summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Correct INODECMD for BSD and DarwinAllan McRae2013-06-06
| | | | | | Fixes FS#35469. Signed-off-by: Allan McRae <allan@archlinux.org>
* Pull translation updates and regenerateAllan McRae2013-06-06
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman-key: Do not reinterpret keys from revoked keyringsDave Reisner2013-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Given a revoked keyring containing only: BC1FBE4D2826A0B51E47ED62E2539214C6C11350 We should only disable this specific keyid. This change enforces that the contents of the -revoked keyring file are full fingerprints which can uniquely identify a key. Before: # pacman-key --populate archlinux ==> Appending keys from archlinux.gpg... ==> Locally signing trusted keys in keyring... -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2... -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8... -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887... -> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0... -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7... ==> Importing owner trust values... ==> Disabling revoked keys in keyring... -> Disabling key 1390420191... -> Disabling key E2539214C6C11350... -> Disabling key 8544EA82113502DE... ==> Updating trust database... gpg: next trustdb check due at 2014-01-22 After: # pacman-key --populate archlinux ==> Appending keys from archlinux.gpg... ==> Locally signing trusted keys in keyring... -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2... -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8... -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887... -> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0... -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7... ==> Importing owner trust values... ==> Disabling revoked keys in keyring... -> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350... ==> Updating trust database... gpg: next trustdb check due at 2014-01-22 Partially addresses FS#35478. This does nothing to confirm whether or not the key was successfully disabled -- a ridiculously simple request which appears to be far too difficult for gpg to manage. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* validate %FILEPATH% when parsing repo dbsSimon Gomizelj2013-06-04
| | | | | | | | | | | | | | | | | | Currently we make no effort to validate the %FILENAME% field in the repo db. This allows for relative paths to be considered valid. A carefully crafted db entry with a malicious relative path, (e.g. `../../../../etc/passwd`) will cause pacman to to overwrite _any_ file on the target's machine. Add the following validation: - doesn't start with '.' - doesn't contain a '/' - won't overflow PATH_MAX Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Restrict pkgname from starting with a dot.Allan McRae2013-06-04
| | | | | | | | | Adding this restriction means we can filter any FILENAME entry from starting with a "/" or a ".". Use the term "dot" as it is more computing relevant compared to "full stop" or "period" which vary depending on English locale. Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove backslash typo from makepkg man pageEric Bélanger2013-05-29
| | | | | Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Fix various typos in NEWSJason St. John2013-05-29
| | | | | | | | | | | imporve -> improve diskspace -> disk space BTRFS -> Btrfs filelists -> file lists filesize -> file size Signed-off-by: Jason St. John <jstjohn@purdue.edu> Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove incorrect bug number from NEWSAllan McRae2013-05-19
| | | | | | | The wrong bug number is mentioned in commit 32327dc8 and this was perpetuated into the NEWS file. Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: Use LOGDEST for logpipeAllan McRae2013-05-18
| | | | | | | If LOGDEST is set, we may not check that $startdir is writable. Store the log pipe in LOGDEST instead. Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix comment typoAllan McRae2013-05-18
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* contrib: Remove harcoded /etc/pacman.confWilliam Giokas2013-05-18
| | | | | Signed-off-by: William Giokas <1007380@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Revert "paccache: avoid subshell in calling runcmd"Dave Reisner2013-05-18
| | | | | | | | | | | | | | su is terribad. In addition to reverting, this also removes support for privilege escalation via su. If you want to use paccache as root and fail to comprehend how much better sudo is than su, then run paccache directly via su. Fixes FS#35173. This reverts commit 597286eb258f841dfc00f65474138fc6192f0092. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: fixup broken revision and repo referencesDave Reisner2013-05-18
| | | | | | | | | | | | bzr support "worked", but didn't handle any of the actual features we wanted with makepkg. This moves the revision specification to the proper place (extraction, rather than download), and fixes an additional broken reference to $repo which was never set. Fixes FS#35281. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* 4.1.1 release NEWS, version bumps, etc.Allan McRae2013-05-07
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* More translation updatesAllan McRae2013-05-07
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman/util.c: add missing bracesAndrew Gregory2013-05-07
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman/util.c: fix output flushing in questionsAndrew Gregory2013-05-07
| | | | | | | | | Flush stream before taking input in select_question() and only flush once during question(). Also fix some tabs inside related fprintf statements. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Pull translation updates from transifexAllan McRae2013-04-30
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Add -V/--version option to makepkg's usage function and man pageEric Bélanger2013-04-30
| | | | | Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: avoid redirecting stdoutDave Reisner2013-04-28
| | | | | | | | | | If stdout is already redirected, redirecting stderr to stdout can lead to undesirable results. Fixes FS#34974. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* Use libalpm version in pkg-config fileAllan McRae2013-04-26
| | | | | | | | | We currently use the pacman version number in the libalpm.pc file. It makes more sense to use the libalpm version. Fixes FS#34967. Signed-off-by: Allan McRae <allan@archlinux.org>
* Add prepare function to PKGBUILD proto filesEric Bélanger2013-04-24
| | | | | Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix spelling errors using 'codespell' toolAnatol Pomozov2013-04-18
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* paccache: avoid subshell in calling runcmdDave Reisner2013-04-12
| | | | | | | | | Avoids problems with one of the worst CLI tools ever created, su. Fixes FS#34656. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: fix svn repo extractionAllan McRae2013-04-12
| | | | | | | Copy SVN repos rather than using "svn export" to keep all anotation files in the repo for build scripts that use (e.g.) "svin info". Signed-off-by: Allan McRae <allan@archlinux.org>
* Do not use checkout directory for SVN configAllan McRae2013-04-12
| | | | | | | | Using the checkout directory for the SVN config can result in clashes between config files and files from the SVN checkout. Instead, use a ".makepkg" directory within the checkout. Signed-off-by: Allan McRae <allan@archlinux.org>
* Add support for all bzr URLs in the PKGBUILD source arrayMaxime Gauduin2013-04-11
| | | | | | | | | | Add support for all bzr URLs, including "lp:" URLs, in the source array. This, however, requires an internet connection and will fall back to the current behavior for offline builds. In that case, only the URL reported by 'bzr config parent_location' run inside the local repo can be used, and is outputted. Signed-off-by: Maxime Gauduin <alucryd@gmail.com>
* makepkg: don't run remove_deps twice when unneededWilliam Giokas2013-04-11
| | | | | | | | | | remove_deps already has a check and won't run unless -r is specified, so if this was meant to remove dependencies of a failure no matter what, then it's not doing it, and with -r it is run twice on a failure for no real reason. Signed-off-by: William Giokas <1007380@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Rework callback message to add translationAllan McRae2013-04-11
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* contrib/checkupdates: do not logAllan McRae2013-04-09
| | | | | | Avoid the log file filling up with "[PACMAN] synchronizing package lists". Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman: add -Qkk to usage() helpAndrew Gregory2013-04-09
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* contrib: Use sysconfdir instead of /etcWilliam Giokas2013-04-09
| | | | | | | Don't force people to see /etc. Signed-off-by: William Giokas <1007380@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* zsh completion: make sure -Ss worksDaniel Wallace2013-04-06
| | | | | | | | if you put a type in pacman -Ss <regex> it doesn't work because it never passes through they pointer ->sync_search to set $state. All of the other iterations like this have a case, add one for -S*s* Signed-off-by: Allan McRae <allan@archlinux.org>
* ctypes.h shouldn't be included twiceSimon Gomizelj2013-04-06
| | | | | | | Earnestly spotted this on #archlinux. Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* doc: fix debug spelling mistakeWilliam Giokas2013-04-06
| | | | | | | with -> when Signed-off-by: William Giokas <1007380@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* use off_t for table_row_t.sizeAndrew Gregory2013-04-06
| | | | | | | | | | | size went from off_t in _display_targets to int in add_transaction_sizes and back to off_t in humanize_size leading to potential overflows. Fixes FS#34616. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Bump to version 4.0.0Allan McRae2013-04-01
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Update translations from transifexAllan McRae2013-04-01
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* remove continue from download_localDaniel Wallace2013-04-01
| | | | | | | | | | Bug exposed by a6291858cc1570e56204c4a1e7a68f76c4853336 popd doesn't run in the for loop in download_sources() if the continue in download_files is executed. Causing the extract_files to extract everything into $SRCDEST instead of $srcdir Signed-off-by: Allan McRae <allan@archlinux.org>
* pm_asprintf logs 'failed to allocate' alreadySimon Gomizelj2013-03-31
| | | | | Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Improve documentation of libalpm interface functionsRichard Pougnet2013-03-31
| | | | | | | | Add details to the doxygen for the initialization and relase functions of the library. Signed-off-by: Richard Pougnet <richard@pougnet.ca> Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: unset GREP_OPTIONSAndrew Gregory2013-03-31
| | | | | | | | | | grep allows options to be set from the environment with GREP_OPTIONS. Many of these options will alter grep's output, breaking makepkg. GREP_OPTIONS=--line-number breaks installed dependency removal, for instance. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* use default foreground color instead of whiteAndrew Gregory2013-03-30
| | | | | | | | Using white made important text invisible on terminals with white backgrounds. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Ensure we are always in $SRCDEST before downloadingAllan McRae2013-03-30
| | | | | | | | | | | When VCS sources were updated, we changed into their root directory. Any following source was then downloaded to an incorrect place causing a failure in makepkg. Ensure we are always in the $SRCDEST directory before starting any download. Fixes FS#34488. Signed-off-by: Allan McRae <allan@archlinux.org>
* Final NEW update for pacman-4.1Allan McRae2013-03-30
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Add releases and dates to tableAllan McRae2013-03-30
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Document -QkkAllan McRae2013-03-30
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* signature_display should also be colourizedSimon Gomizelj2013-03-26
| | | | | Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* contrib: adding checkupdatesKyle Keen2013-03-26
| | | | | | | Signed-off-by: Kyle Keen <keenerd@gmail.com> [Allan: update contrib/README] Signed-off-by: Allan McRae <allan@archlinux.org>
* contrib: Update bash_completionAllan McRae2013-03-26
| | | | | | | Check all options are included in bash-completion. Alphabetize the pacman_key options for easier maintenance. Signed-off-by: Allan McRae <allan@archlinux.org>