> On Mar 5, 2021, at 2:50 PM, David Howells <dhowe...@redhat.com> wrote: > > Eric Snowberg <eric.snowb...@oracle.com> wrote: > >> @@ -11,7 +11,7 @@ hostprogs-always-$(CONFIG_ASN1) >> += asn1_compiler >> hostprogs-always-$(CONFIG_MODULE_SIG_FORMAT) += sign-file >> hostprogs-always-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += extract-cert >> hostprogs-always-$(CONFIG_SYSTEM_EXTRA_CERTIFICATE) += insert-sys-cert >> - hostprogs-always-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += extract-cert >> +hostprogs-always-$(CONFIG_SYSTEM_REVOCATION_LIST) += extract-cert > > Hmmm... We have extract-cert listed twice. Does that matter, I wonder?
Isn’t this necessary, since one could build with either CONFIG_SYSTEM_REVOCATION_LIST or CONFIG_SYSTEM_TRUSTED_KEYRING, without the other being defined?
