summaryrefslogtreecommitdiffstats
path: root/scripts/repo-add.sh.in
AgeCommit message (Collapse)AuthorFilesLines
2011-03-23repo-add: add symlink to signature fileAllan McRae1-0/+5
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-23repo-add: Fix up usage with GPG optionsDan McGee1-2/+3
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23repo-add: add -v/--verify optionDan McGee1-0/+26
This is intended to verify an existing signature on a database before making further changes to it and performing updates. Rarely would you use this without immediately resigning it via the -s/--sign option. Instead, it is intended as a "chain of trust" operation where the previous signature is verified to give you some sense that what you sign off on is also safe. Still todo: don't make changes unless the signature is not only good, but also in the accepted list of keys. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23repo-add: allow signing of the package databaseDan McGee1-0/+23
In order to be fully secure, we can't only sign packages. We also need to sign our repository metadata to prevent database falsification, dependency injection, etc. Add an '-s/--sign' option that allows this functionality, and will generate a .sig file side-by-side with the package database. While at it, fix the issue where a signature file would never be found because of 'cd' madness (this needs fixing in another commit). Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Add PGPSIG field in repo-addGeoffroy Carrier1-0/+6
Use base64 encoding to store the value in the database if a .sig file exists for the package being added. Signed-off-by: Geoffroy Carrier <geoffroy.carrier@koon.fr> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-02-28Fix some easy to find double translationsDan McGee1-3/+3
A lot of these were places that should have used the same message but didn't, or were very easy to convert to using the same message and letting some of the burden off of the translators. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-22Merge branch 'epoch-work'Dan McGee1-7/+1
2011-01-22repo-add: only attempt to create deltas when askedAllan McRae1-9/+11
repo-add should only attempt to create the delta file when using the -d option. Also adjust a couple of tests to use the "double bracket" syntax. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-21Remove epoch as an independent fieldDan McGee1-7/+1
Instead, go the same route we have always taken with version-release in libalpm and treat it all as one piece of information. Makepkg is the only script that knows about epoch as a distinct value; from there on out we will parse out the components as necessary. This makes the code a lot simpler as far as epoch handling goes. The downside here is that we are tossing some compatibility to the wind; packages using force will have to be rebuilt with an incremented epoch to keep their special status. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-13repo-add: fix misguided conditional correctionDan McGee1-6/+8
I tried to move things around here when testing and did a bit too much; the warning message always showed regardless of delta inclusion in the call. Fix it so we only warn if we have a filename, but the file couldn't be located. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-11repo-add: Create/modify files databasesPyroPeter1-3/+15
Implements FS#11302. Dan: updated docs to not reference pkgfile. Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-11repo-add: use pushd/popdDan McGee1-9/+7
Rather than explicit cd calls, we can use the directory stack to our advantage. This also removes the need to store and restore $startdir, so kill the variable entirely. Signed-off-by: Dan McGee <dan@archlinux.org>
2010-10-13Make repo-add and makepkg epoch-awareDan McGee1-1/+6
Allow it to be a variable in the PKGBUILD as well as propagating it through to the built package and the package database. We leave some backward compatibility in place by placing the '%FORCE%' option in the database if the package contains an epoch; this will be used by older versions of pacman and more or less ignored by versions that use epoch. Signed-off-by: Dan McGee <dan@archlinux.org>
2010-10-13Fix bash shell location checkDan McGee1-1/+1
BASH is defined when you are actually using bash during configure, which sucks because it ends up being '/bin/sh', messing up all of our scripts. Change the name of the variable we use in configure, and also ensure we get a full path to the executable by using AC_PATH_PROGS rather than AC_CHECK_PROGS. Finally, change the variable name everywhere we use it. Signed-off-by: Dan McGee <dan@archlinux.org>
2010-10-11Use sysconfdir, localstatedir, BASH instead of hardcoded valuesNezmer1-1/+1
This applies to contrib/ files, our scripts, and the documentation. Dan: fix 'make clean' in contrib/ directory. Signed-off-by: Nezmer <git@nezmer.info> Signed-off-by: Dan McGee <dan@archlinux.org>
2010-10-11repo-add: more informative delta messagesXavier Chantry1-5/+3
- Print an error if database entry was not found and delta entry cannot be added - More informative line when delta entry is added (oldfile -> newfile) Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2010-10-11repo-add: add delta generationXavier Chantry1-1/+25
This allows deltas to be generated at repo-add invocation time as opposed to just added to the database. It will generate the delta from the package version currently in the database. Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2010-09-27repo-add: make --quiet output more quietAllan McRae1-0/+1
Fixes FS#20403. Signed-off-by: Allan McRae <allan@archlinux.org>
2010-08-18repo-add: create relative DB symlinksDan McGee1-2/+3
As noted in FS#20498, if an absolute path is used for specifying the database when invoking repo-add, the symlink generated will point to the absolute path instead of being relative to the directory. Fix this for the two linking cases, but leave the copy untouched so that will still work. Signed-off-by: Dan McGee <dan@archlinux.org>
2010-06-24repo-add: try symlink, then hardlink, then copy for DB fileDan McGee1-1/+4
We were seeing some issues when trying to create our new database alias using symlinks on certain filesystems (see FS#19907). Have a fallback method in place where we first try a symlink, then a hard link, then just copy the database if all else fails. Signed-off-by: Dan McGee <dan@archlinux.org>
2010-05-27repo-add: symlink to db file to reponame.dbAllan McRae1-0/+1
This is a small step towards allowing pacman to handle databases with variable compression types. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-11-15scripts: replace test builtin [ with shell keywords [[ and ((Cedric Staniewski1-37/+37
FS#16623 suggested this change for makepkg; this patch applies it to the remaining files in the scripts directory. Signed-off-by: Cedric Staniewski <cedric@gmx.ca> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-10-20makepkg, repo-add: replace external commands with bash substitutions where ↵Cedric Staniewski1-2/+4
possible This also removes the awk dependency from makepkg and repo-add. Signed-off-by: Cedric Staniewski <cedric@gmx.ca> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-10-11Fix stderr redirectionCedric Staniewski1-1/+1
When redirecting both stderr and stdout and using the 2>&1 construct, you have to redirect stdout first. Otherwise stderr will be redirected to the 'old' stdout and not to the new resource. Signed-off-by: Cedric Staniewski <cedric@gmx.ca> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-09-29Merge branch 'maint'Dan McGee1-5/+11
Conflicts: lib/libalpm/dload.c
2009-09-23repo-add: clean up options parsingDan McGee1-12/+1
-f/--force has been dead for a while, so kill it off. In addition, the check for > 2 args is pretty useless when you do something like: repo-add -q -q or a more legit: repo-add -q /path/to/mine.db.tar.gz So instead make repo-add just return 1 when it doesn't do anything with the database which seems to make more sense. Signed-off-by: Dan McGee <dan@archlinux.org>
2009-09-23repo-remove: create empty DB when all packages are removedDan McGee1-5/+11
Rather than creating no database at all, create an empty zipped tar archive in its place. This keeps the download side of repositories a bit more sane as a DB will always exist, and pacman handles this empty case just fine. For this to be fully transparent, we also need to make sure repo-add and repo-remove accept an empty "DB" as an argument, which in reality is a completely void of files .tar.{gz,bz2,xz} archive. Signed-off-by: Dan McGee <dan@archlinux.org>
2009-08-03repo-add: clarify one messageXavier Chantry1-1/+1
Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-07-22makepkg: add pkgbase to .PKGINFO and database for split packagesAllan McRae1-0/+1
With split packages, the pkgbase variable provides a useful way to find out which packages were build from the same PKGBUILD. Add it to the packages .PKGINFO file and the repo database only when package splitting is used. Original-patch-by: Pierre Schmitz <pierre@archlinux.de> [Allan: restrict to including only with spilt packages and include after pkgname] Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-06-23repo-add: use bsdtar optimization for better performanceDan McGee1-3/+3
When unzipping packages and the database archives, we don't need to look through the entire archive to do what we need to do. For packages, .PKGINFO should only be found once and should be the first file in the package. For the database check, we only really need to look for one desc file. The bsdtar -q option is very similar to the GNU tar --occurrence=1 option. Example of speedup: $ time repo-add junkdb.db.tar.gz *.pkg.tar.gz >/dev/null real 0m16.159s user 0m14.836s sys 0m2.277s $ time ./scripts/repo-add junkdb.db.tar.gz *.pkg.tar.gz >/dev/null real 0m4.949s user 0m3.730s sys 0m2.093s Signed-off-by: Dan McGee <dan@archlinux.org>
2009-05-23repo-add: fail early if repo can not be createdXavier Chantry1-2/+12
Before this commit, the repo creation could fail after all packages have been added to the database. Now this will be detected before adding anything. Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-05-18Add support for the xz archive formatPierre Schmitz1-0/+1
This simple patch adds support for the xz archive format to makepkg and repo- add. Xz can be used as source, package and package db file type. Signed-off-by: Pierre Schmitz <pierre@archlinux.de> [Dan: fixed a few alignment issues] Signed-off-by: Dan McGee <dan@archlinux.org>
2009-05-18repo-add: fix -n tests which are applicable only to stringsCedric Staniewski1-2/+2
Signed-off-by: Cedric Staniewski <cedric@gmx.ca> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-03-15repo-add : rename gstmpdir to tmpdirXavier Chantry1-9/+9
What does gstmpdir mean? Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-03-15repo-add : don't change the modification time on depends and descXavier Chantry1-5/+2
The modification time on depends and desc file were changed to match the modification time of the package file. I don't see why and we are actualling losing information here. If we want to know the date of the package file, we can just look inside the depends file. If we want to know when the entry was created, we should not alter the modification time of depends and desc. Besides, this had the non-obvious and undocumented side effect that the depends file was always created, even if it was empty. And pacman actually does require that. So I added a "touch depends" to always create the file. Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-03-15repo-add : new locking systemXavier Chantry1-13/+45
Weird things could happen if several repo-add were run concurrently on the same database. The introduced locking system will prevent this to happen. Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-03-15repo-add : fix package variables declarationXavier Chantry1-8/+4
- arch was missing - backup is not used by repo-add. However makepkg still needs to put it in PKGINFO because pacman uses it - startdir is no longer used after the new delta implementation - the declaration of group, depend, backup, etc is not needed because these variables are always declared before being used : declare $var="$val" case "$var" in group) _groups="$_groups$group\n" ;; - reorder the variables declaration to follow the same order than they are written to the depends and desc file, for making future checks easier Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-03-15repo-add : rewrite delta supportXavier Chantry1-5/+97
Use the correct database format Use xdelta3 to get the source and destination files from the delta itself Allow delta files to be added with repo-add just like package files. delta files can also be removed with repo-remove. This is simply done by looking for a .delta extension in the arguments, and calling the appropriate db_write_delta or db_remove_delta functions. Example usage: repo-add repo/test.db.tar.gz repo/libx11-1.1.99.2-2-x86_64.pkg.tar.gz repo-add repo/test.db.tar.gz repo/libx11-1.1.5-2_to_1.1.99.2-2-x86_64.delta repo-remove repo/test.db.tar.gz libx11-1.1.5-2_to_1.1.99.2-2-x86_64.delta Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-03-15repo-add : drop delta support to rewrite it from scratchXavier Chantry1-59/+0
The current implementation has several problems : Wrong database format All the info is taken from the filename, which is a bit ugly It looks for .delta files in the current directory when adding a package, which is not very flexible Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-03-15repo-add.sh.in : repo-remove improvementsXavier Chantry1-12/+38
* report when a package entry to be removed is not found * backup and restore eventual "deltas" files * slight optimization when looking for an entry : only look at the entries starting with $pkgname Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-03-15repo-add cleanupXavier Chantry1-53/+65
Refactor the main loop, which was difficult to read. Use case instead of if when appropriate. Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-02-28repo-add: print warning if same version already existsXavier Chantry1-3/+7
Simple fix for FS#13414. Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-02-19repo-add : remove realpath usageXavier Chantry1-24/+19
Rework slightly db_write_entry so that $pkgfile is no longer referenced from the temporary dir. This means $pkgfile can be a relative path and does not need to be converted with realpath anymore. Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-02-19repo-add : remove the need of realpath for REPO_DB_FILEXavier Chantry1-17/+16
REPO_DB_FILE does not need to be an absolute path anymore so no need to call realpath. Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-02-18Merge branch 'maint'Dan McGee1-13/+16
2009-02-18repo-add : remove useless test_repo_db_file functionXavier Chantry1-10/+1
This function was used only once, was basically just one line, and was also called with an unused argument. Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2009-02-15repo-add: fix eval and quote issuesDan McGee1-13/+16
eval was ugly and dirty, and bit us here. Instead, use a safer form of variable declaration to ensure quotes don't foil us in pkgdesc or any other fields. This fixes FS#10837. Signed-off-by: Dan McGee <dan@archlinux.org>
2009-01-14Make the repo-add quiet flag less quietAaron Griffin1-3/+2
Considering one can easily run: repo-add .... >/dev/null to get only warnings and errors, the -q flag is mostly useless. Make the -q flag silence only level 2 messages. Signed-off-by: Aaron Griffin <aaronmgriffin@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2008-10-28Merge branch 'maint'Dan McGee1-2/+2
2008-10-18repo-add: Use openssl instead of md5sumDan McGee1-2/+2
This is similar to the change we made in makepkg so it is cross-platform compatible and doesn't require coreutils. Signed-off-by: Dan McGee <dan@archlinux.org>