Configuring the blacklist repository function to allow only entitled repositories

The repository blacklist function blocks access to Red Hat repositories that are not needed for patching.

Before you begin

Identify the Red Hat repositories that your subscription covers. You can run the --check-baserepos command on the RHSMPlugin.exe. For more information, see Verifying RHSM download plug-in certificate access to Red Hat repositories.

About this task

The repository blacklist, which is drawn from the allowrepos.cfg, lists which repositories the download plug-in can access. The repository blacklist improves the performance of the download plug-in and the download cacher. It also reduces the amount of errors that are logged in RHSMDownloadCacher.log and RHSMPlugin.log.

Automatic configuration
Starting from v1.0.1.2, after running --check-baserepos, users are prompted if they want to automatically update the allowrepos.cfg.
Manual configuration

Manual configuration of the functionality is available from version 1.0.0.x of the RHSM download plug-in and RHSM download cacher.

The functionality works around a limitation in how the BES server processes downloads. The limitation might result to unnecessary errors being logged and to longer processing time of the download plug-in and download cacher.

After the RHSM download plug-in is run for the first time, a file called allowrepos.cfg is created in the same folder as the download plug-in and the cacher. The file lists the Red Hat repositories that BigFix supports. By default, all repositories are allowed.
  • YES or Y = the repository is allowed to be accessed by the plug-in
  • NO or N = the repository is not allowed to be accessed by the plug-in
Note: You only need to run the RHSM download plug-in once to generate the file.

Procedure

  1. If you have not done so, run the RHSM download plug-in. The allowrepos.txt file is generated in the same folder as the RHSM download plug-in and the RHSM download cacher.
  2. Open allowrepos.txt in a text editor. The file contains a list of repositories which are set to YES by default.
    • YES or Y = the repository is allowed to be accessed by the plug-in
    • NO or N = the repository is not allowed to be accessed by the plug-in

    client-6-x86 = yes

    client-6-x86_64 = yes

    client-7-x86_64 = yes

    server-6-s390x = yes

    server-6-x86 = yes

    server-7-x86_64 = yes

    server-7-ppc64le = yes

    server-7-ppc64be = yes

    workstation-6-x86 = yes

    workstation-6-x86_64 = yes

    workstation-7-x86_64 = yes

  3. Set the values of the repositories. Set YES or Y to the Red Hat repositories to which you have access and NO or N to repositories to which you have no access.
  4. Save your changes.