DragonFly kernel List (threaded) for 2003-07
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
Re: packaging system
Sorry about missing the goals section of your site I have since
revisited it and done some reading. Man there are some pretty good
ideas there..
Have you had a look at portage in gentoo and how it manages versioning
as a possible short term alternative to your vision?
On Saturday, July 19, 2003, at 01:11 PM, Matthew Dillon wrote:
:Gday all,
:
:Just a couple of questions.
:
:Has anyone got any ideas on what you are envisioning for the packaging
:system of dragonfly. I have used FreeBSDs ports, debians dpkg and
Osx's
:fink for a bit and I am interested in software distribution and update
:systems. I would be happy to begin looking into a helping with a
higher
:level design or even just happy to help compile peoples ideas for web
:content.
I have a basic idea of what I would like to see, and how it could
be
accomplished. I discuss it somewhat in the Goals section of the
site.
:Also what are your thoughts of NSS switch.. are you planning to
:integrate this feature into dragonfly? I am a stalwart supporter of
the
:move to ldap as the core of an os's AAA model.
Well, I don't know enough about NSS switch to comment on it. I do
know what I want to see for authentication and that is a port
service...
a user level daemon, which takes and responds to requests from
processes
for user, group, and other authentication info. e.g. it would run
the
password crypt check too, and would be able to ask for (opaque to
it)
config files and environment variables from the requesting client
in
order to resolve things like ssh keys, kerberos, and so forth. It
would
deal with NIS or other over-the-network authentication systems as
well.
All of that would be invisible to the requesting client. I
really dislike having to compile authentication support into every
program
in the system, even if it is in DLL form (like PAM. I really hate
PAM).
e.g., the conversation would go something like this:
program: help, I need to authenticate 'charlie'! I have the
following
pieces of opaque data:
- Something called a ssh2_public_key, whatever that is
- Something called ORIGINATING_IP, whatever that is
service: send me your ~/.rhosts, ~/.shosts, ~/.ssh/authorized_keys
file
please.
program: I only have ~/.shosts and ~/.ssh/... here ya go.
service: that's good enough, your authenticated for the following
(opaque)
capabilities: (list of opaque capabilities)
program: Thanks! I have no idea what these capabilties are but
I'll hand
them out (one could be related to ssh that ssh understands. If
this
program is ssh then it will understand the ssh-related
capabilities).
And so on and so forth.
:Lastly have you thought about doing some research into some of the
:technologies used in darwin to possibly add even more to you new
:distribution. This is just a general fish for ideas from people in
this
:group and is not directed at any particular part of darwin.
It would depend on the technology. Some things might not mesh
well with
the existing goal set, other things might.
-Matt
Matthew Dillon
<dillon@xxxxxxxxxxxxx>
:BTW good to see there still people out there who are brave enough to
:break away from the establishment, roll up there sleeves and break
some
:stuff in the name of learning and innovation.
:
:Regards,
:
:Mark Wolfe
:Hammond Street Developments
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]