Paul Wise: On Mon, Dec 16, 2013 at 1:34 PM, adrelanos wrote:
I am wondering how excited the apt developers would be about adding a
bash script to their app. I'll see how far I get and contact them when
there is something to talk about.
I suppose POSIX shell would be preferable.
I always
* Kurt Roeckx:
On Sun, Dec 15, 2013 at 03:15:03AM +, adrelanos wrote:
When you implement this, please ensure it isn't vulnerable to any
duplicate-keyid problems:
http://debian-administration.org/users/dkg/weblog/105
Damn, I wasn't aware of the latest news that long key ids are
On Mon, Dec 16, 2013 at 1:34 PM, adrelanos wrote:
I am wondering how excited the apt developers would be about adding a
bash script to their app. I'll see how far I get and contact them when
there is something to talk about.
I suppose POSIX shell would be preferable.
Imagine for a moment,
On Mon, Dec 30, 2013 at 06:45:48PM +0100, Florian Weimer wrote:
* Kurt Roeckx:
On Sun, Dec 15, 2013 at 03:15:03AM +, adrelanos wrote:
When you implement this, please ensure it isn't vulnerable to any
duplicate-keyid problems:
Paul Wise wrote (24 Dec 2013 05:49:34 GMT) :
The author claims it has an advantage over parcimonie of using
unique Tor circuits for each key fetch. Personally I don't think
bash is the appropriate language to implement this though.
https://github.com/EtiennePerot/parcimonie.sh
Indeed, the
On Sun, Dec 15, 2013 at 5:55 PM, intrigeri wrote:
As the author of parcimonie, I can only agree it would be great if
someone took it over and made it more lightweight.
I was looking at the riseup OpenPGP best practices document and I
noticed that someone had added a link to a bash
Hi,
Paul Wise wrote (15 Dec 2013 06:28:53 GMT) :
On Sun, Dec 15, 2013 at 2:13 PM, Darius Jahandarie wrote:
This thread is probably not the most apropos place to bring this up,
but I've found parcimonie to be an terribly over-complex
implementation of the (good) design document that they
On Sun, Dec 15, 2013 at 03:15:03AM +, adrelanos wrote:
When you implement this, please ensure it isn't vulnerable to any
duplicate-keyid problems:
http://debian-administration.org/users/dkg/weblog/105
Damn, I wasn't aware of the latest news that long key ids are now also
insecure.
Paul Wise:
On Sun, Dec 15, 2013 at 11:15 AM, adrelanos wrote:
I can try that. Should that become a separate package or part of, well
apt-get? It would probably just be three files, a config file, an
/etc/apt/apt.conf.d/ config fragment and a bash script.
I'm guessing the apt package would
Paul Wise:
On Sat, Dec 14, 2013 at 6:47 AM, adrelanos wrote:
is it possible to hook apt-get somehow to do some action done before
apt-get starts any network activity?
Based on a quick grep of the apt package, APT::Update::Pre-Invoke
might be what you want.
That seems perfect.
Here is
On Sun, Dec 15, 2013 at 11:15 AM, adrelanos wrote:
I can try that. Should that become a separate package or part of, well
apt-get? It would probably just be three files, a config file, an
/etc/apt/apt.conf.d/ config fragment and a bash script.
I'm guessing the apt package would be the place
On Sun, Dec 15, 2013 at 12:17 AM, Paul Wise p...@debian.org wrote:
That would probably be fine for most Debian users but at that point I
remembered that the Riseup OpenGPG best practices document has
something to say about keyring refreshes; that keyring refreshes
should happen using
On Sun, Dec 15, 2013 at 2:13 PM, Darius Jahandarie wrote:
This thread is probably not the most apropos place to bring this up,
but I've found parcimonie to be an terribly over-complex
implementation of the (good) design document that they wrote. It
requires pulling in dozens of perl modules,
Hi,
is it possible to hook apt-get somehow to do some action done before
apt-get starts any network activity?
I would like to add refresh gpg keys from a server first to check if any
of them have been revoked in meanwhile.
There are hooks for dpkg (DPkg::Pre-Invoke, DPkg::Post-Invoke), but not
On Sat, Dec 14, 2013 at 6:47 AM, adrelanos wrote:
is it possible to hook apt-get somehow to do some action done before
apt-get starts any network activity?
Based on a quick grep of the apt package, APT::Update::Pre-Invoke
might be what you want.
Here is an extremely dangerous example of how
15 matches
Mail list logo
