Patch itself looks good. @pmatilai is this what you had in mind?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3324#issuecomment-2371087804
You are receiving this because you are subscribed to this thread.
Message ID: __
Yes, but does it process all links before all regular files?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3311#issuecomment-2371074501
You are receiving this because you are subscribed to this thread.
Message ID: __
@ffesti commented on this pull request.
> @@ -353,13 +353,13 @@ Checking for key:
Version : eb04e625
Checking package after importing key:
/data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm:
-Header V4 RSA/SHA512 Signature, key ID 1f71177215217ee0: OK
+Header V4 RSA/SHA512 Signa
Closed #1096 as completed via #3318.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1096#event-14378750857
You are receiving this because you are subscribed to this thread.
Message ID:
___
R
Merged #3318 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3318#event-14378750603
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
@ffesti commented on this pull request.
> @@ -304,10 +319,16 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring,
> pgpDigParams sig, DIGEST_CTX ctx)
rpmlog(rc ? RPMLOG_ERR : RPMLOG_WARNING, "%s\n", lints);
free(lints);
}
-}
-
-if (keyring)
+ if (keyptr
@ffesti pushed 3 commits.
080f73d3b3f60045c8dc44c4256d1e37ec1ef0d9 Add rpmKeyringVerifySig2 that return
the matching key
f50252ce40039e6b4942988f1eaee98c21f55827 Add Key Fingerprints to rpmsinfoMsg()
6721c185060181d0af37e9f9472d58ceed91e704 Don't print key ID if we have the key
fingerprint
-
Merged #3270 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3270#event-14367671616
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
I have added these changes to #3321. So it is redundant now. Closing.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3292#issuecomment-2368874403
You are receiving this because you are subscribed to this thread.
Message ID: _
Closed #3292.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3292#event-14367634542
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mailing list
Rpm
Merged #3325 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3325#event-14367583163
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Merged #3326 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3326#event-14367567035
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
@ffesti commented on this pull request.
> free(pgpsubkeys);
}
*count = pgpsubkeysCount;
return subkeys;
}
+
+int rpmPubkeyFingerprint(rpmPubkey key, uint8_t **fp, size_t *fplen)
+{
+if (key == NULL)
+ return -1;
+key = key->mainkey;
+pthread_rwlock_rdl
@ffesti commented on this pull request.
> @@ -305,13 +306,30 @@ const char *rpmsinfoDescr(struct rpmsinfo_s *sinfo)
char *rpmsinfoMsg(struct rpmsinfo_s *sinfo)
{
char *msg = NULL;
+char *fphex = NULL;
+char *fpmsg = NULL;
+if (sinfo->rc == RPMRC_OK && sinfo->key) {
+ uin
@ffesti commented on this pull request.
> @@ -591,9 +609,11 @@ static rpmRC
verifySignature(rpmKeyring keyring, struct rpmsinfo_s *sinfo)
{
rpmRC res = RPMRC_FAIL;
-if (pgpSignatureType(sinfo->sig) == PGPSIGTYPE_BINARY)
- res = rpmKeyringVerifySig(keyring, sinfo->sig, sinfo->ctx
@ffesti pushed 2 commits.
44ef3bc1dabd7b2f5d4d653afa78db2292466071 Add rpmKeyringVerifySig2 that return
the matching key
0352deffbefd673a97e4178481fa0a917081dea6 Add Key Fingerprints to rpmsinfoMsg()
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3321/files/7f8d5c1c
@ffesti commented on this pull request.
> @@ -107,6 +117,15 @@ rpmPubkey rpmPubkeyLink(rpmPubkey key);
*/
char * rpmPubkeyBase64(rpmPubkey key);
+/** \ingroup rpmkeyring
+ * Return fingerprint of primary key
+ * @param key Pubkey
+ * @param fp Fingerprint data
+ * @param
OK, put https://github.com/rpm-software-management/rpm/pull/3292 underneath,
adjusted the message and the name of `rpmPubkeyFingerprint` and make the test
cases pass.
For now I have not remove the key IDs from the messages. I wonder if keeping
them is more backward compatible. While they are te
@ffesti pushed 5 commits.
b2e11786497a89e035ef2fed224f4fa67b607e1c Use long PGP Key IDs for all outputs
970b708e3a3fab4bb4802cca84a9d403a57bacd9 Use long PGP Key Ids in our test cases
bbc00e4b09e06d57772c4766acd876ef7b8b1184 Add rpmPubkeyFingerprint
760f81e6a918460835faddf8b6591b57aad9cbe3 Add
Turns out we actually can output the fingerprints without changing the backends.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3292#issuecomment-2365035964
You are receiving this because you are subscribed to this thread.
Message ID: __
This does not yet adjust the test cases. So 198 209 216 217 220 221 222 223 226
227 are failing due to unexpected key finger prints.
Can probably be used in combination with #3292 as this does not touch the keyid
output. Although we might want to skip the key id for verified signatures.
Related
Closed #1107 as completed via a76ef22c8f744fc2deaec2c578ec2fd46e552943.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1107#event-14325435393
You are receiving this because you are subscribed to this thread.
Message ID:
__
Closed #1107 as completed via #3305.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1107#event-14325435367
You are receiving this because you are subscribed to this thread.
Message ID:
___
R
Closed #3306 as completed via 1fbf8aeb4e78b8b4afeeaafcbc97b3cbf7cfeaba.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3306#event-14325435517
You are receiving this because you are subscribed to this thread.
Message ID:
__
Merged #3305 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3305#event-14325434974
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Commit messages of the first patch talks about versions before 4.0.2 while
https://github.com/rpm-software-management/rpm/pull/3305/commits/3e24b095c7ce0397c6211d2cebe5530154ef13fc
says "the immutable region as we know it appears in commit
https://github.com/rpm-software-management/rpm/commit/7d
OK, I guess I am not quite getting this sub key business yet. Doesn't the
signature list the KeyId of the subkey it was created with? Or does it point to
the main key and assumes the subkey will be found there?
After looking at this overall mess we figured a way to solve a lot of the
issues wi
Loop and test case added.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3311#issuecomment-2358276779
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint
@ffesti pushed 1 commit.
4936c42b4d8ed68af45fe220d24b2a69baaf9676 brp-remove-la-files: Remove symlinks,
too
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3311/files/8fc4e71f9b51438f09c8206ceb1b407bbaca8aab..4936c42b4d8ed68af45fe220d24b2a69baaf9676
You are receiving
@ffesti pushed 1 commit.
8fc4e71f9b51438f09c8206ceb1b407bbaca8aab brp-remove-la-files: Remove symlinks,
too
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3311/files/7fd4312b5f811152f302406b0a0275edb12a9108..8fc4e71f9b51438f09c8206ceb1b407bbaca8aab
You are receiving
Can you please test if the PR linked above fixes your issue? Thanks!
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3304#issuecomment-2355385569
You are receiving this because you are subscribed to this thread.
Message ID:
As we check for file contents delete symlink before looking at regular files.
Resolves: #3304
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/3311
-- Commit Summary --
* brp-remove-la-files: Remove symlinks, too
-- File Ch
Looking at the code and the history it looks like it always just matched
against regular files. We probably could add another run that matches symlinks
only before deleting the regular files. That way we can check the files being
linked to to be proper libtool library files.
--
Reply to this e
Here my findings so far:
### PGP KeyID and FingerPrint usage in RPM
* PGP Fingerprint: 20 or 32 bytes hash of public key (depending on key
algorithm)
* (Long) KeyId: last 8 bytes of Fingerprint
* Short KeyId: last 4 bytes of Fingerprint
Short KeyId is prone to (accidental) collisions
Long KeyI
Merged #3293 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3293#event-14246487852
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Closed #1292 as completed via #3293.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1292#event-14246488062
You are receiving this because you commented.
Message ID:
___
Rpm-maint mailing lis
This results in messages like `MD5 digest: NOTFOUND` which is confusing as the
MD5 sum may just be there RPM is just not looking for it. We should at least
give a message that shows we didn't even look - or may be give the status and
state that it is ignored. Not sure if this is possible with th
I wonder if messages like "MD5 digest: NOTFOUND" are really thing to do if we
don't even look at those checksums. It's not that they were not found they were
not looked for. May be we need a different message for when we ignore them.
--
Reply to this email directly or view it on GitHub:
https:/
Closed #3248 as completed via d99186f2ef6fc0dfaaefe599a98492a84fd18940.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3248#event-14245497584
You are receiving this because you are subscribed to this thread.
Message ID:
__
Closed #3248 as completed via #3282.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3248#event-14245497561
You are receiving this because you are subscribed to this thread.
Message ID:
___
R
Merged #3282 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3282#event-14245497357
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Closed #3290 as completed via #3296.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3290#event-14245298153
You are receiving this because you are subscribed to this thread.
Message ID:
___
R
Merged #3296 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3296#event-14245297793
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Thanks a lot! Good to have a native speaker reading over this. Added the
suggested changes.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3299#issuecomment-2346182247
You are receiving this because you are subscribed to this thread.
Me
@ffesti pushed 1 commit.
255a8fa4647ff07a66fb4d63d41c6c54696d3293 Reference Manual: RPM's Philosophy
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3299/files/2efe3cfb546c4f9bed0d5a8c9ab99463991d6bf8..255a8fa4647ff07a66fb4d63d41c6c54696d3293
You are receiving this bec
@ffesti pushed 1 commit.
2efe3cfb546c4f9bed0d5a8c9ab99463991d6bf8 Reference Manual: RPM's Philosophy
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3299/files/82a40f72c7574400c0f7995a7497b538ca566861..2efe3cfb546c4f9bed0d5a8c9ab99463991d6bf8
You are receiving this bec
First brain dump.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/3299
-- Commit Summary --
* About Reference Manual
* Reference Manual: RPM's Philosophy
-- File Changes --
M docs/CMakeLists.txt (2)
A docs/manual
Internally it looks like most places are just using the Key ID. Especially the
rpmkeyring is using it as a key in the hash of all Pubkeys. If we don't have
any hope to move that to Fingerprints as the v3 signatures won't offer them
anyway, we might need to go down another route and just verify s
OK, sketched a patch for moving from short to long Key IDs in the messages:
#3292. This is trivial to do but may be not trivial to deal with.
Moving to Fingerprints is not quite as trivial. We do have the means to get
Fingerprints from PGP keys but so far we lack that for signatures. I am
curre
Here how dropping the Short PGP KEy IDs in favor of long ones would look like.
We still need to discuss if this really is a change we want in this magnitue or
if we need to keep the old behavior at some places.
You can view, comment on, or merge this pull request online at:
https://github.com/
See https://issues.redhat.com/browse/RHEL-54386 for details
This need examination to check whether this affects newer versions, too. rpm in
RHEL 8 has a modern version of the fsm. So it is possible that this is an
general issue. It could also be an unfortunate interaction between the new fsm
co
This is a continuation of #3100. Unsafe symlinks are detected during
installation and create a failure. This is the right thing to do in case we
encounter such things at this phase. But we really need to check for this in
advance during the transaction check and not even start the transaction if
OK, I could have worded that better. Yes, we need to issue a warning for all
new usages. We will need to issue a warning to all usages the release before we
actually remove the functions - with the hope that old usage has died out til
then.
--
Reply to this email directly or view it on GitHub:
if we don't actually remove the functions this is fine. We just need to issue
the warnings in the last RPM version before removing them.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3270#issuecomment-2325922685
You are receiving this b
Anti social or not, the reason for these warning is that those packages won't
work with the next RPM version. Not sure if keeping the users in the dark will
do them any favors. Right now they can demand the vendor to fix their packages
before it is too late.
--
Reply to this email directly or
Closed #2779 as completed via #3266.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2779#event-14100703175
You are receiving this because you are subscribed to this thread.
Message ID:
___
R
Merged #3266 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3266#event-14100702929
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
@ffesti commented on this pull request.
> rasprintf(&stripcd, " -C '%s' %s", dstpath, sr ?
> "--strip-components=1" : "");
+ else {
+ char * moveup;
+ if (sr)
+ /* rename top dir to tmp name to avoid collisions */
+ /* then move fi
@ffesti commented on this pull request.
> rasprintf(&stripcd, " -C '%s' %s", dstpath, sr ?
> "--strip-components=1" : "");
+ else {
+ char * moveup;
+ if (sr)
+ rasprintf(&moveup, " ; tmp=`mktemp -u -p'%s'` ; mv %s/%s $tmp ;
(shopt -s dotglob;
@ffesti pushed 4 commits.
cd1cd3db284ab856ceb96fdad02ccdaeb8415cc1 rpmuncompress: Support -C for zip and
7zip archives
3a2802f5c86981bfa97ccf0b1cddd4087f8f443f Add 7zip to test container
4478f6f989805bd129fe28544011fbc74bf2204e rpmuncompress: Silence 7zip by default
85a8e329b920378e6376a098545
@ffesti pushed 5 commits.
9b0a45373ae186b51b13675d3c04910c2c2e4e4c Return unique top directory iff it
exists
b0605e8199e2981a5dcd90b7db89c95f868a68e2 rpmuncompress: Support -C for zip and
7zip archives
9def583034cf98f4db61637fcdc88d1cbf8913cd Add 7zip to test container
085e14bfbb182ab06f75e80
@ffesti pushed 5 commits.
c898934eb6ae6555b207d71ac334031e5ddcf10b Return unique top directory iff it
exists
d0533a6bf3e581156fe93a2e5537c0f92f72cd4d rpmuncompress: Support -C for zip and
7zip archives
54150e300e860b4a344338d65a63ec987d99542b Add 7zip to test container
d49a0a86026a156dc82f840
@ffesti commented on this pull request.
> rasprintf(&stripcd, " -C '%s' %s", dstpath, sr ?
> "--strip-components=1" : "");
+ else {
+ char * moveup;
+ if (sr)
+ rasprintf(&moveup, " ; tmp=`mktemp -u -p'%s'` ; mv %s/%s $tmp ;
(shopt -s dotglob;
@ffesti pushed 6 commits.
76341bbf7c8f6fbc9a2974ab61f4803b5ca932c3 Replace gcc only ? : operator usage
dbfb4760bfd881e8079b91367278ac27ba91b318 Return unique top directory iff it
exists
70deabf7d1477c9b3ee9e5604a6b086d133a0c44 rpmuncompress: Support -C for zip and
7zip archives
2ffedb4f4be39f
@ffesti commented on this pull request.
> /* Do all entries in the archive start with the same lead directory? */
rootLen = sep - rootName + 1;
while (archive_read_next_header(a, &entry) == ARCHIVE_OK) {
const char *p = archive_entry_pathname(entry);
@ffesti commented on this pull request.
> rasprintf(&stripcd, " -C '%s' %s", dstpath, sr ?
> "--strip-components=1" : "");
+ else {
+ char * moveup;
+ if (sr)
+ rasprintf(&moveup, " ; tmp=`mktemp -u -p'%s'` ; mv %s/%s $tmp ;
(shopt -s dotglob;
@ffesti pushed 1 commit.
93202e3ae4c5fabb01565413182106e0e51c730e Test cases for rpmuncompress -C with
zip and 7zip files
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3263/files/0232655eedb33a0f8a6696683220ccd00230ec69..93202e3ae4c5fabb01565413182106e0e51c730e
You
@ffesti pushed 3 commits.
0a425be64840be74c7e6d6fce27f9fe80b0d72e8 Add 7zip to test container
7ceff601ebf0248cf8dd68615cb25799a7794d2e rpmuncompress: Silence 7zip by default
0232655eedb33a0f8a6696683220ccd00230ec69 Test cases for rpmuncompress -C with
zip and 7zip files
--
View it on GitHub:
As both don't support an equivalent to tars --strip-components=1 we move
the files out of top directory ourselves with shell commands.
Support for Ruby gems is still missing - iff at all possible or desirable.
You can view, comment on, or merge this pull request online at:
https://github.c
Closed #3250 as completed via 671fc8e5d6633c14c9621903a23c0040acb43f65.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3250#event-14058206815
You are receiving this because you are subscribed to this thread.
Message ID:
__
Closed #3250 as completed via #3257.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3250#event-14058206757
You are receiving this because you are subscribed to this thread.
Message ID:
___
R
Merged #3257 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3257#event-14058206543
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Merged as #3259
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061#issuecomment-2316972840
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing
Closed #3061.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061#event-14057554180
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mailing list
Rpm
Closed #3057 as completed via e0b9ffea8e73710622316e0308856cba96407d9a.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3057#event-14057547056
You are receiving this because you are subscribed to this thread.
Message ID:
__
Merged #3259 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3259#event-14057546700
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Rebased to master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061#issuecomment-2315201438
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailin
OK, this fails a couple of other test cases. Back to %_enable_debug_packages.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061#issuecomment-2315165199
You are receiving this because you are subscribed to this thread.
Message ID: _
@ffesti pushed 1 commit.
ff44c6e47419ba16e91cf1e5e83a124aab21e41d Honor _enable_debug_packages when
processing files
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061/files/1e77f71cd3f140e4a5092cfe0dff0634a98c2f0b..ff44c6e47419ba16e91cf1e5e83a124aab21e41d
You are r
It does. Moved to %__debug_package. There are just too many macros...
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061#issuecomment-2315102900
You are receiving this because you are subscribed to this thread.
Message ID: _
@ffesti pushed 1 commit.
1e77f71cd3f140e4a5092cfe0dff0634a98c2f0b Honor _enable_debug_packages when
processing files
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061/files/ff44c6e47419ba16e91cf1e5e83a124aab21e41d..1e77f71cd3f140e4a5092cfe0dff0634a98c2f0b
You are r
Added a test case based on the diff and also disabled buildid creation.
This change now uses `%_enable_debug_packages` to controll the behavior instead
of `%debug_package` which is a template for the debuginfo package and not
really a switch.
--
Reply to this email directly or view it on GitHu
@ffesti pushed 1 commit.
ff44c6e47419ba16e91cf1e5e83a124aab21e41d Honor _enable_debug_packages when
processing files
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3061/files/43c6c118cf115d0b0d0e4cbb6e925aa5cf98c09a..ff44c6e47419ba16e91cf1e5e83a124aab21e41d
You are r
Merged as #3246
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3175#issuecomment-2312314395
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing
Closed #3175.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3175#event-14027082231
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mailing list
Rpm
Closed #3100 as completed via 535eacc96ae6fe5289a2917bb0af43e491b0f4f4.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3100#event-14027072346
You are receiving this because you are subscribed to this thread.
Message ID:
__
Merged #3246 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3246#event-14027072022
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
Here you go.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3175#issuecomment-2289004388
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
@ffesti pushed 1 commit.
4b195968b3e4a57e02cabd0f089b60a4edeeaa47 Improve error reporting in the fsm
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3175/files/adcb9a538998be05aaa61132be09b6fbd97d0cc7..4b195968b3e4a57e02cabd0f089b60a4edeeaa47
You are receiving this bec
> Looks much better.
>
> I'd leave fsmOpenat() return value alone and instead add the rc as the last
> argument 'int *rcp' (args returning data are typically last in rpm), that
> should require fewer changes across the board.
Well, I modeled it after `static int fsmOpen(int *wfdp, int dirfd, c
@ffesti pushed 1 commit.
adcb9a538998be05aaa61132be09b6fbd97d0cc7 Improve error reporting in the fsm
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3175/files/341abaf4de2ec1c933577e4af688e70816d663fc..adcb9a538998be05aaa61132be09b6fbd97d0cc7
You are receiving this bec
@ffesti pushed 1 commit.
341abaf4de2ec1c933577e4af688e70816d663fc Improve error reporting in the fsm
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3175/files/88649f3d1fe7b84520d2753bf6e95c8411570f45..341abaf4de2ec1c933577e4af688e70816d663fc
You are receiving this bec
Looks like useradd has [sys_chroot
capability](https://github.com/fedora-selinux/selinux-policy/blob/rawhide/policy/modules/admin/usermanage.te#L525)
and and [groupadd just
hasn't](https://github.com/fedora-selinux/selinux-policy/blob/rawhide/policy/modules/admin/usermanage.te#L215).
Weird...
Yup. The case above sets the chroot dir to
```
dr-xr-xr-x. 18 root root system_u:object_r:root_t:s0 4096 Aug 8 10:47 ../test
```
while without the selinux plugin it is
```
dr-xr-xr-x. 11 root root unconfined_u:object_r:var_t:s0 4096 Aug 8 10:50
../test
```
--
Reply to this email directly or
OK, this is weird. The test case in #3186 succeeds in chrooting and then fails
due to the empty chroot. Here we fail a step earlier. I wonder if dnf is not
running the in same SELinunx context than RPM.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-manage
I don't think a updated SELinux policy will fix this. There are the parts of
the strace that look relevant:
```
openat(AT_FDCWD, "/etc/selinux/config", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No
such file or directory)
futex(0x7f0dbd7441a0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
openat(AT_FDCWD,
"/etc/s
This looks very much like a duplicate of #3186. Or is there anything that makes
this distinct?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3227#issuecomment-2275114304
You are receiving this because you are subscribed to this thread
OK, digging through the shadow utils source code it looks like it is the
SELinux handling that fails - without any SELinux failures being recorded.
Creating /sys/fs/selinux/enforce in the chroot with a `0` in it make the code
pass as it is content with SELinux being in permissive mode.
--
Repl
Closed #3029 as completed via #3235.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3029#event-13791308625
You are receiving this because you are subscribed to this thread.
Message ID:
___
R
Merged #3235 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3235#event-13791308358
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint mail
1 - 100 of 1030 matches
Mail list logo