Search Communities:
Up to Documents in CNR Client

CNR Client Specifications

VERSION 4 Published

Created on:Mar 20, 2008 4:13 PM by Dr.Jones - Last Modified:  Mar 20, 2008 6:13 PM by Dr.Jones

CNR.com
The purpose of this document is to provide high-level, semi-technical information about the CNR Client to the CNR community.

Purpose


The CNR Client serves the following purposes:

  • Install software on the user's machine
  • Uninstall software from the user's machine
  • Inform the user when there is an update available for software installed on his/her machine
  • Provide feedback to the server on installation success/failure to improve service quality

This represents a big change in terms of how the user interacted with the original CNR client and how the user will interact with the new CNR Client. In the original CNR client, the user could interact with the website because the CNR client could display web content. The original CNR client also had ancillary UI to facilitate interaction with the user's account details and services. While this functionality was useful, it was also limited to a small set of Javascript functionality and was dependent on KDE to provide the under pinning of the CNR client code base.

A major design criterion of the new CNR Client is to be easily ported to all of the major Linux distributions and as such, has to be lightweight in terms of functionality and in terms of its dependency tree. For this we chose to develop an entirely new application using the QT framework. The intent of this Client is to assist the web site with installation services and leaves the searching, browsing, and purchasing aspects to the web browser.

Composition


The CNR Client is a simple GUI application based on the QT application framework. It can run as root or the same system permission level as the user that executes it. It has no KDE dependencies so as to be easily portable to Gnome systems. It will also eventually have a command line interface so as to not require X to function.

Client Initialization


When the Client is first launched on the user's system, it must complete several actions to properly initialize itself before it can to perform its functions. Below is a list of those actions in chronological order.

  1. The Client must first create a set of directories in the /var folder. Since the /var folder requires root access, the application sets this process to root level access with setuid to do this work. The following directories as used to store files and information resulting from interaction with the server:
    • /var/lib/cnr/client
    • /var/cache/cnr/client
    • /var/cache/cnr/client/apt
    • /var/cache/cnr/client/lists
    • /var/cache/cnr/client/lists/partial
    • /var/cache/cnr/client/archives
    • /var/cache/cnr/client/archives/partial
    • /var/cache/cnr/client/pool
    • /var/lib/dpkg/ - The Client doesn't create this directory, rather it just needs to access and utilize it for installing and uninstalling packages.
  2. The Client then goes through the "Light Up" process. The Light Up process consists of the Client calling the Light Up web service API and passing to it data needed to identify the OS and machine properly for future interaction with the server including installations. In return for a successful Light Up transaction, the server will pass back a MachineID that the Client will then use to identify the host machine on future API requests.
  3. The Client calls the server to get a list of the supported distributions available on the CNR.com server so that it can attempt to identify the distribution of the machine it is installed on. If the Client cannot identify the host distribution, it will present the user a list of available distributions so that the user can select one from which the Client will base subsequent installs from. Also, this list of distributions will be used by the Client to allow the user to select alternate distributions from which to install from. The name of the web service API is GetOS.
  4. Once the distribution of the machine has been determined, the Client will then request the distribution index for all packages in the said distribution by calling the web service API GetDistIndex. The resulting index file is compressed to roughly a size of 4 megabytes using the gzip library. Once the Client has download the index file, it un-compresses it and then compares the contents of the file to the packages installed on the machine. This is necessary so that the Client can determine the availability of updates and also for the preparation of data that apt needs to process dependency resolution calculations as part of an installation request. This is done during the initialization because it can be a relatively lengthy process that would otherwise decrease the responsiveness needed during the installation process.
  5. Lastly, the Client must match the packages on the local system to the products in CNR.com and this is accomplished by calling and processing the resulting data from the web service API getProductIdsForPkgBins. The Client needs this synchronization to comprehend the environment in which it is operating.

CNR Client GUI


The CNR GUI is a single window with a multi-tab structure with an interface for managing software, viewing action history, and configuring the CNR Client settings. Across the bottom of the window will be several buttons that will vary depending on which tab is selected.

Manage Software


The Manage Software tab is made up of two distinct views whose primary function is to allow the user to see what software is installed on their machine, what software has available updates and the ability to remove or update software from the machine. The distinct views are the list view and the tree view. (coming soon)

The list view displays every package on the machine and because there is generally a one-to-one mapping of packages to products, it can be said that this view shows all products as well. If there are packages on the system that the Client does not recognize, they will be displayed without a product name.

The tree view will display a list of only the top level products, applications, and packages that have been installed by the user to the machine through CNR. Each node in the tree view will be expandable to show the list of packages associated with each product dependencies. (coming soon)

Both views will display the following set of columns in addition to the Product name:

  • Package name
  • Version
  • Architecture
  • Size
  • Update

Additionally, both views will allow the user to select one or many records from the view to be acted on. The user can use a right mouse menu or the buttons at the bottom of the view to engage in an action on the selected products.

The buttons for this tab are:

  • Help
  • Find Software
  • Update
  • Uninstall
  • Close

Software Installation


The installation of software can be initiated through two methods:

  • One is to click on an install now or buy now link on CNR.com, using the Firefox web browser.
  • The other is to have clicked on the Update button in the Client.

If the user is coming from the browser, clicking on an installation link on CNR.com will cause the browser to download a mime document and then to pass that document to the Client because the mime-type for the document will be registered with the OS and the browser as belonging to the CNR Client application.

The mime document will contain XML that looks like the following sample and is referred to as a .cnr file due to the file extension.

<?xml version="1.0" encoding="UTF-8"?> <cnr-client> <product-id>195</product-id> <product-name>9menu</product-name> <action>INSTALL</action> <user-auth-token>5B2433C1-9AE0-AFFA-997A-E7F85E5FC58B</user-auth-token> </cnr-client>

The XML elements are:

  • Product ID is the unique identifier of the product on the server and is how the product is referenced by the client in the API calls that will be required to complete the installation request.
  • Product name is self explanatory
  • Action is the type of action the client is to perform. Actions can be INSTALL, REMOVE and UPDATE. UPDATE is only used by the Client when initiating a request and is not passed down in the .cnr file, however it is defined here to give the user a sense of the data flow.
  • User-auth token is used to pass account identification data from the server to the Client and back. The token has a very limited life span so that it cannot be used to comprise the CNR system in terms of gaining access to non-free products. The token cannot be used to compromise the user's account.

The Client will parse the XML and then determine if the requested product is supported by the distribution the user is using. If the product is supported by the distribution, the Client will shell out to apt to have it traverse the dependency tree and return a result set of packages needed to install the requested product. If the product is not supported by the distribution, the Client will inform the user of the situation and cancel the install request.

Then the Client will call the web service api "GetProductActionRequest" for each package in the dependency result set and will pass up the product ID extracted from the .cnr file and the package-bin ID (identifies each package associated with the product install). Next, the server will consider the api request(s) and will attempt to authorize the installation of each package by checking to see if there are any requisites that need to be fulfilled before the installation can proceed.

Requisites are such things as EULAs or ownership of a package (in the case where a package is not free) or a license in the case of a service based product. If a package has requisites, then the server will next check to see if a user-auth token was passed up with the product ID. If no user-auth token was passed up or the token is invalid, the server will respond to the Client with a resolution URL that when opened in the web browser will include a sign in prompt along with the appropriate interface to fulfill the requisite (display a EULA or begin the ecommerce process). When the user signs in, the server will check the product requisites against the user account to see if the requisites were fulfilled previously; it is the same functionality as if a user-auth token is included and is valid.

If the package requires that a EULA be accepted, the user must accept it in order to proceed with the installation. If the user does not accept it, then the install request is cancelled. If the package requires that the user purchase it, then the user must complete an ecommerce transaction before the install can proceed. If no ecommerce transaction is completed, then the install request is also cancelled. If the package requires that a license to a service be purchased, then the user must complete an ecommerce transaction or the install will be cancelled.

Once the requisites have been fulfilled, the server will respond with a new .cnr file so that the client will request the same action, only now that the requisites have been fulfilled, the server will authorize the installation, which is the same behavior when the package set has no requisites to fulfill. In this case, the response from the server is still a URL, but it is a download URL instead of a resolution URL. The Client downloads the packages from the server using the URL returned to it in the GetProductActionRequest response.

Once the package set has been downloaded, the Client will verify that the size of the downloaded packages are the same as what the server sent and it will verify that the package sign sent by the CNR server is valid to protect against man-in-the-middle attacks.

At this point the CNR Client has valid packages to fulfill the package solution set for the requested product, the Client will shell out to dpkg to install the packages. Once that process is completed, the installation is complete and the Client UI will be updated to reflect the completion of the process. Then the Client will call the ProductActionReport API to inform the server on the result of the installation request.

Software Removal


The removal of a product from the user's machine is initiated from the CNR Client by selecting the product to remove and then clicking on the Uninstall button. When the Uninstall button is clicked on the Client will shell out to apt-get and dpkg to remove the specified package from the user's machine. Once that process is completed, the Client will update its UI.

Software Update


The user selecting a product that has an update available and clicking on the Update button initiates the updating of a product on the user's machine from the CNR Client. From that point on, the process is the same as the standard installation process.

The CNR Client knows there are updates by comparing the packages that are installed on the user's machine to the index of packages the server gives it once every 24 hours. The packages that have a higher version on the server indicate that there is an update available and so the Client displays that status.

History Tab - In Progress


This tab will show a history of the last actions performed by the Client on this machine. The default configuration is to show the last 100 actions, but this setting can be increased or decreased by the user to suit their preference. The columns displayed are as follows:

  • Action Description: This will describe the action as an Install, Uninstall or an Update in the parent node with the following actions listed as child nodes:
    • Synchronize with CNR.com
    • System sanity check
    • Calculate product dependencies
    • Product dependency sanity check
    • Download product files
    • Install product files
  • State: This will display one of the following states as the action progresses
    • Pending
    • In Progress
    • Completed - Successful
    • Completed - Failure
    • Completed - Canceled
  • Completion Date/Time Stamp

The buttons for this tab are:

  • Help
  • Pause
  • Resume
  • Cancel
  • Close

Configuration Tab - In Progress


On this tab the user will be able to change the appearance and aspects of the CNR Client. The interface will have a list of configuration modules to the left and a workspace in the body of the interface. The list of modules includes:

  • Look and Feel: This module will allow the user to apply the following changes:
    • Choose a skin for the Client
    • Set the number of actions to log in the history before they are dropped
  • Distribution Selector: This module will allow the user to select the sever they wish to download packages from and choose the distribution they wish to install from. Initially the distribution will be set to the detected distribution and if one cannot be detected, then the Client will have prompted the user to choose during the initialization phase.

CNR Command Line Interface - In Progress


The CNR Client will have a command line interface so that the user can perform some of the same functions as the GUI without a dependency on X.

Tags: client, cnr, specifications
Average User Rating
(0 ratings)




Comments (0)

There are no comments on this document

Actions

More by Dr.Jones

View Dr.Jones's profile