Mailinglist Archive: zypp-devel (62 mails)

< Previous Next >
Re: [zypp-devel] [bnc 450001][bnc 449228] Disable signed repos if the user does not trust the key?
  • From: Michael Andres <ma@xxxxxxx>
  • Date: Thu, 4 Dec 2008 10:23:41 +0100
  • Message-id: <>
On Wednesday 03 December 2008 14:19:45 Lukas Ocilka wrote:
But we could change it to:
[ Trust & Import ] [ Disable the Repository ]

BTW: "Don't show this dialog again" works too...

[trust but not import] IMO is a valid 3rd case here.

Actually right now it is broken. The users complained about needing to
answer two questions. But removing trust/not import is even worse.

zypper is much more clever with the question.

Frankly, if it comes to selecting between 'product/project managers want
this' and 'some users want that' we go the 'managers' way. The current
solution was requested by managers. Of course, managers should have
enough information from all parties to decide.

This might again change in the context of:

After NCC, system adds ATI and NVIDIA repositories on machines that
neither ATI and NVIDIA hardware.

The idea of being able to disable repos by not trusting the key is meant to be
a convenient 'fix' for the above shortcoming.

Personally I dislike to implement this as a default behavior in libzypp. I'd
like the applications to offer 'disable repo', and the user to explicitly
select it. But this is meant to be a feature, not a fix for the above bug.

If NCC can't filter the repos, maybe registration can do this locally?


Michael Andres

Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4
Michael Andres YaST Development ma@xxxxxxxxxx
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0

To unsubscribe, e-mail: zypp-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: zypp-devel+help@xxxxxxxxxxxx

< Previous Next >
List Navigation
Follow Ups