This is an automated email from the ASF dual-hosted git repository.
iwasakims pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/bigtop.git
The following commit(s) were added to refs/heads/master by this push:
new 9020dea9c BIGTOP-4417. Fix failure of importing package signining keys
on Rocky Linux 9. (#1344)
9020dea9c is described below
commit 9020dea9c7b54c7f05a92e8055ff90a5605c68f9
Author: Masatake Iwasaki <[email protected]>
AuthorDate: Sun May 11 23:39:01 2025 +0900
BIGTOP-4417. Fix failure of importing package signining keys on Rocky Linux
9. (#1344)
---
bigtop-deploy/puppet/manifests/bigtop_repo.pp | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/bigtop-deploy/puppet/manifests/bigtop_repo.pp
b/bigtop-deploy/puppet/manifests/bigtop_repo.pp
index b52606d1e..65c99e9ef 100644
--- a/bigtop-deploy/puppet/manifests/bigtop_repo.pp
+++ b/bigtop-deploy/puppet/manifests/bigtop_repo.pp
@@ -47,6 +47,16 @@ class bigtop_repo {
}
}
Yumrepo<||> -> Package<||>
+
+ if versioncmp($operatingsystemmajrelease, '9') == 0 {
+ # SHA-1 for package signing was deprecated in RHEL 9.
+ #
https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9
+ exec { 'update_crypto_policies_legacy':
+ command => '/usr/bin/update-crypto-policies --set LEGACY'
+ }
+
+ Exec['update_crypto_policies_legacy'] -> Yumrepo<||>
+ }
}
/(Ubuntu|Debian)/: {
