The read() underlying fgets() can be interrupted by a signal handler
causing fgets() to return NULL. Before we started handling SIGWINCH,
the odds of interrupting a read were low and typically resulted in
termination anyway. Replace all fgets calls with a wrapper that retries
in EINTR.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
We rely on values in the arch array to be valid as part of variable
names, so extend the arch lint check to catch this.
This also cleans up lint_arch to restrict the use of "lint" only to the
package-specific architecture checks. It previously had an odd
declaration with a conditional expansion that would never be true.
Since source package creation is architecture independent, we should
ignore architecture-dependent behaviors such as the lint check which
will halt execution when the host machine is not a supported arch.
https://github.com/falconindy/pkgbuild-introspection/issues/15
alpm_pkg_get_backup hasn't returned strings since
54ef162a1a in 2011.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If a user manually creates the local database directory, or has an empty
local database for some other reason, we silently add a version file
Signed-off-by: Allan McRae <allan@archlinux.org>
The version of the local pacman database is stored in its root in the file
ALPM_DB_VERSION. The version is starting at 9, corresponding to the
next libalpm library version.
Signed-off-by: Allan McRae <allan@archlinux.org>
This means that a missing local database becomes an error (as it
should be immediately created). Note this only creates the "local"
directory and not its parent, which is checked for during locking.
Signed-off-by: Allan McRae <allan@archlinux.org>
Original-work-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
* convert dbpath from argument to option
* add --config and --root options
* read dbpath and root from config file
* if root is set but not dbpath, dbpath is set relative to root
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
* conflicts need to be freed with alpm_conflict_free
* sync dbs need to be unregistered and are handled by alpm_release
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This prevents updpkgsums from potentially dirtying an otherwise pristine
directory (likely $PWD) when makepkg creates the srclinks.
Signed-off-by: Allan McRae <allan@archlinux.org>
This eval enables the following in a PKGBUILD to "just work":
source=('$pkgname-$pkgver.tar.gz'::'https://host/$pkgver.tar.gz')
This has at least two problems:
- It violated the principle of least surprise.
- It could be a security issue since URLs are arbitrary input.
Instead, expand the dlagent command line into an array, replace the %o,
%u place holders, and run the resultant command line as is.
Embedded spaces in the DLAGENTS entry can be escaped with a backslash.
Fixes FS#41682
Signed-off-by: Allan McRae <allan@archlinux.org>
Git has the ability to use helper applications for interfacing with hg,
and from what we had before, the following url::
foo::git+hg::http://foo.bar/foobar
would get converted to something along the lines of:
filename: foo
URL: http://foo.bar/foobar
and the 'git+hg' part would essentially be ignored when it's getting set
up in the 'get_protocol' and 'get_downloadclient' functions. With this
patch it is possible to have a source link with '::' in it, however it
is not possible to have a filename with '::', which is the current
behavior.
Signed-off-by: Allan McRae <allan@archlinux.org>
Prevents trust being spoofed by using TRUST_FULLY in the signatory's name
or in an added notation.
Fixes FS#41147.
Signed-off-by: Allan McRae <allan@archlinux.org>
The example for human-readable values must not contain a space between
the value and the unit; otherwise, pkgdelta will not recognize the
command options and will error out.
In prose, however, there should be a space between the value and the
unit.
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
Remove blank lines immediately following section headings.
Ensure two blank lines before the start of a new section.
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
Notable changes:
* Add double quotes around printf-like formatting options for "--print-format"
* Add a missing backslash in '--force'
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
In 5acfa65f when adding a new variable (hit_mtree), the initialization of a
variable (config) was dropped, which could lead to loading invalid package
files, i.e. files that aren't archive (no metadata loaded) would return a new
alpm_pkg_t with everything set to 0/NULL.
Depending on the operation/use of the package, this could lead to segfault.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This introduces support for architecture-specific conflicts, depends,
optdepends, makedepends, replaces, and conflicts by appending "_$CARCH"
to the array name. For example, in the global section:
arch=('i686' 'x86_64')
depends=('foo')
depends_x86_64=('bar')
This will generate depends of 'foo' and 'bar' on x86_64, but only 'foo'
on i686. Moreover, this is supported in the package functions with the
same heuristics as the generic names, e.g.
...
arch=('i686' 'x86_64')
depends=('foo')
...
package_somepkg() {
depends_x86_64=('bar')
...
}
Again, will cause x86_64 to have depends of 'foo' and 'bar', but only
'foo' for i686.
Break apart each of the blocks into their own separate functions. And,
instead of the hand crafted eval statements, reuse the logic from
pkgbuild-introspection[0] to abstract away the complexities of parsing
bash.
This commit fixes at least 3 bugs in check_sanity:
1) The wrong variable is shown for the error which would be thrown
when, e.g. pkgname=('foopkg' 'bar^pkg')
2) The "arch" variable is not sanity checked when the PKGBUILD has
an arch override, but only one output package.
3) https://bugs.archlinux.org/task/40361
Lastly, there's some string changes here which should help to clarify
a few errors emitted in the linting process.
[0] https://github.com/falconindy/pkgbuild-introspection
This makes it clear whether a transaction successfully completed and
allows log parsers to group related actions.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Incorporate memory exhaustion and end-of-stream
checks into the main loop.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Problems due to concurrent running instances of pacman can be difficult
to diagnose. Log a warning to make it more obvious that that's what
happened, that it's a bad idea, and hopefully encourage people who do
things like removing the lock file to run pacman from an install script
to at least be courteous enough to put it back when they're done.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Rather than have individual callers log failure, just
do it directly in _alpm_handle_unlock.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
CHECK_ERR checks gpg_err which is a local variable. Calling
gpg_op_import_result cannot modify it.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Ignored packages are from the transaction remove list which consists of
duplicated packages so a direct pointer comparison is not appropriate.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The actual test object is only used to run the test. Storing test cases
as strings limits the test object scope and allows it to be garbage
collected, reducing memory usage when multiple tests are run.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Only a few of our tests need file snapshots at all and most of them only
need a few files. Taking snapshots of the entire test environment for
every single test is a massive waste.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Consolidates repeated code and replaces dangerous
strdup calls with STRDUP.
Also fix a couple variables named "pkg" that
refer to file paths.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Dependencies are now handled with --nobuild unless specificially skipped.
Using --verifysource will skip dependency checks unless --syncdeps is
specified.
Fixes FS#35057 and FS#36999.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add an array VCSCLIENTS to makepkg.conf that matches vcs source protocols
to the package containing the software needed for handling the source.
Signed-off-by: Allan McRae <allan@archlinux.org>
The documentation very clearly states that the buildfile has to be in
$PWD, but the error thrown by makepkg reference some mysterious "build
directory". Simplify this check so that we more directly check that the
file being referred to is in fact in our $PWD. Revise the error message
when the check fails to more plainly point out the problem.
Signed-off-by: Allan McRae <allan@archlinux.org>
Since 017184fa, alpm_sync_sysupgrade will not add both a replacement and
a literal upgrade to the transaction.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>