pesign-rh-test-certs is required to build Fedora 23 kernel.
This isn't accurate. The kernel builds just fine in koji because pesign-rh-test-certs is not used and we use the real HSM. A more accurate assessment would be that it is needed to build locally or scratch kernels. However, I'm not sure we can blindly BuildRequire this in kernel.spec, as it might cause issues with the real koji builds.
(In reply to Josh Boyer from comment #1) > This isn't accurate. The kernel builds just fine in koji because > pesign-rh-test-certs is not used and we use the real HSM. A more accurate > assessment would be that it is needed to build locally or scratch kernels. > However, I'm not sure we can blindly BuildRequire this in kernel.spec, as it > might cause issues with the real koji builds. It seems like the answer is some sort of virtual requires/provides that will normally pull in pesign-rh-test-certs. For example: kernel: BuildRequires: kernel-signing-certs pesign-rh-test-certs: Provides: kernel-signing-certs kernel-signing-certs-empty: Provides: kernel-signing-certs Ideally, a weak dependency could be used to make DNF choose pesign-rh-test-certs by default: pesign: Suggests: pesign-rh-test-certs (AFAIK, there's no such thing as BuildSuggests, so it can really go in the kernel.)
pesign-0.111-5.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-c8ea56fd55
pesign-0.111-5.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-9d7c4ff402
pesign-0.111-6.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-9d7c4ff402
pesign-0.111-6.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with $ su -c 'dnf --enablerepo=updates-testing update pesign' You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-9d7c4ff402
pesign-0.111-6.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with $ su -c 'dnf --enablerepo=updates-testing update pesign' You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-c8ea56fd55
pesign-0.111-6.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-c8ea56fd55
pesign-0.111-7.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-9d7c4ff402
pesign-0.111-7.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-c8ea56fd55
pesign-0.111-7.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with $ su -c 'dnf --enablerepo=updates-testing update pesign' You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-c8ea56fd55
pesign-0.111-7.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with $ su -c 'dnf --enablerepo=updates-testing update pesign' You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-9d7c4ff402
pesign-0.111-7.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
pesign-0.111-7.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.