2025. 02. 03. 13:37 keltezéssel, Alexander Kanavin írta:
On Mon, 3 Feb 2025 at 13:24, Zoltán Böszörményi <[email protected]> wrote:
+ # Test rpm-sequoia's default built-in policy
+ os.environ['SEQUOIA_CRYPTO_POLICY'] = ''
+
+ # Test rpm-sequoia's default built-in policy
+ os.environ['SEQUOIA_CRYPTO_POLICY'] = ''
+
+ # Test rpm-sequoia's default built-in policy
+ os.environ['SEQUOIA_CRYPTO_POLICY'] = ''
+
This should be set just before the signing actually happens, and not
only in the test.
I decided to actually ship a crypto policy file in the rpm-sequoia
recipe, so dnf / rpm can use it on the target system. It is also used
in sign_rpm.bbclass and in the test case.
I have already confirmed on my Fedora build host,
that with no policy file present (either at the default path by
renaming Fedora's own file in /etc to simulate a non-rpm based
host or using a non-existing path in SEQUOIA_CRYPTO_POLICY) the signing test
case fails.
I will send the new series once the test case succeeds with
everything in place properly.
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#210779):
https://lists.openembedded.org/g/openembedded-core/message/210779
Mute This Topic: https://lists.openembedded.org/mt/110969405/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
