1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-17 14:55:07 -05:00
Commit Graph

1237 Commits

Author SHA1 Message Date
lolilolicon
ee207d7c7b makepkg: do not eval dlcmd
This eval enables the following in a PKGBUILD to "just work":

  source=('$pkgname-$pkgver.tar.gz'::'https://host/$pkgver.tar.gz')

This has at least two problems:

- It violated the principle of least surprise.
- It could be a security issue since URLs are arbitrary input.

Instead, expand the dlagent command line into an array, replace the %o,
%u place holders, and run the resultant command line as is.

Embedded spaces in the DLAGENTS entry can be escaped with a backslash.

Fixes FS#41682

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-15 09:32:29 +10:00
William Giokas
95e1a1ef82 makepkg: Allow using sources with :: in them
Git has the ability to use helper applications for interfacing with hg,
and from what we had before, the following url::

  foo::git+hg::http://foo.bar/foobar

would get converted to something along the lines of:

  filename: foo
  URL: http://foo.bar/foobar

and the 'git+hg' part would essentially be ignored when it's getting set
up in the 'get_protocol' and 'get_downloadclient' functions. With this
patch it is possible to have a source link with '::' in it, however it
is not possible to have a filename with '::', which is the current
behavior.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-15 09:30:54 +10:00
Allan McRae
879e4665c4 pacman-key: stricter parsing for -verify
Prevents trust being spoofed by using TRUST_FULLY in the signatory's name
or in an added notation.

Fixes FS#41147.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-09 17:29:08 +10:00
Dave Reisner
17ed9eb734 makepkg: replace bare eval with var extraction functions 2014-08-08 13:44:40 +10:00
Dave Reisner
2b556d89de PKGBUILD: handle arch specific attributes
This introduces support for architecture-specific conflicts, depends,
optdepends, makedepends, replaces, and conflicts by appending "_$CARCH"
to the array name. For example, in the global section:

  arch=('i686' 'x86_64')
  depends=('foo')
  depends_x86_64=('bar')

This will generate depends of 'foo' and 'bar' on x86_64, but only 'foo'
on i686. Moreover, this is supported in the package functions with the
same heuristics as the generic names, e.g.

  ...
  arch=('i686' 'x86_64')
  depends=('foo')
  ...

  package_somepkg() {
    depends_x86_64=('bar')

    ...
  }

Again, will cause x86_64 to have depends of 'foo' and 'bar', but only
'foo' for i686.
2014-08-08 13:44:25 +10:00
Dave Reisner
cbd6c300b5 makepkg: refactor check_sanity, give it some sanity of its own
Break apart each of the blocks into their own separate functions. And,
instead of the hand crafted eval statements, reuse the logic from
pkgbuild-introspection[0] to abstract away the complexities of parsing
bash.

This commit fixes at least 3 bugs in check_sanity:

1) The wrong variable is shown for the error which would be thrown
when, e.g.  pkgname=('foopkg' 'bar^pkg')
2) The "arch" variable is not sanity checked when the PKGBUILD has
an arch override, but only one output package.
3) https://bugs.archlinux.org/task/40361

Lastly, there's some string changes here which should help to clarify
a few errors emitted in the linting process.

[0] https://github.com/falconindy/pkgbuild-introspection
2014-08-08 13:44:00 +10:00
Dave Reisner
8a02abcf19 makepkg: disallow pkgver/pkgrel/epoch overrides in packages
This is a confusing feature, and no one uses it.
2014-08-08 13:40:00 +10:00
Allan McRae
dce82f9d19 makepkg: skip dependency checking with --verifysource
Dependencies are now handled with --nobuild unless specificially skipped.
Using --verifysource will skip dependency checks unless --syncdeps is
specified.

Fixes FS#35057 and FS#36999.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-04 14:23:58 +10:00
Allan McRae
7e87614665 makepkg: ensure vcs download tool are installed when required
Add an array VCSCLIENTS to makepkg.conf that matches vcs source protocols
to the package containing the software needed for handling the source.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-04 14:23:56 +10:00
Dave Reisner
fbb0945bfb makepkg: improve check and error message for buildfile location
The documentation very clearly states that the buildfile has to be in
$PWD, but the error thrown by makepkg reference some mysterious "build
directory". Simplify this check so that we more directly check that the
file being referred to is in fact in our $PWD. Revise the error message
when the check fails to more plainly point out the problem.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-03 18:46:32 +10:00
Johannes Löthberg
80eca94c8e makepkg: Respect XDG_CONFIG_HOME
Add support for following the XDG Base Directory Specification when
reading the user-specific configuration file.

If no $XDG_CONFIG_HOME/pacman/makepkg.conf file exists we fall back to
sourcing $HOME/.makepkg.conf

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>

[Allan] Note XDG_CONFIG_HOME takes priority.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-08-03 18:46:31 +10:00
Allan McRae
7305768d54 makepkg: handle "epoch=" in PKGBUILD with pkgver function
After resourcing the PKGBUILD in update_pkgver(), set the epoch to 0
if it is empty.  Also adjust the get_full_version function to be more
robust if epoch somehow still is empty.

Fixes FS#41022.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-06-29 17:15:23 +10:00
Allan McRae
537a335cc7 Use C locale for bsdtar calls during package creation
This ensures packages build on a UTF-8 locale system with non-ASCII character
names can be installed on non-UTF-8 systems.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-06-12 12:50:15 +10:00
Johannes Löthberg
9ff6dc93af makepkg: Remove redundant sig generation comment
Remove the comment above the signature generation command as the command
is self explanatory and no longer does what the comment says.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-06-10 14:27:27 +10:00
Andrew DeMaria
235ce32563 makepkg: pass "--nocolor" to pacman
FS#39982.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-25 14:06:58 +10:00
Allan McRae
2401468f51 makepkg: Force buildscripts to be in startdir
We expect all source file to lie in $startdir. However, using
"makepkg -p <buildscript>" can currently allows people to specify buildscripts
in other directories. This results in confusion about where other sources
should lie (in startdir or in the directory that the buildscript is in).
Explicitly disable using -p for files in other directories to avoid this issue.

Fixes FS#40293.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-25 13:53:19 +10:00
Allan McRae
ec01a22f7d Do not check makepkg-wrapper for standard options
Fixes "make distcheck".

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23 16:02:18 +10:00
Thomas Bächler
d39d3b3a09 makepkg: Introduce validpgpkeys array
If validpgpkeys is set in the PKGBUILD, signature checking fails if
the fingerprint of the key used to create the signature is not listed
in the array.

The key's trust value is ignored.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23 15:31:00 +10:00
Thomas Bächler
d174cc8943 makepkg: Treat a signature from an untrusted key as an error
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23 15:31:00 +10:00
Thomas Bächler
34ae6ce4e5 makepkg: Use read to parse status file during signature verification.
Instead of invoking grep multiple times, parse the status file once.

This refactoring also changes the behvaiour when signature verification
fails due to a missing public key: It is now an error instead of a
warning.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-05-23 15:30:54 +10:00
Steven Noonan
6103183253 makepkg: use dash instead of underscore in /usr/lib/debug/.build-id
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-04-21 20:25:02 +10:00
Allan McRae
d8b09e6656 repo-add: declare pkgbase as local 2014-03-27 15:46:07 +10:00
Allan McRae
ee72c016ab Always supply base name and version info in .PKGFILE if needed
Provide pkgbase information for non-split packages with pkgbase set.
Also record the version of the "base" package.  This is useful for
matching package files to source packages.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-27 15:24:22 +10:00
Allan McRae
d8f0c3e5b9 makepkg: sign source packages with --sign
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-27 15:24:11 +10:00
Pierre Neidhardt
912ea363de makepkg: Reorder some entries in usage() and getopts
Signed-off-by: Pierre Neidhardt <ambrevar@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-13 15:45:04 +10:00
Allan McRae
d8ee8d0c99 makepkg: enforce fakeroot usage
Packaging outside of fakeroot can result in incorrect permissions for
package files.  It has been years since fakeroot issues during packaging
were common, so it is safe to enforce fakeroot usage.  If using fakeroot
is impossible for some reason, a two line wrapper script will suffice to
fool makepkg.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-12 13:13:49 +10:00
Allan McRae
61ba5c961e makepkg: Remove --asroot option
The days of fakeroot being error ridden are long gone, so there is no
valid reason to run makepkg as root.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-12 13:13:49 +10:00
Pierre Neidhardt
ce3fbcb18d makepkg: Add a --noarchive option to inhibit archive creation
1. Packagers who want to test the package() function, i.e. to check the content
of the pkg/ folder.

2. Developers who want to check how the packaged version of a program looks, in
other words how the pkg/ folder looks.

3. For users of systems with no port tree, makepkg can ease package creation.
However the resulting archive of the whole makepkg process is often useless.

For all situations, makepkg will usually be called several times. But no archive
(the final package) is needed in any cases. The archive creation ends up being a
waste of time and resource, especially for big applications and slow machines.

Since this option aborts the process prematurely, it behaves like the
-o,--nobuild option, i.e. any other option acting on later stages in the process
will be automatically discarded. For --noarchive, it means that in

  $ makepkg --noarchive --install

the '--install' option does not do anything.

Signed-off-by: Pierre Neidhardt <ambrevar@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-12 13:13:49 +10:00
Pierre Neidhardt
2041586829 makepkg: Comment on install_package() return code
Previously, install_package() return code was either used as exit code or
ignored. This was rather confusing. The return code is now always ignored and a
comment on install_package() has been added.

Signed-off-by: Pierre Neidhardt <ambrevar@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-12 13:13:48 +10:00
Allan McRae
1afddd74a9 Fix install order in scripts Makefile
We need to use install-exec-hook instead of install-data-hook to make sure
the hook is run after the installation of the scripts into $BINDIR.
2014-03-03 20:17:39 +10:00
Thomas Bächler
620d2d9d58 makepkg: Support kernel.org's PGP signature scheme
Files hosted on kernel.org only provide signatures for the uncompressed tarball.
Support this scheme by transparently uncompressing the archives and piping
the data into gpg.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-03 11:25:55 +10:00
Steven Noonan
bf79c02440 makepkg: implement support for stripping kernel modules
I noticed when I built a kernel package with options 'strip' and 'debug' that
the debug package was missing the debug information for the kernel modules.
This patch adds kernel modules to the targets for 'strip' and is compatible
with the split-out debug information packages.

v2: Correct logic error -- did a 'continue' after the 2nd-level case statement
    instead of in the default case.
v3: Oops, forgot to terminate outer case. Ran this version through the test
    suite and all tests passed.

Signed-off-by: Steven Noonan <steven@uplinklabs.net>
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-03 11:25:54 +10:00
Allan McRae
8014dc648f makepkg: remove unneeded "|| true"
makepkg only aborts on errors during PKGBUILD functions so the remaining
"|| true" statements are unneeded.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-02-02 17:37:58 +10:00
Allan McRae
b449878fea makepkg: Fix typo in variable name
It turns out that you should refer to variables by their actual name...
Introduced in commit a521cea9.

FS#38414.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-02-02 17:31:51 +10:00
Rafael Ferreira
236f1795e9 Do not remove source code references in PO/POT files
FS#34240.  This is useful for translators and has little cost to us since
we moved to transifex for translations.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-02-02 16:32:55 +10:00
Lars Gustäbel
47a4741a3c Prevent makepkg creating armored signatures
If the user has "armor" in thier gpg.conf, makepkg will create an
ascii-armored signature. Use --no-armor in the gpg call to avoid.

FS#38503.

Signed-off-by: Allan McRae <allan@archlinux.org>
2014-02-02 16:30:59 +10:00
Allan McRae
7ae25ac67f Consistently use 'directory' instead of 'folder'
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-28 21:37:00 +10:00
Florian Pritz
cd2370754a Remove ts and sw from vim modeline when noet is set
Forcing vim users to view files with a tabstop of 2 seems really
unnecessary when noet is set. I find it much easier to read code with
ts=4 and I dislike having to override the modeline by hand.

Command run:
find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} +

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-28 20:19:25 +10:00
Allan McRae
3bb3b1555a Update copyright years for 2014
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-06 14:38:50 +10:00
Maxime Arthaud
50e9543908 makepkg: fix check for distcc
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-12-21 10:12:53 +10:00
Sébastien Luttringer
76a05e94c1 makepkg: fix consistency of downloaded sources permissions
Running 'makepkg -g' or 'makepkg' to download source files results in
different permissions on the files if the user has a non-default umask.

Put the umask definition at the "beginning" of the makepkg script to
ensure all files generated by makepkg have a 0022 umask.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-12-15 20:09:37 +10:00
Jason St. John
a15fd48016 Improve --help switch output for pacman contrib and pacman scripts
Unify the formatting of the --help switch for pacman utils, if it exists.
All of the pacman utils will now output help text using the following
format:

  util-name (pacman) v<pacman version>

  one line description of util's purpose

  Usage: util-name [options]

    -b, --bar      whatever --bar does
    -f, --foo      whatever --foo does
    -h, --help     display this help message

Reported-by: Karol Błażewicz <karol.blazewicz at gmail.com>
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
2013-11-15 11:02:27 +10:00
Jason St. John
1645dfd3d1 Fix typo in pacman-optimize
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-11-15 11:02:27 +10:00
Jason St. John
230bd5c2fd Fix whitespace and other formatting issues
This commit:
-- replaces space-based indents with tabs per the coding standards
-- removes extraneous whitespace (e.g. extra spaces between function args)
-- adds missing braces for a one-line if statement

Signed-off-by: Jason St. John <jstjohn@purdue.edu>
2013-11-15 11:02:27 +10:00
Allan McRae
5273e38fb2 makepkg: move update_pkgver out of extract_sources
The extract_sources function should be just extracting sources.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-11-15 11:02:27 +10:00
Allan McRae
da8cd388c4 Return zero from extract_file with local source file
The call to bsdtar to check if a file needs extracted returns 1 if it does
not.  We then propegate this return value accidentally which can cause
makepkg to report an error later on.  Explicitly return 0 in this case.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-11-15 11:02:12 +10:00
Allan McRae
fe824f87b9 makepkg: only remove static libraries if they have a shared version
It is fairly common that packages contain static libraries with no
shared counterpart.  These should not be removed with !staticlibs.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-11-08 09:28:02 +10:00
Allan McRae
5c5b28833c makepkg: Allow "static library" to be translated
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-11-01 15:48:03 +10:00
Allan McRae
b82a0d83ce makepkg: do not allow badly formatted arch lines
It appears there are a lot of packages with arch=('i686 x86_64')
floating around.  Quote the arch array when passing as a parameter
to detect such things.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-31 16:20:02 +10:00
Andrew Gregory
a8285350cc makepkg: allow empty source arrays
Necessary for metapackages.

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-31 16:20:02 +10:00