Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA - Mailing list pgsql-pkg-debian

From Martin Pitt
Subject Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA
Date
Msg-id 20130219160156.GJ3033@piware.de
Whole thread Raw
In response to Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA  (Magnus Hagander <magnus@hagander.net>)
Responses Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA
List pgsql-pkg-debian
Magnus Hagander [2013-02-19 16:40 +0100]:
> Unfortunately, it will take quite a while to propagate, no?

Yes, but it took a long time to set up apt.p.o, and the PPA won't
disappear anytime soon anyway. This is also something which we can
backport to 12.04 LTS, and 10.04 LTS' lifetime isn't that long any
more anyway. For Debian, there's a good chance we can get it into the
next release (wheezy); it's in deep freeze, but that's a low-risk
change.

> What we were considering was using a curl | sudo bash basically. It
> will then be signed by our main SSL certificate, so that should be
> almost as trustworthy as a package signature (ours would be
> exploitable by somebody tricking a public CA into giving them a cert
> for www.postgresql.org)

That seems fine indeed. There's nothing wrong with having more than
one way -- if you have the local script, use that, otherwise use above
approach?

Thanks,

Martin
--
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)


pgsql-pkg-debian by date:

Previous
From: Martin Pitt
Date:
Subject: Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA
Next
From: Andres Freund
Date:
Subject: Re: Re: [pgsql-www] We should not transition to apt.postgresql.org until we have a PPA