Closed Bug 746341 Opened 13 years ago Closed 13 years ago

use gpgcheck=1 for yum mirrors

Categories

(Infrastructure & Operations :: RelOps: General, task)

Product:
Infrastructure & Operations
Component:
RelOps: General
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: dustin, Assigned: dustin)

Details

Attachments

(1 file)

gpg.patch
26.12 KB, patch
jhford
: review+
kang
: review+
kang
: feedback+
Details | Diff | Splinter Review
:kang asked that this be enabled This requires setting the flag in the repo definitions, and also installing the various GPG keys.
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6 in the repo config will get the GPG keys, so it just remains to make sure the keys are on the local repo servers, and add these lines.
Assignee: server-ops-releng → dustin
Oh, I should mention, I tested this with a fresh kickstart, so it at least mostly works. I'll shake out any bugs in base-image-centos6.sh.erb when I re-create the ganeti image.
Comment on attachment 616418 [details] [diff] [review] gpg.patch Review of attachment 616418 [details] [diff] [review]: ----------------------------------------------------------------- looks good to me. At some point, we should start gpg signing our internal rpms and repositories as well.
Attachment #616418 - Flags: review?(jhford) → review+
Comment on attachment 616418 [details] [diff] [review] gpg.patch ops, used to click review instead of feedback. Anyhow, looks fine.
Attachment #616418 - Flags: feedback?(gdestuynder) → feedback+
http://hg.mozilla.org/build/puppet/rev/6ac7dcbbf8fa
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Component: Server Operations: RelEng → RelOps
Product: mozilla.org → Infrastructure & Operations
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: