| 1 |
> Security would be the largest stumbling block of this system. |
| 2 |
|
| 3 |
Actually, I think a signed package would suffice. MD5 checksum perhaps. |
| 4 |
But, I think the biggest stumbling block is not security, but rather disk |
| 5 |
space and bandwidth. All of these combinations would just become an |
| 6 |
enormous archive. |
| 7 |
|
| 8 |
Tom Veldhouse |
| 9 |
|
| 10 |
> -----BEGIN PGP SIGNED MESSAGE----- |
| 11 |
> Hash: SHA1 |
| 12 |
> |
| 13 |
> Hi, I have an idea I've been thinking about, I'd like to share it and |
| 14 |
> see anyone thinks there is any merit to it. |
| 15 |
> |
| 16 |
> The goal is to preserve gentoo's customizability but gain the |
| 17 |
> convenience of instantly available binary packages. |
| 18 |
> |
| 19 |
> The problem with binary packages is that they come in one flavor and |
| 20 |
> would ignore your local USE variable settings. Plus, creating separate |
| 21 |
> binary packages for every combination of USE variables would be an |
| 22 |
> enormous, never ending task. |
| 23 |
> |
| 24 |
> My idea is to automate the process of creating binary packages, and turn |
| 25 |
> the installed base of gentoo users into a giant compile farm. |
| 26 |
> |
| 27 |
> When a user goes to emerge a package, first portage would analyze the |
| 28 |
> ebuild to determine what USE variables are used by the package. Then it |
| 29 |
> would build an ordered list of the user's USE variables, limited to only |
| 30 |
> those that are used by this particular package, but indicating if they |
| 31 |
> are enabled or not. |
| 32 |
> |
| 33 |
> To this list of USE variables would be added the gcc version, CHOST, |
| 34 |
> CFLAGS, CXXFLAGS, perhaps portage version, plus what ever else that |
| 35 |
> makes up the uniqueness of the user's configuration. I'm taking a cue |
| 36 |
> from ccache for this. |
| 37 |
> |
| 38 |
> Portage could then take this unique code and check a public server to |
| 39 |
> see if a binary package exists matching this combination. If so, the |
| 40 |
> binary package would be fetched and installed. If not, the package |
| 41 |
> would be compiled locally and then uploaded to the public server. |
| 42 |
> |
| 43 |
> To prevent from malicious tampering, some kind of system would need to |
| 44 |
> be in place to verify that a package hasn't been trojaned or something. |
| 45 |
> ~ The server could wait until it received a certain number of copies of a |
| 46 |
> specific package from unique sources and compare them to see if they are |
| 47 |
> all the same before deciding a package is safe. |
| 48 |
> |
| 49 |
> Security would be the largest stumbling block of this system. I think |
| 50 |
> the most likely system to be safe would be a PGP-like web of trust. |
| 51 |
> Each gentoo installation would generate a set of keys that it would use |
| 52 |
> to sign packages it uploads. Small groups of gentoo users who have the |
| 53 |
> same setup could exchange keys. As the server receives binary packages |
| 54 |
> with the same checksum, it accumulates the keys from the signature. |
| 55 |
> Portage would only then download a package if it has been signed by a |
| 56 |
> key that the user trusts. Of course, if no such key is available, it |
| 57 |
> would build the package locally. If the local binary package matches |
| 58 |
> what is available on the server, this user would sign the binary package |
| 59 |
> available on the server. Optionally, a user to configure his system to |
| 60 |
> accept a binary package after it has been signed by a certain number of |
| 61 |
> keys. |
| 62 |
> |
| 63 |
> I believe the ideal storage facility for such a system is with something |
| 64 |
> like freenet. It is distributed, non-permanent storage where more |
| 65 |
> popular files are longer-lived than infrequently requested files. |
| 66 |
> Assuming the vast majority of gentoo users are using the same default |
| 67 |
> settings for most things, the popular packages would survive |
| 68 |
> indefinately on freenet as long as there are people installing them. |
| 69 |
> |
| 70 |
> A system that took advantage of freenet could upload the binary package |
| 71 |
> to freenet with its md5sum as the key, and submit the package details |
| 72 |
> with key to a central server. Portage would when check with the central |
| 73 |
> server for a key, fetch the package out of freenet with the key, and |
| 74 |
> then install the binary package. |
| 75 |
> |
| 76 |
> That's basically it. Sure, it's a far-fetched idea but I'd to hear what |
| 77 |
> people think about it. |
| 78 |
> |
| 79 |
> - - Robert |
| 80 |
> |
| 81 |
> - -- |
| 82 |
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBB929E54 |
| 83 |
> Key fingerprint = BEA9 490C D2B9 AD83 E88B 3148 3136 34E4 BB92 9E54 |
| 84 |
> -----BEGIN PGP SIGNATURE----- |
| 85 |
> Version: GnuPG v1.0.7 (GNU/Linux) |
| 86 |
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
| 87 |
> |
| 88 |
> iD8DBQE9b3XqMTY05LuSnlQRAvMWAJwOqQQsfZiJOO9G8TpcD1EOLq9yTACeI8af |
| 89 |
> KGbprUFS/QwGRLwygQ0lA44= |
| 90 |
> =FxhM |
| 91 |
> -----END PGP SIGNATURE----- |
| 92 |
> |
| 93 |
> _______________________________________________ |
| 94 |
> gentoo-dev mailing list |
| 95 |
> gentoo-dev@g.o |
| 96 |
> http://lists.gentoo.org/mailman/listinfo/gentoo-dev |
| 97 |
> |
Archives