New FreeBSD package system (a.k.a. Daemon Package System (dps))
Peter Jeremy
peterjeremy at optushome.com.au
Fri May 11 19:43:48 UTC 2007
On 2007-May-11 17:34:48 +0200, Joerg Sonnenberger <joerg at britannica.bec.de> wrote:
>On Fri, May 11, 2007 at 07:58:02AM -0700, Tim Kientzle wrote:
>> 3) As DES pointed out, the package tools must be able
>> to read the metadata before the files. If you really
>> need a completely separate metadata file, make it
>> the second file in the archive.
>
>Actually, the argument is pretty weak. Being able to extract them
>streamable and access the meta-data easily is fine. The remote access
>argument is very weak as it doesn't allow e.g. signature checks.
Possible options for signature checks on a stream:
1) Have one of the early metadata files be a signed set of hashes for
all the expected files. Validate that file and if it's OK use the
hashes to validate the other files as they are unloaded. You can
check at the end that you have everything you were expecting.
2) Make pkg_add itself transactional (close to ACID): Unload the
files into the final locations with temporary names and mode 000.
At the end of stream, check the signature. If it's OK, just
rename all the files and fix the modes, otherwise delete them all.
Rename/chmod is much cheaper than copying the files (and something
tar does anyway - you are just delaying it). This has the added
benefit that nothing else can use the package until it's completely
unpacked.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20070511/68515391/attachment.pgp
More information about the freebsd-hackers
mailing list