From 5d2a1223230f808ae3db69c6523aba3a27ee8b04 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 2 Jun 2021 13:49:05 +0200 Subject: add a cache server entry in pacman configuration snippet The server error limit was introduced in pacman 6.0.0, which caused some trouble with pacredir: Returning 404 (not found) is common case and no fatal error. Add a cache server with different address to make sure to request files from pacredir in case the address above was caught by pacman's server error limit. --- README.md | 60 --------------------------------------------------------- pacman/pacredir | 8 ++++++++ 2 files changed, 8 insertions(+), 60 deletions(-) diff --git a/README.md b/README.md index dd64de7..11cbeb2 100644 --- a/README.md +++ b/README.md @@ -69,66 +69,6 @@ make sure you really do have the latest files run `pacman -Syu` *twice*. To get a better idea what happens in the background have a look at [the request flow chart](FLOW.md). -Current caveat --------------- - -With its latest release `pacman` now supports a *server error limit*: Three -download errors from a server results in the server being skipped for the -remainder of this transaction. -However `pacredir` sends a "*404 - not found*" response if the file is not -available in local network - and is skipped after just three misses. - -This new feature is not configurable at runtime, so rebuilding `pacman` with -one of the following patches is the way to make things work with `pacredir`. - -### Disable server error limit - -This is the simplest workaround - just disable the server error limit. - - --- a/lib/libalpm/dload.c - +++ b/lib/libalpm/dload.c - @@ -60,7 +60,7 @@ static int curl_gethost(const char *url, char *buffer, size_t buf_len); - - /* number of "soft" errors required to blacklist a server, set to 0 to disable - * server blacklisting */ - -const unsigned int server_error_limit = 3; - +const unsigned int server_error_limit = 0; - - struct server_error_count { - char server[HOSTNAME_SIZE]; - -We can agree this is not to be desired - in general the feature is reasonable. - -### Support http header to indicate a soft failure - -This solution is simple, yet powerful: -[Support http header 'Cache-Control: no-cache' for soft failure](patches/0001-support-http-header-Cache-Control-no-cache-for-soft-failure.patch) - -By setting the HTTP header `Cache-Control: no-cache` when returning with -the status code `404` (not found) the server can indicate that this is a -soft failure. No error message is shown, and server's error count is -not increased. - -Sadly upstream denied, again. 😢 - -Anyway, pushed this as merge request to Gitlab: -[support http header 'Cache-Control: no-cache' for soft failure](https://gitlab.archlinux.org/pacman/pacman/-/merge_requests/76) - -### Implement CacheServer - -A more complex solution that breaks current API is: -[Implement CacheServer](patches/0001-implement-CacheServer.patch) - -This implements a new configuration option `CacheServer`. Adding a cache -server makes it ignore the server error limit. - -Handling for soft failures is demanded in a long standing upstream bug, and -the given patch could solve it: -[FS#23407 - Allow soft failures on Server URLs](https://bugs.archlinux.org/task/23407) - -Pushed this as merge request to Gitlab: -[implement CacheServer](https://gitlab.archlinux.org/pacman/pacman/-/merge_requests/74) - Security -------- diff --git a/pacman/pacredir b/pacman/pacredir index 0a1e1fc..9df0184 100644 --- a/pacman/pacredir +++ b/pacman/pacredir @@ -1,2 +1,10 @@ # Make sure local service pacredir is running! + +# This is a regular server, so pacredir receives requests for database +# files, but it is also accounted for server error limit. Server = http://127.0.0.1:7077/ + +# Add a cache server with different address to make sure pacman requests +# package files from pacredir in case the address above was caught by +# pacman's server error limit. +CacheServer = http://127.0.0.2:7077/ -- cgit v1.2.3-70-g09d2