[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: --keep-signatures flag (was Re: [Gnu-arch-users] Pull / Push based M
John F Meinel Jr
Re: --keep-signatures flag (was Re: [Gnu-arch-users] Pull / Push based Mirror)
Mon, 23 Feb 2004 15:20:23 -0600
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113
I can understand why the developers allow you to re-sign the mirror.
Because you might have a bunch of private developers, but then a public
mirror. And as you put things on the public mirror, it gets signed with
the group key. That way other users don't have to have tons of keys in
However, I think it would be a sensible default to copy signatures, as I
think this is more commonly what you want.
Dustin Sallings wrote:
On Feb 23, 2004, at 13:04, John F Meinel Jr wrote:
I believe I understand what you are saying. Basically your
"swap-mirrors" command just changes where the
~/.arch-params/=locations points to so that you can switch from RO to
RW (because you checkout locally RO, and checkin remotely RW). I
think that you are definitely one that could benefit from the
write-through mirrors. I think -SOURCE style mirrors should probably
default to write-through.
Yes, I believe write-through would obsolete my swap-mirrors
script, especially since it's coupled with a hook that triggers a
mirror of every commit against my main archive back to the local system.
Also, the issue with signing is that I _don't_ want to sign a mirror.
I want to keep the original signature.
~/.arch-params/signing/=default is the _default_ way to sign an
archive. To copy signatures you need to tell the local archive what
signatures you want, and that means modifying the
~/.arch-params/signing/<archive> file. I'm just asking for an
argument to make-archive that creates that file and fills it out
correctly for you.
Ohh, read that one wrong. It almost seems like a signed mirror of
a signed archive should just copy the signatures unless it's got some
specific instruction telling it to do otherwise. It seems that people
have different views on the purpose of signing a mirror, though.