[CentOS-mirror] Thoughts on DVD images
Nick Olsen
Nick at 141networks.com
Wed May 19 18:45:46 UTC 2010
On 5/19/2010 1:30 PM, Karanbir Singh wrote:
> On 05/19/2010 06:08 PM, Jonathan Thurman wrote:
>> I don't think that the msync pool should be wide open for anyone to access. Those that are hosting public mirrors of content should have a pool that they can sync to that is restricted, or at least have priority over unknown users. Otherwise it could be more difficult for the public mirror system to stay up to date.
> Yeah, thats the main thing - being able to get the rsync tree's out to
> the public mirrors asap, while still having enough resources within
> .centos.org.
>
> So here is a question for you - as a mirror admin, would you host an
> rsync target that msync.c.o could push into ? It could be ither based on
> a user/pass acl or a key. And we would give you a list of ip's that will
> push to your machine.
>
> - KB
Lets call msync tier 0, Public mirrors tier 1, and private mirrors that
pull tier 2. For sake of this next paragraph.
If were going to talk ACL's, I think IP based would be the best. And
really, I think its the most secure, Without having to get to
complicated (keys). Passwords wouldn't work as every tier 1 mirror would
need that password (Shared passwords=Bad). If it were IP based, All a
tier 1 would have to do is state the IP they would be pulling with for
centos to add to the ACL.
More information about the CentOS-mirror
mailing list