When package software with debug symbols without stripping, we should
still process the files with debugedit and include the needed source
files in the package.
Signed-off-by: Allan McRae <allan@archlinux.org>
We have not set handle in the function at this stage, so we can not
assign an error to it. Pass the handle to the function to avoid
waiting until the payload is retrieved.
Signed-off-by: Allan McRae <allan@archlinux.org>
Move closing of the file descriptor until the end of the function, as
any following error will lead to a "goto error" that attempts to close
it again.
Signed-off-by: Allan McRae <allan@archlinux.org>
This also prevents a use-after-free issue where we free the list we
are interating over and the do i->next.
Signed-off-by: Allan McRae <allan@archlinux.org>
Bash-5.2 introduced the patsub_replacement shell option, which is enabled
by default. Apparently is it supposed to handle a sed-like idiom, but
what it does achieve is making any substitution involving a "&" requiring
special care.
For makepkg's DLAGENTS, we replace "%o" and "%u" if present. Any "&" in
the replacement fields triggers patsub_replacement unless quoted. This is
particularly important for the URL field.
Add relevant quotes to avoid issues.
Signed-off-by: Allan McRae <allan@archlinux.org>
md5sums are cryptographically broken and we supply sha256sums to verify
files on a users system have not been modified from the packaged version.
Signed-off-by: Allan McRae <allan@archlinux.org>
Keeping md5sums in the repo databases no longer serves a real purpose.
md5sums are no longer considered secure, and we already have sha256sums
in the repos (along with PGP verification).
Signed-off-by: Allan McRae <allan@archlinux.org>
The example makepkg.conf.in suggests using "PKGDEST=/home/packages". It makes
sense to use the same path for the custom repo example in pacman.conf.in.
Fixes FS#48497.
Signed-off-by: Allan McRae <allan@archlinux.org>
The currently used openssl interfaces for calculating checksums have been
deprecated in openssl-3.0. Move to the modern interfaces to avoid build
warnings.
Signed-off-by: Allan McRae <allan@archlinux.org>
Bash sources user configuration files under a number of conditions that
can cause issues with scripts when bash is used as the scriptlet shell.
Bash assumes it's being run under rsh/ssh if stdin is connected to a
socket and sources the user bashrc unless the environment variable
$SHLVL is >= 2. Commit 6a4c6a02de
switched from pipes to sockets when communicating with child processes
to work around SIGPIPE issues. Normally $SHLVL would be inherited from
the shell running pacman, but operations involving scriptlets are
generally run with sudo which does not let the $SHLVL variable through
unless specifically configured to.
Similarly $BASH_ENV can cause bash to source user-specified configuration
files if set.
https://lists.gnu.org/archive/html/help-bash/2022-02/msg00082.html
Note: the list discussion and bash source all reference SHLVL >= 2, this
is the SHLVL value *after* bash has incremented it on startup. Setting
it to 1 in pacman is sufficient to disable the unwanted behavior.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
`.o` objects used to be omitted by strip.sh due to a missing match in
the `Relocatable file` section. This patch fixes the issue by handling
`.o` objects similar to kernel modules.
fixes FS#74941
Signed-off-by: Allan McRae <allan@archlinux.org>
`${pkgbase}` was added to the wrong invocation. This ensures we are
producing correct debug packages.
Example from the package:
/usr/src/debug/pacman/pacman-6.0.2/src/pacman/callback.c
/usr/src/debug/pacman/pacman-6.0.2/src/pacman/callback.h
/usr/src/debug/pacman/pacman-6.0.2/src/pacman/check.c
/usr/src/debug/pacman/pacman-6.0.2/src/pacman/check.h
Fixes: 776b7c1e75 ("debugflags: Ensure we have unique source paths")
Signed-off-by: Morten Linderud <morten@linderud.pw>
Signed-off-by: Allan McRae <allan@archlinux.org>
The debugedit call to list all source files may include things like
build/<...>. We have been filtering out these <> files, but they can
point to the build directory which is important to be available for
relative source paths stored in the .debug files.
Signed-off-by: Allan McRae <allan@archlinux.org>
Bash 5.2 has a new globskipdots option, which is enabled by default. The
check_dotfiles lint fails with globskipdots due to the assumption that
at least the "." and ".." paths will match. Disabling globskipdots would
be the usual solution, but that fails on bash<5.2. Instead, enable
nullglob for this check.
Signed-off-by: Allan McRae <allan@archlinux.org>
There are two "binaries" that are currently missing documentation,
pacman-db-upgrade and testpkg. This patch adds that documentation.
Signed-off-by: Ben Westover <kwestover.kw@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Commit e017a5975c introduced the GITFLAGS
environmental variable. While ensuring the default of "--mirror" was
kept, there was a capitalisation mistake made. Handle the default for
GITFLAGS directly in the git clone command.
The default flag used to clone a git repository when using makepkg
is "--mirror". However, when working with huge repositories, the use
of different flags during cloning can allow an faster checkout. For
example, using "--filter=blob:none" allows for small checkouts, at
the expense of requiring downloads during the build stage if anything
but the HEAD commit is used for the build. In addition, this example
would serve as a replacement for the often requested (but broken)
addition of --depth=1.
Add support for the environment variable GITFLAG to pass flags for
the git clone command. Note that this overrides the default rather
than adding to it in order to prevent incompatibilities.
On Debian, keyrings are stored in /usr/share/keyrings. To support
this, let's add a new --keyringdir option that allows configuring
the directory under datarootdir where the keyrings should be
imported from. We default to 'pacman/keyrings' for backwards
compatibility.
For some terminal widths, the "C"/"c" character does not alternate at
regular intervals, but may look like it is stuck at either lowercase or
uppercase.
The previous behavior toggled based on the character position, while this
new behavior toggles the chomp alternation based on the progress percentage value.
This leads to slightly improved chomping.
Signed-off-by: Alexander F. Rødseth <xyproto@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The fill_progress function is called from two locations,
and both locations pass in the same percentage value twice.
This patch modifies the function signature to to receive the
percentage value just once.
Signed-off-by: Alexander F. Rødseth <xyproto@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Apparently that function was deprecated in 0.56, so use the generic
getter introduced in 0.51 instead. This squashes a warning.
Signed-off-by: Joe Baldino <pedanticdm@gmx.us>
Signed-off-by: Allan McRae <allan@archlinux.org>
It's possible that the cursor does not reappear after pressing ^C during
shutdown. In my case, I noticed this when pressing ^C after getting
results from `pacman -F` -- this can reasonably reliably be triggered by
issuing a file query and pressing ^C shortly after results are shown.
There are two reasons for this issue:
1. The graceful SIGINT handler is removed at the start of cleanup(), but
the window from entering cleanup() to reaching exit() is non trivial.
The main offender is FREELIST(pm_targets), which on my T14s takes
>0.1s to execute. This means that if you are unlucky enough to press
^C while there, the cursor isn't coming back, because we haven't
issued any command to show the cursor again yet, and the userspace
signal handler is already blown away.
2. Moving console_cursor_show() to earlier in cleanup() only half solves
the issue. While it's fine not to flush after _hiding_ the cursor,
since it will at least make itself apparent before any other text
reaches the screen, _showing_ the cursor must be followed by flushing
stdout, because once the graceful SIGINT handler is gone, if you
press ^C, no flush will be triggered (and thus there will be no
cursor).
This fixes the issue by always starting out by showing the cursor again
at cleanup() time. This means that no matter where we get caught at ^C,
we will not end up leaving the terminal without its beloved ensign.
Signed-off-by: Chris Down <chris@chrisdown.name>
Signed-off-by: Allan McRae <allan@archlinux.org>
The last user of ABORT_SIGINT was removed in commit 84723cab5d
("Cleanup the old sequential download code"), and this isn't exported as
part of the public API.
Signed-off-by: Chris Down <chris@chrisdown.name>
Signed-off-by: Allan McRae <allan@archlinux.org>
Extend print-format with checkdepends, depends and makedepends.
Signed-off-by: Jelle van der Waa <jelle@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
alpm_pkg_get_builddate() and alpm_pkg_get_installdate() both return -1 on
error. Correctly handle the error condition in pacman.
Signed-off-by: Allan McRae <allan@archlinux.org>
Extend --print-format with all expac format strings which can be easily
added without conversions and through a simple C macro.
Signed-off-by: Jelle van der Waa <jelle@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
This adds a mechanism for package builders to add arbitrary data to
packages that is not necessarily relevant enough to the package
installation process to gain first-class support in alpm. Currently
these fields have to be added to parsers with a "not actually used"
comment and can't be retrieved through the API.
Extended data is stored in "name=value" format in the xdata field
(%XDATA% in desc files):
xdata = pkgtype=debug
or
%XDATA%
pkgtype=debug
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
This allows for parsing the output of:
pacman --upgrade --print-format '<format>' pkg.zst
without having to remove info messages from it.
Signed-off-by: Allan McRae <allan@archlinux.org>
In some cases packages are built outside of a directory which contains
pkgname-pkgver, this results in source listing in debug packages having
a conflicting path like `/usr/src/debug/build/` which is not ideal.
This patch ensures we always include the pkgbase to ensure the paths are
unique.
Signed-off-by: Morten Linderud <morten@linderud.pw>
Signed-off-by: Allan McRae <allan@archlinux.org>
The feature has been introduced in commit a33cdac10b
The buildinfo version has been bumped in commit 0428f6213b
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Currently our gitlab CI is failing due to valgrind breakage. With
Arch stripping glibc, valgrind now requires debuginfod to be active.
However the gitlab CI system combined without our testsuite does not
retrieve these symbols, even when the appropriate environmental
variable is set.
Work around this by installing the glibc-debug package directly
using a slight kludge... All blame for this approach is assigned
to foutrelis!
Signed-off-by: Allan McRae <allan@archlinux.org>
Arch Linux is adding source signing PGP keys to their package source
tree alongside PKGBUILDs in the form keys/pgp/$fingerprint.asc. As the
PGP keyserver infrastructure is a mess, this helps other people validate
sources in a PKGBUILD.
Add the keys to source packages if found alongside the PKGBUILD.
Signed-off-by: Allan McRae <allan@archlinux.org>
