[mirror-admin] reducing "allowed stale" time from 7 days
Matt Domsch
Matt_Domsch at dell.com
Mon Apr 13 15:06:52 EDT 2009
On Mon, Apr 13, 2009 at 10:13:33AM -0400, Chris Schanzle wrote:
> On 04/12/2009 08:03 PM, Matt Domsch wrote:
> >At the same time, the MM crawler was adapted last week to run more
> >frequently (every couple hours now), and to verify the mirror's
> >repomd.xml file. If it doesn't match what is current, the mirror is
> >marked not up-to-date. Now, a maliciously stale mirror could report
> >to the MM crawler the current repomd.xml, while serving a stale
> >repomd.xml to downstream clients. The above 7-day (or reduced) window
> >limits how stale they can be.
>
> Is there any new effects on private mirrors (that can't be crawled)?
Yes. Yum will refuse to use a mirror which is more than 7 days stale.
Yum will fall back to trying a different mirror in this case. I'm
proposing to reduce this from 7 days to 2 days.
Thanks,
Matt
--
Matt Domsch
Linux Technology Strategist, Dell Office of the CTO
linux.dell.com & www.dell.com/linux
--
More information about the Mirror-admin
mailing list