[Apt-Rpm] What is the best choice for RPM Update Tool

[Panu Matilainen]

On Tue, 15 Jan 2008, Quan phongvan wrote:

> Dear Panu,
> As jean-seb recommmede me to ask you a favour. If you don't mind, can you
> help me about these aspects that I have to consider more about apt as a
> update-tool.
> 1. About protocols are supported by apt-rpm, I care so much about http and
> ftp because they both issue security threats: http using plan text to pass
> through their passwords for communication and so easily for hacker to do
> session hijack, in addition ftp passive mode also can be considered as a
> security threat too. Can you give me more advices for that issue?

Well, apt-rpm doesn't support https at the moment if that's what you're 
asking. There are patches floating around for that though, IIRC Debian 
apt supports https these days (but at the additional cost of depending on 
libcurl). Or you can set up a secure tunnel for the update.
Or you can use apt's ssh transport method.

> 2. I have tried puppet as a update tool for my system beside apt (puppet is
> a configuration management tool). If you tried puppet, do you think can I
> use both apt and puppet as an update solution for a huge rpm embedded Linux
> network system (apt as a front-end update tool on client, and
> puppet-puppetmaster as administration host)?

I've no idea whether puppet has any sort of apt-integration in it.

 	- Panu -