Zbigniew Jędrzejewski-Szmek
Zbigniew Jędrzejewski-Szmek
> (but i guess we don't embed the debuginfo url in fedora yet, do we? No, we don't. And I'm not sure if we should. Debuginfod is great for usability,...
I pushed an updated version, with the logic in the second commit fixed. I think that in the rpm world, printing the full package identifier is the right thing. It's...
> We could have a config for it, disabled by default? I'm still hoping that the folks behind debuginfod will start taking security seriously and come up with some signing...
> maybe we should embed a "format string" into the json data for reconstructing the package name? i.e. "%n-%a-%v" or so I think that's unnecessary. It'd mean a few bytes...
I added a helper function to isolate the building of the package name-version string + some more comments.
focal-amd64: TEST-29-PORTABLE: FAIL (194 s). Maybe a timeout.
OK, re-reading the conversation and my own comments, I think I don't quite grok the purpose of the EFI var after all. @medhefgo can you describe the *purpose* of the...
> Hooking into security arch protocol like this is ultimately an ugly hack. It's manipulating an internal firmware data structure so we can trick it to trust our kernel image....
I changed install.c to use `_cleanup_` for the InstallInfo struct everywhere. The result is indeed nicer.