Currently you can manually create and then install a package with a
version not containing a pkgrel. The created local database entry is
invalid as the directory name can not be split by _alpm_splitname due
to the assumtion of hyphens separating name-pkgver-pkgrel.
Ensure the package has a valid version when it is loaded. Fixes FS#35514.
Signed-off-by: Allan McRae <allan@archlinux.org>
On 32bit systems, the progress bar intergrity checking can show values
greater than 100% with large transactions. This is due to the total
size of all package files being greater than a size_t. Use uint64_t
for these sizes.
Fixes FS#36608
Signed-off-by: Allan McRae <allan@archlinux.org>
If any package in a sync transaction is missing a required signature,
we give an uninformative error message (which may or may not state that
the missing signature is the issue). Always output the package with
the missing signature.
Signed-off-by: Allan McRae <allan@archlinux.org>
Function pointer gets uselessly compared for NULL in
every iteration. Move the condition to do it just once.
Signed-off-by: slavomir vlcek <svlc@inventati.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
If the server redirects from ${repo}.db to ${repo}.db.tar.gz pacman gets
this wrong: It saves to new filename and fails when accessing
${repo}.db.
We need the remote filename only when downloading remote files with
pacman's -U operation. This introduces a new field 'trust_remote_name'
to payload. If set pacman downloads to the filename given by the server.
The field trust_remote_name is set in alpm_fetch_pkgurl().
Fixes FS#36791 ([pacman] downloads to wrong filename with redirect).
[dave: remove redundant assignment leading to memory leak]
Signed-off-by: Allan McRae <allan@archlinux.org>
This defines a level of interest a user has in a repository. These are
described by the bitmask flags in the alpm_db_usage_t enum:
ALPM_DB_USAGE_SEARCH: repo is valid for searching
ALPM_DB_USAGE_INSTALL: repo is valid for installs (e.g. -S pkg)
ALPM_DB_USAGE_UPGRADE: repo is valid for sysupgrades
ALPM_DB_USAGE_ALL: all of the above are valid
Explicitly listing the contents of a repo will always be valid, and the
repo will always be refreshed appropriately on sync operations.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The symbol 'err' refers to err() from err.h, and is wisest to be avoided
as a variable name.
Reference: http://man7.org/linux/man-pages/man3/err.3.html
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Allan McRae <allan@archlinux.org>
* append "/" to directories before searching package file lists
* use lstat over stat so symlinks aren't resolved
* fix the inverted check for stat's return value
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
These references to bug numbers assume we will forever be using that bug
tracker. It is better to properly comment the code instead (which was
done in almost all cases anyway).
Signed-off-by: Allan McRae <allan@archlinux.org>
Using setlocale in the backend is bound to lead to frontend issues
and we have have been using epoch in our databases since April 2007
(commit 47622eef). Remove support for old style times.
Signed-off-by: Allan McRae <allan@archlinux.org>
We currently only warn if a directory's permissions differ, but using -Qkk
on my system shows that directory permissions tend to change in packages
reasonably frequently without notice. Provide a warning in such cases
so that it can be altered. Example output:
(1/1) reinstalling nginx
warning: directory ownership differs on /var/lib/nginx/proxy/
filesystem: 33:0 package: 0:0
Signed-off-by: Allan McRae <allan@archlinux.org>
If a sync DB is malformed and contains entries in the root of the
archive, load_pkg_for_entry will leave the 'filename' variable empty,
leading to a crash in the ensuing strcmp() calls which determine the DB
fragment being examined.
While this isn't a read error, this should be reported to the user so
that it can be addressed by the creator of the DB.
As seen: https://bbs.archlinux.org/viewtopic.php?pid=1297766
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
On operating systems we support, the behavior is always such that the
kernel will do the right thing as far as invalidating the file
descriptor, regardless of the eventual return value. Therefore,
potentially looping and calling close multiple times is wrong.
At best, we call close again on an invalid FD and throw a spurious EBADF
error. At worst, we might close an FD which doesn't belong to us when a
multi-threaded application opens its own file descriptor between
iterations of the loop.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
It is now possible to invert patterns in NoExtract and NoUpgrade.
This feature allows users to whitelist certain files that were
previously blacklisted by another entry.
Signed-off-by: Allan McRae <allan@archlinux.org>
On upgrades, indirect dependencies were not being detected if there was
a dependency in between them that was not part of the transaction. For
example, with the dependency chain: pkg1 -> pkg2 -> pkg3, if pkg1 and
pkg3 are being upgraded but not pkg2 pacman would not order pkg1 and
pkg3 properly.
This was particularly problematic when replacements were involved
because the replaced package(s) would be removed at the start of the
transaction. If an install script required the replacer and lacked
a direct dependency, it could fail.
Fixes FS#32764.
Partially fixes FS#23011.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Currently we make no effort to validate the %FILENAME% field in the
repo db. This allows for relative paths to be considered valid.
A carefully crafted db entry with a malicious relative path,
(e.g. `../../../../etc/passwd`) will cause pacman to to
overwrite _any_ file on the target's machine.
Add the following validation:
- doesn't start with '.'
- doesn't contain a '/'
- won't overflow PATH_MAX
Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Packages removed due to conflicts are always removed at the beginning of
the transaction and as such can be included in the check for whether all
owners of a directory will be removed in a transaction. Installed
versions of packages being upgraded, other than the one with the
conflict, cannot be used because our transaction ordering is not
intelligent enough to ensure that they are removed prior to the
installation of the conflicted package.
Also, return false from dir_belongsto_pkgs on errors. Previously, we
simply continued which could return true even if we were unable to
actually establish that the package owned the entire tree.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
We always want to work with the package file itself, not its target if
it's a symlink.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
After the initial checks, we either use the path as a directory and have
to append the trailing slash anyway or use it as a file in which case
the trailing slash should be excluded.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
When attempting to install a package (either via -S or -U) and the
signature is missing, the current error message "invalid or corrupted
package (PGP signature)" is very unclear. Instead inform the user
that the package is missing the required signature.
Partial fix for FS#34741.
Signed-off-by: Allan McRae <allan@archlinux.org>
The previous implementation was overly complex with unnecessary checks
and nested conditionals. By reordering the tests and changing them to
all be checks for positive hash matches rather than non-matches, we can
collapse several cases and make the process much more linear. This
removes the need to set hash_orig = "" just to reach some of the checks
and corrects a faulty assumption that files are equivalent when the
hashing process fails.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
p1 and p2 both come directly from the upgrade list without being copied
so they can be compared directly instead of comparing their names.
Also fix minor style violation.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
We currently use the pacman version number in the libalpm.pc file. It makes
more sense to use the libalpm version.
Fixes FS#34967.
Signed-off-by: Allan McRae <allan@archlinux.org>
Remove a question that hasn't been used since the 3.0 days. To prevent
us from having an ugly enum of questions that is missing a bitmask, this
changes the API of the hidden --ask option.
Signed-off-by: Connor Behan <connor.behan@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add details to the doxygen for the initialization and relase functions
of the library.
Signed-off-by: Richard Pougnet <richard@pougnet.ca>
Signed-off-by: Allan McRae <allan@archlinux.org>