Discussion about PR: WIP: Snapify ntpsec
Mark Atwood
fallenpegasus at gmail.com
Tue Aug 9 15:58:47 UTC 2016
This looks great, Christian.
Is there anything we need to do to have our buildbot system test it?
..m
On Tue, Aug 9, 2016 at 8:10 AM Christian Ehrhardt <
christian.ehrhardt at canonical.com> wrote:
> Hi,
> I wanted to give the ML a ping as well about this, so that not only the
> Pull Request is existing.
> Eventually one here might chime in as well.
>
> There is a prototype to snap ntpsec at
> https://gitlab.com/NTPsec/ntpsec/merge_requests/49
>
> I'll quote my PR text here and hope for a great discussion:
>
> "Hi, on one hand I worked on packaging ntp (classic) recently and on the
> other hand I worked a bit with snapcraft (=> http://snapcraft.io/). I
> really think ntpsec would be a perfect candidate to exploit snap packaging.
>
> Please consider this an RFC for now - following the spirit of NTPsec
> contribution policy "Before starting significant work, please propose it
> and discuss it first" I'll also write to the ML linking to this branch. But
> also did I not just want to mention snapcraft and run away - instead I
> thought to provide a prototype that can be tested, but discuss motivation,
> tech and details before doing some more heavy lifting work.
>
> My current example is meant for a daily build, but this can easily be
> changed to whatever you prefer. Snapcraft could - for example - build from
> a stable branch of your tree automatically or whatever else you want.
>
> Benefits of exploiting snap(craft) in ntpsec (in my opinion):
>
> - for security it is often important to be able to push fixes fast to
> consumers, snaps are great for that as it somewhat cut's out the
> distributions as a gatekeeper of a release process
> - ntpsec isn't packaged in distributions yet, an upload to the
> snapstore would make you instantly available on multiple distributions
> - faster development iteration cycles, which is especially useful for
> new (or newly forked) projects
> - and of course all the benefits listed at http://snapcraft.io/
>
> Limitations:
>
> - this doesn't use any of the great snap isolation features yet (still
> using --devmode to get the prototype fast). Implementing those will need a
> few new interfaces and that effort should be spent after the discussion
> (but on the good side, you haven't lost anything - just not gained all of
> the snap isolation features yet).
> - currently there is no snapcraft plugin for waf, so I provided one
> (but I also started to push it to snapcraft already so it can be dropped
> from ntpsec in a bit)
>
> I'm looking forward and hope that the security improvements of ntpsec and
> those of snap's for packaging will one day stack up to be even better
> together. Let's discuss.
>
> Kind Regards Christian
>
> P.S. FYI - I'm soon going to vaction - so please don't wonder if there is
> kind of no-response between 13th and 23rd August. OTOH this gives everyone
> more time to play and experiment with it."
>
>
>
> --
> Christian Ehrhardt
> Software Engineer, Ubuntu Server
> Canonical Ltd
> _______________________________________________
> devel mailing list
> devel at ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160809/ed68faa3/attachment.html>
More information about the devel
mailing list