Alpine Linux:Ideas: Difference between revisions
(added link to apk-tools ideas) |
m (→Version number on floppy: Typo) |
||
Line 65: | Line 65: | ||
=== Version number on floppy === | === Version number on floppy === | ||
As Alpine progresses, the data stored | As Alpine progresses, the data stored on the floppy needs to be converted from version to the other. It would be nice to be able to see what version of Alpine the data on the floppy belongs to. Then the conversion script will have to do less magic to upgrade the data. | ||
=== SSL signed floppies === | === SSL signed floppies === |
Revision as of 14:18, 17 February 2008
This is the place to put feature requests and share ideas for Alpine. From these we'll update our Roadmap, which in turn populates our Todo list. Discussions of ideas should probably take place on the Alpine-Devel mailing list, but feel free to use the discussion function of the wiki too.
For apk-tools C rewrite ideas see the apk-tools ideas page.
Signing packages
Make a port of the freebsd pkg_sign, stripping out everything but the x509 part. Using this will allow us to ship a certificate with the distro and make it possible to verify that updates really comes from the same (or authorized) origin.
It is possible to sign single packages or the INDEX file, or any other file, as long as it is gzipped.
Booting from net
Provide ip address and remote hostname as kernel parameter and run directly from network. The only thing needed for this would probably be a special initramfs image.
Webconfig framework
I have no idea how this should be done. But i think we should support and encourage ssl from the very beginning.
on 16 Aug 2006, Natanael posted to the mailing list:
Some ideas for the webconf. 1. Log changes. Log changes and add a posibility to add user comments. Something like blogging. You can add comments. Log could look like: <id> <when> <who> <what> <where> <comment> For example: admin changed ip of eth0 from 192.168.0.100 to 192.168.0.1 "Just testing" admin added firewall rule <bla bla> "Disallow web traffic thats not proxied" admin changd password for root ncopa removed static ip from DHCP server "This device is no longer used" 2. User comments on the web pages. ncopa <date> The static routes are there as a workaroud for .... admin <date> Note that this is the second DHCP server so don't change the ip range withough checking rtr-02
Regarding item 1, busybox diff is built into alpine. The model could run a diff from the previous config file and the current config file; also noting ip addr / timestamp / username for the person making the change. This has the very interesting possiblity of rollbacks - playing a diff "backwards" (patch -R) could allow for undo/redo within the web framework.
Item 2 is just another text file for the controller to manage.
Running from read only media
One of the concepts are that the media from where the sytem loads should be readonly. We could have a check in the boot process if media is readonly. If it is not, refuse to start. This is specially good for USB sticks, where a USB stick that is possible to physically write protect would be required.
Installer templates
Have some "templates", or presseeds or something similar so you can easily install a lot of alpine boxes.
Autorun program/script on CD
Could be nice with an autorun program that will be executed when cd is inserted in a windows computer. It could have a menu with the following options:
- create boot floppy for CDROM
- create boot floppy for USB
- install Alpine on an USB drive
Package database
A database with all the packages and their status.
Possibility to rate/vote packages? Some easy way for users to give feedback on what packages they think we should focus on.
Version number on floppy
As Alpine progresses, the data stored on the floppy needs to be converted from version to the other. It would be nice to be able to see what version of Alpine the data on the floppy belongs to. Then the conversion script will have to do less magic to upgrade the data.
SSL signed floppies
Make it possible to sign/encrypt the data on the floppies. the floppies contain the most valuable data of alpine. It would be nice if setup-alpine would ask if I want to create a new key, or import an existing key and then encrypt or sign the contents of the floppy with it. On a reboot the admin would have to give the password for the system to run. Since mission critical systems have an UPS, this should not really be a problem.
Installer for headless installs
Installer that would create a bootable iso/usbdrive + a working config. Could be written in wxWidgets so it could be run from either Windows or Linux.