1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-14 21:35:02 -05:00
Commit Graph

2557 Commits

Author SHA1 Message Date
David Macek
71f9de64c6 alpm_initialize: Fix double slash in sys hook dir path
The path of the default system hook directory was created
by concatenating `myhandle->root` (usually "/"), and
SYSHOOKDIR (usually "/usr/share/libalpm/hooks/"), resulting
in "//usr/share/libalpm/hooks/". Fix this by skipping the
initial slash from SYSHOOKDIR.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-12-06 00:22:40 +10:00
Andrew Gregory
8ee084dbb3 db_update: always clear db flags after update
Signature downloading and DB validation was being based on the most
recent download status for the DB.  If a DB successfully downloaded but
a signature did not, db_update would move to the next server.  If the
next server tried does not have a more recent copy of the DB, db_update
would not download the DB again and would forget that the DB had
previously been updated.  In this case it would skip validation
entirely, leaving an updated DB with the original validation status.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-12-06 00:15:35 +10:00
Andrew Gregory
7b6f7bbe09 add and expose alpm_unlock
alpm_unlock is a limited version of alpm_release that does nothing but
the actual unlinking of the lock file and is therefore safe to call from
signal handlers.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-12-05 17:53:37 +10:00
Andrew Gregory
16623a7ea5 handle_unlock: return 0 if lockfile == NULL
Returning -1 is useless since we don't provide any way
to determine why it failed.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-12-05 17:52:16 +10:00
Andrew Gregory
4838d250e5 skip conflicts resolved by file replacement
When replacing a file with a directory, any files inside the new
directory cannot possibly exist on the filesystem and can be skipped.
This allows cross-package symlink-to-directory transitions when there
are files with the same name under both the symlinked directory and the
new directory.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-12-05 17:46:22 +10:00
Andrew Gregory
bb5e6c3b76 always unlink files before extraction
libarchive will not extract a directory over an existing directory
symlink, making it impossible to replace a symlink with a directory
across packages.  Adding the ARCHIVE_EXTRACT_UNLINK and
ARCHIVE_EXTRACT_SECURE_SYMLINKS causes libarchive to unlink the existing
symlink and prevents it from extracting any paths that contain
a symlink, which we should not be doing anyway.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-12-05 17:46:12 +10:00
Allan McRae
088649534e Add large file support CFLAGS to pkgconfig file
Large file support is enabled by our configure script as required.  If anything
linking to libalpm does not also define large file support, there will be
differences in the size of off_t which are not caught until runtime.

Add the required CFLAGS to the pkg-config file so that users of libalpm know
what flags are required.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-12-04 11:06:49 +10:00
Andrew Gregory
dfa4dcb16d run_chroot: always clear script output buffer
If the script output does not end in a newline there could still be data
in the buffer after the poll loop.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-11-29 08:12:44 +10:00
Andrew Gregory
5312e683fc hooks: pass matched targets to hooks
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-11-28 22:53:24 +10:00
Andrew Gregory
8ad893732d allow specifying input to scriptlets
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-11-28 22:52:11 +10:00
Andrew Gregory
b42d0852f3 allow arguments in hook Exec fields
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-11-28 16:26:51 +10:00
Rikard Falkeborn
9e22e75fa1 Use correct format specifiers
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-11-11 13:47:08 +10:00
Andrew Gregory
6eac7258cd ensure realloc has a positive size
If given size 0 POSIX allows realloc to return a pointer that is not
suitable for use.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-11-03 21:45:09 +10:00
Andrew Gregory
dcc1b22cb3 _alpm_hook_run: check path length before copying
If a hook path equals or exceeds PATH_MAX characters the path will be
left unterminated.  Pre-calculating the path length also allows us to
use the more efficient memcpy over strncpy.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-28 14:22:09 +10:00
Andrew Gregory
5b6526a2ad hook.c: print invalid option name
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-27 19:38:57 +10:00
Andrew Gregory
b46bdeea14 order hooks by file name
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-27 19:38:32 +10:00
Rikard Falkeborn
0c5dbdbfec Alpm, check for NULL in free-functions
Also, use FREE() instead of free() in _alpm_backup_free()
to set the pointers to NULL.

Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-27 14:22:30 +10:00
Pierre Neidhardt
456ebe8f8e Use ARRAYSIZE macro for non-string array size computation
Signed-off-by: Pierre Neidhardt <ambrevar@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-27 13:53:18 +10:00
Andrew Gregory
e8e872c8f9 validate hooks after parsing
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-18 10:59:23 +10:00
Andrew Gregory
16718a216e run hooks during trans_commit
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-18 10:59:23 +10:00
Andrew Gregory
568a89d580 add hook data types and parser
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-18 10:59:23 +10:00
Andrew Gregory
c261210ccf handle: add hookdirs option
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-10-18 10:59:23 +10:00
Andrew Gregory
6946d7d1b7 check fileconflicts and diskspace outside commit
This is necessary in order to be able to run PreTransaction hooks as
close to the actual commit as possible so that we don't prematurely run
hooks for a transaction that ultimately never happens.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-09-20 17:36:53 +10:00
Andrew Gregory
75fe6ef104 sortbydeps: skip local packages being updated
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-09-19 15:12:35 +10:00
Sebastian Lackner
5780350751 libalpm: Force update when database is marked as corrupted.
When a database and its signature is updated non-atomically on a server,
there is a window where a user may update the database but grab the old
signature.  The database is marked as invalid by libalpm, which can be
fixed by forcing a refresh (assuming the server has caught up and the
user realizes what has happened) or with a future update of the repo.
Work around this by forcing a repository refresh whenever a database is
invalid.

Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-08-08 10:45:09 +10:00
Andrew Gregory
ae97082e98 fill in name_hash for assumeinstalled options
alpm_depend_t is an exposed data type.  Front-ends may opt for alloc'ing
one and filling the fields manually, but alpm's _alpm_hash_sdbm is not
exposed, making it impossible for them to fill in the name_hash field.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-08-08 10:42:26 +10:00
Andrew Gregory
48f4efd9a1 copy assumeinstalled options
All other option setters copy their input.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-08-08 10:41:14 +10:00
Andrew Gregory
ccd3a3eb9f check assumeinstalled for meaningful mod
assumeinstalled options are used as provisions for which MOD_EQ and
MOD_ANY are the only meaningful settings.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-08-08 10:40:00 +10:00
Andrew Gregory
1ee2032b7f check dep versions before calling strcmp
Fixes a segfault when trying to remove an assumeinstalled
option without a version.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-08-08 10:39:15 +10:00
Allan McRae
b8c9385b8b Remove ko_KR translation
The "ko_KR" locale is the same as the "ko" locale.  Remove the "ko_KR" variant
as it is incomplete and has been superseded by "ko" on transifex.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-08-08 10:36:03 +10:00
Levente Polyak
deac973188 ensure matching database and package version
While loading each package ensure that the internal version matches the
expected database version to avoid the possibility to circumvent the
version check.
This issue can be used by an attacker to trick the software into
installing an older version. The behavior can be  exploited by a
man-in-the-middle attack through specially crafted  database tarball
containing a higher version, yet actually delivering an  older and
vulnerable version, which was previously shipped.

Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-20 12:50:39 +10:00
Allan McRae
289fdf0d1d Read file lists from databases
If a sync database contains a "files" file, the file list will be read.

Currently, there is no known demand for the file list to be lazy loaded by
any libalpm frontend, so these files are read whenever present. Lazy loading
can be implemented when a demand exists.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-15 10:57:30 +10:00
Allan McRae
f6c55b3c3f Allow frontends to specify the sync database extension
This allows frontends to select between the .db and .files databases
currently supplied by repo-add or any other compatible database.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-15 10:57:29 +10:00
Allan McRae
94204d1089 Do not warn about packages that optionally require a removal when ignoring deps
If a transaction is removing a package while ignoring all dependencies, there
should not be any warning about other packages optionally requiring it.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-14 17:15:33 +10:00
Allan McRae
ff487212a2 Do not warn about downgrades when only downloading package
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-12 16:23:25 +10:00
David Macek
d5536d3eb3 libalpm: Do a sanity check before manipulating final DB URL
The change in commit 9d96bed9d6 causes download errors for the .db.sig file
in case the final URL for the .db file contains query strings or other
unexpected stuff. This commit isn't intended to be a total solution, but it
should eliminate the problem in the most obvious cases.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12 14:00:55 +10:00
David Macek
d568a4335b Fix comment in alpm_db_update
Fix comment to better explain the magic constant used when allocating a buffer
for ".db.sig" URL.

Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12 14:00:55 +10:00
Andrew Gregory
9a9e0203de alpm_logaction: implement documented return value
"return 0 on success, -1 on error (pm_errno is set accordingly)"

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12 14:00:55 +10:00
Andrew Gregory
1545a04253 alpm_logaction: allow falling back to syslog
Even if opening the log file fails, if a user has enabled syslog we may
still be able to log to that.  Set the error return value and continue
instead of bailing out.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12 14:00:54 +10:00
Andrew Gregory
e4af5e3c97 alpm_logaction: check logfile before opening
valgrind does not like calling open(NULL, ...).  This also makes the
return value 0 if logfile has not been set.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12 14:00:54 +10:00
Andrew Gregory
ae7067440c merge _alpm_logaction into alpm_logaction
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12 14:00:54 +10:00
Allan McRae
54067c390f Silence warning from clang
clang is wrong - dbfile is always used initialized in that function.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12 14:00:54 +10:00
Andrew Gregory
e374e6829c close stdin before running install scripts
libalpm does not guarantee that script output will be presented to the
user or that stdin will be connected to a terminal.  Close stdin so that
scripts do not attempt to use it for user interaction.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:44:14 +10:00
Andrew Gregory
721b785e73 be_package: fallback to standard filelist loading
In order to work properly, loading the filelist from an mtree file
requires a libarchive patch that has not yet been included in an
official release.[1]  Under certain circumstances, an unpatched
libarchive may refuse to read the mtree file due to inconsistencies
between it and the user's file system.  In order to allow alpm to
recover in this situation, read the mtree data into a temporary filelist
that is only copied over to the package if the entire read is
successful.

[1] 661684170b

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:44:13 +10:00
Andrew Gregory
edeafcc988 add_entry_to_files_list: pass filelist directly
Allows entries to be added to arbitrary filelists not connected to
a package.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26 14:44:13 +10:00
Andrew Gregory
156d41a186 remove: use strcmp for files in skip_remove
Paths from noupgrade, the transaction skip_remove, and package backup
lists were combined into a single list matched using fnmatch causing
paths with glob characters to match unrelated files.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03 16:54:17 +10:00
Andrew Gregory
ba532bda6b sync_prepare: exclude removals from resolvedeps
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03 16:54:17 +10:00
Allan McRae
8f92fe47a7 calculate_removed_size: ensure llstat succeeds
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03 16:54:17 +10:00
Allan McRae
d9b5cb238d Abort of failure to add version file to empty local database
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03 16:54:17 +10:00
Allan McRae
fc5be14dac parse_descfile: fix memory leak in error case
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03 16:54:17 +10:00