-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hi,
since it has been suggested that I should file bug [1] (CA pinning for mirrors.fedoraproject.org for yum) also against yum's successor dnf [2], I'm wondering if sslcacert is also understood by dnf?
from the man page of dnf.conf: "DNF by default uses the global configuration file at /etc/dnf/dnf.conf and all *.repo files found under /etc/yum.repos.d."
That tells me that dnf parses the same repo files as dnf, but there is no 'sslcacert' option in dnf.conf 's man page. So I'm wondering whether just the man page is not complete or dnf has no such option (yet)?
next step would be to simply try it..
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1131673 [2] https://lists.fedoraproject.org/pipermail/devel/2014-June/199808.html https://fedoraproject.org/wiki/Changes/ReplaceYumWithDNF
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Joonas Lehtonen:
That tells me that dnf parses the same repo files as dnf,
should read: That tells me that dnf parses the same repo files as yum,
Hi
On Wed, Aug 20, 2014 at 5:38 PM, Joonas Lehtonen
That tells me that dnf parses the same repo files as dnf, but there is
no 'sslcacert' option in dnf.conf 's man page. So I'm wondering whether just the man page is not complete or dnf has no such option (yet)?
I have run into both types of issues in dnf (since it is still catching up with yum to some extend). Some features have just not been implemented because noone has requested them yet and some features have been implemented but has remain undocumented to sort of test the waters on the level of interest or supportability of the feature.
I would recommend trying it out and filing a bug report or RFE against dnf to implement the feature
Rahul
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
since it has been suggested that I should file bug [1] (CA pinning for mirrors.fedoraproject.org for yum) also against yum's successor dnf [2], I'm wondering if sslcacert is also understood by dnf?
from the man page of dnf.conf: "DNF by default uses the global configuration file at /etc/dnf/dnf.conf and all *.repo files found under /etc/yum.repos.d."
That tells me that dnf parses the same repo files as dnf, but there is no 'sslcacert' option in dnf.conf 's man page. So I'm wondering whether just the man page is not complete or dnf has no such option (yet)?
dnf ignores sslcacert option in repo files (implementation matches documentation).
Anyone know how to do CA pinning when using dnf instead of yum? or: Are we about to loose that feature? and we need a feature request for dnf?
Hi
On Sat, Aug 23, 2014 at 11:53 AM, Joonas Lehtonen
Anyone know how to do CA pinning when using dnf instead of yum? or: Are we about to loose that feature? and we need a feature request for dnf?
As I noted earlier, you would need to file a feature request
Rahul
-
Joonas Lehtonen -
Rahul Sundaram