archlinuxarm/PKGBUILDs
1
0
Fork 0
mirror of https://github.com/archlinuxarm/PKGBUILDs.git synced 2024-09-19 22:08:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

core/pacman to 5.0.2-1

Browse source
This commit is contained in:
Kevin Mihelich 2017-06-16 01:07:31 +00:00
parent 8650e3c469
commit 391b2d45c6
7 changed files with 24 additions and 604 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
core/pacman/0001-Sychronize-filesystem.patch
View file

@ -1,4 +1,4 @@
From 42c073e4335d45e5f733a67cb1857a7561275d44 Mon Sep 17 00:00:00 2001
From faad6b96560cc1c7c7e816299e56b3a1ea7098e0 Mon Sep 17 00:00:00 2001
From: Kevin Mihelich <kevin@archlinuxarm.org>
Date: Sat, 13 Sep 2014 18:58:16 -0600
Subject: [PATCH 1/3] Sychronize filesystem
@ -14,7 +14,7 @@ Signed-off-by: Kevin Mihelich <kevin@archlinuxarm.org>
1 file changed, 3 insertions(+)
diff --git a/lib/libalpm/trans.c b/lib/libalpm/trans.c
index 1398470..82835ee 100644
index 13984707..82835ee5 100644
--- a/lib/libalpm/trans.c
+++ b/lib/libalpm/trans.c
@@ -230,6 +230,9 @@ int SYMEXPORT alpm_trans_commit(alpm_handle_t *handle, alpm_list_t **data)
@ -28,5 +28,5 @@ index 1398470..82835ee 100644
}
--
2.7.1
2.13.1

8
core/pacman/0002-Revert-close-stdin-before-running-install-scripts.patch
View file

@ -1,4 +1,4 @@
From b6d6499c598caaa50f492c6558b649fcd608a1f6 Mon Sep 17 00:00:00 2001
From 60baf4136355d00ce141b8dc4a90637eb0245245 Mon Sep 17 00:00:00 2001
From: Kevin Mihelich <kevin@archlinuxarm.org>
Date: Sat, 30 Jan 2016 17:19:03 -0700
Subject: [PATCH 2/3] Revert "close stdin before running install scripts"
@ -16,10 +16,10 @@ Signed-off-by: Kevin Mihelich <kevin@archlinuxarm.org>
1 file changed, 1 deletion(-)
diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c
index 4a4847d..5e74462 100644
index 1e554632..41cca4a7 100644
--- a/lib/libalpm/util.c
+++ b/lib/libalpm/util.c
@@ -602,7 +602,6 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
@@ -612,7 +612,6 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
if(pid == 0) {
/* this code runs for the child only (the actual chroot/exec) */
@ -28,5 +28,5 @@ index 4a4847d..5e74462 100644
close(2);
while(dup2(child2parent_pipefd[1], 1) == -1 && errno == EINTR);
--
2.7.1
2.13.1

12
core/pacman/0003-Revert-alpm_run_chroot-always-connect-parent2child-p.patch
View file

@ -1,4 +1,4 @@
From 2c2a442ba21223de93b1927f8829dbf4ab4c495c Mon Sep 17 00:00:00 2001
From 87612bf6ef06e5fa5d58716f9c18ccb52c27be6c Mon Sep 17 00:00:00 2001
From: Kevin Mihelich <kevin@archlinuxarm.org>
Date: Fri, 11 Mar 2016 20:11:24 -0700
Subject: [PATCH 3/3] Revert "alpm_run_chroot: always connect parent2child
@ -10,10 +10,10 @@ This reverts commit 1d6583a58da0904fb7feafd4a666391087955a7b.
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c
index 5e74462..f2d43ee 100644
index 41cca4a7..aba0ee94 100644
--- a/lib/libalpm/util.c
+++ b/lib/libalpm/util.c
@@ -586,7 +586,7 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
@@ -596,7 +596,7 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
goto cleanup;
}
@ -22,7 +22,7 @@ index 5e74462..f2d43ee 100644
_alpm_log(handle, ALPM_LOG_ERROR, _("could not create pipe (%s)\n"), strerror(errno));
retval = 1;
goto cleanup;
@@ -606,9 +606,11 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
@@ -616,9 +616,11 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
close(2);
while(dup2(child2parent_pipefd[1], 1) == -1 && errno == EINTR);
while(dup2(child2parent_pipefd[1], 2) == -1 && errno == EINTR);
@ -37,7 +37,7 @@ index 5e74462..f2d43ee 100644
close(child2parent_pipefd[0]);
close(child2parent_pipefd[1]);
if(cwdfd >= 0) {
@@ -643,16 +645,15 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
@@ -653,16 +655,15 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[],
child2parent->events = POLLIN;
fcntl(child2parent->fd, F_SETFL, O_NONBLOCK);
close(child2parent_pipefd[1]);
@ -56,5 +56,5 @@ index 5e74462..f2d43ee 100644
#define STOP_POLLING(p) do { close(p->fd); p->fd = -1; } while(0)
--
2.7.1
2.13.1

26
core/pacman/PKGBUILD
View file

@ -11,8 +11,8 @@
# - reverts to allow scriplet input on stdin
pkgname=pacman
pkgver=5.0.1
pkgrel=5
pkgver=5.0.2
pkgrel=1
pkgdesc="A library-based package manager with dependency support"
arch=('i686' 'x86_64')
url="http://www.archlinux.org/pacman/"
@ -28,29 +28,25 @@ conflicts=('pacman-contrib')
replaces=('pacman-contrib')
backup=(etc/pacman.conf etc/makepkg.conf)
options=('strip' 'debug')
validpgpkeys=('6645B0A8C7005E78DB1D7864F99FFE0FEAE999BD' # Allan McRae <allan@archlinux.org>
'B8151B117037781095514CA7BBDFFC92306B1121') # Andrew Gregory (pacman) <andrew@archlinux.org>
source=(https://sources.archlinux.org/other/pacman/$pkgname-$pkgver.tar.gz{,.sig}
pacman-5.0.1-roundup.patch
0001-Sychronize-filesystem.patch
0002-Revert-close-stdin-before-running-install-scripts.patch
0003-Revert-alpm_run_chroot-always-connect-parent2child-p.patch
pacman.conf
makepkg.conf)
md5sums=('377a2664d6007d72d6d8a126add83bcf'
'SKIP'
'1a6573187531068d38cb4478cd20368c'
'b1083094498f63e53de7d2aafea23733'
'8968ff77379c5b0143cbe89ed062c33b'
'fd59d9fb04abadffb937082c288bb10c'
'372fa63a5333ef22a0197d44b2a454ca'
'ace945b12a7a429af48b7a50f4119c4c')
validpgpkeys=('6645B0A8C7005E78DB1D7864F99FFE0FEAE999BD') # Allan McRae <allan@archlinux.org>
sha256sums=('dfd36086ad68564bcd977f4a1fafe51dd328acd4a95093ac4bf1249be9c41f0e'
'SKIP'
'5b81731c07945db05011db153cced5294187f16e487ca2fa221bb50aa4a18dc7'
'47b3583d093a9d5305f52f402f103fc5584c986a0272acbd36acfc96a9f01147'
'c8610fbae271167c2a1ae0bf69692038eac24f13921cabf925855a8697ea82f9'
'0c81e6feb426c2def260fe7b0c0586ae191ce3a782d19c119474671f147515c7'
'881759c640603e8f2ca5ff7eef83d4a5e2d3482b5d0e1e37d6b17a5533b75e5e')
prepare() {
cd $srcdir/$pkgname-$pkgver
# v5.0.1..pacman-5.0.1..c2f97580
patch -p1 -i $srcdir/pacman-5.0.1-roundup.patch
patch -p1 -i ../0001-Sychronize-filesystem.patch
patch -p1 -i ../0002-Revert-close-stdin-before-running-install-scripts.patch
patch -p1 -i ../0003-Revert-alpm_run_chroot-always-connect-parent2child-p.patch

60
core/pacman/ensure-matching-database-and-package-version.patch
View file

@ -1,60 +0,0 @@
From deac9731884a83ad91eab9f27b288f406f56c87b Mon Sep 17 00:00:00 2001
From: Levente Polyak <anthraxx@archlinux.org>
Date: Sat, 18 Jul 2015 17:58:23 +0200
Subject: [PATCH] ensure matching database and package version
While loading each package ensure that the internal version matches the
expected database version to avoid the possibility to circumvent the
version check.
This issue can be used by an attacker to trick the software into
installing an older version. The behavior can be exploited by a
man-in-the-middle attack through specially crafted database tarball
containing a higher version, yet actually delivering an older and
vulnerable version, which was previously shipped.
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
---
lib/libalpm/sync.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 888ae15..e843b07 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -1212,6 +1212,7 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data,
EVENT(handle, &event);
for(i = handle->trans->add; i; i = i->next, current++) {
+ int error = 0;
alpm_pkg_t *spkg = i->data;
char *filepath;
int percent = (int)(((double)current_bytes / total_bytes) * 100);
@@ -1232,6 +1233,23 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data,
spkg->name);
alpm_pkg_t *pkgfile =_alpm_pkg_load_internal(handle, filepath, 1);
if(!pkgfile) {
+ _alpm_log(handle, ALPM_LOG_DEBUG, "failed to load pkgfile internal\n");
+ error = 1;
+ } else {
+ if(strcmp(spkg->name, pkgfile->name) != 0) {
+ _alpm_log(handle, ALPM_LOG_DEBUG,
+ "internal package name mismatch, expected: '%s', actual: '%s'\n",
+ spkg->name, pkgfile->name);
+ error = 1;
+ }
+ if(strcmp(spkg->version, pkgfile->version) != 0) {
+ _alpm_log(handle, ALPM_LOG_DEBUG,
+ "internal package version mismatch, expected: '%s', actual: '%s'\n",
+ spkg->version, pkgfile->version);
+ error = 1;
+ }
+ }
+ if(error != 0) {
errors++;
*data = alpm_list_add(*data, strdup(spkg->filename));
free(filepath);
--
2.4.6

342
core/pacman/pacman-4.2.0-roundup.patch
View file

@ -1,342 +0,0 @@
diff --git a/contrib/paccache.sh.in b/contrib/paccache.sh.in
index 6a68d4d..1690583 100644
--- a/contrib/paccache.sh.in
+++ b/contrib/paccache.sh.in
@@ -256,6 +256,8 @@ while :; do
delete=1 ;;
-u|--uninstalled)
IFS=$'\n' read -r -d '' -a ign < <(pacman -Qq)
+ # pacman -Qq may exit with an error, thus making ign an empty array
+ (( ${#ign[@]} )) || die 'failed to retrieve the list of installed packages'
blacklist+=("${ign[@]}")
unset ign ;;
-V|--version)
diff --git a/contrib/paclist.sh.in b/contrib/paclist.sh.in
index 1c10b32..f4fd540 100644
--- a/contrib/paclist.sh.in
+++ b/contrib/paclist.sh.in
@@ -31,7 +31,7 @@ if ! type gettext &>/dev/null; then
fi
usage() {
- printf "%s (pacman) v%s\n" "${myname}" "myver"
+ printf "%s (pacman) v%s\n" "${myname}" "${myver}"
echo
printf "List all packages installed from a given repository\n" "${myname}"
echo
diff --git a/contrib/updpkgsums.sh.in b/contrib/updpkgsums.sh.in
index b0d2d69..7b92efe 100644
--- a/contrib/updpkgsums.sh.in
+++ b/contrib/updpkgsums.sh.in
@@ -82,9 +82,6 @@ fi
export BUILDDIR=$(mktemp -d --tmpdir updpkgsums.XXXXXX)
newbuildfile=$(mktemp --tmpdir updpkgsums.XXXXXX)
-# In case the eventual replacement fails, we don't want to leave behind
-# $newbuildfile as garbage in $TMPDIR. This fails silently if the replacement
-# succeeds.
trap "rm -rf '$BUILDDIR' '$newbuildfile'" EXIT
newsums=$(makepkg -g -p "$buildfile") || die 'Failed to generate new checksums'
awk -v newsums="$newsums" '
@@ -100,8 +97,9 @@ awk -v newsums="$newsums" '
END { if (!w) print newsums }
' "$buildfile" > "$newbuildfile" || die 'Failed to write new PKGBUILD'
-# Replace the original buildfile.
-if ! mv -- "$newbuildfile" "$buildfile"; then
+# Rewrite the original buildfile. Use cat instead of mv/cp to preserve
+# permissions implicitly.
+if ! cat -- "$newbuildfile" >"$buildfile"; then
die "Failed to update %s. The file has not been modified." "$buildfile"
fi
diff --git a/doc/PKGBUILD.5.txt b/doc/PKGBUILD.5.txt
index 7fa91ff..c95c41d 100644
--- a/doc/PKGBUILD.5.txt
+++ b/doc/PKGBUILD.5.txt
@@ -216,7 +216,7 @@ underscore and the architecture name e.g., 'checkdepends_x86_64=()'.
and are not utilized by pacman during dependency resolution. The format
for specifying optdepends is:
- optdepends=('fakeroot: for makepkg usage as normal user')
+ optdepends=('python: for library bindings')
+
Additional architecture-specific optdepends can be added by appending an
underscore and the architecture name e.g., 'optdepends_x86_64=()'.
@@ -336,10 +336,9 @@ files into the packaging directory, with optional `prepare()`, `build()`, and
*package() Function*::
The `package()` function is used to install files into the directory that
will become the root directory of the built package and is run after all
- the optional functions listed below. When specified in combination with
- the fakeroot BUILDENV option in linkman:makepkg.conf[5], fakeroot usage
- will be limited to running the packaging stage. All other functions will
- be run as the user calling makepkg.
+ the optional functions listed below. The packaging stage is run using
+ fakeroot to ensure correct file permissions in the resulting package.
+ All other functions will be run as the user calling makepkg.
*prepare() Function*::
An optional `prepare()` function can be specified in which operations to
diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in
index 712ca60..19f673d 100644
--- a/etc/makepkg.conf.in
+++ b/etc/makepkg.conf.in
@@ -19,6 +19,13 @@ DLAGENTS=('ftp::/usr/bin/curl -qfC - --ftp-pasv --retry 3 --retry-delay 3 -o %o
# /usr/bin/lftpget -c
# /usr/bin/wget
+#-- The package required by makepkg to download VCS sources
+# Format: 'protocol::package'
+VCSCLIENTS=('bzr::bzr'
+ 'git::git'
+ 'hg::mercurial'
+ 'svn::subversion')
+
#########################################################################
# ARCHITECTURE, COMPILE FLAGS
#########################################################################
diff --git a/lib/libalpm/log.c b/lib/libalpm/log.c
index d232bcc..9af5e84 100644
--- a/lib/libalpm/log.c
+++ b/lib/libalpm/log.c
@@ -52,7 +52,7 @@ int SYMEXPORT alpm_logaction(alpm_handle_t *handle, const char *prefix,
int fd;
do {
fd = open(handle->logfile, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC,
- 0000);
+ 0644);
} while(fd == -1 && errno == EINTR);
if(fd >= 0) {
handle->logstream = fdopen(fd, "a");
diff --git a/lib/libalpm/package.c b/lib/libalpm/package.c
index e2997f6..d9ed3d3 100644
--- a/lib/libalpm/package.c
+++ b/lib/libalpm/package.c
@@ -574,7 +574,7 @@ int _alpm_pkg_dup(alpm_pkg_t *pkg, alpm_pkg_t **new_ptr)
newpkg->installdate = pkg->installdate;
STRDUP(newpkg->packager, pkg->packager, goto cleanup);
STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
- STRDUP(newpkg->sha256sum, pkg->md5sum, goto cleanup);
+ STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
STRDUP(newpkg->arch, pkg->arch, goto cleanup);
newpkg->size = pkg->size;
newpkg->isize = pkg->isize;
diff --git a/scripts/makepkg-template.pl.in b/scripts/makepkg-template.pl.in
index 6e6d944..d9da167 100755
--- a/scripts/makepkg-template.pl.in
+++ b/scripts/makepkg-template.pl.in
@@ -70,7 +70,7 @@ sub parse_template_line {
foreach my $element (@elements) {
my ($key, $val) = ($element =~ /^([a-z0-9]+)=(.*)$/);
unless ($key and $val) {
- die gettext("invalid key/value pair\n%s:%s: %s"),
+ die gettext("invalid key/value pair\n"),
"$filename:$linenumber: $line";
}
$values{$key} = $val;
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 33dff24..da68dc7 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -362,11 +362,11 @@ download_file() {
# replace %o by the temporary dlfile if it exists
if [[ ${cmdline[*]} = *%o* ]]; then
dlfile=$filename.part
- cmdline=("${cmdline[@]//%o/"$dlfile"}")
+ cmdline=("${cmdline[@]//%o/$dlfile}")
fi
# add the URL, either in place of %u or at the end
if [[ ${cmdline[*]} = *%u* ]]; then
- cmdline=("${cmdline[@]//%u/"$url"}")
+ cmdline=("${cmdline[@]//%u/$url}")
else
cmdline+=("$url")
fi
@@ -1317,47 +1317,41 @@ verify_integrity_sums() {
fi
}
-have_sources() {
- local a
-
- (( ${#source[*]} )) && return 0
+check_checksums() {
+ local integ a
+ declare -A correlation
+ (( SKIPCHECKSUMS )) && return 0
+ # Initialize a map which we'll use to verify that every source array has at
+ # least some kind of checksum array associated with it.
+ (( ${#source[*]} )) && correlation['source']=1
case $1 in
all)
for a in "${arch[@]}"; do
- array_build _ source_"$a" && return 0
+ array_build _ source_"$a" && correlation["source_$a"]=1
done
;;
*)
- array_build _ source_"$CARCH" && return 0
+ array_build _ source_"$CARCH" && correlation["source_$CARCH"]=1
;;
esac
- return 1
-}
-
-check_checksums() {
- (( SKIPCHECKSUMS )) && return 0
- have_sources "$1" || return 0
-
- local correlation=0
- local integ a
for integ in "${known_hash_algos[@]}"; do
- verify_integrity_sums "$integ" && correlation=1
+ verify_integrity_sums "$integ" && unset "correlation[source]"
case $1 in
all)
for a in "${arch[@]}"; do
- verify_integrity_sums "$integ" "$a" && correlation=1
+ verify_integrity_sums "$integ" "$a" && unset "correlation[source_$a]"
done
;;
*)
- verify_integrity_sums "$integ" "$CARCH" && correlation=1
+ verify_integrity_sums "$integ" "$CARCH" && unset "correlation[source_$CARCH]"
;;
esac
done
- if (( ! correlation )); then
+ if (( ${#correlation[*]} )); then
error "$(gettext "Integrity checks are missing.")"
exit 1 # TODO: error code
fi
@@ -1504,7 +1498,7 @@ check_pgpsigs() {
esac
errors=1
else
- if (( ${#validpgpkeys[@]} == 0 && ! $trusted )); then
+ if (( ${#validpgpkeys[@]} == 0 && !trusted )); then
printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$fingerprint" >&2
errors=1
elif (( ${#validpgpkeys[@]} > 0 )) && ! in_array "$fingerprint" "${validpgpkeys[@]}"; then
@@ -1627,7 +1621,10 @@ merge_arch_attrs() {
source_buildfile() {
source_safe "$@"
- merge_arch_attrs
+
+ if (( !SOURCEONLY )); then
+ merge_arch_attrs
+ fi
}
run_function_safe() {
@@ -1835,7 +1832,7 @@ tidy_install() {
# check existence of backup files
local file
for file in "${backup[@]}"; do
- if [[ ! -f $file ]]; then
+ if [[ ! -f $file && ! -h $file ]]; then
warning "$(gettext "%s entry file not in package : %s")" "backup" "$file"
fi
done
@@ -2469,6 +2466,9 @@ array_build() {
# Build an array of the indicies of the source array.
eval "keys=(\"\${!$2[@]}\")"
+ # Clear the destination array
+ eval "$dest=()"
+
# Read values indirectly via their index. This approach gives us support
# for associative arrays, sparse arrays, and empty strings as elements.
for i in "${keys[@]}"; do
@@ -2896,7 +2896,7 @@ get_vcsclient() {
}
check_vcs_software() {
- local ret=0
+ local all_sources all_deps deps ret=0
if (( SOURCEONLY == 1 )); then
# we will not download VCS sources
@@ -2908,7 +2908,17 @@ check_vcs_software() {
return $ret
fi
- for netfile in ${source[@]}; do
+ # we currently only use global depends/makedepends arrays for --syncdeps
+ for attr in depends makedepends; do
+ pkgbuild_get_attribute "$pkg" "$attr" 1 'deps'
+ all_deps+=("${deps[@]}")
+
+ pkgbuild_get_attribute "$pkg" "${attr}_$CARCH" 1 'deps'
+ all_deps+=("${deps[@]}")
+ done
+
+ get_all_sources_for_arch 'all_sources'
+ for netfile in ${all_sources[@]}; do
local proto=$(get_protocol "$netfile")
case $proto in
@@ -2921,7 +2931,7 @@ check_vcs_software() {
uninstalled="$(set +E; check_deps $client)" || exit 1
# if not installed, check presence in depends or makedepends
if [[ -n "$uninstalled" ]] && (( ! NODEPS || ( VERIFYSOURCE && !DEP_BIN ) )); then
- if ! in_array "$client" ${depends[@]} ${makedepends[@]}; then
+ if ! in_array "$client" ${all_deps[@]}; then
error "$(gettext "Cannot find the %s package needed to handle %s sources.")" \
"$client" "${proto%%+*}"
ret=1
@@ -3435,7 +3445,7 @@ CARCH=${_CARCH:-$CARCH}
if (( ! INFAKEROOT )); then
if (( EUID == 0 )); then
error "$(gettext "Running %s as root is not allowed as it can cause permanent,\n\
-catastrophic damage to your system.")"
+catastrophic damage to your system.")" "makepkg"
exit 1 # $E_USER_ABORT
fi
else
@@ -3597,7 +3607,7 @@ if (( SOURCEONLY )); then
download_sources allarch
elif ( (( ! SKIPCHECKSUMS )) || \
( (( ! SKIPPGPCHECK )) && source_has_signatures ) ); then
- download_sources novcs
+ download_sources allarch novcs
fi
check_source_integrity all
cd_safe "$startdir"
diff --git a/scripts/pacman-db-upgrade.sh.in b/scripts/pacman-db-upgrade.sh.in
index 7bb277b..7d01bce 100644
--- a/scripts/pacman-db-upgrade.sh.in
+++ b/scripts/pacman-db-upgrade.sh.in
@@ -19,6 +19,9 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+# Avoid creating world-unreadable files
+umask 022
+
# gettext initialization
export TEXTDOMAIN='pacman-scripts'
export TEXTDOMAINDIR='@localedir@'
@@ -167,6 +170,8 @@ if [[ -z "$db_version" ]]; then
fi
# pacman 4.1 to 4.2 upgrade - remove directory symlink support
+ msg "$(gettext "Pre-4.2 database format detected - upgrading...")"
+
dirlist=()
unset GREP_OPTIONS
@@ -180,8 +185,6 @@ if [[ -z "$db_version" ]]; then
done)
if [[ ${#dirlist[@]} != 0 ]]; then
- msg "$(gettext "Pre-4.2 database format detected - upgrading...")"
-
pacroot="$(resolve_dir "$pacroot")"
for dir in "${dirlist[@]}"; do

174
core/pacman/pacman-5.0.1-roundup.patch
View file

@ -1,174 +0,0 @@
diff --git a/NEWS b/NEWS
index 07aa028..b7298bf 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,22 @@
VERSION DESCRIPTION
-----------------------------------------------------------------------------
+5.0.1 - fix alignment issues with wide character locales (FS#47980)
+ - fix removal of .pacnew files (FS#47993)
+ - fix triggering of Install hooks (FS#47996)
+ - fix handling of stdin scripts called by pacman
+ - hook activity is logged
+ - documentataion updates for alpm-hooks (FS#48080)
+ - makepkg:
+ - increase robustness of variable array checks
+ - makepkg -g does not perform current architecture checks
+ - do not run prepare() with --noextract
+ - all directories in the packaging directory are cleared
+ before each build
+ - fix translations issues (FS#48057, FS#48298)
+ - repo-add:
+ - fix checking for non-existent database
+ - contrib:
+ - zsh_completion: updated makepkg options
5.0.0 - pacman can run hooks pre- and post-transaction. See the
alpm-hooks(5) man page for details and an example hook (FS#2985)
- pacman can now sync and read .files databases (-Fy) and do basic
diff --git a/doc/PKGBUILD.5.txt b/doc/PKGBUILD.5.txt
index e410481..4b4a22c 100644
--- a/doc/PKGBUILD.5.txt
+++ b/doc/PKGBUILD.5.txt
@@ -52,10 +52,10 @@ similar to `$_basekernver`.
+
The `pkgver` variable can be automatically updated by providing a `pkgver()`
function in the PKGBUILD that outputs the new package version.
-This is run after downloading and extracting the sources so it can use those
-files in determining the new `pkgver`.
-This is most useful when used with sources from version control systems (see
-below).
+This is run after downloading and extracting the sources and running the
+`prepare()` function (if present), so it can use those files in determining the
+new `pkgver`. This is most useful when used with sources from version control
+systems (see below).
*pkgrel*::
This is the release number specific to the Arch Linux release. This
diff --git a/scripts/libmakepkg/tidy/emptydirs.sh.in b/scripts/libmakepkg/tidy/emptydirs.sh.in
index 32b8d8c..85ab39d 100644
--- a/scripts/libmakepkg/tidy/emptydirs.sh.in
+++ b/scripts/libmakepkg/tidy/emptydirs.sh.in
@@ -33,6 +33,7 @@ tidy_remove+=('tidy_emptydirs')
tidy_emptydirs() {
if check_option "emptydirs" "n"; then
msg2 "$(gettext "Removing empty directories...")"
- find . -depth -type d -exec rmdir '{}' + 2>/dev/null
+ # we are unable to use '-empty' as it is non-POSIX and not support by all find variants
+ find . -depth -type d -exec rmdir '{}' \; 2>/dev/null
fi
}
diff --git a/scripts/libmakepkg/util/util.sh b/scripts/libmakepkg/util/util.sh
index 675e75d..f9f1c20 100644
--- a/scripts/libmakepkg/util/util.sh
+++ b/scripts/libmakepkg/util/util.sh
@@ -46,7 +46,7 @@ is_array() {
local shellopts=$(shopt -p)
shopt -s extglob
- if [[ $(declare -p "$i") == declare\ -*([[:alnum:]])a*([[:alnum:]])\ * ]]; then
+ if [[ $(declare -p "$v") == declare\ -*([[:alnum:]])a*([[:alnum:]])\ * ]]; then
ret=0
fi
diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in
index 30d2704..0db0952 100644
--- a/scripts/pacman-key.sh.in
+++ b/scripts/pacman-key.sh.in
@@ -483,7 +483,7 @@ verify_sig() {
local ret=0
for sig; do
msg "Checking %s..." "$sig"
- if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE)$'; then
+ if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
ret=1
fi
diff --git a/src/pacman/check.c b/src/pacman/check.c
index 0fe74e8..d282cc2 100644
--- a/src/pacman/check.c
+++ b/src/pacman/check.c
@@ -254,7 +254,6 @@ int check_pkg_full(alpm_pkg_t *pkg)
const char *root, *pkgname;
size_t errors = 0;
size_t rootlen;
- char filepath[PATH_MAX];
struct archive *mtree;
struct archive_entry *entry = NULL;
size_t file_count = 0;
@@ -267,7 +266,6 @@ int check_pkg_full(alpm_pkg_t *pkg)
pm_printf(ALPM_LOG_ERROR, _("path too long: %s%s\n"), root, "");
return 1;
}
- strcpy(filepath, root);
pkgname = alpm_pkg_get_name(pkg);
mtree = alpm_pkg_mtree_open(pkg);
@@ -282,6 +280,8 @@ int check_pkg_full(alpm_pkg_t *pkg)
while(alpm_pkg_mtree_next(pkg, mtree, &entry) == ARCHIVE_OK) {
struct stat st;
const char *path = archive_entry_pathname(entry);
+ char filepath[PATH_MAX];
+ int filepath_len;
mode_t type;
size_t file_errors = 0;
int backup = 0;
@@ -292,31 +292,37 @@ int check_pkg_full(alpm_pkg_t *pkg)
path += 2;
}
- if(strcmp(path, ".INSTALL") == 0) {
- char filename[PATH_MAX];
- snprintf(filename, PATH_MAX, "%slocal/%s-%s/install",
- alpm_option_get_dbpath(config->handle) + 1,
- pkgname, alpm_pkg_get_version(pkg));
- archive_entry_set_pathname(entry, filename);
- path = archive_entry_pathname(entry);
- } else if(strcmp(path, ".CHANGELOG") == 0) {
- char filename[PATH_MAX];
- snprintf(filename, PATH_MAX, "%slocal/%s-%s/changelog",
- alpm_option_get_dbpath(config->handle) + 1,
- pkgname, alpm_pkg_get_version(pkg));
- archive_entry_set_pathname(entry, filename);
- path = archive_entry_pathname(entry);
- } else if(*path == '.') {
- continue;
- }
+ if(*path == '.') {
+ const char *dbfile = NULL;
- file_count++;
+ if(strcmp(path, ".INSTALL") == 0) {
+ dbfile = "install";
+ } else if(strcmp(path, ".CHANGELOG") == 0) {
+ dbfile = "changelog";
+ } else {
+ continue;
+ }
- if(rootlen + 1 + strlen(path) > PATH_MAX) {
- pm_printf(ALPM_LOG_WARNING, _("path too long: %s%s\n"), root, path);
- continue;
+ /* Do not append root directory as alpm_option_get_dbpath is already
+ * an absoute path */
+ filepath_len = snprintf(filepath, PATH_MAX, "%slocal/%s-%s/%s",
+ alpm_option_get_dbpath(config->handle),
+ pkgname, alpm_pkg_get_version(pkg), dbfile);
+ if(filepath_len >= PATH_MAX) {
+ pm_printf(ALPM_LOG_WARNING, _("path too long: %slocal/%s-%s/%s\n"),
+ alpm_option_get_dbpath(config->handle),
+ pkgname, alpm_pkg_get_version(pkg), dbfile);
+ continue;
+ }
+ } else {
+ filepath_len = snprintf(filepath, PATH_MAX, "%s%s", root, path);
+ if(filepath_len >= PATH_MAX) {
+ pm_printf(ALPM_LOG_WARNING, _("path too long: %s%s\n"), root, path);
+ continue;
+ }
}
- strcpy(filepath + rootlen, path);
+
+ file_count++;
exists = check_file_exists(pkgname, filepath, rootlen, &st);
if(exists == 1) {