On Jul 12, 2011, at 8:19 AM, Yury V. Zaytsev wrote:
> On Tue, 2011-07-12 at 08:09 -0400, Jeff Johnson wrote:
>
>> There's a deep and fundamental flaw here that someone (not me) needs to
>> pay attention to.
>
> Should be me then or yet someone else ...?
>
All I know is "not me" (because not my code and not my packaging
and I don't have the time nor energy to explain why an integrity
check on all package metadata cannot be fixed by adding or deleting
information in the metadata.)
Either the metadata passes an integrity check or it doesn't.
There are no other solutions.
>> This is the 2nd report of interactions between signature
>> checking and dependencies I'm aware of.
>
> [...]
>
> I am unable to understand what you are talking about. I see no
> interaction between Provides: and signature checking. Could you please
> rephrase?
>
Perhaps I'm confused … there appear to be 2 problems in this thread.
The original report claimed
error: Failed dependencies:
ld-linux.so.2(GLIBC_PRIVATE) is needed by dante-1.3.1-1.el5.zyv.i386
A later report claimed that adding --nogpgcheck "fixed".
That was the basis of my comment:
Adding --nogpgcheck cannot solve a missing dependency.
If in the interim you have rebuilt dante and forgotten to sign and
so the package doesn't install, well, that is exactly what is supposed
to happen.
Apologies for my confusion. The first problem is/was a serious flaw
in need of a proper fix, which is why I monitor.
I've missed the fact that you've already fixed dante and so
the root cause changed.
73 de Jeff
_______________________________________________
users mailing list
[email protected]
http://lists.repoforge.org/mailman/listinfo/users
