This is a safety measure to prevent simple code injection.
$ i="foo bar"
$ eval i="$i"
bash: bar: command not found
$ eval i=\"$i\"
$ echo "|$i|"
|foo bar|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
If any of pkgver, pkgrel or epoch contained a variable substitution,
then it needed to be evaluated before checking its value conformed
to the rules.
[Dan: add quotes around RHS]
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
makepkg --source is a often used go make source package like for AUR.
Have a -S shortcut will save the world.
Signed-off-by: Sebastien Luttringer <seblu@seblu.net>
Signed-off-by: Dan McGee <dan@archlinux.org>
In this case, we skip the epoch versioning entirely, as if it were
declared as 0.
Prevents errors such as:
/usr/bin/makepkg: line 244: ((: ! : syntax error: operand expected
(error token is " ")
==> Finished making: cower-git :20110808-1 (Mon Aug 8 17:17:27 EDT
2011)
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Move the source integrity checking into its own function as the code
was duplicated and is now more complicated with the separation of the
two checks types.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Allows the skipping of all integrity checks (checksum and PGP) or
either the checksum or PGP checks individually.
Original-patch-by: Wieland Hoffman <theminew@googlemail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Many projects provide signature files along with the source code
archives. It's good to check these, too, when verifying the integrity
of source code archives.
Not everybody is using gpg so the verification can be disabled with
--skippgpcheck.
Additionally, only a warning is displayed when the key that signed the
source file is unknown.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
When epoch, pkgver and/or pkgrel were overridden in a split package
function, makepkg failed hard finding the real version for checking
if packages were already built or trying to install packages. Fix
the get_full_version function to deal with overrides and return the
actual package version.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We can override pkgver and pkgrel so it is only logical to add epoch
to that list
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Check any overrides of the "arch" variable contain the required
architecture.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Enforce syntax checking for pkgrel and pkgver overrides in package
functions.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
There is always someone who tries to break things (cough *Dave* cough...)
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Specifying a filename with spaces in a PKGBUILDs noextract array fails
due to a lack of quoting.
Fixes FS#25100.
Reported-by: Thomas Weißschuh <thomas_weissschuh@lavabit.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
There is no need for a writable PKGDEST when using the --nobuild or
--geninteg flags.
Allan: added --geninteg
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We nuke it from the completion file as well along with its longopt.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The '[[ -z' test in in_array() is redundant, so remove it.
Signed-off-by: DJ Mills <danielmills1@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Instead of hacking around the error trap, simply do an explicit
test for failure.
Signed-off-by: DJ Mills <danielmills1@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This adds the '.tar.Z' option to both repo-add and makepkg for no other
reason than "why not", and because bsdtar supports it natively with the
'-Z' flag. Also update the documentation accordingly.
Signed-off-by: Dan McGee <dan@archlinux.org>
vim recognises what type of shell script it's dealing with by looking at
the shebang. If detection fails it falls back to sh which doesn't
support some bash features. Adding a normal, possibly broken, shebang
which gets fixed by the Makefile allows vim to detect bash syntax.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
Otherwise there is no way to easily test or run with a standalone config
file without outside interference.
Signed-off-by: Dan McGee <dan@archlinux.org>
The path was not being stripped from $file before prefixing with
$srcdir resulting in the attempted removal of a very weird
filename.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Fixes FS#24893.
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
* 'master' of git://projects.archlinux.org/pacman:
pactree: carry a list of databases for dep resolution
makepkg: Remove a lone quotation mark
makepkg: remove the cleancache option
Don't require a transaction for sync DB updates
Move locking functions to handle
Add a 'valid' flag to the database object
Move database 'version' check to registration time
Do database signature checking at load time
This is a fairly useless feature given all it does is an "rm" on a
directory. It is also unlikely that you would want to remove the
entire SRCDEST anyway, but rather just the old files.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
There was a lot of inconsistency in how strings that should not be
translated (program names, option flags, PKGBUILD directives, etc) were
handled. This patch moves them all outside the gettext invocation for
consistency and to prevent accidental translation.
Note that some of these may need reverted if they cause difficulties in
translation due to gettext usage in bash not taking positional parameters
for arguments. A quick survey of current translations indicates that this
issue will be rare. Also, we should be able to catch these before a full
string freeze given we are going to probably need a "developer preview"
release before the next release series.
Signed-off-by: Allan McRae <allan@archlinux.org>
This is the first step at separating the pacman message catalog and the
scripts message catalog. Makefiles, configure.ac, and other such files
are adjusted accordingly, as well as renaming files. The TEXTDOMAIN of
scripts is also adjusted.
Note that no actual pot or po files get changed here; these will get
pruned in a future commit so each catalog contains only the necessary
messages.
Signed-off-by: Dan McGee <dan@archlinux.org>
Way back in c94bfbaba when refactoring makepkg options handling, I added
these lines to unset MAKEFLAGS if '!distcc' was set in a PKGBUILD (not
taking into account makepkg.conf settings). This was an attempt to say
"if it is broken in distcc, it is probably broken even more". However,
this is silly as one should be using '!makeflags' as well. Remove the
linkage.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add a function that checks for the software needed by makepkg to
process a PKGBUILD with the requested options. This allows makepkg
to bail early in the packaging process.
Many other checks can be added to this function...
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Contractions are less clear for non-native speakers so should be
avoided (and cause syntax highlighting issues). Also, the 'provides'
and 'depends' strings are not to be translated.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add a BUILDDIR variable (which can be overridden in the environment)
to specify an alternative location for building the package. This is
useful for people who want to build on a different filesystem for
improved performance (e.g. tmpfs).
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This patch enables the automatic compression of executable binaries
using UPX when the 'upx' options is specified in makepkg.conf or the
PKGBUILD. Additional arguments can be passed to UPX by specifying
the UPXFLAGS variable.
Original-patch-by: Bryce Gibson <bryce@gibson-consulting.com.au>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Create source package files inside the fakeroot environment to
ensure reasonable ownership of files within the archive.
Fixes FS#24330.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This move the getopt replacement function parse_options out of
makepkg.sh.in and into a separate file. The code is inserted
into the relevant place in makepkg using m4.
This will allow the reuse of the option parsing code in other
scripts (i.e. pacman-key) while avoiding code duplication.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Clarfiy that it is unwanted files are being removed rather than "other"
files (whatever they are...).
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
When creating a source package using an non-local buildscript via
the -p option, the inclusion of changelog and install files would
fail. Fixes FS#24567.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The user adds libaries to the depends array without a version. These
must end with .so.
Example: depends=(glibc libc.so)
find_libdepends() looks for ELF files (not symlinks because these could
point outside of pkgdir) in $pkgdir, extracts the library sonames the
binary links to and outputs depends seperated by spaces.
This list contains all libraries needed by the package.
Example: libfoo.so=3-64
write_pkginfo() only keeps .so depends with version information and warns
the user about unneded ones.
Support-by: Thomas Bächler <thomas@archlinux.org>
Support-by: Christoph Schied <Christoph.Schied@uni-ulm.de>
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
The user adds libaries to the provides array without a version. These
must end with .so.
Example: provides=(readline libreadline.so)
find_libprovides() looks for .so files (not symlinks because these could
point outside of pkgdir) in $pkgdir, extracts the library soname (ld
links the binary to this name) and outputs provides seperated by spaces.
This list contains all libraries provided by the package.
Example: libfoo.so=3-64
write_pkginfo() only keeps .so provides with version information and warns
the user about unneded ones.
Support-by: Thomas Bächler <thomas@archlinux.org>
Support-by: Christoph Schied <Christoph.Schied@uni-ulm.de>
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
The help message changed to match the one rankmirrors script has.
It's clearer as to what the --help switch does.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add the "GPGKEY" option to makepkg.conf for specifying signing packages
with the non-default key from the keyring. Is overridded by makepkg's
--key option.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
GNU su supports the -c option to specify a command to execute.
However, other flavours of su may have a different interpretation
of the '-c' flag (e.g. FreeBSD and OpenBSD).
The behaviour is correct when '-c' follows an explicit username.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
A non-GNU version of awk may not support the (|...) syntax for
an optional group and require '()' to match an empty string.
The (...)? syntax is more appropriate for this usage.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Trailing backslahses can lead to additional spaces at the front
of extracted entries. See FS#23524. Strip these while parsing
the PKGBUILD entries.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The use of "tr" only leads to trouble. Remove unnecessary usage
of it from within makepkg.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
to quote dan:
"turkish will FUCK YOU UP. this is not the first or the last time"
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Three new command line options were added:
--sign: forces the generation of a signature for the resulting package,
taking precedence over the value in makepkg.conf
--nosign: do not sign the resulting package
--key <key>: use a different key than the user's default for signing
the package.
A check is performed to ensure the user has (provided) a valid gpg key
for signing.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
My main motivation was to remove the "sync", which can stall for
minutes on a busy machine (FS#23378). I also cleaned up the redirection.
Signed-off-by: Jan Steffens <jan.steffens@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a rather simple patch to add signing support to makepkg. Add a
create_signature() to makepkg, add a 'sign' BUILDENV option in makepkg.conf,
and document the changes in the makepkg.conf manpage.
Signed-off-by: Geoffroy Carrier <geoffroy.carrier@koon.fr>
Signed-off-by: Dan McGee <dan@archlinux.org>
Prevents issues where optdepends descriptions contain a bracket.
Also, strip all comments from arrays before joining them.
Fixes FS#23307.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
A lot of these were places that should have used the same message but
didn't, or were very easy to convert to using the same message and
letting some of the burden off of the translators.
Signed-off-by: Dan McGee <dan@archlinux.org>
When generating integrity sums, we could get some weird output before due to
epoch being uninitialized:
/usr/bin/makepkg: line 234: [[: 2.6.37: syntax error: invalid arithmetic operator (error token is ".6.37")
Signed-off-by: Dan McGee <dan@archlinux.org>
Adding the "|| true" to the subshell prevents bash-3.2 setting off the
error_trap but requires changing the if statement.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Fixes bash-3.2 compatibility.
Thanks-to: Dave Reisner <d@falconindy.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The current behaviour, which is placing source packages in PKGDEST if
SRCPKGDEST is not set, is inconsistent with {SRC,PKG}DEST handling and
there is no real advantage in doing so.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
At least in FreeBSD, find always returns 0 if it finds stuff
(imagine that). It doesn't care about the exit status of whatever is
passed to -exec.
This patch makes the checks compatible with this behaviour.
Using xargs and not using grep directly because packages with too many
files would cause grep to complain about argument list being too long.
This should also fix the false positive in packages with no files.
Signed-off-by: Nezmer <git@nezmer.info>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This makes things consistent with everywhere else we are incorporating the
new optional epoch field. Add a helper function that forms the version
string for you and use it in makepkg where I found 'pkgver.*-.*pkgrel'.
This exposes a few shortcomings in a previous "Override pkgver" patch
(2020e629) in the install package and check if built functions.
Signed-off-by: Dan McGee <dan@archlinux.org>
Instead, go the same route we have always taken with version-release in
libalpm and treat it all as one piece of information. Makepkg is the only
script that knows about epoch as a distinct value; from there on out we will
parse out the components as necessary.
This makes the code a lot simpler as far as epoch handling goes. The
downside here is that we are tossing some compatibility to the wind;
packages using force will have to be rebuilt with an incremented epoch to
keep their special status.
Signed-off-by: Dan McGee <dan@archlinux.org>
It is pretty annoying to get one, fix it, and then get another. We should be
able to continue on through most of the sanity checks in one go so the user
gets all the error messages at once.
Also ensure $pkgbase is defined by the time we call this function;
previously we printed nothing where a package name should have been due to
this oversight.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add the "buildflags" option, which is useful in its negative form
for disabling CFLAGS, CXXFLAGS and LDFLAGS when building a package.
This is useful when determining of one of these flags is causing
an issue with a package.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
A PKGBUILD can have an option check() function for running test suites
between the build() and package() stages. This function is run by
default but can be disabled globally in with "!check" in BUILDENV in
makepkg.conf. This setting can be controlled on an individual package
basis using makepkg's --check and --nocheck flags. Addition dependencies
needed for running the test suite can be specified in the checkdepends
array and are only checked when running the check() function.
Original-work-by: Jeff C <jeff@kcaccess.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The closing parenthesis of bash arrays needs to be escaped in the ending
address of awk expressions in order to play nicely with implementations
of awk other than gawk. This change provides compatibility with gawk,
nawk and mawk.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently, using $pkgname in a split package package_*() function
always returns the first value in the pkgname array rather than the
name of tha package being packaged. Fix this so $pkgname gives the
expected value.
Fixes FS#22174
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We should always use $BUILDSCRIPT instead of PKGBUILD. The only
remaining uses of PKGBUILD in makekg are in comments.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Check the over-ridden entries for provides, backup, optdepends and
options for illegal entries. Partially fixes FS#16004.
Signed-off-by: Allan McRae <allan@archlinux.org>
The error message that has been removed never gets to print because, given the
same condition, handle_deps throws the same error and then immediately exits
makepkg.
Signed-off-by: Andres P <aepd87@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
As check_deps is run in a subshell, exit had the same meaning as return.
Since the intention is to halt makepkg when pacman throws an error other than
127, the enclosing function has to handle error control instead.
Fixes FS#19840
Signed-off-by: Andres P <aepd87@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
