Hi Ken,
On February 14, 2022 5:10:41 PM UTC, Ken Dreyer wrote:
>Hi folks,
>
>I've been researching IMA signing with RPM. This is a new feature in
>CentOS 9 that has not been enabled in Fedora
>
>I'm not an IMA expert, and I don't work on this for Red Hat, I'm just
>an interested user. (In particular, I'm interested in how our build
>systems track signatures, and how those get passed along the rest of
>the pipeline.)
>
>I'm finding there's no simple "guide to RPM and IMA" where I might
>contribute further documentation, so for now I've posted my notes and
>code to https://github.com/ktdreyer/ima
>
>It would be great to build some sort of documentation site that
>explains this stuff, but it's unclear to me what is the RPM team's
>responsibility vs other teams, etc. See
>https://github.com/rpm-software-management/rpm-web/issues/28 for
>example - RPM has a new "FILESIGNATURES" header, but no docs for that.
>
>What's a better place for this documentation to live?
I suppose that the RPM specifics should go into RPM's documentation. And
everything else that covers the Fedora bits and pieces, like copr, koji, pungi,
etc should go to docs.fedoraproject.org.
Cheers,
Dan
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
