[OE-core] [PATCH 1/2] lib/oe/package_manager.py (rpm): Signature check is enabled by default
Alexander Kanavin
alexander.kanavin at linux.intel.com
Mon Oct 2 13:56:41 UTC 2017
On 10/02/2017 04:09 PM, Otavio Salvador wrote:
> I assure you I did test both patches. I leave as an exercise to you to
> show me what it breaks.
>
> Also, keeping "exercises" for contributors is not something which
> helps to gather more contributions. It solved the dnf install
> requirement for my test and seems to be the right thing to do. I may
> be missing something but please point it or give me a case test.
The first patch is removing the addition of 'repo_gpgcheck=1' option to
dnf config gile when repo feed signing/verification is enabled. Dnf does
not enable that feature by default, and so the option must be present in
dnf config file when repo feed signature verification is in use.
The second patch adds 'gpgcheck=0' when repo feed signing is disabled,
which will also disable package verification at runtime, ignoring the
altogether different build setting controlling that. As I've already
explained to you, package signing and feed signing are two different
things, with their own sets of options.
Test case 1:
- enable feed signing, check that resulting dnf.conf file has feed
verification (repo_gpgcheck option) enabled
Test case 2:
- enable package signing, disable package feed signing, check that the
resulting dnf.conf file has package verification enabled.
Both test cases will fail with your patches.
Alex
More information about the Openembedded-core
mailing list