Thank you, RedHat!
Sometimes it are the small things that drive you nuts ...
Sometimes it are the small things that drive you nuts. Just like this one: I prepared the new YUM repositories for BlueOnyx 5107R and 5108R RPMs.
Of course we sign our RPMs with the project's GPG key. So I needed to export the GPG key (public and secret key) and needed to import it on the RHEL6 development box. Which is all pretty straightforward.
The public key imported fine, but not the secret key:
[root@devel6 ~]# gpg --allow-secret-key-import --import ~/bx_sec.gpg gpg: importing secret keys not allowed gpg: Total number processed: 1 gpg: secret keys read: 1
Now why the heck wasn't I allowed to import the secret key? While digging around on Google I got a bit mislead about the different GnuPG versions, but eventually the culprit seemed to be SELinux. If enabled, SELinux disallows the export and import of secret GnuPG keys. Which shouldn't be an issue, as the devel box had SELinux disabled. So why did it still refuse to work?
Eventually I grabbed the GnuPG2 SRPM off the RedHat mirror and checked the specfile. Aha. That's why:
%configure \ --disable-rpath \ --enable-selinux-support
Great. Just took a couple of hours to find and fix. \o/