Bug 2213625
Summary: | epel.repo permits enablement of repo_gpgcheck despite its unavailability | ||
---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Mark Tomich <mstomich> |
Component: | epel-release | Assignee: | Kevin Fenzi <kevin> |
Status: | NEW --- | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | epel9 | CC: | carl, kevin, mastahnke, smooge, tdawson |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | Type: | Bug | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mark Tomich
2023-06-08 18:49:58 UTC
This sounds reasonable and fairly easy to do. There is something else I think we should consider. If we make this change, a user could set repo_gpgcheck=1 globally and believe they have repodata signature checking for all repos when they do not. We would be hiding that error message from them. With the current config, they would get the error you mentioned, highlighting which repos do not offer signed repodata. That guides users to set repo_gpgcheck at the repo level where it makes more sense, rather than globally. That also is a very good point. If I keep flipping back and forth ... I'm not being very helpful here. :) |