[CentOS-mirror] POLL: DVDs and access lists ...

Emil archive at ftp.sunet.se
Thu Apr 8 14:59:03 UTC 2010

> In your opinion, would you rather go with password based acls or with
> ip based acls?
> If there's not that many mirrors which don't pull from the IP they are
> serving from, the ip based acls can be calculated "on the fly" with
> one more field in the database for machines which have a different
> puller.
> Password based ACLs on the other hand could break older,
> non-maintained, but working setups - but they are easier to implement
> and less error prone.
> Opinions?
> Ralph
> _______________________________________________
> CentOS-mirror mailing list
> CentOS-mirror at centos.org
> http://lists.centos.org/mailman/listinfo/centos-mirror

We would prefer password based, just for the case when the mirror
machine needs to change address for some reason (like keeping two
instances in sync while migrating to new hardware).

But to be honest it does not matter that much to me, and as Jon
mentioned already it caries the higher risk of leakage.

One could of course use both (with individual passwords), at least
for a while, if someone feels strongly for one or the other way...


More information about the CentOS-mirror mailing list