https://sourceware.org/bugzilla/show_bug.cgi?id=29472
--- Comment #2 from Ryan Goldberg ---
Created attachment 14289
--> https://sourceware.org/bugzilla/attachment.cgi?id=14289&action=edit
Submit A Patch for 29472
Here is patch which is simpler than the above proposal. It allows for querying
b
https://sourceware.org/bugzilla/show_bug.cgi?id=29472
--- Comment #3 from Ryan Goldberg ---
Created attachment 14306
--> https://sourceware.org/bugzilla/attachment.cgi?id=14306&action=edit
Submit A Patch for 29472, bug fix
Minor bug fix to be applied to the previous patch
--
You are receivin
https://sourceware.org/bugzilla/show_bug.cgi?id=29472
Ryan Goldberg changed:
What|Removed |Added
Attachment #14289|0 |1
is obsolete|
https://sourceware.org/bugzilla/show_bug.cgi?id=29696
Ryan Goldberg changed:
What|Removed |Added
Status|NEW |ASSIGNED
Assignee|unassigne
https://sourceware.org/bugzilla/show_bug.cgi?id=29696
--- Comment #3 from Ryan Goldberg ---
I noticed that the issue was happening in run-debuginfod-federation-metrics.sh
so to reproduce I was playing with sending lots of requests to a federation of
servers. Only had the issue occur on the downst
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
Ryan Goldberg changed:
What|Removed |Added
Status|NEW |ASSIGNED
--- Comment #10 from Ryan Go
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #16 from Ryan Goldberg ---
(In reply to Mark Wielaard from comment #12)
> In config/profile.csh.in and config/profile.sh.in the prefix variable is
> explicitly set and no longer unset. Is that deliberate?
Taking a look at both file
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #19 from Ryan Goldberg ---
(In reply to Mark Wielaard from comment #17)
> Maybe prefixing or postfixing URLS with + or adding the name of the cert?
I'm leaning towards a combination of this idea with my original. We can use
DEBUGIN
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #21 from Ryan Goldberg ---
(In reply to Mark Wielaard from comment #20)
> But isn't the idea of checking the IMA signatures that you don't have to
> trust the server providing the debuginfo files as the distro intended them?
But th
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #23 from Ryan Goldberg ---
(In reply to Mark Wielaard from comment #22)
> This still feels odd. Since you cannot distinguish between non-sig f36
> package (okish?) and non-sig f38 packages (bad?). I think you have to either
> trust
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
--- Comment #27 from Ryan Goldberg ---
(In reply to Mark Wielaard from comment #24)
> BTW. How does this interact with the "section" queries?
Since these aren't ima verifiable anyways wdyt of just skipping verification
all together (i.e treat
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
Ryan Goldberg changed:
What|Removed |Added
CC||rgoldber at redhat dot com
--- Commen
https://sourceware.org/bugzilla/show_bug.cgi?id=28204
Ryan Goldberg changed:
What|Removed |Added
Attachment #14208|0 |1
is obsolete|
https://sourceware.org/bugzilla/show_bug.cgi?id=29472
Bug ID: 29472
Summary: Support querying the debuginfod-server for metadata
Product: elfutils
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Co
14 matches
Mail list logo
