summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Reject files larger than 16384 bytes in read_sigfile.Tobias Stoeckmann2016-08-30
| | | | | | | | | | | | | If signature files are larger than SIZE_MAX, not enough memory could be allocated for this file. The script repo-add rejects files which are larger than 16384 bytes, therefore handle these as errors here, too. While at it, I also rearranged the code to avoid a quite harmless TOCTOU race condition between stat() and fopen(). Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* Release resources on error paths.Tobias Stoeckmann2016-08-30
| | | | | | | | Some resources (memory or file descriptors) are not released on all error paths. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman-key: reject armored signaturesAllan McRae2016-08-30
| | | | | | | | pacman expects an unarmored signature. makepkg forces the generation of unarmored signatures, and repo-add will reject any armored signature. For consistency pacman-key should also reject armored signatures. Signed-off-by: Allan McRae <allan@archlinux.org>
* Always use proper error code in alpm_initialize.Tobias Stoeckmann2016-08-30
| | | | | | | | | | | In out of memory conditions, an undefined error value is written into *err, because myerr is never explicitly set in these cases. I have also converted a calloc into a MALLOC call, because the memory will be properly filled by the snprintf call right after it. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove obsolete TODOAllan McRae2016-08-30
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* recursedeps: include cyclic dependenciesAndrew Gregory2016-08-30
| | | | | | | | | | | | | | Cyclic dependencies (A depends on B, B depends on A) were not selected because neither package could be removed individually, so can_remove_package would always return false for both. By preselecting all dependencies then filtering back out any dependencies still required by any packages that will not be uninstalled, groups of unneeded cyclic dependencies can be found. Fixes FS#41031 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Turn off colours once finished using themAllan McRae2016-08-30
| | | | | | | The colour of the package version could leak onto the next line in both -Qo and -Fo. Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman.8: add link to alpm-hooks(5) in see alsoChristian Hesse2016-05-18
| | | | | Signed-off-by: Christian Hesse <mail@eworm.de> Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm.3: add link to alpm-hooks(5) in see alsoChristian Hesse2016-05-18
| | | | | Signed-off-by: Christian Hesse <mail@eworm.de> Signed-off-by: Allan McRae <allan@archlinux.org>
* libmakepkg: extract functions for integrity checkingAshley Whetter2016-05-18
| | | | | Signed-off-by: Ashley Whetter <ashley@awhetter.co.uk> Signed-off-by: Allan McRae <allan@archlinux.org>
* Use a more generic regexp when parsing output of gpg(1) in signature ↵Leonid Isaev2016-05-18
| | | | | | | | | | | | | verification. The current way of extracting key trust from output of gpg --verify is not very robust against changes in the format of said output. As a result, pacman-key can return an error even if the signature is actuall good. This change relaxes the regexp when parsing output of gpg. Signed-off-by: Leonid Isaev <leonid.isaev@jila.colorado.edu> Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: ignore the architecture for --printsrcinfoAlastair Hughes2016-05-18
| | | | | Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Report local file URL for -Sp operations if package is in cacheAllan McRae2016-05-18
| | | | | | | | | | | | | | | | | | When using "pacman -Sp" operation to get URLs of packages to download, it is useful to know which packages are already in the file cache and do not need downloaded. Print packages in the cache with a file:// prefix. e.g $ pacman -Sp glibc file:///var/cache/pacman/glibc-2.23-1-x86_64.pkg.tar.xz Also use package locations in case statements rather than opersations. This allows the ALPM_PKG_SYNCDB to fall thorough to just printing the package name for weird serverless repo setups. Fixes FS#15868 Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: move build enviroment set-up to functionAllan McRae2016-05-18
| | | | | | | | | | | | | This is a requirement to split the preparation of the build environment into libmakepkg, which will allow dropping in extensions (e.g. to allow PGO). After this patch, disabling buildflags or makeflags and enabling debug CFLAGS will only effect the build(), check() and package() functions. The relevant variables are no longer exported for the prepare() function. This should have zero impact for the prepare() function of a properly written PKGBUILD, as no building/linking is done there... Signed-off-by: Allan McRae <allan@archlinux.org>
* Avoid logical OR duplication warning from gcc-6Allan McRae2016-05-05
| | | | | | | | | | The value EAGAIN is allowed by POSIX to be the same as EWOULDBLOCK, but this is not guaranteed. Thus on some systems (e.g. glibc Linux), we get a warning that the logical OR is being performed on two expressions of the same type. We can not get rid of this test in case any system defines these as unique values. Suggested-by: Dave Reisner Signed-off-by: Allan McRae <allan@archlinux.org>
* Add -m/--nocolor options to updpkgsumsAshley Whetter2016-05-05
| | | | | | | Fixes FS#43346 Signed-off-by: Ashley Whetter <ashley@awhetter.co.uk> Signed-off-by: Allan McRae <allan@archlinux.org>
* pacsort help clearly states that files contain inputs to be sortedAshley Whetter2016-05-05
| | | | | | | Fixes FS#44121 Signed-off-by: Ashley Whetter <ashley@awhetter.co.uk> Signed-off-by: Allan McRae <allan@archlinux.org>
* Prevent wrapping of enum itemsAllan McRae2016-05-05
| | | | | | | GCC-6 points out that the value we use for the sentinal in enums is actually too large for the integer type. Reduce the bitshift by one to fix this. Signed-off-by: Allan McRae <allan@archlinux.org>
* fix spelling mistakesEric Engestrom2016-05-05
| | | | | Signed-off-by: Eric Engestrom <eric@engestrom.ch> Signed-off-by: Allan McRae <allan@archlinux.org>
* Add colour to the output of the "-{F, Q}o" operations.Xavion2016-05-05
| | | | | | | | Matching output for -s operations, the repository is coloured 'magenta', the package name is 'bold', and the version is outputted in 'green'. Signed-off-by: Xavion <Xavion (dot) 0 (at) Gmail (dot) com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Add colour to group selection dialogXavion2016-05-05
| | | | | | | Colour the group name in 'blue' and the repository names in 'magenta'. Signed-off-by: Xavion <Xavion (dot) 0 (at) Gmail (dot) com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Handle provides with -QAllan McRae2016-05-05
| | | | | | | | | | | | | | It is useful to be able to use "pacman -Qi" on any dependency, even if that dependency is a provide. For example, on Arch Linux systems, "sh" is provided by the "bash" package, and many packages depend on "sh". Querying the package that provides the "sh" dependency currently requires first searching for "sh". This patch allows the use of "pacman -Qi" on a provide. Fixes FS#20650. Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman_query: move error messages into relevant if statementsAllan McRae2016-05-05
| | | | | | | This ensures any additions to these test do not have to rely on the correct error condition being set by libalpm. Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman.8: add actual operation to captions for easy searchingChristian Hesse2016-05-05
| | | | | | | | | I caught myself searching for operations when in need for an option. However this made me find transaction and update options only. So add the actual operations to captions for easy searching. Signed-off-by: Christian Hesse <mail@eworm.de> Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove notification of system upgrade when only printing URLsAllan McRae2016-05-05
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Print replacements when using -SupAllan McRae2016-05-05
| | | | | | | | | When printing a list of URLs of packages to be updated, pacman was ignoring any replacements that would be made in the update process. Fixes FS#35812 Signed-off-by: Allan McRae <allan@archlinux.org>
* Changed documentation to use 'the default' instead of 'a typical default'Alastair Hughes2016-03-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* PKGBUILD.5: document that the pkgver() function runs after prepare()Allan McRae2016-03-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Do not add root prefix twice when checking database filesAllan McRae2016-03-28
| | | | | | | | | | | | | | When checking .INSTALL and .CHANGELOG files in the mtree file, we need to find the path they are stored in the local database. This was appending the root prefix twice as alpm_option_get_dbpath already returns the absolute path to the database. While fixing that issue I added checks that the paths for the database files were not longer than PATH_MAX. Fixes FS#48563. Signed-off-by: Allan McRae <allan@archlinux.org>
* libmakepkg: extract functions for writing .SRCINFO filesAshley Whetter2016-03-28
| | | | | Signed-off-by: Ashley Whetter <ashley@awhetter.co.uk> Signed-off-by: Allan McRae <allan@archlinux.org>
* libmakepkg: ensure emptydir find command acts on individual directoriesAllan McRae2016-03-21
| | | | | | | | | | | | | | Using "-exec command {} +" systax exits on any error. Such errors occur when running rmdir on a non-empty directory. Switch to "{} ;" syntax instead which avoids exiting before the find command is completed. Fixes FS#48515. Note, we can not use "-empty" in the find command because it is not supported by Busybox find, and the "--ignore-fail-on-non-empty" flag for rmdir is not available on BSD rmdir variants. Signed-off-by: Allan McRae <allan@archlinux.org>
* use multi-byte character matching for user inputAndrew Gregory2016-02-26
| | | | | | | Fixes FS#47992 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Add release instructionsAllan McRae2016-02-26
| | | | | | This serves as a release checklist for anyone making a pacman release. Signed-off-by: Allan McRae <allan@archlinux.org>
* repo-add: do not alter the database if only verifying signatureAllan McRae2016-02-26
| | | | | | Fixes FS#48085. Signed-off-by: Allan McRae <allan@archlinux.org>
* Failed database downloads cause transaction to stopAllan McRae2016-02-26
| | | | | | | | | | | Previously, we errored only if all databases failed to download. If any database downloads fail, we are unable to determine whether an update is still considered safe. So now if any database download fails, the transaction is aborted (after attempting all database downloads). Fixes FS#47599. Signed-off-by: Allan McRae <allan@archlinux.org>
* Use versions specified in optdependsAllan McRae2016-02-26
| | | | | | | | | Checking install status and if a package is optionally required on removal now considers the version of the optdepend. Fixes FS#44957. Signed-off-by: Allan McRae <allan@archlinux.org>
* Consider provides when warning about optdepnd removalAllan McRae2016-02-26
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Consider provides when labelling optdepends status as pending installAllan McRae2016-02-26
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: Turn PACMAN_OPTS into an arrayXyne2016-02-26
| | | | | | Avoid potential word expansion with future inclusions Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: Remove upx and optipng supportAllan McRae2016-02-26
| | | | | | | | | These options were added before libmakepkg allowed passes like this to be dropped in. I prefer only real core packaging tasks to be included in makepkg and additional things like this to be dropped in by a user or distribution that wants to support them. Signed-off-by: Allan McRae <allan@archlinux.org>
* libmakepkg: fix is_array functionAllan McRae2016-02-26
| | | | | | | | | | This happened to work for the majority of cases because the only calling function used a variable named "i" that was related to the variable being passed to the function. Fixes FS#48340. Signed-off-by: Allan McRae <allan@archlinux.org>
* Update NEWS for pacman-5.0.1Allan McRae2016-02-26
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Release 5.0.1Allan McRae2016-02-23
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Regenerate translations for 5.0.1Allan McRae2016-02-23
|
* Manually fix space before ellipses in translationsAllan McRae2016-02-23
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix inconsistent status messagesStefan Tatschner2016-02-23
| | | | | | | | | | | | | | | | | | | | | This patch fixes an inconsistency in the status messages. :: Proceed with installation? [Y/n] :: Retrieving packages ... <--- Space before "...". blas-3.6.0-4-x86_64 cblas-3.6.0-4-x86_64 lapack-3.6.0-4-x86_64 (3/3) checking keys in keyring (3/3) checking package integrity (3/3) loading package files (3/3) checking for file conflicts (3/3) checking available disk space :: Processing package changes... <--- No space before "..." (1/3) upgrading blas (2/3) upgrading cblas (3/3) upgrading lapack Signed-off-by: Allan McRae <allan@archlinux.org>
* Pull translation updates from TransifexAllan McRae2016-02-23
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* makepkg: do not run prepare() with --noextractEvangelos Foutras2016-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | This is partial revert of 8454daa7feef (makepkg: run pkgver() and prepare() with --noextract). Reasoning for the reversion (copied from FS#43498): Running prepare() when --noextract is used no longer allows running 'makepkg -o && makepkg -e' with any PKGBUILD that applies patches in prepare(). [1] Sure there's --noprepare which restores the old behavior, but that's a lot of extra typing for what I believe is a much more common use of --noextract. For OP's use case of doing git bisects, you can specify the commit in the source array and thus skip --noextract since makepkg will checkout the correct commit each time. [1] I often extract the sources using 'makepkg -o', manually edit some source files, and then use 'makepkg -e' to package it (while possibly repeating the edit/package steps). Signed-off-by: Allan McRae <allan@archlinux.org>
* make alpm_unlock and trans_interrupt async safeAndrew Gregory2016-02-23
| | | | | | | | | | RET_ERR calls _alpm_log which includes calls that are not safe for use in asynchronous signal handlers (see signal(7)). Replace it in functions called from our signal handlers with a new macro RET_ERR_ASYNC_SAFE which is identical except that it lacks the call to _alpm_log. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
* alpm_run_chroot: always connect parent2child pipeAndrew Gregory2016-02-23
| | | | | | | | | | | | Commit e374e6829cea3512f0b4a4069c5a6168f0f8d8a0 closed stdin before running scripts/hooks. This left the exec'd process with no file descriptor 0. If the process subsequently opened a file it would be assigned fd 0, and could potentially be confused for stdin. Connecting and immediately closing the parent2child pipe ensures that the child has an fd 0 and that it is empty. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>