Mirrorring F8: updates and newkey directories
Bruno Wolff III
bruno at wolff.to
Tue Dec 9 02:16:01 UTC 2008
On Mon, Dec 08, 2008 at 19:11:19 -0500,
lanas <lanas at securenet.net> wrote:
>
> I noticed that on the servers the updates are not directly in a
> updates/8/i386/ directory but rather in a updates/8/i386.newkey/
> directory. This is generalized enough that it looks like a
> way of doing things. Which is not part of the howto above. Must be
> recent.
It is fallout from the compromise this past summer. Because of risk to
the signing key, the signing key was changed. In order to allow relatively
seemless switch between the keys, while not allowing fallback the newkey
repositories were created and the old update repositories changed to
have just enough stuff to switch people to the new repositories.
> Can I then simply rsync to a local ../updates/8/i386/ from the newkey
> directory, or is there a procedure to follow that includes scripts
> setting up stiff locally ?
That should work OK. Within the repository directory all references should
be relative, so as l;ong as your .repo file points to the correct top
level directory, everything should work.
More information about the fedora-list
mailing list