summaryrefslogtreecommitdiff
path: root/apt-pkg/deb
Commit message (Collapse)AuthorAgeFilesLines
* simulate all package manager actions explicitlyDavid Kalnischkies2016-08-102-26/+32
| | | | | | | | | | | | | | | | | If a planner lets actions to be figured out by dpkg in pending calls these actions aren't mentioned in a simulation. While that might be a good thing for debugging, it would be a change in behavior and especially if a planner avoids explicit removals could be confusing for users. As such we perform the same 'trick' as in the dpkg implementation by performing explicitly what would be done by the pending calls. To save us some work and avoid desyncs we perform a layer violation by using deb/ code in the generic simulation – and further we perform ugly dynamic_cast to avoid breaking the ABI for nothing; aptitude is the only other user of the simulation class according to codesearch.d.n and for that our little trick works. It just isn't working if you happen to extend pkgSimulate or otherwise manage to call the protected Go methods directly – which isn't very realistic/practical.
* try to avoid removal of crossgraded packagesDavid Kalnischkies2016-08-101-26/+140
| | | | | | | | The user has to approve the removal of a crossgraded package as it might be needed to remove it (temporarily) in the process, but in most cases we can happily avoid it and let dpkg unpack over it skipping the remove. This has some effects on progress reporting and how deal with selections through which makes this a tiny bit complicated.
* ensure all removes are reported to hook scriptsDavid Kalnischkies2016-08-101-0/+13
| | | | Same reason and implementation as for configure.
* ensure all configures are reported to hook scriptsDavid Kalnischkies2016-08-101-0/+17
| | | | | | | A planner might not explicitly configure all packages, but we need to know all packages which will be configured for progress reporting and to tell the hook scripts about them as they rely on this for their own functionality.
* don't purge directly, but remove and do purge at the endDavid Kalnischkies2016-08-101-61/+86
| | | | | | | | | | If we want a package to be purged from the system tell dpkg in the ordering (if it has to touch it explicitly) to remove it and cover the purging of the config files at the end with a --purge --pending call. That should help packages move conffiles around between packages correctly even if the user is purging packages directly in big actions like dist-upgrades involving many packages.
* call dpkg with --no-triggers by defaultDavid Kalnischkies2016-08-101-6/+7
| | | | | | | | | | | | | Implemented a long while ago now with relatively good progress reporting involving triggers is a good time to try delaying the execution of triggers across dpkg invocations finally by default. Note: The bugreport talks also about 'smarter' configuration which is a much bigger part and approached from multiple directions, but doesn't really involve triggers per-se so considering it decoupled should help in getting it done… Closes: #626599
* select remove/purge packages early on for dpkgDavid Kalnischkies2016-08-102-14/+84
| | | | | | | Telling dpkg early on that we are going to remove these packages later helps it with auto-deconfiguration decisions and its another area where a planner can ignore the nitty gritty details and let dpkg decide the course of action if there are no special requirements.
* save and restore selection states before/after calling dpkgDavid Kalnischkies2016-08-101-6/+36
| | | | | | | | | | | | dpkg decides certain things on its own based on selections and especially if we want to call --pending on purge/remove actions, we need to ensure a clean slate or otherwise we surprise the user by removing packages we weren't allowed to remove by the user in this run (the selection might be an overarching plan for the not-yet "future"). Ideally dpkg would have some kind of temporal selection interface for this case, but it hasn't, so we make it temporal with the risk of loosing state if we don't manage to restore them.
* use dpkg --unpack --recursive to avoid long cmdlinesDavid Kalnischkies2016-08-101-7/+95
| | | | | | | | | | Having long commandlines split into two is a huge problem if it happens and additionally if we want to introduce planners which perform less micromanagment its a good idea to leave the details for dpkg to decide. In practice this doesn't work yet unconditionally as a bug is hiding in the ordering code of dpkg, but it works if apt imposes its ordering so this commit allows for now at least to solve the first problem.
* pass --force-remove-essential to dpkg only if neededDavid Kalnischkies2016-08-101-2/+13
| | | | | | APT (usually) knows which package is essential or not, so we can avoid passing this force flag to dpkg unconditionally if the user hasn't chosen a non-default essential handling obscuring the information.
* Merge branch 'cmake'Julian Andres Klode2016-08-101-1/+1
|\
| * CMake: Check for ptsname_r() againJulian Andres Klode2016-08-101-1/+1
| | | | | | | | | | | | | | | | This was dropped in autotools as I found no use of the HAVE_PTSNAME_R macro. Turns out it was typoed as HAVE_PTS_NAME_R. Fix the #ifdef and add checks to CMake for it. Closes: #833674
* | Handle interrupt when running Pre-Install hooksJulian Andres Klode2016-08-071-0/+8
|/ | | | | | | | If we receive an interrupt, set a flag and do not abort immediately without waiting for the child. Once the child exited, exit with an error if the interrupted flag is set. Closes: #832593
* report progress for triggered actionsDavid Kalnischkies2016-07-221-15/+42
| | | | | | | | | | | | | APT doesn't know which packages will be triggered in the course of actions, so it can't plan to see them for progress beforehand, but if it sees that dpkg says that a package was triggered we can add additional states. This is pretty much magic – after all it sets back the progress – and there are cornercases in which this will result in incorrect totals (package in partial states may or may not loose trigger states), but the worst which can happen is that the progress is slightly incorrect and doesn't reach 100%, but so be it. Better than being stuck at 100% for a while as apt isn't realizing that a bunch of triggers still need to be processed.
* use a configurable location for apport report storageDavid Kalnischkies2016-07-221-1/+2
| | | | | Hardcoding /var/crash means we can't test it properly and it isn't really our style.
* report progress for removing while purging pkgsDavid Kalnischkies2016-07-221-20/+31
| | | | | | | | The progress reporting for a package sheduled for purging only included the states dpkg passes through while actually purging the package – if the package was fully installed before dpkg will pass first through all remove states before purging it, so in the interest of consistent reporting our progress reporting should do that, too.
* support "install ./foo.changes"David Kalnischkies2016-07-222-2/+19
| | | | | | | | | | | | We support installing ./foo.deb (and ./foo.dsc for source) for a while now, but it can be a bit clunky to work with those directly if you e.g. build packages locally in a 'central' build-area. The changes files also include hashsums and can be signed, so this can also be considered an enhancement in terms of security as a user "just" has to verify the signature on the changes file then rather than checking all deb files individually in these manual installation procedures.
* allow arch=all to override No-Support-for-Architecture-allDavid Kalnischkies2016-07-221-11/+29
| | | | | | | | | | | | | If a user explicitly requests the download of arch:all apt shouldn't get in the way and perform its detection dance if arch:all packages are (also) in arch:any files or not. This e.g. allows setting arch=all on a source with such a field (or one which doesn't support all at all, but has the arch:all files like Debian itself ATM) to get only the arch:all packages from there instead of behaving like a no-op. Reported-By: Helmut Grohne on IRC
* refactor plus/minus sources.list option handlingDavid Kalnischkies2016-07-191-85/+108
| | | | | | | Moving code around into some more dedicated methods, no effective code change itself. Gbp-Dch: Ignore
* don't hardcode /var/lib/dpkg/status as dir::state::statusDavid Kalnischkies2016-07-191-3/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | Theoretically it should be enough to change the Dir setting and have apt pick the dpkg/status file from that. Also, it should be consistently effected by RootDir. Both wasn't really the case through, so a user had to explicitly set it too (or ignore it and have or not have expected sideeffects caused by it). This commit tries to guess better the location of the dpkg/status file by setting dir::state::status to a naive "../dpkg/status", just that this setting would be interpreted as relative to the CWD and not relative to the dir::state directory. Also, the status file isn't really relative to the state files apt has in /var/lib/apt/ as evident if we consider that apt/ could be a symlink to someplace else and "../dpkg" not effected by it, so what we do here is an explicit replace on apt/ – similar to how we create directories if it ends in apt/ – with dpkg/. As this is a change it has the potential to cause regressions in so far as the dpkg/status file of the "host" system is no longer used if you set a "chroot" system via the Dir setting – but that tends to be intended and causes people to painfully figure out that they had to set this explicitly before, so that it now works more in terms of how the other Dir settings work (aka "as expected"). If using the host status file is really intended it is in fact easier to set this explicitely compared to setting the new "magic" location explicitely.
* reinstalling local deb file is no downgradeDavid Kalnischkies2016-07-011-1/+1
| | | | | | | | | | | | If we have a (e.g. locally built) deb file installed and do try to install it again apt complained about this being a downgrade, but it wasn't as it is the very same version… it was just confused into not merging the versions together which looks like a downgrade then. The same size assumption is usually good, but given that volatile files are parsed last (even after the status file) the base assumption no longer holds, but is easy to adept without actually changing anything in practice.
* write auto-bits before calling dpkg & again after if neededDavid Kalnischkies2016-06-291-3/+10
| | | | | | | | | | Writing first means that even in the event of a power-failure the autobit is saved for future processing instead of "forgotten" so that the package is treated as manually installed. In some cases we have to re-run the writing after dpkg is done through as dpkg can let packages disappear and in such cases apt will move autobits around (or in that case non-autobits) which we need to store.
* Revert "travis: use gcc-5 instead of gcc(-4.8)"David Kalnischkies2016-06-291-2/+2
| | | | | | | | | | | | | | | This reverts commit 2b8221d66a8284042fc53c7bbb14bb9750e9137f. Avoiding the use of GCC >= 5 stuff lets use go back to 4.8 simplifying the travis setup again as well as reducing the backport requirements in general. This is possible because the std::get_time use requiring GCC >= 5 in 9febc2b238e1e322dce1f94ecbed46d595893b52 was replaced by handrolling it in 1d742e01470bba27715a8191c50adde4b39c2f19, so the remaining uses are just small conviniences we can do without. Gbp-Dch: Ignore
* Fix buffer overflow in debListParser::VersionHash()Julian Andres Klode2016-06-281-2/+6
| | | | | | | | | | | If a package file is formatted in a way that that no space follows a deprecated "<", we would reformat it to "<=" and increase the length of the output by 1, which can break. Under normal circumstances with "<=" this should not be an issue. Closes: #828812
* add insecure (and weak) allow-options for sources.listDavid Kalnischkies2016-06-222-33/+90
| | | | | | | | Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
* ensure filesize of deb is included in the hashes listDavid Kalnischkies2016-06-221-0/+3
| | | | | | | Filesize is a silly hash all by itself, but in combination with others it can be a strong opponent, so ensuring that it is in the list of hashes and hence checked by the normal course of action the acquire process takes is a good thing.
* handle weak-security repositories as unauthenticatedDavid Kalnischkies2016-06-221-13/+9
| | | | | | | | | | | | | | | | APT can be forced to deal with repositories which have no security features whatsoever, so just giving up on repositories which "just" fail our current criteria of good security features is the wrong incentive. Of course, repositories are better of fixing their setup to provide the minimum of security features, but sometimes this isn't possible: Historic repositories for example which do not change (anymore). That also fixes problem with repositories which are marked as trusted, but are providing only weak security features which would fail the parsing of the Release file. Closes: 827364
* merge sources.list lines based on Release filenameDavid Kalnischkies2016-06-171-20/+22
| | | | | | | | | | | | | | | | | | | | Merging by URI means that having sources lines with different URI methods results in 'strange' warning and error messages, which aren't very friendly from a user point of view as not encoding the method in the filename is effectivly an implementation detail. Merging by filename removes these messages and makes everything "work" even if it isn't working the way it is configured as the indexes aren't acquired over the method given, but over the first method for this release file (which argueably is an implementation detail stemming from the filename encoding, too). So either direction isn't perfectly "right", but personally I prefer "magic" over strange error messages (and doing a full-circle detection of this with its own messages which would need to be translated feels like way too much effort for dubious gain). Closes: 826944
* don't use FindFile for external Dir::Bin commandsDavid Kalnischkies2016-06-141-1/+1
| | | | | | | | | | We usually use absolute paths to specific the location of dpkg, apt-key and the like, but there is nothing wrong with using just the command name and instead let exec(3) make the lookup in PATH. We had a wild mixture before, so opting for the more accepting option out of the two seems about right especially as it makes no difference in the default case as apt uses absolute paths.
* don't leak dpkg statusfd pipe in debuggingDavid Kalnischkies2016-06-101-0/+2
| | | | | | Not a big deal to leak fds in debugging mode, but for completeness. Git-Dch: Ignore
* remove racy_pselect fallbackDavid Kalnischkies2016-06-091-122/+86
| | | | | | | | | | | The comment says it should have been removed with Lenny+1 which is a small while ago already, so it seems like a good time now… And as this is a cleanup commit it also gets right of spurious whitespace at the end of lines, adds missing fold markers and similar busy work. Git-Dch: Ignore
* drop Dpkg::MaxArgs in favor of Dpkg::MaxArgsBytesDavid Kalnischkies2016-06-081-27/+5
| | | | | | | | | We had an old FIXME saying that it is probably pointless to do this if we limit by length of the commandline already and I completely agree. The splitting is bad enough if it must be done, so we should only do it if we have to (as in absolute length of commandline) and, but that is just a remark, it is unlikely that we ever have/had a call triggering this as the default value was ~32000 items…
* don't explicitly configure the last round of packagesDavid Kalnischkies2016-06-081-1/+14
| | | | | | | | | | | | We end our operation by calling "dpkg --configure -a", so instead of running a (big) configure run with all packages mentioned explicitly before this, we simply skip them and let them be handled by this call implicitly. There isn't really an observeable gain to be had here from a speed point, but it helps in avoiding an (uncommon) problem of having a too long commandline passed to dpkg, which we would split up (probably incorrectly).
* prevent C++ locale number formatting in text APIsDavid Kalnischkies2016-05-271-1/+1
| | | | | | | | | | | Setting the C++ locale via std::locale::global(std::locale("")); which would otherwise default to the default C locale (aka: unaffected by setlocale) effects the formatting of numeric types in IO streams, which for output for humans is perfectly sensible, but breaks our many text interfaces used and parsed by us and others without expecting the numbers to be formatted. Closes: #825396
* fix two typos in untranslated errors of libapt-pkgDavid Kalnischkies2016-05-241-1/+1
| | | | | Reported-By: lintian: spelling-error-in-binary Git-Dch: Ignore
* Normalize Signed-By values by removing trailing commas everywhereJulian Andres Klode2016-05-151-4/+11
| | | | | This fixes comparisons where either the stored or the input string have a trailing comma.
* Add conflicting Signed-By values to error messageJulian Andres Klode2016-05-151-1/+1
| | | | This hopefully makes debugging things easier.
* Strip trailing commas for created signed-by fingerprint listsJulian Andres Klode2016-05-101-0/+2
| | | | | This prevented some sources.list entries from working, an example of which can be found in the test.
* implement Identifier field for IndexTargetsDavid Kalnischkies2016-05-081-9/+22
| | | | | | | | | | | A frontend like apt-file is only interested in a specific set of files and selects those easily via "Created-By". If it supports two locations for those files through it would need to select both and a user would need to know that implementation detail for sources.list configuration. The "Identifier" field is hence introduced which by default has the same value as "Created-By", but can be freely configured – especially it can be used to give two indexes the same identifier.
* implement Fallback-Of for IndexTargetsDavid Kalnischkies2016-05-081-8/+31
| | | | | | | | | | | | | | | | Sometimes index files are in different locations in a repository as it is currently the case for Contents files which are per-component in Debian, but aren't in Ubuntu. This has historic reasons and is perhaps changed soon, but such cases of transitions can always happen in the future again, so we should prepare: Introduced is a new field declaring that the current item should only be downloaded if the mentioned item wasn't allowing for transitions without a flagday in clients and archives. This isn't implemented 'simpler' with multiple MetaKeys as items (could) change their descriptions and perhaps also other configuration bits with their location.
* download arch:all also for NATIVE_ARCHITECTURE indextargetsDavid Kalnischkies2016-05-071-96/+104
| | | | | | | It looks a bit strange on the outside to have multiple "native architecture", but all is considered an implementation detail and e.g. packages of arch:all are in dependency resolution equal to native packages.
* don't construct MetaIndex acquire items with IndexTargetsDavid Kalnischkies2016-05-071-4/+2
| | | | | | | | We don't have to initialize the Release files with a set of IndexTargets to acquire, but instead wait for the Release file to be acquired and only then ask which IndexTargets to get. Git-Dch: Ignore
* let DPKG_COLORS default to our APT::Color settingDavid Kalnischkies2016-05-031-0/+7
| | | | | | | | | | dpkg can optionally colorize its output since 1.18.5. Currently this defaults to 'never', but it will eventually be 'auto'. It seems reasonable to assume that a user who has enabled/disabled colors in apt will want to have dpkg have the same state regarding color usage. This isn't overriding explicit settings by the user, so in case a user feels strongly about it one way or the other there are options.
* support Signed-By in Release files as a sort of HPKPDavid Kalnischkies2016-05-011-3/+53
| | | | | | | | | | | | Users have the option since apt >= 1.1 to enforce that a Release file is signed with specific key(s) either via keyring filename or fingerprints. This commit adds an entry with the same name and value (except that it doesn't accept filenames for obvious reasons) to the Release file so that the repository owner can set a default value for this setting effecting the *next* Release file, not the current one, which provides a functionality similar "HTTP Public Key Pinning". The pinning is in effect as long as the (then old) Release file is considered valid, but it is also ignored if the Release file has no Valid-Until at all.
* support multiple fingerprints in signed-byDavid Kalnischkies2016-05-011-7/+14
| | | | | A keyring file can include multiple keys, so its only fair for transitions and such to support multiple fingerprints as well.
* don't leak on error in listparser creationDavid Kalnischkies2016-04-031-6/+24
| | | | | Git-Dch: Ignore Reported-By: gcc -fsanitize=address
* drop confusing comma from no strong hash messageDavid Kalnischkies2016-03-251-1/+1
|
* enforce verify of filesize in 'apt-get source'David Kalnischkies2016-03-141-0/+1
| | | | | The structure we parse the data into has a dedicated size field, but it tends to be easier to handle it as a (very weak) checksum.
* streamline dpkgpm cleanup-handlingDavid Kalnischkies2016-03-141-14/+17
| | | | | | | | | | | | | | | | | The (unlikely) waitpid failure case should fallthrough the code just like the other failures (and successes) instead of taking a shortcut avoiding all the cleanup (progress) and finishing touches (log, state). This also delays the cleanup of the progress until apt is really done with everything and "just" has the post-invokes left to do, so the period of 'apt looks finished as it stopped the progress' and 'apt really finished as I have the shell-prompt back' is shorter even if there is no progress reported anymore, so the bar lingers at 100%… Ideally even the post-invokes would be covered by progress, but they can have their own output and dealing with that could be hard. Git-Dch: Ignore
* Fix several typosVeres Lajos2016-03-072-2/+2
| | | | | | | | | | | | | This effectively merges branch 'typofixes-vlajos-20150807' of github.com:vlajos/apt with the following commit: commit 13cacb3e2e2352ba701e769fc889e3344fabbf7e Author: Veres Lajos <vlajos@gmail.com> Date: Sun Aug 9 00:12:53 2015 +0100 typofix - https://github.com/vlajos/misspell_fixer It has been rebased for a better commit message.