Keith Roberts wrote:
> OK. I am listening to all your comments. My repo would be
> using dependencies probably from the other centos repos,
> like ATrpms, remi, EPEL, et al. If they needed any that is.
>
If you need to rely on other third party repos, and you are set on
intent to have your own repo, then you will need your own release
package and you might find necessity to distribute yum configuration
files for other repositories with priority plugin enabled (like I did
for my repo) and create security nightmare and distrust of general
public, or to create installation script like virtualmin/webmin does.
I created the set of release packages and a script that backups current
set of yum config files and replaces them with config files created for
particular use.
For example, for use on servers I compiled main centOS repositories
including CentOS Plus, EPEL, and several of my own repositories. For
desktop users I added ATrpms, RPMForge and few others like adobe and
pidgin repositories. But all of those yum config files are created by
me, not by the repo owners and I have excluded all of the their release
files including CentOS release files.
I had to create text database file from witch I pull data and create
sets of yum config files with inserted exclude and priority lines. Other
option was to change yum config files for those repos by I decided this
is easiest and safe for the user, but he has to trust that I will not
redirect him to unsafe site with fake repository. That is why I haven't
bothered with signing and was satisfied to use my repositories on system
I maintain.
Ljubomir
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
