Opened 8 years ago

Closed 8 years ago

#8338 closed enhancement (fixed)

Write source mirror watch scripts

Reported by: ioerror Owned by: erinn
Priority: High Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Keywords: MikePerry201304
Cc: mikeperry, erinn, sebastian, arma Actual Points: 4
Parent ID: #8288 Points:
Reviewer: Sponsor:


We need watch scripts for all of the software that we depend on - so we get an email/im/irc message to tell us that a dependency has updated.

Child Tickets

Change History (2)

comment:1 Changed 8 years ago by mikeperry

Actual Points: 3
Keywords: MikePerry201304 added
Status: newneeds_review
Summary: Watch scriptsWrite source mirror watch scripts

I just pushed a set of watch scripts to mikeperry/ticket8338. I think these scripts will allow us to deploy #8286. Please have a look and tell me what you think. There are two scripts you should focus on:

  1. This script is meant to be run on to keep our source mirror up to date:

  1. This script is meant to be run on arbitrary machines run by other people, to verify the integrity of our mirror against tampering and targeted MITM:

Both scripts are meant to be run from cron. They should be silent except in the case of error.

I think that if enough people run that verification script, it is a better solution than requiring manual hash updates in the Makefiles (#8283).

comment:2 Changed 8 years ago by mikeperry

Actual Points: 34
Resolution: fixed
Status: needs_reviewclosed

These are now merged. We should get some people to actually run the script.

Note: See TracTickets for help on using tickets.