We now store key structs of our missing key info, so can not search the list
for string matches. This caused missing keys to be downloaded once for every
package they signed.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 540b19164b)
In commit 9c817b6549 we made these sources
extendable, and heuristically determined the correct extraction
functions to use. But our fallback for protos that didn't have an exact
extract_* function didn't take into account that 'extract_file' matches
an actual proto... so we passed the netfile in while the function
expected a file.
Solution: the function should expect a netfile too, thereby allowing us
to delay an attempted resolution of netfile -> file, to the one case
where it is actually used. This makes us slightly more efficient in the
non-file case, makes our functions a bit more consistent, and makes
file:// extraction work again.
Fixes FS#64648
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit 349c22d043)
When file is called via fakeroot, it doesn't matter whether you use -z
or not, it is still incompatible with seccomp. Fix by configuring it
with FILECMD when used in the fakeroot 'tidy' run.
Fixes FS#65100
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
python-3.8 changed the default tar format to PAX_FORMAT. This caused
issues in our testsuite with package extraction of files with UTF-8
characters as we run the tests under the C locale.
sycn600.py:
error: error while reading package /tmp/pactest-xuhri4xa/var/cache/pacman/pkg/unicodechars-2.0-1.pkg.tar.gz: Pathname can't be converted from UTF-8 to current locale.
Set format back to GNU_FORMAT.
Signed-off-by: Allan McRae <allan@archlinux.org>
(cherry picked from commit b9faf65273)
Distribute asciidoc sources for all manpages instead of remembering to
add files to both variables. Fixes regression in
377d47142f which broke building the
website from a dist tarball:
make: *** No rule to make target 'pacman-conf.8.html', needed by 'html'. Stop.
(Technically this regression is already fixed by commit
942b909829, but this is just going to keep
happening, I suspect, so we should fix the root cause.)
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Fixes issue where users were allowed to run cleanup while running
--geninteg or --printsrcinfo or --packagelist, thus mixing invalid
responses into stdout.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Exclude files with hardlinks when cat'ing all the files, and do a second
run to look at each file with hardlinks, keep track of the ones we've
already operated on, and only cat each inode once. Then use "wc -c" to get
the size of all (deduplicated) files the same way we were already doing.
Original-patch-by: Ronan Pigott <rpigott@berkeley.edu>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
zipman:
read -r protects against those evil manpages whose filenames contain
backslash escapes, (muahahaha?)
IFS= read protects against filenames with:
- leading whitespace (but no one is actually stupid enough to configure
their MAN_DIRS=() in makepkg.conf with such silly directories, *right*?)
- trailing whitespace (but likewise, no one should be stupid enough to
write an uncompressed manpage for section '1 ' or something)
Also fix several other cases where we read filenames without protecting
against surrounding whitespace, or without using null-delimited
filenames when we could trivially do so.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The BSD stat command uses %N, not %n, and was incorrectly ported to
meson.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
makepkg now complains when PACKAGER is not in the format
"name <email>".
Hide this warning when PACKAGER is unset but still warn if it is set to
something out of format.
Signed-off-by: Allan McRae <allan@archlinux.org>
This allows pacman to print the correct error message when checking keys
and libalpm has been compiled without gpgme support.
Signed-off-by: Allan McRae <allan@archlinux.org>
The dummy checksigs function never sets count to 0, leaving it
unitialized. This caused the siglist cleanup to try and free the empty
list.
Signed-off-by: Allan McRae <allan@archlinux.org>
This message was clarified for sync operations in
2b1b7b7075.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
system() runs the provided command via a shell, which is subject to
command injection. Even though pacman already provides a mechanism to
sign and verify the databases containing the urls, certain distributions
have yet to get their act together and start signing databases, leaving
them vulnerable to MITM attacks. Replacing the system call with an
almost equivalent exec call removes the possibility of a shell-injection
attack for those users.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Saving fflages breaks reproducible builds due to encoding information
specific to the filesystem that was used to build the package. This
information is not needed for packaging purposes anyway.
Including fflags also means that attempting to extract a package file as
root (or fakeroot) might result in angry warnings being printed to the
console by bsdtar, followed by a non-zero exit code, unless the user
remembers to use --no-fflags during extraction. This is unpleasant UI, even
if pacman itself won't care about these.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
With unknown uid pacman crashed. Return with error from email_from_uid()
if uid is NULL.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
If the key's uid is unknown (for example with db signatures) the
question was:
:: Import PGP key 02FD1C7A934E614545849F19A6234074498E9CEE, "(null)"? [Y/n]
Let's display a modified question for unknown uid.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
If an email address is specified, we use --locate-key to look up the key
using WKD and keyserver as a fallback. If the key is specified as a key
ID, this doesn't work, so we use the normal keyserver-based --recv-keys.
Note that --refresh-keys still uses the keyservers exclusively for
refreshing, though the situation might potentially be improved in a new
version of GnuPG:
https://lists.gnupg.org/pipermail/gnupg-users/2019-July/062169.html
Signed-off-by: Jonas Witschel <diabonas@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
remove_deps is called once, at the end of clean_up() before makepkg
exit. If remove_deps returns >0 (e.g. when pressing "n" in the resulting
prompt), the error is caught by the ERR signal handler. This in turns
sends SIGUSR1 to the process group, with resulting exit code 138.
In case remove_deps fails, this patch exits makepkg with E_REMOVE_DEPS
if there was no previous error (that is, EXIT_CODE equals E_OK).
Otherwise, makepkg exits with EXIT_CODE.
Signed-off-by: Allan McRae <allan@archlinux.org>
When running `makepkg -i` it may be necessary to first remove make- and
checkdepends before installing the built package - for example if they
conflict each other. This is the case for wireguard-arch which
makedepends and conflicts wireguard-dkms.
Signed-off-by: Erich Eckner <git@eckner.net>
Signed-off-by: Allan McRae <allan@archlinux.org>
Without the -f option to wait, we might move on and try to delete the
logpipe before the process is completed.
Signed-off-by: Allan McRae <allan@archlinux.org>
The logpipe fifo can remain when exiting on a non-error condition such
as recieving signals INT and USR1. This can be seen by doing either a
manual CTRL-C to interrupt the build or by sending a signal such as:
$ makepkg & sleep 5 ; kill -USR1 $!
Remove the fifo in all cases on script exit if it still exists.
Signed-off-by: Austin Lund <austin.lund@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Try and find an exact match via pkgcache before iterating the entire
localdb.
Gives a noticeable speed up for exact matches e.g. `pacman -T zlib`
Signed-off-by: Allan McRae <allan@archlinux.org>
when a satisfying package is already installed, we always pick it
instead of prompting the user. So we can return that package as soon as
we find it, instead of waiting until we've iterated through all the
databases.
Signed-off-by: Allan McRae <allan@archlinux.org>
In addition to the general issue of staticlibs linkage, linking a static
lib to a library() does not seem to generate the needed Libs.private.
Rework how we handle this entirely. Instead of relying on convenience
libraries, we will *sigh* go extract a boatload of .o files again, then
relink those to the installable libalpm, while mentioning our
dependencies again.
We still have our guaranteed static library for linking arbitrary programs
with (e.g. vercmp), and we still only generate one identical copy of the
.o files, but now we potentially `ar` it up twice, which isn't so bad.
And linking still works, and pkg-config files also still work.
One alternative would be to explicitly list our dependencies to
pkgconfig.generate with requires_private, but since gpgme might be an
elevated config-tool dependency, this can fail with:
meson.build:341:10: ERROR: requires argument not a string, library with pkgconfig-generated file or pkgconfig-dependency object, got <GpgmeDependency gpgme: True>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
LIB_VERSION is supposed to be something like 11.0.1, not simply
reiterate the project version. As a result, we ended up with this:
$ pacman -V
[...]
Pacman v5.1.0 - libalpm v5.1.0
[...]
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Not all compression types can be detected in the seccomp sandbox, so we
need to disable it. This requires either configuring makepkg to know the
sandbox is available, or checking for file >= 5.38 in which the sandbox
option is a no-op even when seccomp is disabled.
- Requires autoconf-archive for autotools version compare macro.
- meson version comparison could be made a lot simpler using meson-git.
Fixes FS#58626
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
