issue weakly signed or weakly-verifiable RPMs on Redhat 8. or they can make the RPM not weak signed, either would work. However, if they are working on security only I shouldn't be getting told this is not an issue for customers.
Around line 446 of the install.sh
if [ "${PACKAGE_TYPE}" = "rpm" ]; then
INSTALL="${CMD_RPM} -Uvh"
elif [ "${PACKAGE_TYPE}" = "deb" ]; then
INSTALL="${CMD_DPKG} -i"
SHOULD READ
if [ "${PACKAGE_TYPE}" = "rpm" ]; then
INSTALL="${CMD_RPM} -Uvh --nodigest --nofiledigest"
elif [ "${PACKAGE_TYPE}" = "deb" ]; then
INSTALL="${CMD_DPKG} -i"
Please even if you dont have this issue vote this up. Support tells me no one else has this issue.
Here are articles that clearly describe it under various conditions
his is a known RHL 8 issue, we should not have to re-write the install.sh
https://access.redhat.com/solutions/4460971
https://access.redhat.com/discussions/4406201
https://redmine.dicelab.net/projects/instructibels/wiki/Installing_Weakly-signed_or_Weakly-Verifiable_RPMs_on_EL8
If you are a RHL 8 user and not having this issue, the snippet change I added won't cause issues. I don't think it is the customer's responsibility to re-write the installer.
Also if you are a RedHat user with this issue open a support case or we will be rewriting installers for the foreseeable future.
