@jessorensen commented on this pull request.
> if (deleting) { /* Nuke all the signature tags. */
deleteSigs(sigh);
+ deleteFileSigs(sigh);
>From my understanding, the package signature covers the file signatures, so we
>cannot remove them without invalidating the package signature?
If I am misunderstanding this, please let me know.
I also added deletion of the IMA signatures to my patch since I figured they
should be deleted.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1203#discussion_r431355737_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
