On 19/08/11 07:55 PM, Shawn Walker wrote:
On 08/19/11 10:46, Darren Reed wrote:
On 19/08/11 07:18 PM, Shawn Walker wrote:
On 08/19/11 04:13, Darren Reed wrote:
I'm unclear as to whether or not this is possible now or if it
is an RFE...
Internally, what I'd like to see happen is for us to run a single
depot daemon on one (or more) of our install servers that is able
to store and provide packages on a per-user basis in a manner
similar to http.
What I'd like is for there to be a scheme something like this:
pkg://publisher/~username/package/name
of course there needs to be some authentication here and a method
to do cleanup of what's on the server.
This then allows multiple users to upload personal packages onto
the install server and include them in their AI manifests for
installation, without needing to worry about colliding with
package names of other users. The package name space under
~username would be read-write to the matching user when they
are authenticated with the depot server and all other parts
of the package name space on that depot server would be read-only.
Why don't I just run my own depot server?
Because then I need to ensure that my own depot server is always
running, across whatever reboots or whatever else I do with my
own systems. I've pursued this method before and it is not the
most satisfactory method for making custom packages available,
even if it does work for the initial install.
Thoughts? Comments? Criticisms?
I don't actually see the need for a depot server here at all; you
could just as well have users publish their packages to their own
repository in a standard directory on an NFS server.
Then you automatically get access control, it requires no running
daemon, and it's far more scalable.
Write access to the filessytems that provide NFS serving on the install
servers (e.g. netinstall-1) is not available.
That sounds like an administrative choice, not a requirement.
I believe that this is the fallout of lab folks complying with the new
security requirements for their servers...
Regardless, the depot server isn't designed for this sort of usage.
Long term, the plan is to have the publication tools work with a
standard Apache server, so my answer would be "use Apache". It
already has authentication mechanisms and does what you want. That's
a far better answer I think than trying to invent something new.
I see.
So how would this work then, with apache?
The "pkg send" commands are to a "http://"; URL that in turn do a POST?
Darren
_______________________________________________
caiman-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/caiman-discuss
