[ale] Safe apt-get repositoris
Dow Hurst
dhurst at kennesaw.edu
Fri Jun 18 19:12:44 EDT 2004
I gone to the same place. :-)
I did the same thing, however, tracking if you've actually grabbed everything
is a pain. Plus, it takes about an hour to work thru the whole thing the
first time. About half that once your familiar with that site. Also, you
have the compile the source of the libdcss due to the DMCA restrictions.
So, apt-get is probably well worth using and Gentoo even more so just as long
as you have a trusted repository to draw from. You know, way back Redhat's
big thing was "pristine source code". It is just finding all the code you
really want that is the tricky part!
Dow
James Taylor wrote:
> For the last several releases of SuSE (8.1 to 9.1), I've been able to
> go to http://packman.links2linux.org and get the rpm's I needed to
> install mplayer or xine with all the "good" codecs. I haven't had a
> problem with dumping all the rpm's into a directory and installing with
> command line rpm using force and nodeps.
> Probable not as simple as useing apt-get if I had it installed, but I
> don't have it installed.
> -jt
>
>
>
>>>>dhurst at kennesaw.edu 06/18 6:03 pm >>>
>
> I needed a video player badly yesterday to check a movie of an MD
> simulation
> and RH9 comes with no video players. So I went searching and used
> ayo.freshrpms.net to get apt and then mplayer. Worked like a charm and
> even
> played an encrypted DVD I had handy to check with. Since the encryption
> can't
> be distributed from within the US but the guy's site has a GPG key
> available,
> then I should have checked the signature. However, the site resolves to
> an
> .ie network and may or may not be trustable. At least my point here is
> that
> the good stuff people might want may not be distributed thru the safest
> of
> channels. I guess if you could find out the background of the person
> who is
> making the repository available, then that could help alot. I could
> have
> checked if they were well known in the Linux community or Open Source
> community and had a good rep.
>
> I like the Gentoo idea overall since you download the source and compile
> it.
> It less likely someone would expect to get away with compromising source
> code,
> especially if apt-get checks the signatures from an alternate trusted
> server.
>
> Sorry for rambling but I got really excited over the ease of the mplayer
>
> install and also how it was a fully enabled mplayer. To do this on SuSE
>
> manually requires entering rpm hell by downloading a bunch of rpms from
> a
> particular site and installing in the right order, just like Redhat
> would
> require. I'd like to find apt-get repositories that were very complete,
>
> trustable, and had fully enabled sources.
>
> Do Gentoo repositories have the decoding DVD library and all the codecs
> for
> mplayer or xine in the sources?
> Dow
>
>
> Michael D. Hirsch wrote:
>
>>On Friday 18 June 2004 03:53 pm, Dow Hurst wrote:
>>
>>
>>>I have finally had a chance to use apt-get on a RH9 workstation.
>
> However,
>
>>>my question is how can you know that the repository is a safe one with
>
>
>>>binaries that are trustable? Now, I am not asking how to secure a
>
> computer
>
>>>and I don't want to rehash how the only secure computer is one with no
>
>
>>>connections and so on ad infinitum.... ;-)
>>>
>>>I guess I am really asking where the best/safest repositories are for
>>>Redhat?
>>
>>
>>I can't really vouch for the safety of these, but I like 'em:
>>
>># Fedora stable repository for Red Hat 9
>>rpm http://download.fedora.us/fedora/ redhat/9/i386 stable os updates
>
>
>>rpm-src http://download.fedora.us/fedora/ redhat/9/i386 stable os
>
> updates
>
>># Red Hat Linux 9
>>rpm http://apt.freshrpms.net/ redhat/9/i386 freshrpms
>>rpm-src http://apt.freshrpms.net/ redhat/9/i386 freshrpms
>>
>>## kde-redhat repository(s) for Red Hat 9 (yes, *4* lines)
>>rpm ftp://apt.kde-redhat.org/apt fedora/9 stable
>>rpm ftp://apt.kde-redhat.org/apt fedora/all stable
>>rpm ftp://apt.kde-redhat.org/apt kde-redhat/9 stable
>>rpm ftp://apt.kde-redhat.org/apt kde-redhat/all stable
>>
>>--Michael
>>
>>
>>Ale mailing list
>>Ale at ale.org
>>http://www.ale.org/mailman/listinfo/ale
>>
>
>
--
__________________________________________________________
Dow Hurst Office: 770-499-3428 *
Systems Support Specialist Fax: 770-423-6744 *
1000 Chastain Rd. Bldg. 12 *
Chemistry Department SC428 Email: dhurst at kennesaw.edu *
Kennesaw State University Dow.Hurst at mindspring.com *
Kennesaw, GA 30144 *
************************************************************
This message (including any attachments) contains *
confidential information intended for a specific individual*
and purpose, and is protected by law. If you are not the *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it, *
is strictly prohibited. *
************************************************************
More information about the Ale
mailing list