| 1 |
On Jan 8, 2008 7:13 PM, BRM <bm_witness@×××××.com> wrote: |
| 2 |
> --- Per-Erik Westerberg <per-erik.westerberg@××××××××.net> wrote: |
| 3 |
> > tor 2008-01-03 klockan 13:16 -0800 skrev BRM: |
| 4 |
> > > I have a couple Sparc systems. One has been running Gentoo for a |
| 5 |
> > long |
| 6 |
> > > time - installed using Gentoo 2006, not updated since due to the |
| 7 |
> > issue |
| 8 |
> > > I'm about the discuss - and the other is a near identical system |
| 9 |
> > that |
| 10 |
> > > might get Gentoo 2007 installed. Both are on two separate networks |
| 11 |
> > and |
| 12 |
> > > have no communication between them. |
| 13 |
> > > |
| 14 |
> > > The first system does have some Internet access through a firewall, |
| 15 |
> > but |
| 16 |
> > > it doesn't really work, at least for this purpose; so it's just as |
| 17 |
> > good |
| 18 |
> > > as not having any access at all for this purpose. |
| 19 |
> <snip> |
| 20 |
> > > In either case, I can't update portage using the normal method of |
| 21 |
> > > 'emerge --sync'. So, I'm trying to figure out a solution that would |
| 22 |
> > > enable me to update the systems. Under Slackware, I'd just point |
| 23 |
> > > pkgtool to the CD media and install from that, just like during |
| 24 |
> > > installation. Is there a similar approach for Gentoo? How do I |
| 25 |
> > overcome |
| 26 |
> > > the source mirror issue too so that the systems don't try to |
| 27 |
> > download |
| 28 |
> > > stuff from the web? |
| 29 |
> > > |
| 30 |
> > Have you tried to use a proxy (adjust accordingly)? |
| 31 |
> > export http_proxy=http://proxy.company.com:8080 |
| 32 |
> > export ftp_proxy=http://proxy.company.com:8080 |
| 33 |
> > export RSYNC_PROXY=proxy.company.com:8080 |
| 34 |
> |
| 35 |
> Yes, I tried using the proxy on the one system. (The other system won't |
| 36 |
> even have that as an option.) The problem came there that the proxy is |
| 37 |
> an authenticated proxy, primarily designed to work with Windows. It |
| 38 |
> works fine from Firefox/Netscape in X Windows, but causes problems for |
| 39 |
> command-line tools and console browsers. So, in addition to my trying |
| 40 |
> to find a solution where a proxy is not an option, it is, for all |
| 41 |
> intents and purposes, a non-option any way. |
| 42 |
> |
| 43 |
|
| 44 |
If you really don't wanna use the network, you can easily transfer a |
| 45 |
tarball and rsync locally (gentoo forums have little nifty scripts for |
| 46 |
syncing locally and emerging metadata). The foruns also have lots of |
| 47 |
scripts designed to create a list of needed distfiles and download |
| 48 |
them at another machine, you can transfer this and update. With a |
| 49 |
little set of scripts you can automate the whole process using the |
| 50 |
network, or require minor user intervention to transfer the list and |
| 51 |
later the files to and from a networkless machine. |
| 52 |
|
| 53 |
> Additionally, because it is an authenticated proxy, it is not an ideal |
| 54 |
> solution as it would leave the username/password for a user in plain |
| 55 |
> site of all users on the system as the info would be either in the |
| 56 |
> environment variables and/or the command-line options of a program. So, |
| 57 |
> from a security stand-point, it's not an option either since it |
| 58 |
> sometimes takes a day or so to perform updates. |
| 59 |
> |
| 60 |
|
| 61 |
There's no problem in using an authenticated proxy for |
| 62 |
emerge-webrsync, as you can keep a script in a directory with |
| 63 |
restricted permissions, only root would be able to see it anyway, and |
| 64 |
you can use this machine as an rsync and distfiles mirror for any |
| 65 |
other in the network, crontab would work as well, as only the user who |
| 66 |
creates it can see it (if you set it). You can even set a special |
| 67 |
username/password at your proxy that can only access rsync port and |
| 68 |
mirrors for distfiles for increased security. |
| 69 |
|
| 70 |
OK, those are some of MANY options available. Gentoo is very flexible, |
| 71 |
even in a controlled environment. |
| 72 |
|
| 73 |
-- |
| 74 |
Daniel da Veiga |
| 75 |
|
| 76 |
Filosofia de TI: Programadores de verdade consideram o conceito "o que |
| 77 |
você vê é o que você tem" tão ruim em editores de texto quanto em |
| 78 |
mulheres. Não, o programador de verdade quer um editor de texto do |
| 79 |
estilo "você pediu, você levou" - complicado, indecifrável, poderoso, |
| 80 |
impiedoso, perigoso. |
Archives