Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.7.0_alpha3 2018-08-08T13:20:44Z 2018-08-08T13:20:44Z Julian Andres Klode julian.klode@canonical.com 2018-08-08T13:19:20Z urn:sha1:55489885b51b02b7f74e601a393ecaefd1f71f9c We forgot to set the variable for the selection changes. Let's set it for that and some other dpkg calls. Regression-Of: c2c8b4787b0882234ba2772ec7513afbf97b563a 2018-08-07T13:07:52Z Julian Andres Klode jak@debian.org 2017-01-29T12:05:18Z urn:sha1:c2c8b4787b0882234ba2772ec7513afbf97b563a The dpkg frontend lock is a lock dpkg tries to acquire except if the frontend already acquires it. This fixes a race condition in the install command where the dpkg lock is not held for a short period of time between different dpkg invocations. For this reason we also define an environment variable DPKG_FRONTEND_LOCKED for dpkg invocations so dpkg knows not to try to acquire the frontend lock because it's held by a parent process. We can set DPKG_FRONTEND_LOCKED only if the frontend lock really is held; that is, if our lock count is greater than 0 - otherwise an apt client not using the LockInner family of functions would run dpkg without the frontend lock set, but with DPKG_FRONTEND_LOCKED set. Such a process has a weaker guarantee: Because dpkg would not lock the frontend lock either, the process is prone to the existing races, and, more importantly, so is a new style process. Closes: #869546 [fixups: fix error messages, add public IsLocked() method, and make {Un,}LockInner return an error on !debSystem] 2018-06-13T21:36:08Z Julian Andres Klode julian.klode@canonical.com 2018-06-13T16:45:12Z urn:sha1:79f012bd09ae99d4c9d63dc0ac960376b5338b32 debSystem uses a reference counted lock, so you can acquire it multiple times in your applications, possibly nested. Nesting locks causes a fd leak, though, as we only increment the lock count when we already have locked twice, rather than once, and hence when we call lock the second time, instead of increasing the lock count, we open another lock fd. This fixes the code to check if we have locked at all (> 0). There is no practical problem here aside from the fd leak, as closing the new fd releases the lock on the old one due to the weird semantics of fcntl locks. 2018-05-11T15:58:46Z David Kalnischkies david@kalnischkies.de 2018-04-11T10:39:40Z urn:sha1:117ab302176a65536d9d55de30c53e94f08057ae It is easier to prepend our fields, but that results in confusion for things working on the so generated records as they don't start with the usual "Package" – that shouldn't be a problem in theory, but in practice e.g. "apt-cache show" shows these records directly to the user who will probably be more confused by it than tools. 2018-05-07T11:41:31Z Guillem Jover guillem@debian.org 2018-05-06T20:32:41Z urn:sha1:164f1b78d1849a0f33df7352875f86e28f5de06a Prompted-by: Jakub Wilk <jwilk@debian.org> 2018-05-04T22:34:27Z David Kalnischkies david@kalnischkies.de 2018-05-04T17:56:41Z urn:sha1:b12bdeaf8acd050c5526ecc05526db70df5fd485 Reported-By: codespell & spellintian Gbp-Dch: Ignore 2018-02-19T15:05:01Z Julian Andres Klode julian.klode@canonical.com 2018-01-29T15:15:41Z urn:sha1:9e5899cac1a6367e3769af52a724821880e538f6 By restricting the Date field to be in the past, an attacker cannot just create a repository from the future that would be accepted as a valid update for a repository. This check can be disabled by Acquire::Check-Date set to false. This will also disable Check-Valid-Until and any future date related checking, if any - the option means: "my computers date cannot be trusted." Modify the tests to allow repositories to be up to 10 hours in the future, so we can keep using hours there to simulate time changes. 2018-01-17T10:52:38Z Julian Andres Klode julian.klode@canonical.com 2018-01-16T15:53:46Z urn:sha1:698f9e3f9877be2aa181d6e40d3dc5c41ea318b7 Allow specifying an alternative path to the InRelease file, so you can have multiple versions of a repository, for example. Enabling this option disables fallback to Release and Release.gpg, so setting it to InRelease can be used to ensure that only that will be tried. We add two test cases: One for checking that it works, and another for checking that the fallback does not happen. Closes: #886745 2018-01-05T00:18:40Z David Kalnischkies david@kalnischkies.de 2018-01-04T21:57:21Z urn:sha1:df2d614900476920671779f27fcc4143d3c1b5b7 The summary line sounds a bit much: what we end up doing is just adding two more guards before using results which should always be valid™. That these values aren't valid is likely a bug in itself somewhere, but that is no reason for crashing. 2017-12-13T22:56:29Z David Kalnischkies david@kalnischkies.de 2017-10-27T16:38:47Z urn:sha1:9f572c0a6d13cc983a4f8880a3dee3a8e46604bb We have quite a bit of metadata available for the files we acquire, but the methods weren't told about it and got just the URI. That is indeed fine for most, but to avoid methods trying to parse the metadata out of the provided URIs (and fail horribly in edgecases) we can just as well be nice and tell them stuff directly.