[Rpm-maint] [rpm-software-management/rpm] RPM fsverity support (#1203)

jessorensen notifications at github.com
Thu May 28 14:56:20 UTC 2020


@jessorensen commented on this pull request.



>      if (deleting) {	/* Nuke all the signature tags. */
 	deleteSigs(sigh);
+	deleteFileSigs(sigh);

> The IMA signatures originally were covered by package signature, but that breaks some fundamental rpm rules so it was changed in a latter release. So these days file signatures are entirely separate items, and can be added and removed without affecting others.

Sweet, I was under the assumption that they were covered, so didn't want to go down that path. I'll have a look at adding this as a separate --delfilesigs option. I think it's reasonable to delete all file signatures with one option, IMA and fsverity, but I can also make it two, if you prefer.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1203#discussion_r431902614
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20200528/abfd9c55/attachment.html>


More information about the Rpm-maint mailing list