summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--scripts/makepkg.sh.in85
-rw-r--r--scripts/pacman-key.sh.in6
2 files changed, 48 insertions, 43 deletions
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 1fa4819a..46191ee4 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -1,4 +1,4 @@
-#!/bin/bash -e
+#!/bin/bash
#
# makepkg - make packages compatible for use with pacman
# @configure_input@
@@ -437,13 +437,10 @@ run_pacman() {
check_deps() {
(( $# > 0 )) || return 0
- # Disable error trap in pacman subshell call as this breaks bash-3.2 compatibility
- # Also, a non-zero return value is not unexpected and we are manually dealing them
- set +E
local ret=0
local pmout
- pmout=$(run_pacman -T "$@") || ret=$?
- set -E
+ pmout=$(run_pacman -T "$@")
+ ret=$?
if (( ret == 127 )); then #unresolved deps
printf "%s\n" "$pmout"
@@ -476,13 +473,11 @@ handle_deps() {
fi
# we might need the new system environment
- # avoid triggering the ERR trap and exiting
- set +e
- local restoretrap=$(trap -p ERR)
- trap - ERR
+ # save our shell options and turn off extglob
+ local shellopts=$(shopt -p)
+ shopt -u extglob
source /etc/profile &>/dev/null
- eval $restoretrap
- set -e
+ eval "$shellopts"
return $R_DEPS_SATISFIED
}
@@ -882,6 +877,32 @@ cd_safe() {
fi
}
+source_safe() {
+ shopt -u extglob
+ if ! source "$@"; then
+ error "$(gettext "Failed to source %s")" "$1"
+ exit 1
+ fi
+ shopt -s extglob
+}
+
+run_function_safe() {
+ local restoretrap
+
+ set -e
+ set -E
+
+ restoretrap=$(trap -p ERR)
+ trap 'error_function $pkgfunc' ERR
+
+ run_function "$1"
+
+ eval $restoretrap
+
+ set +E
+ set +e
+}
+
run_function() {
if [[ -z $1 ]]; then
return 1
@@ -907,7 +928,6 @@ run_function() {
local shellopts=$(shopt -p)
local ret=0
- local restoretrap
if (( LOGGING )); then
local fullver=$(get_full_version)
local BUILDLOG="${startdir}/${pkgbase}-${fullver}-${CARCH}-$pkgfunc.log"
@@ -929,18 +949,12 @@ run_function() {
tee "$BUILDLOG" < "$logpipe" &
local teepid=$!
- restoretrap=$(trap -p ERR)
- trap 'error_function $pkgfunc' ERR
$pkgfunc &>"$logpipe"
- eval $restoretrap
wait $teepid
rm "$logpipe"
else
- restoretrap=$(trap -p ERR)
- trap 'error_function $pkgfunc' ERR
$pkgfunc 2>&1
- eval $restoretrap
fi
# reset our shell options
eval "$shellopts"
@@ -958,11 +972,11 @@ run_build() {
[[ -d /usr/lib/ccache/bin ]] && export PATH="/usr/lib/ccache/bin:$PATH"
fi
- run_function "build"
+ run_function_safe "build"
}
run_check() {
- run_function "check"
+ run_function_safe "check"
}
run_package() {
@@ -973,7 +987,7 @@ run_package() {
pkgfunc="package_$1"
fi
- run_function "$pkgfunc"
+ run_function_safe "$pkgfunc"
}
tidy_install() {
@@ -1810,13 +1824,13 @@ devel_update() {
# ...
# _foo=pkgver
#
- if [[ -n $newpkgver ]]; then
- if [[ $newpkgver != "$pkgver" ]]; then
- if [[ -f $BUILDFILE && -w $BUILDFILE ]]; then
- @SEDINPLACE@ "s/^pkgver=[^ ]*/pkgver=$newpkgver/" "$BUILDFILE"
- @SEDINPLACE@ "s/^pkgrel=[^ ]*/pkgrel=1/" "$BUILDFILE"
- source "$BUILDFILE"
- fi
+ if [[ -n $newpkgver && $newpkgver != "$pkgver" ]]; then
+ if [[ -f $BUILDFILE && -w $BUILDFILE ]]; then
+ @SEDINPLACE@ "s/^pkgver=[^ ]*/pkgver=$newpkgver/" "$BUILDFILE"
+ @SEDINPLACE@ "s/^pkgrel=[^ ]*/pkgrel=1/" "$BUILDFILE"
+ source "$BUILDFILE"
+ else
+ warning "$(gettext "%s is not writeable -- pkgver will not be updated")" "$BUILDFILE"
fi
fi
}
@@ -2009,7 +2023,6 @@ for signal in TERM HUP QUIT; do
done
trap 'trap_exit INT "$(gettext "Aborted by user! Exiting...")"' INT
trap 'trap_exit USR1 "$(gettext "An unknown error has occurred. Exiting...")"' ERR
-set -E
# preserve environment variables and canonicalize path
[[ -n ${PKGDEST} ]] && _PKGDEST=$(canonicalize_path ${PKGDEST})
@@ -2026,7 +2039,7 @@ MAKEPKG_CONF=${MAKEPKG_CONF:-$confdir/makepkg.conf}
# Source the config file; fail if it is not found
if [[ -r $MAKEPKG_CONF ]]; then
- source "$MAKEPKG_CONF"
+ source_safe "$MAKEPKG_CONF"
else
error "$(gettext "%s not found.")" "$MAKEPKG_CONF"
plain "$(gettext "Aborting...")"
@@ -2036,7 +2049,7 @@ fi
# Source user-specific makepkg.conf overrides, but only if no override config
# file was specified
if [[ $MAKEPKG_CONF = "$confdir/makepkg.conf" && -r ~/.makepkg.conf ]]; then
- source ~/.makepkg.conf
+ source_safe ~/.makepkg.conf
fi
# set pacman command if not already defined
@@ -2153,9 +2166,7 @@ if [[ ! -f $BUILDFILE ]]; then
else
# PKGBUILD passed through a pipe
BUILDFILE=/dev/stdin
- shopt -u extglob
- source "$BUILDFILE"
- shopt -s extglob
+ source_safe "$BUILDFILE"
fi
else
crlftest=$(file "$BUILDFILE" | grep -F 'CRLF' || true)
@@ -2167,9 +2178,7 @@ else
if [[ ${BUILDFILE:0:1} != "/" ]]; then
BUILDFILE="$startdir/$BUILDFILE"
fi
- shopt -u extglob
- source "$BUILDFILE"
- shopt -s extglob
+ source_safe "$BUILDFILE"
fi
# set defaults if they weren't specified in buildfile
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 323fc572..288b76eb 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -436,14 +436,10 @@ refresh_keys() {
}
verify_sig() {
- local fd="$(mktemp)"
- "${GPG_PACMAN[@]}" --status-file "${fd}" --verify $SIGNATURE
- if ! grep -q TRUST_FULLY "${fd}"; then
- rm -f "${fd}"
+ if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify $SIGNATURE | grep -qE 'TRUST_(FULLY|ULTIMATE)'; then
error "$(gettext "The signature identified by %s could not be verified.")" "$SIGNATURE"
exit 1
fi
- rm -f "${fd}"
}
updatedb() {