Most places in makepkg deal with full file paths, but a few use the
file name only. Protect from potential issues when a file name
starts with a hyphen.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This means multiple packages can be build using the same BUILDDIR
without their source files all ending up extracted in the same
directory. Fixes FS#28417.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently, we try to do a bunch of funkyness constraining download size
to print only when doing a -S/--sync operation. However, it is possible
we try to download packages on a -U/--upgrade operation, and we
currently won't show any itemized download sizes.
Fix this ommission by always including the download size stuff in the
built table rows; this column will be completely omitted anyway if there
are no values due to prior work in commit 33bb7dbd35.
Signed-off-by: Dan McGee <dan@archlinux.org>
Using fputs should be faster as no format string parsing is required. It
also prevents silly errors related to unescaped '%' signs, and removes
the need to double them up in a lot of places.
Signed-off-by: Dan McGee <dan@archlinux.org>
This removes a call to _alpm_local_db_pkgpath() as well as an access()
call when reading the local database. This appears to be code from 2006
that has stuck around. We don't need it because:
1) We never use this path except to check it via access(); however, we
are already in a readdir() loop so it exists, or at least did at the
time of the call.
2) The fopen() and other calls will fail on accessing the database files
anyway, and we need to check those for errors.
Signed-off-by: Dan McGee <dan@archlinux.org>
We had one stubbed out so we didn't require a translation update, and
the other is more a code style issue.
Signed-off-by: Dan McGee <dan@archlinux.org>
Similar to how we manage receipt of SIGINT in pacman's internal
downloader, catch the signal and invoke our own trap handler before
unsetting it and calling the default. This requires a slight
modification to the arguments passed to trap_exit so we can pass the
raised signal to trap_exit (note that we substitue USR1 for ERR since
the latter is unique to bash).
Fixes FS#28491.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Unify the output for local and sync packages by only printing a
list of possible validation types for sync packages. This also
has the advantage of not printing the very long sha256 checksum
which line wrapped on a standard width terminal.
Signed-off-by: Allan McRae <allan@archlinux.org>
When installing a package, store information on which validation
method was used and output this on "pacman -Qi" operations.
e.g.
Validated By : SHA256 Sum
Possible values are Unknown, None, MD5 Sum, SHA256 Sum, Signature.
Dan: just a few very minor tweaks.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Python PEP-394 states that all python code should point at the
python2 or python3 symlinks at maintain cross-distro compatibility.
Note that this does not matter when calling these scripts using
"make check" as they are explictly called using the detected python
version. As this only affects manually calling these scripts, I
have not had configure/make replace the shebangs.
Signed-off-by: Allan McRae <allan@archlinux.org>
Adds the ability to override the commands used to compressing
compiled and source packages. This is useful for those wanting
to use alternative implementations of the compression tools or
non-default compression options.
Allan: documented options in man page
Signed-off-by: Allan McRae <allan@archlinux.org>
No new behaviour introduced, everything should work exactly as before.
Dan: refactored to use the single alpm_depend_t structure.
Signed-off-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is the first step in parsing and handling optdepends. There is no
behavior change introduced in this commit; however, depends that contain
a ": " string will now be parsed as having a description and it will be
stored in the depend structure. Later patches will utilize this new
field as appropriate.
This is heavily based on the work of Benedikt, who did something similar
but introduced a new type for this rather than only a new field to the
existing type.
Heavily-influenced-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
The rest of our scripts have been using `openssl dgst` rather than tools
like `md5sum` for some time, so convert this one too. We also make the
following other adjustments:
* Use a `find -print0 | xargs -0` pipeline so paths with spaces and or
newlines don't totally kill us.
* Ensure the files we write out contain only paths relative to the
database root, where we know the filenames should all be sane.
* Remove use of `diff`, this was the only time we used it in scripts and
we can get a cheap substitute by comparing file checksums instead.
* Only touch the local/ part of the database. It makes little sense to
do anything to the sync/ directory anymore as they are compressed
single files that should be regularly written out in full and won't be
fragmented on any sane filesystem.
Signed-off-by: Dan McGee <dan@archlinux.org>
Verifing the keyring at this point is useless as a malicious package is already
installed and as such has several options to bypass this check anyway.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
* it updates to all translations
* minor fr, pt_BR, de, lt, sk and uk updates
* add new strings in pacman translation catalog
Signed-off-by: Dan McGee <dan@archlinux.org>
Passing the "-L" flag to stat means we get the size of the file
being pointed to for symlinks instead of the size of the symlink.
Keep "-L" usage in repo-add as we want the actual size of the
package/delta/signature there.
Signed-off-by: Allan McRae <allan@archlinux.org>
With multiple items in $libdepends this check only worked for the first
one, everything after this returned an error. This was probably an issue
with \s being treated wrong.
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
libperl.so results in soname="libperl.so.so" which is wrong.
This returns the correct string: "libperl.so"
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
If we begin to create a file list when loading a package, but abort
because of an error to one of our goto labels, the memory used to create
the file list will leak. This is because we use a set of local variables
to hold the data, and thus _alpm_pkg_free() cannot clean up for us.
Use the file list struct on the package object as much as possible to
keep state when building the file list, thus allowing _alpm_pkg_free()
to clean up any partially built data.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is easily triggered via a `pacman -Sc` operation when it attempts
to open a delta file as a package- we end up leaking loads of memory
due to us never freeing the archive object. When you have upwards of
1200 delta files in your sync database directory, this results in a
memory leak of nearly 1.5 MiB.
Also fix another memory leak noticed at the same time- we need to call
the internal _alpm_pkg_free() function, as without the origin data being
set the public free function will do nothing.
Signed-off-by: Dan McGee <dan@archlinux.org>
Ensure we give database signatures special treatment like we already did
for package signatures. Attempt to parse the database name out of them
before taking the proper steps to handle their existence. This fixes
FS#28714.
We also add an unlink_verbose() helper method that displays any errors
that occur when unlinking, optionally opting to skip any ENOENT errors
from being fatal.
Finally, the one prompt per unknown database has been removed, this has
no real sound purpose and we don't do this for packages. Simply kill
databases we don't know about; other programs shouldn't have random data
in this directory anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
It seems that if we pass the permissions that we want the created
directory to have, then we should probably use it...
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add 2012 to the copyright range for all libalpm and pacman source files.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This reworks the implmentation of libprovides for the following
benefits:
- Moves functionality from write_pkginfo() to find_libprovides()
- Only calculates the version for libraries specifically requested
and not all libraries. This has the disadvantage of running find
over the $pkgdir for as many libraries as needed, but is unlikely
to be an issue due to caching.
- The order of the provides array in the PKGBUILD is kept in the
package
- There are more warning messages when things fail and those that
were there are no longer errors (as I do not think failure of
libprovides should result in complete packaging failure)
- It is now modular so can be easy extended to other library types
other than ELF *.so.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Simplify the implementation:
- allocate and manipulate a copy of the passed in path rather than
building out a path as the while loop progresses
- use simple pointer arithmetic to skip uninteresting cases
- use mkdir(3)'s return value and errno to detect failure
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
It can happen that the to-be-downloaded file cannot be created in cachedir.
For example, I am an -Sup user, and it is comfortable to set --cachedir to
/mnt/pendrive, which is a FAT filesystem, so files like
capseo-1:0.3-2-i686.pkg.tar.xz cannot be downloaded to there.
Before this patch, pacman didn't give clear output about what happens when
the download code could not create the necessary file. This can be confusing
with -Su. An example output:
***
$ sudo pacman -S capseo bochs --cachedir /c/TEMP
resolving dependencies...
looking for inter-conflicts...
Targets (2): bochs-2.4.6-1 capseo-1:0.3-2
Total Download Size: 0.61 MiB
Total Installed Size: 2.61 MiB
Proceed with installation? [Y/n]
:: Retrieving packages from extra...
warning: failed to retrieve some files from extra
bochs-2.4.6-1-i686 611.5 KiB 118K/s 00:05 [------------------] 97%
error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded.
***
After the patch, pacman will give more informative error message (and
pm_errno is set properly):
***
error: could not open file '/c/TEMP/capseo-1:0.3-2-i686.pkg.tar.xz.part': Invalid argument
error: failed to commit transaction (failed to retrieve some files)
***
Unfortunately, the "could not open file" error message is printed for
every mirror (that can be dozens of lines), which is ugly, but at least
informative... Without modifying the download logic (for example, by
introducing -2 return value for _alpm_download() to indicate giving up),
this ugliness cannot be eliminated.
Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
Mostly a waste of time. Sure, we no longer make sure your pacman
database partition has enough space, but if you are using this option
you better know what you are doing anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
(cherry picked from commit ee96900605)
This was noted when trying to perform an operation on a pacman database
on a read-only file system. Print the actual underlying errno string,
and only show the "you can remove" message if the lock file actually
exists.
Before:
$ pacman -Su
error: failed to init transaction (unable to lock database)
if you're sure a package manager is not already
running, you can remove /e/db.lck
After:
$ pacman -Su
error: failed to init transaction (unable to lock database)
error: could not lock database: Read-only file system
Signed-off-by: Dan McGee <dan@archlinux.org>
If one had a mountpoint at '/e' (don't ask), a file being installed to
'/etc' would map to it incorrectly. Ensure we do more than just prefix
matching on paths by doing some more sanity checks once the simple
strncmp() call succeeds.
Signed-off-by: Dan McGee <dan@archlinux.org>
Modify parse_options logic to fill an array instead of printing parsed
options. Avoid eval like the plague. Because it is the plague.
Fixes bugs such as FS#28445.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Close FS#28434
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This reverts commit f3fa77bcf1 along with
making other necessary changes to fully back this (mis)feature out until
we can do it correctly.
The quick summary here is this was not implemented correctly; provides
are not fully taken into account in this logic, and making that happen
exposes a lot of other flaws in this code that are covered up later on
in the dependency resolving process by several other pieces of
convoluted and conditional logic.
Tests have been adjusted accordingly. Some test EXISTS conditions have
been removed as we already know the package is installed locally, and we
also are checking the VERSION condition anyway.
With these two related revert commits, we do have some changes in test
pass/fail results:
* upgrade078.py: does not pass, this is due to --recursive getting
removed for -U/-S operations after this commit.
* sync302.py: the version checks have been disabled, so this test
continues to pass but has been scaled back in scope.
* sync303.py: now passes, was failing before.
* sync304.py: still failing, was failing before.
* sync305.py: now passes, was failing before.
* sync306.py: still passes, was passing before.
Signed-off-by: Dan McGee <dan@archlinux.org>
This reverts commit 0903452032.
Tests affected by this revert have been adjusted; additionally a few
EXIST tests have been removed where there is already a VERSION test
doing the job for us.
Signed-off-by: Dan McGee <dan@archlinux.org>
This fixes a problem that occurs if you tell makepkg to remove installed
dependencies (just to be sure) but there are none. As the $ was missing
in front of deplist, the check never happened and 'pacman -Rn' was
called which obviously failed.
Dan: later reported as FS#28448.
Signed-off-by: Christoph Vigano <mail@cvigano.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This wonderful/awful little bash shell variable wrecks havoc on `cd`
calls in shell scripts. Unset CDPATH in makepkg where we use `cd` quite
heavily. In pacman-optimize, we can move the change directory logic into
the bsdtar call so we are left with no usages of `cd` in the script.
Signed-off-by: Dan McGee <dan@archlinux.org>
Fixes compilation on Gentoo, where CPPFLAGS=-I/usr/include/gpgme is
necessary.
The AC_SYS_LARGEFILE macro call has to be before the GPGME checks,
otherwise the GPGME header gives an error about ABI incompatibilities.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>