RPM Sequoia's crypto policies can be configured, so you should be able to re-enable SHA-1. However, this would be a global change, not only for EL6... See https://docs.rs/sequoia-policy-config/latest/sequoia_policy_config/#hash-functions

Cheers,

Ondřej

On Thu, Jun 8, 2023 at 5:42 PM Pavel Raiskup <praiskup@redhat.com> wrote:

Hello maintainers!

Copr builders have been updated to Fedora 38 today (some old builders
might still be running F37 ATM, but when they finish the task(s) they
work on, they will be deleted). Our testsuite is passing just fine, so
you _should_ be fine too :-). Please let us know if you have some
troubles.

There was one important change in Fedora 38 - RPM switched to the
Sequoia crypto backend. It refuses SHA-1 in crypto; which basically
disallows Mock to properly check EL6 GPG signatures. To allow further
builds, we switched to gpgcheck=0 for all epel-6 chroots. If you know a
better work-around, let me know.

Pavel

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue