Cédric Bosdonnat
2015-Oct-02 16:16 UTC
[Libguestfs] [PATCH] customize: remove zypper's gpg keys auto-import
This option was considered unsecure, found a fix on the generated opensuse images instead. --- customize/customize_run.ml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/customize/customize_run.ml b/customize/customize_run.ml index ad0ab7f..6cb2328 100644 --- a/customize/customize_run.ml +++ b/customize/customize_run.ml @@ -116,7 +116,7 @@ exec >>%s 2>&1 | "yum" -> sprintf "yum -y install %s" quoted_args | "zypper" -> - sprintf "zypper -n --gpg-auto-import-keys in -l %s" quoted_args + sprintf "zypper -n in -l %s" quoted_args | "unknown" -> error (f_"--install is not supported for this guest operating system") | pm -> @@ -143,7 +143,7 @@ exec >>%s 2>&1 | "yum" -> sprintf "yum -y update" | "zypper" -> - sprintf "zypper -n --gpg-auto-import-keys update -l" + sprintf "zypper -n update -l" | "unknown" -> error (f_"--update is not supported for this guest operating system") | pm -> -- 2.1.4
Richard W.M. Jones
2015-Oct-02 16:22 UTC
Re: [Libguestfs] [PATCH] customize: remove zypper's gpg keys auto-import
On Fri, Oct 02, 2015 at 06:16:48PM +0200, Cédric Bosdonnat wrote:> This option was considered unsecure, found a fix on the generated > opensuse images instead. > --- > customize/customize_run.ml | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/customize/customize_run.ml b/customize/customize_run.ml > index ad0ab7f..6cb2328 100644 > --- a/customize/customize_run.ml > +++ b/customize/customize_run.ml > @@ -116,7 +116,7 @@ exec >>%s 2>&1 > | "yum" -> > sprintf "yum -y install %s" quoted_args > | "zypper" -> > - sprintf "zypper -n --gpg-auto-import-keys in -l %s" quoted_args > + sprintf "zypper -n in -l %s" quoted_args > | "unknown" -> > error (f_"--install is not supported for this guest operating system") > | pm -> > @@ -143,7 +143,7 @@ exec >>%s 2>&1 > | "yum" -> > sprintf "yum -y update" > | "zypper" -> > - sprintf "zypper -n --gpg-auto-import-keys update -l" > + sprintf "zypper -n update -l" > | "unknown" -> > error (f_"--update is not supported for this guest operating system") > | pm -> > -- > 2.1.4Thanks - pushed. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://people.redhat.com/~rjones/virt-top
Apparently Analagous Threads
- [PATCH v2 2/2] customize: get zypper to eat licenses and gpg keys
- [PATCH] customize: Add --uninstall operation.
- Re: [PATCH 2/2] customize: Improve the error messages when package manager is unknown or unsupported.
- [PATCH v2 1/2] builder: add opensuse images sources
- Re: [PATCH 2/2] Make sure gpg-agent is terminated before umount