[Rpm-maint] [rpm-software-management/rpm] RPM 4.20.1 (PR #3561)
Michal Domonkos
notifications at github.com
Mon Feb 10 10:46:16 UTC 2025
Maintenance update. Commits that needed backporting are listed below (along with their diffs from the original):
<details>
<summary>bf13d2db6bd2a8569de81a5ccaebf8362f61cf84 Filter Lua deprecation warnings based on the originating rpm version</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 532e6b90652154842fc765f87f60c97f20f7d656
+commit bf13d2db6bd2a8569de81a5ccaebf8362f61cf84
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Mon Sep 2 16:21:22 2024 +0300
@@ -13,9 +13,11 @@ Date: Mon Sep 2 16:21:22 2024 +0300
an rpm version where these functions were not yet deprecated.
Usage through rpmlua and macros always gets warnings: those are things
that can technically be fixed by the user.
+
+ (backported from commit 532e6b90652154842fc765f87f60c97f20f7d656)
diff --git a/lib/rpmscript.c b/lib/rpmscript.c
-index 7f49e00ea..b76c5e848 100644
+index 7ec5c08e0..eb14870b3 100644
--- a/lib/rpmscript.c
+++ b/lib/rpmscript.c
@@ -36,6 +36,7 @@ struct rpmScript_s {
@@ -54,19 +56,19 @@ index 7f49e00ea..b76c5e848 100644
script->chroot = 1;
rasprintf(&script->descr, "%%%s%s(%s)", prefix, tag2sln(tag), nevra);
-@@ -706,6 +716,7 @@ rpmScript rpmScriptFree(rpmScript script)
- free(script->args);
+@@ -707,6 +717,7 @@ rpmScript rpmScriptFree(rpmScript script)
free(script->body);
free(script->descr);
+ free(script->nextFileFunc);
+ free(script->rpmver);
- delete script->nextFileFunc;
- delete script;
+ free(script);
}
+ return NULL;
diff --git a/rpmio/lposix.c b/rpmio/lposix.c
-index 62fe7db07..4f53a3eb1 100644
+index f25be36a3..ff9c2c9cb 100644
--- a/rpmio/lposix.c
+++ b/rpmio/lposix.c
-@@ -333,7 +333,7 @@ static int Pmkfifo(lua_State *L) /** mkfifo(path) */
+@@ -331,7 +331,7 @@ static int Pmkfifo(lua_State *L) /** mkfifo(path) */
static int Pexec(lua_State *L) /** exec(path,[args]) */
{
@@ -75,7 +77,7 @@ index 62fe7db07..4f53a3eb1 100644
const char *path = luaL_checkstring(L, 1);
int i,n=lua_gettop(L);
-@@ -354,7 +354,7 @@ static int Pexec(lua_State *L) /** exec(path,[args]) */
+@@ -355,7 +355,7 @@ static int Pexec(lua_State *L) /** exec(path,[args]) */
static int Pfork(lua_State *L) /** fork() */
{
@@ -84,7 +86,7 @@ index 62fe7db07..4f53a3eb1 100644
pid_t pid = fork();
if (pid == 0) {
-@@ -366,7 +366,7 @@ static int Pfork(lua_State *L) /** fork() */
+@@ -367,7 +367,7 @@ static int Pfork(lua_State *L) /** fork() */
static int Pwait(lua_State *L) /** wait([pid]) */
{
@@ -107,10 +109,10 @@ index b9874cb06..f1f210edc 100644
RPM_GNUC_INTERNAL
int luaopen_posix (lua_State *L);
diff --git a/rpmio/rpmlua.c b/rpmio/rpmlua.c
-index 8996328f1..36d7458de 100644
+index 7a4144db4..76dd67e51 100644
--- a/rpmio/rpmlua.c
+++ b/rpmio/rpmlua.c
-@@ -759,7 +759,7 @@ static int rpm_redirect2null(lua_State *L)
+@@ -787,7 +787,7 @@ static int rpm_redirect2null(lua_State *L)
{
int target_fd, fd, r, e;
@@ -119,7 +121,7 @@ index 8996328f1..36d7458de 100644
if (!_rpmlua_have_forked)
return luaL_error(L, "redirect2null not permitted in this context");
-@@ -1365,8 +1365,22 @@ static int luaopen_rpm(lua_State *L)
+@@ -1395,8 +1395,22 @@ static int luaopen_rpm(lua_State *L)
return 1;
}
```
</details>
<details>
<summary>e82c9e1cf0409a5730af7adff4096da8aff5d2df Add an optional lockmode argument to the internal rpmlock API</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 66e024ca9124fcaede6c7fd85a49c370ab7c9866
+commit e82c9e1cf0409a5730af7adff4096da8aff5d2df
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Fri Oct 11 13:49:58 2024 +0300
@@ -7,11 +7,13 @@ Date: Fri Oct 11 13:49:58 2024 +0300
It's a bit hysterical that rpmlock has this elaborate fallback code
when it cannot create a lock file, but then it didn't actually
support taking a read-only lock at all. Well, now it does.
+
+ (backported from commit 66e024ca9124fcaede6c7fd85a49c370ab7c9866)
-diff --git a/lib/rpmlock.cc b/lib/rpmlock.cc
-index d177ba679..6335f81e0 100644
---- a/lib/rpmlock.cc
-+++ b/lib/rpmlock.cc
+diff --git a/lib/rpmlock.c b/lib/rpmlock.c
+index 457489fde..cbadba7dc 100644
+--- a/lib/rpmlock.c
++++ b/lib/rpmlock.c
@@ -124,7 +124,7 @@ rpmlock rpmlockNew(const char *lock_path, const char *descr)
return lock;
}
@@ -36,16 +38,25 @@ index d177ba679..6335f81e0 100644
}
if (!locked) {
rpmlog(RPMLOG_ERR, _("can't create %s lock on %s (%s)\n"),
-diff --git a/lib/rpmlock.hh b/lib/rpmlock.hh
-index 7bd09a8d8..ea041ac38 100644
---- a/lib/rpmlock.hh
-+++ b/lib/rpmlock.hh
+@@ -155,7 +155,7 @@ void rpmlockRelease(rpmlock lock)
+ rpmlock rpmlockNewAcquire(const char *lock_path, const char *descr)
+ {
+ rpmlock lock = rpmlockNew(lock_path, descr);
+- if (!rpmlockAcquire(lock))
++ if (!rpmlockAcquire(lock, RPMLOCK_WRITE))
+ lock = rpmlockFree(lock);
+ return lock;
+ }
+diff --git a/lib/rpmlock.h b/lib/rpmlock.h
+index 7bd09a8d8..ffc65dcd2 100644
+--- a/lib/rpmlock.h
++++ b/lib/rpmlock.h
@@ -18,7 +18,7 @@ RPM_GNUC_INTERNAL
rpmlock rpmlockNewAcquire(const char *lock_path, const char *descr);
RPM_GNUC_INTERNAL
-int rpmlockAcquire(rpmlock lock);
-+int rpmlockAcquire(rpmlock lock, int lockmode = RPMLOCK_WRITE);
++int rpmlockAcquire(rpmlock lock, int lockmode);
RPM_GNUC_INTERNAL
void rpmlockRelease(rpmlock lock);
```
</details>
<details>
<summary>9b34c9d22b0bbd7d651c9b90740996ddea499935 Honor read-only transaction lock mode</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 93c0c1fd2b79365cad757595d301a0b27a7e2035
+commit 9b34c9d22b0bbd7d651c9b90740996ddea499935
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Fri Oct 11 13:57:53 2024 +0300
@@ -10,23 +10,25 @@ Date: Fri Oct 11 13:57:53 2024 +0300
Add test for export as a regular user (ie the fix here) and import
in general, we didn't have any tests for that before now.
+
+ (backported from commit 93c0c1fd2b79365cad757595d301a0b27a7e2035)
-diff --git a/lib/rpmts.cc b/lib/rpmts.cc
-index 6ba46a7c1..cb433a484 100644
---- a/lib/rpmts.cc
-+++ b/lib/rpmts.cc
-@@ -1479,7 +1479,8 @@ rpmtxn rpmtxnBegin(rpmts ts, rpmtxnFlags flags)
+diff --git a/lib/rpmts.c b/lib/rpmts.c
+index 021c40676..360fbd3cd 100644
+--- a/lib/rpmts.c
++++ b/lib/rpmts.c
+@@ -1368,7 +1368,8 @@ rpmtxn rpmtxnBegin(rpmts ts, rpmtxnFlags flags)
if (ts->lock == NULL)
ts->lock = rpmlockNew(ts->lockPath, _("transaction"));
- if (rpmlockAcquire(ts->lock)) {
+ int lockmode = (flags & RPMTXN_WRITE) ? RPMLOCK_WRITE : RPMLOCK_READ;
+ if (rpmlockAcquire(ts->lock, lockmode)) {
- txn = new rpmtxn_s {};
+ txn = (rpmtxn)xcalloc(1, sizeof(*txn));
txn->lock = ts->lock;
txn->flags = flags;
diff --git a/tests/rpmdb.at b/tests/rpmdb.at
-index a7f444849..c4cb94780 100644
+index c7d73d26f..f6868c139 100644
--- a/tests/rpmdb.at
+++ b/tests/rpmdb.at
@@ -78,6 +78,42 @@ hello-2.0-1.x86_64
```
</details>
<details>
<summary>9ba966a93909f8d83d40ed984e3b9c4160458233 Having no keys imported is not an error</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,22 +1,25 @@
-commit d666883624c5f2905c0bc70112895c33605ca264
+commit 9ba966a93909f8d83d40ed984e3b9c4160458233
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Tue Oct 15 09:28:36 2024 +0300
Having no keys imported is not an error
- ...any more than "ls" in an empty directory is. We should fix this
- in 4.20 too before people start making assumptions about this behavior.
+ ...any more than "ls" in an empty directory is.
+
+ Resolves: 3556
+ Co-authored-by: Florian Festi <ffesti at redhat.com>
+ (backported from commit d666883624c5f2905c0bc70112895c33605ca264)
diff --git a/tests/rpmdb.at b/tests/rpmdb.at
-index 7d29b32a4..9ed3349b5 100644
+index d3089df9b..f31ee645e 100644
--- a/tests/rpmdb.at
+++ b/tests/rpmdb.at
-@@ -199,9 +199,8 @@ runroot rpmkeys --delete 757bf69e
- runroot rpmkeys --delete eb04e625
+@@ -179,9 +179,8 @@ RPMTEST_CHECK([
+ runroot rpmkeys --delete 1964c5fc
runroot rpmkeys --list
],
-[1],
--[No keys installed
+-[package gpg-pubkey is not installed
-],
+[0],
+[],
@@ -24,46 +27,65 @@ index 7d29b32a4..9ed3349b5 100644
RPMTEST_CLEANUP
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 21c1c4d34..21d083951 100644
+index 2e2a7e724..4de76df0d 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -93,14 +93,10 @@ runroot rpmkeys --delete 1964c5fc
+@@ -29,6 +29,39 @@ runroot rpmkeys -Kv /data/RPMS/hello-2.0-1.x86_64.rpm /data/RPMS/hello-1.0-1.i38
[])
+ RPMTEST_CLEANUP
- RPMTEST_CHECK([
--# XXX rpmkeys on rpmdb returns "package gpg-pubkey is not installed" with
--# and error code when no keys are present, paper over
--runroot rpmkeys --list | grep -v "No keys installed" | wc -l
--exit 0
++AT_SETUP([rpmkeys key update and delete (rpmdb)])
++AT_KEYWORDS([rpmkeys signature])
++RPMDB_INIT
++# currently the default but make it explicit
++# root's .rpmmacros used to keep this build prefix independent
++echo "%_keyring rpmdb" >> "${RPMTEST}"/root/.rpmmacros
++runroot rpmkeys --import /data/keys/rpm.org-rsa-2048-test.pub
++
++RPMTEST_CHECK([
++runroot rpmkeys --delete abcd gimmekey 1111aaaa2222bbbb
++],
++[3],
++[],
++[error: package gpg-pubkey-abcd is not installed
++error: package gpg-pubkey-gimmekey is not installed
++error: package gpg-pubkey-1111aaaa2222bbbb is not installed
++])
++
++RPMTEST_CHECK([
++runroot rpmkeys --delete 1964c5fc
++],
++[0],
++[],
++[])
++
++RPMTEST_CHECK([
+runroot rpmkeys --list
- ],
- [0],
--[0
--],
++],
++[0],
+[],
- [])
- RPMTEST_CLEANUP
-
-diff --git a/tools/rpmkeys.cc b/tools/rpmkeys.cc
-index 7aeb4da6e..e358f0d9f 100644
---- a/tools/rpmkeys.cc
-+++ b/tools/rpmkeys.cc
-@@ -72,18 +72,12 @@ static int matchingKeys(rpmKeyring keyring, ARGV_const_t args, void * userdata,
- }
- }
- } else {
-- int found = false;
- auto iter = rpmKeyringInitIterator(keyring, 0);
- rpmPubkey key = NULL;
- while ((key = rpmKeyringIteratorNext(iter))) {
-- found = true;
- callback(key, userdata);
++[])
++RPMTEST_CLEANUP
++
+ # ------------------------------
+ # Test rpmkeys write errors
+ AT_SETUP([[rpmkeys -K no space left on stdout]])
+diff --git a/tools/rpmkeys.c b/tools/rpmkeys.c
+index c9fa7c3b8..6fbe0120e 100644
+--- a/tools/rpmkeys.c
++++ b/tools/rpmkeys.c
+@@ -98,12 +98,13 @@ int main(int argc, char *argv[])
+ case MODE_LISTKEY:
+ {
+ ARGV_t query = NULL;
++ QVA_t qva = &rpmQVKArgs;
+ if (args != NULL) {
+ query = gpgkeyargs(args);
+ } else {
++ qva->qva_source |= RPMQV_ALL;
+ argvAdd(&query, "gpg-pubkey");
}
- rpmKeyringIteratorFree(iter);
-- if (!found) {
-- rpmlog(RPMLOG_NOTICE, "No keys installed\n");
-- ec = EXIT_FAILURE;
-- }
- }
- return ec;
- }
+- QVA_t qva = &rpmQVKArgs;
+ rstrcat(&qva->qva_queryFormat, "%{version}-%{release}: %{summary}\n");
+ ec = rpmcliQuery(ts, &rpmQVKArgs, (ARGV_const_t) query);
+ query = argvFree(query);
```
</details>
<details>
<summary>654408a75f7e3f3c3e2c1029a2e5dd09974cb1d8 fix rpmdump output</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 0dda395cbcc78ec89fffbe2f7e37d38b693bfe2a
+commit 654408a75f7e3f3c3e2c1029a2e5dd09974cb1d8
Author: Matteo Croce <teknoraver at meta.com>
Date: Tue Nov 5 18:33:16 2024 +0100
@@ -6,12 +6,27 @@ Date: Tue Nov 5 18:33:16 2024 +0100
`rpmdump` prints the OS type field as architecture type.
Print the correct value.
+
+ (backported from commit 0dda395cbcc78ec89fffbe2f7e37d38b693bfe2a)
-diff --git a/tools/rpmdump.cc b/tools/rpmdump.cc
-index 8c3b7d6e2..329ce5978 100644
---- a/tools/rpmdump.cc
-+++ b/tools/rpmdump.cc
-@@ -81,7 +81,7 @@ static int readlead(int fd)
+diff --git a/tests/data/misc/rpmdump4.txt b/tests/data/misc/rpmdump4.txt
+index eeac859b2..2ebd738c5 100644
+--- a/tests/data/misc/rpmdump4.txt
++++ b/tests/data/misc/rpmdump4.txt
+@@ -2,7 +2,7 @@ Lead magic: edabeedb
+ Version 3.0
+ Type: 0
+ Name: attrtest-1.0-1
+-Arch: 1
++Arch: 255
+ OS: 1
+ Sigtype: 5
+
+diff --git a/tools/rpmdump.c b/tools/rpmdump.c
+index 730a35c86..de713d892 100644
+--- a/tools/rpmdump.c
++++ b/tools/rpmdump.c
+@@ -80,7 +80,7 @@ static int readlead(int fd)
printf("Version %d.%d\n", lead.major, lead.minor);
printf("Type: %hu\n", ntohs(lead.type));
printf("Name: %s\n", lead.name);
```
</details>
<details>
<summary>f7c42a2db517909a94be7b83f08f8ce60264d65f Add -Wformat-security to our default build flags</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,21 +1,23 @@
-commit d8992bd13b612e59147e7db50fb7d8c0de1cbb91
+commit f7c42a2db517909a94be7b83f08f8ce60264d65f
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Tue Nov 5 14:49:01 2024 +0200
Add -Wformat-security to our default build flags
Kinda shocking that this isn't included in -Wall
+
+ (backported from commit d8992bd13b612e59147e7db50fb7d8c0de1cbb91)
diff --git a/CMakeLists.txt b/CMakeLists.txt
-index f2a820b26..923265171 100644
+index 40a7c1d98..45c234570 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -399,7 +399,7 @@ configure_file(config.h.in config.h)
+@@ -394,7 +394,7 @@ configure_file(config.h.in config.h)
add_compile_definitions(HAVE_CONFIG_H)
--add_compile_options(-Wall -Wpointer-arith -Wempty-body)
-+add_compile_options(-Wall -Wpointer-arith -Wempty-body -Wformat-security)
+-add_compile_options(-Wall -Wpointer-arith -Wmissing-prototypes -Wstrict-prototypes -Wempty-body)
++add_compile_options(-Wall -Wpointer-arith -Wmissing-prototypes -Wstrict-prototypes -Wempty-body -Wformat-security)
if (ENABLE_WERROR)
add_compile_options(-Werror)
endif()
```
</details>
<details>
<summary>7b5ded3708c07e7dee942af3cd1fee7b5f5c698c Add test case for ima file signatures</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 4806340cb8fcf80de6909dfa9697ed3c454d3e03
+commit 7b5ded3708c07e7dee942af3cd1fee7b5f5c698c
Author: Florian Festi <ffesti at redhat.com>
Date: Wed Nov 20 14:18:43 2024 +0100
@@ -9,6 +9,7 @@ Date: Wed Nov 20 14:18:43 2024 +0100
Co-authored-by: Michal Domonkos <mdomonko at redhat.com>
Resolves: #3237
+ (backported from commit 4806340cb8fcf80de6909dfa9697ed3c454d3e03)
diff --git a/tests/data/keys/privkey.pem b/tests/data/keys/privkey.pem
new file mode 100644
@@ -22,14 +23,13 @@ index 000000000..a45087744
+xbwEh+e+lrhDLfj9+jJTOda4WD83Ng==
+-----END EC PRIVATE KEY-----
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 7e3df2795..4ef1e8165 100644
+index 4de76df0d..0857f2b25 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -1820,3 +1820,28 @@ POST-IMPORT
-
+@@ -1197,3 +1197,27 @@ POST-IMPORT
gpgconf --kill gpg-agent
RPMTEST_CLEANUP
-+
+
+AT_SETUP([ima])
+AT_KEYWORDS([rpmsign file signature])
+
```
</details>
<details>
<summary>1d51b1b35bd06e4360a00750622aa2865cbb7b16 Use imaevm_signhash if available</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 93f2d30001f16212d33b1c7344318798a785305e
+commit 1d51b1b35bd06e4360a00750622aa2865cbb7b16
Author: Florian Festi <ffesti at redhat.com>
Date: Thu Oct 31 15:36:41 2024 +0100
@@ -8,12 +8,13 @@ Date: Thu Oct 31 15:36:41 2024 +0100
Co-authored-by: Michal Domonkos <mdomonko at redhat.com>
Resolves: #3419
+ (backported from commit 93f2d30001f16212d33b1c7344318798a785305e)
diff --git a/CMakeLists.txt b/CMakeLists.txt
-index dfb0997d8..697fb9049 100644
+index ad6096632..1ccb490b2 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -295,6 +295,7 @@ endif()
+@@ -290,6 +290,7 @@ endif()
if (WITH_IMAEVM)
list(APPEND REQFUNCS lsetxattr)
@@ -33,16 +34,16 @@ index c5d459ae7..47a7d86d9 100644
#cmakedefine HAVE_LUTIMES @HAVE_LUTIMES@
#cmakedefine HAVE_LZMA_H @HAVE_LZMA_H@
#cmakedefine HAVE_MEMORY_H @HAVE_MEMORY_H@
-diff --git a/sign/rpmsignfiles.cc b/sign/rpmsignfiles.cc
-index 05c6db6e4..939d7bb2a 100644
---- a/sign/rpmsignfiles.cc
-+++ b/sign/rpmsignfiles.cc
+diff --git a/sign/rpmsignfiles.c b/sign/rpmsignfiles.c
+index 9095d9a27..9d96a2c37 100644
+--- a/sign/rpmsignfiles.c
++++ b/sign/rpmsignfiles.c
@@ -53,7 +53,16 @@ const char *key, char *keypass, uint32_t *siglenp)
signature[0] = '\x03';
/* calculate file signature */
+#if HAVE_IMAEVM_SIGNHASH
-+ imaevm_ossl_access access_info = {
++ struct imaevm_ossl_access access_info = {
+ .type = IMAEVM_OSSL_ACCESS_TYPE_NONE,
+ };
+ siglen = imaevm_signhash(algo, fdigest, diglen, key, keypass, signature+1, 0, &access_info, 0);
```
</details>
<details>
<summary>3d3ebff92b182784f6d7214b966e2618f41ac473 Add a test for deleting a misplaced IMA signature</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit b86d972c275d9f37ecb6825ed733951b50aa2d24
+commit 3d3ebff92b182784f6d7214b966e2618f41ac473
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Fri Nov 29 11:15:55 2024 +0200
@@ -15,16 +15,18 @@ Date: Fri Nov 29 11:15:55 2024 +0200
in sign/rpmgensig.cc right after the headerReload() call, and filesign
the vanilla tests/data/RPMS/hello-2.0-1.x86_64.rpm package with the
--fskpath=/data/keys/privkey.pem like in the ima test above this.
+
+ (backported from commit b86d972c275d9f37ecb6825ed733951b50aa2d24)
diff --git a/tests/data/RPMS/hello-2.0-1.x86_64-badima.rpm b/tests/data/RPMS/hello-2.0-1.x86_64-badima.rpm
new file mode 100644
index 000000000..05b135fb1
Binary files /dev/null and b/tests/data/RPMS/hello-2.0-1.x86_64-badima.rpm differ
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 0b92c929d..3c60868fe 100644
+index c06eaefb1..aaf05ecd0 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -1842,5 +1842,25 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" /data/RPMS/imatest-1.0-1.fc34.
+@@ -1220,5 +1220,26 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" /data/RPMS/imatest-1.0-1.fc34.
/usr/share/example2:030204a598255400473045022100c10943795bff5d9c0db53dd4f8e4b845615fd08a2be295c30a80f5bdb4e6a41302203038840cc6abaab92acb56cb3e3ce520b17f22ff7444a8d5d0f703a44d5307a3
],
[ignore])
@@ -39,7 +41,8 @@ index 0b92c929d..3c60868fe 100644
+rpmsign --delsign hello-2.0-1.x86_64-badima.rpm
+],
+[0],
-+[],
++[hello-2.0-1.x86_64-badima.rpm:
++],
+[])
+RPMTEST_CHECK([
```
</details>
<details>
<summary>3607c438e9147f510c64ecc8c2aadfc6839badbb Fix possible package corruption on --delsign/resign/addsign</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 1847fd6bea41f96ca545e744ee9ecc2896f6378a
+commit 3607c438e9147f510c64ecc8c2aadfc6839badbb
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Fri Nov 29 11:31:48 2024 +0200
@@ -17,13 +17,14 @@ Date: Fri Nov 29 11:31:48 2024 +0200
making our calculations way off.
Fixes: #3469
+ (backported from commit 1847fd6bea41f96ca545e744ee9ecc2896f6378a)
-diff --git a/sign/rpmgensig.cc b/sign/rpmgensig.cc
-index baaa4fedc..d10f22555 100644
---- a/sign/rpmgensig.cc
-+++ b/sign/rpmgensig.cc
-@@ -698,8 +698,8 @@ static int rpmSign(const char *rpm, int deleting, int flags)
- flags &= ~(RPMSIGN_FLAG_RPMV4|RPMSIGN_FLAG_RPMV3);
+diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c
+index 3beb1093c..a81c11efc 100644
+--- a/sign/rpmgensig.c
++++ b/sign/rpmgensig.c
+@@ -635,8 +635,8 @@ static int rpmSign(const char *rpm, int deleting, int flags)
+ flags |= RPMSIGN_FLAG_RPMV3;
}
- unloadImmutableRegion(&sigh, RPMTAG_HEADERSIGNATURES);
@@ -32,10 +33,10 @@ index baaa4fedc..d10f22555 100644
if (flags & RPMSIGN_FLAG_IMA) {
if (includeFileSignatures(&sigh, &h))
-@@ -745,12 +745,13 @@ static int rpmSign(const char *rpm, int deleting, int flags)
+@@ -680,12 +680,13 @@ static int rpmSign(const char *rpm, int deleting, int flags)
/* Adjust reserved size for added/removed signatures */
- if (headerGet(sigh, reserveTag, &utd, HEADERGET_MINMEM)) {
+ if (headerGet(sigh, RPMSIGTAG_RESERVEDSPACE, &utd, HEADERGET_MINMEM)) {
- int diff = headerSizeof(sigh, HEADER_MAGIC_YES) - origSigSize;
+ unsigned newSize = headerSizeof(sigh, HEADER_MAGIC_YES);
+ int diff = newSize - origSigSize;
@@ -49,10 +50,10 @@ index baaa4fedc..d10f22555 100644
utd.data = zeros;
headerMod(sigh, &utd);
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 3c60868fe..603f4a8aa 100644
+index aaf05ecd0..981ec622e 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -1847,7 +1847,6 @@ RPMTEST_CLEANUP
+@@ -1225,7 +1225,6 @@ RPMTEST_CLEANUP
AT_SETUP([--delsign with misplaced ima signature])
AT_KEYWORDS([rpmsign file signature])
```
</details>
<details>
<summary>b7c34907f03deb937fa686d44d44d7a0c35e4b9e Add tests for IMA signature deletion too</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 6232bd37625970173fbe4b61b1bfa25bfc033839
+commit b7c34907f03deb937fa686d44d44d7a0c35e4b9e
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Fri Nov 29 12:59:02 2024 +0200
@@ -9,12 +9,14 @@ Date: Fri Nov 29 12:59:02 2024 +0200
immutable region they get thrown out by rpmsign. This is expected
and desired behavior, it's simply the wrong place to place to put
them and not something we want to encourage in any way.
+
+ (backported from commit 6232bd37625970173fbe4b61b1bfa25bfc033839)
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 603f4a8aa..e9e69ecbe 100644
+index 981ec622e..ea61adef5 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -1842,6 +1842,28 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" /data/RPMS/imatest-1.0-1.fc34.
+@@ -1220,6 +1220,30 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" /data/RPMS/imatest-1.0-1.fc34.
/usr/share/example2:030204a598255400473045022100c10943795bff5d9c0db53dd4f8e4b845615fd08a2be295c30a80f5bdb4e6a41302203038840cc6abaab92acb56cb3e3ce520b17f22ff7444a8d5d0f703a44d5307a3
],
[ignore])
@@ -25,7 +27,8 @@ index 603f4a8aa..e9e69ecbe 100644
+rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" imatest-1.0-1.fc34.noarch.rpm
+]],
+[0],
-+[/usr/share/example1:030204a598255400483046022100e5117bdafa73baaeb1f1dc46ecaa46981a62d417745a33532572b63dc6d95d16022100c789107ac5b91e2d915e1df3c7b78414f6b3f50899d44c1de381d0e938dfc82b
++[imatest-1.0-1.fc34.noarch.rpm:
++/usr/share/example1:030204a598255400483046022100e5117bdafa73baaeb1f1dc46ecaa46981a62d417745a33532572b63dc6d95d16022100c789107ac5b91e2d915e1df3c7b78414f6b3f50899d44c1de381d0e938dfc82b
+/usr/share/example2:030204a598255400473045022100c10943795bff5d9c0db53dd4f8e4b845615fd08a2be295c30a80f5bdb4e6a41302203038840cc6abaab92acb56cb3e3ce520b17f22ff7444a8d5d0f703a44d5307a3
+],
+[])
@@ -36,14 +39,15 @@ index 603f4a8aa..e9e69ecbe 100644
+rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" imatest-1.0-1.fc34.noarch.rpm
+]],
+[0],
-+[/usr/share/example1:(none)
++[imatest-1.0-1.fc34.noarch.rpm:
++/usr/share/example1:(none)
+/usr/share/example2:(none)
+],
+[])
RPMTEST_CLEANUP
-@@ -1862,4 +1884,18 @@ rpm -qp hello-2.0-1.x86_64-badima.rpm
+@@ -1241,4 +1265,18 @@ rpm -qp hello-2.0-1.x86_64-badima.rpm
[hello-2.0-1.x86_64
],
[])
```
</details>
<details>
<summary>9d6b45703add986e57333a4d1630f41cd3620d5e Test rpm -e gpg-pubkey</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,21 +1,23 @@
-commit 4e1433df69c18e4fd85026794703415fc02c40cb
+commit 9d6b45703add986e57333a4d1630f41cd3620d5e
Author: Florian Festi <ffesti at redhat.com>
Date: Fri Nov 29 11:18:57 2024 +0100
Test rpm -e gpg-pubkey
+
+ (backported from commit 4e1433df69c18e4fd85026794703415fc02c40cb)
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index e9e69ecbe..389ffd300 100644
+index ea61adef5..d823914d6 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -122,6 +122,15 @@ runroot rpmkeys --list
+@@ -60,6 +60,15 @@ runroot rpmkeys --list
[0],
[],
[])
+
+runroot rpmkeys --import /data/keys/rpm.org-rsa-2048-test.pub
+RPMTEST_CHECK([
-+runroot rpm -e gpg-pubkey-771b18d3d7baa28734333c424344591e1964c5fc
++runroot rpm -e gpg-pubkey-1964c5fc-58e63918
+runroot rpm -qa gpg-pubkey
+],
+[0],
@@ -23,4 +25,4 @@ index e9e69ecbe..389ffd300 100644
+[])
RPMTEST_CLEANUP
- AT_SETUP([rpmkeys migrate from keyid to fingerprint (rpmdb)])
+ # ------------------------------
```
</details>
<details>
<summary>b4fdd7acafe137029c7859365a90eca23b3a7cac Don't allow installing packages without ARCH or OS</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit b92bd1b9fd11ae7654cc2797fffaeeeddaaa3c7e
+commit b4fdd7acafe137029c7859365a90eca23b3a7cac
Author: Florian Festi <ffesti at redhat.com>
Date: Fri Nov 29 09:22:53 2024 +0100
@@ -13,39 +13,22 @@ Date: Fri Nov 29 09:22:53 2024 +0100
people to rpmkeys.
Resolves: #3344
+ (backported from commit b92bd1b9fd11ae7654cc2797fffaeeeddaaa3c7e)
-diff --git a/lib/rpmte.cc b/lib/rpmte.cc
-index 6b9891875..70b1d8520 100644
---- a/lib/rpmte.cc
-+++ b/lib/rpmte.cc
-@@ -159,9 +159,13 @@ static int addTE(rpmte p, Header h, fnpyKey key, rpmRelocation * relocs)
+diff --git a/lib/rpmte.c b/lib/rpmte.c
+index 130999696..b2301cc6b 100644
+--- a/lib/rpmte.c
++++ b/lib/rpmte.c
+@@ -157,9 +157,9 @@ static int addTE(rpmte p, Header h, fnpyKey key, rpmRelocation * relocs)
p->arch = headerGetAsString(h, RPMTAG_ARCH);
p->os = headerGetAsString(h, RPMTAG_OS);
- /* gpg-pubkey's dont have os or arch (sigh), for others they are required */
- if (!rstreq(p->name, "gpg-pubkey") && (p->arch == NULL || p->os == NULL))
- goto exit;
-+ if (p->arch == NULL || p->os == NULL) {
-+ if (p->type == TR_REMOVED && rstreq(p->name, "gpg-pubkey")) {
-+ rpmlog(RPMLOG_WARNING, _("erasing gpg-pubkey packages is deprecated; use rpmkeys --delete %s\n"), p->version);
-+ } else {
++ if ((p->arch == NULL || p->os == NULL) &&
++ (p->type != TR_REMOVED || !rstreq(p->name, "gpg-pubkey")))
+ goto exit;
-+ }
-+ }
p->isSource = headerIsSource(h);
-diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 389ffd300..5a13c4138 100644
---- a/tests/rpmsigdig.at
-+++ b/tests/rpmsigdig.at
-@@ -130,7 +130,8 @@ runroot rpm -qa gpg-pubkey
- ],
- [0],
- [],
--[])
-+[warning: erasing gpg-pubkey packages is deprecated; use rpmkeys --delete 771b18d3d7baa28734333c424344591e1964c5fc
-+])
- RPMTEST_CLEANUP
-
- AT_SETUP([rpmkeys migrate from keyid to fingerprint (rpmdb)])
```
</details>
<details>
<summary>5f615ae2f7bf76957d397f79280a16e46e9e6754 Ensure gpg-pubkey packages not having OS and ARCH</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit aa722431c49bba4a8955d022a216621d118afa94
+commit 5f615ae2f7bf76957d397f79280a16e46e9e6754
Author: Florian Festi <ffesti at redhat.com>
Date: Fri Nov 29 16:13:00 2024 +0100
@@ -6,16 +6,16 @@ Date: Fri Nov 29 16:13:00 2024 +0100
Reject normal packages named gpg-pubkey which do have OS and ARCH.
Only packages from properly imported keys don't.
+
+ (backported from commit aa722431c49bba4a8955d022a216621d118afa94)
-diff --git a/lib/keystore.cc b/lib/keystore.cc
-index a64ef07d6..382a028e8 100644
---- a/lib/keystore.cc
-+++ b/lib/keystore.cc
-@@ -247,11 +247,17 @@ rpmRC keystore_rpmdb::load_keys(rpmtxn txn, rpmKeyring keyring)
- while ((h = rpmdbNextIterator(mi)) != NULL) {
+diff --git a/lib/rpmts.c b/lib/rpmts.c
+index 360fbd3cd..8a8a9fbd7 100644
+--- a/lib/rpmts.c
++++ b/lib/rpmts.c
+@@ -335,8 +335,15 @@ static int loadKeyringFromDB(rpmts ts)
struct rpmtd_s pubkeys;
const char *key;
-+ char *nevr = headerGetAsString(h, RPMTAG_NEVR);
- if (!headerGet(h, RPMTAG_PUBKEYS, &pubkeys, HEADERGET_MINMEM))
- continue;
@@ -23,12 +23,11 @@ index a64ef07d6..382a028e8 100644
+ if (headerIsEntry(h, RPMTAG_ARCH) || headerIsEntry(h, RPMTAG_OS) ||
+ !headerGet(h, RPMTAG_PUBKEYS, &pubkeys, HEADERGET_MINMEM))
+ {
++ char *nevr = headerGetAsString(h, RPMTAG_NEVR);
+ rpmlog(RPMLOG_WARNING, _("%s is not a valid public key\n"), nevr);
+ free(nevr);
+ continue;
+ }
-- char *nevr = headerGetAsString(h, RPMTAG_NEVR);
while ((key = rpmtdNextString(&pubkeys))) {
uint8_t *pkt;
- size_t pktlen;
```
</details>
<details>
<summary>8a6ecbc5f196606224510f1de9541c0a5a2b1c0d Fix simultaneous source and binary package install</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 19d68b5bc92f0c6b53f401ac00f381a568e017ea
+commit 8a6ecbc5f196606224510f1de9541c0a5a2b1c0d
Author: Michal Domonkos <mdomonko at redhat.com>
Date: Mon Dec 9 19:01:48 2024 +0100
@@ -11,12 +11,14 @@ Date: Mon Dec 9 19:01:48 2024 +0100
set is emptied beforehand.
Add a test to go with.
+
+ (backported from commit 19d68b5bc92f0c6b53f401ac00f381a568e017ea)
-diff --git a/lib/rpminstall.cc b/lib/rpminstall.cc
-index 45a076c23..c656380dc 100644
---- a/lib/rpminstall.cc
-+++ b/lib/rpminstall.cc
-@@ -667,6 +667,7 @@ restart:
+diff --git a/lib/rpminstall.c b/lib/rpminstall.c
+index dc643b595..fb2d445f5 100644
+--- a/lib/rpminstall.c
++++ b/lib/rpminstall.c
+@@ -661,6 +661,7 @@ restart:
rpmcliProgressState = 0;
rpmcliProgressTotal = 0;
rpmcliProgressCurrent = 0;
@@ -25,7 +27,7 @@ index 45a076c23..c656380dc 100644
if (eiu->sourceURL[i] != NULL) {
rc = RPMRC_OK;
diff --git a/tests/rpmi.at b/tests/rpmi.at
-index 1b61fcc01..8898301bb 100644
+index f81f2b6bd..e6ac623a5 100644
--- a/tests/rpmi.at
+++ b/tests/rpmi.at
@@ -638,6 +638,33 @@ hello.spec
@@ -39,21 +41,21 @@ index 1b61fcc01..8898301bb 100644
+RPMTEST_CHECK([
+RPMDB_INIT
+
++runroot_other sh -c 'rm /build/*/*'
+runroot rpm \
-+ --define "_topdir /tmp/build" \
+ --ignorearch --ignoreos --nodeps \
+ -i /data/SRPMS/hello-1.0-1.src.rpm \
+ /data/RPMS/hello-2.0-1.x86_64.rpm
+runroot rpm -q hello; echo
-+runroot_other sh -c 'ls /tmp/build/*'
++runroot_other sh -c 'ls /build/*'
+],
+[0],
+[hello-2.0-1.x86_64
+
-+/tmp/build/SOURCES:
++/build/SOURCES:
+hello-1.0.tar.gz
+
-+/tmp/build/SPECS:
++/build/SPECS:
+hello.spec
+],
+[])
```
</details>
<details>
<summary>a559d1c1b631c491c043621c34f8a83e6b1fb850 Don't let src.rpm packages be file signed</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit f7142bf896a521231f3d8be75b612ba9379ab4c4
+commit a559d1c1b631c491c043621c34f8a83e6b1fb850
Author: Michal Domonkos <mdomonko at redhat.com>
Date: Thu Nov 21 14:22:55 2024 +0100
@@ -12,13 +12,15 @@ Date: Thu Nov 21 14:22:55 2024 +0100
message as a heads-up, but don't skip the rest, header signatures are
still relevant for source rpms, as is the deletion of existing file
signatures.
+
+ (backported from commit f7142bf896a521231f3d8be75b612ba9379ab4c4)
-diff --git a/sign/rpmgensig.cc b/sign/rpmgensig.cc
-index d10f22555..5151b74d0 100644
---- a/sign/rpmgensig.cc
-+++ b/sign/rpmgensig.cc
-@@ -698,6 +698,12 @@ static int rpmSign(const char *rpm, int deleting, int flags)
- flags &= ~(RPMSIGN_FLAG_RPMV4|RPMSIGN_FLAG_RPMV3);
+diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c
+index a81c11efc..835406696 100644
+--- a/sign/rpmgensig.c
++++ b/sign/rpmgensig.c
+@@ -635,6 +635,12 @@ static int rpmSign(const char *rpm, int deleting, int flags)
+ flags |= RPMSIGN_FLAG_RPMV3;
}
+ if (headerIsSource(h)) {
@@ -31,10 +33,10 @@ index d10f22555..5151b74d0 100644
unloadImmutableRegion(&sigh, RPMTAG_HEADERSIGNATURES);
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 5a13c4138..c07c712b8 100644
+index d823914d6..13844dbed 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -1908,4 +1908,19 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" hello-2.0-1.x86_64-badima.rpm
+@@ -1288,4 +1288,20 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" hello-2.0-1.x86_64-badima.rpm
/usr/share/doc/hello-2.0/README:(none)
],
[])
@@ -50,6 +52,7 @@ index 5a13c4138..c07c712b8 100644
+],
+[0],
+[D: File signatures not applicable to src.rpm: /tmp/hello-1.0-1.src.rpm
++/tmp/hello-1.0-1.src.rpm:
+hello-1.0.tar.gz:(none)
+],
+[])
```
</details>
<details>
<summary>33d4551c79015789ca2f337186b162d1b74948c8 Fix formatting in man pages</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 7082585a8a2273dfbd50b7959d797c4d09616d77
+commit 33d4551c79015789ca2f337186b162d1b74948c8
Author: Florian Festi <ffesti at redhat.com>
Date: Tue Jan 7 12:30:56 2025 +0100
@@ -10,6 +10,7 @@ Date: Tue Jan 7 12:30:56 2025 +0100
Fix the formatting by moving the spaces or line breaks inbetween.
Resolves: #3502
+ (backported from commit 7082585a8a2273dfbd50b7959d797c4d09616d77)
diff --git a/docs/man/rpm-misc.8.md b/docs/man/rpm-misc.8.md
index 3a3ce5682..56bfa37a8 100644
@@ -25,7 +26,7 @@ index 3a3ce5682..56bfa37a8 100644
: Defines *MACRO* with value *EXPR*. before loading macro files.
diff --git a/docs/man/rpm.8.md b/docs/man/rpm.8.md
-index 2f48fa486..b8bc8bb3f 100644
+index a288a2a2f..c26b53ede 100644
--- a/docs/man/rpm.8.md
+++ b/docs/man/rpm.8.md
@@ -50,23 +50,23 @@ MISCELLANEOUS:
@@ -34,7 +35,7 @@ index 2f48fa486..b8bc8bb3f 100644
-\[*PACKAGE\_NAME*\] \[**-a,\--all \[***SELECTOR*\]\] \[**-f,\--file
-***FILE*\] \[**\--path ***PATH*\] \[**-g,\--group ***GROUP*\] \[**-p,\--package
--***PACKAGE\_FILE*\]
+-***PACKAGE\_FILE*\] \[**\--hdrid ***SHA1*\] \[**\--pkgid ***MD5*\]
-\[**\--tid ***TID*\] \[**\--querybynumber ***HDRNUM*\]
-\[**\--triggeredby ***PACKAGE\_NAME*\] \[**\--whatprovides
-***CAPABILITY*\] \[**\--whatrequires ***CAPABILITY*\]
@@ -44,7 +45,7 @@ index 2f48fa486..b8bc8bb3f 100644
-***CAPABILITY*\] \[**\--whatconflicts ***CAPABILITY*\]
+\[*PACKAGE\_NAME*\] \[**-a,\--all \[***SELECTOR*\]\] \[**-f,\--file**
+*FILE*\] \[**\--path** *PATH*\] \[**-g,\--group** *GROUP*\] \[**-p,\--package**
-+*PACKAGE\_FILE*\]
++*PACKAGE\_FILE*\] \[**\--hdrid** *SHA1*\] \[**\--pkgid** *MD5*\]
+\[**\--tid** *TID*\] \[**\--querybynumber** *HDRNUM*\]
+\[**\--triggeredby** *PACKAGE\_NAME*\] \[**\--whatprovides**
+*CAPABILITY*\] \[**\--whatrequires** *CAPABILITY*\]
@@ -163,7 +164,7 @@ index 2f48fa486..b8bc8bb3f 100644
: Query package owning installed *FILE*.
-@@ -634,11 +634,11 @@ name starts with \"b\".
+@@ -634,16 +634,16 @@ name starts with \"b\".
: List file names with their requires.
@@ -172,12 +173,18 @@ index 2f48fa486..b8bc8bb3f 100644
: Query packages with the group of *GROUP*.
+-**\--hdrid ***SHA1*
++**\--hdrid** *SHA1*
+
+ : Query package that contains a given header identifier, i.e. the
+ *SHA1* digest of the immutable header region.
+
-**-p, \--package ***PACKAGE\_FILE*
+**-p, \--package** *PACKAGE\_FILE*
: Query an (uninstalled) package *PACKAGE\_FILE*. The *PACKAGE\_FILE*
may be specified as an **ftp** or **http** style URL, in which case
-@@ -653,65 +653,65 @@ name starts with \"b\".
+@@ -658,70 +658,70 @@ name starts with \"b\".
substituted in place of the package manifest as additional
*PACKAGE\_FILE* arguments to the query.
@@ -188,6 +195,12 @@ index 2f48fa486..b8bc8bb3f 100644
Multiple packages may own a *PATH*, but the file is only owned by the
package installed last.
+-**\--pkgid ***MD5*
++**\--pkgid** *MD5*
+
+ : Query package that contains a given package identifier, i.e. the
+ *MD5* digest of the combined header and payload contents.
+
-**\--querybynumber ***HDRNUM*
+**\--querybynumber** *HDRNUM*
@@ -256,7 +269,7 @@ index 2f48fa486..b8bc8bb3f 100644
: Query all packages that enhance *CAPABILITY*.
-@@ -981,13 +981,13 @@ If both the user and password are omitted, anonymous **ftp** is used.
+@@ -991,13 +991,13 @@ If both the user and password are omitted, anonymous **ftp** is used.
: **http** and **ftp** URLs:
@@ -374,21 +387,21 @@ index 8ad1ce3bb..3e403771c 100644
Use **\--initdb** to create a new database if one doesn\'t already exist
(existing database is not overwritten), use **\--rebuilddb** to rebuild
diff --git a/docs/man/rpmsign.8.md b/docs/man/rpmsign.8.md
-index be4b16436..a356eea2a 100644
+index f153dc04b..d9c6ea569 100644
--- a/docs/man/rpmsign.8.md
+++ b/docs/man/rpmsign.8.md
@@ -25,7 +25,7 @@ SIGNING PACKAGES:
rpmsign-options
---------------
--\[**\--rpmv3**\] \[**\--rpmv4**\] \[**\--fskpath ***KEY*\] \[**\--signfiles**\]
-+\[**\--rpmv3**\] \[**\--rpmv4**\] \[**\--fskpath** *KEY*\] \[**\--signfiles**\]
+-\[**\--rpmv3**\] \[**\--fskpath ***KEY*\] \[**\--signfiles**\]
++\[**\--rpmv3**\] \[**\--fskpath** *KEY*\] \[**\--signfiles**\]
DESCRIPTION
===========
-@@ -89,15 +89,15 @@ SIGN OPTIONS
-
- Has no effect when signing V6 packages.
+@@ -59,15 +59,15 @@ SIGN OPTIONS
+ force their creation if the packages must be fully signature
+ verifiable with rpm \< 4.14 or other interoperability reasons.
-**\--fskpath ***KEY*
+**\--fskpath** *KEY*
```
</details>
<details>
<summary>ce069670d1b46c1cdf97af473d8922269548df61 Fix various issues with the man pages</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit 97185d58a6dc2da4507ddb97687ad2b3b15d24e4
+commit ce069670d1b46c1cdf97af473d8922269548df61
Author: Florian Festi <ffesti at redhat.com>
Date: Fri Jan 10 15:37:18 2025 +0100
@@ -11,6 +11,7 @@ Date: Fri Jan 10 15:37:18 2025 +0100
man pages and a few typos and minor rewordings.
Resolves: #3511
+ (backported from commit 97185d58a6dc2da4507ddb97687ad2b3b15d24e4)
diff --git a/docs/man/rpm-misc.8.md b/docs/man/rpm-misc.8.md
index 56bfa37a8..e49ada98f 100644
@@ -128,7 +129,7 @@ index 4bb879852..7c21d9557 100644
SEE ALSO
diff --git a/docs/man/rpm.8.md b/docs/man/rpm.8.md
-index b8bc8bb3f..54ac1832c 100644
+index c26b53ede..a588bcccd 100644
--- a/docs/man/rpm.8.md
+++ b/docs/man/rpm.8.md
@@ -12,8 +12,8 @@ rpm - RPM Package Manager
@@ -264,7 +265,7 @@ index b8bc8bb3f..54ac1832c 100644
*PACKAGE\_NAME*
-@@ -647,7 +647,7 @@ name starts with \"b\".
+@@ -652,7 +652,7 @@ name starts with \"b\".
support. The *PACKAGE\_FILE* argument(s), if not a binary package,
will be interpreted as an ASCII package manifest unless
**\--nomanifest** option is used. In manifests, comments are
@@ -273,7 +274,7 @@ index b8bc8bb3f..54ac1832c 100644
manifest file may include white space separated glob expressions,
including URL\'s, that will be expanded to paths that are
substituted in place of the package manifest as additional
-@@ -668,13 +668,13 @@ name starts with \"b\".
+@@ -678,13 +678,13 @@ name starts with \"b\".
: Parse and query *SPECFILE* as if it were a package. Although not all
the information (e.g. file lists) is available, this type of query
@@ -289,7 +290,7 @@ index b8bc8bb3f..54ac1832c 100644
package(s) installed or erased within a single transaction have a
common identifier.
-@@ -715,8 +715,8 @@ name starts with \"b\".
+@@ -725,8 +725,8 @@ name starts with \"b\".
: Query all packages that enhance *CAPABILITY*.
@@ -300,7 +301,7 @@ index b8bc8bb3f..54ac1832c 100644
**\--changelog**
-@@ -739,7 +739,7 @@ PACKAGE QUERY OPTIONS:
+@@ -749,7 +749,7 @@ PACKAGE QUERY OPTIONS:
**\--enhances**
@@ -309,7 +310,7 @@ index b8bc8bb3f..54ac1832c 100644
**\--filesbypkg**
-@@ -773,7 +773,7 @@ PACKAGE QUERY OPTIONS:
+@@ -783,7 +783,7 @@ PACKAGE QUERY OPTIONS:
**\--recommends**
@@ -318,7 +319,7 @@ index b8bc8bb3f..54ac1832c 100644
**-R, \--requires**
-@@ -781,11 +781,11 @@ PACKAGE QUERY OPTIONS:
+@@ -791,11 +791,11 @@ PACKAGE QUERY OPTIONS:
**\--suggests**
@@ -332,7 +333,7 @@ index b8bc8bb3f..54ac1832c 100644
**\--scripts**
-@@ -801,10 +801,14 @@ PACKAGE QUERY OPTIONS:
+@@ -811,10 +811,14 @@ PACKAGE QUERY OPTIONS:
**\--triggers, \--triggerscripts**
: Display the trigger scripts, if any, which are contained in the
@@ -350,7 +351,7 @@ index b8bc8bb3f..54ac1832c 100644
**-A, \--artifactfiles**
-@@ -837,7 +841,7 @@ FILE SELECTION OPTIONS:
+@@ -847,7 +851,7 @@ FILE SELECTION OPTIONS:
VERIFY OPTIONS
--------------
@@ -359,7 +360,7 @@ index b8bc8bb3f..54ac1832c 100644
**rpm** {**-V\|\--verify**} \[**select-options**\]
\[**verify-options**\]
-@@ -906,7 +910,7 @@ unique to verify mode are:
+@@ -916,7 +920,7 @@ unique to verify mode are:
**\--nogroup**
: Don\'t verify file user/group ownership. Note that only local
@@ -368,7 +369,7 @@ index b8bc8bb3f..54ac1832c 100644
**\--nocaps**
-@@ -915,15 +919,15 @@ unique to verify mode are:
+@@ -925,15 +929,15 @@ unique to verify mode are:
The format of the output is a string of 9 characters, a possible
attribute marker:
@@ -393,7 +394,7 @@ index b8bc8bb3f..54ac1832c 100644
from the package header, followed by the file name. Each of the 9
characters denotes the result of a comparison of attribute(s) of the
-@@ -934,22 +938,22 @@ single \"**.**\" (period) means the test passed, while a single
+@@ -944,22 +948,22 @@ single \"**.**\" (period) means the test passed, while a single
em**B**oldened) character denotes failure of the corresponding
**\--verify** test:
@@ -426,7 +427,7 @@ index b8bc8bb3f..54ac1832c 100644
currently set in *rpmrc* and *macros* configuration file(s).
**rpm** **\--setperms** | **\--setugids** | **\--setcaps** *PACKAGE\_NAME*
-@@ -977,9 +981,7 @@ If both the user and password are omitted, anonymous **ftp** is used.
+@@ -987,9 +991,7 @@ If both the user and password are omitted, anonymous **ftp** is used.
**rpm** allows the following options to be used with ftp URLs:
@@ -437,7 +438,7 @@ index b8bc8bb3f..54ac1832c 100644
**\--httpproxy** *HOST*
-@@ -1030,7 +1032,7 @@ does not exist.
+@@ -1040,7 +1042,7 @@ does not exist.
Macro Configuration
-------------------
@@ -446,7 +447,7 @@ index b8bc8bb3f..54ac1832c 100644
read sequentially by **rpm** for macro definitions. Tildes will be expanded
to the value of the environment variable *HOME*. The default macro path
is as follows:
-@@ -1068,7 +1070,7 @@ SEE ALSO
+@@ -1078,7 +1080,7 @@ SEE ALSO
**rpm-misc**(8), **popt**(3), **rpm2cpio**(8), **rpmbuild**(8), **rpmdb**(8),
**rpmkeys**(8), **rpmsign**(8), **rpmspec**(8)
@@ -701,7 +702,7 @@ index 5989d172d..dcc55bd34 100644
then printed to standard output.
diff --git a/docs/man/rpmkeys.8.md b/docs/man/rpmkeys.8.md
-index 1b27f0624..f1b2827e1 100644
+index 79b0f9b02..da90c2361 100644
--- a/docs/man/rpmkeys.8.md
+++ b/docs/man/rpmkeys.8.md
@@ -17,7 +17,7 @@ SYNOPSIS
@@ -711,7 +712,7 @@ index 1b27f0624..f1b2827e1 100644
-The general forms of rpm digital signature commands are
+The general forms of **rpm**(8) digital signature commands are
- **rpmkeys** {**-l\|\--list**} \[*FINGERPRINT \...*\]
+ **rpmkeys** **\--list** \[*KEYHASH \...*\]
diff --git a/docs/man/rpmlua.8.md b/docs/man/rpmlua.8.md
index 952e4a5f0..beefc00ab 100644
@@ -727,10 +728,10 @@ index 952e4a5f0..beefc00ab 100644
**-e\|\--execute**
diff --git a/docs/man/rpmsign.8.md b/docs/man/rpmsign.8.md
-index a356eea2a..f1a788f58 100644
+index d9c6ea569..254d042ef 100644
--- a/docs/man/rpmsign.8.md
+++ b/docs/man/rpmsign.8.md
-@@ -91,18 +91,18 @@ SIGN OPTIONS
+@@ -61,18 +61,18 @@ SIGN OPTIONS
**\--fskpath** *KEY*
@@ -752,15 +753,15 @@ index a356eea2a..f1a788f58 100644
**\--signfiles**
-@@ -128,7 +128,7 @@ CONFIGURING SIGNING KEYS
+@@ -98,7 +98,7 @@ CONFIGURING SIGNING KEYS
------------------------
- In order to sign packages, you need to create your own OpenPGP key pair
--(aka certificate) and configure **rpm** to use it. The following macros are
-+(aka certificate) and configure **rpm**(8) to use it. The following macros are
- available:
+ In order to sign packages, you need to create your own public and secret
+-key pair (see the GnuPG manual). In addition, **rpm** must be configured to
++key pair (see the GnuPG manual). In addition, **rpm**(8) must be configured to
+ find GnuPG and the appropriate keys with the following macros:
- **%\_openpgp_sign_id**
+ **%\_gpg\_name**
diff --git a/docs/man/rpmsort.8.md b/docs/man/rpmsort.8.md
index b031ccb36..4d218a21c 100644
--- a/docs/man/rpmsort.8.md
```
</details>
<details>
<summary>f9aab730b275d7269ecd561e71da3e1667235be8 Move the src.rpm IMA signing test to the main IMA test group</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit eea34122b042c65ae7aa5971b0f7809653cf6f2d
+commit f9aab730b275d7269ecd561e71da3e1667235be8
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Fri Jan 10 14:12:55 2025 +0200
@@ -8,12 +8,14 @@ Date: Fri Jan 10 14:12:55 2025 +0200
the --delsign test group which is a very specific thing, and doesn't
actually need rpm to be built with IMA to work. Attempting to sign
always does.
+
+ (backported from commit eea34122b042c65ae7aa5971b0f7809653cf6f2d)
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index c07c712b8..4affb0e66 100644
+index 13844dbed..fca185c9e 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
-@@ -1874,6 +1874,21 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" imatest-1.0-1.fc34.noarch.rpm
+@@ -1253,6 +1253,22 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" imatest-1.0-1.fc34.noarch.rpm
/usr/share/example2:(none)
],
[])
@@ -29,13 +31,14 @@ index c07c712b8..4affb0e66 100644
+],
+[0],
+[D: File signatures not applicable to src.rpm: /tmp/hello-1.0-1.src.rpm
++/tmp/hello-1.0-1.src.rpm:
+hello-1.0.tar.gz:(none)
+],
+[])
RPMTEST_CLEANUP
-@@ -1908,19 +1923,4 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" hello-2.0-1.x86_64-badima.rpm
+@@ -1288,20 +1304,4 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" hello-2.0-1.x86_64-badima.rpm
/usr/share/doc/hello-2.0/README:(none)
],
[])
@@ -51,6 +54,7 @@ index c07c712b8..4affb0e66 100644
-],
-[0],
-[D: File signatures not applicable to src.rpm: /tmp/hello-1.0-1.src.rpm
+-/tmp/hello-1.0-1.src.rpm:
-hello-1.0.tar.gz:(none)
-],
-[])
```
</details>
<details>
<summary>972b9a64024ebe7ced2b9e3c82d3594b7e3fb921 Truly separate test images from each other</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit f06029da8b18f1baf0e46719dfb46a60345bc9ea
+commit 972b9a64024ebe7ced2b9e3c82d3594b7e3fb921
Author: Michal Domonkos <mdomonko at redhat.com>
Date: Tue Jan 21 12:28:17 2025 +0100
@@ -28,6 +28,8 @@ Date: Tue Jan 21 12:28:17 2025 +0100
When in CI mode, store the ID in the source tree as we may not have a
build tree.
+
+ (backported from commit f06029da8b18f1baf0e46719dfb46a60345bc9ea)
diff --git a/.gitignore b/.gitignore
index e6e33092d..6a3de97a2 100644
@@ -39,7 +41,7 @@ index e6e33092d..6a3de97a2 100644
/docs/_site
+/tests/mktree.cache
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
-index bce3ffad7..523da05ac 100644
+index adc09aea9..f949fa19f 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -90,6 +90,7 @@ if (MKTREE_BACKEND STREQUAL oci)
@@ -50,7 +52,7 @@ index bce3ffad7..523da05ac 100644
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
)
else()
-@@ -135,6 +136,7 @@ endif()
+@@ -134,6 +135,7 @@ endif()
add_custom_target(atshell
COMMAND ./mktree atshell ||:
@@ -58,7 +60,7 @@ index bce3ffad7..523da05ac 100644
DEPENDS tree
)
-@@ -143,16 +145,19 @@ add_custom_target(pinned
+@@ -142,16 +144,19 @@ add_custom_target(pinned
COMMAND cp pinned/*.txt ${PINNED_DIR}/
COMMAND git add ${PINNED_DIR}/*.txt
COMMAND git diff --staged ${PINNED_DIR}/*.txt
@@ -79,7 +81,7 @@ index bce3ffad7..523da05ac 100644
)
diff --git a/tests/mktree.oci b/tests/mktree.oci
-index 06c004bba..def7fb28b 100755
+index b7d79570b..5311825ba 100755
--- a/tests/mktree.oci
+++ b/tests/mktree.oci
@@ -25,7 +25,10 @@ else
@@ -120,7 +122,7 @@ index 06c004bba..def7fb28b 100755
}
unshared()
-@@ -64,21 +77,21 @@ unshared()
+@@ -64,19 +77,19 @@ unshared()
case $CMD in
build) unshared
# Build base image
@@ -132,12 +134,10 @@ index 06c004bba..def7fb28b 100755
+ clean
if [ $NATIVE == yes ]; then
# Native build
-- id=$($PODMAN create -t $IMAGE/base)
-+ id=$($PODMAN create -t $BASE_TAG)
- trap "$PODMAN kill $id >/dev/null; $PODMAN rm $id > /dev/null" EXIT
- $PODMAN start $id
+- id=$($PODMAN create $IMAGE/base)
++ id=$($PODMAN create $BASE_TAG)
+ trap "$PODMAN rm $id >/dev/null" EXIT
make_install $($PODMAN mount $id)
- $PODMAN exec $id /usr/share/mktree/setup.sh
- $PODMAN commit -q $id $IMAGE
+ $PODMAN commit -q $id --iidfile=$IID_FILE
else
@@ -147,7 +147,7 @@ index 06c004bba..def7fb28b 100755
fi
;;
check)
-@@ -93,4 +106,7 @@ case $CMD in
+@@ -91,4 +104,7 @@ case $CMD in
reset)
rpmtests --reset
;;
```
</details>
<details>
<summary>ae688aaa1cb62cb1ebe36f619ed140df68f7ef0a Drop WITH_ARCHIVE build option leftoevers</summary>
```diff
diff --git a/dev/fd/63 b/dev/fd/62
--- a/dev/fd/63
+++ b/dev/fd/62
@@ -1,4 +1,4 @@
-commit a7af54b9fff294c98d54c92fbefffeb1d1e8b8c3
+commit ae688aaa1cb62cb1ebe36f619ed140df68f7ef0a
Author: Panu Matilainen <pmatilai at redhat.com>
Date: Wed Feb 5 12:23:49 2025 +0200
@@ -6,9 +6,11 @@ Date: Wed Feb 5 12:23:49 2025 +0200
libarchive was made mandatory in 33853c73cf6af5ff3108fe5c59a0a7a1614bed99
but the option was left behind.
+
+ (backported from commit a7af54b9fff294c98d54c92fbefffeb1d1e8b8c3)
diff --git a/CMakeLists.txt b/CMakeLists.txt
-index ef7852cf9..7b84d6231 100644
+index d96787e40..7bf27d257 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -23,7 +23,6 @@ option(ENABLE_UBSAN "Enable undefined behavior-sanitizer" OFF)
@@ -47,7 +49,7 @@ index bb0230353..8e3def6a8 100644
list(APPEND manuals rpm-plugins.8
rpm-plugin-prioreset.8 rpm-plugin-syslog.8)
diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt
-index 9fd90535c..819d77f5e 100644
+index c8011c893..dd7d874d0 100644
--- a/tools/CMakeLists.txt
+++ b/tools/CMakeLists.txt
@@ -39,11 +39,9 @@ if (READLINE_FOUND)
@@ -55,11 +57,11 @@ index 9fd90535c..819d77f5e 100644
endif()
-if (WITH_ARCHIVE)
-- add_executable(rpm2archive rpm2archive.cc)
+- add_executable(rpm2archive rpm2archive.c)
- target_link_libraries(rpm2archive PRIVATE PkgConfig::LIBARCHIVE)
- install(TARGETS rpm2archive)
-endif()
-+add_executable(rpm2archive rpm2archive.cc)
++add_executable(rpm2archive rpm2archive.c)
+target_link_libraries(rpm2archive PRIVATE PkgConfig::LIBARCHIVE)
+install(TARGETS rpm2archive)
@@ -80,5 +82,5 @@ index 9fd90535c..819d77f5e 100644
+ )
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/rpm2cpio TYPE BIN)
- install(TARGETS
- rpm rpmdb rpmkeys rpmsign rpmbuild rpmspec
+ if (WITH_CXX)
+ set (cxx_sources
```
</details>
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/3561
-- Commit Summary --
* Add test for spurious %transfiletriggerpostun runs
* A more compatible kludge for #3278
* Fix regression preventing manual %debug_package usage
* brp-remove-la-files: Remove symlinks, too
* Fix memleak when process policies
* Disable private mounts in chroot'ed operation in the unshare plugin
* Add CODEOWNERS to enable automatic review-requests
* Bump the lowest level file digest default to SHA256 too
* Refactor scriptlet runner functions to take an actual rpmscript struct
* Filter Lua deprecation warnings based on the originating rpm version
* About Reference Manual
* Reference Manual: RPM's Philosophy
* Link philosophy page from CONTRIBUTING file
* Add forgotten %dnl description to macros page
* Add Macros section to Spec page
* Fix a memory leak on rpmdb --importdb
* Add an optional lockmode argument to the internal rpmlock API
* Honor read-only transaction lock mode
* Fix rpmdb --exportdb from database on read-only media
* Fix formatting in the rpmsort man page.
* Having no keys imported is not an error
* Default to test-suite disabled in cmake
* Fix FA_TOUCH'ed files getting removed on failed update
* Require macro filenames to end in alphanum char
* Silence extra output on rpmspec query on Buildsystem specs
* Support Fedora 41 in Dockerfile
* fix rpmdump output
* Add -Wformat-security to our default build flags
* Add note about square brackets to tests README
* Add missing code fences in tests README
* Kludge around removeSBITS() not properly checking errors for now
* Handle error return from audit_log_user_comm_message()
* Always build with -fhardened if the compiler supports it
* Drop support for F39 in Dockerfile
* Remove rpm-plugin-ima in Dockerfile on F41
* Document %autopatch -q in the manual too
* Vacuum the sqlite rpmdb if necessary
* Update GPL and LGPL in COPYING
* Add test case for ima file signatures
* Use imaevm_signhash if available
* Detect missing file signatures in IMA test
* Skip IMA test when built without IMA support
* Update CI to Fedora 41, disable updates by default
* Fix regression on build-id generation from compressed ELF files
* Add a test for deleting a misplaced IMA signature
* Fix possible package corruption on --delsign/resign/addsign
* Add tests for IMA signature deletion too
* Test rpm -e gpg-pubkey
* Don't allow installing packages without ARCH or OS
* Add test case for missing mandatory tags
* Don't allow installing gpg-pubkey packages
* Ensure gpg-pubkey packages not having OS and ARCH
* Support new u! command in sysusers files
* Typo in the expression.cc file in error message
* Check actual unpacked files in src.rpm tests
* Fix simultaneous source and binary package install
* Don't let src.rpm packages be file signed
* Don't run plugins on src.rpm unpacking (RhBug:2316785)
* Fix brp-strip when using regex-unsafe build root
* Update index of man pages
* Fix regression causing a build directory left behind on rpmbuild -bs
* Set RPM_PLUGINDIR in top level CMakeLists.txt
* Add missing documentation for attributes. (#3488)
* Fix thinko in sysusers macro enablement comment
* Lock the GitHub CI runner to a specific Ubuntu version
* Fix formatting in man pages
* urlOpen: Set errno to ENOENT on error
* Fix race condition in rpmioMkpath
* rpmdb.8.md: Talk about rpmdb instead of rpm
* Fix various issues with the man pages
* Document ways to declare sources and patches
* Move the src.rpm IMA signing test to the main IMA test group
* Give the main IMA tests a more descriptive name and a distinct keyword
* Ignore EPERM for root when setting IMA signature xattr
* Downgrade headings of examples
* Add table of contents to Spec page in manual
* Drop Spec syntax related pages from index
* Truly separate test images from each other
* Add a mktree command to actually tag the image
* Prevent base images from accidental prune
* Add note on ASAN/UBSAN affecting test performance
* manual/autosetup: fix typo in %autosetup desc
* Demonstrate oneliner bcond syntax
* Drop WITH_ARCHIVE build option leftoevers
* Document libarchive dependency in INSTALL
-- File Changes --
A .github/CODEOWNERS (2)
M .github/workflows/linux.yml (2)
M .gitignore (1)
M CMakeLists.txt (14)
M CONTRIBUTING.md (2)
M COPYING (70)
M INSTALL (7)
M build/build.c (1)
M build/files.c (12)
M build/parseSpec.c (2)
M build/policies.c (2)
M config.h.in (1)
M docs/CMakeLists.txt (2)
M docs/man/CMakeLists.txt (7)
M docs/man/index.md (47)
M docs/man/rpm-misc.8.md (6)
M docs/man/rpm-plugin-audit.8.md (2)
M docs/man/rpm-plugin-prioreset.8.md (4)
M docs/man/rpm-plugin-selinux.8.md (2)
M docs/man/rpm-plugin-syslog.8.md (2)
M docs/man/rpm-plugin-systemd-inhibit.8.md (4)
M docs/man/rpm-plugin-unshare.8.md (5)
M docs/man/rpm-plugins.8.md (2)
M docs/man/rpm.8.md (204)
M docs/man/rpm2archive.8.md (4)
M docs/man/rpmbuild.8.md (94)
M docs/man/rpmdb.8.md (8)
M docs/man/rpmgraph.8.md (2)
M docs/man/rpmkeys.8.md (2)
M docs/man/rpmlua.8.md (2)
M docs/man/rpmsign.8.md (16)
M docs/man/rpmsort.8.md (10)
M docs/man/rpmspec.8.md (38)
A docs/manual/about.md (29)
M docs/manual/autosetup.md (11)
M docs/manual/conditionalbuilds.md (6)
M docs/manual/index.md (19)
M docs/manual/macros.md (1)
A docs/manual/philosophy.md (172)
M docs/manual/spec.md (78)
M docs/manual/users_and_groups.md (8)
M lib/backend/sqlite.c (29)
M lib/fsm.c (8)
M lib/psm.c (9)
M lib/rpminstall.c (1)
M lib/rpmlock.c (14)
M lib/rpmlock.h (2)
M lib/rpmscript.c (71)
M lib/rpmte.c (9)
M lib/rpmts.c (14)
M macros.in (17)
M plugins/CMakeLists.txt (3)
M plugins/audit.c (14)
M plugins/ima.c (4)
M plugins/unshare.c (21)
M rpmio/expression.c (2)
M rpmio/lposix.c (6)
M rpmio/lposix.h (2)
M rpmio/macro.c (4)
M rpmio/rpmfileutil.c (18)
M rpmio/rpmio.c (1)
M rpmio/rpmlua.c (22)
M scripts/brp-remove-la-files (12)
M scripts/brp-strip (5)
M scripts/brp-strip-static-archive (3)
M scripts/sysusers.sh (21)
M sign/rpmgensig.c (13)
M sign/rpmsignfiles.c (9)
M tests/CMakeLists.txt (6)
M tests/Dockerfile.fedora (33)
M tests/README.md (28)
M tests/atlocal.in (5)
A tests/data/RPMS/hello-2.0-1.x86_64-badima.rpm (0)
A tests/data/RPMS/luafork-1.0-1.noarch.rpm (0)
M tests/data/SPECS/filetriggers-prefix.spec (11)
M tests/data/SPECS/klang.spec (2)
A tests/data/SPECS/luafork.spec (22)
A tests/data/SPECS/manualdebug.spec (31)
A tests/data/SPECS/pamupdate.spec (21)
A tests/data/keys/privkey.pem (5)
A tests/data/misc/rpmdb.sqlite (0)
M tests/data/misc/rpmdump4.txt (2)
M tests/mktree.oci (34)
A tests/rpmbrp.at (28)
M tests/rpmbuild.at (86)
M tests/rpmdb.at (67)
M tests/rpmdevel.at (16)
M tests/rpmi.at (101)
M tests/rpmmacro.at (17)
M tests/rpmpython.at (37)
M tests/rpmscript.at (43)
M tests/rpmsigdig.at (171)
M tools/CMakeLists.txt (18)
M tools/rpmbuild.c (2)
M tools/rpmdb.c (1)
M tools/rpmdump.c (2)
M tools/rpmkeys.c (3)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/3561.patch
https://github.com/rpm-software-management/rpm/pull/3561.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3561
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3561 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20250210/30431a30/attachment-0001.htm>
More information about the Rpm-maint
mailing list