On 03/21/2016 09:50 PM, Adam Borowski wrote:
> On Mon, Mar 21, 2016 at 05:19:33PM -0400, Boruch Baum wrote:
>> 1] For a day-to-day changing alpha release it makes plenty of sense to
>> keep the initial download as small as possible, since so much is
>> expected to change as part of the development process.
>>
>> 2] OTOH, a developer wants to encourage people to test the install and
>> the release often, so it makes sense to have an initial iso download
>> packed with the stable and large software packages that aren't central
>> to the what the distribution is innovating. Any time a user runs a
>> second test, she incurs a bandwidth burden of an entire new install.
>>
>> 3] One complicated solution would be to not destroy
>> /var/cache/apt/archive on the target when re-installing. It could be
>> done by having the installer suggest to mount that folder on its own
>> partition, and then have the installer refer to it at the download stage.
>
> Trusting /var/cache/apt/archive on the target would risk way too many modes
> of breakage, let's not go there.
>
> If you're doing frequent installs, you'd better install apt-cacher-ng (or
> one of its competitors) on a box on the local network, and use that whenever
> asked for a mirror.
>
> The apt source will then be:
> deb http://$YOUR_CACHE_BOX:3142/ftp.$COUNTRY.debian.org/debian/
> or
> deb http://$YOUR_CACHE_BOX:3142/packages.devuan.org/merged
>
> This way you download any package, binary or source, at most once.
>

Good. But the point was to have that function folded into the installer,
with a fallback for a network download, in a manner simple for the
largest group of testers to use. Your suggestion seems to me in practice
to require of the user many more manual steps before, during, and after
each install. I've never used the technique, but you seem to also be
saying that it requires extra hardware, in the form of a local network
and a second box to host apt-cacher-ng.

Come to think of it, I challenge your starting point contention: "would
risk way too many modes of breakage", so let's do go there, if only for
a bit. What are all those "too many modes" and how bad are the risks?
What's the worst downside, worse than a failed keysign check?

--
hkp://keys.gnupg.net
CA45 09B5 5351 7C11 A9D1 7286 0036 9E45 1595 8BC0