Package: apt
Severity: wishlist
Control: block 871656 by -1

For machines that are in a location with no Internet, apt-offline is a
semi-convenient way to perform updates, upgrades and installs.

There are two situations where offline machines can occur:

 * systems in remote locations with no Internet access at all
 * systems that are air-gapped and recieve only incoming data, no
   outgoing data is allowed for security reasons.

Unfortunately it was discovered that apt-offline does not check
signatures properly and the package was removed from Debian buster.

In addition the interface that apt-offline uses for exporting the list
of files that should be downloaded is just the --print-uris option,
which I noticed only prints MD5 hashes when installing packages.

It would be nice to resolve both of these issues properly by creating a
bidirectional interface between external downloaders and apt.

I suggest that such an interface should have these properties:

 * be usable with all commands, including update, install, upgrade etc
 * allow the downloader to be run on any kind of system with Internet
   access, including Windows/macOS/Android etc machines
 * allow the downloader to be as sophisticated or as dumb as needed
 * tell the downloader what to download and what filenames to choose
 * tell the downloader how to verify each download was correct,
   including needed OpenPGP keys etc
 * optionally don't tell the downloader about local sources.list
   transports like file:// cdrom:// copy:// since those probably won't
   be available on the download system but in some circumstances they
   could be if the sysadmins have set them up correctly
 * some transports (mirror:// tor://) may need some special handling...
 * allow imports of downloaded data from a directory, probably best to
   leave it to apt-offline users to define how they transfer the data
   to the import directory
 * do verification twice, potentially once by the downloader (won't be
   possible in all situations) and always by apt

These properties should make it usable in these situations:

 * For remote locations, a bi-directional sneakernet can be used to
   perform arbitrary apt operations as needed.
 * For air-gapped locations, an online clone/chroot/container of the
   remote system can be used to download updates, apply them locally
   and then ship the tested updates to the remote system; maintaining
   two identical systems, one with the air-gapped data and one without.


Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to