archive_read_extract() forces resolution of uid/gid to names
when extracting the tarball. This can lead to wrong file
ownership when using pacman with -r option and when uid/gid
differ in the host and in the chroot.
archive_read_extract2() uses uid's and gid's only. See also:
https://lists.archlinux.org/pipermail/pacman-dev/2017-March/021912.html
Signed-off-by: Armin K <krejzi@email.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Now uses wc -c $file | cut -d' ' -f1, which works using only POSIX
commands and removes the need for any platform-specific usages.
Signed-off-by: Drew DeVault <sir@cmpwn.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Newline-separated input is more reliable because most of the arguments
we accept over stdin can validly contain spaces but not newlines.
Resolves FS#52992
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Makes error detection and handling easier for a common operation.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Opens the test file(s), test output, and any log files in the test
environment in an editor after the tests run for review. Simplifies
debugging tests by avoiding the need to use --keep-root and manually
opening the relevant files. The editor used can be set with --editor or
$EDITOR, falling back to vim.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If a comment in an INSTALL file contains the name of a valid
INSTALL file function but the function itself is not present,
pacman tries to execute that function. That leads to an error.
Ignore comments in the grep function in libalpm/trans.c to
avoid such errors.
Signed-off-by: Michael Straube <straubem@gmx.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add command line option ('--disable-download-timeout') and config file
option ('DisableDownloadTimeout') to disable defaults for low speed
limit and timeout on downloads. Use this if you have issues downloading
files with proxy and/or security gateway.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
This was spotted on Arch Linux, most likely it was introduced
when fakechroot was updated to 2.19-1.
Valgrind suggests to add the following suppression, which can be
tweaked to fit an already existing one.
{
<insert_a_suppression_name_here>
Memcheck:Leak
match-leak-kinds: reachable
fun:calloc
obj:/usr/lib/libdl-2.24.so
fun:dlsym
obj:/usr/lib/libfakeroot/fakechroot/libfakechroot.so
fun:bindtextdomain
obj:/usr/lib/libgpg-error.so.0.20.0
fun:call_init.part.0
fun:_dl_init
obj:/usr/lib/ld-2.24.so
obj:*
obj:*
obj:*
}
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Debug packages are fairly useless currently because the soucre files needed
for stepping through code etc are not packaged with them. This patch adds the
needed source files to the debug package and adjusts the debug info to look at
the /usr/src/debug/ directory for them rather than the build location. This
requires using the "debugedit" program which is provided as part of the RPM
sources.
Signed-off-by: Allan McRae <allan@archlinux.org>
A git repository is marked as signed if it contains the query "signed"
as defined by https://tools.ietf.org/html/rfc3986
Adds two utility functions in util/source.sh.in to extract fragments and
queries, and modifies source/git.sh.in to use them.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This makes it easier to add signature verification for new protos.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
makepkg adds makedepends and checkdepends to a package's .PKGINFO file.
Add functions that allow use of these from libalpm.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
By passing a NUL-separated filelist, this also fixes a bug where files
that look like bsdtar options in the package root could break the
package ("-C" was particularly troublesome because bsdtar interprets it
as an option anywhere in the file list, even following "--").
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The files belong to the new version of a package being installed, they
are not temporary in any way.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
When replacing a file with a directory, any files under that directory
do not need to be checked for conflicts. This prevents possible
false-positive conflicts where the file being replaced is a symlink.
We were already skipping the directory children when the file was owned
by the previous version of a package being upgraded. This extends that
to other packages being removed.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Allows the hash sign to be used in values in config files and hooks.
Fixes#48702
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
libalpm reserves paths starting with '.' for its own use and will not
extract any other than those it recognizes.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Some database files (install, mtree, and changelog) are extracted
directly from the package, but DBONLY was skipping extraction
altogether, causing those files to be missing after the transaction.
Fixes#52052
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
scripts/libmakepkg/lint_pkgbuild/pkgver.sh.in now raises an error when
pkgver contains forward slashes.
pkgver containing a forward slash results in a package filename
containing a forward slash, which isn't a valid filename.
Signed-off-by: Steef Hegeman <steefhegeman@hotmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
We want to provide source files with debug symbol packages to allow easy
stepping through the program. This becomes difficult with split packages due
to the binaries in many of these sharing source files across packages.
There are (at least) two solutions to this problem. #1: ensure common source
files are located in the debug package for the package lowest in the dependency
chain and add dependencies to the debug packages so all require source files
are present, or #2: create one debug package for all split packages in a
PKGBUILD. The second is a more robust approach despite potentially creating
very large debug packages.
This patch creates a single $pkgbase-debug package and adds provides such that
installing $pkgname-debug will always work.
Signed-off-by: Allan McRae <allan@archlinux.org>
LAZY_LOAD has completely ignored the errret value since commit
307a6de17a in 2011.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
These files are generated at build time. Ignore in git.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
Not all du implementations on linux accept --apparent-size, so let the
user configure the arguments passed to du if required.
This fixes FS#47943.
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
'pacman -Dk' prints a "success!" message if there were no errors.
It is possible to suppress the output using the '-q / --quiet' flag.
This implements the feature discussed at https://bugs.archlinux.org/task/50087
Signed-off-by: Patrick Eigensatz <patrick.eigensatz@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
In FS#43434, Downloads which fail and are restarted on a different server
will resume and may display a negative download speed. The payload's progress
in libalpm was not properly reset which ultimately caused terminal noise
because the line width calculation assumes positive download speeds.
This patch fixes the incomplete reset of the payload by mimicing what
be_sync.c:alpm_db_update() does over in sync.c:download_single_file().
The new dload.c:_alpm_dload_payload_reset_for_retry() extends beyond the
current behavior by updating initial_size and prevprogress for this case.
This makes pacman reset the progress properly in the next invocation of the
callback and display positive download speeds.
Fixes FS#43434.
Signed-off-by: Martin Kühne <mysatyre@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
libalpm's local database format does not support paths with newlines.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Allows lint_package to prevent makepkg from creating an invalid package.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The PKGINFO format cannot handle values that contain newlines.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Neither function was checking for the existence of actual results before
calling printf, resulting in them returning a list with a single empty
value if there were no depends/provides.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This does exactly the same thing as it code it replaces, but punt to
curl to do it for brevity. Requires curl 7.25.0, which we already cover.
Signed-off-by: Allan McRae <allan@archlinux.org>
I'm not convinced this is a worthwhile goal, but let's follow suit.
Since we can't know the names of all the vars that might exist, unset
them by pattern.
Use shopt to set/reset errexit and errtrace, which lets us:
1) be more vigilant, resetting anything the user might do to us in
PKGBUILD functions.
2) use human-readable words (errexit vs. -e)
On top of this, introduce a new save/restore for the shell's other
shopts. A user should not have any expectations that what happens in
one function is available in another function, if it isn't explicitly
defined in the PKGBUILD. While this change does not make that
assertion, it gets us closer.
We also replace a variable which comes from out of nowhere (pkgfunc)
with the positional parameter containing the same value. Quoting is
adjusted to make the expansion happen at the time the trap is set,
rather than later on.
This disables globbing, which should never be used in source URL
specifications as it would lead to mismatches in the checksum mapping
and un-checked sources.
After 1f8f0bd9ac all scripts that were
changed to using the wrapper for in-tree use have the wrappers installed
to the system instead of the actual script, so change the install
command to support all wrapped scripts instead of just makepkg.
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
