[Apt-zip-devel] Re: apt-zip

[François Févotte]

On 2/1/07, Giacomo Catenazzi <cate at cateee.net> wrote:
> * Why do you decompress Packages file in the fetch script?
>   I think it is better to raw copy the file. Then in the host
>   machine you could decompress. In this mannes it doesn't
>   requires bzip2 or gunzip on the remote machine, and it
>   requires less space in medium.

Yes, this is one of the improvements I was considering. I did this in
a first step because it required only slight modifications in the wget
method, whereas decompressing the packages files in the host machine
would have required some modifications in apt-zip-inst too. I intended
my patch to be as light as possible.


> * I think you should export only the name "Packages" to
>   the list of files to download.
>   The fetch script then should test it it exits the
>   .bz2 or the .gz files.
>   (so you remove also the "sed" requirement).

Good idea. I'll do this


> * BTW: we could add an option to download Packages also
>   during normal apt-zip-list operation.
>   So for frequent usage, user don't need double trip.

That was another thing I was considering. In order to do this, I think
we should clearly separate the download directory from the root of the
media. Taht way we could download the packages in a directory and the
indexes in another. This would also remove the constraint that '-a
update' should always be used in conjunction with '-o tar'.


> * -         ${CHECK} \$2 \$4 \$?
>   +         ${CHECK} "\$2" "\$4" "\$?"
>
>   Such quotation are useless, they are removed bye
>   first shell run (in home host).
>   Better is:
>   +         ${CHECK} \"\$2\" \"\$4\" \"\$?\"
>   which on first run convert in
>       check "$1" "$4" "$?"
>   on the fetch script (ready for the second run).

Good catch! I'll fix this as soon as possible. I did


>   But it is not very readable. Anyway it could improve
>   security.

This is why I did this: `apt-get update --print-uris` returns the list
of uris with '0' as the expected size, and without any expected md5
sum. Thus, I had to make sure that the check_md5 function always
received the good number of arguments.

>   General comment.
>   In a long term maybe we should avoid the double run of
>   method scripts: they are not very readable, and it is
>   difficult to understand what code is run on target and
>   what code on home machine.
>   (maybe with %VAR% notation and some sed script that
>   substitute/insert variables and blocks)

If I may give my opinion, I would say apt-zip could benefit from a
rewrite in perl (or any high level scripting language). Having a perl
script (on the local machine) generate a shell fetching script for the
remote system would make it easier to distinguish between the code run
locally and remotely. Besides, this would probably allow smarter
treatments and facilitate trivial tasks such as the command-line
arguments treatment.

Thanks for having taken the time to read my patch.

  François