https://tracker.ceph.com/https://tracker.ceph.com/favicon.ico2020-04-09T07:48:04ZCeph sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1628832020-04-09T07:48:04ZSebastian Wagner
<ul><li><strong>Blocks</strong> <i><a class="issue tracker-1 status-5 priority-4 priority-default closed" href="/issues/44972">Bug #44972</a>: cephadm: add-repo on ubuntu broken</i> added</li></ul> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1634202020-04-16T21:50:54ZDavid Galloway
<ul><li><strong>Assignee</strong> set to <i>David Galloway</i></li></ul><p>How do you convert it? I'm not finding anything that even indicates gpg has a version 4.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1638812020-04-23T11:06:53ZSebastian Wagner
<ul></ul><pre>
apt-key add release.asc
</pre>
<p>automatically converts it to the correct format.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1643392020-04-28T14:05:44ZDavid Galloway
<ul></ul><p>Is the resulting <code>/etc/apt/trusted.gpg</code> file something that should be reused though? It's not ascii.</p>
<p>This works fine on Debian 10: <code>wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add -</code> as our docs suggest.</p>
<p>I tried importing the key then exporting it using <code>apt-key export</code> but it just outputs the same public key block (minus <code>Version: GnuPG v1</code>)</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1647902020-05-04T13:37:44ZSebastian Wagner
<ul></ul><p>yes, `apt-key` works, but would require to add gnupg as a dependency for cephadm on all hosts.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1648262020-05-04T17:28:22ZDavid Galloway
<ul></ul><p>What I'm getting at is, is <code>/etc/apt/trusted.gpg</code> after apt converts the key portable? Can we just throw trusted.gpg on download.ceph.com and it'll work universally?</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1705542020-07-14T14:05:54ZJon Spriggs
<ul></ul><p>For those trying to follow along, I ended up doing this:</p>
<p><code>curl https://download.ceph.com/keys/release.asc | gpg --no-default-keyring --keyring /tmp/fix.gpg --import - && gpg --no-default-keyring --keyring /tmp/fix.gpg --export > /etc/apt/trusted.gpg.d/ceph.release.gpg && rm /tmp/fix.gpg</code></p>
<p>The key import itself works fine, it's just that the Debian repo it matches against can't process the type 1 GPG key.</p>
<p>The output files in <code>/etc/apt/trusted.gpg.d/</code> (e.g. <code>debian-archive-buster-stable.gpg</code>) are also not ascii files, they're data blobs.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1705582020-07-14T15:09:31ZDavid Galloway
<ul></ul><p>Jon Spriggs wrote:</p>
<blockquote>
<p>The output files in <code>/etc/apt/trusted.gpg.d/</code> (e.g. <code>debian-archive-buster-stable.gpg</code>) are also not ascii files, they're data blobs.</p>
</blockquote>
<p>Are the data blobs portable? Could I just upload those to download.ceph.com and have our tooling pull the new keys if the OS is using the newer GPG version?</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1721822020-08-01T13:24:55ZMohammed Naser
<ul></ul><p>I am running into this issue on Debian buster. I'm happy to contribute the changes if someone wants to upload things on the Ceph side.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1722302020-08-03T14:59:43ZDavid Galloway
<ul></ul><p>Mohammed Naser wrote:</p>
<blockquote>
<p>I am running into this issue on Debian buster. I'm happy to contribute the changes if someone wants to upload things on the Ceph side.</p>
</blockquote>
<p>I'd be happy to upload a patched key. I just still haven't gotten confirmation that a patched key is portable. i.e., if a key you've imported on your machine can be imported to any machine.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1722442020-08-03T15:33:52ZMohammed Naser
<ul></ul><p>Cool. I decided to run a little experiment in that case:</p>
<pre><code class="text syntaxhl"><span class="CodeRay">docker run -it --rm debian:buster
apt update
apt install curl gnupg
curl https://download.ceph.com/keys/release.asc | gpg --no-default-keyring --keyring /tmp/fix.gpg --import - && gpg --no-default-keyring --keyring /tmp/fix.gpg --export > /etc/apt/trusted.gpg.d/ceph.release.gpg && rm /tmp/fix.gpg
md5sum /etc/apt/trusted.gpg.d/ceph.release.gpg
</span></code></pre>
<p>The md5sum was <code>86c50270e710a52ba54922f8959bb253</code>. I reran the same exact thing in another Docker container and ended up with the same md5sum. Now, to test the theory that it's portable, I uploaded that file here:</p>
<p><a class="external" href="https://bashupload.com/rPoHl/nYBR_.gpg">https://bashupload.com/rPoHl/nYBR_.gpg</a></p>
<p>I launched a new container again, but this time using the consumed key:</p>
<pre><code class="text syntaxhl"><span class="CodeRay">docker run -it --rm debian:buster
apt update
apt install curl
curl https://bashupload.com/rPoHl/nYBR_.gpg > /etc/apt/trusted.gpg.d/ceph.release.gpg
echo deb https://download.ceph.com/debian-octopus/ buster main | tee /etc/apt/sources.list.d/ceph.list
apt update
apt install librados2
apt info librados2
</span></code></pre>
<p>The result returns</p>
<pre><code class="text syntaxhl"><span class="CodeRay"># apt info librados2
Package: librados2
Version: 15.2.4-1~bpo10+1
Priority: optional
Section: libs
Source: ceph
Maintainer: Ceph Maintainers <ceph-maintainers@lists.ceph.com>
Installed-Size: 13.4 MB
Depends: libblkid1 (>= 2.17.2), libc6 (>= 2.28), libgcc1 (>= 1:3.0), libibverbs1 (>= 1.1.6), liblttng-ust0 (>= 2.5.0), librdmacm1 (>= 1.0.15), libssl1.1 (>= 1.1.0), libstdc++6 (>= 6), libudev1 (>= 183), zlib1g (>= 1:1.1.4)
Conflicts: librados
Replaces: librados
Homepage: http://ceph.com/
Download-Size: 3110 kB
APT-Manual-Installed: yes
APT-Sources: https://download.ceph.com/debian-octopus buster/main amd64 Packages
Description: RADOS distributed object store client library
N: There is 1 additional record. Please use the '-a' switch to see it
</span></code></pre>
<p>So, my little experiment confirms that it works and feel free to reproduce it with the instructions above. :)</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1734242020-08-21T16:33:29ZDavid Galloway
<ul></ul><p>Mohammed Naser wrote:</p>
<blockquote>
<p>Cool. I decided to run a little experiment in that case:</p>
</blockquote>
<p>Thanks so much for this!</p>
<p>@Sebastian, can we have cephadm start using <a class="external" href="http://download.ceph.com/keys/release.gpg">http://download.ceph.com/keys/release.gpg</a> instead of release.asc?</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1734252020-08-21T16:34:13ZDavid Galloway
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Fix Under Review</i></li></ul> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1734312020-08-21T17:24:25ZMohammed Naser
<ul></ul><p>I believe that the following section must be updated:</p>
<p><a class="external" href="https://github.com/ceph/ceph/blob/cb529acaf485a62c48df557341a88d3092823ee2/src/cephadm/cephadm#L4289-L4290">https://github.com/ceph/ceph/blob/cb529acaf485a62c48df557341a88d3092823ee2/src/cephadm/cephadm#L4289-L4290</a></p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1752472020-09-16T21:04:24ZNathan Cutlerncutler@suse.cz
<ul></ul><p>David Galloway wrote:</p>
<blockquote>
<p>@Sebastian, can we have cephadm start using <a class="external" href="http://download.ceph.com/keys/release.gpg">http://download.ceph.com/keys/release.gpg</a> instead of release.asc?</p>
</blockquote>
<p>I don't know the answer to that, but I tried simply replacing 'release.asc' with 'release.gpg' in the cephadm source code and that doesn't work.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1752492020-09-16T21:11:32ZDavid Galloway
<ul><li><strong>Status</strong> changed from <i>Fix Under Review</i> to <i>Need More Info</i></li></ul><p>Okay, well I did what was asked. If there's another format I need to upload, let me know.</p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1872522021-03-10T15:05:11ZSebastian Wagner
<ul><li><strong>Related to</strong> <i><a class="issue tracker-1 status-9 priority-3 priority-lowest closed" href="/issues/49436">Bug #49436</a>: cephadm bootstrap fails to create /etc/ceph directory</i> added</li></ul> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1970722021-06-14T14:29:00ZSebastian Wagner
<ul></ul><p><a class="external" href="https://github.com/ceph/ceph/pull/41813">https://github.com/ceph/ceph/pull/41813</a></p> sepia - Bug #45009: https://download.ceph.com/keys/release.asc: ignored as the file has an unsupported filetype.https://tracker.ceph.com/issues/45009?journal_id=1984972021-07-06T15:59:21ZSebastian Wagner
<ul><li><strong>Status</strong> changed from <i>Need More Info</i> to <i>Closed</i></li></ul><p>done</p>