On 04/14/2014 12:39 PM, Ted Zlatanov wrote:
> So, on my own, I've put up a proposal to just call package managers
> directly with the right parameters.
I have checked your pull request (but not tested it).
I am OK to delegate more to the package managers in general, but I
believe that the agent should have enough intelligence to "filter"
requests, to understand if it's the case to call the package manager or
not, rather than blindly rely on if_elapsed to save resources.
The problem I see with if_elapsed is that, for example, in some cases
you want a package upgrade to take place immediately, at the first run
of the agent after the policy change (think of a critical bug as
heartbleed...). If I have to wait on if_elapsed, it's bad.
Of course I can work around if_elapsed by, for example, adding a new
promise (instead of adding to the list of the packages that I want to
always be at the latest version). I am happy to have a workaround and
bend CFEngine to my needs, but wouldn't it be much better if the
functionality did what it is supposed to?
I have an idea buzzing in my head since days, for which I haven't
sketched an implementation. If it was doable, it would also match (and
improve) your proposal. Rather than conditioning the package
installations/removals/upgrades to the same bounds as the package list
update, it would probably make sense to have the package list updates
save a cache in a "neutral" format (like it happens now), and have that
cache checked at every run by "your" package promises to decide if it's
the case or not to call the package manager, and get rid of if_elapsed.
From the top of my head, the package cache should include:
* package name (of course)
* installed version (or a marker like - if it's not installed)
* candidate version (version that the PM would install on upgrade)
* architecture
Notice that the candidate version is not necessarily the latest/highest
version available in the repositories. E.g., on my system I have:
> bronto@murray:~$ apt-cache policy gnome-shell
> gnome-shell:
> Installed: 3.8.4-5
> Candidate: 3.8.4-5
> Version table:
> 3.8.4-8 0
> -1
http://http.debian.net/debian/ jessie/main amd64 Packages
> *** 3.8.4-5 0
> 700
http://debian.lth.se/lmde/latest/ testing/main amd64 Packages
> 100 /var/lib/dpkg/status
> 3.4.2-7+deb7u1 0
> 1
http://http.debian.net/debian/ wheezy/main amd64 Packages
As you can see, the versions available for gnome-shell are
3.4.2-7+deb7u1, 3.8.4-5 and 3.8.4-8. However, due to APT pins, 3.8.4-8
is not the candidate. In this case, I would expect the cache to contain
something like
gnome-shell,3.8.4-5,3.8.4-5,amd64
rather than
gnome-shell,3.8.4-5,3.8.4-8,amd64
On the other hand, this is exactly what the agent should be doing
already, but it doesn't. So I am really wondering if I am re-inventing
the wheel rather than inventing a better one... Does this all make sense?
Ciao!
-- bronto
PS: I am not turning down the efforts of you guys to make this part of
CFEngine better, I don't mean to in any way. It's just that managing
packages is such a fundamental part of managing systems that it hurts
when it doesn't work the way we'd all want and expect and like.