1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-16 06:15:08 -05:00
Commit Graph

5153 Commits

Author SHA1 Message Date
Allan McRae
0d89c10f4b Prompt to delete packages with signature fails
Offer to remove the bad package when a signature fails to validate
as is done for checksum failures.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:37 +10:00
Allan McRae
4ccf16dff5 Remove retry path from signature validation
Now that the keyring is checked for all needed keys before the
validation, we can not reach a point of a missing key when doing
validity checks for sync operations.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:37 +10:00
Allan McRae
31b9b264c1 Check keys are in keyring before package validation
Keys used to create signatures are checked for presence in the keyring
before package validation is performed.

Signed-off-by: Allan McRae <allan@archlinux.org>

Conflicts:
	lib/libalpm/alpm.h

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:37 +10:00
Allan McRae
198154962b Make decode_signature available to the library
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:37 +10:00
Allan McRae
05745089ac Add function to extract key id from signatures
This does not support all possibilities of RFC4880, but it does
cover every key currently used in Arch Linux.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:37 +10:00
Allan McRae
4ec6848f91 Move key importing into separate function
This will be useful for checking the availablity of all keys before
perfoming validation in sync operations and for downloading a needed
key in upgrade operations.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:36 +10:00
Allan McRae
45b6d36cf7 Make key_in_keychain available in library
In preparation for checking key presence and downloading needed keys
before conflict checking.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:36 +10:00
Allan McRae
c0835ff08e Additions to .mailmap
Standardize on the most common name for email addresses with multiple
name variants.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Chirantan Ekbote
defa561558 Document fakeroot and fakechroot as dependencies
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Allan McRae
fc0ec7644c Remove outdated instructions in pactest README
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Chirantan Ekbote
2d832adf08 Remove conditional checks for fakechroot from test files
We don't want test files to do any checks for fakechroot since we will
print a warning if it is not found.

Signed-off-by: Chirantan Ekbote <chirantan.ekbote@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Chirantan Ekbote
2f137fdd39 Print a warning if fakechroot is not found
Fixes FS#33551.

Signed-off-by: Chirantan Ekbote <chirantan.ekbote@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Andrew Gregory
1631255357 use strtok_r to parse multi-value config options
This prevents multiple spaces between values from being
parsed as empty values.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Andrew Gregory
ec339969d9 document that stdin must not be a tty to read from it
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Allan McRae
7956441350 Better error message with "-" is specified without stdin
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Allan McRae
5c5cdb0eb9 doc: update PKGBUILD man page
Rearrange the functions section of the PKGBUILD man package. Clarify
that the package() function is a requirement and the rest are all
optional.  Note that $pkgdir should only be used in the package()
function.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Allan McRae
f170a94c13 makepkg: make $pkgdir non-accessible during build()
The idea of having separate build() and package() functions is that
build() is run as a normal uses and package() as (fake)root.  Any
files placed in $pkgdir during build() can have the wrong permissions.

Restrict access to $pkgdir during build() - unless there is no package()
function.

Also, set $pkgdir to something "useful" during build().  For split
packages, this uses "<path>/pkg/$pkgbase" because it is not obvious
which $pkgdir is being referred to.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Andrew Gregory
274c3890b0 make test/scripts/human_to_size.sh executable
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Andrew Gregory
529cf928ab add missing utilities to contrib/README
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Andrew Gregory
6617182229 unset executable bit on updpkgsums.sh.in
No other contrib script is executable.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Dave Reisner
7edd262a06 inline libarchive compat wrappers
Suggested-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Allan McRae
05d83c46fd Document LocalFileSigLevel and RemoteFileSigLevel
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Allan McRae
33b3b6d9b8 Add configuration option for Upgrade operation SigLevel
Add LocalFileSigLevel and RemoteFileSigLevel to control the signature
checking for "pacman -U <file>" and "pacman -U <url>" operations
respectively. The starting value for both these options is SigLevel,
if it is specified in the [options] section, or the built-in system
default. The specified values override and/or supplement this initial
value. Note there is no distinction between setting "Required" and
"PackageRequired" as there are no database options for Upgrade
operations.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-07 10:48:11 +10:00
Dan McGee
3aece8f0ee Restore libarchive 2.8.x compatibility
We still call some of these 'deprecated' methods elsewhere, so this
shouldn't present a problem. When we decide 2.x support is to be dropped,
we should update all of the code to not call deprecated methods.

Allan: Adjusted with respect to previous patches adding libarchive
compatibilty layer.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:37:32 +10:00
Dave Reisner
e1e4bbb79d Use libarchive compat header for relevant symbols
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:37:32 +10:00
Dave Reisner
2a57c2068c add libarchive compatability object
This allows us to support both libarchive 2.8.x as well as 3.x without
deprecation warnings on compile.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:37:32 +10:00
Chirantan Ekbote
266b3dd706 makepkg: Integrate check_install into tidy_install
Rearrange tidy_install so we first remove docs, unwanted files,
libtool files, and empty directories.  Then check for missing backup
files and references to $srcdir and $pkgdir.  Finally compress manpages,
strip debug symbols, and compress executables with upx.

Fixes FS33318

Signed-off-by: Chirantan Ekbote <chirantan.ekbote@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:37:25 +10:00
Dave Reisner
27067b1372 dload: pass back the effective URL to callers of _alpm_download
I suspect that eventually we're going to end up returning a pointer to
an allocated struct to describe the download result, but that's for
another patch when the need arises...

Fixes FS#33508.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:36:58 +10:00
LANGLOIS Olivier PIS -EXT
f21e1f54aa Relax requirement of what constitutes a dead connection
Users have hit issues behind corporate firewalls that initially throttle
downloads to ~1B/sec.

Signed-off-by: Olivier Langlois < olivier.pis.langlois@transport.alstom.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:36:58 +10:00
Simon Gomizelj
cb43bd8dfb Consolidate --foreign/--native filtering
Also fix a small bug where pacman won't check if the sync dbs are first
downloaded when invoked with --native (it should).

Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:36:58 +10:00
Maxime Gauduin
8624eddb31 Make sed follow symlinks on Linux
Signed-off-by: Maxime Gauduin <alucryd@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Andrew Gregory
24a78fe731 paclog-pkglist: parse entries with caller info
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Andrew Gregory
66a9b53141 add caller prefix to alpm_logaction
prefix defaults to "UNKOWN" if null or an empty string is provided.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Allan McRae
8308c7b320 Update "missing" file
The latest automake release causes complaints about an out of date
'missing' file during configure.  Sync with upstream.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
William Giokas
457642231e Fix printing of paths
Originally printed a leading \ before all path names as the `' would be
removed during the make. Using '' should be just as good as using `'.

paccache.sh.in:
die "cachedir \`%s' does not exist or is not a directory" "$cachedir"

paccache
die "cachedir \%s does not exist or is not a directory" "$cachedir"

Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Andrew Gregory
6bbf6e8fa1 add doxygen comments to conflict.c
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Dave Reisner
250aaefb27 paccache: pass the --file option to pacsort
Resolves FS#33455.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Dave Reisner
a64a713fc2 pacsort: add -f, --files option for sorting filenames
Teach pacsort to understand package filenames and optionally strip away
some of the context. alpm_pkg_vercmp() intentionally only understands
pure versions, so strings such as '18.0-2-x86_64' and '18.0.1-1-x86_64'
will be compared wrongly.

Partially addresses FS#33455.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Allan McRae
89ecf8cabe Make path to ldconfig configurable
The FHS (2.3) says having ldconfig in /sbin is optional and it is usually
located in /usr/sbin.  So /sbin/ldconfig should not be hard coded in
pacman.  Instead, provide a configure option --with-ldconfig that defaults
to the current path.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Allan McRae
e3d8197d67 Remove leading / for pactest paths
The leading / makes the pactest suite look for the file in the users
filesystem.  This meant the ldconfig tests always passed (even when
broken in pacman...).

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:46 +10:00
Allan McRae
801f7d1033 pactest: handle non-default scriptlet shells
pacman can be configured to use a different shell than /bin/sh for
scriplets.  Pass the cnfigured value to the pactest suite and make the
necessary "copy" of the shell in the test root.

Also update all copyright years in the pactest suite.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:38:34 +10:00
Allan McRae
ad280e1b56 Revert execvp and related commits
This reverts commit 4a8c2852a8.
This reverts commit 993700bc6b.
This reverts commit bb4d2b72c1.
This reverts commit 60b192e383.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-28 23:30:40 +10:00
William Giokas
b27886ab59 makepkg: Formatting consistency in write_pkginfo
The difference between the echo and the printf's in write_pkginfo seemed
to be somewhat sporadic. Also, the INFAKEROOT check was doing the same
exact thing as the SPLITPKG check, but formatted much differently and
consuming two extra lines. I think this makes it more readable than it
was previously, if nothing else.

Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-17 22:32:54 +10:00
Dave Reisner
132e1ac10c dload: avoid showing progress bars on some redirects
RFC 2616 doesn't forbid a 301 or 302 repsonse from having a body, and
servers exist in the wild that show this behavior. In order to prevent
pacman from showing a progress bar when we aren't actually downloading a
package (and merely following one of these pain in the butt redirects),
capture the server response code in the response header, rather than
waiting to peel it off the handle after the download has finished.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Reported-by: Alexandre Filgueira <alexfilgueira@cinnarch.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-17 22:32:54 +10:00
Allan McRae
c628d649f6 Fix release dates
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-17 22:32:54 +10:00
Allan McRae
4a8c2852a8 pmtest: resolve path to scriptlet shell
In order to support a variety of values for the --with-scriptlet-shell
configure flag, pmtest has to be aware of what kind of path was passed,
be it an absolute path or a fragment for a path lookup. For absolute
paths, leave the path alone. For fragments, search the PATH environment
var for the resolved path to the binary. In both cases, join the
resultant path to the root directory defined for the test, not a
pre-determined bin directory.

Fixes FS#31552.

With-contribution-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-17 22:32:54 +10:00
Allan McRae
993700bc6b Do not require full path for scriptlet shell
This increases robustness to the shell location changing paths.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-17 22:32:54 +10:00
Allan McRae
bb4d2b72c1 Do not use full path for ldconfig
The ldconfig binary is not guaranteed to be in /sbin. Change to calling
just "ldconfig" rather than using the full path.

This removed the check that the ldconfig binary exists. However, it is
a reasonable assumption that it will exist if its configuration file
does.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-17 22:32:54 +10:00
Allan McRae
60b192e383 Use execvp for running programs in chroot
This makes us more robust to utilities changing paths.  There is no
functional change when a full path is specified.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-17 22:32:54 +10:00
Andrew Gregory
9c160cf3f3 Allow querying directory ownership
The restriction of not checking the ownership of a directory is
unnecessary given that all the package filelists contain this
information. Remove this restriction, with the expectation that you
might get multiple packages returned for a given directory.
Additionally attempt to minimise the number of files getting through
to the slow realpath call.

Original-work-by: Dan McGee <dan@archlinux.org>
Original-work-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-04 21:49:38 +10:00