Description of problem: Version-Release number of selected component (if applicable): dnf-2.7.5-10.el7.noarch How reproducible: Always Steps to Reproduce: 1. Create a yum.repo file with "username" and "password" directives 2. Run any dnf command 3. Watch it fail Actual results: "Failed to synchronize cache for repo 'bareos-latest', disabling." Expected results: Should send userid and password in reponse to HTTP Basic Auth challenge from webserver hosting the repo. Additional info: Workaround is to embed the username and password in the baseurl, which appears to work OK, but this contradicts 10+ years of instructions hanging around in various places on the 'net. POLA is definitely violated, and not everyone will understand how to urlencode their userid & password.
/etc/yum.repos.d/bareos-latest.conf: *** [bareos-latest] name=bareos-latest type=rpm-md baseurl=https://avantsysadm%40avant.ca:********@download.bareos.com/bareos/release/latest/CentOS_7/ gpgcheck=1 gpgkey=https://download.bareos.com/bareos/release/latest/CentOS_7/repodata/repomd.xml.key enabled=1 *** Instructions provided to users (in the same vein as every other vendor with a password-protected repo) have always been to use a baseurl of "https://download.bareos.com/bareos/release/latest/CentOS_7/" and to add a "username=avantsysadm" and "password=*******" lines to the repo file. I should have titled the bug "dnf breaks backward compatibility for password-protected repos" but I didn't think of that when I was typing it, sorry.
Hi, username / password in the repo config should work (i.e. this functionality is implemented). Please can you run any dnf command exclusively on this repo (e.g. dnf list --refresh --repo bareos-latest --available) and check dnf.librepo.log file? For root user, log file is located in /var/log/dnf.librepo.log, for ordinary user in /var/tmp/dnf-username-xxx/dnf.librepo.log. I suspect there could be an another problem then username/password with this repo. This is my quick experiment with the localy configured password protected repo. /etc/yum.repos.d/dummyrepo.conf: [dummyrepo] name=Dummy repo baseurl=http://localhost/dummyrepo/ enabled=1 gpgcheck=0 username=user password=pwd and this is what I've dumped on network when running the dnf command: GET /dummyrepo/repodata/repomd.xml HTTP/1.1 Host: localhost Authorization: Basic dXNyOnB3ZA== User-Agent: dnf/2.7.5 Accept: */* Cache-Control: no-cache Pragma: no-cache
Created attachment 1434566 [details] logfile showing lack of login
One possible difference is http vs https - dunno if it makes any difference or not.
I've contacted bareos, because without active subscription I'm not able to test access to download.bareos.com.
Thanks for reporting, we really had an issue with password protected repos in dnf. This PR should fix the bug in upstream: https://github.com/rpm-software-management/dnf/pull/1088
The issue is solved by dnf-3.0.1-1 that was released into rawhide.