[Rpm-maint] [rpm-software-management/rpm] Implement merging of new key material when importing pubkeys (PR #3083)
Jakub Kadlčík
notifications at github.com
Fri Nov 1 16:57:30 UTC 2024
Thank you all for working on this.
Many Copr users encountered this issue, so the fix is greatly appreciated.
As I understand the discussion, the feature should already be released and available?
I am testing it in a F41 container:
```bash
$ rpm -q rpm
rpm-4.20.0-1.fc41.x86_64
$ rpm -q rpm-sequoia
rpm-sequoia-1.7.0-2.fc41.x86_64
```
And this is my reproducer:
```bash
$ dnf install faketime diffutils
# Download some keys
$ curl https://raw.githubusercontent.com/xsuchy/distribution-gpg-keys/64392d70990254bb10876d68b451c0242dde4f95/keys/copr/copr-agriffis-neovim-nightly.gpg > old.gpg
$ curl https://raw.githubusercontent.com/xsuchy/distribution-gpg-keys/83ac2d8fd74a595687b0ecbb04081864cf59da01/keys/copr/copr-agriffis-neovim-nightly.gpg > new.gpg
# Pretend we imported an old key 5 years ago
$ faketime '-5years' rpm --import old.gpg
# See information about the key
$ rpm -q gpg-pubkey
gpg-pubkey-e99d6ad1-64d2612c
gpg-pubkey-453d6413-5c7aa779
$ rpm -qi gpg-pubkey-453d6413-5c7aa779 > old
# Import a new key
$ rpm --import new.gpg
# None of the information changed
$ rpm -q gpg-pubkey
gpg-pubkey-e99d6ad1-64d2612c
gpg-pubkey-453d6413-5c7aa779
$ rpm -qi gpg-pubkey-453d6413-5c7aa779 > new
$ diff old new
$
```
So it doesn't seem to work. Am I testing the feature correctly?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3083#issuecomment-2452224231
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3083/c2452224231 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241101/643dafaf/attachment.html>
More information about the Rpm-maint
mailing list