[packman] RPM problem with packet signatures (not zypper and repomd.xml!)
Marc Schiffbauer
marc at links2linux.de
Wed Mar 30 23:55:50 CEST 2011
* Leon Freitag schrieb am 23.03.11 um 19:20 Uhr:
> > Hm maybe. But I am sorry I cannot check this due to the lack of a
> > 11.1 Installation, anyone else?
> I just remembered I had the same issue back in the days when every packager
> used his own key to manually sign the packages. I had a 4096 bit key, and I
> had to generate a new 1024 bit key to work around the problem. But this was
> back in 2006, when 10.1 with the buggy package management was out, and the
> error was slightly different, too. See here:
>
> http://lists.links2linux.de/pipermail/packman/2006-April/002406.html
>
> However the bug might have been unaddressed in rpm until the advent of rpm
> 4.7.1; opensuse 11.1 has rpm 4.4.x
>
> https://bugzilla.redhat.com/show_bug.cgi?id=436812
>
> > Maybe we can offer a backported rpm version from 11.2 for 11.1?
>
> Hopefully it won't break anything. Additionally, users would have to either
> install it off the repository or disable signature checks (since the package
> would be signed with a bad key either)
We might offer a single rpm package outside the repository that is
signed with a different key. After that everything would work nomal
again.
>
> Maybe signing the 11.1 packages with a separate 1024 bit signing key could be
> an alternative, or is it too much of a hassle?
Yep, that would be too complicated and IMO will add more confusion than it
would solve.
-Marc
--
8AAC 5F46 83B4 DB70 8317 3723 296C 6CCA 35A6 4134
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: not available
URL: <http://lists.links2linux.de/pipermail/packman/attachments/20110330/a07467f0/attachment.sig>
More information about the Packman
mailing list