[Spacewalk-list] spacewalk with suse clients - unsigned repomd.xml

[Dominik L. Borkowski]

Hello,

We're trying to deploy spacewalk server for CentOS and SLES/OpenSUSE clients. While the basic functionality works great with suse systems, there is one problem we're running to. It seems that by default libzypp expects repomd.xml from repositories to be signed, and it tries to find repomd.asc and repomd.key. When they're absent, especially on SLES, both zypper, and consequently rhn services, fail to perform any package upgrades. Here's the relevant part of run_check -vvv:

D: Sending back response (4, u"Refreshing service 'spacewalk'.\nRepository 'SLES 11 SP1 (x86_64)' is invalid.\nSignature verification failed for repomd.xml\nPlease check if the URIs defined for this repository are pointing to a valid repository.\n\nDisabling repository 'SLES 11 SP1 (x86_64)' because of the above error.\nRepository 'SLES 11 SP1 Updates (x86_64)' is invalid.\nSignature verification failed for repomd.xml\nPlease check if the URIs defined for this repository are pointing to a valid repository.\n\nDisabling repository 'SLES 11 SP1 Updates (x86_64)' because of the above error.\nLoading repository data...\nReading installed packages...\nResolving package dependencies...", {})

It seems that suse's zypper doesn't have a global option to turn off GPG checks for repository signatures. That leaves trying to solve the problem on spacewalk server's side, and try to provide signatures for repomd.xml. Is that even a possibility?

Thank you in advance for any hints.

Cheers!
---
dom