On Fri, 25 Jan 2008, seth vidal wrote:
Hi Everyone,
here's another patch. If you get an installed package object you can
call pkg.verify() on it and it will do some of the checks you'd get from
rpm -V pkgname and hand you back a dict keyed on fn with the values
being the issues found. The results format is up in the air, it needs to
be a bit more object-y but it's not a bad start.
The patch is here:
http://skvidal.fedorapeople.org/patches/installed-package-verify-start.patch
I'll probably clean it up a bit more, finish out the mode-checking from
rpmFiMode and then check it in. It's not invasive into any of our code
and could be useful for people doing all sorts of zany things.
James Antill suggested that I add a pattern arg to verify() which I did.
You pass a list of globs/files that you want checked to it.
pkg.verify(['*bin/*', '*lib/*']) will check files matching those.
by default, of course, it checks them all.
Let me know what you think, this was actually easier than I thought it
would be so... :)
Yup... Where you will get into trouble is checksumming, taking prelinking
into account and that fun, if there are other special cases I don't recall
offhand. Rpmlib knows how to deal with those, and the responsibility of
fetching the on-disk info should be rpmlib's, not each and every API
users'.
I've been thinking about the "verify API" on and off, what I have in mind
at the moment is a (rpmfi) method that'll give you a new rpmfi object,
populated with the on-disk information. With that, all you have to do is
to iterate over the header-fi and ondisk-fi objects and compare the data.
So verifying a package would look somewhat like this:
fi = hdr.fiFromHeader()
dfi = fi.onDisk(patterns=[])
while ... iterate over both rpmfi objects...:
if fi.group != dfi.group:
problems.append("group mismatch")
if fi.mtime != dfi.mtime:
problems.append("mtime mismatch")
...
This would (should ;) work on both C and Python level pretty much "just
like that", without requiring any new data structures and methods to
access the data. rpmlib already knows how to fetch all the ondisk info
naturally, it just throws away the actual data and gives "modified" vs
"not modified" answers. All that's needed is the rpmfiFromDisk()
method (on C-level), should be fairly straightforward to lift the existing
verification code and stuff it into rpmfi...
There you'd have a very simple to use lowlevel "verification API", on top
of which you can then build whatever fancy python verification objects if
you wish.
Thoughts?
- Panu -
_______________________________________________
Yum-devel mailing list
[email protected]
https://lists.dulug.duke.edu/mailman/listinfo/yum-devel
