rhnreborn: finally make our lives easier for syncing cdn.redhat.com content (!180) · Merge requests · linuxsupport / cronjobs / reposync

Ben Morrice requested to merge rhnreborn into master Sep 25, 2021

All RedHat repos are now defined to use a yum var /certs/$certificate for the the sslclientcert, in addition RedHat repos will run a custom script rhn_update_cert_symlink.sh

rhn_update_cert_symlink.sh will define the $certificate variable (/etc/yum/vars/certificate) to have the content of $repoid The file /cert/$repoid will actually be a symlink to the actual certificate that is entitled for the baseurl

The script will attempt to authenticate to the baseurl of the repo, using the symlink for the clientcert. If this symlink does not exist, or if the authentication fails - the script will then loop over all .pem files and update the symlink to the first .pem that authenticates successfully

Edited Sep 25, 2021 by Ben Morrice

rhnreborn: finally make our lives easier for syncing cdn.redhat.com content

Merge request reports