Hello All.

Maybe it is time to start providing general anonymous access to resources over rsync protocol.

Technically we can do the following:

We now have resources files on a separate shared disk, we can create a new vm specially for rsync (and possible move all other protocols there) and then mount it read-only there so we mitigate any security risks and will never be able to change files from that vm. This is how we planned to improve resources initially.

The only thing is that afaik rsync protocol is not authenticated and encrypted. There is nothing secret on resources, but the files might be tampered along the way and I am not sure all rpms there have crypto signatures.

Anton.


On Tue, May 10, 2016 at 3:13 PM, Dotan Paz <dpaz@redhat.com> wrote:
Hi,
In order to support the RHEV CI's request to sync the repo to tlv,  i'd need to have anonymous  from tlv over rsync , IP : 82.81.161.50

Thanks

--

Dotan Paz , Systems Administrator
Labs & Capital Management ,
PnT DevOps
Red Hat inc.






--
Anton Marchukov
Senior Software Engineer - RHEV CI - Red Hat