User:Apg

From ArchWiki
Jump to: navigation, search

pacman TODO

remove/rename --force

--force is a very generic name for what it actually does and is often misunderstood. It's also an all-or-nothing option. Replace it with a more specific --overwrite-files option that allows specifying the exact files to be overwritten.

config/option parsing

  • only interpret '#' as starting a comment at the beginning of a line (https://bugs.archlinux.org/task/48702)
  • error on unknown options
  • multi-value options provided on the command-line override rather than append to configuration values
  • use wordsplit to split multi-value configuration options that can contain spaces
  • use the last configured value for all single-value options (dbpath, root, logfile, etc)
  • do not split --ignore/--ignoregroup on ',' (commas are valid characters in package names and groups)

external downloader

The external callback-based downloader has several deficiencies compared to the internal downloader:

download callback

The download callback is ill-equipped to deal with slow or poorly configured servers. libalpm should normalize arguments to the front-end callback (xfered, total) to indicate the following conditions:

  • download initialized (0, -1)
  • non-xfer event (0, 0)
  • download progress, unknown size (X {X>0}, 0)
  • download progress, known size (X {X>0,X<Y}, Y {Y>0})
  • download completed (X {X>0}, X)
  • download error (-1, HTTP_ERR)

dynamic users

makepkg

  • add package user information to PKGBUILD (/etc/passwd format?)
  • add users to .PKGINFO
  • create dynamic users with fakeuser during package()

libalpm

  • if user exists on system, use system uid
  • if user does not exist and uid is unassigned, use package uid
    • attempt to add user to /etc/passwd
  • if user does not exist and uid is assigned, fallback to uid 0
  • need to use the user info from inside the root (chroot for file extraction?)

signal handling

  • separate different signal handlers
  • restrict to safe functions (see signal(7))
  • restrict scope to trans_commit
  • reset ignored signals prior to running scripts/hooks - child processes inherit any ignored signals from their parent. GPGME sets SIGPIPE to SIG_IGN and front-ends may ignore additional signals.

libalpm API

  • remove ignorepkg support from functions that don't modify the transaction
    • move alpm_find_group_packages to frontend
  • allow searching arbitrary package lists rather than databases
  • report memory errors from alpm_list_* functions
  • stop resetting pm_errno everywhere

pacman ui reorganization

Some of pacman's options are organized by target (--query) while others are organized by action (--deptest). Organization by target results in a large number of unrelated operations being grouped together. Reorganizing operations by action will provide greater consistency, fewer invalid option combinations that must manually be checked for, and easier extensibility for things like combined add/remove transactions.

-X install/upgrade/remove
 --install
 --pkgfile
 --remove
 --refresh, -y
 --sysupgrade, -u
 --print, -p
 --dryrun
 --nodeps, -d
 --downloadonly, -w
 --asdeps
 --asexplicit
 --ignore
 --ignoregrp
-S search
 --local/--sync     (show both by default)
 --group
 --foreign
 --native
 --owns-file
 --unrequired
 --required
 --explicit
 --depends
 --upgrades
 --satisfies        (-T replacement)
--info, -I <pkgname>...
 --local/--sync     (show both by default)
 --short            --search style output
 --verbose          show extended information
 --files            list files owned by <package>
 --changelog
 --format           expac-style output
--check, -K [<pkgname>...]
 --recursive        perform checks on package [opt-]depends
 --files            basic file list verification (default)
 --depends          check for missing dependencies
 --opt-depends      check for missing optional dependencies
 --file-properties  check file properties against MTREE data
 --backup           include backup files in modification checks
--database, -D
 --asdeps
 --asexplicit
--version, -V
--help, -h
--groups, -G        list groups
 --local/--sync     (show both by default)
-? clean cache (retire in favor of paccache?)

combined transactions

TRANS_FLAG_NEEDED with sync?

miscellaneous

  • move max filename tests to alpm unit tests
  • sync db files immediately after extraction
  • unit/integration tests
  • store md5/sha256 in local db for comparison to sync db pkgs
  • allow checking user/group names with -Qkk (requires modifications to libarchive)
  • libalpm man pages
  • clarify "skipping duplicate target" messages
  • githooks
  • check that fs file type matches old package filelist for conflict checks
  • document doxygen format
  • consolidate similar messages
  • use -fvisibility=hidden for clang
  • peculiar run_chroot arg0 strcpy's
  • dependency tree
  • sync, remove, etc. call graphs
  • translation context
  • add targets to conflicts if they need to be removed first
  • look at upgrade045.py
  • makepkg test suite
  • check all malloc's for success

Format Specifications

package

A package is an archive file readable by libarchive that contains metadata files and the actual package contents. All metadata files begin with a period (dot) and are located in the archive root:

  • .PKGINFO
  • .BUILDINFO (optional)
  • .MTREE (optional)
  • .INSTALL (optional)
  • .CHANGELOG (optional)

All other root dotfiles are reserved for use by libalpm. The package contents are similarly located directly in the package root. All file paths should be relative and not contain '.' or '..' anywhere. All intermediate directories must exist in the archive. Metadata files must come before package files. Package contents must be sorted according to the C locale. For example, a package file structure might look like:

.PKGINFO
.MTREE
bin/
bin/pacman

.PKGINFO

The .PKGINFO file contains metadata about the package itself. It must be a plain INI-style text file. Lines must not contain any leading whitespace. Empty lines and lines beginning with '#' will be skipped. Key-value pairs must be separated by " = ".

String Fields

  • pkgname
  • pkgbase
  • pkgver
  • pkgdesc
  • url
  • packager
  • arch

String List Fields

  • group
  • license
  • depend
  • optdepend
  • makedepend
  • checkdepend
  • conflict
  • replaces
  • provides
  • backup

Numeric Fields

  • builddate
  • size

.BUILDINFO

.MTREE

The .MTREE file is an optional file that describes file properties such as size, owner, group, etc. It allows pacman to check if files on a system have been modified after installation. It can be in any format readable by libarchive. Note: third-party tools may expect this to be in the same format generated by makepkg, which uses the following:

LANG=C bsdtar -czf .MTREE --format=mtree --options='!all,use-set,type,uid,gid,mode,time,size,md5,sha256,link'

.INSTALL

The .INSTALL file defines functions to run before and/or after a package operation is performed. See PKGBUILD(5) for more information.

.CHANGELOG

An optional file describing the changes between package versions. .CHANGELOG is intended solely for display directly to the user without any parsing or processing. It should be plain text, but the contents may be formatted in any way suitable for presentation to the user. See PKGBUILD(5) for more information.

database

pacman LIMITS

alpm

  • all pkginfo fields limited to 1024 (local_db_read)
    • sync_db_read handles 512 * 1024
    • parse_descfile limits to 512 * 1024 - length of field name
  • path length: 1024 (local_db_read)
    • limited to PATH_MAX - strlen(rootdir) elsewhere
  • no newlines in any package data
  • no dotfiles in base directory
  • no '/' in db names, package name, or package version
  • syncdb cannot be named 'local'
  • package name + package version limited to NAME_MAX
  • script output cannot contain NUL bytes
  • package name should not contain '=<>' (can't be used as a dependency)
  • package name should not contain ": " (can't be used as a dependency)
  • backup file paths limited to PATH_MAX - (len(hash) + 2)
  • db extension should not be .part
  • pkgver cannot contain '-', can lead to overlap in database entry names causing aborted transactions
  • front-ends may not set a global SIGPIPE - if a SIGPIPE handler is active when gpgme is initialized it will not ignore SIGPIPE

pacman

  • maximum file length: PATH_MAX
  • no whitespace in multivalue options
  • no # in option values

makepkg

  • pkgname may not start with '-'
  • pkgname may not start with '.'
  • pkgname may only contain [:alnum:]+_.@-]
  • epoch must be a positive integer
  • pkgrel must be a positive decimal
  • arch may only contain [:alnum:]_
  • provides cannot contain '<>'
  • pkgver cannot contain ':-' (confuses epoch/pkgrel parsing)

Rejected Features

makepkg: shallow git clones

pacman: save warning messages until the end

makepkg: replace default checksums