On Tue, Mar 22, 2016 at 11:14:57PM +0000, Colin Watson wrote: > > - https://wiki.debian.org/RepositoryFormat#Acquire-By-Hash > > I think this should say that clients must fall back to the canonical > locations if by-hash fails, not that they may fall back. Mirrors > (particularly partial ones) won't necessarily mirror the by-hash files.
I wanted to keep the requirements low for a client as back then I implemented the fallback in apt I couldn't really decide on the right behavior: Fallback probably leads us into hashsum mismatch (see below) and if we do it: When do we do it? I decided that apt tries to get Packages.xz-by-hash and if that fails tries Packages.xz and then Packages.gz, but trying Packages.gz-by-hash might be an equally valid try depending on what partial mirror actually means. I "just" defined partial mirrors as partial by not distributing certain architectures rather than "picks file at 'random'" for me. Perhaps reality is different. I don't know. So yeah, perhaps fallback should be a requirement, but in that case the exact behavior should be a requirement, too. > > - > > https://wiki.debian.org/RepositoryFormat#indices_acquisition_via_hashsums_.28by-hash.29 > > The bit about "two or more previous versions of a file should be > available" is presumably based on apt-ftparchive's behaviour, but it > doesn't necessarily make a lot of sense for a production implementation. > The important thing is to allow enough time that the race between client > and server isn't a problem, including the situation where a mirror > happens to fetch out-of-sync files. For that, the number of previous > versions is basically irrelevant; what you care about is making sure > that any given version sticks around in by-hash for a certain amount of > time after it ceases to be the current version. There's no particular > point in keeping old versions just in order to satisfy a numeric > threshold. The point here is mostly that if you have two mirrors A and B were A is old and gives you the Release file and B is new and serves you the indexes, you want B to have the 'old' indexes A is referring to still around as otherwise the by-hash will fail, so the client falls back to get the index with the canonical name and ends with a hashsum mismatch. One, two, three or twenty old versions is arbitrary indeed, apt-ftparchive picked 2 olds (probably at semi-random) but any other number would work. Any time-based requirement would work, too. For some values of A and B at least. Perhaps the spec shouldn't require anything and just leave this to be figured out by the server admins. Not sure what to do… Best regards David Kalnischkies P.S.: Forgot to mention that apt can be told to ignore/override the value in the Release file with sources.list(5) option by-hash. Might be helpful for testing.
signature.asc
Description: PGP signature