Glad it solve your issue.

 

Perhaps that it would be good to have this option disabled by default ?

 

Regards,

Philippe.

 

From: Nuno Higgs <suse@labs.nuneshiggs.com>
Sent: viernes, 29 de mayo de 2020 10:38
To: Bidault, Philippe <Philippe.Bidault@Getronics.com>; 'Pau Garcia Quiles' <pau.garcia@suse.com>; uyuni-users@opensuse.org
Subject: RE: [uyuni-users] spacewalk-repo-sync - repomd.xml

 

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Hello Philippe,

Perfect. It was this. I didn’t notice the option when I configured the repo.
Thanks a lot for your help!

Thank all for all your help!

 

--

Kindly,
Nuno

 

From: Bidault, Philippe [mailto:Philippe.Bidault@Getronics.com]
Sent: 28 May 2020 20:54
To: Pau Garcia Quiles; Nuno Higgs; uyuni-users@opensuse.org
Subject: RE: [uyuni-users] spacewalk-repo-sync - repomd.xml

 

Hi,

 

When a new repository is created, the option “Has Signed Metadata?:" is enabled by default.

Have you unselected it for your inhousechannel repository ?

 

Regards,

Philippe.

 


Philippe Bidault | Unix Engineer

Getronics

M. 34617301667 | E. Philippe.Bidault@Getronics.com | W. www.getronics.com

Getronics CMC Service Desk Iberia S.L -  VAT No:S.L.: B66686262.
Registered Office - Getronics CMC Service Desk Iberia S.L, C/Rosselloi, Porcel, 21 planta 11, 08016 Barcelona, Spain.
 
The information transmitted is intended only for use by the addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material.  Thank you.

Legal disclaimer: http://www.getronics.com/legal/

From: Pau Garcia Quiles <pau.garcia@suse.com>
Sent: jueves, 28 de mayo de 2020 21:13
To: Nuno Higgs <suse@labs.nuneshiggs.com>; uyuni-users@opensuse.org
Subject: RE: [uyuni-users] spacewalk-repo-sync - repomd.xml

 

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Hi

 

What product (Uyuni or SUSE Manager?) and version are we talking about?

 

This may have been introduced in Uyuni 2020.03 or Uyuni 2020.04 (can't really remember) when we added support for signed Debian metadata but I think we have fixed that already.

 

Thank you

 

Pau Garcia Quiles

SUSE Manager Product Owner & Technical Project Manager

Phone: +1 385-666-5608

SUSE Software Solutions Spain

 

 

De: Nuno Higgs <suse@labs.nuneshiggs.com>
Enviado: jueves, 28 de mayo de 2020 19:56
Para: uyuni-users@opensuse.org <uyuni-users@opensuse.org>
Asunto: [uyuni-users] spacewalk-repo-sync - repomd.xml

 

Hello all.

 

I've recently came over form spacewalk to suse manager, and found an issue, regarding spacewalk-repo-sync, because some of my inhouse software providers do not sign their repomd.xml file:

 

# spacewalk-repo-sync --channel inhousechannel

 

06:42:48 ======================================

06:42:48 | Channel: inhousechannel

06:42:48 ======================================

06:42:48 Sync of channel started.

 

Preparing custom SSL CAPATH at /var/cache/rhn/reposync/.ssl-certs/1

 

Retrieving repository 'inhousechannel' metadata ----------------------------------------------------------------[]

Warning: File 'repomd.xml' from repository 'inhousechannel' is unsigned.

    Note: Signing data enables the recipient to verify that no modifications occurred after the data

    were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system and in extreme cases even to a system compromise.

    Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the  whole repo.

    Warning: We can't verify that no one meddled with this file, so it might not be trustworthy anymore! You should not continue unless you know it's safe.

 

File 'repomd.xml' from repository 'inhousechannel' is unsigned, continue? [yes/no] (no):

 

If i press y, the sync will occur, but i was wondering if there is a flag i can pass for the missing xml signature being ignored?

I know that is a BAD security error to do so, but at the present i really do not have any choice.

 

Can you help me please?

Thanks
Nuno

  sign-info