When upgrading OS, dnf and rpm fails on SHA1 packages

By: | Post date: April 2, 2025 | Comments: No Comments

Posted in categories: Computer Tips, Work related

First, use

rpm -q gpg-pubkey –qf ‘%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n’

to identify keys from obsolete repositories, then use

rpm -e gpg-pubkey-xxxxxxxx-yyyyyyyy

to remove the keys that were imported from the SHA1 era.

Then have the offending packages removed by

rpm -q –nosignature –querybynumber xxxx

where you can get the xxxx from the stderr messages from

rpm -qa >/dev/null

Be the first to comment!

Leave a Reply