[packagekit] Debconf and PackageKit Was Re: Packagekit and Ubuntu

James Westby jw+debian at jameswestby.net
Fri Feb 12 09:02:24 PST 2010 

On Thu, 11 Feb 2010 04:10:50 -0800 (PST), Daniel Nicoletti <dantti85-pk at yahoo.com.br> wrote:
> It seems you guys did not like the connection ID idea, but if you use
> the transaction ID as an unique thing (as you know this is a public thing)
> this will be more like a PackageKit frontend than a Debconf general frontend,
> IMHO if the GUI running as user call dconf-dbus which register
> itself on the system bus and return the dbus connection id
> now you have one thing that only the application that will ask
> for a install task will know. Then forward this to PackageKit as
> root (by using setHints() ) which the backend sets an envvar with this value.
> IMHO this is still the safer method and we don't need to change
> PackageKit at all.

setHints() sounds useful.

  1. The client-side code starts up a process, or uses itself, on the
  system bus which has an org.debian.Debconf interface (either at the
  root or we pass the object path around with the DBus name).

  2. It then calls setHints() with the unique name of the process on the
  system bus.

  3. Packagekit passes this on to the apt backend.

  4. The apt backend arranges things such that debconf will use a dbus
  frontend, set up to talk to this unique name.

  5. When debconf needs input it attaches to the system bus and
  communicates with the name that it knows is associated with this
  transaction. If the name is not then when it does so then it can go
  non-interactive.

  6. When the client-side process attached to that name gets a request it
  prompts the user and returns the results.

That sounds feasible to me, with a couple of requirements:

  * setHints() must only be allowed to be called by the owner of the
    transaction.

  * The client-side process only allows messages from root-owned
    processes.

  * The documentation for setHints() states "The following parameter
    values are understood: [...]" so we should ensure that it doesn't
    reject others. It would be simple to add another for our use though.

Colin, Richard, does that sound ok to you?


Thanks,

James

More information about the PackageKit mailing list