Andrew Gregory [Fri, 9 Aug 2013 13:15:40 +0000 (09:15 -0400)]
conflict.c: fix directory ownership check
* append "/" to directories before searching package file lists
* use lstat over stat so symlinks aren't resolved
* fix the inverted check for stat's return value
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Allan McRae [Mon, 15 Jul 2013 04:14:46 +0000 (14:14 +1000)]
Do not refer to FlySpray numbers
These references to bug numbers assume we will forever be using that bug
tracker. It is better to properly comment the code instead (which was
done in almost all cases anyway).
Andrew Gregory [Fri, 2 Aug 2013 12:29:03 +0000 (08:29 -0400)]
ini.c: give recursion limit file scope
The recursion limit is an artificial limitation imposed to prevent
memory exhaustion in a recursive function. Giving it file-level scope
increases its visibility.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Andrew Gregory [Mon, 22 Jul 2013 06:46:48 +0000 (02:46 -0400)]
conf.c: move section handling out of _parseconfig
_parseconfig now tracks the current section name directly so that the
name stored in the section struct is just a pointer to the one stored by
_parseconfig.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Andrew Gregory [Mon, 29 Jul 2013 18:57:59 +0000 (14:57 -0400)]
provide default values for test scripts
Our test scripts currently require that the first argument be the
library or binary to be tested. This makes integrating them with
automake which doesn't have a mechanism for passing specific arguments
to individual tests. Instead, provide a default built from paths in the
environment which can be provided to all test scripts by automake.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Andrew Gregory [Mon, 29 Jul 2013 19:22:07 +0000 (15:22 -0400)]
convert pactest to TAP output
Each test produces a single TAP result with the rules run in a sub-test.
This reduces output when run under automake and makes it possible to
continue setting expectfailure at the test level rather than per-rule.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Allan McRae [Sun, 21 Jul 2013 06:48:31 +0000 (16:48 +1000)]
Report missing directory if we can not initialise alpm library
When pacman failed to initialise the alpm library due to the database
directory being missing (either via the root not existing or the database
directory itself not existing), it just printed the non-informative
message "could not find or read directory". Add the directory
information the the error output. E.g.:
error: failed to initialize alpm library
(could not find or read directory: /this/does/not/exist/var/lib/pacman/)
Allan McRae [Sun, 21 Jul 2013 06:38:17 +0000 (16:38 +1000)]
Remove setlocale usage from the backend
Using setlocale in the backend is bound to lead to frontend issues
and we have have been using epoch in our databases since April 2007
(commit 47622eef). Remove support for old style times.
Allan McRae [Sun, 21 Jul 2013 06:10:25 +0000 (16:10 +1000)]
Warn when directory ownership differs between filesystem and package
We currently only warn if a directory's permissions differ, but using -Qkk
on my system shows that directory permissions tend to change in packages
reasonably frequently without notice. Provide a warning in such cases
so that it can be altered. Example output:
Allan McRae [Sun, 21 Jul 2013 05:38:24 +0000 (15:38 +1000)]
Only note backup file changes with -Qkk
Backup files are expected to be changed and should not be flagged by -Qkk.
Note changed back-up files in -Qkk but do not count them as altered. Do
not report backup files in -Qqkk.
Jonathan Frazier [Thu, 18 Jul 2013 22:05:58 +0000 (18:05 -0400)]
pacdiff: provide an --output option to show any .pac* files
This is an option to just echo's the pacnews/pacsaves instead of merging
or removing them. This can be used to check the config status such as in
a cron job without modifying the system.
Signed-off-by: Jonathan Frazier <eyeswide@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Jonathan Frazier [Thu, 18 Jul 2013 21:12:32 +0000 (17:12 -0400)]
pacdiff: improve speed, accuracy finding active configs using pacmandb
This is a new search type, using -p or --pacmandb options. It reads
config file locations directly from the local pacman db. It will find
active configs anywhere they are defined in installed packages. It is
not dependant on outside configs such as updatedb.conf or scanning a
large set of directories for find.
This will find more pacnews than find when searching with the current
default of /etc, and it is faster than both find and updatedb when
searching the entire fs. When run directly after an update, the local db
is more likely to be cached than all files in /etc or / as other methods
read. This will increase performance further post upgrade.
After a package is removed and a pacsave is created, this method will
not find these pacsaves until the base config is added to the local db
again. These files have no influence in a working system and only take
up a few blocks of disk space.
Active configs need to be dealt with immediately to keep a system
working. pacsaves related to removed configs can remain for weeks or
months without problems. I would recommend occasionally running other
methods such as --locate to remove them.
Signed-off-by: Jonathan Frazier <eyeswide@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Jonathan Frazier [Tue, 16 Jul 2013 16:38:15 +0000 (12:38 -0400)]
pacdiff: rework search type handling, add --find option
Change cmd tests to if (( USE_FIND ))... as it is cleaner. All search
cmds have an option and a variable initialized to zero. The active option
should be set to 1. Add a switch to exclude multiple search options.
set the default when all are equal to zero.
Signed-off-by: Jonathan Frazier <eyeswide@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Allan McRae [Wed, 26 Jun 2013 04:37:53 +0000 (14:37 +1000)]
Patch ltmain on autoreconf
We used to carry a patched version of ltmain in our repos to fix libtools
issues with -Wl,-as-needed. Now that ltmain is "generated" by autoreconf,
we manually patch it afterwards.
Dave Reisner [Sun, 7 Jul 2013 23:52:13 +0000 (19:52 -0400)]
be_sync: avoid crashing on files in the root of a DB
If a sync DB is malformed and contains entries in the root of the
archive, load_pkg_for_entry will leave the 'filename' variable empty,
leading to a crash in the ensuing strcmp() calls which determine the DB
fragment being examined.
While this isn't a read error, this should be reported to the user so
that it can be addressed by the creator of the DB.
As seen: https://bbs.archlinux.org/viewtopic.php?pid=1297766
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Dave Reisner [Thu, 4 Jul 2013 00:33:19 +0000 (20:33 -0400)]
do not check error from close(2)
On operating systems we support, the behavior is always such that the
kernel will do the right thing as far as invalidating the file
descriptor, regardless of the eventual return value. Therefore,
potentially looping and calling close multiple times is wrong.
At best, we call close again on an invalid FD and throw a spurious EBADF
error. At worst, we might close an FD which doesn't belong to us when a
multi-threaded application opens its own file descriptor between
iterations of the loop.
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
Andrew Gregory [Wed, 19 Jun 2013 05:23:20 +0000 (01:23 -0400)]
query_fileowner: resolve trailing . or .. in paths
The full path needs to resolved any time it ends with "." or "..", not
just when those are the entire path. This allows strange-but-valid
paths such as: "/home/." to be queried.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Enable inverted patterns in NoExtract and NoUpgrade.
It is now possible to invert patterns in NoExtract and NoUpgrade.
This feature allows users to whitelist certain files that were
previously blacklisted by another entry.
Andrew Gregory [Sat, 18 May 2013 19:53:32 +0000 (15:53 -0400)]
deps.c: check for indirect deps when ordering
On upgrades, indirect dependencies were not being detected if there was
a dependency in between them that was not part of the transaction. For
example, with the dependency chain: pkg1 -> pkg2 -> pkg3, if pkg1 and
pkg3 are being upgraded but not pkg2 pacman would not order pkg1 and
pkg3 properly.
This was particularly problematic when replacements were involved
because the replaced package(s) would be removed at the start of the
transaction. If an install script required the replacer and lacked
a direct dependency, it could fail.
Fixes FS#32764.
Partially fixes FS#23011.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Karol Blazewicz [Mon, 17 Jun 2013 21:48:38 +0000 (23:48 +0200)]
pacscripts: don't read the whole package from cache
'-q' means "Exit as soon as each specified pattern or filename has
been matched." There is no reason to keep reading the whole package
from the cache when the install script has already been printed to
stdout.
Signed-off-by: Karol Błażewicz <karol.blazewicz at gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Phillip Smith [Mon, 3 Jun 2013 05:05:10 +0000 (15:05 +1000)]
repo-add; add option to remove existing package files from disk
When maintaining a custom repo, often it is undesirable to retain older
versions of packages. This patch adds the --remove option to remove the
current package file and it's signature from disk before adding the new
one to the database. Documentation is also updated. This is an optional
flag and default behaviour (leaving ondisk files alone) is not changed.
Signed-off-by: Phillip Smith <fukawi2@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Andrew Gregory [Mon, 3 Jun 2013 03:45:05 +0000 (23:45 -0400)]
die if '-' is given with empty stdin
Several operations default to all packages/repos/etc if no targets are
provided. If a user provides '-' they almost certainly expect there to
be targets on stdin and will be surprised if pacman falls back to the
default because there are none.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
We should only disable this specific keyid. This change enforces that the
contents of the -revoked keyring file are full fingerprints which can uniquely
identify a key.
Partially addresses FS#35478. This does nothing to confirm whether or not the
key was successfully disabled -- a ridiculously simple request which appears to
be far too difficult for gpg to manage.
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
Simon Gomizelj [Wed, 22 May 2013 04:43:11 +0000 (00:43 -0400)]
validate %FILEPATH% when parsing repo dbs
Currently we make no effort to validate the %FILENAME% field in the
repo db. This allows for relative paths to be considered valid.
A carefully crafted db entry with a malicious relative path,
(e.g. `../../../../etc/passwd`) will cause pacman to to
overwrite _any_ file on the target's machine.
Add the following validation:
- doesn't start with '.'
- doesn't contain a '/'
- won't overflow PATH_MAX
Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Allan McRae [Tue, 4 Jun 2013 03:38:48 +0000 (13:38 +1000)]
Restrict pkgname from starting with a dot.
Adding this restriction means we can filter any FILENAME entry from
starting with a "/" or a ".". Use the term "dot" as it is more
computing relevant compared to "full stop" or "period" which vary
depending on English locale.
Andrew Gregory [Sat, 13 Apr 2013 02:26:14 +0000 (22:26 -0400)]
improve dir->file transition conflict resolution
Packages removed due to conflicts are always removed at the beginning of
the transaction and as such can be included in the check for whether all
owners of a directory will be removed in a transaction. Installed
versions of packages being upgraded, other than the one with the
conflict, cannot be used because our transaction ordering is not
intelligent enough to ensure that they are removed prior to the
installation of the conflicted package.
Also, return false from dir_belongsto_pkgs on errors. Previously, we
simply continued which could return true even if we were unable to
actually establish that the package owned the entire tree.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Andrew Gregory [Fri, 10 May 2013 20:44:33 +0000 (16:44 -0400)]
conflict.c: exclude trailing slash from file path
After the initial checks, we either use the path as a directory and have
to append the trailing slash anyway or use it as a file in which case
the trailing slash should be excluded.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Jason St. John [Wed, 29 May 2013 12:03:29 +0000 (14:03 +0200)]
Revise pacman(8)
Resolve several grammatical errors and minor formatting consistency issues
in pacman(8). Generalize the "FTP servers" and package file extension
information.
Signed-off-by: Jason St. John <jstjohn@purdue.edu> Signed-off-by: Allan McRae <allan@archlinux.org>