From cf0fff170815985ef18a91bf0ebf485bb4a85c49 Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Jul 11 2024 15:51:58 +0000 Subject: Talk about rpmsign in the rpmsign(8) man page Resolves: RHEL-40895 --- diff --git a/0001-Talk-about-rpmsign-in-the-rpmsign-man-page.patch b/0001-Talk-about-rpmsign-in-the-rpmsign-man-page.patch new file mode 100644 index 0000000..e198993 --- /dev/null +++ b/0001-Talk-about-rpmsign-in-the-rpmsign-man-page.patch @@ -0,0 +1,57 @@ +From d29651be364ef72c7c0f468157602e4ed5cab4ff Mon Sep 17 00:00:00 2001 +From: Florian Festi +Date: Wed, 12 Jun 2024 15:46:12 +0200 +Subject: [PATCH] Talk about rpmsign in the rpmsign man page + +In the past handling signatures was done by the rpm / rpmbuild binaries +directly. When this functionality was split into rpmsign the man page +was not adjusted accoringly. This is the long overdue update. + +Resolves: # 3125 + +(backported from commit 8e1f55c7004e8c1a7d9140ab2dd9456a7ace3e77) +--- + doc/rpmsign.8 | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/doc/rpmsign.8 b/doc/rpmsign.8 +index f7ceae89b..6c5bcc8ef 100644 +--- a/doc/rpmsign.8 ++++ b/doc/rpmsign.8 +@@ -5,9 +5,9 @@ rpmsign \- RPM Package Signing + .SS "SIGNING PACKAGES:" + .PP + +-\fBrpm\fR \fB--addsign|--resign\fR [\fBrpmsign-options\fR] \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR ++\fBrpmsign\fR \fB--addsign|--resign\fR [\fBrpmsign-options\fR] \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR + +-\fBrpm\fR \fB--delsign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR ++\fBrpmsign\fR \fB--delsign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR + + .SS "rpmsign-options" + .PP +@@ -22,10 +22,10 @@ options generate and insert new signatures for each package + existing signatures. There are two options for historical reasons, + there is no difference in behavior currently. + +-To create a signature rpm needs to verify the package's checksum. As a result ++To create a signature rpmsign needs to verify the package's checksum. As a result + packages with a MD5/SHA1 checksums cannot be signed in FIPS mode. + +-\fBrpm\fR \fB--delsign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR ++\fBrpmsign\fR \fB--delsign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR + + .PP + Delete all signatures from each package \fIPACKAGE_FILE\fR given. +@@ -36,7 +36,7 @@ Delete all signatures from each package \fIPACKAGE_FILE\fR given. + \fB--rpmv3\fR + Force RPM V3 header+payload signature addition. + These are expensive and redundant baggage on packages where a separate +-payload digest exists (packages built with rpm >= 4.14). Rpm will ++payload digest exists (packages built with rpm >= 4.14). Rpmsign will + automatically detect the need for V3 signatures, but this option can be + used to force their creation if the packages must be fully + signature verifiable with rpm < 4.14 or other interoperability reasons. +-- +2.45.2 + diff --git a/rpm.spec b/rpm.spec index dcedae4..9b8455d 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 30 +%global rel 31 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -113,6 +113,7 @@ Patch144: 0001-Use-unsigned-integers-for-buildtime-too-for-Y2K38-sa.patch Patch145: 0001-Fix-potential-use-of-uninitialized-pipe-array.patch Patch146: 0001-Fix-potential-use-of-uninitialized-pgp-struct.patch Patch147: 0001-Add-SourceLicense-tag-to-spec-syntax.patch +Patch148: 0001-Talk-about-rpmsign-in-the-rpmsign-man-page.patch # These are not yet upstream Patch906: rpm-4.7.1-geode-i686.patch @@ -663,11 +664,12 @@ fi %doc doc/librpm/html/* %changelog -* Thu Jul 11 2024 Michal Domonkos - 4.16.1.3-31 +* Fri Jul 12 2024 Michal Domonkos - 4.16.1.3-31 - Fix potential use of uninitialized pipe array (RHEL-22604) - Fix potential use of uninitialized pgp struct (RHEL-22605) - Don't confuse OpenScanHub with false array overrun (RHEL-22607) - Add SourceLicense tag to spec syntax (RHEL-28798) +- Talk about rpmsign in the rpmsign(8) man page (RHEL-40895) * Mon Jun 03 2024 Michal Domonkos - 4.16.1.3-30 - Don't segfault on missing priority tag (RHEL-35249)