Re: [Gnu-arch-users] Arch Configuration: Replication and fail safe

[ALEJANDROLANDIM]

Robert Anderson wrote:
> ALEJANDROLANDIM wrote:
> >Michaeljohn Clement wrote:
> >>On Wed, 2004-02-11 at 03:37, ALEJANDROLANDIM wrote:
> >>>>What type of data?
> >>>>       
> >>>>
> >>>At first I just want to have simple text files and binary files, but
> >>>later I'd like to have databases (that would require modifying tla to
> >>>work great with binary database tables)
> >>>     
> >>>
> >><snip>
> >>   
> >>
> >>>Yes, I'd like to have websites managed with tla using my proposed
> >>>configuration.
> >>>     
> >>>
> >>It sounds almost as if you are thinking of using Arch as a
> >>general-purpose incremental backup system, and replicating file system.
> >>
> >>Arch is designed for source code version control, and there's a chance
> >>that you haven't found exactly the right tool for what you need to do. 
> >>Probably there is such a tool, maybe if you can give a more explicit
> >>description of what you are interested in accomplishing, someone on this
> >>list can at least point you in the right direction.
> >
> >I could go with a system without branches but I need to keep all
> >versions in a consistent state. An incremental backup system is not
> >enough since that is not symmetrical, I want all the versions on all the
> >computers and if some computer gets compromised it can't remove
> >the version history from the other computers.
> >
> I'm confused by your requirements.  You say you want all the computers 
> to have the same data, and then in the next breath you want to be sure 
> that they don't have the same data when one of them is "compromised."

I want all machines to have the same data, but if one of the machines
gets compromised I don't want the other machines replicating the
compromised data. I just want to keep all the revision history.
I don't care if a compromised machine sends compromised data if I keep
all the changes in the other machines I would be able to remove those
compromised changes.

> I think your problem here has nothing to do with the data duplication 
> (which arch _may_ be able to help with, but it seems doubtful it's ideal 
> for your application), but in defining when the data is "compromised."
> 
> What do you mean by that?

A trojan/virus/spyware has access to the archive and can modify it.

I don't want the trojan removing version history and also that version
history being removed in other non compromised machines.

The problem here is that I want to keep all the revision history, even
if some machine removes part of it.