[Rpm-maint] [rpm-software-management/rpm] How to pack a symbolic link file with the file link to not just a link file (#1122)

2020-03-15 Thread fbs2016
I try to pack rpm package which include a symbolic link file, I want to pack 
the file which the symbolic link file links to, but failed. Is there any 
options to enable the function? Or rpmbuild don't support it? 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1122___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint


Re: [Rpm-maint] [rpm-software-management/rpm] Add support for fsverity signatures (#1121)

2020-03-15 Thread jessorensen
> Care to explain to the uninitiated layman such as myself why would we 
> want/need this in rpm, since there already is IMA?

Certainly!

IMA and fs-verity operate very differently, in particular IMA is a lot more 
complex and and has substantially higher system overhead when reading signed 
files off the file system. It also requires one to use the full IMA system.

fs-verity works by using a Merkle tree to generate a checksum for every data 
block in the system, and reads will fail if a single data block read fails it's 
checksum. The signature of the the file is validated against a public key 
loaded into the kernel keyring.

The fs-verity signature is basically a signature of the root digest of the 
Merkle tree.

Happy to elaborate further

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1121#issuecomment-599285238___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint