[Rpm-maint] [PATCH 4/6] Create a new publicly accessible function, rpmteHeaderOpen
slawrence at tresys.com
Fri Jul 30 20:14:11 UTC 2010
On Mon, 2010-07-26 at 14:48 +0300, Panu Matilainen wrote:
> On Wed, 14 Jul 2010, Steve Lawrence wrote:
> > When the SELinux policy collection plugin is executed, the transaction
> > element has already been closed, and the header cannot be accessed.
> > However, access to the header is needed to extract policy data. The new
> > rpmteHeaderOpen function allows accessing the header of a closed
> > transaction element by opening it if necessary.
> Is there a chance that this gets called on packages which are not yet
> installed? If so, I suspect it'll confuse the heck out of yum's (and
> probably others) transaction callback/progress handling. Also there's no
> guarantee the package file exists after its installed (eg depsolvers might
> delete packages after installing to save diskspace).
> rpmteHeader() is already a somewhat strange interface, adding another
> similar doesn't make it any better... but I don't have any concrete ideas
> off-hand how to make it all saner. One possibility might be having another
> opetional collection hook which gets executed while the element header is
> open to permit whatever data the plugins might need to be collected from
> the headers.
> - Panu -
After talking this over, we think adding another hook is likely the best
solution. But we'll also need change the plugin architecture so that the
plugin can remember state (e.g. which te's have been seen and what
policies they contain). It's not a major change, but does make the
simple plugin arch a little more complex.
Also, I'll be on vacation for the next couple weeks, so it will likely
be a while until we can send the next patchset with the changes made.
More information about the Rpm-maint