delta rpms - can we turn them off

[Dennis Gilmore]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 27 Jun 2014 11:35:20 -0600
Kevin Fenzi <kevin at scrye.com> wrote:

> On Fri, 27 Jun 2014 19:23:04 +0200
> drago01 <drago01 at gmail.com> wrote:
> 
> > Why?
> 
> My understanding of the process as it exists: 
> 
> Download drpm. 
> Take drpm contents + old package files installed locally that were not
> changed and create updated rpm. 
> yum/dnf hands off this updated new version to rpm as normal. 
> 
> If they didn't create the orig rpm, it would require rpm to handle
> drpms differently and apply them somehow on existing files and update
> rpmdb. If the drpms were signed, only those parts of the package that
> changed in that drpm could be verified, the rest of the ones from the
> filesystem would just be whatever was on the filesystem. 

additionally the drpms are created at repo creation time and are never
available to the signing process. we would have to redo and rethink how
we make deltarpms. which would open up a massive can of worms that
would likely result in much wasted effort.

Dennis
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJTss+aAAoJEH7ltONmPFDRW4wP/RmPoKSW46VImnYuDdI+KPaO
PQp/Mg9InbsuRr6Re+o2pk+fOlxZoDY0P8G9xuzuoi9j8CMh+nIENx7/GEQa3wh/
D8YpQRLZtNFnNRFB6aJm9hgWrjTtBG5YB+xc+ROXo65s/vqhYKbjCoxgl+u4ZL/l
jwW7Z0pgtoAzxPrceLIjn5MrwTGin7oVcsHMnghP8+/svM2al9x1M6Jx1kzO0NGy
h3L1ClkUXCM2lVsuib79fETMAICF40EGZQPZ5/RErJ5FYmu3ldif7crt/qydtA9u
8XaN6xIdc2EW7L2aqy2MYuKzxwwfpHcXg/W6WCjS2/Zd+UJMVpg8ZHIv4wOR+Eww
LXfz2RHThn0siLti2WenH6pm+UagipvSGJesoVu/igdgoa9UCOtH/w+MePO1OoIv
QcvtCzQ9zmDdzJoA/bsbwo9QIThtlCXCU7AT6JAbOVwZlkXvatjpUCjjmo5gWyuD
XNMEIvvEkna975+TU8Y4atkkSRxIt3tOFdkzbV4nrS0OPclP9TSpsUt4zsJecosl
+mT2ca2JihJfJkJXe0e1k+QZPaAon+VYHMGq6n/+T8zwjH2277ct3pn9jE2iUT62
WvubEOw6Q8jrEiBBEgfgG6uyucW49Q0jqSnyrOosikrfvwH4Inp3viO0zj7bB+yA
bpktGNj51E6Qk8HkWzkX
=QpUV
-----END PGP SIGNATURE-----