From owner-freebsd-current@FreeBSD.ORG Fri Mar 25 12:57:15 2011 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 04882106564A; Fri, 25 Mar 2011 12:57:15 +0000 (UTC) (envelope-from kimelto@gmail.com) Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id 65F248FC1C; Fri, 25 Mar 2011 12:57:14 +0000 (UTC) Received: by wyf23 with SMTP id 23so1178108wyf.13 for ; Fri, 25 Mar 2011 05:57:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=X1IkzSOW6s40CSc8SnvCOpp3ztkSgqgpaKJKiv70Iu8=; b=X1Qy4M6RsB2tKyp7e89H73j+t71SrHJTb9J5V2BTCGvg5++rTW+0SxLzT9laxk1MLj p+n0TWsasdVHNOegsxGgbGY2zzWzq0PwTGUGyg6maCE0Nb2K/r3rHMbek3zPlecD/1If TPqfffLhy8PqbsvtemBNQRDUPGMoWQNYcAqz0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=L9UTdQyAXMcWIB3ZRKlB+KLu8iU4+G8nNdy7K2JuJZ0B79G3HKZH7a078HstGVIwIR xidLt6DvoqXTBeUMk5df2Ldx2o0OQGnhBs3ORgnFHkq9SwEwLxOH9DUqtFjOw/xfxPDy 1GSLV1OMPZmrnsQiPwGsyebT5TeJXoEEB9grM= MIME-Version: 1.0 Received: by 10.216.87.131 with SMTP id y3mr2034929wee.3.1301056427715; Fri, 25 Mar 2011 05:33:47 -0700 (PDT) Sender: kimelto@gmail.com Received: by 10.216.85.3 with HTTP; Fri, 25 Mar 2011 05:33:47 -0700 (PDT) In-Reply-To: References: <20110325101111.GA36840__48943.3474642739$1301049771$gmane$org@azathoth.lan> Date: Fri, 25 Mar 2011 12:33:47 +0000 X-Google-Sender-Auth: 8UgSQfqImcuX03d834Vjyc1PhWc Message-ID: From: Julien Laffaye To: Ivan Voras Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-current@freebsd.org Subject: Re: [ECFT] pkgng 0.1-alpha1: a replacement for pkg_install X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Mar 2011 12:57:15 -0000 On Fri, Mar 25, 2011 at 11:52 AM, Ivan Voras wrote: > On 25/03/2011 11:11, Baptiste Daroussin wrote: > >> =A0In term of technology we decided to use a sqlite3 database, and to >> =A0prevent potential trolling, sqlite3 is used in it's amalgamation form >> =A0which means it is incorporated in the code sources (as recommanded by >> =A0sqlite developpers like a statically linked library) on build we only >> =A0activate the features we need in sqlite. > > I'm very glad you went with sqlite3! I've looked at pkgng source a bit an= d > it looks like you use transactions and foreign keys which is a huge benef= it > for the whole effort. > > At this time I'd just like to suggest you add the use of WAL journal > (http://www.sqlite.org/pragma.html#pragma_journal_mode) on database creat= ion > so you get the benefits of multiple-readers-single-writer concurrency mod= el. > It sounds like a good idea. I'll add WAL support and if no problem arise from that we should keep it. >> =A0The alpha release come with an experimental tool "pkg2ng" to convert >> =A0an existing package database to the new pkgng database format. So one >> =A0can test pkgng without rebuild all its packages. > > Could you change the filename of the database to have the ".sqlite" > extension? It's not important but it indicates what it is used by and new= er > software is moving to ".sqlite". > Sure. Maybe rename pkg.db to local.sqlite so it will consistent with the repo.sqlite (both in /var/db/pkg) >> =A0One of the thing we are thinking about pkgng is to perhaps be able to >> =A0provide it only as a ports (with simple script in base to >> =A0boostrap/install it). That would allow pkgng to live with the ports t= o >> =A0be able to easily integrate new features without having to support >> =A0very old version of pkgng. > > Maybe I'm misunderstanding but won't that mean that the ports system with= out > pkgng will continue to maintain their data in the current format? > If pkgng is not installed, the first thing the port system will do is to install it. >> =A0more informations can be found here: >> =A0http://git.etoilebsd.net/pkgng/tree/docs/GOALS, > > """ > =A0 =A0 =A0 =A0 =A0the database will be a sqlite file compressed with the= xz format. > =A0 =A0 =A0 =A0 =A0the database will be signed so we can trust the sha256= of the > =A0 =A0 =A0 =A0 =A0packages, so if a package has the expected hash, it is= considered > =A0 =A0 =A0 =A0 =A0trusted. > """ > > I'm not sure on what "the database" refers at this point, but is it reall= y > necessary to compress it? I don't mean it's hard to do, just that maybe i= t > would be simpler without it. It is the database describing the remote repository. It is interesting to compress it because it will be downloaded. > > About this signature: hashing like this is very rudimentary. Could you > design this to extensible, expecting real PGP-based signatures in the > future? We thought that signing the repo.sqlite file would be simpler. If we want to sign each package individually, we must have a tarball which contains the real tarball plus the signature. Regards, Julien