-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Drop checksum field from signed files db #157
Drop checksum field from signed files db #157
Conversation
This is required before moving files from `/usr` into their proper locations. See: #57
Still in draft due to:
|
5a96b5e
to
e742a7f
Compare
Regarding this bit Lines 150 to 188 in e742a7f
Is stripping the signature and re-signing a valid way to determine "it's already signed"? If the signature mismatches, we can either bail or overwrite. I think exiting non-zero is best? |
Can't we use |
I realized I might not even correctly remember the contraints we are working with :/ I really need to get back into hacking on all of this. |
We also need to verify whether the file has changed or not. The file might have a valid signature, but be a different file (e.g.: the previous version of the bootloader). |
Corrected typo "towards towards" to "towards"
The previous rule setup SHOULD work, but I found several tools messed up and were ignoring `cmd/sbctl`. E.g.: `ag` did not recurse into it when searching.
Generating a new bundle with an unmounted ESP would crash trying to find one, even if one was explicitly specified. This was due to Bundle instances always being created with a discovered ESP path. However, this path is always overwritten based on the value provided by the user, meaning that this default is unused and always overwritten. This changes NewBundle to simply use an empty ESP if finding one fails. This has no impact on `sbctl` itself. This change COULD impact applications using this codes as a library, but this only affects code that previously panicked. Fixes: #132
I asked on #voidlinux, the repo URLs might change (which is causing failures right now), so need to `-S` again after updating xbps-install.
Check a few errors that were not being handled properly. Co-authored-by: Morten Linderud <morten@linderud.pw>
If we have a newly created and empty file then the json parsing fails. We should allow this and return an empty map/slice instead. Signed-off-by: Morten Linderud <morten@linderud.pw>
This is required before moving files from
/usr
into their properlocations.
See: #57