[elbe-devel] [PATCH] validation: use parent directories
Manuel Traut
manuel.traut at linutronix.de
Tue Nov 21 11:03:28 CET 2017
> On 2017-11-21, Benedikt Spranger <b.spranger at linutronix.de> wrote:
>>> In the past we had examples in the repo using httpredir.
>>> I'd like to have a check that 'httpredir' is not in an URL and print
>>> sth.
>>> like this note as an error message.
>>
>> What about deb.debian.org and ...
>> There is no simple way to verify a URL is not a redirect service.
>>
>> What do you think about the following validation scheme:
>>
>> 1) Check for "dists/$DIST/InRelease"
>> 2) Download if exists. Goto 9
>> 3) Check for "dists/$DIST/Release"
>> 4) Download if exists. Goto 6
>> 5) Abort with error "Not a Debian Repo"
>> 6) Check for "dists/$DIST/Release.gpg"
>> 7) Download if exists. Goto 9
>> 8) Abort "Not a signed Repo"
>> 9) Validate InRelease/Release
>> 10) Parse InRelease/Release for arch/source-specific content files
>> 11) Check if files exists. Goto 13
>> 12) Abort "Debian mirror misses some files"
>> 13) Simple validation succeded.
>
I would also like this.
> I like this suggestion. We just need to make sure the key checking works
> correctly in case someone is using a customized primary repository.
IMHO currently it is only possible to have a self signed primary mirror if
installing from bin-cdrom.iso - if we rework the key handling that keys
are embedded in XML instead of downloading them, we also should enable
users to provide a key for the primary mirror.
Manuel
>
> John Ogness
>
More information about the elbe-devel
mailing list