Package: apt-cacher-ng Version: 3.1-1build1 Severity: minor I tried using apt-cacher-ng to mirror Centos 8. The file patterns for apt-cacher-ng do not match some new AppStream yaml files and requests for them result in a 403.
Any yaml.gz file within http://mirror.centos.org/centos/8/AppStream/x86_64/os/repodata/ can trigger this E.g. http://mirror.centos.org/centos/8/AppStream/x86_64/os/repodata/61146b6b98b6a55b56cfdb89e3691d463c3c52989ea9f6d6514aa24357aba914-modules.yaml.gz Workaround: Use VfilePatternEx to include the yaml files # cat > /etc/apt-cacher-ng/centos8.conf <<EOF > # additional centos files > VfilePatternEx = (^|.*/)repodata/.*\.(yaml|yml)(\.gz|\.bz2|\.lzma|\.xz)?$ > EOF # systemctl restart apt-cacher-ng.service Before the configuration change $ curl -s -w "%{http_code}" --proxy http://localhost:3142 http://mirror.centos.org/centos/8/AppStream/x86_64/os/repodata/61146b6b98b6a55b56cfdb89e3691d463c3c52989ea9f6d6514aa24357aba914-modules.yaml.gz -o /dev/null 403 After the configuration change $ curl -s -w "%{http_code}" --proxy http://localhost:3142 http://mirror.centos.org/centos/8/AppStream/x86_64/os/repodata/61146b6b98b6a55b56cfdb89e3691d463c3c52989ea9f6d6514aa24357aba914-modules.yaml.gz -o /dev/null 200 I also created a small patch that I believe should fix the issue. I have not tested it since I have the workaround in place There are a couple of YUM proxies that have the same issue. I couldn't find any official change in the repo format, so the comments seemed useful in explaining the yaml files are part of a new AppStream concept https://community.oracle.com/thread/4281810 https://issues.sonatype.org/browse/NEXUS-21311 I am using Ubuntu 18.04.3, but I thought it would be better to report this upstream. Looking at the source at https://salsa.debian.org/blade/apt-cacher-ng/blob/debian/sid/source/acfg_defaults.cc it does not appear the CentOS support has changed in a while Chatham recognizes that one of our fundamental responsibilities is protecting the privacy of personal information. Please review our Privacy Policy<https://www.chathamfinancial.com/privacy-policy/> to learn more about how we endeavor to be good stewards of your data. CHATHAM FINANCIAL CONFIDENTIALITY NOTICE: The information contained in this email is confidential and is only for the use of the intended recipient. If you are not the intended recipient, any further copying, use, distribution or disclosure of the contents of this e-mail is strictly prohibited and may violate applicable privacy laws. If you have received this email in error, please immediately notify the sender and permanently delete the original email and any electronic copies from your system and destroy any hard copy versions of the email.
centos8.patch
Description: centos8.patch
