| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The debian-archive-keyring package ships trusted.gpg.d fragment files
for a while now and dropped their call to 'apt-key update', so there is
no need for use to call it as the keys will always be available.
This also finally allows a user to remove key(ring)s without APT to
overriding this decision by readding them with this step.
The functionality is kept around in the odd case that an old
debian-archive-keyring package is used which still calls 'apt-key
update' and depends on the import (hence, we also do not enforce a newer
version of the debian-archive-keyring via our dependencies)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for some "interesting" reason gpg decides that it needs to update its
trustdb.gpg file in a --list-keys command even if right before gpg is
asked to --check-trustdb. That wouldn't be as bad if it wouldn't modify
the keyring being listed at that moment as well, which generates not
only warnings which are not a problem for us, but as the keyring
modified can be in /usr it modified files which aren't allowed to be
modified.
The suggested solution in the bugreport is running --check-trustdb
unconditionally in an 'apt-key update' call, but this command will not
be used in the future and this could still potentially bite us in
net-update or adv calls. All of this just to keep a file around, which
we do not need…
The commit therefore switches to the use of a temporary created
trusted.gpg file for everyone and asks gpg to not try to update the
trustdb after its intial creation, which seems to avoid the problem
altogether.
It is using your also faked secring btw as calling the check-trustdb
without a keyring is a lot slower …
Closes: #687611
Thanks: Andreas Beckmann for the initial patch!
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
Lintian complains about these links in the source package as they leave
the source directory and as they are autogenerated there isn't that much
sense in shipping them, we can just recreate them before calling
configure.
|
| |
|
| |
|
|
|
|
| |
Git-Dch: Ignore
|
| |
|
|
|
|
|
| |
* skip all Description fields in apt-cache, not just first (Closes: 717254)
* fix 'apt-cache search' crash with missing description (Closes: 647590)
|
|
|
|
|
|
|
| |
* debian/apt.postinst:
- run /etc/kernel/postinst.d/apt-auto-removal once on upgrade
to ensure that the correct auto-removal list is generated
(closes: #717615)
|
|
|
|
|
|
| |
* debian/apt.auto-removal.sh:
- do not include debug symbol packages for the kernel in the
blacklist (closes: #717616)
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Use exact matches with $-terminated regexes, so we don't get
confusion between similarly-named kernel flavours.
- Keep linux-backports-modules in sync with installed kernels.
Conflicts:
configure.in
debian/changelog
doc/apt-verbatim.ent
|
|
|
|
|
|
|
| |
apt-config (for paranoia)
Conflicts:
debian/apt.auto-removal.sh
|
| |
|
| |
|
|
|
|
|
| |
* apt-pkg/packagemanager.cc:
- increate APT::pkgPackageManager::MaxLoopCount to 5000
|
|
|
|
|
| |
* debian/rules:
- call dh_clean in clean (closes: #714980)
|
| |
|
| |
|
|\
| |
| |
| |
| | |
Conflicts:
debian/changelog
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
With the selfgrown splitting we got the problem of not recovering
from networks which just reply with invalid data like those sending
us login pages to authenticate with the network (e.g. hotels) back.
The good thing about the InRelease file is that we know that it must
be clearsigned (a Release file might or might not have a detached sig)
so if we get a file but are unable to split it something is seriously
wrong, so there is not much point in trying further.
The Acquire system already looks out for a NODATA error from gpgv,
so this adds a new error message sent to the acquire system in case
the splitting we do now ourselves failed including this magic word.
Closes: #712486
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before we download the 'new' InRelease file the old file will be moved
out of the way with the name 'foobar_InRelease.reverify', so if no
partial file for the 'new' file exists take the modification time from
this reverify file, so that if we get an IMS hit for the InRelease file
we can move back the reverify file as new file rather than downloading
the 'new' file even though we already have it.
We do the same for Release files and this happened to work until the
reverify renaming was corrected for InRelease files.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The default is to ask udev for location and mountpoints of CD-ROMs,
but the old way of specifying the mountpoint is still available and
is tried now in case udev doesn't find any CD-ROM.
It probably fails, too, but we get a bunch of error messages this
way and the user can get an idea of how to make his setup work even
if udev can't be convienced to return something useful.
Closes: #712433
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
do not blindly assume that all packages stanzas have a "Description:"
field in 'apt-cache show' as well as in the cache creation itself.
We instead assume now that if the stanza has a Description, it will not
be the first field as we look out for "\nDescription" to take care of
MD5sum as well as (maybe ignored) translated Descriptions embedded in
the package stanza.
Closes: #712435
|
| |
| |
| |
| | |
Closes: #711921
|
| |
| |
| |
| |
| |
| | |
We do the same in the acquire system which handles the 'normal'
downloads, so do it here as well even though its unlikely anyone
will ever notice (beside testcases of course …)
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Testing for global PendingErrors in users of CopyFile is incorrect
in so far as unrelated errors will prevent us from copying perfectly
fine files and checking for the validity of the files is just better
in CopyFiles as it already checks if files are at least opened.
Add also a higher-level error message to the error stack if it fails.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OpenInternDescriptor failures would cause additional errors to be
generated by double-closing an fd. Other errors (although these
are generated if the method is used incorrectly, so unlikely)
didn't close the fd aswell.
Closes: 704608
|
| |
| |
| |
| |
| |
| |
| | |
The default constructor of the FileFd will kick in anyway,
which will know that the Fd is invalid while with this explicit
call it must be assumed that the fd is in fact valid, which
might generate errors in the future
|
| |
| |
| |
| |
| |
| | |
Previously some errors would set the Fail flag while some didn't
without a clear reason as all errors leave a bad FileFd behind,
so we use a helper now to ensure that all errors set the flag.
|
| |
| |
| |
| |
| |
| |
| | |
Patterns can appear in the name as well as in the description,
they don't have to match all in the name/description only.
Closes: 691453
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Splits the big loop over dependencies in SmartConfigure which unpacks and
configures dependencies into two loops and reverse their order, so that all
dependencies which need to be unpacked are handled first and only after that
configures are issued for dependencies.
This is needed as otherwise the unpack of a (new) dependency will be issued
in between a configure call for two (or more) packages which form a loop,
which means the configure calls aren't part of the same dpkg call and
therefore dpkg bails out.
Such tight loops should really be avoided as they are usually wrong – and in
reality the dependencies in libreoffice were greatly simplified thanks to
Rene Engelhard so the problem is gone for the benefit of all.
Closes: 707578
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Used to work until a certain (here unnamed) person came along and used
the wrong operator causing low-priority packages to be sorted above
high-priority packages while choosing a provider in commit
2b5c35c7bb915dbd46fefd7c79f05364ba22f93b from Nov 2011
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Doing Removes early is good to have them out of the way, so they
don't break 'Inst' or 'Conf' chains, but scoring them above Essentials
means that we end up upgrading (many) less important packages before
we handle big stuff like libc6 or debconf which not only fails if those
less important packages have unannounced (strict) dependencies, but also
leads to having these packages unconfigured for a long time triggering
bugs in maintainer scripts for no good reason (#708831).
So this commits sets the default value for remove scores to 100, which
is below the one for essentials (200) and a lot lower than the previous
default value (500).
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some squeeze → wheezy upgrades indicate that DepRemove runs amok
in complicated setups as it wasn't correctly working with or-groups.
Completely rewritten the check is now moving from or-group to or-group
instead.
The behavior should be the same as the code before, but
(hopefully) with less bugs and more comments.
Closes: 645713
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Building src:apt shows:
dpkg-shlibdeps: warning: package could avoid a useless dependency if
debian/apt/usr/lib/apt/methods/cdrom was not linked against libdl.so.2
(it uses none of the library's symbols)
dpkg-shlibdeps: warning: package could avoid a useless dependency if
debian/apt/usr/bin/apt-get was not linked against libutil.so.1 (it uses
none of the library's symbols)
|
| |
| |
| |
| |
| | |
Building manpages becames more consistent this way and
it is simpler to ignore build artefacts, too.
|
|/ |
|
|\ |
|
| |\ |
|
| | | |
|
| | | |
|