summaryrefslogtreecommitdiff
path: root/lib/libalpm
Commit message (Collapse)AuthorAge
* support ALPM_SIG_USE_DEFAULT for file siglevelsAndrew Gregory2013-11-08
| | | | | | | This brings file siglevels in line with how db siglevels are handled. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove spaces between the opening "if" and the opening parenthesisJason St. John2013-11-08
| | | | | Signed-off-by: Jason St. John <jstjohn@purdue.edu> Signed-off-by: Allan McRae <allan@archlinux.org>
* version: fix formatting in file to RPM upstreamDave Reisner2013-11-08
| | | | | | | This reverts a portion of 86eefc1a3a341. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* deps.c: pass alpm_list** to _alpm_recursedepsAndrew Gregory2013-10-31
| | | | | | | | Improves consistency and makes it clear that targs will be modified by _alpm_recursedeps. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm/db.c: default to ALPM_DB_USAGE_ALLAndrew Gregory2013-10-31
| | | | | | | | This allows existing front-ends other than pacman to continue working normally. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* sortbydeps: include local pkgs in dep graphAndrew Gregory2013-10-31
| | | | | | | | | | | | | | | | Detecting indirect dependencies by traversing a package's entire dependency tree is prohibitively slow for larger transactions. Instead add local packages to the dependency graph. This additionally requires delaying dependency ordering for sync operations so that removed packages may be excluded from dependency detection. tests/sync012.py was also updated to ensure that the dependency cycle was actually detected. Fixes FS#37380 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Expose alpm_pkg_should_ignoreAllan McRae2013-10-31
| | | | | | | This function is useful for frontends to annotate package upgrades that will be ignored. Signed-off-by: Allan McRae <allan@archlinux.org>
* Make functions to decode a signature and extract keyid publicAllan McRae2013-10-31
| | | | | | These are useful for frontends. Signed-off-by: Allan McRae <allan@archlinux.org>
* Ensure packages have a valid versionAllan McRae2013-10-15
| | | | | | | | | | | Currently you can manually create and then install a package with a version not containing a pkgrel. The created local database entry is invalid as the directory name can not be split by _alpm_splitname due to the assumtion of hyphens separating name-pkgver-pkgrel. Ensure the package has a valid version when it is loaded. Fixes FS#35514. Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix progress bar overflow while checking package integrityAllan McRae2013-10-15
| | | | | | | | | | | On 32bit systems, the progress bar intergrity checking can show values greater than 100% with large transactions. This is due to the total size of all package files being greater than a size_t. Use uint64_t for these sizes. Fixes FS#36608 Signed-off-by: Allan McRae <allan@archlinux.org>
* Report which package is missing a signatureAllan McRae2013-10-15
| | | | | | | | | If any package in a sync transaction is missing a required signature, we give an uninformative error message (which may or may not state that the missing signature is the issue). Always output the package with the missing signature. Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: move function pointer conditionslavomir vlcek2013-10-14
| | | | | | | | Function pointer gets uselessly compared for NULL in every iteration. Move the condition to do it just once. Signed-off-by: slavomir vlcek <svlc@inventati.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* dload: avoid renaming files downloaded via sync operationsChristian Hesse2013-09-18
| | | | | | | | | | | | | | | | | | If the server redirects from ${repo}.db to ${repo}.db.tar.gz pacman gets this wrong: It saves to new filename and fails when accessing ${repo}.db. We need the remote filename only when downloading remote files with pacman's -U operation. This introduces a new field 'trust_remote_name' to payload. If set pacman downloads to the filename given by the server. The field trust_remote_name is set in alpm_fetch_pkgurl(). Fixes FS#36791 ([pacman] downloads to wrong filename with redirect). [dave: remove redundant assignment leading to memory leak] Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: introduce a usage level for reposDave Reisner2013-09-04
| | | | | | | | | | | | | | | | This defines a level of interest a user has in a repository. These are described by the bitmask flags in the alpm_db_usage_t enum: ALPM_DB_USAGE_SEARCH: repo is valid for searching ALPM_DB_USAGE_INSTALL: repo is valid for installs (e.g. -S pkg) ALPM_DB_USAGE_UPGRADE: repo is valid for sysupgrades ALPM_DB_USAGE_ALL: all of the above are valid Explicitly listing the contents of a repo will always be valid, and the repo will always be refreshed appropriately on sync operations. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: avoid name space conflictSami Kerola2013-09-04
| | | | | | | | | The symbol 'err' refers to err() from err.h, and is wisest to be avoided as a variable name. Reference: http://man7.org/linux/man-pages/man3/err.3.html Signed-off-by: Sami Kerola <kerolasa@iki.fi> Signed-off-by: Allan McRae <allan@archlinux.org>
* alpm: log errors for scriptlets terminated by a signalDave Reisner2013-09-04
| | | | | | | Fixes FS#36618. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* conflict.c: fix directory ownership checkAndrew Gregory2013-08-21
| | | | | | | | | * append "/" to directories before searching package file lists * use lstat over stat so symlinks aren't resolved * fix the inverted check for stat's return value Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Do not refer to FlySpray numbersAllan McRae2013-08-21
| | | | | | | | These references to bug numbers assume we will forever be using that bug tracker. It is better to properly comment the code instead (which was done in almost all cases anyway). Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove setlocale usage from the backendAllan McRae2013-07-30
| | | | | | | | Using setlocale in the backend is bound to lead to frontend issues and we have have been using epoch in our databases since April 2007 (commit 47622eef). Remove support for old style times. Signed-off-by: Allan McRae <allan@archlinux.org>
* Warn when directory ownership differs between filesystem and packageAllan McRae2013-07-30
| | | | | | | | | | | | | We currently only warn if a directory's permissions differ, but using -Qkk on my system shows that directory permissions tend to change in packages reasonably frequently without notice. Provide a warning in such cases so that it can be altered. Example output: (1/1) reinstalling nginx warning: directory ownership differs on /var/lib/nginx/proxy/ filesystem: 33:0 package: 0:0 Signed-off-by: Allan McRae <allan@archlinux.org>
* Update gitignore files for use with autoreconfAllan McRae2013-07-22
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove autotools filesAllan McRae2013-07-22
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* be_sync: avoid crashing on files in the root of a DBDave Reisner2013-07-22
| | | | | | | | | | | | | | If a sync DB is malformed and contains entries in the root of the archive, load_pkg_for_entry will leave the 'filename' variable empty, leading to a crash in the ensuing strcmp() calls which determine the DB fragment being examined. While this isn't a read error, this should be reported to the user so that it can be addressed by the creator of the DB. As seen: https://bbs.archlinux.org/viewtopic.php?pid=1297766 Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* Hide unused parameter warnings when building without libcurlAllan McRae2013-07-22
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Add missing headerAllan McRae2013-07-22
| | | | | | Exposed when building with --without-libcurl Signed-off-by: Allan McRae <allan@archlinux.org>
* use full path when checking for mountpointsAndrew Gregory2013-07-05
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* do not check error from close(2)Dave Reisner2013-07-05
| | | | | | | | | | | | | | | On operating systems we support, the behavior is always such that the kernel will do the right thing as far as invalidating the file descriptor, regardless of the eventual return value. Therefore, potentially looping and calling close multiple times is wrong. At best, we call close again on an invalid FD and throw a spurious EBADF error. At worst, we might close an FD which doesn't belong to us when a multi-threaded application opens its own file descriptor between iterations of the loop. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* Enable inverted patterns in NoExtract and NoUpgrade.Patrick Steinhardt2013-06-26
| | | | | | | | It is now possible to invert patterns in NoExtract and NoUpgrade. This feature allows users to whitelist certain files that were previously blacklisted by another entry. Signed-off-by: Allan McRae <allan@archlinux.org>
* deps.c: check for indirect deps when orderingAndrew Gregory2013-06-26
| | | | | | | | | | | | | | | | | | | | On upgrades, indirect dependencies were not being detected if there was a dependency in between them that was not part of the transaction. For example, with the dependency chain: pkg1 -> pkg2 -> pkg3, if pkg1 and pkg3 are being upgraded but not pkg2 pacman would not order pkg1 and pkg3 properly. This was particularly problematic when replacements were involved because the replaced package(s) would be removed at the start of the transaction. If an install script required the replacer and lacked a direct dependency, it could fail. Fixes FS#32764. Partially fixes FS#23011. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Install unchanged backup files to get correct timestamps.Patrick Steinhardt2013-06-26
| | | | | | Fixes FS#35515. Signed-off-by: Allan McRae <allan@archlinux.org>
* Merge branch 'maint'Allan McRae2013-06-18
|\
| * Pull translation updatesAllan McRae2013-06-18
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* | Document alpm_list files are to be stand aloneAllan McRae2013-06-06
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* | Merge branch 'maint'Allan McRae2013-06-06
|\|
| * Pull translation updates and regenerateAllan McRae2013-06-06
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * validate %FILEPATH% when parsing repo dbsSimon Gomizelj2013-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we make no effort to validate the %FILENAME% field in the repo db. This allows for relative paths to be considered valid. A carefully crafted db entry with a malicious relative path, (e.g. `../../../../etc/passwd`) will cause pacman to to overwrite _any_ file on the target's machine. Add the following validation: - doesn't start with '.' - doesn't contain a '/' - won't overflow PATH_MAX Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | improve dir->file transition conflict resolutionAndrew Gregory2013-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Packages removed due to conflicts are always removed at the beginning of the transaction and as such can be included in the check for whether all owners of a directory will be removed in a transaction. Installed versions of packages being upgraded, other than the one with the conflict, cannot be used because our transaction ordering is not intelligent enough to ensure that they are removed prior to the installation of the conflicted package. Also, return false from dir_belongsto_pkgs on errors. Previously, we simply continued which could return true even if we were unable to actually establish that the package owned the entire tree. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | unlink_file: treat symlinks like normal filesAndrew Gregory2013-06-03
| | | | | | | | | | | | | | | | We always want to work with the package file itself, not its target if it's a symlink. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | extract_single_file: consolidate symlink casesAndrew Gregory2013-06-03
| | | | | | | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | conflict.c: check for file -> dir replacementsAndrew Gregory2013-06-03
| | | | | | | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | conflict.c: exclude trailing slash from file pathAndrew Gregory2013-06-03
| | | | | | | | | | | | | | | | | | After the initial checks, we either use the path as a directory and have to append the trailing slash anyway or use it as a file in which case the trailing slash should be excluded. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | conflict.c: do not ignore symlink<->dir conflictsAndrew Gregory2013-06-03
| | | | | | | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | alpm_filelist: remove resolved_pathAndrew Gregory2013-06-03
| | | | | | | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | Improve error message when package is missing required signatureAllan McRae2013-05-29
| | | | | | | | | | | | | | | | | | | | | | When attempting to install a package (either via -S or -U) and the signature is missing, the current error message "invalid or corrupted package (PGP signature)" is very unclear. Instead inform the user that the package is missing the required signature. Partial fix for FS#34741. Signed-off-by: Allan McRae <allan@archlinux.org>
* | add.c: refactor backup file modification checksAndrew Gregory2013-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | The previous implementation was overly complex with unnecessary checks and nested conditionals. By reordering the tests and changing them to all be checks for positive hash matches rather than non-matches, we can collapse several cases and make the process much more linear. This removes the need to set hash_orig = "" just to reach some of the checks and corrects a faulty assumption that files are equivalent when the hashing process fails. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | Merge branch 'maint'Allan McRae2013-05-29
|\|
| * Fix comment typoAllan McRae2013-05-18
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* | Merge branch 'maint'Allan McRae2013-05-07
|\|
| * More translation updatesAllan McRae2013-05-07
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * Pull translation updates from transifexAllan McRae2013-04-30
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>