https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #11 from Mark Wielaard ---
So as far as I understand this is now the three commits on top of
users/rgoldber/try-bz28204c:
https://sourceware.org/cgit/elfutils/log/?h=users/rgoldber/try-bz28204c
I find it slightly easier when patch
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #12 from Mark Wielaard ---
In config/profile.csh.in and config/profile.sh.in the prefix variable is
explicitly set and no longer unset. Is that deliberate?
In debuginfod_validate_imasig the file_data = malloc(data_len); depends on
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #13 from Mark Wielaard ---
The configure checks might need to check whether the rpm development headers
define the needed constants.
On an rhel8 system this gives:
checking for headerGet in -lrpm... yes
checking for imaevm_hash_a
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #14 from Mark Wielaard ---
I think it is the user/distro packager who should decide which ima-certs to
ship. I don't think elfutils should come with ima-certs itself.
Why is there a "permissive" policy? What is the use case for th
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #15 from Mark Wielaard ---
The basic idea having a collection of certs, and an signature for each file
that is transported with the fetch operation that will be checked against those
trusted certs is understandable.
But I must adm
