From cbf2dc42201ee56e0d2c9f565eee3208ef725aa2 Mon Sep 17 00:00:00 2001 From: davidovski Date: Sat, 30 Oct 2021 20:04:31 +0100 Subject: added notes to keep track of how everything should operate --- notes.txt | 141 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 141 insertions(+) create mode 100644 notes.txt (limited to 'notes.txt') diff --git a/notes.txt b/notes.txt new file mode 100644 index 0000000..962ba2b --- /dev/null +++ b/notes.txt @@ -0,0 +1,141 @@ +/etc/xi/xipkg.conf + for xipkg config + +in config define repo sources like this: + : + +eg: + davidovski: https://xi.davidovski.xyz/repo/ + + +then specify repos that should be loaded: + repos: core extra other + +/var/lib/xipkg + to contain all working files: + +/var/lib/xipkg/packages + "working dir" to keep xipkg files and xipkg.info + will look something like this: + packages/ + core/ + extra/ + + +/var/lib/xipkg/keychain +place to store publickeys for sources. + +/var/lib/xipkg/installed/ + /info - info about the package that has been installed to the system + /files - text file with all the files that it installed to the sysetm (for later removal purposes) + + +sync +------- +download all xipkg.info and keys from repos, done before all other commands + +just go to each source +and each repo +one by one take each xipkg.info +temporarily save each xipkg.info somewhere, per source + +find the latest xipkg.info and get the VER_HASH for that build +find all of the xipkg.info with that VER_HASH and compare their checksums +the most common CHECKSUM will win, so place that xipkg.info in the correct place + +? maybe make a warning about any sources that have outdated / different CHECKSUMS for that version hash (possibly malicious?) + +A database should be made: + +Packages: + [name (String), repo (String)] + +Sources: + [name (String)], url (String) + +PackageSources: + package (String), repo (String), source (String) + +This database should solve the problem of of which package infos come from which sources + + +??? +File: + path (String), package (String), repo (String) +??? + +install +------- + +if a xipkg file is specified and there is a corresponding .info as well, it will install it directly +if its a url, then download the xipkg file and its .info + +if its a package name: + check if it exists, + if that package name exists in multiple repos, then prompt to ask which repo to take from + +to check a package is already installed, search for its name in /var/lib/xipkg/installed + +to install package need to: + - find the package in a place in /var/lib/xipkg/packages + - find all dependencies and subdependecies in a tree, and repeat install for any that are missing + + - aquire .xipkg from correct source (look for the xipkg.info.source) + + - verify that the hash of xipkg is right + + - check against every publickey in /var/lib/xipkg/keychain (maybe better ideas?) + + - untar the xipkg + - list all package's files in xipkg into /var/lib/xipkg/installed//files + - copy the pkginfo to /var/lib/xipkg/installed/ + ( do not use a symlink since later syncs can make the information inacurate) + - copy all the files into their place on the system + (actually install the package) + + - make an install reciept that contains: + * the source that the package was downloaded from + * the key that was used to validate the package + * the date the package was installed + * the user that installed the package + * if the package was installed as a dependency + * other info? + + - ?? run some post install scripts?? + - ?? clean up?? + +remove +------ + +find the package's installed files in /var/lib/xipkg/installed//files and remove them from the system +(? maybe check if other packages need them, and dont remove then?) + +remove all the info from /var/lib/xipkg/installed/ + +(? check ) + +upgrade +------- +do a sync +if a package is specified, only upgrade that one package + +create a dependency tree and try upgrade core packages first (shouldnt matter really, since upgrading shouldnt have any dependencies other than xipkg and its subdependencies) + +to upgrade a package find that package in the repo and compare its pkginfo with the installed's package info + +if the VERSION_HASH is different then upgrade (guessing newer) +if the CHECKSUM is different AND the date is newer then upgrade (a different checksum with an older date could be a mistake) + +(cant rely only on version hash, because the way that the package was built can be changed) + + +force-upgrade +------------ +(! needs a better name) + +just removes the package and then installs it again + +file +------ +searches for a file to install +(!!! REQUIRES SOME KIND OF FILE DATABASE) -- cgit v1.2.1