From owner-freebsd-hackers@FreeBSD.ORG  Sat May 12 05:46:13 2007
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B209816A400
	for <freebsd-hackers@freebsd.org>; Sat, 12 May 2007 05:46:13 +0000 (UTC)
	(envelope-from kientzle@freebsd.org)
Received: from kientzle.com (h-66-166-149-50.snvacaid.covad.net
	[66.166.149.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 8E3F713C457
	for <freebsd-hackers@freebsd.org>; Sat, 12 May 2007 05:46:13 +0000 (UTC)
	(envelope-from kientzle@freebsd.org)
Received: from [10.0.0.222] (p54.kientzle.com [66.166.149.54])
	by kientzle.com (8.12.9/8.12.9) with ESMTP id l4C5k6H7009206;
	Fri, 11 May 2007 22:46:11 -0700 (PDT)
	(envelope-from kientzle@freebsd.org)
Message-ID: <4645549E.1000407@freebsd.org>
Date: Fri, 11 May 2007 22:46:06 -0700
From: Tim Kientzle <kientzle@freebsd.org>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.12) Gecko/20060422
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Joerg Sonnenberger <joerg@britannica.bec.de>
References: <200705102105.27271.blackdragon@highveldmail.co.za>	<f20c8u$htp$1@sea.gmane.org>
	<4644847A.5060702@freebsd.org>
	<20070511153448.GA7516@britannica.bec.de>
In-Reply-To: <20070511153448.GA7516@britannica.bec.de>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-hackers@freebsd.org
Subject: Re: New FreeBSD package system (a.k.a. Daemon Package System (dps))
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 12 May 2007 05:46:13 -0000

>>3) As DES pointed out, the package tools must be able
>>   to read the metadata before the files.
> 
> Actually, the argument is pretty weak. Being able to extract them
> streamable and access the meta-data easily is fine. The remote access
> argument is very weak as it doesn't allow e.g. signature checks.

I presume you mean that you have to scan the entire
package to verify the signature before doing installation?

I don't think you do, really.  If you can roll back an
installation, then you can verify the signature during
a streaming install; if the signature fails, you roll back.
A good package installer needs to support rollback anyway
to do robust dependency handling.

I know two relatively straightforward ways to structure
the installation process to support rollback.  <sigh>
So many ideas, so little time... ;-)

Tim Kientzle