[pacman-dev] [PATCH 2/2] copy file siglevels from SigLevel when first seen

Allan McRae allan at archlinux.org
Fri Nov 1 00:25:35 EDT 2013 

On 31/10/13 21:43, Allan McRae wrote:
> On 31/10/13 21:45, Andrew Gregory wrote:
>> On 10/31/13 at 04:13pm, Allan McRae wrote:
>>> On 28/10/13 23:58, Andrew Gregory wrote:
>>>> Both repo-specific siglevels and file siglevels used the default
>>>> siglevel as their base.  Previously, repo siglevels inherited when the
>>>> repo was parsed, but file siglevels inherited after config parsing was
>>>> complete.  Having both options inherit from the default when they are
>>>> first parsed is more intuitive and reduces parser complexity.
>>>>
>>>> Signed-off-by: Andrew Gregory <andrew.gregory.8 at gmail.com>
>>>> ---
>>>>
>>>> This may change how some existing config files are parsed, but I doubt anybody
>>>> is purposefully using the old behavior.
>>>>
>>>
>>> Can you provide details of the old behaviour that is "broken" by this?
>>
>> Sure, here's an example:
>>
>> SigLevel = Required TrustedOnly
>> RemoteFileSigLevel = Optional
>> SigLevel = TrustAll
>>
>> Old behavior: RemoteFileSigLevel's final value is Optional TrustAll. 
>> New behavior: RemoteFileSigLevel's final value is Optional TrustedOnly.
>>
> 
> I'm happy to break that.
> 
> Perhaps we should consider SigLevel being specified twice in a
> pacman.conf as an error.  It does not seem like a good idea to allow
> that as people would just see the first one when scanning their
> pacman.conf file.
> 

And here I remembered why I did that all this weirdness:


LocalFileSigLevel = TrustedOnly
SigLevel    = Required DatabaseOptional TrustedOnly

Old behaviour: LocalFileSigLevel = Required
New behaviour: LocalFileSigLevel = Optional

or:

SigLevel    = Required DatabaseOptional TrustedOnly
LocalFileSigLevel = TrustedOnly

Old behaviour: LocalFileSigLevel = Required
New behaviour: LocalFileSigLevel = Required


So now order of values in the pacman.conf file matters.

The documentation says LocalFileSigLevel uses SigLevel as the default.
The question is how is that interpreted.  The old way is that SigLevel
was the base that LocalFileSigLevel built upon.  The new way is that
LocalFileSigLevel takes value of SigLevel only if it is unspecified in
the pacman.conf.

I really do not like the order options are provided in the pacman.conf
mattering.  We could simplify this by saying that LocalFileSigLevel
defaults to SigLevel when it is unset (which is probably how
documentation in pacman.conf.5 is interpreted anyway...)

Allan

More information about the pacman-dev mailing list