On 01/06/2017 03:49 AM, Laurentiu Pancescu wrote: > On 05/01/17 16:56, Johnny Hughes wrote: >> I will sign that for 6.9 for sure .. I was holding off on the current >> 6.8 repo, although theoretically it does not impact anything if I do >> sign and put on there too (6.8). >> >> The reason I would not do it would be that we have an Everything ISO for >> C7 and the older ones did not have signed repodata, so I don't want a >> different repo on ISO than on the mirrors. > > I first tried to produce a patch for rpms/centos-release, but after "git > clone --branch c7 https://git.centos.org/git/rpms/centos-release.git/" I > noticed that the repo hasn't yet been updated for 7.3.1611, and > centos-release-7-2.1511.tar.gz isn't included. I couldn't find any c6 > branch, either, so I ended up producing patches against the default > .repo files from our official Vagrant images (attached, tested locally). > > Would it be ok in this form? The only disadvantage I see is being asked > to trust the official CentOS key several times during the first "yum > update" (instead of just once). Right, the only real issue is more trust requests for the same key. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20170112/d93cd59d/attachment-0008.sig>