Explicitly check in show_var that the buffer is non-NULL.
This can stops pkg_info -Q foo from segfaulting for explicitly
installed packages. Reported by Stoned Elipot.
libnbcompat.h already. So don't include sys/param.h and sys/mount.h in
it and remove the configure test for sys/mount.h.
While here, remove some #if 0'd code from pen.c.
Convert pkg_info to use libarchive instead of tar for binary package
handling. As a side effect pkg_info on remote packages will use
one FTP instance per argument, but will try to fetch only the meta data.
This reduces time for pkg_info -X on a full binary repository from 36.9s
to 18.1s for the cache hot case (PKG_TMPDIR on tmpfs for the old
pkg_info). Thanks to tnn@ for testing.
as 20071224. Changes include:
- better diagnostic for conflicting packages
- explicitly check already installed packages for conflicts with
to-be-installed package
- document pkg_admin rebuild-tree in usage
- man page fixes
- forcefully remove pkgdb entries (needed for user-usage in some cases)
This allows such settings as the following in audit-packages.conf:
FETCH_PRE_ARGS="env ftp_proxy://ftp.myproxy.com"
Which will be set before FETCH_CMD is run.
This was made a lot more critical with the changes to use the iteration
API, as that is running a lot more Dewey comparisions.
Thanks to adrianp and wiz for the reports.
Bump to 20070916.
buffer, but the size of a pointer to a buffer. This makes pkg_add -u
work again. It failed before, trying to rename the +REQUIRED_BY file to
"/us" or "/va", depending on the value of PKGDBDIR.
meaningful warning if the file is a symlink whose target doesn't exist.
The message has now been changed from:
pkg_admin: netbsd32_compat30-extras: File `/usr/pkg/emul/netbsd32/usr/lib/libm387.so' is in +CONTENTS but not on filesystem!
to:
pkg_admin: Symlink `/usr/pkg/emul/netbsd32/usr/lib/libm387.so' exists and is in +CONTENTS but target does not exist!
* Pass values for --sysconfdir (and --prefix) to the configure script
instead of passing them through CPPFLAGS. Both SYSCONFDIR and PREFIX
are only used by audit-packages, and the audit-packages Makefile
already handles passing these values inherited from the configure
script. This avoids compiler warnings that, e.g. SYSCONFDIR has been
redefined on the command line.
* Fix quoting for arguments to the configure script -- :Q instead of
\"\".
Bump version to 20070828. Reviewed by <joerg>.
PR# 36773 opened by David A. Holland.
While we're here look for settings with no values in audit-packages.conf
and ignore them.
Tighten up processing of audit-packages.conf for the situation where
settings are specified multiple times. (report from joerg@).
a subfunction.
Bail out if the package name doesn't have a version name.
Bail out if the internal rename failed (it was an assert before).
Invert some of the branches to cut off three levels of indirection.
the functionality offered by findmatchingname and findbestmatching
name. They optionally strip the suffix from the filename before
matching it, instead of modifying the pattern directly.
Drop the old functions.
- Fix a bug in pkg_order where the version strings where inverted
- Make pkg_admin lsbest and lsall use the new functions.
- Make ftpio use pkg_order directly.
Bump version to 20070812.
Reported by Greg Troxel on tech-pkg@
* Add -q which operates the same as 'pkg_info -q' and only displays
the package name of any vulnerable/eol packages found.
Suggestion by joerg@
* man page updates for -q
* Document the required permissions for audit-packages and
download-vulnerability-list in the man page.
possible cause of inconsistencies. Remove comment about make replace,
since it does not, absent pkgsrc/mk bugs, result in incorrect
dependency records.
packages (see pkg_info -e). Restore this behaviour. Still print a
warning when the pkgdb can't be processed.
Reported by Daniel Horecki and pointed to the option by tnn@.
mark_as_automatic_installed to take a package name and not a full path.
Add assertions to test for this.
Drop a few islinktodir checks.
Change pkg_info to use iterate_pkg_db instead of scanning the directory
by hand. As a side effect don't try to check for the pkgdb dir first,
let pkgdb_dump and iterate_pkg_db handle that.
Make pkgdb_dump return failure if it can't open the package db.
users of findbestmatchingname and findmatching name with more
descriptive and easier to use iterator functions. This functions
are a first step to abstract away pkgdb layout from most parts of
the code. It also helps to reduce side effects and point out potential
bugs in this code.
Fix a potential, but practically irrelevant buffer overflow.
No longer allow symbolic links directly in pkgdb to store the meta
data of individual packages outside. E.g. /var/db/pkg/atk-1.18.0
must be a directory and not point to it. This is not yet enforced in
all parts of the code, more changes will follow.
Bump version to 20070808.
- for pkg_create, split-off the package creation from the plist
processing. package creation is disabled for --enable-bootstrap
- change package creation to use libarchive
- add two options (-u and -g) to override file system ownership
- pkg_create now creates files in the tarball with correct owner/group
based on -u/-g or @owner/@group
- add a function to compute the +CONTENTS file in memory
Bump version to 20070802.
Review of a slightly older version by jlam@
instead of environment. This allows mk/flavor/pkg/resolve-dependencies
to execute '${PKG_ADMIN}': you can encounter this problem
on platforms in need of pkgtools/pkg_install because their native
pkg_* tools are older than PKGTOOLS_REQD, id est NetBSD 2.x and earlier.
Ok'ed joerg@.
- pkg_create bails out with -m
- pkg_add ignores mtree specs in packages and prints a warning.
It does not remove the file like before.
- remove now obsolete documentation.
pkg_info still prints the information and pkg_admin ignores the files.
Make the dependency on the tools a runtime dependency.
Take maintainership of pkg_install and bump version to 20070725.
Update to autoconf 2.61
Add checks for AC_TYPE_UINT{8,16,32,64}_T
Add checks for stdint.h
Change how config file notification works
If no IGNORE_URLS directive is found then just say that
Check that pkg-vulnerabilities exists before we try any operations on it
Use st_ctime as opposed to st_ctimespec.tv_sec as the former is SUSv3
This update should fix PR #36655 and go part way to fixing PR #36662
Thanks to tnn@ and joerg@ for suggested fixes and Yakovetsky Vladimir and
Stuart Shelton for testing and patches.
Rename pmatch to pkg_match and add new function pkg_order that
implements the order logic used by pkg_add internally.
Change the interface of findmatchingname's callback to take the pattern
used for the matching as first argument. The new pkg_order function
takes it and it doesn't hurt in other cases. Adjust callers and
corresponding callbacks accordingly.
Remove an unused matchfn typedef in dewey.c.
Bump to 20070720. OK jlam@
sense of pkg_tools_prefix and prefix in the sense of LOCALBASE.
This allows individual overriding for NetBSD.
Add the forgotten part to allow DESTDIR builds and the pkgsrc.7 man
page.
page. Fix build on !NetBSD. Rebuild man pages with nroff -mandoc on
NetBSD current for consistency. Make it DESTDIR safe. Remove the note
that src/usr.sbin/pkg_install is the authoritive version, it won't be
any longer.
When fixing vsftpd, other FTP server were broken as they return
different error codes for unmatching glob patterns. Basically ignore the
error code and just try the other pattern. chdir errors are still
considered fatal.
Bump version to 20070715.
Merge of audit-packages with various improvements:
* Version 20070714
Initial release of re-write in C
Add support for notfication of eol packages (-e)
Multiple levels of verbosity (e.g. -v -v)
Specify a custom config file to use (-c)
Query running config values (-Q)
Default to download .gz compress pkg-vulnerabilities file
Support for .bz2 compress pkg-vulnerabilities file
Verify signature on downloaded files (-s)
Thanks to tron@, jschauma@, agc@, joerg@ and pkgsrc-security@ for feedback
and testing.
Some FTP server don't expand [] in NLIST, most noticable is vsftpd.
Avoid this by splitting the wildcard search pattern into two commands.
Sync some other minor changes.
Bump to 20070416.
- obsolete support for require scripts
- nuke support for the following options of pkg_create:
-X (excludefile)
-r (require script)
-h (Force follow symlink)
- add option for pkg_create to specify additional @blddep packages.
This brings us to version 20070308.
If a plist contains @owner or @group entries and first rename failed,
pushout was called with NULL argument. This has the semantic of using a
working directory of "/", even though already read plist entries are
relative to prefix. The calls to chown and chgrp therefore end up with
the wrong arguments for the current directory. To compensate for this,
don't pushout the first time. As plists are not supposed to have
multiple @cwd entries anymore, this could most likely be simplified, but
that is outside the scope of this commit.
Merge lib/plist.c, rev 1.51:
When processing symlinks in pkg_delete and the call to readlink failed,
it often helps to know why, so use warn instead of warnx.
Bump version to 20061103.
Fix uninitialized variable which was causing pkg_add -u to randomly
dump core. This may fix PR pkg/30292.
Also bump the pkgsrc PKGTOOLS_VERSION to 20060720.
its own set of commands. One of these invoked "deinstall" with
UPDATE_RUNNING set to "YES"; however, UPDATE_RUNNING was made into a
pkgsrc private variable a little while ago. Fix "update" by setting
_UPDATE_RUNNING instead. This fixes PR pkg/33716.
variable to show whether the package supports running the check-files
target.
Set CHECK_FILES_SUPPORTED to "no" in pkgtools/pkg_install in the case
where the PREFIX does not match ${LOCALBASE} it's likely the tools are
being installed in some place that's completely outside pkgsrc control,
and check-files fails horribly in that case.
Add support for creating summary file containing all information
about a package repository needed by package managing software.
This allows better use of remote binary package repositories.
Discussed on tech-pkg.
pkg_add also check for USE_ABI_DEPENDS.
Check if USE_ABI_DEPENDS or IGNORE_RECOMMENDED was set
when this package was built. IGNORE_RECOMMENDED is now historical.
For the cat man page, I manually made it say "pkgsrc" instead of
"NetBSD".
I committed to NetBSD's src/usr.sbin/pkg_install/ first :)
http_expand_URL(): fclose() the fdopen()'ed filedescriptor
before leaving the function (for all cases).
Actual fix and sanity checking by Dillo & Wiz
Coverity CID 2340
When recognizing a broken package version/name,
make sure to error out really, don't just print a warning
and the run into further problems.
Coverity CID 2739.
revision 1.61
date: 2006/03/17 17:46:44; author: hubertf; state: Exp; lines: +4 -3
Put check if "best" is empty back into the right place, messed up
in previous commit.
Noted by yamt@
----------------------------
revision 1.60
date: 2006/03/17 02:20:46; author: hubertf; state: Exp; lines: +10 -4
findbestmatchingname_fn(): catch possible problems if best (vp)
contains some strange name (shouldn't happen, but ...)
Coverity CID 869
----------------------------
revision 1.59
date: 2006/03/17 02:10:55; author: hubertf; state: Exp; lines: +8 -7
findbestmatchingname_fn(): only do something sensible if the pointer
handed in is actually usable (not NULL)
Fixes Coverity ID 870
revision 1.36
date: 2006/03/17 01:58:25; author: hubertf; state: Exp; lines: +11 -3
We can't sprintf() into a NULL pointer - catch that properly
for ALL cases.
Coverity CID 861
revision 1.77
date: 2006/03/26 18:11:22; author: christos; state: Exp; lines: +3 -3
PR/33123: Murray Armfield: standards compliance & glob.h
Certain fields in glob.h need to be size_t; fix this and version glob(3).
http://www.opengroup.org/onlinepubs/000095399/basedefs/glob.h.html
revision 1.6
date: 2005/11/13 20:37:23; author: agc; state: Exp; lines: +1 -10
Get rid of cvs merge botch in previous.
----------------------------
revision 1.5
date: 2005/11/13 20:07:41; author: agc; state: Exp; lines: +25 -8
The Dewey number comparison routines were added by myself in 2002 in
revision 1.32 of pkg_install/lib/str.c, and have absolutely nothing to
do with the original FreeBSD utilities.
Place the appropriate (3 clause) copyright on this file.
revision 1.36
date: 2005/12/03 01:08:38; author: hubertf; state: Exp; lines: +3 -3
Only warn about running as non-root when -v is given
(or when running in non-unprivilegedmode, but how to detect?)
revision 1.51
date: 2006/03/06 20:00:10; author: reed; state: Exp; lines: +4 -4
Fix the "Cannot chdir" error message to actually show the
problem directory name for lsbest and lsall.
For example:
# pkg_admin -d /usr/packages/DragonFly/1.4.0/i386/All lsbest 'gmake>0'
pkg_admin: Cannot chdir to /var/db/pkg: No such file or directory
Should show:
pkg_admin: Cannot chdir to /usr/packages/DragonFly/1.4.0/i386/All: No such file or directory
revision 1.117
date: 2006/03/17 02:37:31; author: hubertf; state: Exp; lines: +6 -2
Add sanity check if there's a @cwd in the +CONTENT file.
If not abort, because we wouldn't know where to put the files.
Coverity CID 1358
INSTALL/DEINSTALL script creation within pkgsrc.
If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts. If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:
INSTALL_SRC= ${PKGDIR}/INSTALL
DEINSTALL_SRC= # emtpy
As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts. By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).
In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework. The only public variables relating to the templates are:
INSTALL_SRC INSTALL_TEMPLATE
DEINSTALL_SRC DEINSTALL_TEMPLATE
HEADER_TEMPLATE
The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
for the sake of compatibility tests in pkg_add.
E.g. DragonFly versions like
1.4.0-RELEASE
are reduced to
1.4.0
This code is currently enabled for DragonFly only.
- if you have > db1 the probably you have db_185.h which means
that dbopen is really __db185_open, and we'll prefer that.
- else if you have db1, then you have db1/db.h and dbopen
- else if you have db.h, then this is either the one from db1 and it will
work with -ldb having dbopen, or it will not.
Note that the compatibility option on __db185_open() will actually not create
or update db1.85/1.86 files, but it will use the current format of the db
library. This compatibility layer is source code only.
problems. Instead, use exec*() functions.
Replace PUSHOUT() macro and string buffers with a function that
operates on data structures.
If it is necessary to copy files into place from staging area, then use
pax to copy them.
Add functions in pexec.c to create a pipe for sending data to a child
process. Replace pipe code in create/perform.c with these functions.
Use these functions instead of command-line arguments when copying files
into place from staging area.
Three system() references remain: @exec, @unexec, and vsystem().
Also, simplify the package by making use of the PKGMANDIR-handling in
pkgsrc to remove the custom MANDIR code from the package Makefile and
the PLIST.
Technically, this type of a change would require a PKGREVISION bump,
but as this is the pkg_* tools package and there were no changes to the
binaries, we refrain from doing so.
| Modified Files:
| src/usr.sbin/pkg_install/add: extract.c
|
| Log Message:
| Fix 'pkg_add -R' handling - not registering really means not touching
| the pkgdb too - useful for pkg_add as non-root!
|
|
| To generate a diff of this commit:
| cvs rdiff -r1.34 -r1.35 src/usr.sbin/pkg_install/add/extract.c
If a pattern does not have any suffix, assume that it matches both
".tbz" and ".tgz". This allows to install binary package dependencies
that are not exact matches, but satisfy requirements.
* ftp.fi.netbsd.org returns "257" in return to a "cd" command, accept that
(in addition to 250 and 550). Seems to be allowed per RFC 959.
* Make buffer for reply bigger (not too big, as it may hit performance).
* Bump PKGTOOLS_VERSION (NOT!!! PKGTOOLS_REQD) to 20050318
rework pkg_info(8) operating on binary packages, deprecating the `-.'
argument as it is no longer required (but is retained as a no-op for
backward compatibility).
the behaviour is now what is expected and intended:
- when the pkg argument is path (absolute or relative) to a
binary pkg, pkg_info operates on it.
- when no pkg argument is given, or the argument is not a
binary pkg path, pkg_info operates on the installed packages.
`pkg_info foo-1.0.tgz', `pkg_info /path/to/foo-1.0.tgz', etc. now work
correctly when foo-1.0.tgz is in the cwd.
bump PKGTOOLS_VERSION to 20050210.
branch of src). Changes from version 20050106:
Teach pkg_add(1) and pkg_delete(1) to pass PKG_METADATA_DIR and
PKG_REFCOUNT_DBDIR in the environment when running the +* scripts.
PKG_METADATA_DIR is the location of the +* files after the package is
registered. PKG_REFCOUNT_DBDIR is the location of the reference counts
database directory. If PKG_REFCOUNT_DBDIR is left unset, then it
defaults the the location of the package database directory with
".refcount" appended to the path, e.g. /var/db/pkg.refcount.
pkgviews users should explicitly set PKG_REFCOUNT_DBDIR in the shell
environment to ensure that all packages will use the same refcount
database.
These changes allow the +INSTALL and +DEINSTALL script to keep state
in +* files within ${PKG_METADATA_DIR}, and to store reference counts
in ${PKG_REFCOUNT_DBDIR} to handle usage of resources outside of
${LOCALBASE}.
revision of src/usr.sbin/pkg_install as of 20050204. I ran:
cd pkgsrc/pkg_install/files
./pkg_install2nbcompat .
Then I ran "cvs diff" and looked for portability-related changes that
were removed as a result of the import and resurrected them from the
repository.
+ always echo the command which is about to be executed during a pkg_add
or pkg_delete, not just when verbose mode is on.
+ extract files on ftp pkg_adds with the 'p' flag to tar, to preserve
modes of entries in the binary package. (Addresses PR 28826 from
Tyler Retzlaff)
Bump version to 20050106
user, so it's not nice to try to use an option that will try to chown if
the repository isn't owned by the builder.
(Some OS's do in fact cause an error when the chown in "cp -p" fails.)
Introduce a new abstraction in the C code, called MaxPathSize. All
previous occurrences of MAXPATHLEN and FILENAME_MAX have been changed
to use MaxPathSize instead.
If MAXPATHLEN is not defined, then assume a default value of 1024
(this is primarily for use on the Hurd).
The reason for this is that some older platforms define FILENAME_MAX
to be 14, although MAXPATHLEN is 1024. On BSD-derived systems,
FILENAME_MAX And MAXPATHLEN are both 1024.
Bump pkg_install version to 20041226.
These modifications have been tested so far on a NetBSD-current bulk
build.
update also. Specifying -u twice will now update the named package
and its dependencies.
Also make sure Fake really means Fake, even if update is specified.
don't explicitly call gunzip, just pass the right arguments to tar.
fixes package decompression on Solaris where gunzip is not available
(but gzip is), and also decompression of bzip2 packages on non-NetBSD.
