On 2011/5/21 ari edelkind <edelkind+arch-pacman@gmail.com> wrote:
- What's the general idea -- the program flow -- of the way it's currently being implemented? Pseudo-code would be perfect for answering this, but really, anything with system-level details will do (the "package signing proposal" is not current and does not contain system-level details).
Hello Ari, It's a bit difficult to answer that question, I don't exactly what documentation sources there are out there. I'll try a rough draft, and then you can ask more questions if you want. Also try to have a look at pyalpm: it contains example scripts in Python that try to replicate pacman 3.5 behaviour. Here is how to use libalpm : - initialize it (alpm_initialize) - set options (alpm_option_set_*) - register databases (alpm_db_register_sync) - do something (many functions there) - unregister databases - release the library (alpm_release) In the "do something" part, you may perform a transaction, that is, installation or uninstallation of packages. Transactions are done as follows : - alpm_trans_init with proper options - alpm_trans_add / alpm_trans_remove (says which packages you want to add or remove) - alpm_trans_prepare : this will resolve dependencies and conflicts - alpm_trans_commit : this will download packages, check them (md5 or signature), and install/remove them - alpm_trans_release() The functions that are called to check signature are alpm_db_check_pgp_signature, alpm_pkg_check_pgp_signature. Options make this check optional if needed. Rémy.