@jessorensen commented on this pull request.

>      if (deleting) {  /* Nuke all the signature tags. */
+       deleteFileSigs(sigh);

> The IMA signatures originally were covered by package signature, but that 
> breaks some fundamental rpm rules so it was changed in a latter release. So 
> these days file signatures are entirely separate items, and can be added and 
> removed without affecting others.

Sweet, I was under the assumption that they were covered, so didn't want to go 
down that path. I'll have a look at adding this as a separate --delfilesigs 
option. I think it's reasonable to delete all file signatures with one option, 
IMA and fsverity, but I can also make it two, if you prefer.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Rpm-maint mailing list

Reply via email to