On Thursday, November 18, 2021 4:41:34 PM CET patrick+buildsys@laimbock.com wrote:
On 18-11-2021 14:50, Pavel Raiskup wrote:
On Thursday, November 18, 2021 1:35:29 PM CET patrick+buildsys@laimbock.com wrote:
[snip]
You wrote that your "mock needs an access to repos". So I naturally thought that we are talking about something like the entitlement key+cert pair (which is quite a new thing in mock anyways, and the only chroot using that is RHEL, and ... /etc/pkg/entitlement is not a bad place). Though ....
Heh now I see your point. I was not talking about RHEL entitlements. I totally agree that /etc/pki/entitlement/ is not a bad place for RHEL repo entitlement certificates. It's a great place :-)
[snip]
If on RHEL & Fedora hosts these default locations are used:
CA certificates -> ca-bundle RHEL entitlements -> /etc/pki/entitlement/ Public client/server certificates -> /etc/pki/tls/certs/ Private client/server certificates -> /etc/pki/tls/private/
then isn't it logical to copy that behavior into the chroot?
... if for any reason you can't or don't want to use that, it's OK - I think patches are welcome, and I bet that the current mock support is really RHEL-only oriented, meaning that smaller or bigger patch would be needed anyway ;)
My use case is that some (non-RHEL) repos are private and require a client certificate to gain access. That's why I wrote the patch.
Works: Mock -> public repos like Fedora & CentOS Works: Mock -> RHEL repos requiring an entitlement Works: Mock + patch -> public and private repos via cert & key in standard locations
What should be different ("smaller or bigger") about the patch? I'll be happy to try.
Ah, I missed the patch. Can you please provide a pull-request with that? We can go through a formal review...
Pavel
Happy hacking!
Thanks :-)
Best, Patrick _______________________________________________ buildsys mailing list -- buildsys@lists.fedoraproject.org To unsubscribe send an email to buildsys-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/buildsys@lists.fedoraproject.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure