apt/debian/apt.postinst, branch 2.3.2

apt/debian/apt.postinst, branch 2.3.2 Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.3.2 2020-11-05T08:40:50Z Remove ancient versions support from apts postinst 2020-11-05T08:40:50Z David Kalnischkies david@kalnischkies.de 2020-11-04T23:37:22Z urn:sha1:938889b20268ec92be1bff67750f7adf03f52c1b The versions "needing" these fixes are at least five years old, so in an effort to save massive amounts of runtime and disk space (on aggregate at least) we can drop these lines. Reported-By: lintian maintainer-script-supports-ancient-package-version Replace whitelist/blacklist with allowlist/denylist 2020-08-04T10:12:11Z Julian Andres Klode julian.klode@canonical.com 2020-07-14T14:34:20Z urn:sha1:7d8bb855487d6821b0cd6bf5d2270ed8fda3d1a3 fix various typos reported by spellintian 2017-01-19T14:59:38Z David Kalnischkies david@kalnischkies.de 2017-01-19T14:14:19Z urn:sha1:93cff633a830e222693fc0f3d78e6e534d1126ee Most of them in (old) code comments. The two instances of user visible string changes the po files of the manpages are fixed up as well. Gbp-Dch: Ignore Reported-By: spellintian postinst: Correctly pass --home instead of -home, and fixup old user 2015-08-20T12:54:03Z Julian Andres Klode jak@debian.org 2015-08-20T12:47:32Z urn:sha1:269b7c0cd89e9508c0051d6ac2c3632540a31daa Thanks: Niels Thykier for reporting this on IRC Ensure /etc/apt/auth.conf has _apt:root owner 2014-10-21T15:19:45Z Michael Vogt mvo@debian.org 2014-10-21T15:19:45Z urn:sha1:1924b1e513b0619c177565d17475ea3747983f4f Ensure in SetupAPTPartialDirectory() that the /etc/apt/auth.conf file can be read by the priv sep apt methods. debian/apt.postinst: chown _apt:root /etc/apt/auth.conf 2014-10-21T14:54:03Z Michael Vogt mvo@debian.org 2014-10-21T14:54:03Z urn:sha1:cbb1005a0a2e026e4a7361b0ff86888af192ee85 If the methods drop privileges we need to ensure that /etc/apt/apt.conf is still readable by the _apt user. Merge remote-tracking branch 'upstream/debian/experimental' into feature/acq-trans 2014-10-07T14:38:03Z Michael Vogt mvo@ubuntu.com 2014-10-07T14:38:03Z urn:sha1:4d0818cc39f7c0d44ecdfcdf9701058f81caa492 Conflicts: apt-pkg/acquire-item.cc use _apt:root only for partial directories 2014-10-06T23:59:49Z David Kalnischkies david@kalnischkies.de 2014-10-06T12:29:53Z urn:sha1:5684f71fa0f6c1b765aa53e22ca3b024c578b9c9 Using a different user for calling methods is intended to protect us from methods running amok (via remotely exploited bugs) by limiting what can be done by them. By using root:root for the final directories and just have the files in partial writeable by the methods we enhance this in sofar as a method can't modify already verified data in its parent directory anymore. As a side effect, this also clears most of the problems you could have if the final directories are shared without user-sharing or if these directories disappear as they are now again root owned and only the partial directories contain _apt owned files (usually none if apt isn't running) and the directory itself is autocreated with the right permissions. ensure world-readability for trusted.gpg in postinst 2014-10-01T23:00:12Z David Kalnischkies david@kalnischkies.de 2014-10-01T21:58:05Z urn:sha1:8b32e72c6f7143de4ec02f44e362b0df9e21e024 apt-key creates trusted.gpg if it needs it with 644 nowadays, but before it ensured this, it was gpg creating it, which gives it by default 600. Not a problem as long as our gpgv is run as root, but now that we drop privileges we have to ensure that we can also read trusted.gpg files created by earlier apt-key versions. Closes: 647001 adjust version numbers for the planed upload 2014-09-30T13:21:44Z Michael Vogt mvo@ubuntu.com 2014-09-30T13:21:44Z urn:sha1:dacb75c62564f436a5f56b0a04169dc71ec3a9cd