summaryrefslogtreecommitdiff
path: root/scripts/repo-add.sh.in
AgeCommit message (Collapse)Author
2015-06-20repo-add: Reject armored signaturesJohannes Löthberg
Pacman cannot handle armored signatures, so make repo-add error out if one is detected. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-06-20repo-add: Generate unarmored DB signatureJohannes Löthberg
Pacman cannot handle armored signatures, so use gpg's --no-armor flag to force an unarmored signature. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: merge desc and depends filesAllan McRae
There is little point in these two files being separated as the whole sync db is parsed at once. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26Always create files databaseAllan McRae
Both the "db" and "files" databases are created in one call to repo-add. Only the "foo.db.tar.xz" name is passed to repo-add. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: remove duplication finding old package detailsAllan McRae
The information needed to create a delta entry and remove the old package from the filesystem are the same. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: check early for xdelta if it is neededAllan McRae
The check for xdelta3 was done as needed (and not in all cases). Do this check early so that repo-add does not abort part way through. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: only update database if entire command succeededAllan McRae
It is not hard to think of situations where the repo database should not be updated unless the whole operation succeeds. Error out before a partial database update occurs. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: move database creation into its own functionAllan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26repo-add: move database rotation into its own functionAllan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: improve delta file detection on removalAllan McRae
This allows use to remove a package with the name "foo.delta" from the repos. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: only backup database signature if database was backed upAllan McRae
Ensures the backed update database and its signature are always consistent. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: unify checking gpg keysAllan McRae
Move the PGP key checking into the check_gpg function. This also results in error messages being in colour. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: clarify invalid repo extension messageAllan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12repo-add: improve removing old packagesAllan McRae
The -R/--remove option left the old package in place when delta packages were to be generated. It was also removed before we ensure the generation of the entry for the new package was generated without error. Remove the old package at the end of database entry and delta generation. Also improve the help message to clarify it is the old package that is removed. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-01Update copyright notices for 2015Allan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-27repo-add: declare pkgbase as localAllan McRae
2014-01-28Remove ts and sw from vim modeline when noet is setFlorian Pritz
Forcing vim users to view files with a tabstop of 2 seems really unnecessary when noet is set. I find it much easier to read code with ts=4 and I dislike having to override the modeline by hand. Command run: find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} + Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-06Update copyright years for 2014Allan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-06-06repo-add; add option to remove existing package files from diskPhillip Smith
When maintaining a custom repo, often it is undesirable to retain older versions of packages. This patch adds the --remove option to remove the current package file and it's signature from disk before adding the new one to the database. Documentation is also updated. This is an optional flag and default behaviour (leaving ondisk files alone) is not changed. Signed-off-by: Phillip Smith <fukawi2@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-15repo-add: Update copyright yearAllan McRae
Also adjust translations. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-08scripts: Add color to repo-addWilliam Giokas
Signed-off-by: William Giokas <1007380@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-03Add a -n option to repo-add to only add new packagesDanny George
Packages are already in the pkg db were given a warning, and then readded anyway. With -n specified, the warning is printed, but skips readding it. Signed-off-by: Danny George <dangets@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2012-11-27repo-add: quote filename for consistent output styleAllan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2012-06-25repo-add: add checkdepends informationAllan McRae
Similar to the case for makedepends, it is useful to be able to access this information without parsing a PKGBUILD. Signed-off-by: Allan McRae <allan@archlinux.org>
2012-05-20repo-add: add makedepends informationAllan McRae
This is useful for tools that automatically rebuild packages and thus require to generate a build order. These entries are skipped by pacman. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-29pkgdelta/repo-add: quoting fixesFlorian Pritz
Finish the job on master; most of these were applied to maint already. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-24Merge branch 'maint'Dan McGee
Conflicts: scripts/repo-add.sh.in
2012-04-20pkgdelta/repo-add: quoting fixesFlorian Pritz
This removes some unnecessary quotes and adds quotes in a few places to hopefully work correctly if the tempdir has spaces. Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07repo-remove: remove deltas file if it becomes emptyFlorian Pritz
Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-08Merge branch 'maint'Dan McGee
Conflicts: lib/libalpm/be_package.c
2012-03-05Do not dereference symlinks when calculating sizeAllan McRae
Passing the "-L" flag to stat means we get the size of the file being pointed to for symlinks instead of the size of the symlink. Keep "-L" usage in repo-add as we want the actual size of the package/delta/signature there. Signed-off-by: Allan McRae <allan@archlinux.org>
2012-01-30Merge branch 'maint'Dan McGee
Conflicts: scripts/makepkg.sh.in
2012-01-30scripts: always use printf with embedded gettextDave Reisner
This addresses two problems: 1) echo's behavior is inconsistent when dealing with flags, and can potentially be problematic. $ echo -n $ echo -- -n -- -n 2) Always using the end of options markers prevents translated strings from throwing errors, as shown in FS#28069. The remaining "inconsistencies" are because printf is being used in a guaranteed safe manner, e.g. printf '%s\n' "$(gettext "--this can never break")" Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-23Merge branch 'maint'Dan McGee
Conflicts: lib/libalpm/diskspace.c src/pacman/util.h
2012-01-18Update copyright on changed files since beginning of yearDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18repo-add: clean up help messagesDan McGee
Use consistent blank lines across all commands, get rid of the translated double newlines which only serve to confuse translators, and fix -h/--help for that extra special third command this script offers. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-07scripts/*: Declare several constant variables read-onlyLukas Fleischer
Be more semantically accurate and avoid accidental overwriting of some configuration variables that are considered to be constant. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-07Merge branch 'maint'Dan McGee
2011-12-05repo-add: enforce maximum .sig file sizeDan McGee
This prevents user error in adding a file generated via `gpg --sign` rather than `--detach-sign`, for example. The same 16KiB limit is used we use in our pacman download code. The section is moved above the checksum generation to avoid presenting info messages to the user if the signature isn't valid. Addresses a shortcoming pointed out in FS#27453. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-20repo-add: Remove .tmp. prefix from outputAllan McRae
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-11-20repo-add: ensure database and signature files are always viewed in wholeDan McGee
This addresses a short but sweet race condition currently existing in repo-add and repo-remove. We do the smart thing and zip the database to a location in a temporary directory and not over the original database directly. However, we then proceed to move this file directly from the temporary directory to our final location, which is more than likely a cross-filesystem move (/tmp on tmpfs) and thus non-atomic. Instead, zip the file to the same directory, prefixing the filename with '.tmp.'. We then move the file into place. This move is guaranteed to be atomic, so any reader of the database file will get either the old version, the new version, or ENOENT. We also perform a hardlink if possible instead of a move when shifting the old database out of the way to '.old'; this ensures there is no chance of a database file not existing during the whole process. Only one small race condition should now be present- when the database has been fully moved into place and the signature has not, you may see a mismatch. There seems to be no good way to address this, and it existed before this patch. A final note- if someone had locked-down permissions on the directory that the database files are in (e.g., could only write to foo.db.tar.gz, foo.db, foo.db.tar.gz.old, foo.db.old, and the lock file), this would break. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-20repo-add: ensure path to LOCKFILE is always absoluteDan McGee
Given our semi-frequent use of pushd/popd, if we are in any directory but the original and the database path given was relative, we won't unlock the database file when cleaning up after an error. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13Merge branch 'maint'Dan McGee
Conflicts: src/pacman/util.c
2011-10-13scripts/*.sh.in: Honor TMPDIR environment variableLukas Fleischer
Replace "/tmp" with "${TMPDIR:-/tmp}" to allow for overriding the hardcoded path. Since we only use "/tmp" in conjunction with mktemp(1), we could also have used "--tmpdir", which is GNU-ish, however (and the BSD counterpart "-t" has been deprecated in GNU mktemp). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13scripts/*.sh.in: Fix signal handler error messagesLukas Fleischer
This includes some fixes to the messages that are displayed when a signal is caught in makepkg or repo-add: * Instead of always showing "==> ERROR: TERM signal caught. Exiting...", replace "TERM" by whatever signal is actually caught. * Fix a typo in the SIGERR error message in repo-add ("occurred" instead of "occured"). Francois already fixed this for makepkg in 1e51b81c. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13repo-add: Avoid race condition in signal handlersLukas Fleischer
There is a small chance that a user sends SIGINT (or any other signal that is trapped) when we're already in clean_up() which used to lead to trap_exit() being executed and the remaining code in clean_up() being skipped due to the bash signal/trap handler blocking EXIT (since its handler is already being executed, even if it's interrupted). In practice, this behaviour caused unexpected results (primarily because pressing ^C at the wrong time left a lock file behind): $ ./repo-add extra.db.tar.gz foobar ==> Extracting database to a temporary location... ^C ==> ERROR: Aborted by user! Exiting... $ ./repo-add extra.db.tar.gz foobar ==> Extracting database to a temporary location... ==> ERROR: File 'foobar' not found. ==> No packages modified, nothing to do. ^C ==> ERROR: Aborted by user! Exiting... $ ./repo-add extra.db.tar.gz foobar ==> ERROR: Failed to acquire lockfile: extra.db.tar.gz.lck. ==> ERROR: Held by process 18522 Fix this and reduce the chance of race conditions in signal handlers by: * Unhooking all traps in both clean_up() and trap_exit(). * Call clean_up() explicitly in trap_exit() to make sure we remove the lock file and the temporary directory even if we send SIGINT when clean_up() is already being executed but didn't reach the unhook code yet. Also, add an optional parameter to clean_up() to allow for setting an explicit exit code when we call clean_up() from trap_exit(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16repo-add: fix creation of signature symlinkAllan McRae
When creating a repo outside the current directory, the signature symlink was not created. Reported-by: Gaetan Bisson <bisson@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15repo-add: reorganize output messages for clarityDan McGee
The use of warning once we had already started adding a package was confusing as it broke the standard indent pattern. It was especially bad if adding multiple packages as it wasn't clear what sub-messages applied to which package being added. This should be an output change only from: ==> Adding package '/tmp/sync/netcfg-2.6.7-1-any.pkg.tar.xz' -> Computing checksums... -> Adding package signature... ==> WARNING: An entry for 'netcfg-2.6.7-1' already existed -> Removing existing entry 'netcfg-2.6.7-1'... -> Creating 'desc' db entry... -> Creating 'depends' db entry... to: ==> Adding package '/tmp/sync/netcfg-2.6.7-1-any.pkg.tar.xz' ==> WARNING: An entry for 'netcfg-2.6.7-1' already existed -> Computing checksums... -> Adding package signature... -> Removing existing entry 'netcfg-2.6.7-1'... -> Creating 'desc' db entry... -> Creating 'depends' db entry... Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15repo-add: indicate whether package signature is foundAllan McRae
When adding a package to a repo, it is useful to be able to see that repo-add has indeed found the signature file. [Dan: update text to be more in line with other messages] Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Update several translation stringsDan McGee
* Fix typos/capitalization * Make sure large blocks of text are translated in one unit Signed-off-by: Dan McGee <dan@archlinux.org>