1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-10 19:45:01 -05:00
Commit Graph

881 Commits

Author SHA1 Message Date
Allan McRae
73d0d743bd makepkg: abort on missing download agent
makepkg would not abort on a missing download agent due to the
output variable being declared local on the same line as the
function call in the assignment. That would result in strange output
such as:

==> Retrieving Sources...
==> ERROR: There is no agent set up to handle foo URLs. Check /etc/makepkg.conf.
    Aborting...
  -> Downloading foobaz...
/home/arch/code/pacman/scripts/makepkg: line 401: foo://foobaz: No such file or directory
==> ERROR: Failure while downloading foobaz
    Aborting...

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-08 12:13:32 -06:00
Allan McRae
2b38f4eab7 makepkg: fix missing source file detection
Declaring the variable as local on the same line as the assignment
results in result of the assignment being returned rather than the
result of the function on the righthand side of the assignment.

Declaring the variable as local on a separate line means the result
of the function on the r.h.s. is returned and our error function
will be invoked if necessary  (although it is practically impossible
to ever trigger it...).

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-08 12:03:56 -06:00
Allan McRae
36413aa856 makepkg: simplify source archive generation
Simplify the source tarball generation by unifying the handling of
local and remote files.  This also allows local files to be found
in $SRCDEST (FS#26580) and makepkg will abort on missing local source
files (only possible to trigger in combination with --skipinteg).

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-08 12:03:48 -06:00
Dan McGee
a857b9c8e0 Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-05 17:04:42 -06:00
Dan McGee
c6e1d4ddde Update scripts translation catalog
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-05 17:02:10 -06:00
Timothy Redaelli
5b749eeee9 pacman-key: Add missing quotes
Signed-off-by: Timothy Redaelli <timothy.redaelli@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-23 14:39:12 -06:00
Dan McGee
17e0be9e6a repo-add: enforce maximum .sig file size
This prevents user error in adding a file generated via `gpg --sign`
rather than `--detach-sign`, for example. The same 16KiB limit is used
we use in our pacman download code.

The section is moved above the checksum generation to avoid presenting
info messages to the user if the signature isn't valid.

Addresses a shortcoming pointed out in FS#27453.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-05 10:48:47 -06:00
Dave Reisner
a521cea96f makepkg: avoid using comm for diff'ing package lists
Whereas comm will check inputs to see if they're sorted (and warn when
they aren't), grep doesn't even care about ordering. In this particular
instance -- neither do we. We're only interested that the two lists are
equivalent.

Fixes FS#26580.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-30 22:28:13 -06:00
Dan McGee
f5820c8bd6 Miscellaneous post-4.0.1 updates
Some late-arriving translation updates and add the correct dates to the
index.txt releases table.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-30 22:28:13 -06:00
Dan McGee
507a2d15e6 Final changes before 4.0.1 release
* Add last-minute changes to NEWS
* Don't treat '_' or '_n' special in scripts when finding translatable
  strings; this breaks with one use of `read` and a dummy _ variable

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-20 21:29:46 -06:00
Dave Reisner
b8ef22312b makepkg: trim trailing space from whitespace sensitive vars
This applies to pkgver, pkgrel, and epoch and ensures that any trailing
whitespace outside of the context of the variable declaration itself is
properly trimmed. The Bash parser will ignore this, and so should we.

We don't need to worry about leading space because it would force a
syntax error, or fail validation.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-20 21:17:43 -06:00
Dan McGee
c79c068fe9 Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-16 14:45:25 -06:00
Dan McGee
c0ce10397a Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-13 22:21:02 -06:00
Dan McGee
fcf0a8b203 Updates in preparation for 4.0.1 release
Bump the version, update the translation template files, and fill in
NEWS with relevant commits and changes since 4.0.0.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-13 21:55:52 -06:00
Dave Reisner
42e2f8bfbf makepkg: check for value before using eval'd var
This prevent bsdtar from exploding when install= or changelog= are
present without a value.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-10 09:22:17 -06:00
Allan McRae
e7b56f48d7 makepkg: handle pgp signatures with .sign extension
Detached sgnature files with extension .sign are accepted by gnupg.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-07 09:14:09 -06:00
Dan McGee
4bada45464 pacman-key: add a default keyserver timeout value on --init
The default is supposidely 30 seconds from the gpg manpage, but that
sure wasn't what I was seeing- it was somewhere closer to two minutes of
silence. Add a more reasonable 10 second timeout value which should be
good enough for any keyserver that doesn't totally stink at it's job.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-17 09:42:46 -05:00
Dan McGee
020bdb4298 makepkg: don't attach traps until after argument parsing
Nothing we do in our traps is necessary this early in the script. This
fixes FS#26196.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-14 08:16:06 -05:00
Lukas Fleischer
241946ccea scripts/*.sh.in: Fix signal handler error messages
This includes some fixes to the messages that are displayed when a
signal is caught in makepkg or repo-add:

* Instead of always showing "==> ERROR: TERM signal caught. Exiting...",
  replace "TERM" by whatever signal is actually caught.

* Fix a typo in the SIGERR error message in repo-add ("occurred" instead
  of "occured"). Francois already fixed this for makepkg in 1e51b81c.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 11:20:12 -05:00
Lukas Fleischer
d4c97ea2f6 repo-add: Avoid race condition in signal handlers
There is a small chance that a user sends SIGINT (or any other signal
that is trapped) when we're already in clean_up() which used to lead to
trap_exit() being executed and the remaining code in clean_up() being
skipped due to the bash signal/trap handler blocking EXIT (since its
handler is already being executed, even if it's interrupted).

In practice, this behaviour caused unexpected results (primarily because
pressing ^C at the wrong time left a lock file behind):

    $ ./repo-add extra.db.tar.gz foobar
    ==> Extracting database to a temporary location...
    ^C
    ==> ERROR: Aborted by user! Exiting...
    $ ./repo-add extra.db.tar.gz foobar
    ==> Extracting database to a temporary location...
    ==> ERROR: File 'foobar' not found.
    ==> No packages modified, nothing to do.
    ^C
    ==> ERROR: Aborted by user! Exiting...
    $ ./repo-add extra.db.tar.gz foobar
    ==> ERROR: Failed to acquire lockfile: extra.db.tar.gz.lck.
    ==> ERROR: Held by process 18522

Fix this and reduce the chance of race conditions in signal handlers by:

* Unhooking all traps in both clean_up() and trap_exit().

* Call clean_up() explicitly in trap_exit() to make sure we remove the
  lock file and the temporary directory even if we send SIGINT when
  clean_up() is already being executed but didn't reach the unhook code
  yet.

Also, add an optional parameter to clean_up() to allow for setting an
explicit exit code when we call clean_up() from trap_exit().

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 11:20:03 -05:00
Dan McGee
a0d0f3f47f Final Transifex update before 4.0
We have a few incomplete translations, but these should be addressable
before the 4.0.1 maint release that is surely not that far in the
future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 13:42:12 -05:00
Dan McGee
5a39172835 pacman-key: don't escape single quote in usage message
This screws up gettext and causes the message to display always
untranslated.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-11 09:07:20 -05:00
Dan McGee
8cc4ed0d63 Update translations from Transifex
In prep for the 4.0.0 release.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-11 09:07:19 -05:00
Allan McRae
36f31dd133 makepkg: strip comments after pkgver/pkgrel when checking value
Inline comments after pkgver or pkgrel would cause the sanity
checks to fail so remove them before checking the value.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-10 19:05:22 -05:00
Dan McGee
a8ca9b93f8 Update translation message catalogs in prep for 4.0 release
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:39:05 -05:00
Dan McGee
dc7d691b20 Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:30:14 -05:00
Dan McGee
484d5ec624 pacman-key: treat foo-trusted as an ownertrust export file
This allows it to serve double-duty. In order to allow users to base
verification decisions off of both a valid signature and a trusted
signature, we need to assign some level of owner trust to the keys we
designate as trusted on import.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:00:52 -05:00
Dan McGee
ab7d2890a4 pacman-key: refine and clarify import/import-trustdb behavior
* --import now only imports keys from pubkey.gpg and does not import
  owner trust; if you want to have both simply run the operations in
  sequence.
* --import-trustdb has been simplified; it will overwrite existing
  values in the trust database as before, but there is no need to export
  it first as those values are safe if left untouched.
* Fix the manpage referring to a non-existent option.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 21:55:53 -05:00
lolilolicon
94bc64ae1b makepkg: create tar file for bogus PKGEXT
If PKGEXT is not one of the recognized tar*'s, create_package() would
create an empty package file and fail, since bsdtar on the left side of
the pipe returns 141 on SIGPIPE (broken pipe).

This patch changes the behavior for an invalid PKGEXT. A warning is
printed on stderr, and a tar file is created. Also retire the obsolete
$EXT variable.

Add the obligatory comment why we don't use bsdtar's compression.
Finally, fix mixed-tab-space indentation.

Signed-off-by: lolilolicon <lolilolicon@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-10-03 10:59:10 -05:00
lolilolicon
b0543440ca makepkg: support .tar.Z source packages creation
SRCEXT should allow whatever PKGEXT does.
Also address an uninitialized use of $ret.

Signed-off-by: lolilolicon <lolilolicon@gmail.com>
2011-09-30 10:57:44 -05:00
Dave Reisner
938fb2c878 pacman-key: remove errexit flag from shebang
We're ill equipped to be using this flag as we don't trap and respond to
the ERR signal. The result is that if is ever tripped, pacman-key will
instantly exit with no indication of why. At the same time, we're
already fairly good about doing our own error checking and verbalizing
it before dying.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 10:48:28 -05:00
Allan McRae
07ecd40a1a pacman-key: return 0 from get_from if default value used
This prevents the error trap being set off when GPGDir is commented
in pacman.conf.  Bug introduced in 507b01b9.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 10:48:19 -05:00
lolilolicon
775b94e649 pkgdelta: proper quoting in [[ expression ]]
Always quote the right-hand side of expression when the == or != operator
is used, unless intended as a pattern.

Signed-off-by: lolilolicon <lolilolicon@gmail.com>
2011-09-28 14:09:01 -05:00
lolilolicon
497501d1c7 makepkg: proper quoting in [[ expression ]]
Always quote the righthand side of expression when the == or != operator
is used, unless intended as a pattern.  Quoting bash(1):

When the == and != operators are used, the string to the right of the
operator is considered a pattern.  Any part of the pattern may be quoted
to force it to be matched as a string.

Signed-off-by: lolilolicon <lolilolicon@gmail.com>
2011-09-28 13:06:03 -05:00
Dave Reisner
619c3629ca makepkg: ensure '-' is last in a character glob
If '-' isn't the last item, it's interpreted as a range and not
literally, causing problematic behavior in parsing optdepends.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-27 11:35:17 -04:00
Dan McGee
e70d540501 pacman-key: use consistent punctuation in error messages
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:17:11 -05:00
Dave Reisner
507b01b912 pacman-key: allow get_from to return a default value
Keep the non-zero return val to let the caller know that the key wasn't
found.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Dave Reisner
b6ccae2d18 pacman-key: simplify writing to config file
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Allan McRae
dd82b8d09f makepkg: normalize whitespace for optdepends in .PKGINFO
Many PKGBUILDs use formatting whitespace when specifying optdepends.
This is removed when adding a package to a repo-database so the
output of "pacman -Si <package>" and "pacman -Qip <package file>"
becomes inconsistent.  Instead, do the adjustment when creating
the .PKGINFO file.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Allan McRae
6adf502f0d makepkg: allow versioned optdepends with epoch
Allow the specification of versioned optdepends with an epoch.
This also (partially) enforces a whitespace between ":" and the
description which is required for the future optdepends parsing
code.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Dan McGee
43787d0067 Regenerate message catalogs and translations
We've had a bit of churn since the last time this was done.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:36:09 -05:00
Dan McGee
a78e3e3a23 Translation file updates from Transifex
Pick up any updates before I push new source messages out to the
service.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:35:31 -05:00
Dan McGee
1df9b2aa79 pacman-key: add an additional plain text 'foo-trusted' file
This is similar to the 'foo-revoked' file we had. This will be used to
inform the user what keys in the shipped keyring need to be explicitly
trusted by the user.

A distro such as Arch will likely have 3-4 master keys listed in this
trusted file, but an additional 25 developer keys present in the keyring
that the user shouldn't have to directly sign.

We use this list to prompt the user to sign the keys locally. If the key
is already signed locally gpg will print a bit of junk but will continue
without pestering the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
067721cbff pacman-key: factor out validate_with_gpg() method
This was copy-pasted code for the most part once the filename was
factored out.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
33685b960d pacman-key: remove holdkeys functionality
We're putting the cart ahead of the horse a bit here. Given that our
keyring is not one where everything is implicitly trusted (ala gpgv),
keeping or deleting a key has no bearing on its trusted status, only
whether we can actually verify things signed by said key.

If we need to address this down the road, we can find a solution that
works for the problem at hand rather than trying to solve it now before
signing is even widespread.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
595e1a437f pacman-key: implement promptless lsigning
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
7d961c849b pacman-key: disable, don't remove, revoked keys
Unlike our protégé apt-key, removing a key from our keyring is not
sufficient to prevent it from being trusted or used for verification. We
are better off flagging it as disabled and leaving it in the keyring so
it cannot be reimported or fetched at a later date from a keyserver and
continue to be used.

Implement the logic to disable the key instead of delete it, figuring
out --command-fd in the process.

Note that the surefire way to disable a key involves including said key
in the keyring package, such that it is both in foobar.gpg and
foobar-revoked.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:39 -05:00
Dan McGee
213950afa3 pacman-key: simplify import in populate
This finishes the cleanup started in 710e83999b. We can do a straight
import from another keyring rather than all the funky parsing and piping
business we were doing.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
491b656c54 pacman-key: don't hide --verify details in populate
Otherwise we're hiding extremely relevant bits like this one:
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
03e1b4caa9 pacman-key: print message in populate if signature is missing
Rather than saying it was invalid, tell the user no signature exists.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00