New Key Repo Locations

Jesse Keating jkeating at redhat.com
Fri Aug 29 00:00:46 UTC 2008 

On Fri, 2008-08-29 at 01:51 +0200, Jeroen van Meeuwen wrote:
> If 9/ is excluded, wouldn't that mean 9/$releasever/*/os.newkey is also 
> excluded? If it's not, then I guess there's no point in the new 
> directory being created either.

Yes, if 9 is excluded (or included) that means the admin either doesn't
care about 9 and doesn't want to mirror it, or explicitly cares about it
and only wants to mirror it.  Either way I wish to honor those choices
by not changing the top level directory where "9" or "8" will be.  This
also means we won't have to re-file our export approval.

> 
> Will the ISOs be respun to reflect the changes as well so that what is 
> in os/ or in os.newkey/ meets what each of the ISO expects? I guess this 
> is primarily relevant to respins, netinstalls and so forth, as the old 
> RPM-GPG-KEYs will be in the root of those ISOs and I can only presume 
> they are used, and people will want to use os.newkey/ as the tree to 
> install from.

At this time, the isos will not be respun.  We will however re-sign the
SHA1SUM file with the new gpg key.  We are certain that the content on
the ISOs (and the numerous hard copies floating about) are safe.  The
only content to be left in the repos these isos will be able to access
out of the box will be the transition fedora-update release, and the
fixed packagekit for gpg importing.  We'll also have mirrormanager
direct all requests for the old dir directly to mirrors which we have
ultimate control over.

> 
> Has creating/composing an entirely new 9.1/ release tree been 
> considered? I guess recreating the entire release tree is a PITA (jigdo, 
> iso, torrent, foo) even though updates would not be included other then 
> maybe the updated fedora-release package (with the new rpm-gpg-keys and 
> new repo configuration files)?

It was considered briefly, but not very much.  Calling something 9.1
would also have a bit of an assumption that we've fixed some bugs or
otherwise made it a better release, which we aren't doing.  We're merely
re-signing content and placing it in a slightly different directory, but
it's still 9, not 9+something.  (ditto 8)

-- 
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/rel-eng/attachments/20080828/58ec8ba2/attachment.bin 
-------------- next part --------------
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list

More information about the rel-eng mailing list