apt/apt-private, branch 1.3

apt/apt-private, branch 1.3_exp2 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=1.3_exp2 2016-06-08T15:27:19Z edsp: drop privileges before executing solvers 2016-06-08T15:27:19Z David Kalnischkies david@kalnischkies.de 2016-06-08T11:44:29Z urn:sha1:007d8b488787f4c33ced5937f22f99f1b759088a Most (if not all) solvers should be able to run perfectly fine without root privileges as they get the entire state they are supposed to work on via stdin and do not perform any action directly, but just pass suggestions on via stdout. The new default is to run them all as _apt hence, but each solver can configure another user if it chooses/must. The security benefits are minimal at best, but it helps preventing silly mistakes (see 35f3ed061f10a25a3fb28bc988fddbb976344c4d) and that is always good. Note that our 'apt' and 'dump' solver already dropped privileges if they had them. move 'dump' solver from apt-utils to apt package 2016-06-08T11:07:21Z David Kalnischkies david@kalnischkies.de 2016-06-07T18:08:27Z urn:sha1:ab07af708e49c9219940ffd3e20a01c763267e03 edsp: optionally store a compressed copy of the last scenario 2016-06-08T11:07:21Z David Kalnischkies david@kalnischkies.de 2016-06-07T15:01:33Z urn:sha1:385d9f2f23057bc5808b5e013e77ba16d1c94da4 For bugreports and co it could be handy to have the scenario and all the settings used in it around later for inspection for EDSP like protocols. EDSP might not be the most interesting as the user can still interrupt the process before the solution is applied and users tend to have an opinion on the "rightness" of a solution, so it is disabled by default. ignore std::locale exeception on non-existent "" locale 2016-06-02T11:35:28Z David Kalnischkies david@kalnischkies.de 2016-06-02T10:44:58Z urn:sha1:62600666d21aacea63cece3b4ec64f0ffb40168b In 8b79c94af7f7cf2e5e5342294bc6e5a908cacabf changing to usage of C++ way of setting the locale causes us to be terminated in case of usage of an ungenerated locale as LC_ALL (or similar) – but we don't want to fail here, we just want to carry on as before with setlocale which we call in that case just for good measure. try to detect sudo spawned root-shell in prefixing 2016-05-29T20:31:43Z David Kalnischkies david@kalnischkies.de 2016-05-29T20:09:51Z urn:sha1:f1e8e9da00ccf91c924cd3edad0fc01d1b2dc820 It is a try as the we need to inspect SUDO_COMMAND which could be anything – apt, apt-get, in /usr/bin, in a $DPKG_ROOT "chroot", build from source, aliases, … The best we can do is look if the SHELL variable is equal to the SUDO_COMMAND which would mean a shell was invoked. That isn't fail-safe if different shells are involved as sub-shells have the tendency of not overriding the SHELL so a bash started from within zsh can happily pretend to be still zsh, so we could have a look at /etc/shells for a list, but oh well, we have to stop somewhere I guess. This sudo-prefixing feature is a gimmick after all. Closes: 825742 look into the right textdomain for apt-utils again 2016-05-28T16:12:02Z David Kalnischkies david@kalnischkies.de 2016-05-28T11:53:09Z urn:sha1:570ec96dbf4f720d8eff694f8c4429e0b0a033b4 Broken in e7e10e47476606e3b2274cf66b1e8ea74b236757 by looking always into "apt" while we ship some tools in "apt-utils"… use std::locale::global instead of setlocale 2016-05-28T16:12:02Z David Kalnischkies david@kalnischkies.de 2016-05-28T11:22:38Z urn:sha1:8b79c94af7f7cf2e5e5342294bc6e5a908cacabf We use a wild mixture of C and C++ ways of generating output, so having a consistent world-view in both styles sounds like a good idea and should help in preventing regressions. prevent C++ locale number formatting in text APIs 2016-05-27T17:14:38Z David Kalnischkies david@kalnischkies.de 2016-05-27T16:10:39Z urn:sha1:b58e2c7c56b1416a343e81f9f80cb1f02c128e25 Setting the C++ locale via std::locale::global(std::locale("")); which would otherwise default to the default C locale (aka: unaffected by setlocale) effects the formatting of numeric types in IO streams, which for output for humans is perfectly sensible, but breaks our many text interfaces used and parsed by us and others without expecting the numbers to be formatted. Closes: #825396 don't try to get acquire lock in simulation mode 2016-05-20T12:42:50Z David Kalnischkies david@kalnischkies.de 2016-05-20T12:42:50Z urn:sha1:1bae10217617c2f79969635d4387fb2a5fe19ecb The code moving in eb1f04dda07c2b69549ad9fd793cca0e91841b3e moved the acquire stuff above the simulation exit, so before getting locks (and creating/chmod directories) we should be checking if we should actually really do it… [ignore as bugfix of an unreleased commit] Git-Dch: Ignore fail instead of segfault on unreadable config files 2016-05-20T07:37:24Z David Kalnischkies david@kalnischkies.de 2016-05-20T07:37:24Z urn:sha1:fdf9eef4d96a18d0167708499c993e1174251e88 The report mentions "apt list --upgradable", but there are others which have inconsistent behavior ranging from segfaulting to doing something with the partial (and hence incomplete) data. We had a recent report about sources.list (#818628), this one mentions prefences, the obvious next step is conf files… so the testcase is adapted to check for all three in file and directory versions and run a bunch of commands each time which should all have more or less the same behavior in such a case (aka error out). Closes: 824503