On 06/05/10 03:33, Denis A. AltoƩ Falqueto wrote:
On Wed, May 5, 2010 at 3:51 AM, Allan McRae<allan@archlinux.org> wrote:
5.2 devtools
I don't know them, so I can't comment. But the upload and repo.db generation will be affected, for sure.
repo-add is also mostly good to go (there are some TODOs left, e.g. aborting when the signature verification of the repo fails before adding the package).
There needs to be discussion about signing the repo database itself and how that is handled. Does the last person to add a package sign the lot? That might be reasonable given the package signatures have been verified in some sort of chain to the initial signing. But it does mean that developers are signing the entire db when they are only responsible for a small part. I guess that would also require private keys be available on the server creating the repo dbs.... That needs thought. How do other distros handle that?
Yes, this is a little troublesome right now. I don't know the workflow of the package upload and repo.db creation, but I presume that there'is a script to do it, right? Does repo-add run locally or remotely? I believe that it is run remotely. In that case, is there any synchronization scheme? Because we can have race conditions if two developers are calling it at the same time.
I was thinking about generating the sha1 hash of the repo.db on the server and to sign locally just the hash, so the exchange of data between the server and the local machine is minimized. A digital signature is basically just that anyway. We could have a script to help the process, together with synchronization of the repo.db, to avoid race conditions. But that depends on the workflow of the uploading process. Could you explain it to me?
This is the current Arch package upload procedure. Of course, it is not set in stone and if it requires changes for signing then that is fine. 1) packages are built locally, committed to SVN and uploaded to a staging directory on the main server. 2) on the main server, the dev runs a script that adds the packages in the dev staging area to the repos and updates the repo database. This script does some sort of locking to prevent races conditions. Allan