| Age | Commit message (Collapse) | Author |
|---|
|
GPG signatures have a timestamp which is checked and if it's in the
future, verification will fail.
Dan: slight wording change.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Add details of the system wide and user specific versions of
makepkg.conf to the man page.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
When using the --valgrind flag with the pactest.py script, the path
to the suppression file relies on the script being called from the
source root directory. Construct the path from the scripts location
to allow it to be called from directory.
Dan: style cleanup.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Given the message is repeated for each repo, it is a good idea to
print the repo name in the output.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This extra newline leaves a gap that looks strange in of itself,
but is highlighted when piping -g output to a PKGBUILD.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Give the generated package the correct architecture in its filename
rather than assuming the system architecture.
Also add updated copyright notice.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Now that we pass in the handle, we might as well add logging.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Avoid involving the user's ~/.curlrc file as this may alter the expected
behavior of downloads.
ref: https://bbs.archlinux.org/viewtopic.php?pid=1124441
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Implements FS#28098.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
When checking if a package owns a directory, it is important to check
not only that all the files in the directory are part of the package,
but also if the directory is part of a package. This catches empty
subdirectories during conflict checking for directory to file/symlink
replacements.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
When two packages own an empty directory, pacman finds no conflict when
one of those packages wants to replace the directory with a file or a
symlink. When it comes to actually extracting the new file/symlink,
pacman sees the directory is still there (we do not remove empty
directories if they are owned by a package) and refuses to extract.
Detect this potential conflict early and bail. Note that it is a
_potential_ conflict and not a guaranteed one as the other package owning
the directory could be updated or removed first which would remove
the conflict. However, pacman currently can not sort package installation
order to ensure this, so this conflict requires manual upgrade ordering.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Add a man page for the pactree utility.
Feedback-from: Allan McRae <allan@archlinux.org>
Feedback-from: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Ram Bhamidipaty <rambham@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Test for file content (-s) rather than just existance (-f). This fixes a
bug that manifests itself in the case of an empty -revoked file. A zero
element 'keys' array would be passed to gpg, forcing it to list and,
subsequently, revoke all known keys.
Bug introduced in d1240f67eab6.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
PACMAN_OPTS would be erroneously set when it was undefined, causing
pacsysclean to error out.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We haven't updated this info in years and it is out of date.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This documentation was added in commit 857357f9 so was not caught in the
removal of this option in commit 85712814.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This was accidentally broken in the refactor done in commit 73139ccb.
Fixes FS#29371.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This removes some unnecessary quotes and adds quotes in a few places to
hopefully work correctly if the tempdir has spaces.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Big deltas or deltas for very small packages are not needed so we should
check that and not generate any.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is a vestige leftover from the rewrite over a year ago in
622e7fdd4.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
I removed this in ff713a51 over a year ago.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Detected by clang scan-build static code analyzer.
* Don't attempt to free an uninitialized gpgme key variable
* Initialize answer variable before asking frontend a question
* Pass by reference instead of value if uninitialized fields are
possible in download signal handler code
* Ensure we never call strlen() on NULL payload->remote_name value
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Use --status-fd rather than --status-file to keep this contained in a
pipeline.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
Extend our grep pattern to match TRUST_ULTIMATE, not just TRUST_FULLY,
as these keys are to be trusted as well.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This was really only half a fix for FS#28445, as it still doesn't
correctly handle the case of filenames with spaces. In the short term,
there is no obvious fix for this. In the long term, I believe the
correct decision is to rewrite the options parser to be more in line
with GNU getopt_long.
This reverts commits:
ca4142714137b16feabac09c4cda86b0a75036f8.
969dcddbdf9d5dbd91aa414cdd193f3fb26b644b.
|
|
This has been 0 since 9fa18d9a4b4ce5217842c71d8a45676e3fb9d3f4, but it
doesn't makes sense because we are raising an error.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We cannot rely on gpg's exit code. Instead we have to check the status-fd to
figure out whether a signature is valid or not.
In addition to this pacman-key --verify can now be used in scripts as it will
return an exit code of 1 if the signature is invalid.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This matches the optimization made to repo-add in commit 8bbaf045b9ce
way back in 2009. We don't need to read the whole package file to ensure
multiple .PKGINFO entries don't exist, as well-formed packages should
have this file first in the archive.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Dan was right. This should have been FREE(), not free().
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Since we treat this as an array, we need to initialize it as one. This
avoids addition of an empty element to the option string when we set the
option array from the calling program, e.g.
+/usr/bin/makepkg[2033]: set -- -i --pkg vim -- ''
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This encompasses a few languages that have had changes since 4.0.2
available on Transifex.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
User reports indicate that the SKS keyservers are more reliable
than both the gnupg.net and mit.edu ones.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Using -e without arguments failed to export all keys. Using --export
worked as expected.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Pull updates from transifex, run update-po on all files, fix a few
errors, and push them back to Transifex.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
delayed allocation hoses us here and causes erroenous install sizes to
be reported. Add a short sleep to allow the transaction to be committed
to the filesystem and the stat buffers to be updated.
This is apparently a "feature", as per to some of the denizens of #btrfs
on freenode.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
For key searches only, gpg2 will fail to lookup any and all keys that
are not prefixed with 0x.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
In case we have a mirror failure, unlink_on_fail would remain set,
causing an interrupt in a successive download attempt to be wrongly
unlinked.
This also fixes a memory leak in the url member, as we would allocate
over the previous, unfreed URL.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
To avoid conflicts on reusing a payload after a failed download, ensure
that we reset the filename hints in the payload struct prior to the
download operation.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Ignore *.sig, *.db*, and *.src.tar* when cleaning the package cache.
Fixes FS#25166.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
These got lost when I switched to the new Asciidoc tables syntax in
commit 1ebe5dc1979e.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Similar to how we manage receipt of SIGINT in pacman's internal
downloader, catch the signal and invoke our own trap handler before
unsetting it and calling the default. This requires a slight
modification to the arguments passed to trap_exit so we can pass the
raised signal to trap_exit (note that we substitue USR1 for ERR since
the latter is unique to bash).
Fixes FS#28491.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Verifing the keyring at this point is useless as a malicious package is already
installed and as such has several options to bypass this check anyway.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
* it updates to all translations
* minor fr, pt_BR, de, lt, sk and uk updates
* add new strings in pacman translation catalog
Signed-off-by: Dan McGee <dan@archlinux.org>
|
