On Thursday, November 18, 2021 4:41:34 PM CET [email protected] wrote: > On 18-11-2021 14:50, Pavel Raiskup wrote: > > On Thursday, November 18, 2021 1:35:29 PM CET [email protected] > > wrote: > [snip] > > You wrote that your "mock needs an access to repos". So I naturally thought > > that we are talking about something like the entitlement key+cert pair > > (which is > > quite a new thing in mock anyways, and the only chroot using that is RHEL, > > and > > ... /etc/pkg/entitlement is not a bad place). Though .... > > Heh now I see your point. I was not talking about RHEL entitlements. I > totally agree that /etc/pki/entitlement/ is not a bad place for RHEL > repo entitlement certificates. It's a great place :-) > > [snip] > >> If on RHEL & Fedora hosts these default locations are used: > >> > >> CA certificates -> ca-bundle > >> RHEL entitlements -> /etc/pki/entitlement/ > >> Public client/server certificates -> /etc/pki/tls/certs/ > >> Private client/server certificates -> /etc/pki/tls/private/ > >> > >> then isn't it logical to copy that behavior into the chroot? > > > > ... if for any reason you can't or don't want to use that, it's OK - I think > > patches are welcome, and I bet that the current mock support is really > > RHEL-only > > oriented, meaning that smaller or bigger patch would be needed anyway ;) > > My use case is that some (non-RHEL) repos are private and require a > client certificate to gain access. That's why I wrote the patch. > > Works: Mock -> public repos like Fedora & CentOS > Works: Mock -> RHEL repos requiring an entitlement > Works: Mock + patch -> public and private repos via cert & key in > standard locations > > What should be different ("smaller or bigger") about the patch? I'll be > happy to try.
Ah, I missed the patch. Can you please provide a pull-request with that? We can go through a formal review... Pavel > > Happy hacking! > > Thanks :-) > > Best, > Patrick > _______________________________________________ > buildsys mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > _______________________________________________ buildsys mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
