This allows for VAR=value and VAR+=value variable declarations.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
These references to bug numbers assume we will forever be using that bug
tracker. It is better to properly comment the code instead (which was
done in almost all cases anyway).
Signed-off-by: Allan McRae <allan@archlinux.org>
Replace spaces with tabs in one instance.
Remove extra spaces.
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
When maintaining a custom repo, often it is undesirable to retain older
versions of packages. This patch adds the --remove option to remove the
current package file and it's signature from disk before adding the new
one to the database. Documentation is also updated. This is an optional
flag and default behaviour (leaving ondisk files alone) is not changed.
Signed-off-by: Phillip Smith <fukawi2@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Given a revoked keyring containing only:
BC1FBE4D2826A0B51E47ED62E2539214C6C11350
We should only disable this specific keyid. This change enforces that the
contents of the -revoked keyring file are full fingerprints which can uniquely
identify a key.
Before:
# pacman-key --populate archlinux
==> Appending keys from archlinux.gpg...
==> Locally signing trusted keys in keyring...
-> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
-> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
-> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
-> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
-> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
-> Disabling key 1390420191...
-> Disabling key E2539214C6C11350...
-> Disabling key 8544EA82113502DE...
==> Updating trust database...
gpg: next trustdb check due at 2014-01-22
After:
# pacman-key --populate archlinux
==> Appending keys from archlinux.gpg...
==> Locally signing trusted keys in keyring...
-> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
-> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
-> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
-> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
-> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
==> Importing owner trust values...
==> Disabling revoked keys in keyring...
-> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350...
==> Updating trust database...
gpg: next trustdb check due at 2014-01-22
Partially addresses FS#35478. This does nothing to confirm whether or not the
key was successfully disabled -- a ridiculously simple request which appears to
be far too difficult for gpg to manage.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Adding this restriction means we can filter any FILENAME entry from
starting with a "/" or a ".". Use the term "dot" as it is more
computing relevant compared to "full stop" or "period" which vary
depending on English locale.
Signed-off-by: Allan McRae <allan@archlinux.org>
given/when has been marked experimental in perl 5.18 because it will
change it 5.20. if/else is ugly, but hiding the generated warning is no
good solution either, so we us if/else for now.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
This also slighty changes the word order in the description for
--newest.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
This allows for somewhat easy templating for PKGBUILDs.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add support for overriding configuration in /etc/makepkg.conf and
~/.makepkg.conf by setting the environment variable CARCH similar to
how SRCDEST and PKGDEST behave.
Fixes FS#35030.
Signed-off-by: Allan McRae <allan@archlinux.org>
Not having a package() function means all building occurs as root
and repackaging can lose permissions. Given the use of package()
functions has been around for years and we deprecated not having
one in pacman-4.1, we can remove support for PKGBUILDs without
package() functions altogether. However, keep PKGBUILDs that have
neither a build() or package() function working.
Signed-off-by: Allan McRae <allan@archlinux.org>
Using PKGBUILDs from stdin means that we can not use pkgver() in
packages. Given we have the "-p" option to pass any file to
makepkg and passing a PKGBUILD in the form "cat foo | makepkg"
does not work, this feature is unneeded.
Signed-off-by: Allan McRae <allan@archlinux.org>
If LOGDEST is set, we may not check that $startdir is writable. Store
the log pipe in LOGDEST instead.
Signed-off-by: Allan McRae <allan@archlinux.org>
bzr support "worked", but didn't handle any of the actual features we
wanted with makepkg. This moves the revision specification to the proper
place (extraction, rather than download), and fixes an additional broken
reference to $repo which was never set.
Fixes FS#35281.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
This new option disables the prepare function. Useful in combination
with -o to get an unpatched copy of the sources for testing purpose.
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If stdout is already redirected, redirecting stderr to stdout can lead
to undesirable results.
Fixes FS#34974.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Copy SVN repos rather than using "svn export" to keep all anotation
files in the repo for build scripts that use (e.g.) "svin info".
Signed-off-by: Allan McRae <allan@archlinux.org>
Using the checkout directory for the SVN config can result in clashes
between config files and files from the SVN checkout. Instead, use
a ".makepkg" directory within the checkout.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add support for all bzr URLs, including "lp:" URLs, in the source array.
This, however, requires an internet connection and will fall back to the
current behavior for offline builds. In that case, only the URL reported
by 'bzr config parent_location' run inside the local repo can be used,
and is outputted.
Signed-off-by: Maxime Gauduin <alucryd@gmail.com>
remove_deps already has a check and won't run unless -r is specified, so
if this was meant to remove dependencies of a failure no matter what,
then it's not doing it, and with -r it is run twice on a failure for no
real reason.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
All those extra '\e[1;'s were just setting bold redundantly or
immediately being cancelled.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Bug exposed by a6291858cc
popd doesn't run in the for loop in download_sources() if the continue
in download_files is executed. Causing the extract_files to extract
everything into $SRCDEST instead of $srcdir
Signed-off-by: Allan McRae <allan@archlinux.org>
grep allows options to be set from the environment with GREP_OPTIONS.
Many of these options will alter grep's output, breaking makepkg.
GREP_OPTIONS=--line-number breaks installed dependency removal, for
instance.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
When VCS sources were updated, we changed into their root directory.
Any following source was then downloaded to an incorrect place causing
a failure in makepkg. Ensure we are always in the $SRCDEST directory
before starting any download.
Fixes FS#34488.
Signed-off-by: Allan McRae <allan@archlinux.org>
I imported this translation from transifex without realising that there
was no strings translated despite being "acitve" on transifex for quite
some time. Remove it until translation begins...
Signed-off-by: Allan McRae <allan@archlinux.org>
This reverts commit 8b03b1a877.
It is much better to download the submodules using separate source entries
and adjust the submodule configs to point at these versions in the
prepare() function.
See https://mailman.archlinux.org/pipermail/pacman-dev/2013-March/016771.html
for an example.
Signed-off-by: Allan McRae <allan@archlinux.org>
Looks like I hosed this pretty hard in 5a5e712c74.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Because --noextract also implies to not download/verify source files, it wasn't
possible to simply do that, without either extracting and/or building.
(Note: --verifysource takes precedence over --noextract)
Signed-off-by: Olivier Brunel <i.am.jack.mail@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Make all VCS download functions uses get_filename to get the repo name.
In addition, creating a working directory from a Bazaar repository now shows
the short-name of the repository, not the full path on disk.
I'm not sure if the name of the variable that holds the basename of the local
clone should still be `repo`, but I have left the variable name for simplicity.
Signed-off-by: Neer Sighted <neersighted@myopera.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Previously makepkg would clone vcs sources in the download function,
regardless of the noextract settings. Now the download_* functions only
download or update the vcs sources, and the new extract_* functions just
create working copies using the specified protocols. The extract_sources
function will call the needed extract function for the protocol
specified. The tarball extraction has also been moved into its own
extract_file function to keep things consistent.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Added an `ask` message function that emulates pacman's appearance.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Color enabled by default, use --nocolor to disable colored output.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Use --nocolor to suppress colored output from pacman-key, otherwise
output will be in color.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Color enabled by default, use --nocolor to turn off colors.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Use the same colors as makepkg in messages. Add in the 'plain' function
as well.
To use the colors, you need to include the term_colors.sh file, or add
definitions for the colors explicitly.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Make makepkg use a recursive clone when creating the working directory.
This will initialize submodules
Signed-off-by: Allan McRae <allan@archlinux.org>
Supported by libarchive as of version 3.1.0 when compiled against lzo2
or in the presence of the lzop binary.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
In makepkg, passing -sr --needed causes there to be a conflict when
pacman goes to remove the dependencies, as the --needed flag is not an
option for pacman -R. This patch makes --needed not get added to the
PACMAN_OPTS array, but it acts like ASDEPS, and is only added to an
install function.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The idea of having separate build() and package() functions is that
build() is run as a normal uses and package() as (fake)root. Any
files placed in $pkgdir during build() can have the wrong permissions.
Restrict access to $pkgdir during build() - unless there is no package()
function.
Also, set $pkgdir to something "useful" during build(). For split
packages, this uses "<path>/pkg/$pkgbase" because it is not obvious
which $pkgdir is being referred to.
Signed-off-by: Allan McRae <allan@archlinux.org>
Rearrange tidy_install so we first remove docs, unwanted files,
libtool files, and empty directories. Then check for missing backup
files and references to $srcdir and $pkgdir. Finally compress manpages,
strip debug symbols, and compress executables with upx.
Fixes FS33318
Signed-off-by: Chirantan Ekbote <chirantan.ekbote@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The difference between the echo and the printf's in write_pkginfo seemed
to be somewhat sporadic. Also, the INFAKEROOT check was doing the same
exact thing as the SPLITPKG check, but formatted much differently and
consuming two extra lines. I think this makes it more readable than it
was previously, if nothing else.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Packages are already in the pkg db were given a warning, and then
readded anyway. With -n specified, the warning is printed, but skips
readding it.
Signed-off-by: Danny George <dangets@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
When building sources with a pkgver function, makepkg will print out the
original version before pkgver() is run, claiming that that is the
package that will be built. This patch simply re-prints the output
later, after pkgver() has been run so people can see which package they
are actually building.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Amazingly, using "sleep 1" to convince btrfs to report correct file
sizes is only a 90% fix. Sometimes more sleep is needed.
Instead we use the --apparent-size argument to du to get actual file
sizes. This is used only on Linux as the various BSDs do not support
this argument.
Signed-off-by: Allan McRae <allan@archlinux.org>
Fun fact about bash: the below is valid and will only ever print 'a'!
fn() {
continue 2
}
for x in {1..5}; do
for y in {a..e}; do
echo "$y"
fn
done
done
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add an mtree file to the package with all file information. This
can be added to the local pacman database on install allowing full
package verification.
Signed-off-by: Allan McRae <allan@archlinux.org>
Places logs in a pre-defined location. The logs are always neatly
labeled with package names and numbers, and this way can be more easily
sent to network shares as they are written or compressed/cleaned en
masse.
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Specifically, we shouldn't allow newlines in the pkgdesc field, as
pacman will ignore the continuation and end the description prematurely
as written to the local DB. Normalize ALL whitespace, replacing it with
single whitespace characters.
Fixes strange errors as seen by FS#32852.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Instead of blindly consuming data from the .PKGINFO file, parse it more
closely and only declare variables as needed.
Should help to avoid nonsensical errors and possibly dangerous command
execution as seen in FS#32852.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Although it should be currently quite obvious what package is being
created when "Creating package..." is printed, it will not be in the
future when a debug package is potentially created too. Also, given
$pkgname is always correctly set when split packaging now, we no
longer need to pass that around.
Signed-off-by: Allan McRae <allan@archlinux.org>
When using the "debug" option in combination with "strip", move the
debugging symbols into a separate directory ($pkgdir-debug/usr/lib/debug)
suitable for creating a package from.
Create hardlinks between debugging symbols of hardlinked files and add
symlinks in the .build_id directory if the binary has a build ID.
Signed-off-by: Allan McRae <allan@archlinux.org>
Unify split and single packages to always use a folder within pkg/
as thier $pkgdir. This will allow a folder for storing a package with
stripped debug symbols to be added within pkg/ too.
Signed-off-by: Allan McRae <allan@archlinux.org>
Move stripping of files to a spearate function that will be expanded
for the handling of creating debug symbol packages.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a "debug" option that appends the compiler flags specified in the
variables DEBUG_CFLAGS and DEBUG_CXXFLAGS in makepkg.conf to their
counterpart buildflags.
Signed-off-by: Allan McRae <allan@archlinux.org>
When using "makepkg -R" without a packge function, we should still
run tidy_install as the user might have added other packaging options
such as (e.g.) '!emptydir' to remove empty directories on repackaging.
Of course we can not revert some options when repackaging without a
package function.
Signed-off-by: Allan McRae <allan@archlinux.org>
Simply add the option to pass the --needed flag to pacman when using -i
with makepkg. When using makepkg in scripts, particularly for git
packages with the new version functions and not just a date, this can
save disk io and time instead of reinstalling.
This would mostly be useful with the --noconfirm option.
Signed-off-by: wgiokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Most of makepkg already uses sentence case. This cleans up the last few
stragglers.
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
After we install dependencies, we source /etc/profile so that new
elements get added to the path. As this can override any local setting
of PATH, we store the full path of the PACMAN variable passed to makepkg.
Also, add a check for PACMAN availability if it is needed to deal with any
dependency operations.
Reported-by: Martin Panter <vadmium à gmail·com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This resolves an inconsistency with how the $PACMAN variable was interpreted.
Previously “makepkg” would extract the first word from the $PACMAN variable
and check that it existed as a command. This appears to have been happening
ever since the variable was implemented in revision 66c6d28 (makepkg: allow
to specify an alternative pacman command). Thus it looks like command
arguments were originally allowed in the variable.
However the run_pacman() function now quotes $PACMAN, so the whole variable
has to be just the command name. This quoting was introduced more recently,
perhaps in revision 622326b (makepkg: fix sudo/su calling of pacman).
Signed-off-by: Allan McRae <allan@archlinux.org>
The package() function has been around since pacman-3.3 and has
significant advantages including limited fakeroot usage and correct
repackaging. The ability to use PKGBUILDs without a package function
will be removed in a future release.
Signed-off-by: Allan McRae <allan@archlinux.org>
There are valid reasons for a source files PGP signature to be changed
(expired key, expired signature, additional person signing...). Thus
providing a checksum for signature files can potentially cause a
PKGBUILD to require unnecessary updating.
Avoid this issue by using "SKIP" for the signature checksum.
Fixes FS#31590.
Signed-off-by: Allan McRae <allan@archlinux.org>
Using the last match in the BUILDENV and OPTIONS arrays allows the
user to easily override these values without specifying the entire
array. For example add "BUILDENV+=(sign)" in ~/.makepkg.conf.
Fixes FS#26701.
Signed-off-by: Allan McRae <allan@archlinux.org>
The list of which download protocol should look in makepkg.conf for the
download agent was hard coded into makepkg. Instead, fallback to checking
the the download agents array for any non-local or (implemented) vcs
source.
Signed-off-by: Allan McRae <allan@archlinux.org>
* For any vcs other that git, the fall through resulted in being handled by the
code for std url, hence fragments were being left on.
* Handle vcs urls than end in a slash correctly, eg http://example.com/project/
Signed-off-by: Gary van der Merwe <garyvdm@gmail.com>
Before this patch, makepkg does not check if $dir is a local clone of
the right repo.
For example, git fetch would be run even if $dir is not a local
bare clone of a git repo in present in source(), but a subdir of
a checked-out one. That means makepkg can potentially fetch from
a completely unrelated remote and update completely unrelated
dirs/files.
This patch adds a check to make sure we are fetching from the right
remote.
Signed-off-by: Mohammad Alsaleh <msal@i2pmail.org>
Before this patch, makepkg would only check if $dir exists as an
indication that a local clone exists. And if $dir does exist, makepkg
will run git fetch inside it unconditionally.
After applying this patch, makepkg will check if the existent $dir is
empty. And if it is, it will be used to store a local clone.
Signed-off-by: Mohammad Alsaleh <msal@i2pmail.org>
Three warnings after someone deliberately typed --noextract is a
tad excessive... Also, an empty $srcdir is perfectly valid when
the source array is empty, although using --noextact then is
wasteful.
Signed-off-by: Allan McRae <allan@archlinux.org>
Rather than calling upon ls for this, use a proper shell function which
uses globbing to determine the existance of files in a directory.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Somewhere in the arg parse refactoring, the args array went away and we
simply stashed our remaining parameters as positionals. Fix this up so
that pkgdelta doesn't mysteriously hang in read_pkginfo().
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
If a pkgver() function is specified, delay checking the package is
built until the pkgver is updated..
Signed-off-by: Allan McRae <allan@archlinux.org>
Do not update VCS sources if --holdver is used. If the VCS checkout
is not present, it will still be downloaded.
Signed-off-by: Allan McRae <allan@archlinux.org>
VCS sources are not needed for --geninteg or --source operations.
This also prevents VCS downloads outputting to stdout, which
prevented piping -g output to the PKGBUILD.
Signed-off-by: Allan McRae <allan@archlinux.org>
Allow SVN repo sources in the form:
source=("<folder>::<repo>#<fragment>")
where <repo> must start with svn (e.g svn+http://) and a <fragment>
can specify a revision (e.g. revision=22).
Signed-off-by: Allan McRae <allan@archlinux.org>
Now that VCS repos are provided in the source array, it becomes too
complicated to have automatic updating pkgver as was the case with
the old VCS PKGBUILDs (there can be multiple repos of different types
in the source array, the VCS repo may not be the package primary
source, etc).
Instead provide an optional way for a PKGBUILD to update the pkgver
value through the specifing of a pkgver() function that returns the
new version string. This is run after all source files are downloaded
so can access the VCS repo if needed.
Signed-off-by: Allan McRae <allan@archlinux.org>
With VCS sources, get_filepath should return the directory of the
checkout. This allows backing up of the VCS checkout when using
--allsource. Fixes FS#21098.
Signed-off-by: Allan McRae <allan@archlinux.org>
Modify get_filename to return the name of the folder with VCS sources.
This fixes output issues in checksum checking.
Signed-off-by: Allan McRae <allan@archlinux.org>
Allow specifing GIT sources using the following syntax
source=('<folder>::<repo>#<fragment>')
This will download the git repo <repo> into <folder> (into $SRCDIR
if set, otherwise $startdir). <repo> must start with "git", but
non-git protocols are handled using (e.g.) "git+http://...".
The <fragment> can be used to specify a branch, tag, or commit to
build from. e.g. branch=maint.
Checksum entries for git sources should be "SKIP".
Signed-off-by: Allan McRae <allan@archlinux.org>
If "SKIP" is provided for an integrity check, abort checking as soon
as possible.
Also swap fork to tr for bash4 conversion.
Signed-off-by: Allan McRae <allan@archlinux.org>
In order to treat all VCS sources as URLs, we need to be able to
deal with more protocols. Rewrite download_sources to use a case
statement so additional protocols are easily added.
Also fix the use of scp to not pass the protocol in the URL
(noticed by William J. Bowman <wjb@williamjbowman.com>)
Signed-off-by: Allan McRae <allan@archlinux.org>
There is no actual code change here, but these related functions
were all over the place which makes this code difficult to adjust.
Signed-off-by: Allan McRae <allan@archlinux.org>
The current VCS packaging support is really, really, really bad.
It is best to strip it out completely before rewriting it.
Signed-off-by: Allan McRae <allan@archlinux.org>
This extra newline leaves a gap that looks strange in of itself,
but is highlighted when piping -g output to a PKGBUILD.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
add the asdeps flag for makepkg so that it does pacman -U --asdeps
[Allan: clean-up whitespace]
Signed-off-by: Daniel Wallace <daniel.wallace12@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This function is the reverse of human_to_size, and converts integer byte
sizes to human readable SI prefixed values.
A logical extension of this might be to mimic the formatter that pacman
uses and allow a second argument to be passed in which can coerce the
size, rather than reducing until the unit count is below 1024.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Update the documentation accordingly to mention that users can expect
huamn readable sizes to be acceptable.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This is a bash wrapper around an awk function that parses human readable
sizes and returns their representative values in bytes, as a string. A
small test harness is added to validate the functionality.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Similar to the case for makedepends, it is useful to be able to
access this information without parsing a PKGBUILD.
Signed-off-by: Allan McRae <allan@archlinux.org>
I have noticed that quite a number of packages fail with "makepkg -R"
when their (make)dependencies are not installed. Adjust makepkg to
check for dependencies when used with -R. This can still be avoided
by using --nodeps/-d.
Signed-off-by: Allan McRae <allan@archlinux.org>
This is already being used (despite not working...) in packages
in the Arch Linux repos.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Allow makepkg to work correctly when used with find from busybox.
Fix handling of cross directory symlinks.
Signed-off-by: Jeremy Huntwork <jhuntwork@lightcubesolutions.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This was missed in the switch to parseopts, and was caught by distcheck.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Fix the creation of the repo-remove symlink in the scripts/ dir
on building.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Rewrite the handling of libdepends. The primary advantage are:
- Moves functionality from write_pkginfo() to find_libdepends().
- The order of the depends array in the PKGBUILD is kept in the package.
- An unneeded libdepends is only a warning and not an error. This allows
putting a libdepend on a library that is dlopened.
- It is now modular so can be extended to library types other than
ELF *.so.
- Finding the list of libraries a package depends only occurs when a
libdepend is specified in the depends array.
Signed-off-by: Allan McRae <allan@archlinux.org>
This is useful for tools that automatically rebuild packages and
thus require to generate a build order. These entries are skipped
by pacman.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently there is no way to access the makedepends for a package
apart from parsing its PKGBUILD. Put these into the .PKGINFO file
with the idea of making them available in the repo dbs so that
automated build tools can readily determine build order.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add CPPFLAGS support in addition to the current CFLAGS and CXXFLAGS.
This keeps compiler flags split up in the same logical way done
everywhere else.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
With bash4 as a requirement, we can use mapfile when reading command
output into an array. mapfile has the advantage of using block buffered
I/O rather than line buffered I/O, making it slightly faster for most
jobs.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Test for file content (-s) rather than just existance (-f). This fixes a
bug that manifests itself in the case of an empty -revoked file. A zero
element 'keys' array would be passed to gpg, forcing it to list and,
subsequently, revoke all known keys.
Bug introduced in d1240f67ea.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
get_pkg_arch checked for the arch variable being overridden in the
package_$1() function when used with a package as a parameter.
However, when there was no override, it did not fall back to the
global value.
Signed-off-by: Allan McRae <allan@archlinux.org>
Instead of creating a subshell for each of these checks (of which there
are many), pass in an expected value and make the check_* function do
the comparison for us, returning 0 (match), 1, (mismatch), or 127 (not
found).
For a measureable benefit, I tested this on a fairly simple package,
perl-term-readkey, and counted the number of clone(2) syscalls to try
and isolate those generated by makepkg itself, rather than the user
defined functions. Results as shown below:
336 before
180 after
So, roughly a 50% reduction, which makes sense given that a single
check_option() call could be up to 3 subprocesses in total.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This script is of questionable value, as it ranks mirrors by an
uninteresting attribute: ping. While the script itself is interesting,
people should be encouraged to rank mirrors by more useful measures,
such as actual speed, locality, or up to date-ness.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This fixes a lot of checks done by makepkg (e.g. to see if a package
is already built and choosing which package to install). Previously,
if a package had both "i686" and "any" versions, the "i686" one
always took precidence regardless of the value of "arch" in the
PKGBUILD for that package. Fixes FS#27204.
Signed-off-by: Allan McRae <allan@archlinux.org>
Use the no-exec mode of $(BASH_SHELL) to check for syntax errors in
shell scripts. Since we use the extglob feature in various places, this
requires that we pass -O extglob to the shell as well, to ensure that
the parser is armed to handle this syntax.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Perform a search for keys that clearly aren't key IDs. This allows
receiving keys by name or email address, but only if the key resolves
unambiguously.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Loop through arguments passed to verify_sig and treat each as a
signature to be verified against a source file. Output each file as its
checked to avoid ambiguity.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This requires an ugly amount of reworking of how pacman-key handles
options. The change simply to avoid passing keys, files, and directories
as arguments to options, but to leave them as arguments to the overall
program. This is reasonable since pacman-key limits the user to
essentially one operation per invocation (like pacman).
Since we now pass around the positional parameters to the various
operations, we can add some better sanity checking. Each operation is
responsible for testing input and making sure it can operate properly,
otherwise it throws an error and exits.
The doc is updated to reflect this, and uses similar verbiage as pacman,
describing the non-option arguments now passed to pacman-key as targets.
Similar to the doc, --help is reorganized to separate operations and
options and remove argument tokens from operations.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This will replace our current options parser used in pacman-key,
makepkg, and ideally elsewhere. It follows heuristics closer to that of
GNU getopt long (and thus pacman itself), with the exception that it
does not allow for options with optional arguments. Due to the way this
parser will be used, this sort of functionality will not be needed.
Instead of relying on eval+set, options are normalized into an array,
OPTRET, which callers should expect to be populated after returning from
parseopts. This avoids problems with quotes and spaces in arguments,
assuming that the user quotes properly when passing into the
application.
A new test harness for parseopts is added in test/scripts.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This removes some unnecessary quotes and adds quotes in a few places to
hopefully work correctly if the tempdir has spaces.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
Big deltas or deltas for very small packages are not needed so we should
check that and not generate any.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
If the PKGBUILD isn't writeable for devel_update, throw a warning
instead of silently ignoring it. Some logical reordering is present in
this patch to reduce the number of nested if's.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
It's expected that this will lead to unwanted behavior, and needs
widespread testing. It's desirable to commit this for a few reasons:
- there's no reason we can't do our own error checking for code that we
write.
- it avoids the need for ||true hacks scattered about in the code.
- it makes us immune to upstream changes in exit codes (FS#28248)
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Extend our grep pattern to match TRUST_ULTIMATE, not just TRUST_FULLY,
as these keys are to be trusted as well.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Make these functions more whitespace space by treating newlines as the
element delimiter rather than every form of whitespace.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This was a small oversight from 1917c845 which causes makepkg to write
provides entries to the .PKGINFO file improperly, e.g.
provides = systemdlibsystemdudev=999
Add a newline in the printf format to ensure that these are spaced
appropriately.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
In preparation for the removal of the global error trap we need a
way to ensure changing directories succeeds. Add a "cd_safe"
wrapper that performs the necessary check.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Also make sure the strings passed to %s in printf are always quoted.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This was really only half a fix for FS#28445, as it still doesn't
correctly handle the case of filenames with spaces. In the short term,
there is no obvious fix for this. In the long term, I believe the
correct decision is to rewrite the options parser to be more in line
with GNU getopt_long.
This reverts commits:
ca41427141.
969dcddbdf.
This has been 0 since 9fa18d9a4b, but it
doesn't makes sense because we are raising an error.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
We cannot rely on gpg's exit code. Instead we have to check the status-fd to
figure out whether a signature is valid or not.
In addition to this pacman-key --verify can now be used in scripts as it will
return an exit code of 1 if the signature is invalid.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This matches the optimization made to repo-add in commit 8bbaf045b9
way back in 2009. We don't need to read the whole package file to ensure
multiple .PKGINFO entries don't exist, as well-formed packages should
have this file first in the archive.
Signed-off-by: Dan McGee <dan@archlinux.org>
Since we treat this as an array, we need to initialize it as one. This
avoids addition of an empty element to the option string when we set the
option array from the calling program, e.g.
+/usr/bin/makepkg[2033]: set -- -i --pkg vim -- ''
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
User reports indicate that the SKS keyservers are more reliable
than both the gnupg.net and mit.edu ones.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Using -e without arguments failed to export all keys. Using --export
worked as expected.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Pull updates from transifex, run update-po on all files, fix a few
errors, and push them back to Transifex.
Signed-off-by: Dan McGee <dan@archlinux.org>
delayed allocation hoses us here and causes erroenous install sizes to
be reported. Add a short sleep to allow the transaction to be committed
to the filesystem and the stat buffers to be updated.
This is apparently a "feature", as per to some of the denizens of #btrfs
on freenode.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Most places in makepkg deal with full file paths, but a few use the
file name only. Protect from potential issues when a file name
starts with a hyphen.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This means multiple packages can be build using the same BUILDDIR
without their source files all ending up extracted in the same
directory. Fixes FS#28417.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Similar to how we manage receipt of SIGINT in pacman's internal
downloader, catch the signal and invoke our own trap handler before
unsetting it and calling the default. This requires a slight
modification to the arguments passed to trap_exit so we can pass the
raised signal to trap_exit (note that we substitue USR1 for ERR since
the latter is unique to bash).
Fixes FS#28491.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Adds the ability to override the commands used to compressing
compiled and source packages. This is useful for those wanting
to use alternative implementations of the compression tools or
non-default compression options.
Allan: documented options in man page
Signed-off-by: Allan McRae <allan@archlinux.org>
The rest of our scripts have been using `openssl dgst` rather than tools
like `md5sum` for some time, so convert this one too. We also make the
following other adjustments:
* Use a `find -print0 | xargs -0` pipeline so paths with spaces and or
newlines don't totally kill us.
* Ensure the files we write out contain only paths relative to the
database root, where we know the filenames should all be sane.
* Remove use of `diff`, this was the only time we used it in scripts and
we can get a cheap substitute by comparing file checksums instead.
* Only touch the local/ part of the database. It makes little sense to
do anything to the sync/ directory anymore as they are compressed
single files that should be regularly written out in full and won't be
fragmented on any sane filesystem.
Signed-off-by: Dan McGee <dan@archlinux.org>
Verifing the keyring at this point is useless as a malicious package is already
installed and as such has several options to bypass this check anyway.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
* it updates to all translations
* minor fr, pt_BR, de, lt, sk and uk updates
* add new strings in pacman translation catalog
Signed-off-by: Dan McGee <dan@archlinux.org>
Passing the "-L" flag to stat means we get the size of the file
being pointed to for symlinks instead of the size of the symlink.
Keep "-L" usage in repo-add as we want the actual size of the
package/delta/signature there.
Signed-off-by: Allan McRae <allan@archlinux.org>
With multiple items in $libdepends this check only worked for the first
one, everything after this returned an error. This was probably an issue
with \s being treated wrong.
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
libperl.so results in soname="libperl.so.so" which is wrong.
This returns the correct string: "libperl.so"
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
This reworks the implmentation of libprovides for the following
benefits:
- Moves functionality from write_pkginfo() to find_libprovides()
- Only calculates the version for libraries specifically requested
and not all libraries. This has the disadvantage of running find
over the $pkgdir for as many libraries as needed, but is unlikely
to be an issue due to caching.
- The order of the provides array in the PKGBUILD is kept in the
package
- There are more warning messages when things fail and those that
were there are no longer errors (as I do not think failure of
libprovides should result in complete packaging failure)
- It is now modular so can be easy extended to other library types
other than ELF *.so.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Modify parse_options logic to fill an array instead of printing parsed
options. Avoid eval like the plague. Because it is the plague.
Fixes bugs such as FS#28445.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This fixes a problem that occurs if you tell makepkg to remove installed
dependencies (just to be sure) but there are none. As the $ was missing
in front of deplist, the check never happened and 'pacman -Rn' was
called which obviously failed.
Dan: later reported as FS#28448.
Signed-off-by: Christoph Vigano <mail@cvigano.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This wonderful/awful little bash shell variable wrecks havoc on `cd`
calls in shell scripts. Unset CDPATH in makepkg where we use `cd` quite
heavily. In pacman-optimize, we can move the change directory logic into
the bsdtar call so we are left with no usages of `cd` in the script.
Signed-off-by: Dan McGee <dan@archlinux.org>
PKGBUILDs are advertised as being pure bash so it would be expected
that the default bash options are in effect when sourcing it.
This inadvertantly "fixes" FS#27780 where enabling extglob causes
the bash parser to error on non-valid bash function names like
package_libxml++(). Note that these function names are unsupported
in bash and could break again even with this "fix" in future bash
releases.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
From mercurial-2.1, "hg pull" returns 1 when there are no updates.
Catch the return code and either pull the update or return an
error as appropriate.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is after some manual massaging to fix issues with newlines in some
translations of the script catalogs.
Signed-off-by: Dan McGee <dan@archlinux.org>
Provide a helpful error message for when creating a source tarball
and SRCPKGDEST is not writable.
Fixes FS#28197.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Instead of iterating over the revocation keyfile and calling gpg once
for each key, map the file into an array and call gpg once, iterating
over this output to mark each key as revoked.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This addresses two problems:
1) echo's behavior is inconsistent when dealing with flags, and can
potentially be problematic.
$ echo -n
$ echo -- -n
-- -n
2) Always using the end of options markers prevents translated strings
from throwing errors, as shown in FS#28069.
The remaining "inconsistencies" are because printf is being used in a
guaranteed safe manner, e.g.
printf '%s\n' "$(gettext "--this can never break")"
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This "fixes" two issues:
1) MAN_DIRS contains a glob by default so should not be quoted. It is
not quoted anywhere else so this should not cause breakage...
2) the find statement returns 1 when some of MAN_DIRS are missing. This
appears to only be exposed when running makepkg as root (which it appears
some wrappers do...).
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
With pacman-4.0, using --noconfirm or --noprogressbar with -Q or -T
results in pacman reporting an "invalid option" error. Restrict the
passing of these options to pacman. Fixes FS#28012.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The grep statement used to check for a difference between the
installed package list before and after resolving dependencies
returns 1 if there is no difference. This sets of the error
trap when "-r" is used "unnecessarily".
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Return codes from gpg commands are currently lost. This adds the functionality
of taking non-zero exit statuses from gpg. This includes error reporting for all
gpg commands that are run individually, run in a loop, and run through a pipe.
Includes the check_keyids_exist function which verifies a key exists locally
prior to attempted local manipulation of the key.
If a gpg command has a non-zero status, pacman-key will now exit with a non-zero
status. It will print a gettext error message of gpg's failure.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Adds functions for every gpg command. By pulling out the gpg commands from the
"program start" section, additional commands can be run before or after a
specific gpg command without adding additional clutter to the function call
section.
Adds an explicit exit status of 0 to prevent arithmetic expansions from
returning non-zero, thereby falsely causing pacman-key to have a non-zero exit
status.
This change creates the framework for additional error messages and better
exit statuses being added to every pacman-key gpg call.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Use consistent blank lines across all commands, get rid of the
translated double newlines which only serve to confuse translators, and
fix -h/--help for that extra special third command this script offers.
Signed-off-by: Dan McGee <dan@archlinux.org>
makepkg would not abort on a missing download agent due to the
output variable being declared local on the same line as the
function call in the assignment. That would result in strange output
such as:
==> Retrieving Sources...
==> ERROR: There is no agent set up to handle foo URLs. Check /etc/makepkg.conf.
Aborting...
-> Downloading foobaz...
/home/arch/code/pacman/scripts/makepkg: line 401: foo://foobaz: No such file or directory
==> ERROR: Failure while downloading foobaz
Aborting...
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Declaring the variable as local on the same line as the assignment
results in result of the assignment being returned rather than the
result of the function on the righthand side of the assignment.
Declaring the variable as local on a separate line means the result
of the function on the r.h.s. is returned and our error function
will be invoked if necessary (although it is practically impossible
to ever trigger it...).
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Simplify the source tarball generation by unifying the handling of
local and remote files. This also allows local files to be found
in $SRCDEST (FS#26580) and makepkg will abort on missing local source
files (only possible to trigger in combination with --skipinteg).
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The current calculation of the total file size for a package using "du"
suffers from issues in portability and correctness. Especially on btrfs,
this can result in clearly wrong package information such as:
Download Size : 14684.29 KiB
Installed Size : 7628.00 KiB
Use an approach based on "stat" to calculate total file size.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Using the value of "SKIP" in the checksum array will cause that
integrity check to be skipped. This makes building packages that
rely on user configurable sources less painful.
Based-on-patch-by: Dan McGee <dan@archlinux.org>
Based-on-patch-by: David Campbell <davekong@archlinux.us>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Allows renamed .asc/.sig files to be still discovered by makepkg. This
is needed for a package such as PuTTY, which provides abnormally named
sig files (.DSA and .RSA) which are valid input for gpg --verify.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This converts our script generation to use the built-in AM_V_GEN macro,
which honors the V= setting passed to make and allows one to see the
full command if they truly desire. The AM_V_at macro is also used in
place of an explicit @ so verbose-mode compiles show all commands being
run.
We can also use these two macros in doc generation to quiet it down to
the level we expect.
Other minor changes:
* a pointless test call is removed in test/pacman/tests/
* sed is used instead of dos2unix as we depend on it anyway
* consecutive chmod calls are reduced to a single call (e.g., '+x,a-x')
Signed-off-by: Dan McGee <dan@archlinux.org>
Be more semantically accurate and avoid accidental overwriting of some
configuration variables that are considered to be constant.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This prevents user error in adding a file generated via `gpg --sign`
rather than `--detach-sign`, for example. The same 16KiB limit is used
we use in our pacman download code.
The section is moved above the checksum generation to avoid presenting
info messages to the user if the signature isn't valid.
Addresses a shortcoming pointed out in FS#27453.
Signed-off-by: Dan McGee <dan@archlinux.org>
Whereas comm will check inputs to see if they're sorted (and warn when
they aren't), grep doesn't even care about ordering. In this particular
instance -- neither do we. We're only interested that the two lists are
equivalent.
Fixes FS#26580.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add support for overriding configuration in /etc/makepkg.conf and
~/.makepkg.conf by setting the environment variable PACKAGER similar to
how SRCDEST and PKGDEST behave.
Signed-off-by: Allan McRae <allan@archlinux.org>
This addresses a short but sweet race condition currently existing in
repo-add and repo-remove. We do the smart thing and zip the database to
a location in a temporary directory and not over the original database
directly. However, we then proceed to move this file directly from the
temporary directory to our final location, which is more than likely a
cross-filesystem move (/tmp on tmpfs) and thus non-atomic.
Instead, zip the file to the same directory, prefixing the filename with
'.tmp.'. We then move the file into place. This move is guaranteed to be
atomic, so any reader of the database file will get either the old
version, the new version, or ENOENT.
We also perform a hardlink if possible instead of a move when shifting
the old database out of the way to '.old'; this ensures there is no
chance of a database file not existing during the whole process.
Only one small race condition should now be present- when the database
has been fully moved into place and the signature has not, you may see a
mismatch. There seems to be no good way to address this, and it existed
before this patch.
A final note- if someone had locked-down permissions on the directory
that the database files are in (e.g., could only write to foo.db.tar.gz,
foo.db, foo.db.tar.gz.old, foo.db.old, and the lock file), this would
break.
Signed-off-by: Dan McGee <dan@archlinux.org>
Given our semi-frequent use of pushd/popd, if we are in any directory
but the original and the database path given was relative, we won't
unlock the database file when cleaning up after an error.
Signed-off-by: Dan McGee <dan@archlinux.org>
* Add last-minute changes to NEWS
* Don't treat '_' or '_n' special in scripts when finding translatable
strings; this breaks with one use of `read` and a dummy _ variable
Signed-off-by: Dan McGee <dan@archlinux.org>
This applies to pkgver, pkgrel, and epoch and ensures that any trailing
whitespace outside of the context of the variable declaration itself is
properly trimmed. The Bash parser will ignore this, and so should we.
We don't need to worry about leading space because it would force a
syntax error, or fail validation.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Bump the version, update the translation template files, and fill in
NEWS with relevant commits and changes since 4.0.0.
Signed-off-by: Dan McGee <dan@archlinux.org>
This prevent bsdtar from exploding when install= or changelog= are
present without a value.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Detached sgnature files with extension .sign are accepted by gnupg.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
