Mailinglist Archive: zypp-devel (62 mails)

< Previous Next >
Re: [zypp-devel] [bnc 450001][bnc 449228] Disable signed repos if the user does not trust the key?
  • From: Stanislav Visnovsky <visnov@xxxxxxx>
  • Date: Thu, 4 Dec 2008 11:05:56 +0100
  • Message-id: <200812041105.56748.visnov@xxxxxxx>
On Thursday 04 December 2008 10:23:41 Michael Andres wrote:
On Wednesday 03 December 2008 14:19:45 Lukas Ocilka wrote:
But we could change it to:
[ Trust & Import ] [ Disable the Repository ]

BTW: "Don't show this dialog again" works too...

[trust but not import] IMO is a valid 3rd case here.

Actually right now it is broken. The users complained about needing to
answer two questions. But removing trust/not import is even worse.

zypper is much more clever with the question.

Frankly, if it comes to selecting between 'product/project managers want
this' and 'some users want that' we go the 'managers' way. The current
solution was requested by managers. Of course, managers should have
enough information from all parties to decide.

This might again change in the context of:

https://bugzilla.novell.com/show_bug.cgi?id=449228.

After NCC, system adds ATI and NVIDIA repositories on machines that have
neither ATI and NVIDIA hardware.

The idea of being able to disable repos by not trusting the key is meant to
be a convenient 'fix' for the above shortcoming.


Personally I dislike to implement this as a default behavior in libzypp.
I'd like the applications to offer 'disable repo', and the user to
explicitly select it. But this is meant to be a feature, not a fix for the
above bug.


If NCC can't filter the repos, maybe registration can do this locally?

It's not a good idea, because the solution would be very complex (matching
repos against pci-ids?)

Stano

--
To unsubscribe, e-mail: zypp-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: zypp-devel+help@xxxxxxxxxxxx

< Previous Next >
List Navigation