FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Pacman Development

 
 
LinkBack Thread Tools
 
Old 05-21-2011, 10:37 AM
Allan McRae
 
Default About pacman and libalpm workflow

On 21/05/11 19:15, Rémy Oudompheng wrote:

On 2011/5/21 ari edelkind<edelkind+arch-pacman@gmail.com> wrote:

- What's the general idea -- the program flow -- of the way it's
currently being implemented? Pseudo-code would be perfect for
answering this, but really, anything with system-level details
will do (the "package signing proposal" is not current and does
not contain system-level details).


Hello Ari,

It's a bit difficult to answer that question, I don't exactly what
documentation sources there are out there. I'll try a rough draft, and
then you can ask more questions if you want. Also try to have a look
at pyalpm: it contains example scripts in Python that try to replicate
pacman 3.5 behaviour.

Here is how to use libalpm :
- initialize it (alpm_initialize)
- set options (alpm_option_set_*)
- register databases (alpm_db_register_sync)
- do something (many functions there)
- unregister databases
- release the library (alpm_release)

In the "do something" part, you may perform a transaction, that is,
installation or uninstallation of packages. Transactions are done as
follows :
- alpm_trans_init with proper options
- alpm_trans_add / alpm_trans_remove (says which packages you want to
add or remove)
- alpm_trans_prepare : this will resolve dependencies and conflicts
- alpm_trans_commit : this will download packages, check them (md5 or
signature), and install/remove them
- alpm_trans_release()

The functions that are called to check signature are
alpm_db_check_pgp_signature, alpm_pkg_check_pgp_signature. Options
make this check optional if needed.


To be honest, I have very little idea about pacman "program flow". I
follow something like this every time I go to dig deeper into the pacman
code and fix something:


http://allanmcrae.com/2010/11/basic-overview-of-pacman-code/

Allan
 
Old 05-21-2011, 12:01 PM
ari edelkind
 
Default About pacman and libalpm workflow

> To be honest, I have very little idea about pacman "program flow". * I
> follow something like this every time I go to dig deeper into the pacman
> code and fix something:
>
> http://allanmcrae.com/2010/11/basic-overview-of-pacman-code/

This is quite useful.
I should say, however, that i wasn't actually referring to pacman
program flow -- i was referring specifically to the flow of the
signing/verification process, as it's intended to operate.

ari
 
Old 05-21-2011, 02:49 PM
Rémy Oudompheng
 
Default About pacman and libalpm workflow

On 2011/5/21 ari edelkind <edelkind+arch-pacman@gmail.com> wrote:
>> To be honest, I have very little idea about pacman "program flow". * I
>> follow something like this every time I go to dig deeper into the pacman
>> code and fix something:
>>
>> http://allanmcrae.com/2010/11/basic-overview-of-pacman-code/
>
> This is quite useful.
> I should say, however, that i wasn't actually referring to pacman
> program flow -- i was referring specifically to the flow of the
> signing/verification process, as it's intended to operate.

There is not really any flow: the signatures are downloaded along with
the package, and the MD5 check is supplemented/replaced by a signature
check (which is essentially a single call to libgpgme).
Same process for databases.

--
Rémy.
 

Thread Tools




All times are GMT. The time now is 09:14 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org