[Rpm-maint] [rpm-software-management/rpm] Ignore EPERM when setting IMA signature xattr (PR #3516)
Panu Matilainen
notifications at github.com
Fri Jan 10 14:25:53 UTC 2025
This lets installations succeed even if the ima plugin happens to be installed in a container, where IMA isn't supported. We don't know it failure was because of a container so this is far from ideal, but failing an install just because some package dragged in the ima plugin as a dependency is worse.
Counter-intuitively, the test verifies that the IMA xattr didn't get installed because that's the expected result, when inside a container.
Fixes: #3234
The first commits are tweaks to a couple of small issues I ran into when looking at this.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/3516
-- Commit Summary --
* Move the src.rpm IMA signing test to the main IMA test group
* Give the main IMA tests a more descriptive name and a distinct keyword
* Ignore EPERM when setting IMA signature xattr
-- File Changes --
M plugins/ima.c (2)
M tests/rpmsigdig.at (47)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/3516.patch
https://github.com/rpm-software-management/rpm/pull/3516.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3516
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3516 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20250110/c3e50465/attachment.htm>
More information about the Rpm-maint
mailing list