[OE-core] [PATCH 0/1] rpm: make install with --nosignature and --nodigest work
Hongxu Jia
hongxu.jia at windriver.com
Tue Sep 20 09:04:18 UTC 2016
BTW, as Robert suggested, I tested rpm upgrade (rpm -F),
the fix also works well
Preprae two version hello with bad signature
1. Install hello with version 1.0-r1.0
root at localhost:~# rpm -ivh --nodigest --nosignature
hello-1.0-r1.0.corei7_64.rpm
Preparing... ########################################### [100%]
1:hello ########################################### [100%]
root at localhost:~# rpm -F --verbose hello-1.0-r2.0.corei7_64.rpm
error: hello-1.0-r2.0.corei7_64.rpm: Header V4 DSA signature: BAD, key
ID 8a0274fa
2. Upgrade hello with version 1.0-r2.0
root at localhost:~# rpm -F --verbose --nodigest --nosignature
hello-1.0-r2.0.corei7_64.rpm
Preparing packages for installation...
hello-1.0-r2.0.corei7_64
root at localhost:~# rpm -q hello
hello-1.0-r2.0.corei7_64
//Hongxu
On 09/20/2016 04:15 PM, Hongxu Jia wrote:
> Boot a target environment with rpm:
>
> 1). With option '--nodigest --nosignature', installing package
> with bad signature is successful
> ======
> root at localhost:~# rpm -ivh hello-bogus.rpm
> error: hello-bogus.rpm: Header V4 DSA signature: BAD, key ID 09753bca
>
> ======
>
> 2). Without option '--nodigest --nosignature', installing package
> with bad signature failed
> ======
> root at localhost:~# rpm -ivh --nodigest --nosignature hello-bogus.rpm
> Preparing... ########################################### [100%]
> 1:hello ########################################### [100%]
> ======
>
> BTW: the package with bad signature hello-bogus.rpm in
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=10308
>
> //Hongxu
>
> The following changes since commit 49a7839e602eac2c43415d9c8f17ad8315fd1da5:
>
> build-appliance-image: Create image in correct location (2016-09-19 08:58:10 +0100)
>
> are available in the git repository at:
>
> git://git.openembedded.org/openembedded-core-contrib hongxu/fix-rpm
> http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=hongxu/fix-rpm
>
> Hongxu Jia (1):
> rpm: make install with --nosignature and --nodigest work
>
> ...0001-system.h-query.c-support-nosignature.patch | 75 ++++++++++++++++++++--
> 1 file changed, 71 insertions(+), 4 deletions(-)
>
More information about the Openembedded-core
mailing list