1 |
Gentoo's popularity contest package |
2 |
----------------------------------- |
3 |
|
4 |
by davoid and rufiao |
5 |
|
6 |
|
7 |
|
8 |
ABSTRACT: |
9 |
|
10 |
The purpose of this system is to guide the developers of gentoo as to what |
11 |
they |
12 |
should be concentrating on based on what gentoo's users have installed on |
13 |
their |
14 |
system for example. |
15 |
|
16 |
The setup is a client-server system. The server should be stored on |
17 |
gentoo.org |
18 |
It's mainly php and CGI scripts with access to a database. |
19 |
|
20 |
The client is composed of a first-time setup utility and a deamon whose job |
21 |
is |
22 |
to collect data on the system it runs on and to upload this package for |
23 |
analyze |
24 |
to the gentoo.org webserver. |
25 |
|
26 |
The server is composed of a php page that checks if the user can upload to |
27 |
it |
28 |
(so to as limit abuse), and some back-end that would analyze the transferred |
29 |
data and merge it into the table if it is correct. |
30 |
|
31 |
|
32 |
|
33 |
|
34 |
I. Server-side setup |
35 |
1. New user authentication |
36 |
2. Normal package information upload |
37 |
II. Client-side setup |
38 |
1. Contents of tarball |
39 |
2. first-time configuration of deamon |
40 |
|
41 |
|
42 |
|
43 |
|
44 |
I. 1. New user authentication |
45 |
============================== |
46 |
|
47 |
o php server accepts new user's e-mail address in URL form. Server then |
48 |
records |
49 |
into newUsersPendingTable user's IP address, request time and any other |
50 |
relevant |
51 |
information such as browser maybe. The mysql fields filled in by the php |
52 |
server |
53 |
should be filly configurable on the server side using forms. |
54 |
|
55 |
o server sends an email to user with a initial session ID generated using |
56 |
/dev/urandom maybe, or whatever medium php is given. it also saves a record |
57 |
with |
58 |
email/cookie pair in mysql table. |
59 |
|
60 |
(user is required to copy-paste the 128-bit cookie from server that he |
61 |
received |
62 |
at the e-mail address he specified upon initial connection and to put it |
63 |
into a |
64 |
configuration file that deamon will read.) |
65 |
|
66 |
Note here that user is not required to answer to any e-mail. He just has |
67 |
to |
68 |
set up his system. This could be as well implemented in the client's user |
69 |
interface as a box that will hold the initial magic cookie, removing the |
70 |
need of |
71 |
editing an external file. |
72 |
|
73 |
|
74 |
o when client comes online for the first transaction, it provides initial |
75 |
cookie |
76 |
and e-mail associated with that cookie. Server detects it is the first time |
77 |
his |
78 |
client would upload his information |
79 |
|
80 |
o client uploads file to client using POST method. server gives client new |
81 |
session ID as soon as transfer is done. server merges information about |
82 |
packages |
83 |
used, version, system into infoTable adds lastMerged in user's record. |
84 |
|
85 |
|
86 |
|
87 |
|
88 |
I. 2. Normal package information upload |
89 |
======================================= |
90 |
|
91 |
o client connects to server, gives in email address and cookie, starts |
92 |
transfer. |
93 |
|
94 |
o server gives client new session ID by some means (either redirecting user |
95 |
to a |
96 |
new page for which in the URL there is the magic cookie that client has to |
97 |
parse), records lastMerged, starts merging package into infoTable using some |
98 |
CGI |
99 |
script ... |
100 |
|
101 |
|
102 |
Problem: what if client deleted its cookie and wants to upload? cookie |
103 |
invalid? |
104 |
Answer: We could deny access to the database for the user in the future. |
105 |
Problem2: where and how do clients upload their home-made tarball |
106 |
Answer: Clients use the POST method to upload files |
107 |
Problem3: how do we check if the tarball hasn't been modified by the user |
108 |
with |
109 |
bogus information, badly formed data that hog up tables? |
110 |
Answer: the php script should be smart enough to detect this. If script |
111 |
becomes |
112 |
too heavy, there's also CGI and a good perl script. |
113 |
Problem4: table size limited in mysql. |
114 |
Answer: merging into a better database such as postgresql should be |
115 |
condidered. |
116 |
|
117 |
|
118 |
|
119 |
II. Client-side setup |
120 |
====================== |
121 |
|
122 |
|
123 |
II.1. Contents of the tarball uploaded by client deamon to server |
124 |
=============================================================== |
125 |
|
126 |
In the final version, the user who wants to can control what information is |
127 |
colected from his system. |
128 |
|
129 |
- architecture |
130 |
- ram |
131 |
- installed packages |
132 |
- connection to net |
133 |
etc (whatever that the gentoo developers would need to know about their |
134 |
users) |
135 |
|
136 |
|
137 |
|
138 |
|
139 |
|
140 |
|
141 |
|
142 |
|
143 |
_________________________________________________________________ |
144 |
Send and receive Hotmail on your mobile device: http://mobile.msn.com |