Merge remote-tracking branch 'origin/main' into joschmit/prefer-local-packages
This commit is contained in:
Joe Schmitt
commit
13fe570830
|
|
@ -0,0 +1,23 @@
|
|||
diff --git a/client/rpmtrans.c b/client/rpmtrans.c
|
||||
index d776d30..ca90fa7 100644
|
||||
--- a/client/rpmtrans.c
|
||||
+++ b/client/rpmtrans.c
|
||||
@@ -584,9 +584,15 @@ TDNFTransAddInstallPkg(
|
||||
fp,
|
||||
pszFilePath,
|
||||
&rpmHeader);
|
||||
- //If not checking gpg sigs, ignore signature errors
|
||||
- if(!nGPGSigCheck && (dwError == RPMRC_NOTTRUSTED || dwError == RPMRC_NOKEY))
|
||||
- {
|
||||
+ if(dwError == RPMRC_NOTTRUSTED || dwError == RPMRC_NOKEY)
|
||||
+ {
|
||||
+ // If not checking gpg sigs, ignore signature errors.
|
||||
+ //
|
||||
+ // If checking GPG signatures, ignore signatures errors.
|
||||
+ // These errors can be ignored safely as the gpg signatures have already been validated for the file
|
||||
+ // in the above `TDNFGPGCheck` call. If an RPM with an invalid signature is provided,
|
||||
+ // the code will never reach this point.
|
||||
+ // TDNF's gpg keyring is a superset of RPM's built in one, and any gpg files provided in the repo config.
|
||||
dwError = 0;
|
||||
}
|
||||
BAIL_ON_TDNF_RPM_ERROR(dwError);
|
||||
|
|
@ -5,7 +5,7 @@
|
|||
Summary: dnf/yum equivalent using C libs
|
||||
Name: tdnf
|
||||
Version: 2.1.0
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Vendor: Microsoft Corporation
|
||||
Distribution: Mariner
|
||||
License: LGPLv2.1 and GPLv2
|
||||
|
|
@ -45,6 +45,7 @@ Patch3: tdnf-add-showorder-argument.patch
|
|||
Patch4: tdnf-add-mariner-release.patch
|
||||
Patch5: tdnf-support-multiple-gpgkeys.patch
|
||||
Patch6: tdnf-add-download-no-deps-command.patch
|
||||
Patch7: tdnf-use-custom-keyring-for-gpg-checks.patch
|
||||
|
||||
%description
|
||||
tdnf is a yum/dnf equivalent which uses libsolv and libcurl
|
||||
|
|
@ -185,6 +186,8 @@ find %{buildroot} -name '*.pyc' -delete
|
|||
%{python3_sitelib}/*
|
||||
|
||||
%changelog
|
||||
* Fri Aug 14 2020 Joe Schmitt <joschmit@microsoft.com> 2.1.0-4
|
||||
- Add tdnf-use-custom-keyring-for-gpg-checks.patch
|
||||
* Thu Jul 30 2020 Joe Schmitt <joschmit@microsoft.com> 2.1.0-3
|
||||
- Add tdnf-add-download-no-deps-command.patch.
|
||||
* Wed Jul 29 2020 Emre Girgin <mrgirgin@microsoft.com> 2.1.0-2
|
||||
|
|
|
|||
|
|
@ -52,11 +52,6 @@
|
|||
"KernelOptions": {
|
||||
"default": "kernel"
|
||||
},
|
||||
"PostInstallScripts":[
|
||||
{
|
||||
"Path": "postinstallscripts/mariner/import-keys-patch.sh"
|
||||
}
|
||||
],
|
||||
"Hostname": "cbl-mariner"
|
||||
}
|
||||
]
|
||||
|
|
|
|||
|
|
@ -50,11 +50,6 @@
|
|||
"KernelOptions": {
|
||||
"default": "kernel"
|
||||
},
|
||||
"PostInstallScripts":[
|
||||
{
|
||||
"Path": "postinstallscripts/mariner/import-keys-patch.sh"
|
||||
}
|
||||
],
|
||||
"Hostname": "cbl-mariner"
|
||||
}
|
||||
]
|
||||
|
|
|
|||
|
|
@ -51,11 +51,6 @@
|
|||
"KernelOptions": {
|
||||
"default": "kernel"
|
||||
},
|
||||
"PostInstallScripts":[
|
||||
{
|
||||
"Path": "postinstallscripts/mariner/import-keys-patch.sh"
|
||||
}
|
||||
],
|
||||
"Users": [
|
||||
{
|
||||
"Name": "root"
|
||||
|
|
|
|||
|
|
@ -1,7 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Import the RPM Metadata Key
|
||||
rpm --import /etc/pki/rpm-gpg/MICROSOFT-METADATA-GPG-KEY
|
||||
|
||||
# Import the RPM GPG Key
|
||||
rpm --import /etc/pki/rpm-gpg/MICROSOFT-RPM-GPG-KEY
|
||||
|
|
@ -132,9 +132,9 @@ libssh2-devel-1.9.0-1.cm1.aarch64.rpm
|
|||
curl-7.68.0-1.cm1.aarch64.rpm
|
||||
curl-devel-7.68.0-1.cm1.aarch64.rpm
|
||||
curl-libs-7.68.0-1.cm1.aarch64.rpm
|
||||
tdnf-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-cli-libs-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-devel-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-2.1.0-4.cm1.aarch64.rpm
|
||||
tdnf-cli-libs-2.1.0-4.cm1.aarch64.rpm
|
||||
tdnf-devel-2.1.0-4.cm1.aarch64.rpm
|
||||
createrepo_c-0.11.1-6.cm1.aarch64.rpm
|
||||
libxml2-2.9.10-1.cm1.aarch64.rpm
|
||||
libxml2-devel-2.9.10-1.cm1.aarch64.rpm
|
||||
|
|
|
|||
|
|
@ -132,9 +132,9 @@ libssh2-devel-1.9.0-1.cm1.x86_64.rpm
|
|||
curl-7.68.0-1.cm1.x86_64.rpm
|
||||
curl-devel-7.68.0-1.cm1.x86_64.rpm
|
||||
curl-libs-7.68.0-1.cm1.x86_64.rpm
|
||||
tdnf-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-cli-libs-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-devel-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-2.1.0-4.cm1.x86_64.rpm
|
||||
tdnf-cli-libs-2.1.0-4.cm1.x86_64.rpm
|
||||
tdnf-devel-2.1.0-4.cm1.x86_64.rpm
|
||||
createrepo_c-0.11.1-6.cm1.x86_64.rpm
|
||||
libxml2-2.9.10-1.cm1.x86_64.rpm
|
||||
libxml2-devel-2.9.10-1.cm1.x86_64.rpm
|
||||
|
|
|
|||
|
|
@ -357,12 +357,12 @@ systemd-devel-239-30.cm1.aarch64.rpm
|
|||
systemd-lang-239-30.cm1.aarch64.rpm
|
||||
tar-1.32-2.cm1.aarch64.rpm
|
||||
tar-debuginfo-1.32-2.cm1.aarch64.rpm
|
||||
tdnf-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-cli-libs-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-debuginfo-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-devel-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-plugin-repogpgcheck-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-python-2.1.0-3.cm1.aarch64.rpm
|
||||
tdnf-2.1.0-4.cm1.aarch64.rpm
|
||||
tdnf-cli-libs-2.1.0-4.cm1.aarch64.rpm
|
||||
tdnf-debuginfo-2.1.0-4.cm1.aarch64.rpm
|
||||
tdnf-devel-2.1.0-4.cm1.aarch64.rpm
|
||||
tdnf-plugin-repogpgcheck-2.1.0-4.cm1.aarch64.rpm
|
||||
tdnf-python-2.1.0-4.cm1.aarch64.rpm
|
||||
texinfo-6.5-7.cm1.aarch64.rpm
|
||||
texinfo-debuginfo-6.5-7.cm1.aarch64.rpm
|
||||
unzip-6.0-15.cm1.aarch64.rpm
|
||||
|
|
|
|||
|
|
@ -357,12 +357,12 @@ systemd-devel-239-30.cm1.x86_64.rpm
|
|||
systemd-lang-239-30.cm1.x86_64.rpm
|
||||
tar-1.32-2.cm1.x86_64.rpm
|
||||
tar-debuginfo-1.32-2.cm1.x86_64.rpm
|
||||
tdnf-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-cli-libs-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-debuginfo-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-devel-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-plugin-repogpgcheck-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-python-2.1.0-3.cm1.x86_64.rpm
|
||||
tdnf-2.1.0-4.cm1.x86_64.rpm
|
||||
tdnf-cli-libs-2.1.0-4.cm1.x86_64.rpm
|
||||
tdnf-debuginfo-2.1.0-4.cm1.x86_64.rpm
|
||||
tdnf-devel-2.1.0-4.cm1.x86_64.rpm
|
||||
tdnf-plugin-repogpgcheck-2.1.0-4.cm1.x86_64.rpm
|
||||
tdnf-python-2.1.0-4.cm1.x86_64.rpm
|
||||
texinfo-6.5-7.cm1.x86_64.rpm
|
||||
texinfo-debuginfo-6.5-7.cm1.x86_64.rpm
|
||||
unzip-6.0-15.cm1.x86_64.rpm
|
||||
|
|
|
|||
|
|
@ -44,9 +44,10 @@ $(STATUS_FLAGS_DIR)/build_srpms.flag: $(local_specs) $(local_spec_dirs) $(SPECS_
|
|||
srpm_file=$$(rpmspec -q $${spec_file} --srpm --define='with_check 1' --define='dist $(DIST_TAG)' --queryformat %{NAME}-%{VERSION}-%{RELEASE}.src.rpm) && \
|
||||
wget $(SRPM_URL)/$${srpm_file} \
|
||||
-O $(BUILD_SRPMS_DIR)/$${srpm_file} \
|
||||
--no-verbose \
|
||||
--certificate=$(TLS_CERT) \
|
||||
--private-key=$(TLS_KEY) && \
|
||||
--no-verbose \
|
||||
$(if $(TLS_CERT),--certificate=$(TLS_CERT)) \
|
||||
$(if $(TLS_KEY),--private-key=$(TLS_KEY)) \
|
||||
&& \
|
||||
touch $(BUILD_SRPMS_DIR)/$${srpm_file} || \
|
||||
$(call print_error,Failed to download $${srpm_file}) ; \
|
||||
done || $(call print_error,Loop in $@ failed) ; \
|
||||
|
|
|
|||
|
|
@ -358,7 +358,6 @@ func removeLibArchivesFromSystem() (err error) {
|
|||
// copyFilesIntoChroot copies several required build specific files into the chroot.
|
||||
func copyFilesIntoChroot(chroot *safechroot.Chroot, srpmFile, repoFile, rpmmacrosFile string) (srpmFileInChroot string, err error) {
|
||||
const (
|
||||
resolv = "/etc/resolv.conf"
|
||||
chrootRepoDestDir = "/etc/yum.repos.d"
|
||||
chrootSrpmDestDir = "/home/root/SRPMS"
|
||||
rpmmacrosDest = "/usr/lib/rpm/macros.d/macros.override"
|
||||
|
|
@ -376,10 +375,6 @@ func copyFilesIntoChroot(chroot *safechroot.Chroot, srpmFile, repoFile, rpmmacro
|
|||
Src: srpmFile,
|
||||
Dest: srpmFileInChroot,
|
||||
},
|
||||
safechroot.FileToCopy{
|
||||
Src: resolv,
|
||||
Dest: resolv,
|
||||
},
|
||||
}
|
||||
|
||||
if rpmmacrosFile != "" {
|
||||
|
|
|
|||
Loading…
Reference in New Issue