On 11.02.2015 15:23, Jeffrey Johnson wrote:
DIsable the header signature checking with rpm -Va by removing the lines below
in lib/verify.c
73 de Jeff
===========================================
/* Verify header digest/signature. */
if (qva->qva_flags & (VERIFY_DIGEST | VERIFY_SIGNATURE))
{
const char * horigin = headerGetOrigin(h);
const char * msg = NULL;
size_t uhlen = 0;
void * uh = headerUnload(h, &uhlen);
int lvl = headerCheck(rpmtsDig(ts), uh, uhlen, &msg) == RPMRC_FAIL
? RPMLOG_ERR : RPMLOG_DEBUG;
rpmlog(lvl, "%s: %s\n",
(horigin ? horigin : "verify"), (msg ? msg : ""));
rpmtsCleanDig(ts);
uh = _free(uh);
msg = _free(msg);
}
applied this patch:
http://git.pld-linux.org/?p=packages/rpm.git;a=commitdiff;h=8b6cca9fe5a04dd48c84e7fd65fbfd177acaa1b3
now "rpm -Va >/dev/null" is silent:
# rpm -q rpm
rpm-5.4.15-10.1.x86_64
# rpm -Va >/dev/null
#
i found something weird, if i do rpm -V pkgname, the header verification
error is not printed, but rpm -Va shows the error for every package
(besides gpg-pubkey) in the system.
# for a in `rpm -qa`; do rpm -V $a; done >/dev/null
#
and:
# rpm -Va >/dev/null 2>out
# head -n 3 out
error: rpmdb (h#3): Header V4 DSA signature: BAD, key ID e4f1bc2d
error: rpmdb (h#4): Header V4 DSA signature: BAD, key ID e4f1bc2d
error: rpmdb (h#5): Header V4 DSA signature: BAD, key ID e4f1bc2d
# tail -n 3 out
error: rpmdb (h#255): Header V4 DSA signature: BAD, key ID e4f1bc2d
error: rpmdb (h#256): Header V4 DSA signature: BAD, key ID e4f1bc2d
error: rpmdb (h#257): Header V4 DSA signature: BAD, key ID e4f1bc2d
# rpm -qa|wc -l
186
# wc -l out
177 out
--
glen
_______________________________________________
pld-devel-en mailing list
pld-devel-en@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
