Additional Image Properties
-
ca-path
-
Specifies a path name that points to a directory where CA certificates are kept for SSL operations. The format of this directory is specific to the underlying SSL implementation. To use an alternate location for trusted CA certificates, change this value to point to a different directory. See the
CApath
portions ofSSL_CTX_load_verify_locations
(3openssl) for requirements for the CA directory.The default value is
/etc/openssl/certs
. -
check-certificate-revocation
-
If set to
true
, the package client attempts to contact any CRL distribution points in the certificates used for signature verification to determine whether the certificate has been revoked since being issued.The default value is
False
. -
content-update-policy
-
Specify when the package system will update non-editable files during packaging operations. The following values are allowed:
-
default
-
Always apply the default content update policy.
-
always
-
Always download and update non-editable files that have changed.
-
when-required
-
Download and update non-editable files that have changed only if the package system has determined that an update is required.
The default value is
always
. -
-
flush-content-cache-on-success
-
If set to
true
, the package client removes the files in its content-cache when image-modifying operations complete successfully. For operations that create a BE, the content is removed from both the source and destination BE.This property can be used to keep the content-cache small on systems with limited disk space. This property can cause operations to take longer to complete.
The default value is
True
. -
mirror-discovery
-
This property tells the package client to discover link-local content mirrors using mDNS and DNS-SD. If this property is set to
true
, the package client attempts to download package content from mirrors it dynamically discovers. To run a mirror that advertises its content via mDNS, see thepkg.depotd
(8) man page.The default value is
False
. -
send-uuid
-
Send the Universally Unique Identifier (UUID) for this image when performing network operations. Although users can disable this option, some network repositories might refuse to talk to package clients that do not supply a UUID.
The default value is
True
. -
trust-anchor-directory
-
The value of this property is the path name of the directory that contains the trust anchors for the image. This path is relative to the root of the image.
The default value is
etc/certs/CA
. -
use-system-repo
-
This property indicates whether the image should use the system repository as a source for image and publisher configuration and as a proxy for communicating with the publishers provided. See the
pkg.sysrepo
(8) man page for information about system repositories.The default value is
ignore
.