On Mon, Jun 23, 2014 at 4:00 PM, Paul Robert Marino <[log in to unmask]> wrote:
> well what I dont understand here is all of RHEL SRPMs are on a web
> server an can be downloaded if you have an entitlement.
> all you need is
> 1) the CA cert located here /usr/share/rhn/RHNS-CA-CERT on any Red Hat host.
> 2) the entitlement cert from subscription manager winch you can get
> off of access.redhat.com go to Subscriptions -> Subscription
> Management -> UNITs then click on the subscription you would like to
> use. you will see a Download button on the top left side of the
> screen.
> 3) on the page where you downloaded the certificate there is a sub tab
> called Content Set take the URL's listed there and prefix them with
> https://cdn.redhat.com

Redistributing those, as SL does with its "vendor" directory, can be
legally problematic. Some of the published source packages for our
favorite vendor's clients are *not* freeware or open source that can
be safely repackaged. They're excellent about freeing those packages
up for inclusion in the public mirrors, but you can't just script "get
only the freely redistributable SRPM's". Also, the subscription only
gets the packages for which you've bought a subscription: so if you
want to run a "mock" build environment for 32-bit or 64-bit or
different releases, and want to review and modify the source code for
them, you're encumbered by the discrepancies between the older SRPM
distribution and the new, hopefully quickly evolving, "git" based
model.

> if you connect with a browser you can see its just a standard yum repo
> which uses the certificates for authentication, so most yum mirroring
> tools will work just fine as long as it can supply the the PKI
> (entitlement) cert to their web server.

The PKI doesn't provide access to all relevant upstream repositories.
The upstream web access, and worldwide mirrors, did. I'm quite
saddened at the loss.