bryson/pacman
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pacman-optimize: standardize on openssl usage, only touch local/

Browse source 
The rest of our scripts have been using `openssl dgst` rather than tools
like `md5sum` for some time, so convert this one too. We also make the
following other adjustments:

* Use a `find -print0 | xargs -0` pipeline so paths with spaces and or
  newlines don't totally kill us.
* Ensure the files we write out contain only paths relative to the
  database root, where we know the filenames should all be sane.
* Remove use of `diff`, this was the only time we used it in scripts and
  we can get a cheap substitute by comparing file checksums instead.
* Only touch the local/ part of the database. It makes little sense to
  do anything to the sync/ directory anymore as they are compressed
  single files that should be regularly written out in full and won't be
  fragmented on any sane filesystem.

Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
Dan McGee 2012-03-03 13:02:25 -06:00
parent 687f7b6ba8
commit 6a636b2b6e
1 changed files with 23 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
scripts/pacman-optimize.sh.in
View file

@ -88,9 +88,8 @@ if [[ -n $1 ]]; then
dbroot="$1" dbroot="$1"
fi fi
# make sure diff is installed if ! type -p openssl >/dev/null; then
if ! type diff >/dev/null 2>&1; then die "$(gettext "Cannot find the %s binary required for verifying integrity.")" "openssl"
die "$(gettext "diff tool was not found, please install diffutils.")"
fi fi
if [[ ! -d $dbroot || ! -d $dbroot/local ]]; then if [[ ! -d $dbroot || ! -d $dbroot/local ]]; then
@ -103,8 +102,8 @@ fi
# strip any trailing slash from our dbroot # strip any trailing slash from our dbroot
dbroot="${dbroot%/}" dbroot="${dbroot%/}"
# form the path to our lockfile location
lockfile="${dbroot}/db.lck" lockfile="${dbroot}/db.lck"
localdb="${dbroot}/local"
# make sure pacman isn't running # make sure pacman isn't running
if [[ -f $lockfile ]]; then if [[ -f $lockfile ]]; then
@ -118,37 +117,39 @@ workdir=$(mktemp -d "${TMPDIR:-/tmp}/pacman-optimize.XXXXXXXXXX") ||
# step 1: sum the old db # step 1: sum the old db
msg "$(gettext "MD5sum'ing the old database...")" msg "$(gettext "MD5sum'ing the old database...")"
find "$dbroot" -type f | sort | xargs md5sum > "$workdir/pacsums.old" (cd "$localdb" && find . -type f -print0 | \
xargs -0 openssl dgst -md5 | sort > "$workdir/pacsums.old")
# step 2: tar it up # step 2: tar it up
msg "$(gettext "Tar'ing up %s...")" "$dbroot" msg "$(gettext "Tar'ing up %s...")" "$localdb"
bsdtar -czf "$workdir/pacman-db.tar.gz" -C "$dbroot" ./ bsdtar -czf "$workdir/pacman-db.tar.gz" -C "$localdb" ./
if (( $? )); then if (( $? )); then
rm -rf "$workdir" rm -rf "$workdir"
die_r "$(gettext "Tar'ing up %s failed.")" "$dbroot" die_r "$(gettext "Tar'ing up %s failed.")" "$localdb"
fi fi
# step 3: make and sum the new db side-by-side with the old # step 3: make and sum the new db side-by-side with the old
msg "$(gettext "Making and MD5sum'ing the new database...")" msg "$(gettext "Making and MD5sum'ing the new database...")"
mkdir "$dbroot.new" mkdir "$localdb.new"
bsdtar -xpf "$workdir/pacman-db.tar.gz" -C "$dbroot.new" bsdtar -xpf "$workdir/pacman-db.tar.gz" -C "$localdb.new"
if (( $? )); then if (( $? )); then
rm -rf "$workdir" rm -rf "$workdir"
die_r "$(gettext "Untar'ing %s failed.")" "$dbroot" die_r "$(gettext "Untar'ing %s failed.")" "$localdb"
fi fi
# immediate sync following extraction should get it written continuously on HDD # immediate sync following extraction should get it written continuously on HDD
msg "$(gettext "Syncing database to disk...")" msg "$(gettext "Syncing database to disk...")"
sync sync
find "$dbroot.new" -type f | sort | \ (cd "$localdb.new" && find . -type f -print0 | \
xargs md5sum | sed 's#.new##' > "$workdir/pacsums.new" xargs -0 openssl dgst -md5 | sort > "$workdir/pacsums.new")
# step 4: compare the sums # step 4: compare the sums
msg "$(gettext "Checking integrity...")" msg "$(gettext "Checking integrity...")"
diff "$workdir/pacsums.old" "$workdir/pacsums.new" >/dev/null 2>&1 read -ra old_dgst < <(openssl dgst -md5 < "$workdir/pacsums.old")
if (( $? )); then read -ra new_dgst < <(openssl dgst -md5 < "$workdir/pacsums.new")
if [[ ${old_dgst[@]:(-1)} != ${new_dgst[@]:(-1)} ]]; then
# failed # failed
# leave our pacman-optimize tmpdir for checking to see what doesn't match up # leave our pacman-optimize tmpdir for checking to see what doesn't match up
rm -rf "$dbroot.new" rm -rf "$localdb.new"
die_r "$(gettext "Integrity check FAILED, reverting to old database.")" die_r "$(gettext "Integrity check FAILED, reverting to old database.")"
fi fi
@ -156,15 +157,15 @@ fi
msg "$(gettext "Rotating database into place...")" msg "$(gettext "Rotating database into place...")"
fail=0 fail=0
mv "$dbroot" "$dbroot.old" || fail=1 mv "$localdb" "$localdb.old" || fail=1
mv "$dbroot.new" "$dbroot" || fail=1 mv "$localdb.new" "$localdb" || fail=1
chmod --reference="$dbroot.old" "$dbroot" || fail=1 chmod --reference="$localdb.old" "$localdb" || fail=1
chown --reference="$dbroot.old" "$dbroot" || fail=1 chown --reference="$localdb.old" "$localdb" || fail=1
if (( fail )); then if (( fail )); then
# failure with our directory shuffle # failure with our directory shuffle
die_r "$(gettext "New database substitution failed. Check for $dbroot,\n$dbroot.old, and $dbroot.new directories.")" die_r "$(gettext "New database substitution failed. Check for %s, %s, and %s directories.")" "$localdb" "$localdb.old" "$localdb.new"
fi fi
rm -rf "$dbroot.old" rm -rf "$localdb.old"
# remove the lock file and our working directory with sums and tarfile # remove the lock file and our working directory with sums and tarfile
rm -f "$lockfile" rm -f "$lockfile"