On Thursday, November 18, 2021 4:41:34 PM CET patrick+buildsys(a)laimbock.com wrote:
On 18-11-2021 14:50, Pavel Raiskup wrote:
> On Thursday, November 18, 2021 1:35:29 PM CET patrick+buildsys(a)laimbock.com wrote:
[snip]
> You wrote that your "mock needs an access to repos". So I naturally
thought
> that we are talking about something like the entitlement key+cert pair (which is
> quite a new thing in mock anyways, and the only chroot using that is RHEL, and
> ... /etc/pkg/entitlement is not a bad place). Though ....
Heh now I see your point. I was not talking about RHEL entitlements. I
totally agree that /etc/pki/entitlement/ is not a bad place for RHEL
repo entitlement certificates. It's a great place :-)
[snip]
>> If on RHEL & Fedora hosts these default locations are used:
>>
>> CA certificates -> ca-bundle
>> RHEL entitlements -> /etc/pki/entitlement/
>> Public client/server certificates -> /etc/pki/tls/certs/
>> Private client/server certificates -> /etc/pki/tls/private/
>>
>> then isn't it logical to copy that behavior into the chroot?
>
> ... if for any reason you can't or don't want to use that, it's OK - I
think
> patches are welcome, and I bet that the current mock support is really RHEL-only
> oriented, meaning that smaller or bigger patch would be needed anyway ;)
My use case is that some (non-RHEL) repos are private and require a
client certificate to gain access. That's why I wrote the patch.
Works: Mock -> public repos like Fedora & CentOS
Works: Mock -> RHEL repos requiring an entitlement
Works: Mock + patch -> public and private repos via cert & key in
standard locations
What should be different ("smaller or bigger") about the patch? I'll be
happy to try.
Ah, I missed the patch. Can you please provide a pull-request with that?
We can go through a formal review...
Pavel
> Happy hacking!
Thanks :-)
Best,
Patrick
_______________________________________________
buildsys mailing list -- buildsys(a)lists.fedoraproject.org
To unsubscribe send an email to buildsys-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/buildsys@lists.fedoraprojec...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure