Bug 1984977
| Summary: | Backport hplip-keyserver.patch from Fedora | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Sergey <titan.dn> | ||||||
| Component: | hplip | Assignee: | Zdenek Dohnal <zdohnal> | ||||||
| Status: | CLOSED WONTFIX | QA Contact: | rhel-cs-infra-services-qe <rhel-cs-infra-services-qe> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | CentOS Stream | CC: | bstinson, jwboyer | ||||||
| Target Milestone: | beta | Keywords: | Patch, Triaged | ||||||
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | |||||||||
| : | 1985251 (view as bug list) | Environment: | |||||||
| Last Closed: | 2021-12-08 07:46:08 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
|
Description
Sergey
2021-07-22 15:02:50 UTC
Hi Sergey,
Thank you for taking the time to report this issue to us. I appreciate the feedback and use reports such as this one to guide our efforts at improving our products. That being said, this bug tracking system is not a mechanism for requesting support, and I am not able to guarantee the timeliness or suitability of a resolution.
If this issue is critical or in any way time sensitive, please raise a ticket through the regular Red Hat support channels to ensure it receives the proper attention and prioritization to assure a timely resolution.
For information on how to contact the Red Hat production support team, please visit:
https://access.redhat.com/support
Ad issues:
1. HP upstream doesn't have a patch for the issue... the patch you pointed out I wrote for Fedora sometime ago, when I found out the current solution isn't robust enough :( . The current solution works sometimes (but not today it seems :D ) and downloading keys doesn't block user from downloading plugin and making your device work (if it really needs plugin), so IMO it is not urgent.
2. thanks for the patch for the second issue! I'll apply it in Fedora for now, I'll see if I can fix it in RHEL/CentOS Stream.
I can reproduce with 'hp-plugin -i': # hp-plugin -i ... error: Unable to recieve key from keyserver Do you still want to install the plug-in? (y=yes, n=no*, q=quit) ? y ... # ls -lah ~/.hplip total 0 drwxr-xr-x. 3 root root 20 Jul 23 01:29 . dr-xr-x---. 6 root root 280 Jul 23 01:27 .. drwxr-xr-x. 3 root root 39 Jul 23 01:29 .gnupg ----------- The correct perms must be 700. Sergey, ~/.hplip/.gnupg/ directory doesn't contain any private keys (hp-plugin just downloads a public key from keyserver, which is then used during verification of integrity and authenticity of the plugin with digital signature), so AFAIK there isn't a security risk there. I'll fix the permissions in Fedora, and backport keyserver.patch into RHEL 8 to have a stable way of getting gpg key. Created attachment 1804798 [details]
Patch from Fedora
Since the issue isn't blocking users from installing the plugin itself, I'm closing the issue as WONTFIX. Feel free to reopen if there is a request from the regular Red Hat support channels. |