[mirror-admin] Seeding newkeys with old content?

[Chuck Anderson]

On Sat, Sep 06, 2008 at 10:05:00PM +0200, Arnaud Gomes-do-Vale wrote:
> Chuck Anderson <cra at WPI.EDU> writes:
> 
> > True.  It does require operator intervention, however, rather than 
> > being fully automatic.  I think it is about time we need a 
> > mirror-client-side toolset that can automate some of these tasks.  I 
> > envision a system where the first step of a sync process downloads a 
> > pre-sync script from the master that handles these tasks.
> 
> And I am sure most of us would be more than happy to have this system
> automatically run an unknown script on our servers without any human
> control. ;-)

I was thinking the same thing actually.  An idea popped into my head 
to use some kind of restricted shell or special purpose program that 
was only allowed to do certain things, then configure or script that 
instead of using bash.  If only there was such a program or shell that 
admins could trust (or perhaps be enforced with MAC, chroot, and the 
like) not to touch anything outside of the mirror directory and only 
be able to perform file/directory manipulations.  Anyone know of 
something that already exists and is suitable for this purpose?

--