[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: yum-presto not on by default

From: Seth Vidal <skvidal fedoraproject org>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: yum-presto not on by default
Date: Wed, 23 Sep 2009 09:36:16 -0400 (EDT)



On Wed, 23 Sep 2009, Jonathan Dieter wrote:

As I think may have been mentioned elsewhere, the *only* problem is that
the rpm signatures must match and the signatures are over the
*compressed* rpm.

I would *love* to see deltarpm rebuilding uncompressed rpms, but that
will require storing two signatures per rpm in the metadata (compressed
and uncompressed sha256), and either modifying yum to check the
appropriate one, or deltarpm to change the rpm's signature to the
uncompressed one.

I don't think we want to go down the road of having deltarpm-rebuilt
rpms not having their signature checked at all.

I agree about having to deal with the signatures but as a minor mitigatingcircumstance - we're going to be gpg signing the repomd.xml - which shouldat least help you keep a safe infrastructure down to the deltarpmmetadata.

-sv

References:
- yum-presto not on by default
  - From: Jonathan Dieter
- Re: yum-presto not on by default
  - From: Michal Schmidt
- Re: yum-presto not on by default
  - From: drago01
- Re: yum-presto not on by default
  - From: Jonathan Dieter

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]