[OE-core] [PATCH 1/2] lib/oe/package_manager.py (rpm): Signature check is enabled by default
Alexander Kanavin
alexander.kanavin at linux.intel.com
Mon Oct 2 11:01:00 UTC 2017
On 10/02/2017 01:00 AM, Otavio Salvador wrote:
>> NAK both patches, I'm afraid. gpgcheck and repo_gpgcheck are two different
>> options, which control different things, and you thoroughly confused them
>> here.
>
> I did test both patches and this is not what I figured. Did you test it?
>> Again, 'gpcheck' option has nothing to do with verifying signed package
>> feeds. NAK.
>
> Oh really? so tell me why it fixed my error?
>
> Without this patch I need to use:
>
> dnf install --nogpgcheck <pkg>
>
> and it is sub-optimal as I did not enabled signed support.
Oe-core has support for two different things:
1. Signing and verifying individual package files. This feature is
controlled by RPM_SIGN_PACKAGES option in build configuration and dnf's
gpgcheck config file option at runtime.
2. Signing and verifying repository metadata. This feature is controlled
by PACKAGE_FEED_SIGN option and repo_gpgcheck config file option
respectively.
The above two things are completely orthogonal, and can be enabled and
disabled independently of each other. Now please look at your patches
keeping this in mind.
I assure you, both of the patches are incorrect. Exactly why is left as
an exercise for the reader.
Alex
More information about the Openembedded-core
mailing list