mock and sha256 rpms
Paul Howarth
paul at city-fan.org
Thu May 28 15:54:51 UTC 2009
Mike McLean wrote:
> If you use mock for building, then you may be in the position of having
> the main system rpm use sha256 checksums (e.g. on F11) but create
> chroots that contain an older rpm that does not.
>
> If you create a source rpm using the newer rpm and pass it to mock to
> build in a chroot with an older rpm, you will get an error like the
> following:
>> DEBUG util.py:256: error: unpacking of archive failed on file
>> /builddir/build/SOURCES/INIT.2008-02-02.tgz;4a1e5c21: cpio: MD5 sum
>> mismatch
>> DEBUG util.py:319: Child returncode was: 1
>
> I think the simplest way to work around this is to have mock pass
> --nomd5 to rpm when installing the srpm in the chroot.
>
> Of course, this is dropping an integrity check, so could possibly add a
> check outside the chroot to verify this data. Granted, I'm not sure what
> the best way to do that is.
>
> Thoughts? Concerns?
I think a better approach is to create the original SRPM with MD5
checksums in the first place if it's going to be passed to mock with a
pre-F11 target.
So for instance I have this in my ~/.rpmmacros for the account I create
my SRPMs in:
# Use MD5 hashes on non mock-built packages for cross-release
# compatibility
%_source_filedigest_algorithm 0
%_binary_filedigest_algorithm 0
Paul.
More information about the Fedora-buildsys-list
mailing list