Add --noverifyssl to lorax (#1430483)
Previously lorax had no way to use repos with self-signed certificates. This adds the --noverifyssl cmdline option which will ignore certificate errors. Resolves: rhbz#1430483
This commit is contained in:
Brian C. Lane
parent
3552cda01c
commit
cc56a5b5c9
@ -110,6 +110,8 @@ def lorax_parser():
|
|||||||
metavar="[repo]", help="Names of repos to disable")
|
metavar="[repo]", help="Names of repos to disable")
|
||||||
optional.add_argument("--rootfs-size", type=int, default=2,
|
optional.add_argument("--rootfs-size", type=int, default=2,
|
||||||
help="Size of root filesystem in GiB. Defaults to 2.")
|
help="Size of root filesystem in GiB. Defaults to 2.")
|
||||||
|
optional.add_argument("--noverifyssl", action="store_true", default=False,
|
||||||
|
help="Do not verify SSL certificates")
|
||||||
|
|
||||||
# add the show version option
|
# add the show version option
|
||||||
parser.add_argument("-V", help="show program's version number and exit",
|
parser.add_argument("-V", help="show program's version number and exit",
|
||||||
|
|||||||
@ -89,7 +89,7 @@ def main():
|
|||||||
dnfbase = get_dnf_base_object(installtree, opts.source, opts.mirrorlist, opts.repos,
|
dnfbase = get_dnf_base_object(installtree, opts.source, opts.mirrorlist, opts.repos,
|
||||||
opts.enablerepos, opts.disablerepos,
|
opts.enablerepos, opts.disablerepos,
|
||||||
dnftempdir, opts.proxy, opts.version, opts.cachedir,
|
dnftempdir, opts.proxy, opts.version, opts.cachedir,
|
||||||
os.path.dirname(opts.logfile))
|
os.path.dirname(opts.logfile), not opts.noverifyssl)
|
||||||
|
|
||||||
if dnfbase is None:
|
if dnfbase is None:
|
||||||
print("error: unable to create the dnf base object", file=sys.stderr)
|
print("error: unable to create the dnf base object", file=sys.stderr)
|
||||||
@ -136,7 +136,7 @@ def main():
|
|||||||
def get_dnf_base_object(installroot, sources, mirrorlists=None, repos=None,
|
def get_dnf_base_object(installroot, sources, mirrorlists=None, repos=None,
|
||||||
enablerepos=None, disablerepos=None,
|
enablerepos=None, disablerepos=None,
|
||||||
tempdir="/var/tmp", proxy=None, releasever="21",
|
tempdir="/var/tmp", proxy=None, releasever="21",
|
||||||
cachedir=None, logdir=None):
|
cachedir=None, logdir=None, sslverify=True):
|
||||||
""" Create a dnf Base object and setup the repositories and installroot
|
""" Create a dnf Base object and setup the repositories and installroot
|
||||||
|
|
||||||
:param string installroot: Full path to the installroot
|
:param string installroot: Full path to the installroot
|
||||||
@ -148,6 +148,7 @@ def get_dnf_base_object(installroot, sources, mirrorlists=None, repos=None,
|
|||||||
:param string proxy: http proxy to use when fetching packages
|
:param string proxy: http proxy to use when fetching packages
|
||||||
:param string releasever: Release version to pass to dnf
|
:param string releasever: Release version to pass to dnf
|
||||||
:param string cachedir: Directory to use for caching packages
|
:param string cachedir: Directory to use for caching packages
|
||||||
|
:param bool noverifyssl: Set to True to ignore the CA of ssl certs. eg. use self-signed ssl for https repos.
|
||||||
|
|
||||||
If tempdir is not set /var/tmp is used.
|
If tempdir is not set /var/tmp is used.
|
||||||
If cachedir is None a dnf.cache directory is created inside tmpdir
|
If cachedir is None a dnf.cache directory is created inside tmpdir
|
||||||
@ -195,6 +196,9 @@ def get_dnf_base_object(installroot, sources, mirrorlists=None, repos=None,
|
|||||||
if proxy:
|
if proxy:
|
||||||
conf.proxy = proxy
|
conf.proxy = proxy
|
||||||
|
|
||||||
|
if sslverify == False:
|
||||||
|
conf.sslverify = False
|
||||||
|
|
||||||
# Add .repo files
|
# Add .repo files
|
||||||
if repos:
|
if repos:
|
||||||
reposdir = os.path.join(tempdir, "dnf.repos")
|
reposdir = os.path.join(tempdir, "dnf.repos")
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user