Mailinglist Archive: opensuse-bugs (4067 mails)

< Previous Next >
[Bug 713013] New: rpm --delsign fails silently on packages built on factory
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Thu, 18 Aug 2011 22:35:21 +0000
  • Message-id: <bug-713013-21960@http.bugzilla.novell.com/>

https://bugzilla.novell.com/show_bug.cgi?id=713013

https://bugzilla.novell.com/show_bug.cgi?id=713013#c0


Summary: rpm --delsign fails silently on packages built on
factory
Classification: openSUSE
Product: openSUSE 12.1
Version: Factory
Platform: Other
OS/Version: Other
Status: NEW
Severity: Major
Priority: P5 - None
Component: Basesystem
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: pascal.bleser@xxxxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---


User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101
Firefox/5.0

We're having a really weird issue at Packman with packages that are built
with/for Factory: when we do an "rpm --delsign" on those packages, it just
fails with exit code 255 (and no further ado).

Needless to say that it works fine with stuff up to 11.4.

(We do it because it's part of our process, we re-sign packages with another
key when they're being put into the public repositories, for security reasons
but, unfortunately, --resign doesn't work at all and we have to --delsign
first, then --addsign).

Did anything change in rpm in factory in the last couple of weeks that could
affect that ? It worked until a few weeks ago.
It started failing since Jul 29 16:26:08 CEST 2011

Here is such an RPM where --delsign doesn't work (it's just 5kb) -- it really
affects all of them, but only on Factory:
http://dl.dropbox.com/u/2940942/fail.rpm

Note that this is really critical for us, as if the problem remains, we will
not be able to ship Packman packages for 12.1

Reproducible: Always

Steps to Reproduce:
1. build any RPM package on factory after 2011-07-29
2. rpm --checksig xyz.rpm => "(sha1) dsa sha1 md5 gpg OK"
3. perform "rpm --delsign" on that RPM package
4. the signature has not been removed: the output of "rpm --checksig xyz.rpm"
is the same while it should be "sha1 md5 OK"
Actual Results:
The package is still signed.

Expected Results:
The package should not have any signature.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >