I have a vanilla 11 11/11 lab system (x64, in VirtualBox) that I've tried to upgrade to 11.1:
# uname -a
SunOS alpha 5.11 11.0 i86pc i386 i86pc
# pkg list entire
NAME (PUBLISHER) VERSION IFO
entire 0.5.11-0.175.0.0.0.2.0 i--
# pkg publisher
PUBLISHER TYPE STATUS URI
solaris origin online http://pkg.oracle.com/solaris/release/
It has full connectivity to the Internet, and I've tried pointing it to the public release repo, a local 11.1 repo that has had the update ISO injected into it, and with a single loopback repo pointing to only the upgrade ISO (sol-11_1-upgrade-repo.iso, md5 verified). In all 3 cases I get this at the first stage of the upgrade:
# pkg update
Creating Plan |
pkg update: A signature in pkg://email@example.com,5.11-0.175.0.10.1.0.0:20120918T164707Z could not be verified for this reason:
The signature value did not match the expected value. Res: 0
The signature's hash is 235c7674d821032ae3eeda280c7837d1f1f4fdb5
I must be missing something simple, because I can't imagine a bad signature in the public or upgrade-ISO repos. Any ideas?
If possible, please file a support request for this issue through the My Oracle Support portal so that the details of the issue can be captured.
With that said, executing the following commands may provide a viable workaround:
pkg set-property signature-policy=ignore
pkg set-publisher --set-property signature-policy=ignore solaris
Once the above commands have been executed, attempt the pkg update again. If successful, then after rebooting to the new boot environment, reset the properties as follows:
pkg unset-property signature-policy
pkg set-publisher --unset-property signature-policy
Thanks swalker, that's exactly what I needed to get over the hump: I'm on 11.1 now.
For the next person with this problem there's a slight tweak to the commands: remove the "=" from the set-property lines, and add "solaris" to the last unset publisher property line: pkg set-property signature-policy ignore
*pkg set-publisher --set-property signature-policy=ignore solaris*
(...perform the updates...) pkg unset-property signature-policy
*pkg set-publisher --unset-property signature-policy solaris*
Now that I made it through the upgrade, regular pkg commands seem to run fine checking signatures.