Ubuntu
live-build package

would like a reasonably safe way of including https user:password data in chroot_sources/*chroot

Bug #637626 reported by Al Stone on 2010-09-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	live-build (Ubuntu)	Triaged	Wishlist	Unassigned

Bug Description

Binary package hint: live-helper

This may not be the best way to do this but I've attached a patch to the current lucid source that works for me.

The basic problem is in chroot_sources/*.chroot, if I wish to use a PPA, I need to provide a user:password combination for the https entries. I'd really rather not leave those values in that file -- which I may have to share with others. It's not really very secure.

What the attached patch does is allow me to put entries in a $HOME/.live-helper file that I can keep separate and protect, and keep strings in the chroot_sources/*.chroot file that will be replaced during lh build with the proper user name and password. I can now share the chroot_sources/*.chroot file without exposing my password to the PPA, different users can use their own user names and passwords, and there is no effect on those not using the https transport.

Tags:

Revision history for this message

Al Stone (ahs3) wrote on 2010-09-13:

rough patch that provides the desired functionality Edit (1.8 KiB, text/plain)

Colin Watson (cjwatson) on 2011-05-23

affects:	live-helper (Ubuntu) → live-build (Ubuntu)
Changed in live-build (Ubuntu):
importance:	Undecided → Wishlist
status:	New → Triaged

Brian Murray (brian-murray) on 2011-05-23

tags:

added: patch

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

rough patch that provides the desired functionality Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulive-build package