[mirror-admin] Seeding newkeys with old content?
Axel Thimm
Axel.Thimm at ATrpms.net
Sat Sep 6 22:24:34 EDT 2008
On Sat, Sep 06, 2008 at 04:54:36PM -0400, Chuck Anderson wrote:
> On Sat, Sep 06, 2008 at 10:05:00PM +0200, Arnaud Gomes-do-Vale wrote:
> > Chuck Anderson <cra at WPI.EDU> writes:
> >
> > > True. It does require operator intervention, however, rather than
> > > being fully automatic. I think it is about time we need a
> > > mirror-client-side toolset that can automate some of these tasks. I
> > > envision a system where the first step of a sync process downloads a
> > > pre-sync script from the master that handles these tasks.
> >
> > And I am sure most of us would be more than happy to have this system
> > automatically run an unknown script on our servers without any human
> > control. ;-)
>
> I was thinking the same thing actually. An idea popped into my head
> to use some kind of restricted shell or special purpose program that
> was only allowed to do certain things, then configure or script that
> instead of using bash. If only there was such a program or shell that
> admins could trust (or perhaps be enforced with MAC, chroot, and the
> like) not to touch anything outside of the mirror directory and only
> be able to perform file/directory manipulations. Anyone know of
> something that already exists and is suitable for this purpose?
report_mirror ? :)
People (like me) that use this tool have already placed trust in its
authors. If any pre_mirror tools comes as a sibling reading off the
same config as report_mirror there would be no more trust to invest.
But I know of many admins that don't even trust report_mirror, in that
case there can't be any black-box pre_mirror tool for them either. But
cp -a is not rocket science either. Quite often when there were larger
mirror restructuring Jesse and others have posted scriplets to
accomodate mirror admins.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://mail.ale.org/pipermail/mirror-admin/attachments/20080907/90ed8e8a/attachment.bin
-------------- next part --------------
--
More information about the Mirror-admin
mailing list