Re: Bug#93612: Support for new archive structure

To: Jason Gunthorpe <jgg@debian.org>
Cc: Anthony Towns <aj@azure.humbug.org.au>, debian-cd@lists.debian.org, 93612-quiet@bugs.debian.org
Subject: Re: Bug#93612: Support for new archive structure
From: Raphael Hertzog <rhertzog@hrnet.fr>
Date: Sun, 15 Apr 2001 03:10:07 +0200
Message-id: <20010415031006.B3065@k6.resI.insa-lyon.fr>
In-reply-to: <Pine.LNX.3.96.1010414163436.414E-100000@wakko.deltatee.com>; from jgg@debian.org on Sat, Apr 14, 2001 at 05:02:10PM -0600
References: <20010414234333.A2566@k6.resI.insa-lyon.fr> <Pine.LNX.3.96.1010414163436.414E-100000@wakko.deltatee.com>

Le Sat, Apr 14, 2001 at 05:02:10PM -0600, Jason Gunthorpe écrivait:
> Having more than one tree means it will be detected more than once and
> that certianly is not desirable, any may cause problems, like it asking
> for the disks in a non-ideal order, or something equally lame.

May or will cause problem ?

I agree that it may be non ideal, however it may also work without much
trouble.

> > And it's what I'd call an exception to the general rule, no ?
> 
> What? That you want to make discs that don't work with any apt-cdrom that
> exists? That sounds like a pretty bad thing to do.

What a shame ! We already had bad things like that in the past ... I even
remember that apt was in a upgrade directory and it was advised to install
it before dist-upgrading.

However I agree that we must avoid that whenever possible but only if
apt-cdrom really doesn't work at all.

> It will add them both and it becomes trivial for someone to defeat the
> security mechanisms. 

Why ?

> The insecure one must be ignored for things to work
> correctly. 

That sounds ok to me. I don't see a problem here.

> I *really* don't see why this is necessary. How is writing:
> 
> deb file:/.../ woody-secured main
> 
> any better than writing
> 
> deb-partial file:/.../ woody main
> 
> ?

You don't see the point ? With what aj proposed, the standard directory
uses the standard Packages which works ok with all old tools (including
file URI with apt, but also dselect and so on) and the people who
requires a secured set of files will use woody-secured.

BTW, people using apt-cdrom will automatically use verified packages.

> Even with this scheme you still need to have the 'deb-partial' feature! 
> Consider with AJ's case that you want to use security, and file/http
> URI's, you *still* need to have the original release file, the complete

True, however people willing security over a loopbak mount are silly.
The main point was not about having security on a file URI but rather
about not breaking what already existed.

> All this proposal does is break apt-cdrom, in a way that I probably can't
> fix, and that makes it far worse than everything else that has been
> proposed!

No, it's your turn to take a pill. :)

Anyway I already commited the code to debian-cd CVS, someone please burn a
CD with this new tree and check if apt-cdrom does really as bad as Jason says.

> Step back and look at why you are doing this - the only reason is so that
> people using old APTs can continue to use file: URIs and loopback mounts

It's a bit over exagerated, it's also for people not using apt. :)

Cheers,
-- 
Raphaël Hertzog -+- http://strasbourg.linuxfr.org/~raphael/
Le bouche à oreille du Net : http://www.beetell.com
Naviguez sans se fatiguer à chercher : http://www.deenoo.com
Formation Linux et logiciel libre : http://www.logidee.com

Reply to:

Follow-Ups:
- Re: Bug#93612: Support for new archive structure
  - From: Jason Gunthorpe <jgg@debian.org>

References:
- Re: Bug#93612: Support for new archive structure
  - From: Raphael Hertzog <rhertzog@hrnet.fr>
- Re: Bug#93612: Support for new archive structure
  - From: Jason Gunthorpe <jgg@debian.org>

Prev by Date: Call for test and some thoughts
Next by Date: Re: Bug#93612: Support for new archive structure
Previous by thread: Re: Bug#93612: Support for new archive structure
Next by thread: Re: Bug#93612: Support for new archive structure
Index(es):
- Date
- Thread