richardphibel / rpms / rpm

Forked from rpms/rpm 2 years ago
Clone
83a7c7
From be3347b5bff6142e86e533174fe0ec352405d159 Mon Sep 17 00:00:00 2001
83a7c7
From: Florian Festi <ffesti@redhat.com>
83a7c7
Date: Thu, 18 Jul 2019 07:45:53 +0200
83a7c7
Subject: [PATCH] rpmsign man page: Add line about rpmsign requiring a valid
83a7c7
 checksum
83a7c7
83a7c7
and the limitations in FIPS mode
83a7c7
---
83a7c7
 doc/rpmsign.8 | 3 +++
83a7c7
 1 file changed, 3 insertions(+)
83a7c7
83a7c7
diff --git a/doc/rpmsign.8 b/doc/rpmsign.8
83a7c7
index 80ffb6a32..d895a3b8c 100644
83a7c7
--- a/doc/rpmsign.8
83a7c7
+++ b/doc/rpmsign.8
83a7c7
@@ -21,6 +21,9 @@ options generate and insert new signatures for each package
83a7c7
 existing signatures. There are two options for historical reasons,
83a7c7
 there is no difference in behavior currently.
83a7c7
 
83a7c7
+To create a signature rpm needs to verify the package's checksum. As a result
83a7c7
+packages with a MD5/SHA1 checksums cannot be signed in FIPS mode.
83a7c7
+
83a7c7
 \fBrpm\fR \fB--delsign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR
83a7c7
 
83a7c7
 .PP
83a7c7
-- 
83a7c7
2.21.0
83a7c7