1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-10-31 15:45:03 -04:00
Commit Graph

165 Commits

Author SHA1 Message Date
Allan McRae
f363cf7857 repo-add: do not alter the database if only verifying signature
Fixes FS#48085.

Signed-off-by: Allan McRae <allan@archlinux.org>
2016-02-26 15:18:44 +10:00
Allan McRae
0fa695d0e3 repo-remove: fix checking for non-existent .db database
Signed-off-by: Allan McRae <allan@archlinux.org>
2016-02-20 14:01:53 +10:00
Allan McRae
4742f5929d Update copyright years for 2016
make update-copyright OLD=2015 NEW=2016

Signed-off-by: Allan McRae <allan@archlinux.org>
2016-01-04 13:27:08 +10:00
Allan McRae
5301d3fe8f Remove space before ellipses
Makes all use of ellipses consistent...

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-19 13:48:56 +10:00
Johannes Löthberg
4b0bc2cf97 repo-add: Reject armored signatures
Pacman cannot handle armored signatures, so make repo-add error out if
one is detected.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-06-20 17:32:57 +10:00
Johannes Löthberg
2bed2090fb repo-add: Generate unarmored DB signature
Pacman cannot handle armored signatures, so use gpg's --no-armor flag to
force an unarmored signature.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-06-20 17:32:57 +10:00
Allan McRae
b520c6312f repo-add: merge desc and depends files
There is little point in these two files being separated as the whole sync db
is parsed at once.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:43:37 +10:00
Allan McRae
cb0f2bd038 Always create files database
Both the "db" and "files" databases are created in one call to repo-add.
Only the "foo.db.tar.xz" name is passed to repo-add.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:43:37 +10:00
Allan McRae
30c9dbcdeb repo-add: remove duplication finding old package details
The information needed to create a delta entry and remove the old package from
the filesystem are the same.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:43:37 +10:00
Allan McRae
6aef45ee1a repo-add: check early for xdelta if it is needed
The check for xdelta3 was done as needed (and not in all cases).  Do this
check early so that repo-add does not abort part way through.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:43:37 +10:00
Allan McRae
81d233b793 repo-add: only update database if entire command succeeded
It is not hard to think of situations where the repo database should not
be updated unless the whole operation succeeds.  Error out before a partial
database update occurs.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:43:37 +10:00
Allan McRae
d2cb52de12 repo-add: move database creation into its own function
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:43:37 +10:00
Allan McRae
f3fc9af2b7 repo-add: move database rotation into its own function
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:43:37 +10:00
Allan McRae
dff6982c83 repo-add: improve delta file detection on removal
This allows use to remove a package with the name "foo.delta" from the
repos.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12 13:35:48 +10:00
Allan McRae
660bd1caa1 repo-add: only backup database signature if database was backed up
Ensures the backed update database and its signature are always consistent.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12 13:35:31 +10:00
Allan McRae
3c46420367 repo-add: unify checking gpg keys
Move the PGP key checking into the check_gpg function.  This also results in
error messages being in colour.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12 13:35:19 +10:00
Allan McRae
cf3d5e4830 repo-add: clarify invalid repo extension message
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12 13:35:09 +10:00
Allan McRae
b5b2f0b1bf repo-add: improve removing old packages
The -R/--remove option left the old package in place when delta packages
were to be generated.  It was also removed before we ensure the generation
of the entry for the new package was generated without error.

Remove the old package at the end of database entry and delta generation. Also
improve the help message to clarify it is the old package that is removed.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12 13:35:01 +10:00
Allan McRae
2e48101999 Update copyright notices for 2015
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-01 21:19:04 +10:00
Allan McRae
d8b09e6656 repo-add: declare pkgbase as local 2014-03-27 15:46:07 +10:00
Florian Pritz
cd2370754a Remove ts and sw from vim modeline when noet is set
Forcing vim users to view files with a tabstop of 2 seems really
unnecessary when noet is set. I find it much easier to read code with
ts=4 and I dislike having to override the modeline by hand.

Command run:
find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} +

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-28 20:19:25 +10:00
Allan McRae
3bb3b1555a Update copyright years for 2014
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-06 14:38:50 +10:00
Phillip Smith
58782b1c55 repo-add; add option to remove existing package files from disk
When maintaining a custom repo, often it is undesirable to retain older
versions of packages. This patch adds the --remove option to remove the
current package file and it's signature from disk before adding the new
one to the database. Documentation is also updated. This is an optional
flag and default behaviour (leaving ondisk files alone) is not changed.

Signed-off-by: Phillip Smith <fukawi2@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-06-06 13:47:32 +10:00
Allan McRae
66fe80f39b repo-add: Update copyright year
Also adjust translations.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-15 13:21:32 +10:00
William Giokas
5a67eee78c scripts: Add color to repo-add
Signed-off-by: William Giokas <1007380@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-08 17:04:39 +10:00
Danny George
965e1de217 Add a -n option to repo-add to only add new packages
Packages are already in the pkg db were given a warning, and then
readded anyway.  With -n specified, the warning is printed, but skips
readding it.

Signed-off-by: Danny George <dangets@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-03 12:03:10 +10:00
Allan McRae
fe8bd95092 repo-add: quote filename for consistent output style
Signed-off-by: Allan McRae <allan@archlinux.org>
2012-11-27 15:16:15 +10:00
Allan McRae
e253968b4d repo-add: add checkdepends information
Similar to the case for makedepends, it is useful to be able to
access this information without parsing a PKGBUILD.

Signed-off-by: Allan McRae <allan@archlinux.org>
2012-06-25 23:08:15 -05:00
Allan McRae
81bc390dc1 repo-add: add makedepends information
This is useful for tools that automatically rebuild packages and
thus require to generate a build order. These entries are skipped
by pacman.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-05-20 19:03:43 -05:00
Florian Pritz
678bdfb0d0 pkgdelta/repo-add: quoting fixes
Finish the job on master; most of these were applied to maint already.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-29 21:56:57 -05:00
Dan McGee
ca4f8687f7 Merge branch 'maint'
Conflicts:
	scripts/repo-add.sh.in
2012-04-24 08:44:11 -05:00
Florian Pritz
133d174e60 pkgdelta/repo-add: quoting fixes
This removes some unnecessary quotes and adds quotes in a few places to
hopefully work correctly if the tempdir has spaces.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-20 18:03:54 -05:00
Florian Pritz
62e8812fb9 repo-remove: remove deltas file if it becomes empty
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07 11:30:56 -05:00
Dan McGee
8de0631edb Merge branch 'maint'
Conflicts:
	lib/libalpm/be_package.c
2012-03-08 18:08:15 -06:00
Allan McRae
cb64fbeac4 Do not dereference symlinks when calculating size
Passing the "-L" flag to stat means we get the size of the file
being pointed to for symlinks instead of the size of the symlink.

Keep "-L" usage in repo-add as we want the actual size of the
package/delta/signature there.

Signed-off-by: Allan McRae <allan@archlinux.org>
2012-03-05 11:44:34 -06:00
Dan McGee
4f54bde439 Merge branch 'maint'
Conflicts:
	scripts/makepkg.sh.in
2012-01-30 22:00:26 -06:00
Dave Reisner
9e9835f464 scripts: always use printf with embedded gettext
This addresses two problems:

1) echo's behavior is inconsistent when dealing with flags, and can
potentially be problematic.

  $ echo -n
  $ echo -- -n
  -- -n

2) Always using the end of options markers prevents translated strings
from throwing errors, as shown in FS#28069.

The remaining "inconsistencies" are because printf is being used in a
guaranteed safe manner, e.g.

  printf '%s\n' "$(gettext "--this can never break")"

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-30 21:31:38 -06:00
Dan McGee
e50c4a8837 Merge branch 'maint'
Conflicts:
	lib/libalpm/diskspace.c
	src/pacman/util.h
2012-01-23 12:20:52 -06:00
Dan McGee
562109c0e8 Update copyright on changed files since beginning of year
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18 22:25:27 -06:00
Dan McGee
430b0df779 repo-add: clean up help messages
Use consistent blank lines across all commands, get rid of the
translated double newlines which only serve to confuse translators, and
fix -h/--help for that extra special third command this script offers.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18 22:00:13 -06:00
Lukas Fleischer
0e4946d559 scripts/*: Declare several constant variables read-only
Be more semantically accurate and avoid accidental overwriting of some
configuration variables that are considered to be constant.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-07 10:02:11 -06:00
Dan McGee
a3a75e0a41 Merge branch 'maint' 2011-12-07 10:00:20 -06:00
Dan McGee
17e0be9e6a repo-add: enforce maximum .sig file size
This prevents user error in adding a file generated via `gpg --sign`
rather than `--detach-sign`, for example. The same 16KiB limit is used
we use in our pacman download code.

The section is moved above the checksum generation to avoid presenting
info messages to the user if the signature isn't valid.

Addresses a shortcoming pointed out in FS#27453.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-05 10:48:47 -06:00
Allan McRae
cb898be887 repo-add: Remove .tmp. prefix from output
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-11-20 21:36:30 -06:00
Dan McGee
80868b0da6 repo-add: ensure database and signature files are always viewed in whole
This addresses a short but sweet race condition currently existing in
repo-add and repo-remove. We do the smart thing and zip the database to
a location in a temporary directory and not over the original database
directly. However, we then proceed to move this file directly from the
temporary directory to our final location, which is more than likely a
cross-filesystem move (/tmp on tmpfs) and thus non-atomic.

Instead, zip the file to the same directory, prefixing the filename with
'.tmp.'. We then move the file into place. This move is guaranteed to be
atomic, so any reader of the database file will get either the old
version, the new version, or ENOENT.

We also perform a hardlink if possible instead of a move when shifting
the old database out of the way to '.old'; this ensures there is no
chance of a database file not existing during the whole process.

Only one small race condition should now be present- when the database
has been fully moved into place and the signature has not, you may see a
mismatch. There seems to be no good way to address this, and it existed
before this patch.

A final note- if someone had locked-down permissions on the directory
that the database files are in (e.g., could only write to foo.db.tar.gz,
foo.db, foo.db.tar.gz.old, foo.db.old, and the lock file), this would
break.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-20 21:36:30 -06:00
Dan McGee
6a9ed33055 repo-add: ensure path to LOCKFILE is always absolute
Given our semi-frequent use of pushd/popd, if we are in any directory
but the original and the database path given was relative, we won't
unlock the database file when cleaning up after an error.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-20 21:36:30 -06:00
Dan McGee
ff87046354 Merge branch 'maint'
Conflicts:
	src/pacman/util.c
2011-10-13 11:25:50 -05:00
Lukas Fleischer
35e6136f4b scripts/*.sh.in: Honor TMPDIR environment variable
Replace "/tmp" with "${TMPDIR:-/tmp}" to allow for overriding the
hardcoded path.

Since we only use "/tmp" in conjunction with mktemp(1), we could also
have used "--tmpdir", which is GNU-ish, however (and the BSD counterpart
"-t" has been deprecated in GNU mktemp).

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 11:21:05 -05:00
Lukas Fleischer
241946ccea scripts/*.sh.in: Fix signal handler error messages
This includes some fixes to the messages that are displayed when a
signal is caught in makepkg or repo-add:

* Instead of always showing "==> ERROR: TERM signal caught. Exiting...",
  replace "TERM" by whatever signal is actually caught.

* Fix a typo in the SIGERR error message in repo-add ("occurred" instead
  of "occured"). Francois already fixed this for makepkg in 1e51b81c.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 11:20:12 -05:00
Lukas Fleischer
d4c97ea2f6 repo-add: Avoid race condition in signal handlers
There is a small chance that a user sends SIGINT (or any other signal
that is trapped) when we're already in clean_up() which used to lead to
trap_exit() being executed and the remaining code in clean_up() being
skipped due to the bash signal/trap handler blocking EXIT (since its
handler is already being executed, even if it's interrupted).

In practice, this behaviour caused unexpected results (primarily because
pressing ^C at the wrong time left a lock file behind):

    $ ./repo-add extra.db.tar.gz foobar
    ==> Extracting database to a temporary location...
    ^C
    ==> ERROR: Aborted by user! Exiting...
    $ ./repo-add extra.db.tar.gz foobar
    ==> Extracting database to a temporary location...
    ==> ERROR: File 'foobar' not found.
    ==> No packages modified, nothing to do.
    ^C
    ==> ERROR: Aborted by user! Exiting...
    $ ./repo-add extra.db.tar.gz foobar
    ==> ERROR: Failed to acquire lockfile: extra.db.tar.gz.lck.
    ==> ERROR: Held by process 18522

Fix this and reduce the chance of race conditions in signal handlers by:

* Unhooking all traps in both clean_up() and trap_exit().

* Call clean_up() explicitly in trap_exit() to make sure we remove the
  lock file and the temporary directory even if we send SIGINT when
  clean_up() is already being executed but didn't reach the unhook code
  yet.

Also, add an optional parameter to clean_up() to allow for setting an
explicit exit code when we call clean_up() from trap_exit().

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 11:20:03 -05:00