[Server-devel] A simple signed bundle/directory trust scheme for the XS
Martin Langhoff
martin.langhoff at gmail.com
Tue Aug 12 00:49:43 EDT 2008
On Tue, Aug 12, 2008 at 2:24 AM, Michael Stone <michael at laptop.org> wrote:
> If you want to go the route of 'signed content lives in directories',
> then please examine the programs in olpc-contents
> http://wiki.laptop.org/go/Olpc-contents
> and let us know in what way they can be improved before writing your
> own.
olpc-contents is fairly close to what I am doing. I am thinking about
a few things
I want moderately technical people to be able to build and check these
bundles (usb based or otherwise) on any modern OS:
* What I want from olpc-contents is mostly what sha1sum does, and
sha1sum is very portable and widespread - even some GUIs are
available.
* olpc-contents not being self-contained and not being pure Python
hampers things further. IOWs, I cannot say "just download this
portable python script".
Of what olpc-contents adds, I only care about the check for extraneous
files. Other bits -- file owners and permissions -- I don't need, and
in fact get in the way. I would need a version of olpc-contents that
does not include (and later, does not care for) file ownership or mode
data.
So it's close enough, but it gets in the way in a big time. Just
picture the instructions:
- Only Windows users: install sha1sum from here - link to exe
(sha1sum is in stock OSX and Linuxen)
- create an empty dir and put what you want inside
- check no stray files are there
- run 'sha1sum * > manifest.md5'
- Windows users, here's an alternative GUI if you want...
to
- Debian/Fedora users - here's a nice rpm & deb
- Everyone else: install this python script with its related
libraries and bits in C... various pages of explanations based on
http://docs.python.org/ext/win-cookbook.html - I quote:
"To build extensions using these instructions, you need to have a copy
of the Python sources of the same version as your installed Python.
You will need Microsoft Visual C++ ``Developer Studio''"...
- create empty dir...
Must say - I've read the source and it's a good tool. However my
thinking right now is that it doesn't add enough for my use case, and
it gets in the way big-time. Just to make it usable for the use cases
I have will take several times more work to make it usable than to
write the little script I'm thinking of.
cheers,
m
--
martin.langhoff at gmail.com
martin at laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
More information about the Server-devel
mailing list