[OE-core] [PATCH 0/1] rpm: make install with --nosignature and --nodigest work

Hongxu Jia hongxu.jia at windriver.com
Tue Sep 20 09:04:18 UTC 2016 

BTW, as Robert suggested, I tested rpm upgrade (rpm -F),
the fix also works well

Preprae two version hello with bad signature

1. Install hello with version 1.0-r1.0

root at localhost:~# rpm -ivh --nodigest --nosignature 
hello-1.0-r1.0.corei7_64.rpm
Preparing... ########################################### [100%]
    1:hello ########################################### [100%]

root at localhost:~# rpm -F --verbose hello-1.0-r2.0.corei7_64.rpm
error: hello-1.0-r2.0.corei7_64.rpm: Header V4 DSA signature: BAD, key 
ID 8a0274fa

2. Upgrade hello with version 1.0-r2.0

root at localhost:~# rpm -F --verbose --nodigest --nosignature 
hello-1.0-r2.0.corei7_64.rpm
Preparing packages for installation...
hello-1.0-r2.0.corei7_64

root at localhost:~# rpm -q hello
hello-1.0-r2.0.corei7_64

//Hongxu

On 09/20/2016 04:15 PM, Hongxu Jia wrote:
> Boot a target environment with rpm:
>
> 1). With option '--nodigest --nosignature', installing package
> with bad signature is successful
> ======
> root at localhost:~# rpm -ivh hello-bogus.rpm
> error: hello-bogus.rpm: Header V4 DSA signature: BAD, key ID 09753bca
>
> ======
>
> 2). Without option '--nodigest --nosignature', installing package
> with bad signature failed
> ======
> root at localhost:~# rpm -ivh --nodigest --nosignature  hello-bogus.rpm
> Preparing...                ########################################### [100%]
>     1:hello                  ########################################### [100%]
> ======
>
> BTW: the package with bad signature hello-bogus.rpm in
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=10308
>
> //Hongxu
>
> The following changes since commit 49a7839e602eac2c43415d9c8f17ad8315fd1da5:
>
>    build-appliance-image: Create image in correct location (2016-09-19 08:58:10 +0100)
>
> are available in the git repository at:
>
>    git://git.openembedded.org/openembedded-core-contrib hongxu/fix-rpm
>    http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=hongxu/fix-rpm
>
> Hongxu Jia (1):
>    rpm: make install with --nosignature and --nodigest work
>
>   ...0001-system.h-query.c-support-nosignature.patch | 75 ++++++++++++++++++++--
>   1 file changed, 71 insertions(+), 4 deletions(-)
>

More information about the Openembedded-core mailing list