Age | Commit message (Collapse) | Author | Files | Lines |
|
Add code to conf.c that parses the new SigLevel directive. An
overwhelming number of options are presented, but most users will still
be fine with the Never/Optional/Required trio. More advanced users can
combine these or any of the other options on a 'SigLevel = ' line, which
is parsed in a left-to-right fashion and flags turned on and off
accordingly. For example, all three of these will net the same config:
SigLevel = Required PackageOptional
SigLevel = Optional DatabaseRequired
SigLevel = DatabaseRequired PackageOptional
Additionally, database-specific lines assume you wish to start with any
global default that has been set. For example, if any of the above lines
were in the [options] section, something such as:
SigLevel = PackageRequired PackageAllowMarginal
Would continue to enforce required database signatures.
Inspiration-by: Kerrick Staley <mail@kerrickstaley.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We don't write with extra or unknown whitespace, so there is little
reason for us to trim it when reading either. This also fixes the
hopefully never encountered "paths that start or end with spaces" issue,
for which two pactests have been added. The tests also contain other
evil characters that we have encountered before and handle just fine,
but it doesn't hurt to ensure we don't break such support in the future.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is more in line with standard Python practice, and makes keyboard
interrupts behave a lot more sanely. It also prevents the useless
spawning of a shell as well as simplifies the command building and
working directory stuff.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This addresses FS#25141. We shouldn't remove every empty directory we
come across during the removal process unless it is truly not known to
any other package. This will prevent removal of essential directories
such as '/var/lock/'.
This is accomplished by first checking the empty/non-empty status of a
directory, which was previously done implicitly by calling rmdir() and
ignoring errors. We do this to avoid the next (new) check in most cases,
which is to look at all local packages to see if the to-be-removed
directory is present in another packages' filelist. If we do not find it
anywhere, then we remove it, else we keep the file around.
The pactest has been updated to test more cases, as well as finding a
flaw in the original expected to fail case- we need separate DIR and
FILE based EXIST rules.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
The bulk of this commit is adding new tests to ensure the new behavior
works without disrupting old behavior. This is a relatively sane maneuver
when a package adds a conf file (e.g. '/etc/mercurial/hgrc') that was
not previously in the package, but it is placed in the backup array. In
essence, we can treat the existing file as having always been a part of
the package and do our normal compare/install as pacnew logic checks.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
libalpm can now cope with this as of commit 719e0d3ddb300.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is similar to what was just done for the sync databases. Move a few
pieces around so we never need to actually write out the filesystem to
create a package, and simply stream the tarfile out from the data we've
collected.
Once again, a few newline addition hacks and other things have to be
left in place in order not to break everything; this time however most
of the assumptions are in pactest and not libalpm.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Conflicts:
lib/libalpm/conflict.c
|
|
This addresses FS#24904. In a normal upgrade case, this replacement
seems to work just fine. However, when doing a sync "replace" type
upgrade, we weren't properly handling this edge case due to path
comparison not ignoring trailing slashes. Fix this by pruning any
trailing slashes past a certain point of file conflict resolution where
we no longer need them, which allows us to safely detect cases such as
now tested in the new pactest.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Start by converting all of our flags to a 'status' bitmask (pkgcache
status, grpcache status). Add a new 'valid' flag as well. This will let
us keep track if the database itself has been marked valid in whatever
fashion.
For local databases at the moment we ensure there are no depends files;
for sync databases we ensure the PGP signature is valid if
required/requested. The loading of the pkgcache is prohibited if the
database is invalid.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is the ideal place to do it as all clients should be checking the
return value and ensuring there are no errors. This is similar to
pkg_load().
We also add an additional step of validation after we download a new
database; a subsequent '-y' operation can potentially invalidate the
original check at registration time.
Note that this implementation is still a bit naive; if a signature is
invalid it is currently impossible to refresh and re-download the file
without manually deleting it first. Similarly, if one downloads a
database and the check fails, the database object is still there and can
be used. These shortcomings will be addressed in a future commit.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Sync database are no longer exploded on the filesystem. Rework the logic
used to generate our test databases so we can create them completely in
memory without having to write the individual files to disk at all. The
local database is unaffected.
Note that several shortcomings in libalpm parsing were discovered by
this change, which have since been temporarily patched around in this
test suite:
* archive_fgets() did not properly handle a file that ended in a
non-newline, and would silently drop the data in this line.
* sync database with only the file entries and not the directories would
fail to parse properly, and even cause segfaults in some cases.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
These are definite methods that operate on a package, so move them there
which cleans up util a bit more.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Remove empty docstrings, small and easy pylint fixes, etc.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
test/pacman/README mentioned the -A flag, which no longer exists.
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We were testing whether there were any values in the array, rather than
looking if the values contained anything.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This allows us to not require the context (e.g. handle) when calling
this function. Also beef up the checks in the two callers of this
function to bail if the last return code is not ARCHIVE_EOF, which is
the expected value.
This requires a change to one of the pactest return codes and the
overall result of the test, but results in a much safer operating
condition whereby invalid database entries will stop the operation.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Conflicts:
lib/libalpm/trans.c
src/pacman/query.c
|
|
Issue FS#24230. If a symlink is broken and included in the removal
process of a package, we blew up and segfaulted due to
alpm_compute_md5sum() returning NULL and then performing a strcmp()
operation.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This currently causes a segfault, which is bad news.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Don't call os.stat() when we should be using os.lstat(); this allows us
to actually test dead symlinks that don't have a corresponding file. Add
a new LINK_EXIST rule that complements FILE_EXIST for a similar purpose.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This moves the generated root/ directory into /tmp, or at least a path
returned by tempfile.mkdtemp(), by default. This can make test runs
significantly faster if done when /tmp is a tmpfs.
If you are debugging a failed test, use the new --keep-root option to
not clean up and pactest will print the location of the generated root/
test directory.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This does touch a lot of things, and hopefully doesn't break things on
other platforms, but allows us to also clean up a bunch of crud that no
longer needs to be there.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Conflicts:
lib/libalpm/be_sync.c
lib/libalpm/db.c
src/pacman/util.c
|
|
The vercmptest script needs to be invoked as a bash script for this to
be valid; the -p operator is interpreted as an argument to look up by
sh. This goes way back to commit 3bf9448943dc0b, done to solve
http://mailman.archlinux.org/pipermail/pacman-dev/2008-July/007180.html.
Saw this problem running in a virtual machine where sh is not bash, but
in fact dash:
user@debian-powerpc:~/projects/pacman$ ./test/util/vercmptest.sh
src/util/vercmp-p: not found
src/util/vercmp is src/util/vercmp
vercmp binary (src/util/vercmp) could not be located
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.
Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Allow pkg.pgpsig to end up in the created sync databases.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Noted in FS#23342. When the user attempts to install an ignored package
and answers no when asked whether to install it, pacman bails out with:
"error: target not found: packagename"
This is because satisfiers are not found for the package and execution
continues to process_group(), where the package is treated as a group
(which does not exist).
In addition, test ignore006.py is updated with PACMAN_RETCODE=0 since
saying no to installing an ignored package should not be considered an
error.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
I managed to just make deptest001.py fail by changing a DEBUG-level
logger in commit b12be99c89. This should not be this fickle. Enhance the
OUTPUT rule to use an actual Python re object when looking for matches,
and make a lot of the rules use stronger patterns to match with.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This case currently fails, but highlights a failure in our install
process I experienced the other day. Because we don't do replacement
uninstalls inline with the rest of the upgrade uninstalls, we can have a
time on our system where a critical package is not installed.
I hope no one ever renames glibc.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This allows error messages emitted by the frontend to be a bit more
descriptive and not have the annoying "well why didn't you tell me that
the first time" problem. If a package had multiple missing deps, we
would bail on the first one before rather than finish processing all
missing dependencies, and only print one error message. Instead,
continue through this entire set of missing deps and append all eventual
errors.
The added pactest tests this case, as the to be installed package has
two missing dependencies. However, pactest does not actually test or see
the difference in output from before and after, so it passes in both
cases, but it is clearly visible in the logs.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Nothing that changes behavior here. Spelling fixes and pushing a
variable down to the scope it is used.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Hint: this will really stress hash table removal.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
-d skips checking the version of a dependency.
-dd skips the whole dependency check.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
No reason to disallow this- it allows keeping even more packages around in
the cache. Test cases included for this case and to ensure the default
behavior is preserved.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
The first two are rather standard tests of our two available clean options,
and the third is attempting to test a reported bug (and failing to make the
given case fail).
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This will allow some tests to be added for cache cleaning.
Signed-off-by: Dan McGee <dan@archlinux.org>
|