Bug 707449

Summary: Package (re)signing aborts on identical signature
Product: Red Hat Enterprise Linux 6 Reporter: Panu Matilainen <pmatilai>
Component: rpmAssignee: Panu Matilainen <pmatilai>
Status: CLOSED ERRATA QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: medium Docs Contact:
Priority: high    
Version: 6.1CC: ffesti, ilmis, jjneely, mvadkert, tis
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-12-06 18:18:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
Patch to skip already signed pkgs none

Description Panu Matilainen 2011-05-25 06:25:54 UTC 
Description of problem:

When (re)signing, packages which are already signed with the same key cause the entire signing process to abort when it should simply skip over such packages.

Version-Release number of selected component (if applicable):
rpm-4.8.0-16.el6

How reproducible:
Always (or almost so, there seems to be some other bug in the "identical signature" detection)

Steps to Reproduce:
1. Grab a few rpms
2. rpm --addsign *.rpm
3. Add a few more rpms
4. rpm --addsign *.rpm
  
Actual results:
Step 4 aborts when it finds a package already signed with the same key, possibly leaving others unsigned.

Expected results:
All packages should be processed: packages with identical signature should be skipped and others (re)signed.

Additional info:
This is a regression from RHEL 6.0 due to a backporting error.
Comment 3 Panu Matilainen 2011-05-25 07:31:55 UTC 
Okay it is always reproducable, the "other bug" was actually just missing error message on failure to replace original package instead of a bug in identical signature detection.
Comment 8 Panu Matilainen 2011-10-11 05:39:06 UTC 
*** Bug 744880 has been marked as a duplicate of this bug. ***
Comment 9 Mika Ilmaranta 2011-10-11 13:22:29 UTC 
Created attachment 527441 [details]
Patch to skip already signed pkgs

This patch makes rpm --resign to skip pkgs already signed with identical signature.

I didn't check if some clean up should be done before continue so this may introduce memory leaks.
Comment 10 errata-xmlrpc 2011-12-06 18:18:30 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1737.html