You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, this module only works for signing RPMs that have md5/sha1 digests. The output below was generated with rpm -Kv to inspect RPMs built with fpm vs nfpm respectively.
Header SHA1 digest: OK
MD5 digest: OK
However, RPMs built with nfpm are with sha256 digests:
Header SHA256 digest: OK
Payload SHA256 digest: OK
I have uploaded the RPM built with nfpm for your testing purpose: nfpm.zip. You can also rerun the following commands to regenerate the RPM yourself:
nfpm package --config test.yaml --packager rpm
You can further inspect the test RPM:
% rpm -Kv test-1.0.0.x86_64.rpm
test-1.0.0.x86_64.rpm:
Header SHA256 digest: OK
Payload SHA256 digest: OK
% rpm -qpi test-1.0.0.x86_64.rpm
Name : test
Epoch : 0
Version : 1.0.0
Release : 1
Architecture: x86_64
Install Date: (not installed)
Group :
Size : 11
License : MIT
Signature : (none)
Source RPM : test-1.0.0-1.src.rpm
Build Date : Sat Aug 26 11:48:57 2023
Build Host : buildkitsandbox
Packager : test maintainer <[email protected]>
Vendor :
URL : https://nfpm.goreleaser.com/
Summary : Test RPM generated by nFPM
Description :
Test RPM generated by nFPM
please let me know if you need anything additional. Our use case here is to sign nfpm generated RPMs using SignRpmStream method. Currently these methods assumes md5 and sha1 digests by default.
If you try to sign the RPMs built with nfpm, you will get md5 digest mismatch error under current logic. This would be a nice feature as latest enterprise OS (e.g RHEL9) defaults to sha256 checksummed RPMs.
The text was updated successfully, but these errors were encountered:
Currently, this module only works for signing RPMs that have md5/sha1 digests. The output below was generated with
rpm -Kv
to inspect RPMs built with fpm vs nfpm respectively.However, RPMs built with nfpm are with sha256 digests:
I have uploaded the RPM built with nfpm for your testing purpose: nfpm.zip. You can also rerun the following commands to regenerate the RPM yourself:
You can further inspect the test RPM:
please let me know if you need anything additional. Our use case here is to sign nfpm generated RPMs using SignRpmStream method. Currently these methods assumes md5 and sha1 digests by default.
If you try to sign the RPMs built with nfpm, you will get
md5 digest mismatch
error under current logic. This would be a nice feature as latest enterprise OS (e.g RHEL9) defaults to sha256 checksummed RPMs.The text was updated successfully, but these errors were encountered: