On 06/15/2010 04:57 PM, Dimitrios Apostolou wrote:
On Mon, 14 Jun 2010, Denis A. Altoé Falqueto wrote:
And keep in mind that package signing per se will not solve this kind
of problems. Repository database signing is more important for that
solution, but is a problem in the current workflow of Arch developers.
How exactly is core and extra database populated?
repo-add reponame.db.tar.gz packagefile.
on the server we have db-core/extra/testing, which checkouts the package
build from svn, compare the version and then copy into the directory and
running repo-add
Moreover, instead of building all packages in the private PCs of
developers, I think it is preferable to submit PKGBUILDs to build
servers (via web interface maybe) and let the servers do the build +
signing + repoupdate... That way if a developer's system gets
compromised his packages will stay clean. Of course that needs extra
work and equipment, but perhaps we can agree to it as a future target.
i found this annoying since, debugging is more harder, i have to
download the resulted package to test it, send it, wait for the pool to
come. is a mess :D
even if my system is compromised, we build our packages in clean chroots.
--
Ionuț
