Age | Commit message (Collapse) | Author |
|
Arch Linux typically runs into this with /sys when upgrading the
filesystem package in build chroots, but LXC users might also run into
this, since their /sys is shared from the host and must, for security
reasons, be mounted RO.
I've neglected to add any tests for this because they would require root
in order to run. Current tests all pass with this patch and I've
confirmed the desired behavior in a VM. Incidentally, the first hunk of
this patch (skipping can_remove_file checks for directories) resolves the
case of API mountpoints being removed since they eventually fall into
unlink_file and fail with "contains files". However, this patch should
still be the Right Thing To Do™, as we can't possibly remove a directory
that is also a mountpoint.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
[Allan] Do not skip checking if directories can be removed. Instead test
if directories are mountpoints in can_remove_file.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We record whether the default SigLevel is set in order to add upon
it for the *FileSigLevel entries. When using the only valid value
of "SigLevel = Never" with non-gpgme builds, we need to ignore
the ALPM_SIG_PACKAGE_SET flag when determining if we have a valid
value for the database SigLevel.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Fixes all clang warnings with -Wformat-literal.
Also, fix genuine formating issue discovered once adding these attributes
and add a cast to prevent a gcc warning.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This also lead me to notice that in _alpm_gpgme_checksig many things
were not being cleaned up. Fix this by having CHECK_ERR goto gpg_error
and make the required adjustments.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When installing a package with "pacman -U" that has a detached
signature, check if the needed key is in the keyring and download
if necessary.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Offer to remove the bad package when a signature fails to validate
as is done for checksum failures.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Now that the keyring is checked for all needed keys before the
validation, we can not reach a point of a missing key when doing
validity checks for sync operations.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Keys used to create signatures are checked for presence in the keyring
before package validation is performed.
Signed-off-by: Allan McRae <allan@archlinux.org>
Conflicts:
lib/libalpm/alpm.h
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This does not support all possibilities of RFC4880, but it does
cover every key currently used in Arch Linux.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This will be useful for checking the availablity of all keys before
perfoming validation in sync operations and for downloading a needed
key in upgrade operations.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In preparation for checking key presence and downloading needed keys
before conflict checking.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Suggested-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Add LocalFileSigLevel and RemoteFileSigLevel to control the signature
checking for "pacman -U <file>" and "pacman -U <url>" operations
respectively. The starting value for both these options is SigLevel,
if it is specified in the [options] section, or the built-in system
default. The specified values override and/or supplement this initial
value. Note there is no distinction between setting "Required" and
"PackageRequired" as there are no database options for Upgrade
operations.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We still call some of these 'deprecated' methods elsewhere, so this
shouldn't present a problem. When we decide 2.x support is to be dropped,
we should update all of the code to not call deprecated methods.
Allan: Adjusted with respect to previous patches adding libarchive
compatibilty layer.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This allows us to support both libarchive 2.8.x as well as 3.x without
deprecation warnings on compile.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
I suspect that eventually we're going to end up returning a pointer to
an allocated struct to describe the download result, but that's for
another patch when the need arises...
Fixes FS#33508.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Users have hit issues behind corporate firewalls that initially throttle
downloads to ~1B/sec.
Signed-off-by: Olivier Langlois < olivier.pis.langlois@transport.alstom.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
prefix defaults to "UNKOWN" if null or an empty string is provided.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The FHS (2.3) says having ldconfig in /sbin is optional and it is usually
located in /usr/sbin. So /sbin/ldconfig should not be hard coded in
pacman. Instead, provide a configure option --with-ldconfig that defaults
to the current path.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This reverts commit 4a8c2852a887d2b1aaa43be3071ab586eb24b9e3.
This reverts commit 993700bc6b12cd291544d2a22845f480e8a7925e.
This reverts commit bb4d2b72c1d35ab9d65d632be0dcaf00cfa7d600.
This reverts commit 60b192e3836a150eb6950ce52241efebbee00f11.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
RFC 2616 doesn't forbid a 301 or 302 repsonse from having a body, and
servers exist in the wild that show this behavior. In order to prevent
pacman from showing a progress bar when we aren't actually downloading a
package (and merely following one of these pain in the butt redirects),
capture the server response code in the response header, rather than
waiting to peel it off the handle after the download has finished.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Reported-by: Alexandre Filgueira <alexfilgueira@cinnarch.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The ldconfig binary is not guaranteed to be in /sbin. Change to calling
just "ldconfig" rather than using the full path.
This removed the check that the ldconfig binary exists. However, it is
a reasonable assumption that it will exist if its configuration file
does.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This makes us more robust to utilities changing paths. There is no
functional change when a full path is specified.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Teach pacman to save backup files with extension .pacsave.n, where n is a
positive integer. The current backup file shall be saved as <name>.pacsave,
while existing .pacsave.n files will be renamed to <name>.pacsave.n+1
Example:
1. You have subversion installed in your local repo. /etc/conf.d/svnserve
is a file to be backed up. It contains local modifications
2. You remove subversion from your repo. /etc/conf.d/svnserve is backed up as
/etc/conf.d/svnserve.pacsave
2. You install subversion again
3. You edit /etc/conf.d/svnserve
4. You remove subversion. The existing /etc/conf.d/svnserve.pacsave is renamed
to /etc/conf.d/svnserve.pacsave.1 and /etc/conf.d/svnserve is backed up as
/etc/conf.d/svnserve.pacsave
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Rebased from original email and adjusted for util-common usage.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
There is duplicated code in the util.c files in the libalpm and pacman
source code. Split this into a separate file so that it can be shared
via a symlink. This prevents code divergence between the two code bases.
Also, move mbasename and mdirname from pacman/util.c into util-common.c
in preparation for the following patch that uses them to add an extension
to pacsave files.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This allows compiling in both clang and gcc without running into
oddities regarding const vs. defined constant values.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When a configured repo database is not already downloaded, a warning
message such as "warning: database file for 'testing' does not exist"
is printed. Disable this warning when the database is scheduled to
be downloaded in the transaction.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The warning given for a signature timstamp being in the future compared
to the system time stated the opposite.
Also, move this warning to debug output. It is useless in its current
form as the package or database that is giving the error is not
mentioned and so other debug output is needed to find the offending
signature.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This function is particularly useful, so make it public.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Much like packages that require a give package are displayed in the
"Required by" field of its information output, alos display packages
that optionally require the package.
Inspired-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When a package is being removed, provide a notification (via a callback)
if any local package requires it as an optdepend.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is a bug that has been around since at least 2007. On a package
upgrade (either by -S or -U) a new directory could overwrite any file.
This is caused by the filelist difference calculation ignoring all
directories and thus no new directories were checked for conflicting
files on the filesystem.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
[Allan: Remove expected failure from fixed pactests]
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Return -1 if a path is too long to resolve or we run out of memory.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This applies to a case such as when /lib is a symlink to /usr/lib. If a
package is installed which contains /lib/libfoo.so, pacman will complain
if this package is then "fixed" to contain /usr/lib/libfoo.so. Since
these have the same effective path and it exists within the same
package, ignore the conflict.
Fixes FS#30681.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
File paths are resolved if necessary during inter-package conflict
checks so that packages carrying the same effective file due to
directory symlinks on the filesystem are flagged as conflicting.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If a filename isn't resolved, the original can be used instead of strdup()ing
it.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|