@jessorensen commented on this pull request.
> if (deleting) { /* Nuke all the signature tags. */
deleteSigs(sigh);
+ deleteFileSigs(sigh);
> The IMA signatures originally were covered by package signature, but that
> breaks some fundamental rpm rules so it was changed in a latter release. So
> these days file signatures are entirely separate items, and can be added and
> removed without affecting others.
Sweet, I was under the assumption that they were covered, so didn't want to go
down that path. I'll have a look at adding this as a separate --delfilesigs
option. I think it's reasonable to delete all file signatures with one option,
IMA and fsverity, but I can also make it two, if you prefer.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1203#discussion_r431902614
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint