1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-12-23 08:18:51 -05:00
Commit Graph

431 Commits

Author SHA1 Message Date
Dan McGee
4ca6590af5 Merge branch 'maint'
Conflicts:
	lib/libalpm/signing.c
	lib/libalpm/sync.c
2012-04-07 11:23:55 -05:00
Dan McGee
b752561a52 4.0.3 release NEWS, version bumps, etc.
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07 11:04:00 -05:00
Dan McGee
e6f72c61a0 Merge branch 'maint'
Conflicts:
	lib/libalpm/sync.c
2012-03-16 12:08:10 -05:00
Dan McGee
ff58e5cb2d Add 3.0.x versions to doc/index.txt
These got lost when I switched to the new Asciidoc tables syntax in
commit 1ebe5dc197.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-12 21:16:14 -05:00
Dan McGee
8de0631edb Merge branch 'maint'
Conflicts:
	lib/libalpm/be_package.c
2012-03-08 18:08:15 -06:00
Christian Hesse
09a93b2e0e makepkg: allow specifying compression options
Adds the ability to override the commands used to compressing
compiled and source packages.  This is useful for those wanting
to use alternative implementations of the compression tools or
non-default compression options.

Allan: documented options in man page

Signed-off-by: Allan McRae <allan@archlinux.org>
2012-03-08 17:28:36 -06:00
Pierre Schmitz
1fe6cabc4d pacman-key: Remove useless signature verification in --populate command
Verifing the keyring at this point is useless as a malicious package is already
installed and as such has several options to bypass this check anyway.

Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-05 11:57:30 -06:00
Dan McGee
3849c3aec1 Merge branch 'maint'
Conflicts:
	contrib/pacsysclean.in
	src/pacman/conf.h
2012-02-20 17:00:26 -06:00
Dan McGee
85712814cd Revert "Add -S --recursive operation"
This reverts commit f3fa77bcf1 along with
making other necessary changes to fully back this (mis)feature out until
we can do it correctly.

The quick summary here is this was not implemented correctly; provides
are not fully taken into account in this logic, and making that happen
exposes a lot of other flaws in this code that are covered up later on
in the dependency resolving process by several other pieces of
convoluted and conditional logic.

Tests have been adjusted accordingly. Some test EXISTS conditions have
been removed as we already know the package is installed locally, and we
also are checking the VERSION condition anyway.

With these two related revert commits, we do have some changes in test
pass/fail results:

* upgrade078.py: does not pass, this is due to --recursive getting
  removed for -U/-S operations after this commit.
* sync302.py: the version checks have been disabled, so this test
  continues to pass but has been scaled back in scope.
* sync303.py: now passes, was failing before.
* sync304.py: still failing, was failing before.
* sync305.py: now passes, was failing before.
* sync306.py: still passes, was passing before.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-15 15:58:07 -06:00
Dan McGee
c7321a7b80 Merge branch 'maint'
Conflicts:
	lib/libalpm/sync.c
	src/util/pactree.c
2012-02-13 10:14:06 -06:00
Dan McGee
e7bc1e3c9a 4.0.2 release updates
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-11 15:24:35 -06:00
Dan McGee
4f54bde439 Merge branch 'maint'
Conflicts:
	scripts/makepkg.sh.in
2012-01-30 22:00:26 -06:00
Dan McGee
5c2928aa25 Make a few more copyright date tweaks
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-30 21:43:23 -06:00
Dan McGee
e50c4a8837 Merge branch 'maint'
Conflicts:
	lib/libalpm/diskspace.c
	src/pacman/util.h
2012-01-23 12:20:52 -06:00
Dan McGee
b3612e9cc1 Allow UseDelta option to specify a delta ratio
Rework the frontend and backend to allow passing a ratio value in for
UseDelta rather than having a hardcoded #define-d 0.7 value always used.
This is useful for those with fast connections, who would likely benefit
from tuning this ratio to lower values; it is also useful for general
testing purposes.

The libalpm API changes for this, but we do support the old config file
format with a no-value 'UseDelta' option; in this case we simply use the
old default of 0.7.

We clamp the ratio values to a sane range between 0.0 and 2.0, allowing
ratios above 1.0 for testing purposes.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18 22:10:06 -06:00
Dan McGee
be229d129e Don't remove unknown files in cache cleaning code
This removes the hack I added to skip '*.sig' files earlier since there
are other files that also fall into the same bucket- source packages
from `makepkg --source`, delta files, etc. Rather than prompting for
each and every one, simply skip them. Doing '-Scc' rather than '-Sc'
will delete these files if that is really what you want to do.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18 12:15:11 -06:00
Dan McGee
e8a2c25456 doc/vercmp: add note about pkgrel handling
This comes from the Doxygen function documentation. Also, fix two rather
silly misspellings.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-12 17:30:08 -06:00
Dan McGee
6513b0ba59 Merge branch 'maint'
Conflicts:
	doc/Makefile.am
2012-01-02 19:44:00 -06:00
Allan McRae
6507fd6bf0 Prevent rebuild of man pages when using release tarballs
Commit 43cad9c8 made the building of all docs depend on the Makefile.
However, the Makefile is generated after running ./configure so is
always newer than any pregenerated docs.  This means that people
building from released pacman tarballs are forced to rebuild the
docs (and thus have asciidoc installed).  That defeats the purpose
of prebuilding the documentation.  Have the documentatin depends on
Makefile.am instead as this is probably what was intended.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-02 19:15:58 -06:00
Allan McRae
1b46137426 makepkg: Use SKIP in checksum to skip integrity check
Using the value of "SKIP" in the checksum array will cause that
integrity check to be skipped.  This makes building packages that
rely on user configurable sources less painful.

Based-on-patch-by: Dan McGee <dan@archlinux.org>
Based-on-patch-by: David Campbell <davekong@archlinux.us>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-28 22:27:02 -06:00
Dan McGee
781af8f91b Use automake verbose helpers in custom make rules
This converts our script generation to use the built-in AM_V_GEN macro,
which honors the V= setting passed to make and allows one to see the
full command if they truly desire. The AM_V_at macro is also used in
place of an explicit @ so verbose-mode compiles show all commands being
run.

We can also use these two macros in doc generation to quiet it down to
the level we expect.

Other minor changes:
* a pointless test call is removed in test/pacman/tests/
* sed is used instead of dos2unix as we depend on it anyway
* consecutive chmod calls are reduced to a single call (e.g., '+x,a-x')

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-08 09:17:39 -06:00
Dan McGee
1d98c6347c Merge branch 'maint' 2011-11-30 22:34:25 -06:00
Dave Reisner
5490cd6eb2 makepkg.5: fix typo s/tar,bz2/tar.bz2/
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-30 22:30:22 -06:00
Dan McGee
f5820c8bd6 Miscellaneous post-4.0.1 updates
Some late-arriving translation updates and add the correct dates to the
index.txt releases table.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-30 22:28:13 -06:00
Phillip Smith
5ba8b83b8b makepkg: add support for PACKAGER environment var
Add support for overriding configuration in /etc/makepkg.conf and
~/.makepkg.conf by setting the environment variable PACKAGER similar to
how SRCDEST and PKGDEST behave.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-11-20 21:36:30 -06:00
Dan McGee
919b604c29 Merge branch 'maint' 2011-11-16 14:51:17 -06:00
Allan McRae
37ff0f5658 Update documentation regarding signature extensions
Commit e7b56f48 allowed makepkg to handle pgp signatures with the
.sign extension.  Update the man page to reflect this.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-15 08:17:08 -06:00
Dave Reisner
10241a6d76 add fnmatch support for HoldPkg
Adds test remove031.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-11-13 14:19:16 -05:00
Dave Reisner
902305f163 add support for back end fnmatch'd options
This is work originally provided by Sascha Kruse on FS#20360 with only
minor adjustments to the implementation. It's been expanded to cover:
NoUpgrade, NoExtract, IgnorePkg, IgnoreGroup.

Adds tests ignore008, sync139, sync502, and sync503.

Also satisfies FS#18988.

Original-work-by: Sascha Kruse <knopwob@googlemail.com>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-11-13 14:19:00 -05:00
Dan McGee
a33424f879 Merge branch 'maint' 2011-10-14 08:16:18 -05:00
Dan McGee
0d2600c575 Remove -f short option for --force
This is not something that should be used on a frequent basis, and
giving it a short option encourages use without making the drawbacks
obvious. For the 1% of situations that require it, the 5 extra
keystrokes are a fair price to pay.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-14 08:13:38 -05:00
Dan McGee
1ebe5dc197 doc/index.txt: Reformat past releases chart
This makes it a three-column deal with releases all the way back to 1.0.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 14:54:49 -05:00
Dan McGee
43cad9c871 doc: update .gitignore, add CSS override for new tables usage
* Make all docs depend on Makefile; if we change flags here we want them
  rebuilt.
* Add explicit filenames to .gitignore so we can add our own CSS
  override file, and add an asciidoc-override.css resource.
* Adjust a few asciidoc options when generating HTML.
* Remove asciidoc-manpage.css; apparantly this doesn't exist anymore.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 14:53:52 -05:00
Allan McRae
d9c0a08e6d Document verifying source file signatures in makepkg
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-11 09:07:20 -05:00
Allan McRae
8ac7cf6b1b Fix typo in PKGBUILD man page
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-11 09:07:20 -05:00
Dan McGee
484d5ec624 pacman-key: treat foo-trusted as an ownertrust export file
This allows it to serve double-duty. In order to allow users to base
verification decisions off of both a valid signature and a trusted
signature, we need to assign some level of owner trust to the keys we
designate as trusted on import.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:00:52 -05:00
Dan McGee
ab7d2890a4 pacman-key: refine and clarify import/import-trustdb behavior
* --import now only imports keys from pubkey.gpg and does not import
  owner trust; if you want to have both simply run the operations in
  sequence.
* --import-trustdb has been simplified; it will overwrite existing
  values in the trust database as before, but there is no need to export
  it first as those values are safe if left untouched.
* Fix the manpage referring to a non-existent option.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 21:55:53 -05:00
Dan McGee
2517ba3303 Update Doxyfile and fix some documentation errors caught by Doxygen
A few parameters were outdated or wrongly named, and a few things were
explicitly linked that Doxygen wasn't able to resolve.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:37:36 -05:00
Dan McGee
1df9b2aa79 pacman-key: add an additional plain text 'foo-trusted' file
This is similar to the 'foo-revoked' file we had. This will be used to
inform the user what keys in the shipped keyring need to be explicitly
trusted by the user.

A distro such as Arch will likely have 3-4 master keys listed in this
trusted file, but an additional 25 developer keys present in the keyring
that the user shouldn't have to directly sign.

We use this list to prompt the user to sign the keys locally. If the key
is already signed locally gpg will print a bit of junk but will continue
without pestering the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
33685b960d pacman-key: remove holdkeys functionality
We're putting the cart ahead of the horse a bit here. Given that our
keyring is not one where everything is implicitly trusted (ala gpgv),
keeping or deleting a key has no bearing on its trusted status, only
whether we can actually verify things signed by said key.

If we need to address this down the road, we can find a solution that
works for the problem at hand rather than trying to solve it now before
signing is even widespread.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dave Reisner
68856755c4 buildsys: remove existing symlinks before installing
This fixes build errors when performing a manual install straight to a
filesystem where the files already exist.

Reported-by: Sergej Pupykin <ml@sergej.pp.ru>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-14 17:18:07 -05:00
Dan McGee
16fd66f879 pacman-key: add --refresh-keys operation
This allows new signatures to be pulled, revocations to be found, etc.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:44:04 -05:00
Dan McGee
d9545103b9 pacman-key: split keyserver to a separate option
This also renames '--receive' to '-recv-keys' to match the wrapped gpg
option name, rather than invent a new one, now that the calling
convention is the same.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:43:03 -05:00
Dan McGee
5a9b07b0e7 pacman-key help and documentation cleanup
We were using the mystical [<foobar>] options which is some sort of
cross between a <required> argument and an [optional] one. Remove this
madness and do some other general cleanup/consistency work in the
manpage.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:41:40 -05:00
Dan McGee
24f4f9822f doc: consistency when referencing other options
Use '\--option' rather than `--option` everywhere.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:41:40 -05:00
Dan McGee
3c3ee6796a pacman-key: document --lsign-key
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:41:40 -05:00
Allan McRae
e1b9f7b300 pacman-key: rework and document holding keys in keyring
The HoldKey option was undocumented and was not suited for pacman.conf.
Instead use the file "/etc/pacman.d/gnupg/heldkeys" to contain a list
of keys not to be removed from the pacman keyring with the --populate
option.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-08-29 11:55:23 +10:00
Allan McRae
29dede2eb7 pacman-key: Improve documentation for --populate
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-08-29 11:55:23 +10:00
Allan McRae
d1240f67ea pacman-key: rework importing distro/repo provided keyrings
The current --reload option, apart from being non-clear in its naming,
is very limited in that only one keyring can be provided.  A distribution
may want to provide multiple keyrings for various subsets of its
organisation or custom repo providers may also want to provide a keyring.

This patch adds a --populate option that reads keyrings from (by default)
/usr/share/pacman/keyrings.  A keyring is named foo.gpg, with optional
foo-revoked file providing a list of revoked key ids.  These files are
required to be signed (detached) by a key trusted by pacman-key, in
practice probably by the key that signed the package providing these
files. The --populate flag either updates the pacman keyring using all
keyrings in the directory or individual keyrings can be specified.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-08-29 11:55:22 +10:00
Dan McGee
30d978a966 vercmp: ensure 2.0a and 2.0.a do not compare equal
We had this interesting set of facts conundrum, according to vercmp
return values:
    2.0a <  2.0
    2.0  <  2.0.a
    2.0a == 2.0.a

This introduces a code change that ensures '2.0a < 2.0.a' as would be
expected by the first two comparisons. Unfortunately this stays us a bit
further from upstream RPM code, but those are the breaks (in RPM, the
versions involving 'a' do in fact compare the same, but they are both
greater than the bare '2.0').

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-23 01:49:29 -05:00