The full path to the signature file when it is created is in a temporary
directory so only print the filename.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This prevents a dangling symlink being left behind if the repo goes
from being signed to unsigned.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Avoid some pain in awk's limited handling of command line arguments by
wrapping this in a Bash script. We also default to
@localstatedir@/log/pacman.log when no args are specified, meaning that
-h or --help is required to get the help message.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This addresses FS#25141. We shouldn't remove every empty directory we
come across during the removal process unless it is truly not known to
any other package. This will prevent removal of essential directories
such as '/var/lock/'.
This is accomplished by first checking the empty/non-empty status of a
directory, which was previously done implicitly by calling rmdir() and
ignoring errors. We do this to avoid the next (new) check in most cases,
which is to look at all local packages to see if the to-be-removed
directory is present in another packages' filelist. If we do not find it
anywhere, then we remove it, else we keep the file around.
The pactest has been updated to test more cases, as well as finding a
flaw in the original expected to fail case- we need separate DIR and
FILE based EXIST rules.
Signed-off-by: Dan McGee <dan@archlinux.org>
There is no need for a writable PKGDEST when using the --nobuild or
--geninteg flags.
Allan: added --geninteg
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Put a .gitignore entry at the right level and sort that file
alphabetically.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
It was a bit unclear that both pkgver and pkgrel were included in the
passed version strings; clarify this fact in the manpage. Also include
epoch in the mix now that it exists.
Also make two other minor consistency touchups to code-print variables
in text.
Signed-off-by: Dan McGee <dan@archlinux.org>
This can only ever operate on the local database, and a local package at
that. Change the function signature to take a handle and package object,
add the relevant asserts, and ensure the frontend can detect the package
not found condition when finding packages to pass to this method.
Signed-off-by: Dan McGee <dan@archlinux.org>
converts a pacman log file to a list of installed packages, which should
match the output of `pacman -Q'.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We nuke it from the completion file as well along with its longopt.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The '[[ -z' test in in_array() is redundant, so remove it.
Signed-off-by: DJ Mills <danielmills1@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Instead of hacking around the error trap, simply do an explicit
test for failure.
Signed-off-by: DJ Mills <danielmills1@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The bulk of this commit is adding new tests to ensure the new behavior
works without disrupting old behavior. This is a relatively sane maneuver
when a package adds a conf file (e.g. '/etc/mercurial/hgrc') that was
not previously in the package, but it is placed in the backup array. In
essence, we can treat the existing file as having always been a part of
the package and do our normal compare/install as pacnew logic checks.
Signed-off-by: Dan McGee <dan@archlinux.org>
This adds the '.tar.Z' option to both repo-add and makepkg for no other
reason than "why not", and because bsdtar supports it natively with the
'-Z' flag. Also update the documentation accordingly.
Signed-off-by: Dan McGee <dan@archlinux.org>
This code duplication has always been a rather clumsy casuality of
fixing some past upgrade issues. Unify the removal code across upgrade
and remove operations into a new _alpm_remove_single_package() method
wihch makes it very clear how we handle upgrade and remove differently,
via several conditionals on newpkg.
This commit highlights interesting behavior such as the fact that the
implicit removal in every package upgrade never gets transaction events
or progress callbacks.
Signed-off-by: Dan McGee <dan@archlinux.org>
Fixes "error: no previous prototype for '_alpm_raw_cmp'
[-Werror=missing-prototypes]" warnings, and also prevents someone from
getting the prototypes and functions out of sync.
Signed-off-by: Dan McGee <dan@archlinux.org>
Restore some sanity to the number of arguments passed to _alpm_download
and curl_download_internal.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This means creating a new struct which can pass more descriptive data
from the back end sync functions to the downloader. In particular, we're
interested in the download size read from the sync DB. When the remote
server reports a size larger than this (via a content-length header),
abort the transfer.
In cases where the size is unknown, we set a hard upper limit of:
* 25MiB for a sync DB
* 16KiB for a signature
For reference, 25MiB is more than twice the size of all of the current
binary repos (with files) combined, and 16KiB is a truly gargantuan
signature.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
URLs might end with a slash and follow redirects, or could be a
generated by a script such as /getpkg.php?id=12345. In both cases, we
may have a better filename that we can write to, taken from either
content-disposition header, or the effective URL.
Specific to the first case, we write to a temporary file of the format
'alpmtmp.XXXXXX', where XXXXXX is randomized by mkstemp(3). Since this
is a randomly generated file, we cannot support resuming and the file is
unlinked in the event of an interrupt.
We also run into the possibility of changing out the filename from under
alpm on a -U operation, so callers of _alpm_download can optionally pass
a pointer to a *char to be filled in by curl_download_internal with the
actual filename we wrote to. Any sync operation will pass a NULL pointer
here, as we rely on specific names for packages from a mirror.
Fixes FS#22645.
Signed-off-by: Dave Reisner <d@falconindy.com>
If you are keeping a copy of the old database, you probably want
to keep a copy of its signature too. Also, delete the previously
backed-up database signature if no new one is being copied.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We did some funny stuff here before to allow specifying fully-qualified
package names, such as 'testing/gcc' or 'core/gcc'. However, it was done
by duplicating code, not to mention an early escape if a repository
could not be found for an early target. Something like `pacman -Si
foo/bar core/gcc' would not give expected results, although `pacman -Si
bar gcc' would.
Clean up the code, remove strncpy() usage, and clarify the error
messages a bit.
Signed-off-by: Dan McGee <dan@archlinux.org>
The lone quotation mark in "pacman's" causes issues for some syntax
highlighting. Change the printing of the nessage from echo to printf
so we can invisibly escape it.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The original concept for this script was a bash implementation, but
turned out to be unreasonable at the time due to the efficiencies of the
database format. Since those have been resolved, we can rewrite this in
bash as a much simpler script.
All the action happens in a single line, but we add extend this a
little, binding to gettext to keep our pacman translations intact.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The supposed safety blanket of this function is better handled by
explicit length checking and usages of strlen() on known NULL-terminated
strings rather than hoping things fit in a buffer. We also have no need
to fully fill a PATH_MAX length variable with NULLs every time as long
as a single terminating byte is there. Remove usages of it by using
strcpy() or memcpy() as appropriate, after doing length checks via
strlen().
Signed-off-by: Dan McGee <dan@archlinux.org>
Allow command-line options to accept multiple arguments without
additional quoting by taking the list of arguments until one
starting with a "-" is reached.
The only current use of this is the --pkg option in makepkg. This
allows (e.g.)
makepkg --pkg foo bar
and packages "foo" and "bar" will be built.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This allows options specified with a trailing "::" to optionally
take arguments.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We can readily detect the first node in a list by checking if
node->prev->next is NULL. So there is no need to pass the head
of the list to this function and its prototype now looks like
all the other item accessors.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The only thing this accessor did was remove the const qualifier
given our entire list implementation requires passing around the
head anyway.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
They are placeholders, but important for things like trying to re-sync a
database missing a signature. By using the alpm_db_validity() method at
the right time, a client can take the appropriate action with these
invalid databases as necessary.
In pacman's case, we disallow just about anything that involves looking
at a sync database outside of an '-Sy' operation (although we do check
the validity immediately after). A few operations are still permitted-
'-Q' ops that don't touch sync databases as well as '-R'.
Signed-off-by: Dan McGee <dan@archlinux.org>
Show output in -Qip for each package signature, which includes the UID
string from the key ("Joe User <joe@example.com>") and the validity of
said key. Example output:
Signatures : Valid signature from "Dan McGee <dpmcgee@gmail.com>"
Unknown signature from "<Key Unknown>"
Invalid signature from "Dan McGee <dpmcgee@gmail.com>"
Also add a backend alpm_sigresult_cleanup() function since memory
allocation took place on this object, and we need some way of freeing
it.
Signed-off-by: Dan McGee <dan@archlinux.org>
The error code is in fact a bitmask value of an error code and an error
source, so use the proper function to get only the relevant bits. For
the no error case, this shouldn't ever matter, but it bit me when I was
trying to compare the error code to other values and wondered why it
wasn't working, so set a good example.
Signed-off-by: Dan McGee <dan@archlinux.org>
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.
* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
a simple integer success/failure value. This allows callers to
determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
returned status code; pm_errno is now set only to PKG_INVALID_SIG or
DB_INVALID_SIG as appropriate.
Signed-off-by: Dan McGee <dan@archlinux.org>
Now that the filelists capture mode and size information, we can read
the data from there and prevent having to loop through and uncompress
every archive to check required diskspace usage.
Signed-off-by: Dan McGee <dan@archlinux.org>
This allows us to capture size and mode data when building filelists
from package files. Future patches will take advantage of this newly
available information, and frontends can use it as well.
Signed-off-by: Dan McGee <dan@archlinux.org>