From a5b4da09e53ac25abeb002adab3cb29c0fd674ca Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 3 Mar 2026 09:35:10 +0100 Subject: [PATCH] ensure:redhat_gpgkey_installed: in ansible remediation use direct command instead of rpmkey Ansible module The module is currently not working when encountering keys with PQC signatures Relevant issue: https://github.com/ansible/ansible/issues/86157 --- .../ensure_redhat_gpgkey_installed/ansible/shared.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml index 750852c52a4f..514841546662 100644 --- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml +++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml @@ -64,9 +64,7 @@ {{% endif %}} - name: "{{{ rule_title }}}: Import RedHat GPG key" - ansible.builtin.rpm_key: - state: present - key: /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release + ansible.builtin.command: rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release when: - gpg_key_directory_permission.stat.mode <= '0755' - (gpg_installed_fingerprints | difference(gpg_valid_fingerprints)) | length == 0