[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] apt-zeroconf 0.1

On Sun, Nov 19, 2006 at 07:07:03PM +0100, Reinhard Tartler wrote:
> Why don't you install a line like
> >    e.g. deb main contrib non-free
> in /etc/apt/sources.list.d, and be done with it? That's what I'd call
> zero config.
> You would have to convince apt to prefer apt-zeroconfig sources over
> 'regular' HTTP sources, so that it only uses the slow line when the
> package couldn't be found in the neighbourhood. I believe this could be
> tweaked be tuning /etc/apt/preferences. If not, you would have to hack
> up apt a bit.

We also pondered with that idea, but with this configuration modifying
apt is definitely required. Apt associates a server to every package
and version where to get the debs from. We are not building package
lists from all hosts in the network because this would compromise the
security of the whole network.

To understand this, let me show you what is happening behind the
curtains if you're adding a line like this

    deb main 

to your sources.list:

    1. When you perform an update the package lists and PGP signatures
       will be fetched from ftp.de.debian.org. Apt-zeroconf effectively
       acts as a proxy to apt.

    2. If you install software and this mirror has the current version
       and/or is pinned, apt will query apt-zeroconf for the file.
       Apt-zeroconf looks in its file-lists if a host in the network has
       this file and fetches it in this case. If not, ftp.de.debian.org
       is also used by proxying the request.

Now, without a package list, we can't just easily pin our source. When
we generate a package list from all the hosts in the network we can't
authenticate the source of the packages and the list through the
checksums as they might be forged.

If we can get the package list and the corresponding PGP signature from
another host in the network, however, we can check if we are in a secure 
environment. This is also a feature which we would like to implement in
future versions.

So, what modification would apt need for this cool feature to work? We
would need to be able to define some kind of master-server where every
request for debs would go to. We try to emulate this by associating the
package list from a mirror to our apt-zeroconf proxy with our scheme of
changing sources.list. Yes, it's a hack, but it works.

What would also be nice is some kind of download-hook where we can
either change the URL before it is downloaded or the download mechanism

We didn't want to go through the trouble of modifying apt itself
initially, though.

> >    With this method, you can select only specific mirrors to be patched
> >    through apt-zeroconf.
> In this scenario, I'd personally don't care at all which mirror I get my
> packages from but from the apt-suite and the archive I get the packages
> from. This can be determined by examining the current apt config, so it
> is possible to create such a config in postinst.

But if we do this in postinst, everytime a user changes his apt config,
our postinst-script needs to be run somehow. I think we can't do this 
easily and reliably.

> As you already said, authentication is already ensured by apt itself,
> which is nice.

Unfortunately, this is only the case if we have a correctly
authenticated package list, see my comments on this above.

> > TODO
> > ----
> >  * Proxy support
> why proxy support? I thought you want to serve packages from the local
> neighbourhood.

No, currently, apt-zeroconf might also fetch packages from an external
HTTP source itself and therefore act as a proxy to apt. This won't work
if you need a proxy to connect to the internet.

Thanks for your comments.


Franz Pletz                  \  eat Depends: cook | eat-out
www: http://franz-pletz.org/  \  But eat-out is non-free so that's out
email: fpletz@franz-pletz.org  \  And cook Recommends: clean-pans

Attachment: signature.asc
Description: Digital signature

Reply to: