[Mageia-dev] Will this work for a build system?
Giuseppe Ghibò
ghibomgx at gmail.com
Sun Sep 26 19:14:15 CEST 2010
2010/9/26 nicolas vigier <boklm at mars-attacks.org>
> On Sun, 26 Sep 2010, joris dedieu wrote:
>
> > 2010/9/26 Olivier Blin <mageia at blino.org>:
> > >
> > > Because there are some authentication and integrity issues which are
> not
> > > simple to solve: we have to be sure that the binary packages really
> come
> > > from the unmodified SRPM (so that it does not contains malware).
> >
> > This can be avoid by
> > - building every package twice (also useful for integrity check)
>
> Then you can still do it with two hosts adding malware instead of one.
>
What this means? Two RPMs built at different time will result different,
even the executable binaries when built on the same hardware at different
time might be different (because of timestamps, etc.).
IMHO the idea of the cloud is not that bad but need to be rethinked. I don't
see so much flaws for security. If you inspire to what repsys is right now,
the cloud would be like having several svn repositories mirrored around the
world each one with a local iurt/repsys building system (it might be even
partial, e.g. there could be BIG ones holding the whole svn|git tree, and
smaller one holding just the latest release or the latest two releases,
etc.). Each building system around the world will sign packages they build
with their own signing keys and you know where they come from. And packages
won't be resigned by a supposed master. Of course you have to trust their
administrators, exactly like you right now have to trust single users
submitting sources to the svn and bulding packages.
The most difficult things IMHO would be building from the same syncronized
data. In that case you might choose a master server and several mirrors. The
master might have multiple internet access points (e.g. from two providers)
and will be the only one who might receive svn commits. Or a model without a
master, I guess inspiring to a model what UseNET is (was), I think a lot
more complicate. But in that case you have two direction of feeding and if
two libraries are submitted in different user in nearest time, you need a
system to check for coerency and set alarms in some cases.
IMHO one of the building problems was not massive automatic rebuilding but
avoid bottenlecks to the users when building goes wrong.
Bye
Giuseppe.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-dev/attachments/20100926/88900d00/attachment.html>
More information about the Mageia-dev
mailing list