[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Time to resurrect multi-key signatures in RPM?



Bojan Smojver <bojan <at> rexursive.com> writes:

> Are these things exceptions to the rule or do majority of package have this
> kind of thing built in?

Actually, it should be quite easy to verify this. If someone from Red Hat could
run 'ls *.rpm | sort | while read pkg; do echo -en "$pkg\t"; rpm2cpio < $pkg |
sha1sum; done' for all Fedora packages built in koji of a distro/arch (say
F9/i386) and if Matt could do the same on his Dell build farm, we'll clearly see
what gives different checksums of cpio archives.

--
Bojan




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]