[Fedora QA] #237: tests to verify that torrents and mirrors contain signed checksum files
Fedora QA
trac at fedorahosted.org
Sat Sep 10 02:34:31 UTC 2011
#237: tests to verify that torrents and mirrors contain signed checksum files
-----------------------+----------------------------------------------------
Reporter: robatino | Owner:
Type: task | Status: new
Priority: major | Milestone:
Component: Wiki | Version:
Resolution: | Keywords:
-----------------------+----------------------------------------------------
Comment (by robatino):
I found the page describing how torrents are created:
https://fedoraproject.org/wiki/Infrastructure/SOP/TorrentRelease
If someone in QA had an account on this machine, it would be possible to
verify the content (.torrent file plus uploaded files, including the
signed checksum file) prior to running step 9. I wasn't aware that the
content had to exist on the server together with the .torrent file, so
there doesn't seem to be any easy way to exclude access to the signed
checksum file. (Although since the mirrors which get access to it days in
advance usually leak anyway, maybe it should just be quietly made public
prior to the official release date.)
--
Ticket URL: <https://fedorahosted.org/fedora-qa/ticket/237#comment:4>
Fedora QA <http://fedorahosted.org/fedora-qa>
Fedora Quality Assurance
More information about the test
mailing list