summaryrefslogtreecommitdiff
path: root/cmdline
Commit message (Collapse)AuthorAgeFilesLines
* edsp: drop privileges before executing solversDavid Kalnischkies2016-06-081-0/+2
| | | | | | | | | | | | | | | Most (if not all) solvers should be able to run perfectly fine without root privileges as they get the entire state they are supposed to work on via stdin and do not perform any action directly, but just pass suggestions on via stdout. The new default is to run them all as _apt hence, but each solver can configure another user if it chooses/must. The security benefits are minimal at best, but it helps preventing silly mistakes (see 35f3ed061f10a25a3fb28bc988fddbb976344c4d) and that is always good. Note that our 'apt' and 'dump' solver already dropped privileges if they had them.
* edsp: optionally store a compressed copy of the last scenarioDavid Kalnischkies2016-06-083-56/+164
| | | | | | | | For bugreports and co it could be handy to have the scenario and all the settings used in it around later for inspection for EDSP like protocols. EDSP might not be the most interesting as the user can still interrupt the process before the solution is applied and users tend to have an opinion on the "rightness" of a solution, so it is disabled by default.
* edsp: use a stanza based interface for solution writingDavid Kalnischkies2016-06-041-1/+17
| | | | | | | | EDSP had a WriteSolution method to write out the entire solution based on the inspection of a given pkgDepCache, but that is rather inflexible both for EDSP itself and for other EDSP like-protocols. It seems better to use a smaller scope in printing just a single stanza based on a given version as there is more reuse potential.
* apt-key: change to / before find to satisfy its CWD needsDavid Kalnischkies2016-06-021-14/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First seen on hurd, but easily reproducible on all systems by removing the 'execution' bit from the current working directory and watching some tests (mostly the no-output expecting tests) fail due to find printing: "find: Failed to restore initial working directory: …" Samuel Thibault says in the bugreport: | To do its work, find first records the $PWD, then goes to | /etc/apt/trusted.gpg.d/ to find the files, and then goes back to $PWD. | | On Linux, getting $PWD from the 700 directory happens to work by luck | (POSIX says that getcwd can return [EACCES]: Search permission was denied | for the current directory, or read or search permission was denied for a | directory above the current directory in the file hierarchy). And going | back to $PWD fails, and thus find returns 1, but at least it emitted its | output. | | On Hurd, getting $PWD from the 700 directory fails, and find thus aborts | immediately, without emitting any output, and thus no keyring is found. | | So, to summarize, the issue is that since apt-get update runs find as a | non-root user, running it from a 700 directory breaks find. Solved as suggested by changing to '/' before running find, with some paranoia extra care taking to ensure the paths we give to find are really absolute paths first (they really should, but TMPDIR=. or a similar Dir::Etc::trustedparts setting could exist somewhere in the wild). The commit takes also the opportunity to make these lines slightly less error ignoring and the two find calls using (mostly) the same parameters. Thanks: Samuel Thibault for 'finding' the culprit! Closes: 826043
* look into the right textdomain for apt-utils againDavid Kalnischkies2016-05-2810-20/+0
| | | | | Broken in e7e10e47476606e3b2274cf66b1e8ea74b236757 by looking always into "apt" while we ship some tools in "apt-utils"…
* prevent C++ locale number formatting in text APIsDavid Kalnischkies2016-05-271-1/+1
| | | | | | | | | | | Setting the C++ locale via std::locale::global(std::locale("")); which would otherwise default to the default C locale (aka: unaffected by setlocale) effects the formatting of numeric types in IO streams, which for output for humans is perfectly sensible, but breaks our many text interfaces used and parsed by us and others without expecting the numbers to be formatted. Closes: #825396
* edsp: use a limited scenario based on bool-arrayDavid Kalnischkies2016-05-201-1/+6
| | | | | | | Its more space and runtime efficient to use a boolean set instead of a CacheSet-based implementation. Git-Dch: Ignore
* edsp: add Forbid-{New-Install,Remove} and Upgrade-AllDavid Kalnischkies2016-05-201-7/+14
| | | | | This allows to differentiate properly between 'apt-get upgrade', 'apt upgrade' and 'apt full-upgrade'.
* edsp: dump: support dumping into compressed fileDavid Kalnischkies2016-05-201-1/+1
|
* convert EDSP to be based on FileFd instead of FILE*David Kalnischkies2016-05-202-9/+18
| | | | I doubt there is any non-src:apt usage of these interfaces.
* fail instead of segfault on unreadable config filesDavid Kalnischkies2016-05-201-15/+12
| | | | | | | | | | | | | The report mentions "apt list --upgradable", but there are others which have inconsistent behavior ranging from segfaulting to doing something with the partial (and hence incomplete) data. We had a recent report about sources.list (#818628), this one mentions prefences, the obvious next step is conf files… so the testcase is adapted to check for all three in file and directory versions and run a bunch of commands each time which should all have more or less the same behavior in such a case (aka error out). Closes: 824503
* apt-key: add \n to dpkg-query --show --showformatCarsten Hey2016-05-011-1/+1
| | | | | | | | | | Guarding against 'broken' greps not dealing with non-text inputs "just in case" by making the input text with a proper newline. [commit message by David Kalnischkies] Reported-On: IRC Git-Dch: Ignore
* warn if apt-key is run unconditionally in maintainerscriptDavid Kalnischkies2016-05-011-1/+14
| | | | | | | | We want to stop hard-depending on gnupg and for this it is essential that apt-key isn't used in any critical execution path, which maintainerscript are. Especially as it is likely that these script call apt-key either only for (potentially now outdated cleanup) or still not use the much simpler trusted.gpg.d infrastructure.
* add test for apt-key 0xKEY and use parameter expansionDavid Kalnischkies2016-03-061-1/+1
| | | | | | | | | Fixed in f7bd44bae0d7cb7f9838490b5eece075da83899e already, but the commit misses the Closes tag and while we are at it we can add a simple regression test and micro-optimize it a bit. Thanks: James McCoy for the suggestion. Closes: 816691
* apt-key del should correctly handle keyids prefixed with 0xDaniel Kahn Gillmor2016-03-041-0/+4
|
* support '-' and no parameter for stdin in apt-helper cat-fileDavid Kalnischkies2016-01-081-3/+17
| | | | | | This way it works more similar to the compressor binaries, which we can relief in this way from their job in the test framework avoiding the need of adding e.g. liblz4-tool to the test dependencies.
* keep compressed indexes in a low-cost formatDavid Kalnischkies2016-01-081-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | Downloading and storing are two different operations were different compression types can be preferred. For downloading we provide the choice via Acquire::CompressionTypes::Order as there is a choice to be made between download size and speed – and limited by whats available in the repository. Storage on the other hand has all compressions currently supported by apt available and to reduce runtime of tools accessing these files the compression type should be a low-cost format in terms of decompression. apt traditionally stores its indexes uncompressed on disk, but has options to keep them compressed. Now that apt downloads additional files we also deal with files which simply can't be stored uncompressed as they are just too big (like Contents for apt-file). Traditionally they are downloaded in a low-cost format (gz) as repositories do not provide other formats, but there might be even lower-cost formats and for download we could introduce higher-cost in the repositories. Downloading an entire index potentially requires recompression to another format, so an update takes potentially longer – but big files are usually updated via pdiffs which has to de- and re-compress anyhow and does it on the fly anyhow, so there is no extra time needed and in general it seems to be benefitial to invest the time in update to save time later on file access.
* apt-helper: cat-file: Add -C/--compress optionJulian Andres Klode2016-01-071-2/+31
| | | | | | This allows passing compressing the output. The compressor must be a compressor name, extension, or an extension without the leading dot.
* apt-cache: stats: Show a table utilization as percentageJulian Andres Klode2016-01-031-0/+1
| | | | Gbp-Dch: ignore
* apt-cache: stats: Average is over used, not all, bucketsJulian Andres Klode2016-01-031-1/+1
| | | | | It does not make sense to consider empty buckets in the average, as they do not affect the lookup performance.
* apt-helper: Use CopyFile() for concatenating the filesJulian Andres Klode2015-12-281-10/+2
| | | | | | | There's no point in keeping using yet another read-then-write loop. Gbp-Dch: ignore
* apt-helper: Check that we can open stdoutJulian Andres Klode2015-12-261-1/+2
| | | | Gbp-Dch: ignore
* apt-helper: Add a cat-file command for concatening filesJulian Andres Klode2015-12-261-0/+33
| | | | | This can automatically handle compressed files and is useful for stuff like apt-file.
* avoid triggering gpg2 migration in apt-keyDavid Kalnischkies2015-12-191-15/+15
| | | | | | | | | | | | | | | | The presents (even of an empty) secring.gpg is indication enough for gpg2 to tigger the migration code which not only produces a bunch of output on each apt-key call, but also takes a while to complete as an agent needs to be started and all that. We workaround the first part by forcing the migration to happen always in a call we forced into silence, but that leaves us with an agent to start all the time – with a bit of reordering we can make it so that we do not explicitly create the secring, but let gpg create it if needed, which prevents the migration from being triggered and we have at least a bit less of a need for an agent. Changes - even to public only keyrings - still require one, but such actions are infrequent in comparison to verification calls, so that should be a net improvement.
* avoid evaluating shell in paths used in apt-keyDavid Kalnischkies2015-12-191-20/+24
| | | | | | | | | | | | apt-key creates internally a script (since ~1.1) which it will call to avoid dealing with an array of different options in the code itself, but while writing this script it wraps the values in "", which will cause the shell to evaluate its content upon execution. To make 'use' of this either set a absolute gpg command or TMPDIR to something as interesting as: "/tmp/This is fü\$\$ing cràzy, \$(man man | head -n1 | cut -d' ' -f1)\$!" If such paths can be encountered in reality is a different question…
* apt-internal-solver: Make ShowHelp() and GetCommands() staticJulian Andres Klode2015-12-111-2/+2
| | | | | | This fixes a warning reported by gcc. Gbp-Dch: ignore
* part revert, part redo 'which' replacementDavid Kalnischkies2015-12-071-7/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | In e75e5879 'replace "which" with "command -v" for portability' I missed that command -v isn't actually required to be available in debian, so for the 5 files we are using it: Two (abicheck/run_abi_test & test/integration/framework) are called in environments were I believe sh is at least dash or 'better' as the first one is "interactive" for apt developers and the later is sourced by ~200 tests in the same directory run by hand and ci-services – for the later we have pulled some uglier hacks for worser things already, so if there should actually end up needing something more compatible we will notice eventually (and the later actually had a command -v call for some time already and nobody came running). debian/rules and debian/apt.cron.daily I switched back to which as that is more or less debian-specific or at least highly non-critical. That leaves cmdline/apt-key.in with a bunch of calls where I will implement that functionality in shell as this is relatively short-lived as it is used to detect wget (for net-update, which Michael wants to revive and in that process will properly use apt-helper instead of wget) and to detect gpg vs. gpg2 systems, where the earlier is supposed to go away in the longrun (or the later, but by replacing the earlier…). [and this gpg/gpg2 detection is new in sid, so I have some sympathy for that being a problem now.] Thanks: Jakub Wilk for pointing out #747320
* replace run-parts with find|sort to avoid debianutils usageDavid Kalnischkies2015-12-061-1/+1
| | | | | | | After e75e5879 the reason for an implicit dependency on debianutils (which is essential for debian, but likely not on other systems) was just two uses of run-parts, which can be replaced with the a lot more portable find-piped-into-sort duo.
* replace "which" with "command -v" for portabilityDavid Kalnischkies2015-12-061-7/+7
| | | | | | | | which is a debian specific tool packaged in debianutils (essential) while command is a shell builtin defined by POSIX. Closes: 807144 Thanks: Mingye Wang for the suggestion.
* apt-helper.cc: include <stdlib.h> for atoiFredrik Fornwall2015-12-061-0/+2
| | | | | | | Include <stdlib.h> to ensure that atoi(3) is defined to improve general portability and fix a specific build failure on Android. Closes: 807031
* drop some needlessly public declarations in libapt-privateDavid Kalnischkies2015-11-299-18/+18
| | | | Git-Dch: Ignore
* move 'unmet' handling into libapt-privateDavid Kalnischkies2015-11-291-103/+1
| | | | Git-Dch: Ignore
* use function pointers instead of weak symbols for cmdline parsingDavid Kalnischkies2015-11-2910-10/+10
| | | | | | | | Passing function pointers around while working on this was very icky, but if weak symbols are too much to ask for… Reverts "do not use "-Wl,-Bsymbolic-functions" during the build to avoid breakage" aka a5fc9be36211a290a7abc3ca2a8bf98943bc1f57.
* review of new/changed translatable program stringsJustin B Rye2015-11-216-11/+12
| | | | | Reference mail: https://lists.debian.org/debian-l10n-english/2015/11/msg00006.html
* wrap every unlink call to check for != /dev/nullDavid Kalnischkies2015-11-041-2/+1
| | | | | | | | | | | | | | | | Unlinking /dev/null is bad, we shouldn't do that. Also, we should print at least a warning if we tried to unlink a file but didn't manage to pull it of (ignoring the case were the file is /dev/null or doesn't exist in the first place). This got triggered by a relatively unlikely to cause problem in pkgAcquire::Worker::PrepareFiles which would while temporary uncompressed files (which are set to keep compressed) figure out that to files are the same and prepare for sharing by deleting them. Bad move. That also shows why not printing a warning is a bad idea as this hide the error for in non-root test runs. Git-Dch: Ignore
* revamp all tools help messagesDavid Kalnischkies2015-11-0410-131/+56
| | | | | | | | | | | | | | | | The general idea is: A small paragraph on the tool itself as a description, a list of the most used (!= all) commands available in the tool, a remark where to find more information on the tool and its commands (aka: in the manpage) and finally a common block referring to even more manpages. In exchange options are completely omitted from the output as well as deprecated or obscure commands. (Better) Information about them is available in the manpages anyway and the few options which were listed before were also the least interesting ones (-o -c -q and co are hardly of interest for someone totally new looking to find info by asking for help and anyone with a bit of experience doesn't need this short list. Those would need a list of options applying to the command they call, but they are too numerous and command specific to list them sanely in this context.
* hidden support more apt-get/apt-cache commands in aptDavid Kalnischkies2015-11-043-1506/+20
| | | | | | | | | | | | | | apt is supposed to be a user-friendly interface, so while these commands are usually poweruser material and therefore do not need to be shown in general introduction manpages/help messages its of no use to not allow users to use them. This includes clean, autoclean, build-dep, source, download, changelog, depends, rdepends and showsrc – it doesn't include more non-interactive commands like dump or xvcg as those are usually used by scripts if at all. Closes: 778234, 780700, 781237
* deal with --version more centrallyDavid Kalnischkies2015-11-0410-104/+15
| | | | Git-Dch: Ignore
* move apts cmdline helper type into -privateDavid Kalnischkies2015-11-0410-28/+21
| | | | | | | | Its not as simple as I initially thought to abstract this enough to make it globally usable, so lets not pollute global namespace with this for now. Git-Dch: Ignore
* generate commands array after config is loadedDavid Kalnischkies2015-11-0410-75/+99
| | | | | | | This ensures that location strings loaded from a location specified via configuration (Dir::Locale) effect the help messages for commands. Git-Dch: Ignore
* new quiet level -qq for apt to hide progress outputDavid Kalnischkies2015-11-043-19/+16
| | | | | | | | | -q is for logging and -qqq (old -qq) basically kills every output expect errors, so there should be a way of declaring a middleground in which the output of e.g. 'update' isn't as verbose, but still shows some things. The test framework was actually making use of by accident as it ignored the quiet level in output setup for apt before. Eventually we should figure out some better quiet levels for all tools…
* deduplicate main methodsDavid Kalnischkies2015-11-0410-210/+53
| | | | | | | | All mains pretty much do the same thing, so lets try a little harder to move the common parts into -private to have the real differences more visible. Git-Dch: Ignore
* split up help messages for simpler reuseDavid Kalnischkies2015-11-0410-230/+219
| | | | | | | | | | | | | That is one huge commit with busy work only: Help messages used to be one big translateable string, which is a pain for translators and hard to reuse for us. This change there 'explodes' this single string into new string for each documented string trying hard to split up the translated messages as well. This actually restores many translations as previously adding a single command made all of the bug message fuzzy. The splitup also highlighted that its easy to forget a line, duplicate one and similar stuff. Git-Dch: Ignore
* move 'search' implementations as wellDavid Kalnischkies2015-11-042-207/+3
| | | | Git-Dch: Ignore
* centralize 'show' implementation of apt and apt-cacheDavid Kalnischkies2015-11-042-141/+3
| | | | | | | | | | The show commands have different styles in both binaries as the audience is potentially very different, but that doesn't mean we need to separate the implementation especially as they are slightly similar. This also allows us to switch between the different show versions at runtime via an option. Git-Dch: Ignore
* allow all dpkg selections to be set via apt-mark and libaptDavid Kalnischkies2015-11-041-37/+65
| | | | | | As we have support for 'hold', we need support for undoing a hold which in effect means that we implemented most other states as well, just that they weren't exposed in the interface directly so far.
* provide public interface to hold/unhold packagesDavid Kalnischkies2015-11-041-146/+16
| | | | | | We had this code lying around in apt-mark for a while now, but other frontends need this (and similar) functionality as well, so its high time that we provide a public interface in libapt for this stuff.
* switch 'apt-mark hold' from Pkg to Ver based operationDavid Kalnischkies2015-11-041-31/+18
| | | | | | | | | | | | | | Users hold a package foo (at version X) or try to prevent the installation of foo (usually based on the information they know about version X), even if we say that we "hold a package". Conceptionally we also need to know about which architecture we are talking and that is an information bound to a version (as a package can change architecture over time). We internally did this lookup from Pkg to Ver already, we just move this to a central place where the user has a change to influence it now. Git-Dch: Ignore
* add cacheset push_back wrapping for std::back_inserterDavid Kalnischkies2015-11-041-11/+7
| | | | | | | | | | | | As usual by now, not all containers wrapped by the cacheset containers support all methods, like push_back now, but they fail on use of these unusable methods only. Would be nice to not expose these methods for unsupporting containers at all, but that means either a lot of classes or a lot of std::enable_if magic, which seems like too big work for this small wrapper for now. Git-Dch: Ignore
* implement operator* for cacheset iteratorsDavid Kalnischkies2015-11-041-39/+38
| | | | | | | | | | | | | | | | Technically an abi-break as we change a template parameter to std::iterator for this, but this class is empty in all instances and just causes the right typedefs to be set – which were incorrect as detected by std::stable_partition as its implementation uses ::pointer and needs also a operator* implementation. In practice CacheSets have no external users (yet) and the difference is visible only at compile time (which was an error before and now works), not while linking. The changes to apt-mark are functionally identical to the code before, just that we use a std:: algorithm now instead of trying hard on our own.