summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-04-12libalpm: Use archive_read_extract2Armin K1-1/+15
archive_read_extract() forces resolution of uid/gid to names when extracting the tarball. This can lead to wrong file ownership when using pacman with -r option and when uid/gid differ in the host and in the chroot. archive_read_extract2() uses uid's and gid's only. See also: https://lists.archlinux.org/pipermail/pacman-dev/2017-March/021912.html Signed-off-by: Armin K <krejzi@email.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-04-04Replace @SIZECMD@ with POSIX-compatible commandDrew DeVault3-10/+5
Now uses wc -c $file | cut -d' ' -f1, which works using only POSIX commands and removes the need for any platform-specific usages. Signed-off-by: Drew DeVault <sir@cmpwn.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-04-04parse stdin as newline-separatedAndrew Gregory1-32/+23
Newline-separated input is more reliable because most of the arguments we accept over stdin can validly contain spaces but not newlines. Resolves FS#52992 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-04-04add alpm_list_append_strdupAndrew Gregory2-0/+21
Makes error detection and handling easier for a common operation. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-04-04pactest: add --review optionAndrew Gregory1-1/+40
Opens the test file(s), test output, and any log files in the test environment in an editor after the tests run for review. Simplifies debugging tests by avoiding the need to use --keep-root and manually opening the relevant files. The editor used can be set with --editor or $EDITOR, falling back to vim. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-04-04Ignore comments in INSTALL files (FS#51916)Michael Straube1-0/+4
If a comment in an INSTALL file contains the name of a valid INSTALL file function but the function itself is not present, pacman tries to execute that function. That leads to an error. Ignore comments in the grep function in libalpm/trans.c to avoid such errors. Signed-off-by: Michael Straube <straubem@gmx.de> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-13Introduce a 'disable-download-timeout' optionChristian Hesse9-3/+38
Add command line option ('--disable-download-timeout') and config file option ('DisableDownloadTimeout') to disable defaults for low speed limit and timeout on downloads. Use this if you have issues downloading files with proxy and/or security gateway. Signed-off-by: Christian Hesse <mail@eworm.de> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04alpm_fetch_pkgurl: fix memory leakAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Fix memory leak in alpm_pkg_checkmd5sumAllan McRae1-3/+3
Also remove redundant additional return path. Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Suppress valgrind error in fakechrootRikard Falkeborn1-1/+3
This was spotted on Arch Linux, most likely it was introduced when fakechroot was updated to 2.19-1. Valgrind suggests to add the following suppression, which can be tweaked to fit an already existing one. { <insert_a_suppression_name_here> Memcheck:Leak match-leak-kinds: reachable fun:calloc obj:/usr/lib/libdl-2.24.so fun:dlsym obj:/usr/lib/libfakeroot/fakechroot/libfakechroot.so fun:bindtextdomain obj:/usr/lib/libgpg-error.so.0.20.0 fun:call_init.part.0 fun:_dl_init obj:/usr/lib/ld-2.24.so obj:* obj:* obj:* } Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Provide source files for useful debug packagesAllan McRae1-2/+21
Debug packages are fairly useless currently because the soucre files needed for stepping through code etc are not packaged with them. This patch adds the needed source files to the debug package and adjusts the debug info to look at the /usr/src/debug/ directory for them rather than the build location. This requires using the "debugedit" program which is provided as part of the RPM sources. Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Document the new query parameter for VCS sourcesEli Schwartz1-5/+10
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04makepkg: Verify git signaturesEli Schwartz3-12/+79
A git repository is marked as signed if it contains the query "signed" as defined by https://tools.ietf.org/html/rfc3986 Adds two utility functions in util/source.sh.in to extract fragments and queries, and modifies source/git.sh.in to use them. Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04libmakepkg/integrity: Verify file signatures in a separate functionEli Schwartz1-38/+46
This makes it easier to add signature verification for new protos. Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Add alpm_pkg_get_makedepends and alpm_pkg_get_checkdependsMark Weiman4-2/+38
makepkg adds makedepends and checkdepends to a package's .PKGINFO file. Add functions that allow use of these from libalpm. Signed-off-by: Mark Weiman <mark.weiman@markzz.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04filelist_sort: check if filelist is presortedAndrew Gregory1-2/+9
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04add _alpm_filelist_sortAndrew Gregory5-9/+11
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04repo-add: sort file list entriesAndrew Gregory1-1/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04makepkg: sort package contentsAndrew Gregory1-12/+12
By passing a NUL-separated filelist, this also fixes a bug where files that look like bsdtar options in the package root could break the package ("-C" was particularly troublesome because bsdtar interprets it as an option anywhere in the file list, even following "--"). Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04find_fileconflicts: rename tmpfiles -> newfilesAndrew Gregory1-6/+6
The files belong to the new version of a package being installed, they are not temporary in any way. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04conflict: skip dir children when replacing a fileAndrew Gregory3-1/+34
When replacing a file with a directory, any files under that directory do not need to be checked for conflicts. This prevents possible false-positive conflicts where the file being replaced is a symlink. We were already skipping the directory children when the file was owned by the previous version of a package being upgraded. This extends that to other packages being removed. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04ini: only recognize comments at beginning of lineAndrew Gregory1-7/+2
Allows the hash sign to be used in values in config files and hooks. Fixes #48702 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04dload: s/CURLOPT_WRITEHEADER/CURLOPT_HEADERDATA/Dave Reisner1-1/+1
The former is really old, and should be avoided. Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04pacman: ensure linkage against libarchiveDave Reisner1-1/+4
Fixes build on ubuntu/debian platforms. Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04configure.ac: Use POSIX compatible equality checksDave Reisner1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04makepkg: warn about dotfiles in package rootAndrew Gregory3-0/+40
libalpm reserves paths starting with '.' for its own use and will not extract any other than those it recognizes. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04extract db files with dbonlyAndrew Gregory3-51/+78
Some database files (install, mtree, and changelog) are extracted directly from the package, but DBONLY was skipping extraction altogether, causing those files to be missing after the transaction. Fixes #52052 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Update copyright yearsAllan McRae147-153/+153
Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Fix documentation of -DqAllan McRae1-2/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04makepkg: Disallow forward slashes in pkgverSteef Hegeman2-3/+3
scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in now raises an error when pkgver contains forward slashes. pkgver containing a forward slash results in a package filename containing a forward slash, which isn't a valid filename. Signed-off-by: Steef Hegeman <steefhegeman@hotmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05Build a single debug package for all packages from a PKGBUILDAllan McRae2-7/+13
We want to provide source files with debug symbol packages to allow easy stepping through the program. This becomes difficult with split packages due to the binaries in many of these sharing source files across packages. There are (at least) two solutions to this problem. #1: ensure common source files are located in the debug package for the package lowest in the dependency chain and add dependencies to the debug packages so all require source files are present, or #2: create one debug package for all split packages in a PKGBUILD. The second is a more robust approach despite potentially creating very large debug packages. This patch creates a single $pkgbase-debug package and adds provides such that installing $pkgname-debug will always work. Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05be_local: remove unused error returnAndrew Gregory1-21/+21
LAZY_LOAD has completely ignored the errret value since commit 307a6de17a3bca9f8666b33aa3fb9a8dd88c300b in 2011. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05add generated scripts to gitignoreChristian Hesse1-0/+3
These files are generated at build time. Ignore in git. Signed-off-by: Christian Hesse <mail@eworm.de> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05Make DUFLAGS be overrideable during configureAlastair Hughes1-5/+9
Not all du implementations on linux accept --apparent-size, so let the user configure the arguments passed to du if required. This fixes FS#47943. Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05Suppress more output messages on successful -D options with -qAllan McRae1-4/+6
Suppress output on successful use of --asdeps and --asexplicit. Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05Give a "success!" message on database checkPatrick Eigensatz3-1/+14
'pacman -Dk' prints a "success!" message if there were no errors. It is possible to suppress the output using the '-q / --quiet' flag. This implements the feature discussed at https://bugs.archlinux.org/task/50087 Signed-off-by: Patrick Eigensatz <patrick.eigensatz@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05Parametrise the different ways in which the payload is resetMartin Kühne3-3/+12
In FS#43434, Downloads which fail and are restarted on a different server will resume and may display a negative download speed. The payload's progress in libalpm was not properly reset which ultimately caused terminal noise because the line width calculation assumes positive download speeds. This patch fixes the incomplete reset of the payload by mimicing what be_sync.c:alpm_db_update() does over in sync.c:download_single_file(). The new dload.c:_alpm_dload_payload_reset_for_retry() extends beyond the current behavior by updating initial_size and prevprogress for this case. This makes pacman reset the progress properly in the next invocation of the callback and display positive download speeds. Fixes FS#43434. Signed-off-by: Martin Kühne <mysatyre@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05libalpm/signing: support EDDSA from gpgme 1.7.0Christian Hesse1-0/+4
Signed-off-by: Christian Hesse <mail@eworm.de> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05makepkg: reject packages with newlines in pathsAndrew Gregory3-0/+44
libalpm's local database format does not support paths with newlines. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05makepkg: abort on lint_package errorsAndrew Gregory4-3/+7
Allows lint_package to prevent makepkg from creating an invalid package. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05makepkg: reject package data with newlinesAndrew Gregory1-25/+38
The PKGINFO format cannot handle values that contain newlines. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05makepkg: fix find_lib{depends, provides} resultsAndrew Gregory1-3/+3
Neither function was checking for the existence of actual results before calling printf, resulting in them returning a list with a single empty value if there were no depends/provides. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05dload: use curl's keepalive mechanismDave Reisner1-43/+3
This does exactly the same thing as it code it replaces, but punt to curl to do it for brevity. Requires curl 7.25.0, which we already cover. Signed-off-by: Allan McRae <allan@archlinux.org>
2016-12-05makepkg: unset potentially architecture-specific varsDave Reisner1-1/+5
I'm not convinced this is a worthwhile goal, but let's follow suit. Since we can't know the names of all the vars that might exist, unset them by pattern.
2016-12-05makepkg: fix quoting in calls to dependency checkingDave Reisner1-4/+4
2016-12-05makepkg: fix quoting in calls to check_depsDave Reisner1-3/+3
The inside needs quoting, and this is separate from the declartion, which does not (in these cases).
2016-12-05makepkg: make run_function_safe more robustDave Reisner1-8/+11
Use shopt to set/reset errexit and errtrace, which lets us: 1) be more vigilant, resetting anything the user might do to us in PKGBUILD functions. 2) use human-readable words (errexit vs. -e) On top of this, introduce a new save/restore for the shell's other shopts. A user should not have any expectations that what happens in one function is available in another function, if it isn't explicitly defined in the PKGBUILD. While this change does not make that assertion, it gets us closer. We also replace a variable which comes from out of nowhere (pkgfunc) with the positional parameter containing the same value. Quoting is adjusted to make the expansion happen at the time the trap is set, rather than later on.
2016-12-05makepkg: remove vestiges of global errexitDave Reisner1-3/+3
These 'set +E' diversions haven't been needed since global errexit was disabled in dca10b062f2 (January 2012).
2016-12-05makepkg.conf: add -g to default curl optionsDave Reisner1-3/+3
This disables globbing, which should never be used in source URL specifications as it would lead to mismatches in the checksum mapping and un-checked sources.
2016-12-05Make sure all proper scripts are installed instead of the wrappersJohannes Löthberg1-3/+2
After 1f8f0bd9ac4c11cdc1b9506f9f64d8192ecad4ee all scripts that were changed to using the wrapper for in-tree use have the wrappers installed to the system instead of the actual script, so change the install command to support all wrapped scripts instead of just makepkg. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Allan McRae <allan@archlinux.org>