Short term (ugly! and dangerous!) you could consider using the command 'yes' https://www.howtogeek.com/415535/how-to-use-the-yes-command-on-linux/ Or if you want to answer yes only to that question, you could consider a expect script https://likegeeks.com/expect-command/ AFAIK we don't have an endpoint on the API to do this, and neither is supported by spacecmd. In the end the solutions above are hacks so... Maybe you can create an issue? I guess that if there's enough community interest, an implementation could be considered. Not sure how hard it will be. So far I know https://github.com/uyuni-project/ uyuni/blob/master/backend/satellite_tools will require changes (spacewalk- repo-sync, reposync.py, yum_src.py and not sure if part of the Java code). If you are somehow faimilar with Python, you could also consider having a look and try a PR :-) However implementing it is maybe not that hard On jueves, 28 de mayo de 2020 19:56:58 (CEST) Nuno Higgs wrote:
Hello all.
I've recently came over form spacewalk to suse manager, and found an issue, regarding spacewalk-repo-sync, because some of my inhouse software providers do not sign their repomd.xml file:
# spacewalk-repo-sync --channel inhousechannel
06:42:48 ======================================
06:42:48 | Channel: inhousechannel
06:42:48 ======================================
06:42:48 Sync of channel started.
Preparing custom SSL CAPATH at /var/cache/rhn/reposync/.ssl-certs/1
Retrieving repository 'inhousechannel' metadata ----------------------------------------------------------------[]
Warning: File 'repomd.xml' from repository 'inhousechannel' is unsigned.
Note: Signing data enables the recipient to verify that no modifications occurred after the data
were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system and in extreme cases even to a system compromise.
Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the whole repo.
Warning: We can't verify that no one meddled with this file, so it might not be trustworthy anymore! You should not continue unless you know it's safe.
File 'repomd.xml' from repository 'inhousechannel' is unsigned, continue? [yes/no] (no):
If i press y, the sync will occur, but i was wondering if there is a flag i can pass for the missing xml signature being ignored?
I know that is a BAD security error to do so, but at the present i really do not have any choice.
Can you help me please?
Thanks Nuno
-- Julio González Gil Release Engineer, SUSE Manager and Uyuni jgonzalez@suse.com