On 01/06/2017 03:49 AM, Laurentiu Pancescu wrote:
On 05/01/17 16:56, Johnny Hughes wrote:
I will sign that for 6.9 for sure .. I was holding off on the current 6.8 repo, although theoretically it does not impact anything if I do sign and put on there too (6.8).
The reason I would not do it would be that we have an Everything ISO for C7 and the older ones did not have signed repodata, so I don't want a different repo on ISO than on the mirrors.
I first tried to produce a patch for rpms/centos-release, but after "git clone --branch c7 https://git.centos.org/git/rpms/centos-release.git/" I noticed that the repo hasn't yet been updated for 7.3.1611, and centos-release-7-2.1511.tar.gz isn't included. I couldn't find any c6 branch, either, so I ended up producing patches against the default .repo files from our official Vagrant images (attached, tested locally).
Would it be ok in this form? The only disadvantage I see is being asked to trust the official CentOS key several times during the first "yum update" (instead of just once).
Right, the only real issue is more trust requests for the same key.