Here is some additional info: When building RPMs for a RHEL 6 environment (that will also be FIPS compliant by default), you must build the RPM with the appropriate digest algorithm and if desired, sign it with a FIPS compliant key. Example:
The values associated with the _source_filedigest_algorithm and _binary_filedigest_algorithm options comes from the following list, which by default is set to 1 (MD5):
[I]# If not specified or 0, MD5 is used.
1 MD5 (default)
2 SHA1
8 SHA256
9 SHA384
10 SHA512
#%_source_filedigest_algorithm 1
#%_binary_filedigest_algorithm 1 [/I]
If desired, to make the rpmbuild process a bit more seamless, add the following to the user’s /home/rpmbuild/.rpmmacros file:
Sorry I’m missing the point I think, are you asking someone on percona to update and distribute new rpms with the listed settings changed or are you asking someone to build these rpms on an ad-hoc basis and provide them to you?
Yup, asking Percona if they could change how they are building the RPMs. I could rebuild myself but would much rather have them rebuilt by the vendor and provided. Thanks!