[482] in athena10
Re: Versioning in Athena 10
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Sep 4 13:21:45 2008
From: Greg Hudson <ghudson@MIT.EDU>
To: Jonathan Reed <jdreed@mit.edu>
Cc: athena10@mit.edu
In-Reply-To: <005CCD0A-DF5F-4697-B294-ACD949784D7B@mit.edu>
Content-Type: text/plain
Date: Thu, 04 Sep 2008 13:20:54 -0400
Message-Id: <1220548854.12433.376.camel@error-messages.mit.edu>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
This is worth thinking about. In addition to the concern Jonathan
stated, there will be plenty of circumstances where a swath of updates
is blocked by something or another, and we will need to be able to get
information to people who can puzzle out why. (We'll also need to
expand the set of people who can puzzle out why; I should perhaps write
a document.)
I think the information we want to give is the output of "aptitude
--simulate -y full-upgrade". However, I think we want to wrap that in a
script which:
1. Runs "aptitude update" first to ensure that the local cache is up
to date, and
2. Caches the answer for some period of time (maybe an hour) to
eliminate the potential for a DOS attack.
There's a minor issue that athinfod runs as nobody in Athena 10, which
means it has to use /tmp or /var/tmp for the cache file, which means it
has to worry about creating a tmp race. Or we could create a directory
owned by nobody for the athinfod package.
