Set SEQUOIA_CRYPTO_POLICY to the path of the crypto policy file shipped by rpm-sequoia-native. This allows signing rpm packages on hosts that do not have the crypto policy file for rpm-sequoia.
Signed-off-by: Zoltán Böszörményi <[email protected]> --- meta/classes/sign_rpm.bbclass | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/classes/sign_rpm.bbclass b/meta/classes/sign_rpm.bbclass index ee0c4808fa..0bcd10d1f3 100644 --- a/meta/classes/sign_rpm.bbclass +++ b/meta/classes/sign_rpm.bbclass @@ -40,6 +40,9 @@ RPM_GPG_BACKEND ?= 'local' RPM_FILE_CHECKSUM_DIGEST ?= '8' RPM_GPG_SIGN_CHUNK ?= "${BB_NUMBER_THREADS}" +# The file "rpm-sequoia.config" is shipped by rpm-sequoia[-native]. +# Use it to sign rpms. +export SEQUOIA_CRYPTO_POLICY = "${RECIPE_SYSROOT_NATIVE}${sysconfdir}/crypto-policies/back-ends/rpm-sequoia.config" python () { if d.getVar('RPM_GPG_PASSPHRASE_FILE'): -- 2.48.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#210827): https://lists.openembedded.org/g/openembedded-core/message/210827 Mute This Topic: https://lists.openembedded.org/mt/111007198/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
