Re: Automate your Fedora package maintenance using Packit

Hi Sergio, we have a full example in our docs: https://packit.dev/docs/fedora-releases-guide#full-example or you can check the configuration of packages that have Packit set up, e.g. https://src.fedoraproject.org/rpms/qownnotes/blob/rawhide/f/.packit.yaml or https://src.fedoraproject.org/rpms/micr

Fedora rawhide compose report: 20231114.n.1 changes

OLD: Fedora-Rawhide-20231113.n.0 NEW: Fedora-Rawhide-20231114.n.1 = SUMMARY = Added images:4 Dropped images: 3 Added packages: 13 Dropped packages:0 Upgraded packages: 163 Downgraded packages: 0 Size of added packages: 3.88 MiB Size of dropped packages:0

Re: Automate your Fedora package maintenance using Packit

Hi,  have we an example working ?  I'd like had packit for https://src.fedoraproject.org/rpms/libphonenumber  Upstream Release Monitoring report here: https://bugzilla.redhat.com/show_bug.cgi?id=2237976 I'd like have the pull request , koji_build   and bohi update  Thank you, On Fri, 20

Re: DNF5: Checking signatures of packages installed out of a repository?

* Michael Catanzaro: > On Tue, Nov 14 2023 at 08:16:39 AM -0500, Christopher > wrote: >> I think for the sake of security, it'd be better if this were on by >> default, and you just had to specify the --nogpgcheck >> For convenience, the error message should probably say "Error: GPG >> check FAIL

Re: DNF5: Checking signatures of packages installed out of a repository?

Am 14.11.23 um 22:04 schrieb Christopher: On Tue, Nov 14, 2023 at 9:30 AM Michael Catanzaro wrote: On Tue, Nov 14 2023 at 08:16:39 AM -0500, Christopher wrote: I think for the sake of security, it'd be better if this were on by default, and you just had to specify the --nogpgcheck For conven

Re: DNF5: Checking signatures of packages installed out of a repository?

On Tue, Nov 14, 2023 at 9:30 AM Michael Catanzaro wrote: > > On Tue, Nov 14 2023 at 08:16:39 AM -0500, Christopher > wrote: > > I think for the sake of security, it'd be better if this were on by > > default, and you just had to specify the --nogpgcheck > > For convenience, the error message shou

Re: DNF5: Checking signatures of packages installed out of a repository?

On Tue, Nov 14, 2023 at 9:24 AM Petr Pisar wrote: > > V Tue, Nov 14, 2023 at 08:16:39AM -0500, Christopher napsal(a): > > On Tue, Nov 14, 2023 at 8:03 AM Jaroslav Mracek wrote: > > > > > > I believe that one of the strong complains was related to not signed > > > packages. The use case is that w

Re: DNF5: Checking signatures of packages installed out of a repository?

Hello all, On Tuesday, November 14, 2023 8:16:39 AM EST Christopher wrote: > On Tue, Nov 14, 2023 at 8:03 AM Jaroslav Mracek > wrote: > > > > I believe that one of the strong complains was related to not signed > > packages. The use case is that when I build RPMs locally and then I > > install th

Re: DNF5: Checking signatures of packages installed out of a repository?

On Tue, Nov 14 2023 at 08:16:39 AM -0500, Christopher wrote: I think for the sake of security, it'd be better if this were on by default, and you just had to specify the --nogpgcheck For convenience, the error message should probably say "Error: GPG check FAILED (try again with '--nogpgcheck' to

Re: DNF5: Checking signatures of packages installed out of a repository?

V Tue, Nov 14, 2023 at 08:16:39AM -0500, Christopher napsal(a): > On Tue, Nov 14, 2023 at 8:03 AM Jaroslav Mracek wrote: > > > > I believe that one of the strong complains was related to not signed > > packages. The use case is that when I build RPMs locally and then I install > > them (see bell

Re: DNF5: Checking signatures of packages installed out of a repository?

On Tue, Nov 14, 2023 at 8:03 AM Jaroslav Mracek wrote: > > I believe that one of the strong complains was related to not signed > packages. The use case is that when I build RPMs locally and then I install > them (see bellow). > > dnf install *.rpm --setopt=localpkg_gpgcheck=true > ... > Package

Re: F40 Change Proposal: Linker Error on Security Issues (System-Wide)

The warnings mentioned in the blog were added to the 2.39 release of the GNU Binutils, so they should potentially be present in the build logs of any package built for f38 or later. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe

Re: DNF5: Checking signatures of packages installed out of a repository?

I would like to highlight a cool feature of DNF5 - drop-in directory for configuration overrides, where distribution may modify configuration of DNF5. Why I am mentioning it, because it allows to make a decision by distribution and the behavior might be modify outside of DNF5 package. Therefore

Re: F40 Change Proposal: Linker Error on Security Issues (System-Wide)

You can test for problems by searching the build logs for warnings from the linker: "has a LOAD segment with RWX permissions" "has a TLS segment with execute permission" "missing .note.GNU-stack section implies executable stack" There are also two related warning messages, although these

Re: DNF5: Checking signatures of packages installed out of a repository?

I believe that one of the strong complains was related to not signed packages. The use case is that when I build RPMs locally and then I install them (see bellow). dnf install *.rpm --setopt=localpkg_gpgcheck=true ... Package dnf-4.17.1-1.git.9598.552e61e.fc38.noarch.rpm is not signed Package dn

Re: F40 Change Proposal: Linker Error on Security Issues (System-Wide)

On Mon, Nov 13, 2023 at 07:26:04PM -0800, John Reiser wrote: > >Also, under what circumstances would thread local storage segments be > >executable? > > When the assembly-language source contains a statement such as > .section my_section_name,"atx" > where the "atx" are the attributes of the E