In your opinion, would you rather go with password based acls or with ip based acls?
If there's not that many mirrors which don't pull from the IP they are serving from, the ip based acls can be calculated "on the fly" with one more field in the database for machines which have a different puller.
Password based ACLs on the other hand could break older, non-maintained, but working setups - but they are easier to implement and less error prone.
Opinions?
Ralph _______________________________________________ CentOS-mirror mailing list CentOS-mirror@centos.org http://lists.centos.org/mailman/listinfo/centos-mirror
We would prefer password based, just for the case when the mirror machine needs to change address for some reason (like keeping two instances in sync while migrating to new hardware).
But to be honest it does not matter that much to me, and as Jon mentioned already it caries the higher risk of leakage.
One could of course use both (with individual passwords), at least for a while, if someone feels strongly for one or the other way...
Regards, Emil