Ola Lundqvist wrote: First, let me say that I really like cron-apt. It rocks! > If it is a problem I'll randomize the cron file. I don't think it is just security but any of the sites could be overloaded by many cron-apt users all going off at once. I always randomize the cron-apt time after I install it. I am hitting my own mirror and I can create a huge impulse spike if I hit it all at once. I can't imagine the load the external mirrors must be seeing. But randomizing spreads out the load. I would really prefer if it were randomized by default because then I would need no post install customization and could just load it and go. I don't think you need to randomize the crontab itself. That would be inconvenient since the file would be different on each machine and a conffile at that. But instead put a random delay in the script based upon a configuration. Then there is no change in the current crontab. Only a change in the script and config file. This is what I would like to see. In /etc/cron-apt/config have a setting to avoid using the random delay but have it enabled by default. Better to design that feature in because someone will want it differently. Then in the cron script itself, unless random delay is disabled, have something like this. sleep $(expr $RANDOM % 3600) Since the crontab is using local time it only needs to be randomized within the hour. Across the world this would spread the load out by timezone and across the hour of the timezone. I think. A first stab at a solution to this problem. Bob
Attachment:
pgpgJ6F19oki7.pgp
Description: PGP signature