diff options
| author |   yzhu1 <yanjun.zhu@windriver.com> | 2015-07-08 11:30:57 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-07-08 13:14:06 +0100 |
| commit | fdaa9115fb20d4af49ce8407b5785096c66ecf6c (patch) | |
| tree | 42bd1ec6e7b0ac8b6ba9319948bc1da8df06a50a /meta/recipes-devtools/rpm/rpm_5.4.14.bb | |
| parent | c82557d2bf8c3d8081754561df46cba530103164 (diff) | |
| download | openembedded-core-contrib-fdaa9115fb20d4af49ce8407b5785096c66ecf6c.tar.gz | |
rpm: disable external key server
When RPM experiences a signed package, with a signature that it does NOT know.
By default it will send the -fingerprint- (and only the 16 digit fingerprint)
to an external HKP server, trying to get the key down.
This is probably not a reasonable default behavior for the system to do,
instead it should simply fail the key lookup. If someone wants to enable the
HKP server it's easy enough to do by enabling the necessary macros.
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/rpm/rpm_5.4.14.bb')
| -rw-r--r-- | meta/recipes-devtools/rpm/rpm_5.4.14.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb b/meta/recipes-devtools/rpm/rpm_5.4.14.bb index 2e17a91137..bff0687e6c 100644 --- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb +++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb @@ -94,6 +94,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e file://no-ldflags-in-pkgconfig.patch \ file://rpm-lua-fix-print.patch \ file://rpm-check-rootpath-reasonableness.patch \ + file://rpm-macros.in-disable-external-key-server.patch \ " # Uncomment the following line to enable platform score debugging |