Use RSAHEADER to tell if a package has been signed
Relates: https://issues.redhat.com/browse/RHEL-92638 Conflict: None commit 47853f2cf6575812d28093b750be2f2e897c153d Author: Coiby Xu <coxu@redhat.com> Date: Thu Oct 16 17:29:52 2025 +0800 Use RSAHEADER to tell if a package has been signed Packages now use RPM v4 signature %{RSAHEADER}. %{SIGPGP} is the name of the RPM v3 header+payload signature and can't be used to tell if a package has been signed, # uname -r 6.16.10-200.fc42.x86_64 # rpm -q --queryformat "%{SIGPGP:pgpsig}\n" --all|grep -c "^(none)$" 586 # rpm -q --queryformat "%{RSAHEADER}\n" --all|grep -c "^(none)$" 5 Signed-off-by: Coiby Xu <coxu@redhat.com> Signed-off-by: Coiby Xu <coxu@redhat.com>
This commit is contained in:
parent
6d6ac4e2d0
commit
a8221a05b6
@ -132,7 +132,7 @@ if [[ -z $reinstall_threshold ]]; then
|
||||
fi
|
||||
fi
|
||||
|
||||
unsigned_packages_in_rpm_db=$(rpm -q --queryformat "%{SIGPGP:pgpsig}\n" "$package" | grep -c "^(none)$")
|
||||
unsigned_packages_in_rpm_db=$(rpm -q --queryformat "%{RSAHEADER}\n" "$package" | grep -c "^(none)$")
|
||||
|
||||
if [[ $unsigned_packages_in_rpm_db -ge $reinstall_threshold ]]; then
|
||||
add_by_reinstall
|
||||
|
||||
Loading…
Reference in New Issue
Block a user