You are not logged in.
- Topics: Active | Unanswered
#1 2018-06-04 13:43:23
- jshield
- Member
- Registered: 2010-02-15
- Posts: 22
[SOLVED] Requiring pacman to authenticate against a repository
What is the recommended way to get pacman to authenticate against a web server hosting a private pacman repository?
I ask this because I maintain a number of packages that contain prearmed licenses for certain software that I use.
I am transitioning to hosting that repository on a potentially public server, as such I need to lock down access.
Cheers,
Last edited by jshield (2018-06-05 12:52:16)
Offline
#2 2018-06-04 14:45:49
- Slithery
- Administrator
- From: Norfolk, UK
- Registered: 2013-12-01
- Posts: 5,776
Re: [SOLVED] Requiring pacman to authenticate against a repository
I'm not sure what the recommended approach is, but one way would be to switch your XferCommand in pacman.conf to the wget variant and then create the following /root/.netrc file...
machine example.com login <username> password <password>I've never tried this myself but it should work 
Another option would be to skip using a web server and http altogether if it's going to be private access only, just use something like sshfs to mount the remote repo then use a file:/// declaration in your pacman config.
Offline
#3 2018-06-04 16:15:51
- eschwartz
- Fellow
- Registered: 2014-08-08
- Posts: 4,097
Re: [SOLVED] Requiring pacman to authenticate against a repository
Yeah, the builtin download agent does not support authenticated download, but external XferCommand works fine with whatever downloader you would like.
BTW I suggest using curl --netrc-file
Managing AUR repos The Right Way -- aurpublish (now a standalone tool)
Offline
#4 2018-06-05 12:51:30
- jshield
- Member
- Registered: 2010-02-15
- Posts: 22
Re: [SOLVED] Requiring pacman to authenticate against a repository
I forgot about .netrc, it appears that pacman supports it out of the box possibly due to it being linked against libcurl.
Cheers for that.
@Slithery I contemplated using sshfs, and I may yet still, however I don't have ssh enabled on the server, as I manage it through the console provided by the VPS provider, and there is an agent that pulls jobs from my CI server to build packages.
Offline