On 05/01/17 16:56, Johnny Hughes wrote:
I will sign that for 6.9 for sure .. I was holding off on the current 6.8 repo, although theoretically it does not impact anything if I do sign and put on there too (6.8).
The reason I would not do it would be that we have an Everything ISO for C7 and the older ones did not have signed repodata, so I don't want a different repo on ISO than on the mirrors.
I first tried to produce a patch for rpms/centos-release, but after "git clone --branch c7 https://git.centos.org/git/rpms/centos-release.git/" I noticed that the repo hasn't yet been updated for 7.3.1611, and centos-release-7-2.1511.tar.gz isn't included. I couldn't find any c6 branch, either, so I ended up producing patches against the default .repo files from our official Vagrant images (attached, tested locally).
Would it be ok in this form? The only disadvantage I see is being asked to trust the official CentOS key several times during the first "yum update" (instead of just once).
Thanks, Laurențiu