This bug is meant to be a placeholder to plan and discuss a good interim solution so that we do not make a mistake again. Most often, there's an selinux context error which requires a restorecon for the entire folder. 1) We could make a periodic sweep of the pub/ folder with restorecon so everything inside this folder has the default SELinux permissions. 2) We could automate the package copying into the server from where it's generated so that process is not manual. 3) I really think we should test the package downloads after putting them on download.gluster.org. Just as far as "making sure they can be downloaded with curl" is reasonably good enough to start with.
the -Z option of cp is supposed to take care of that. But someone has to remember to use it. I am in favor of 2. 1 is just a bandaid, and while this would be easy to do, it will just give a excuse to push option 2 for later. And I would also add 4: "we should watchout for AVC message in the log, and send a alert". Which would requires to get a monitoring solution, but that's lower priority than others stuff.
Not seen in a long time now.