[Yum-devel] Exposing HTTP headers in YumRepository

Troy Dawson dawson at fnal.gov
Fri Jul 7 13:35:53 UTC 2006


Jack Neely wrote:
> On Thu, Jul 06, 2006 at 11:15:23AM -0400, seth vidal wrote:
> 
>>On Thu, 2006-07-06 at 10:18 -0400, James Bowes wrote:
>>
>>>Hi all:
>>>
>>>How do people feel about letting external code access the HTTP headers 
>>>that yum passes down to urlgrabber?
>>>
>>>Attached is a patch that adds an http_headers field to YumRepository 
>>>objects. http_headers is a dict (for easy manipulation) that is 
>>>converted to a tuple of 2-tuples before it is passed down into urlgrabber.
>>
>>I don't necessarily have a problem with this - my only question is -
>>what does it buy you?
>>
>>-sv
> 
> 
> Personally, I'm interested in writing software that tracks yum clients
> and can create useful reports as well as implementing advanced access
> control of Yum repositories.  (Yeah, a lot is aimed at making management
> happy.)
> 
> In both cases being able to authenticate with session keys in the HTTP
> header is favorable.
> 
> *sniffs crack*
> 
> Jack
> 

*Troy thinks on this for a bit before posting*
I don't know why this doesn't sit quite right with me, but it does.  I 
think I'm worried about people turning around and saying "Hey, you're 
tracking what I do on your server."
Now we all know that any web and ftp server logs every file downloaded, 
at the minumum, and many track every single command that comes in.  But 
sometimes the average user just doesn't understand that.

I guess I'll keep this short, here's my summary.

I have no problem with this going into Yum.  RedHat showed a very 
legitimate reason, and I'm sure there are others.

But as yum repository maintainers, if you start implimenting these 
hooks, be very upfront with your users as to what you are monitoring. 
You don't want something to happen to you, like what is currently 
happening with Microsoft and their piracy package.

Troy
-- 
__________________________________________________
Troy Dawson  dawson at fnal.gov  (630)840-6468
Fermilab  ComputingDivision/CSS  CSI Group
__________________________________________________



More information about the Yum-devel mailing list