[Rpm-maint] [rpm-software-management/rpm] Support imports to fs keyring too (PR #1962)
Demi Marie Obenour
notifications at github.com
Mon Mar 21 10:38:31 UTC 2022
> I my mental model files in /usr are meant to be owned by rpm. Or let's not say owned but rather _verifiable_ by rpm. Just dropping a file into a `%_keyringpath` in /usr would produce something that cannot be verified. So keys in /usr would actually have to be installed as payload of an rpm package.
The RPMDB is being moved to `/usr` in Fedora 36, and it is very much _not_ verifiable.
> What could work would be to turn `%_keyringpath` into an array (colon/coma separated?) and use eg the first element as the write location (like eg `$XDG_*` env vars do). Then the write location could be somewhere in `/etc`.
What if `%_keyringpath` is a colon-separated list of paths, which each must start with `/` or `./`, and where `::` is interpreted as a literal `:`? So something like `/a:::/b` means `/a:` followed by `/b`.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1962#issuecomment-1073738231
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/1962/c1073738231 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220321/b65bfeea/attachment.html>
More information about the Rpm-maint
mailing list