When two packages own an empty directory, pacman finds no conflict when
one of those packages wants to replace the directory with a file or a
symlink. When it comes to actually extracting the new file/symlink,
pacman sees the directory is still there (we do not remove empty
directories if they are owned by a package) and refuses to extract.
Detect this potential conflict early and bail. Note that it is a
_potential_ conflict and not a guaranteed one as the other package owning
the directory could be updated or removed first which would remove
the conflict. However, pacman currently can not sort package installation
order to ensure this, so this conflict requires manual upgrade ordering.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add a man page for the pactree utility.
Feedback-from: Allan McRae <allan@archlinux.org>
Feedback-from: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Ram Bhamidipaty <rambham@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Test for file content (-s) rather than just existance (-f). This fixes a
bug that manifests itself in the case of an empty -revoked file. A zero
element 'keys' array would be passed to gpg, forcing it to list and,
subsequently, revoke all known keys.
Bug introduced in d1240f67ea.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
PACMAN_OPTS would be erroneously set when it was undefined, causing
pacsysclean to error out.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This documentation was added in commit 857357f9 so was not caught in the
removal of this option in commit 85712814.
Signed-off-by: Dan McGee <dan@archlinux.org>
This removes some unnecessary quotes and adds quotes in a few places to
hopefully work correctly if the tempdir has spaces.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
Big deltas or deltas for very small packages are not needed so we should
check that and not generate any.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a vestige leftover from the rewrite over a year ago in
622e7fdd4.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Detected by clang scan-build static code analyzer.
* Don't attempt to free an uninitialized gpgme key variable
* Initialize answer variable before asking frontend a question
* Pass by reference instead of value if uninitialized fields are
possible in download signal handler code
* Ensure we never call strlen() on NULL payload->remote_name value
Signed-off-by: Dan McGee <dan@archlinux.org>
Extend our grep pattern to match TRUST_ULTIMATE, not just TRUST_FULLY,
as these keys are to be trusted as well.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This was really only half a fix for FS#28445, as it still doesn't
correctly handle the case of filenames with spaces. In the short term,
there is no obvious fix for this. In the long term, I believe the
correct decision is to rewrite the options parser to be more in line
with GNU getopt_long.
This reverts commits:
ca41427141.
969dcddbdf.
This has been 0 since 9fa18d9a4b, but it
doesn't makes sense because we are raising an error.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
We cannot rely on gpg's exit code. Instead we have to check the status-fd to
figure out whether a signature is valid or not.
In addition to this pacman-key --verify can now be used in scripts as it will
return an exit code of 1 if the signature is invalid.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This matches the optimization made to repo-add in commit 8bbaf045b9
way back in 2009. We don't need to read the whole package file to ensure
multiple .PKGINFO entries don't exist, as well-formed packages should
have this file first in the archive.
Signed-off-by: Dan McGee <dan@archlinux.org>
Dan was right. This should have been FREE(), not free().
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Since we treat this as an array, we need to initialize it as one. This
avoids addition of an empty element to the option string when we set the
option array from the calling program, e.g.
+/usr/bin/makepkg[2033]: set -- -i --pkg vim -- ''
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
User reports indicate that the SKS keyservers are more reliable
than both the gnupg.net and mit.edu ones.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Using -e without arguments failed to export all keys. Using --export
worked as expected.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Pull updates from transifex, run update-po on all files, fix a few
errors, and push them back to Transifex.
Signed-off-by: Dan McGee <dan@archlinux.org>
delayed allocation hoses us here and causes erroenous install sizes to
be reported. Add a short sleep to allow the transaction to be committed
to the filesystem and the stat buffers to be updated.
This is apparently a "feature", as per to some of the denizens of #btrfs
on freenode.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
For key searches only, gpg2 will fail to lookup any and all keys that
are not prefixed with 0x.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
In case we have a mirror failure, unlink_on_fail would remain set,
causing an interrupt in a successive download attempt to be wrongly
unlinked.
This also fixes a memory leak in the url member, as we would allocate
over the previous, unfreed URL.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
To avoid conflicts on reusing a payload after a failed download, ensure
that we reset the filename hints in the payload struct prior to the
download operation.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Similar to how we manage receipt of SIGINT in pacman's internal
downloader, catch the signal and invoke our own trap handler before
unsetting it and calling the default. This requires a slight
modification to the arguments passed to trap_exit so we can pass the
raised signal to trap_exit (note that we substitue USR1 for ERR since
the latter is unique to bash).
Fixes FS#28491.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Verifing the keyring at this point is useless as a malicious package is already
installed and as such has several options to bypass this check anyway.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
* it updates to all translations
* minor fr, pt_BR, de, lt, sk and uk updates
* add new strings in pacman translation catalog
Signed-off-by: Dan McGee <dan@archlinux.org>
Passing the "-L" flag to stat means we get the size of the file
being pointed to for symlinks instead of the size of the symlink.
Keep "-L" usage in repo-add as we want the actual size of the
package/delta/signature there.
Signed-off-by: Allan McRae <allan@archlinux.org>
With multiple items in $libdepends this check only worked for the first
one, everything after this returned an error. This was probably an issue
with \s being treated wrong.
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
libperl.so results in soname="libperl.so.so" which is wrong.
This returns the correct string: "libperl.so"
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
If we begin to create a file list when loading a package, but abort
because of an error to one of our goto labels, the memory used to create
the file list will leak. This is because we use a set of local variables
to hold the data, and thus _alpm_pkg_free() cannot clean up for us.
Use the file list struct on the package object as much as possible to
keep state when building the file list, thus allowing _alpm_pkg_free()
to clean up any partially built data.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is easily triggered via a `pacman -Sc` operation when it attempts
to open a delta file as a package- we end up leaking loads of memory
due to us never freeing the archive object. When you have upwards of
1200 delta files in your sync database directory, this results in a
memory leak of nearly 1.5 MiB.
Also fix another memory leak noticed at the same time- we need to call
the internal _alpm_pkg_free() function, as without the origin data being
set the public free function will do nothing.
Signed-off-by: Dan McGee <dan@archlinux.org>
Ensure we give database signatures special treatment like we already did
for package signatures. Attempt to parse the database name out of them
before taking the proper steps to handle their existence. This fixes
FS#28714.
We also add an unlink_verbose() helper method that displays any errors
that occur when unlinking, optionally opting to skip any ENOENT errors
from being fatal.
Finally, the one prompt per unknown database has been removed, this has
no real sound purpose and we don't do this for packages. Simply kill
databases we don't know about; other programs shouldn't have random data
in this directory anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
Mostly a waste of time. Sure, we no longer make sure your pacman
database partition has enough space, but if you are using this option
you better know what you are doing anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
(cherry picked from commit ee96900605)
This was noted when trying to perform an operation on a pacman database
on a read-only file system. Print the actual underlying errno string,
and only show the "you can remove" message if the lock file actually
exists.
Before:
$ pacman -Su
error: failed to init transaction (unable to lock database)
if you're sure a package manager is not already
running, you can remove /e/db.lck
After:
$ pacman -Su
error: failed to init transaction (unable to lock database)
error: could not lock database: Read-only file system
Signed-off-by: Dan McGee <dan@archlinux.org>
If one had a mountpoint at '/e' (don't ask), a file being installed to
'/etc' would map to it incorrectly. Ensure we do more than just prefix
matching on paths by doing some more sanity checks once the simple
strncmp() call succeeds.
Signed-off-by: Dan McGee <dan@archlinux.org>
Modify parse_options logic to fill an array instead of printing parsed
options. Avoid eval like the plague. Because it is the plague.
Fixes bugs such as FS#28445.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Allan McRae