[EXTERNAL EMAIL]
Once upon a time, Gregory Matthews <[email protected]> said: > On 20/05/2019 11:46, Ben Argyle wrote: > >I've been informed that I needed to rerun > > > >curl -s https://linux.dell.com/repo/hardware/dsu/bootstrap.cgi | bash > > but this will also write a repo file which breaks things if you > mirror locally. Also, it might not be clear - you need to import the > keys on EVERY server so this doesn't exactly scale. Right. The correct way is to distribute the key, not expect it to be installed manually after a "yum update" (I expect an update to work automatically). > and am I the only one who hates the idea of running a curl fetch and > piping it directly to a shell AS ROOT!? This is not just bad > practice, its a sackable offence. Yeah, this is a bad setup. Distribute an RPM with the repo files and keys, so it can be installed with regular automated tools. Right now, I just have the repos created manually with Ansible tasks. I didn't realize the key had changed (hadn't updated Dell stuff on a server yet). Other enterprise companies "get" this - Chrome, Slack, and Teamviewer for example (just things I have installed on my desktop) each have a repo file owned by an RPM that can be updated, including keys as necessary. -- Chris Adams <[email protected]> _______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
