Would it be possible to query those tags, via RPM query itself ?
Thinking of something like
rpm -qp --qf '%{applicationspecifictag}\n' ./application.rpm
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/r
Depends on the implementation: the existing implementation in RPM5 permits
configured arbitrary tags to be used in query formats
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/
I would also suggest that the current implementation which does not permit a
single build-and-sign operation has a larger attack surface, permitting an
unsigned package to be modified until signed.
I do not understand the reasoning that claims that a single build-and-sign
command is deemed "ins
See issue #454 for a suggestion to pass passwords to helpers (like rpmbuild)
using kernel keyrings, the same mechanism commonly used to hold file system
passwords when needed.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
To clarify how kernel keyrings could be used to preserve --sign behavior ...
The popt alias for rpmbuild --sign extracts the names of just built *.rpm files
from stdout and invokes rpmsign on those packages.
The rpmbuild options like --macros and --define are not copied to rpmsign.
Instead of
