1 |
On Jan 8, 2008 7:13 PM, BRM <bm_witness@×××××.com> wrote: |
2 |
> --- Per-Erik Westerberg <per-erik.westerberg@××××××××.net> wrote: |
3 |
> > tor 2008-01-03 klockan 13:16 -0800 skrev BRM: |
4 |
> > > I have a couple Sparc systems. One has been running Gentoo for a |
5 |
> > long |
6 |
> > > time - installed using Gentoo 2006, not updated since due to the |
7 |
> > issue |
8 |
> > > I'm about the discuss - and the other is a near identical system |
9 |
> > that |
10 |
> > > might get Gentoo 2007 installed. Both are on two separate networks |
11 |
> > and |
12 |
> > > have no communication between them. |
13 |
> > > |
14 |
> > > The first system does have some Internet access through a firewall, |
15 |
> > but |
16 |
> > > it doesn't really work, at least for this purpose; so it's just as |
17 |
> > good |
18 |
> > > as not having any access at all for this purpose. |
19 |
> <snip> |
20 |
> > > In either case, I can't update portage using the normal method of |
21 |
> > > 'emerge --sync'. So, I'm trying to figure out a solution that would |
22 |
> > > enable me to update the systems. Under Slackware, I'd just point |
23 |
> > > pkgtool to the CD media and install from that, just like during |
24 |
> > > installation. Is there a similar approach for Gentoo? How do I |
25 |
> > overcome |
26 |
> > > the source mirror issue too so that the systems don't try to |
27 |
> > download |
28 |
> > > stuff from the web? |
29 |
> > > |
30 |
> > Have you tried to use a proxy (adjust accordingly)? |
31 |
> > export http_proxy=http://proxy.company.com:8080 |
32 |
> > export ftp_proxy=http://proxy.company.com:8080 |
33 |
> > export RSYNC_PROXY=proxy.company.com:8080 |
34 |
> |
35 |
> Yes, I tried using the proxy on the one system. (The other system won't |
36 |
> even have that as an option.) The problem came there that the proxy is |
37 |
> an authenticated proxy, primarily designed to work with Windows. It |
38 |
> works fine from Firefox/Netscape in X Windows, but causes problems for |
39 |
> command-line tools and console browsers. So, in addition to my trying |
40 |
> to find a solution where a proxy is not an option, it is, for all |
41 |
> intents and purposes, a non-option any way. |
42 |
> |
43 |
|
44 |
If you really don't wanna use the network, you can easily transfer a |
45 |
tarball and rsync locally (gentoo forums have little nifty scripts for |
46 |
syncing locally and emerging metadata). The foruns also have lots of |
47 |
scripts designed to create a list of needed distfiles and download |
48 |
them at another machine, you can transfer this and update. With a |
49 |
little set of scripts you can automate the whole process using the |
50 |
network, or require minor user intervention to transfer the list and |
51 |
later the files to and from a networkless machine. |
52 |
|
53 |
> Additionally, because it is an authenticated proxy, it is not an ideal |
54 |
> solution as it would leave the username/password for a user in plain |
55 |
> site of all users on the system as the info would be either in the |
56 |
> environment variables and/or the command-line options of a program. So, |
57 |
> from a security stand-point, it's not an option either since it |
58 |
> sometimes takes a day or so to perform updates. |
59 |
> |
60 |
|
61 |
There's no problem in using an authenticated proxy for |
62 |
emerge-webrsync, as you can keep a script in a directory with |
63 |
restricted permissions, only root would be able to see it anyway, and |
64 |
you can use this machine as an rsync and distfiles mirror for any |
65 |
other in the network, crontab would work as well, as only the user who |
66 |
creates it can see it (if you set it). You can even set a special |
67 |
username/password at your proxy that can only access rsync port and |
68 |
mirrors for distfiles for increased security. |
69 |
|
70 |
OK, those are some of MANY options available. Gentoo is very flexible, |
71 |
even in a controlled environment. |
72 |
|
73 |
-- |
74 |
Daniel da Veiga |
75 |
|
76 |
Filosofia de TI: Programadores de verdade consideram o conceito "o que |
77 |
você vê é o que você tem" tão ruim em editores de texto quanto em |
78 |
mulheres. Não, o programador de verdade quer um editor de texto do |
79 |
estilo "você pediu, você levou" - complicado, indecifrável, poderoso, |
80 |
impiedoso, perigoso. |