How to sign a remote repository, i.e. forward agent

Daniel Kahn Gillmor dkg at
Wed Jun 30 20:17:53 CEST 2010

On 06/30/2010 01:33 PM, Carsten Aulbert wrote:
> Thus maybe I should consider doing a 2-way sync:

If you're worried about collisions/race conditions, you could reduce the
race window to an arbitrarily small timeframe by having your sync
scripts hold an advisory lockfile on the public-facing machine.

Then, assuming everyone is using the same publishing scripts and has
access to the archive's secret key, you can ensure that you're
transmitting only the latest updates.

In that case, you probably want to sync conf/ and db/ (in addition to
dists/ and pool/) to ensure that everything is updated properly.
(you'll also want to ensure that everyone is using compatible versions
of reprepro).

OK, this is OT enough for gnupg-users now that i recommend following up
off-list if you need to.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100630/cbc4b880/attachment.pgp>

More information about the Gnupg-users mailing list