@jessorensen commented on this pull request.
> + rpmlog(RPMLOG_DEBUG, "fsverity not supported by file system for
> %s\n",
+ path);
+ break;
+ case EOPNOTSUPP:
+ rpmlog(RPMLOG_DEBUG, "fsverity not enabled on file system for %s\n",
+ path);
+ break;
+ case ETXTBSY:
+ rpmlog(RPMLOG_DEBUG, "file is open by other process %s\n",
+ path);
+ break;
+ default:
+ rpmlog(RPMLOG_DEBUG, "failed to enable verity (errno %i) for %s\n",
+ errno, path);
+ break;
+ }
I did this on purpose as I didn't want the installation to fail.
fsverity support is on a per filesystem level, and I deliberately ignore the
failures silently on file systems that do not have the support.
If someone builds all their rpms with verity signatures, but not all their
systems have fsverity enabled/supported in the file system, I don't think they
want to get a large number of errors when trying to install packages.
There is also the situation where someone has a setup where one partition has
fsverity enabled and one where it isn't. If parts of the rpm are installed on
both partitions, this could lead to some tricky failure situations.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1203#discussion_r431359462
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
