sep 2014 04:09:07 AM EDT, Key ID 1c4cbdcdcd2efd2a
Summary : Package to install Percona GPG key and YUM repo
Description :
percona-release package contains Percona GPG public key and Percona repository configuration for YUM
But today, I noticed there’s an upgrade, but when I try to install, it complains that the package was signed by an untrusted key. I downloaded the RPM file and checked its key:
rpm -qip /tmp/percona-release-1.0-3.noarch.rpm
warning: /tmp/percona-release-1.0-3.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 8507efa5: NOKEY
Name : percona-release Relocations: (not relocatable)
Version : 1.0 Vendor: (none)
Release : 3 Build Date: Mon 24 Dec 2018 02:54:31 AM EST
Install Date: (not installed) Build Host: minimal-centos-7-x64-1316.ci.percona.com
Group : System Environment/Base Source RPM: percona-release-1.0-3.src.rpm
Size : 18261 License: GPL-3.0+
Signature : RSA/8, Mon 24 Dec 2018 02:54:33 AM EST, Key ID 9334a25f8507efa5
Summary : Package to install Percona GPG key and YUM repo
Description :
percona-release package contains Percona GPG public keys and Percona repository configuration for YUM
Sure enough, it doesn’t match. Is this percona-release-1.0.3 package legitimate? Why the different signing key?
Thanks
Norman