[Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)

chantra notifications at github.com
Thu Feb 3 01:45:40 UTC 2022


@pmatilai ,

I am actually taking @malmond77 's work and working on it. I suspect this PR got popped back into your list because of the commits going into my branch.

@malmond77 existing work, but ported to work on top of master (and more exactly to work on top of https://github.com/rpm-software-management/rpm/pull/1534 ), is https://github.com/chantra/rpm/tree/cow

>From there, I have been trying to resolve @DemiMarie 's concerns in https://github.com/chantra/rpm/tree/cow_signvalidation with this approach:
- while reading the file from `stdin` the content is passed into `rpmpkgVerifySigs`, at least some form of it, slightly modified to not log to `stdout` so we can capture the results of the signature verifications.
- capture the result of that call and put it into the transcoded file footer metadata.
- `rpmkeys`, can then check if the file is transcoded, and if so, return the rc code and text that was generated during transcoding.

This approach alllows to validate the authenticity of the rpm during transcode time. From there on, if deemed valid at transcode time, the result is essentially cached in the file.

Now, I understand you have concerns about the use of internal APIs, and I totally agree with  your concerns, and as much I am willing to put some effort in making this happen, some guidance from your side will be useful and very much appreciated to define what should/could become public, and what could not. So would I appreciate a reasonable compromise that would allows moving forward without a whole refactoring of the current APIs.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-1028525125
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/1470/c1028525125 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220202/b5d75367/attachment.html>


More information about the Rpm-maint mailing list