From 430b0df7794815049f37f38df39c71e1a9e9c157 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Thu, 12 Jan 2012 09:32:19 -0600 Subject: repo-add: clean up help messages Use consistent blank lines across all commands, get rid of the translated double newlines which only serve to confuse translators, and fix -h/--help for that extra special third command this script offers. Signed-off-by: Dan McGee --- scripts/repo-add.sh.in | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'scripts') diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 4708086c..6a10a684 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -48,30 +48,38 @@ usage() { printf "%s (pacman) %s\n\n" "$cmd" "$myver" if [[ $cmd == "repo-add" ]] ; then printf "$(gettext "Usage: repo-add [options] ...\n")" + printf "\n" printf "$(gettext "\ repo-add will update a package database by reading a package file.\n\ -Multiple packages to add can be specified on the command line.\n\n")" +Multiple packages to add can be specified on the command line.\n")" + printf "\n" printf "$(gettext "Options:\n")" printf "$(gettext " -d, --delta generate and add delta for package update\n")" printf "$(gettext " -f, --files update database's file list\n")" elif [[ $cmd == "repo-remove" ]] ; then - printf "$(gettext "Usage: repo-remove [options] ...\n\n")" + printf "$(gettext "Usage: repo-remove [options] ...\n")" + printf "\n" printf "$(gettext "\ repo-remove will update a package database by removing the package name\n\ specified on the command line from the given repo database. Multiple\n\ -packages to remove can be specified on the command line.\n\n")" +packages to remove can be specified on the command line.\n")" + printf "\n" printf "$(gettext "Options:\n")" + else + printf "$(gettext "Please move along, there is nothing to see here.\n")" + return fi printf "$(gettext " -q, --quiet minimize output\n")" printf "$(gettext " -s, --sign sign database with GnuPG after update\n")" printf "$(gettext " -k, --key use the specified key to sign the database\n")" printf "$(gettext " -v, --verify verify database's signature before update\n")" printf "$(gettext "\n\ -See %s(8) for more details and descriptions of the available options.\n\n")" $cmd +See %s(8) for more details and descriptions of the available options.\n")" $cmd + printf "\n" if [[ $cmd == "repo-add" ]] ; then - echo "$(gettext "Example: repo-add /path/to/repo.db.tar.gz pacman-3.0.0-1-i686.pkg.tar.gz")" + printf "$(gettext "Example: repo-add /path/to/repo.db.tar.gz pacman-3.0.0-1-i686.pkg.tar.gz\n")" elif [[ $cmd == "repo-remove" ]] ; then - echo "$(gettext "Example: repo-remove /path/to/repo.db.tar.gz kernel26")" + printf "$(gettext "Example: repo-remove /path/to/repo.db.tar.gz kernel26\n")" fi } -- cgit v1.2.3-24-g4f1b From 24ca6ce1f969a6f5d3ef9277f6d20efcd76330ec Mon Sep 17 00:00:00 2001 From: canyonknight Date: Mon, 16 Jan 2012 19:09:56 -0500 Subject: Turn gpg commands into functions in pacman-key Adds functions for every gpg command. By pulling out the gpg commands from the "program start" section, additional commands can be run before or after a specific gpg command without adding additional clutter to the function call section. Adds an explicit exit status of 0 to prevent arithmetic expansions from returning non-zero, thereby falsely causing pacman-key to have a non-zero exit status. This change creates the framework for additional error messages and better exit statuses being added to every pacman-key gpg call. Signed-off-by: canyonknight Signed-off-by: Allan McRae Signed-off-by: Dan McGee --- scripts/pacman-key.sh.in | 74 +++++++++++++++++++++++++++++++++++++----------- 1 file changed, 58 insertions(+), 16 deletions(-) (limited to 'scripts') diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index f358c487..02df8c50 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -338,6 +338,14 @@ populate_keyring() { fi } +add_keys() { + "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" +} + +delete_keys() { + "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" +} + edit_keys() { local errors=0; for key in "${KEYIDS[@]}"; do @@ -354,6 +362,14 @@ edit_keys() { done } +export_keys() { + "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" +} + +finger_keys() { + "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" +} + import_trustdb() { local importdir @@ -375,6 +391,35 @@ import() { done } +list_keys() { + "${GPG_PACMAN[@]}" --batch --list-keys "${KEYIDS[@]}" +} + +list_sigs() { + "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" +} + +lsign_keys() { + printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${KEYIDS[@]}" 2>/dev/null +} + +receive_keys() { + "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" +} + +refresh_keys() { + "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" +} + +verify_sig() { + "${GPG_PACMAN[@]}" --verify $SIGNATURE +} + +updatedb() { + msg "$(gettext "Updating trust database...")" + "${GPG_PACMAN[@]}" --batch --check-trustdb +} + # PROGRAM START if ! type gettext &>/dev/null; then gettext() { @@ -476,27 +521,24 @@ esac (( ! INIT )) && check_keyring -(( ADD )) && "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" -(( DELETE )) && "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" +(( ADD )) && add_keys +(( DELETE )) && delete_keys (( EDITKEY )) && edit_keys -(( EXPORT )) && "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" -(( FINGER )) && "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" +(( EXPORT )) && export_keys +(( FINGER )) && finger_keys (( IMPORT )) && import (( IMPORT_TRUSTDB)) && import_trustdb (( INIT )) && initialize -(( LISTKEYS )) && "${GPG_PACMAN[@]}" --batch --list-keys "${KEYIDS[@]}" -(( LISTSIGS )) && "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" -if (( LSIGNKEY )); then - printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${KEYIDS[@]}" 2>/dev/null -fi +(( LISTKEYS )) && list_keys +(( LISTSIGS )) && list_sigs +(( LSIGNKEY )) && lsign_keys (( POPULATE )) && populate_keyring -(( RECEIVE )) && "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" -(( REFRESH )) && "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" -(( VERIFY )) && "${GPG_PACMAN[@]}" --verify "$SIGNATURE" +(( RECEIVE )) && receive_keys +(( REFRESH )) && refresh_keys +(( VERIFY )) && verify_sig -if (( UPDATEDB )); then - msg "$(gettext "Updating trust database...")" - "${GPG_PACMAN[@]}" --batch --check-trustdb -fi +(( UPDATEDB )) && updatedb + +exit 0 # vim: set ts=2 sw=2 noet: -- cgit v1.2.3-24-g4f1b From c231c9af9712e95e58f660d46bd8feaf6fd891e2 Mon Sep 17 00:00:00 2001 From: canyonknight Date: Mon, 16 Jan 2012 19:12:41 -0500 Subject: Improve exit statuses and error messages in pacman-key Return codes from gpg commands are currently lost. This adds the functionality of taking non-zero exit statuses from gpg. This includes error reporting for all gpg commands that are run individually, run in a loop, and run through a pipe. Includes the check_keyids_exist function which verifies a key exists locally prior to attempted local manipulation of the key. If a gpg command has a non-zero status, pacman-key will now exit with a non-zero status. It will print a gettext error message of gpg's failure. Signed-off-by: canyonknight Signed-off-by: Allan McRae Signed-off-by: Dan McGee --- scripts/pacman-key.sh.in | 118 ++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 95 insertions(+), 23 deletions(-) (limited to 'scripts') diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 02df8c50..b7c77d82 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -144,6 +144,20 @@ add_gpg_conf_option() { fi } +check_keyids_exist() { + local ret=0 + for key in "${KEYIDS[@]}"; do + # Verify if the key exists in pacman's keyring + if ! "${GPG_PACMAN[@]}" --list-keys "$key" &>/dev/null ; then + error "$(gettext "The key identified by %s could not be found locally.")" "$key" + ret=1 + fi + done + if (( ret )); then + exit 1 + fi +} + initialize() { local conffile keyserv # Check for simple existence rather than for a directory as someone @@ -339,85 +353,143 @@ populate_keyring() { } add_keys() { - "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" + if ! "${GPG_PACMAN[@]}" --quiet --batch --import "${KEYFILES[@]}" ; then + error "$(gettext "A specified keyfile could not be added to the gpg keychain.")" + exit 1 + fi } delete_keys() { - "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" + check_keyids_exist + if ! "${GPG_PACMAN[@]}" --quiet --batch --delete-key --yes "${KEYIDS[@]}" ; then + error "$(gettext "A specified key could not be removed from the gpg keychain.")" + exit 1 + fi } edit_keys() { - local errors=0; + check_keyids_exist + local ret=0 for key in "${KEYIDS[@]}"; do - # Verify if the key exists in pacman's keyring - if ! "${GPG_PACMAN[@]}" --list-keys "$key" &>/dev/null; then - error "$(gettext "The key identified by %s does not exist.")" "$key" - errors=1; + if ! "${GPG_PACMAN[@]}" --edit-key "$key" ; then + error "$(gettext "The key identified by %s could not be edited.")" "$key" + ret=1 fi done - (( errors )) && exit 1; - - for key in "${KEYIDS[@]}"; do - "${GPG_PACMAN[@]}" --edit-key "$key" - done + if (( ret )); then + exit 1 + fi } export_keys() { - "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" + check_keyids_exist + if ! "${GPG_PACMAN[@]}" --armor --export "${KEYIDS[@]}" ; then + error "$(gettext "A specified key could not be exported from the gpg keychain.")" + exit 1 + fi } finger_keys() { - "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" + check_keyids_exist + if ! "${GPG_PACMAN[@]}" --batch --fingerprint "${KEYIDS[@]}" ; then + error "$(gettext "The fingerprint of a specified key could not be determined.")" + exit 1 + fi } import_trustdb() { local importdir - + local ret=0 for importdir in "${IMPORT_DIRS[@]}"; do if [[ -f "${importdir}/trustdb.gpg" ]]; then gpg --homedir "${importdir}" --export-ownertrust | \ "${GPG_PACMAN[@]}" --import-ownertrust - + if (( PIPESTATUS )); then + error "$(gettext "%s could not be imported.")" "${importdir}/trustdb.gpg" + ret=1 + fi + else + error "$(gettext "File %s does not exist and could not be imported.")" "${importdir}/trustdb.gpg" + ret=1 fi done + if (( ret )); then + exit 1 + fi } import() { local importdir - + local ret=0 for importdir in "${IMPORT_DIRS[@]}"; do if [[ -f "${importdir}/pubring.gpg" ]]; then - "${GPG_PACMAN[@]}" --quiet --batch --import "${importdir}/pubring.gpg" + if ! "${GPG_PACMAN[@]}" --quiet --batch --import "${importdir}/pubring.gpg" ; then + error "$(gettext "%s could not be imported.")" "${importdir}/pubring.gpg" + ret=1 + fi + else + error "$(gettext "File %s does not exist and could not be imported.")" "${importdir}/pubring.gpg" + ret=1 fi done + if (( ret )); then + exit 1 + fi } list_keys() { - "${GPG_PACMAN[@]}" --batch --list-keys "${KEYIDS[@]}" + check_keyids_exist + if ! "${GPG_PACMAN[@]}" --batch --list-keys "${KEYIDS[@]}" ; then + error "$(gettext "A specified key could not be listed.")" + exit 1 + fi } list_sigs() { - "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" + check_keyids_exist + if ! "${GPG_PACMAN[@]}" --batch --list-sigs "${KEYIDS[@]}" ; then + error "$(gettext "A specified signature could not be listed.")" + exit 1 + fi } lsign_keys() { + check_keyids_exist printf 'y\ny\n' | LANG=C "${GPG_PACMAN[@]}" --command-fd 0 --quiet --batch --lsign-key "${KEYIDS[@]}" 2>/dev/null + if (( PIPESTATUS[1] )); then + error "$(gettext "A specified key could not be locally signed.")" + exit 1 + fi } receive_keys() { - "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" + if ! "${GPG_PACMAN[@]}" --recv-keys "${KEYIDS[@]}" ; then + error "$(gettext "Remote key not fetched correctly from keyserver.")" + exit 1 + fi } refresh_keys() { - "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" + check_keyids_exist + if ! "${GPG_PACMAN[@]}" --refresh-keys "${KEYIDS[@]}" ; then + error "$(gettext "A specified local key could not be updated from a keyserver.")" + exit 1 + fi } verify_sig() { - "${GPG_PACMAN[@]}" --verify $SIGNATURE + if ! "${GPG_PACMAN[@]}" --verify $SIGNATURE ; then + error "$(gettext "The signature identified by %s could not be verified.")" "$SIGNATURE" + exit 1 + fi } updatedb() { msg "$(gettext "Updating trust database...")" - "${GPG_PACMAN[@]}" --batch --check-trustdb + if ! "${GPG_PACMAN[@]}" --batch --check-trustdb ; then + error "$(gettext "Trust database could not be updated.")" + exit 1 + fi } # PROGRAM START -- cgit v1.2.3-24-g4f1b From 562109c0e8717eaac3b9078271c4ca4f82abfecd Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Wed, 18 Jan 2012 22:25:27 -0600 Subject: Update copyright on changed files since beginning of year Signed-off-by: Dan McGee --- scripts/makepkg.sh.in | 4 ++-- scripts/pacman-key.sh.in | 4 ++-- scripts/repo-add.sh.in | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'scripts') diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 797b8d78..169162ce 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -3,7 +3,7 @@ # makepkg - make packages compatible for use with pacman # @configure_input@ # -# Copyright (c) 2006-2011 Pacman Development Team +# Copyright (c) 2006-2012 Pacman Development Team # Copyright (c) 2002-2006 by Judd Vinet # Copyright (c) 2005 by Aurelien Foret # Copyright (c) 2006 by Miklos Vajna @@ -1866,7 +1866,7 @@ usage() { version() { printf "makepkg (pacman) %s\n" "$myver" printf "$(gettext "\ -Copyright (c) 2006-2011 Pacman Development Team .\n\ +Copyright (c) 2006-2012 Pacman Development Team .\n\ Copyright (C) 2002-2006 Judd Vinet .\n\n\ This is free software; see the source for copying conditions.\n\ There is NO WARRANTY, to the extent permitted by law.\n")" diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index b7c77d82..2159fdf1 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -4,7 +4,7 @@ # Based on apt-key, from Debian # @configure_input@ # -# Copyright (c) 2010-2011 Pacman Development Team +# Copyright (c) 2010-2012 Pacman Development Team # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -88,7 +88,7 @@ usage() { version() { printf "pacman-key (pacman) %s\n" "${myver}" printf "$(gettext "\ -Copyright (c) 2010-2011 Pacman Development Team .\n\ +Copyright (c) 2010-2012 Pacman Development Team .\n\ This is free software; see the source for copying conditions.\n\ There is NO WARRANTY, to the extent permitted by law.\n")" } diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 6a10a684..8c1d53da 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -4,7 +4,7 @@ # repo-remove - remove a package entry from a given repo database file # @configure_input@ # -# Copyright (c) 2006-2011 Pacman Development Team +# Copyright (c) 2006-2012 Pacman Development Team # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -87,7 +87,7 @@ version() { cmd=${0##*/} printf "%s (pacman) %s\n\n" "$cmd" "$myver" printf "$(gettext "\ -Copyright (c) 2006-2011 Pacman Development Team \n\n\ +Copyright (c) 2006-2012 Pacman Development Team \n\n\ This is free software; see the source for copying conditions.\n\ There is NO WARRANTY, to the extent permitted by law.\n")" } -- cgit v1.2.3-24-g4f1b From df47136bcfd3fdec150fc8613f3fe243432d875f Mon Sep 17 00:00:00 2001 From: Allan McRae Date: Fri, 20 Jan 2012 23:20:52 +1000 Subject: makepkg: fix error on unnecessary -r The grep statement used to check for a difference between the installed package list before and after resolving dependencies returns 1 if there is no difference. This sets of the error trap when "-r" is used "unnecessarily". Signed-off-by: Allan McRae Signed-off-by: Dan McGee --- scripts/makepkg.sh.in | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'scripts') diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 169162ce..81e77e47 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -507,14 +507,15 @@ remove_deps() { # check for packages removed during dependency install (e.g. due to conflicts) # removing all installed packages is risky in this case if [[ -n $(grep -xvFf <(printf '%s\n' "${current_packagelist[@]}") \ - <(printf '%s\n' "${original_packagelist[@]}") ) ]]; then + <(printf '%s\n' "${original_packagelist[@]}") || true) ]]; then warning "$(gettext "Failed to remove installed dependencies.")" return 0 fi local deplist - if ! deplist=($(grep -xvFf <(printf "%s\n" "${original_pkglist[@]}") \ - <(printf "%s\n" "${current_pkglist[@]}"))); then + deplist=($(grep -xvFf <(printf "%s\n" "${original_pkglist[@]}") \ + <(printf "%s\n" "${current_pkglist[@]}") || true)) + if [[ -n deplist ]]; then return fi -- cgit v1.2.3-24-g4f1b From edd4276bbf3d21a7353e3d67ce6639246ef8032d Mon Sep 17 00:00:00 2001 From: Allan McRae Date: Fri, 20 Jan 2012 23:25:57 +1000 Subject: makepkg: restrict usage of flags passed to pacman With pacman-4.0, using --noconfirm or --noprogressbar with -Q or -T results in pacman reporting an "invalid option" error. Restrict the passing of these options to pacman. Fixes FS#28012. Signed-off-by: Allan McRae Signed-off-by: Dan McGee --- scripts/makepkg.sh.in | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 81e77e47..89045ac9 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -412,7 +412,11 @@ download_file() { run_pacman() { local cmd - printf -v cmd "%q " "$PACMAN" $PACMAN_OPTS "$@" + if [[ ! $1 = -@(T|Qq) ]]; then + printf -v cmd "%q " "$PACMAN" $PACMAN_OPTS "$@" + else + printf -v cmd "%q " "$PACMAN" "$@" + fi if (( ! ASROOT )) && [[ ! $1 = -@(T|Qq) ]]; then if type -p sudo >/dev/null; then cmd="sudo $cmd" -- cgit v1.2.3-24-g4f1b