About two days ago, Software Update started asking me for me root password in order to update packages. It gives me a dialog box saying:
The software is not from a trusted source. Do not update these
packages unless you are sure it is safe to do so.
Naturally, I am concerned. Unfortunately it doesn't give any indication as to exactly what it doesn't like. It's trying to update four packages: ethtool, libical, polkit-qt and ffmpeg-libs. Trying to update any one of these singly also brings up the same dialog box.
I then tried to install yumex since I was told it might help give me more information. Here I discovered Add/Remove Software gives me the same dialog, regardless of the package I choose. yum always wants a root password to perform an update so I'm hesitant to try this.
My question is, what is wrong? Are all my keys out of date due to the new year? I don't know how to use yum to update/verify the keys but everything worked fine last week. All of my repo files have GPG key paths in them. The only non-repository software I've installed recently is massif-visualizer, which I compiled manually.
This is on Fedora 16, x86_64. Apparently there has been no … interest in updating this dialog box to be more informative.
Best Answer
I think this Bug report is the very problem you ran into, caused by the installation of PackageKit-0.6.21-1.fc16.x86_64:
The fix is to upgrade PackageKit (and PackageKit-glib) to PackageKit-0.6.21-2.fc16 or newer. Since you have a 64-bit Fedora system, be sure to install both the 32-bit and 64-bit versions of PackageKit and PackageKit-glib.
or simply
You could also download and install the updated rpms for PackageKit and PackageKit-glib (both i686 and x86_64 versions) from this site.