[Yum-devel] zeroconf-like discovery of repos
misa+yum at redhat.com
Thu May 18 15:26:51 UTC 2006
On Thu, May 18, 2006 at 04:18:02PM +0100, Karanbir Singh wrote:
> Mihai Ibanescu wrote:
> > On Thu, May 18, 2006 at 04:03:23PM +0100, Karanbir Singh wrote:
> >> Jeremy Katz wrote:
> >>> On Thu, 2006-05-18 at 15:28 +0100, Karanbir Singh wrote:
> >>>> sounds like a lot of over engineering something thats already available
> >>>> as the fastest mirror plugin. using the fastest-to-target-machine is a
> >>>> better way of achieving the same thing.
> >>> That only helps if the mirror is a public one... if it's one just for
> >>> local users, you can't list it in a mirror list and so fastest-mirror
> >>> can't help
> >> but you could have that url listed in the .repo file's baseurl= line, if
> >> its not available it wont be considered by fastestmirror. And when it
> >> does connect / lookup, it comes into play.
> > What I am trying to accomplish with this is "zeroconf" - don't touch config
> > files if you don't have to.
> > Sure, you could manually set your IP address, but isn't DHCP nicer?
> > Hope the analogy makes sense.
> so i could walk into a building, plug my laptop in, and expose a repo
> for all $Distro servers, with a higher-than-released-upstream EVR for
> their glibc, and then All-your-bases-are-belong-to-me after the nightly
You could walk into the same building, plug your laptop in, DHCP serves a
dummy DNS server that resolves all the hosts in the mirrorlist to
my-bad-server.example.com, and you're in the same boat. If you can't trust DNS
and DHCP you're kind of screwed anyway.
> the gpg-key might have role to play in this scenario, but... you'd need
> that portion worked around anyway for this zeroconf setup.
The gpg key has a critical importance here. Note that I am not proposing we
fetch the full repository definition over DNS. You still need an entry in your
/etc/yum.repos.d/ with a pointer to a valid GPG key. Nothing changed there.
More information about the Yum-devel