Postgres Pro
Downloads
Home   >   mailing lists

Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA - Mailing list pgsql-pkg-debian

From Martin Pitt
Subject Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA
Date
Msg-id 20130219153632.GE3033@piware.de
Whole thread Raw
In response to Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA  (Magnus Hagander <magnus@hagander.net>)
Responses Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA  (Magnus Hagander <magnus@hagander.net>)
List pgsql-pkg-debian
Tree view 
Magnus Hagander [2013-02-19 16:22 +0100]:
> > The instructions at http://www.postgresql.org/download/linux/debian/ are a
> > bit much right now, so some automation toward reducing them would be useful.

> Yes. This is why we have multiple debian packaging experts in the
> project. And also people who know some things about debian packages
> and some things about usual customers, to bridge the gap ;)

I think I can claim to have a sufficient understanding of how Debian
and Ubuntu archives and packaging work to offer to write such a
script. :-)

> Just to keep people informed, the current plan which is the latest
> conclusion in the IRC discussion amongst the packagers is:
>
> * Change the package pinning to be less conservative, and more with
> what most people want. That will remove one step from the installation
> instructions. Obviously this needs some lead time, but shouldn't be
> too much.

I'm very much in favor of this.

> * Create an automated script that will set the repository up for
> people. This can either be downloaded and run, or it can be downloaded
> as a signed https download and piped directly to the shell for those
> daring people who trust postgresql.org.

My current idea is to ship both the GPG key and the script in the
Debian/Ubuntu postgresql-common package. This closes the
authentication loophole in the sense that you can trust to get the
real postgresql archive if you trust that you have the real Debian
archive, and it doesn't need scary "wget | sudo bash" hacks.

So in theory this script could also set up the apt pinning, but I'd
rather not, because (1) doing that automatically would be besides the
point of having the pinning requirement in the first place, and (2)
automatically doing this can potentially break an already existing
(unrelated) apt pin configuration in "interesting" ways.

> * This will *not* mean we remove the documentation - the complete
> manual setup instructions will remain for expert users. But we'll push
> an automated way above them.

Yes, of course.

Thank you!

Martin

--
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)

pgsql-pkg-debian by date:

Previous
From: Magnus Hagander
Date:
Subject: Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA
Next
From: Devrim GÜNDÜZ
Date:
Subject: Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA