P2P Package Manager
Billy Crook
billycrook at gmail.com
Thu Sep 20 13:28:01 CDT 2007
Good point. The easiest way to secure it would be for the service to trust
the other machines based on their root password. If they don't match, don't
trust; if they do, then they're either controlled by the same person or at
least one of the admins is a moron. I was also assuming you would only
trust packages signed by your distro, in which case, even if someone broke
into your house and put a machine on your network, its rogue packages would
easily be detected and ignored.
Local repositories have to be set up, and maintained by people. The package
manager is 'just there'. I'm surprised the main distros haven't came up
with a clever way like this to save on their bandwidth bills.
On 9/20/07, Kyle Sexton <ks at mocker.org> wrote:
>
> "Billy Crook" <billycrook at gmail.com> writes:
>
> > Has anyone ever heard of a package manager that 'scans' other machines
> within its subnet or within specified subnets
> > for updates before using the official repositories? There would either
> have to be some service advertisement protocol
> > lime MDNS or each machine would literally have to scan for a designated
> port number listening for these requests on all
> > machines. Once they locate each other, the idea would be ome machine
> downloads 500MB of updates from the repo, and
> > from there on, every other machine (with the same distro and arch) just
> pulls from the faster local machine, rather
> > than using up inet bandwidth.
> >
> > Any suggestions (Other than a dedicated local repository mirror)?
> >
>
> I haven't heard of anything like this before, but a problem I see is
> that you'd have to authenticate which of the servers are allowed to
> contain updates. Otherwise someone could put a box up w/ rouge packages
> and get them pushed out (granted package signing probably solves this a
> little).
>
> Can I ask what the advantage of this as opposed to a local repository
> is?
>
> --
> Kyle Sexton
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kclug.org/pipermail/kclug/attachments/20070920/03b93693/attachment.htm
More information about the Kclug
mailing list