#6432 NORM Never A: Autoinstallation of RPMs
Zarro Boogs per Child
bugtracker at laptop.org
Sat Jun 28 11:43:17 EDT 2008
#6432: Autoinstallation of RPMs
-------------------------+--------------------------------------------------
Reporter: cscott | Owner: cscott
Type: defect | Status: new
Priority: normal | Milestone: Never Assigned
Component: distro | Version:
Resolution: | Keywords:
Next_action: never set | Verified: 0
Blockedby: | Blocking:
-------------------------+--------------------------------------------------
Changes (by mikus):
* cc: mikus at bga.com (added)
Comment:
The original description of this ticket presents two goals in addition to
"automation": [1] preserving any additional packages when a base build
gets replaced (e.g., that's 'olpc-install'); [2] providing that a system
update after the base install is "secure" (e.g., that's 'olpc-sign-
cache').
A "non-automated" goal [1] is already available to experienced (with
'root' privilege) users - through 'yumdownloader --resolve'. [Note that
different people will want different additional packages.] Afterwards,
'yum localinstall *.rpm' can be used -- is it worth modifying something
like 'olpc-configure' to avoid having to manually issue that command ?
--------
I'm not sure that goal [2] is needed in a development environment --
currently it is far too easy to bypass security by getting 'root'
privilege (using 'su'; using the 'root' icon in Terminal; using a text-
console <ctl-alt-F1> logon).
But for secure machines (i.e., for non-Developers), a facility is needed
that allows secure updating of system packages after install. [Similar to
how the 'customization key' facility could be used to update Activities.]
Such an "update securely" facility *would* need signing the input.
--
Ticket URL: <http://dev.laptop.org/ticket/6432#comment:13>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list