[oe-commits] Markus Lehtonen : createrepo: disable RPM signature validation
git at git.openembedded.org
git at git.openembedded.org
Thu Sep 3 11:43:57 UTC 2015
Module: openembedded-core.git
Branch: master
Commit: c419c64c30736ecc7b496161b4f9d9f3cc88102f
URL: http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=c419c64c30736ecc7b496161b4f9d9f3cc88102f
Author: Markus Lehtonen <markus.lehtonen at linux.intel.com>
Date: Thu Aug 27 09:32:47 2015 +0300
createrepo: disable RPM signature validation
Disable RPM signature validation so that it is possible to create
package feeds of signed RPM packages without importing the public part
of the signing key into the RPM database. In any case, the signatures
are validated when the packages in the feed are used (e.g. in image
generation of manually installing packages from the feed).
The original idea idea of this patch is from Mark Hatle
<mark.hatle at windriver.com>.
[YOCTO #8134]
Signed-off-by: Markus Lehtonen <markus.lehtonen at linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
...dumpMetadata-disable-signature-validation.patch | 31 ++++++++++++++++++++++
.../createrepo/createrepo_0.4.11.bb | 17 ++++++------
2 files changed, 40 insertions(+), 8 deletions(-)
diff --git a/meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch b/meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch
new file mode 100644
index 0000000..905531f
--- /dev/null
+++ b/meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch
@@ -0,0 +1,31 @@
+dumpMetadata: disable signature validation
+
+Makes it possible to work on RPM repositories that contain signed packages
+without the need of importing the public part of the signing key into the RPM
+database.
+
+Upstream-Status: Pending
+
+Signed-off-by: Markus Lehtonen <markus.lehtonen at linux.intel.com>
+---
+ dumpMetadata.py | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/dumpMetadata.py b/dumpMetadata.py
+index e40e8ac..ca6a82d 100644
+--- a/dumpMetadata.py
++++ b/dumpMetadata.py
+@@ -92,7 +92,9 @@ def returnHdr(ts, package):
+ fdno = package # let's assume this is an fdno and go with it :)
+ except OSError:
+ raise MDError, "Error opening file"
+- ts.setVSFlags((rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD))
++ ts.setVSFlags((rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD|
++ rpm.RPMVSF_NODSA|rpm.RPMVSF_NORSA|
++ rpm.RPMVSF_NODSAHEADER|rpm.RPMVSF_NORSAHEADER))
+ try:
+ hdr = ts.hdrFromFdno(fdno)
+ except rpm.error:
+--
+2.1.4
+
diff --git a/meta/recipes-support/createrepo/createrepo_0.4.11.bb b/meta/recipes-support/createrepo/createrepo_0.4.11.bb
index d6fe436..5f9ecf6 100644
--- a/meta/recipes-support/createrepo/createrepo_0.4.11.bb
+++ b/meta/recipes-support/createrepo/createrepo_0.4.11.bb
@@ -11,14 +11,15 @@ RDEPENDS_${PN}_class-target = "libxml2-python"
PR = "r9"
-SRC_URI= "http://createrepo.baseurl.org/download/${BP}.tar.gz \
- file://fix-native-install.patch \
- file://python-scripts-should-use-interpreter-from-env.patch \
- file://createrepo-rpm549.patch \
- file://recommends.patch \
- file://createrepo-dbpath.patch \
- file://rpm-createsolvedb.py \
- "
+SRC_URI = "http://createrepo.baseurl.org/download/${BP}.tar.gz \
+ file://fix-native-install.patch \
+ file://python-scripts-should-use-interpreter-from-env.patch \
+ file://createrepo-rpm549.patch \
+ file://recommends.patch \
+ file://createrepo-dbpath.patch \
+ file://dumpMetadata-disable-signature-validation.patch \
+ file://rpm-createsolvedb.py \
+ "
SRC_URI[md5sum] = "3e9ccf4abcffe3f49af078c83611eda2"
SRC_URI[sha256sum] = "a73ae11a0dcde8bde36d900bc3f7f8f1083ba752c70a5c61b72d1e1e7608f21b"
More information about the Openembedded-commits
mailing list