summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Lehtonen <markus.lehtonen@linux.intel.com>2015-08-27 09:32:47 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-09-01 21:56:17 +0100
commitc419c64c30736ecc7b496161b4f9d9f3cc88102f (patch)
tree723003a44f5b8d9793640e58e285e9a6ebef546e
parent9ad34098907be1e5a997c176eb25e1c2b3c87d13 (diff)
downloadopenembedded-core-c419c64c30736ecc7b496161b4f9d9f3cc88102f.tar.gz
openembedded-core-c419c64c30736ecc7b496161b4f9d9f3cc88102f.tar.bz2
openembedded-core-c419c64c30736ecc7b496161b4f9d9f3cc88102f.zip
createrepo: disable RPM signature validation
Disable RPM signature validation so that it is possible to create package feeds of signed RPM packages without importing the public part of the signing key into the RPM database. In any case, the signatures are validated when the packages in the feed are used (e.g. in image generation of manually installing packages from the feed). The original idea idea of this patch is from Mark Hatle <mark.hatle@windriver.com>. [YOCTO #8134] Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch31
-rw-r--r--meta/recipes-support/createrepo/createrepo_0.4.11.bb17
2 files changed, 40 insertions, 8 deletions
diff --git a/meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch b/meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch
new file mode 100644
index 0000000000..905531f848
--- /dev/null
+++ b/meta/recipes-support/createrepo/createrepo/dumpMetadata-disable-signature-validation.patch
@@ -0,0 +1,31 @@
+dumpMetadata: disable signature validation
+
+Makes it possible to work on RPM repositories that contain signed packages
+without the need of importing the public part of the signing key into the RPM
+database.
+
+Upstream-Status: Pending
+
+Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
+---
+ dumpMetadata.py | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/dumpMetadata.py b/dumpMetadata.py
+index e40e8ac..ca6a82d 100644
+--- a/dumpMetadata.py
++++ b/dumpMetadata.py
+@@ -92,7 +92,9 @@ def returnHdr(ts, package):
+ fdno = package # let's assume this is an fdno and go with it :)
+ except OSError:
+ raise MDError, "Error opening file"
+- ts.setVSFlags((rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD))
++ ts.setVSFlags((rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD|
++ rpm.RPMVSF_NODSA|rpm.RPMVSF_NORSA|
++ rpm.RPMVSF_NODSAHEADER|rpm.RPMVSF_NORSAHEADER))
+ try:
+ hdr = ts.hdrFromFdno(fdno)
+ except rpm.error:
+--
+2.1.4
+
diff --git a/meta/recipes-support/createrepo/createrepo_0.4.11.bb b/meta/recipes-support/createrepo/createrepo_0.4.11.bb
index d6fe436f80..5f9ecf65f3 100644
--- a/meta/recipes-support/createrepo/createrepo_0.4.11.bb
+++ b/meta/recipes-support/createrepo/createrepo_0.4.11.bb
@@ -11,14 +11,15 @@ RDEPENDS_${PN}_class-target = "libxml2-python"
PR = "r9"
-SRC_URI= "http://createrepo.baseurl.org/download/${BP}.tar.gz \
- file://fix-native-install.patch \
- file://python-scripts-should-use-interpreter-from-env.patch \
- file://createrepo-rpm549.patch \
- file://recommends.patch \
- file://createrepo-dbpath.patch \
- file://rpm-createsolvedb.py \
- "
+SRC_URI = "http://createrepo.baseurl.org/download/${BP}.tar.gz \
+ file://fix-native-install.patch \
+ file://python-scripts-should-use-interpreter-from-env.patch \
+ file://createrepo-rpm549.patch \
+ file://recommends.patch \
+ file://createrepo-dbpath.patch \
+ file://dumpMetadata-disable-signature-validation.patch \
+ file://rpm-createsolvedb.py \
+ "
SRC_URI[md5sum] = "3e9ccf4abcffe3f49af078c83611eda2"
SRC_URI[sha256sum] = "a73ae11a0dcde8bde36d900bc3f7f8f1083ba752c70a5c61b72d1e1e7608f21b"