- 18 Jun, 2013 6 commits
-
-
Allan McRae authored
Signed-off-by:Allan McRae <allan@archlinux.org>
-
Allan McRae authored
Signed-off-by: -
Allan McRae authored
Signed-off-by: -
Changes to pacman mean that -Sp can be called without root permissions and '-d' needs passed twice to completely ignore dependencies. Signed-off-by: Karol Błażewicz <karol.blazewicz at gmail.com> Signed-off-by: -
'-q' means "Exit as soon as each specified pattern or filename has been matched." There is no reason to keep reading the whole package from the cache when the install script has already been printed to stdout. Signed-off-by: Karol Błażewicz <karol.blazewicz at gmail.com> Signed-off-by: -
Allan McRae authored
Use CHECKUPDATES_DB rather than CHECKUPDATE_DB for consistency with the script name. Signed-off-by:
-
- 16 Jun, 2013 2 commits
-
-
Allan McRae authored
Signed-off-by: -
Allan McRae authored
Introduced in commit 9dd42dc0 . Fixes FS#35741. Signed-off-by:
-
- 06 Jun, 2013 2 commits
-
-
Allan McRae authored
Fixes FS#35469. Signed-off-by: -
Allan McRae authored
Signed-off-by:
-
- 04 Jun, 2013 3 commits
-
-
Given a revoked keyring containing only: BC1FBE4D2826A0B51E47ED62E2539214C6C11350 We should only disable this specific keyid. This change enforces that the contents of the -revoked keyring file are full fingerprints which can uniquely identify a key. Before: # pacman-key --populate archlinux ==> Appending keys from archlinux.gpg... ==> Locally signing trusted keys in keyring... -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2... -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8... -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887... -> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0... -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7... ==> Importing owner trust values... ==> Disabling revoked keys in keyring... -> Disabling key 1390420191... -> Disabling key E2539214C6C11350... -> Disabling key 8544EA82113502DE... ==> Updating trust database... gpg: next trustdb check due at 2014-01-22 After: # pacman-key --populate archlinux ==> Appending keys from archlinux.gpg... ==> Locally signing trusted keys in keyring... -> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2... -> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8... -> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887... -> Locally signing key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0... -> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7... ==> Importing owner trust values... ==> Disabling revoked keys in keyring... -> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350... ==> Updating trust database... gpg: next trustdb check due at 2014-01-22 Partially addresses FS#35478. This does nothing to confirm whether or not the key was successfully disabled -- a ridiculously simple request which appears to be far too difficult for gpg to manage. Signed-off-by:Dave Reisner <dreisner@archlinux.org> Signed-off-by:
-
Currently we make no effort to validate the %FILENAME% field in the repo db. This allows for relative paths to be considered valid. A carefully crafted db entry with a malicious relative path, (e.g. `../../../../etc/passwd`) will cause pacman to to overwrite _any_ file on the target's machine. Add the following validation: - doesn't start with '.' - doesn't contain a '/' - won't overflow PATH_MAX Signed-off-by:
Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by:
-
Allan McRae authored
Adding this restriction means we can filter any FILENAME entry from starting with a "/" or a ".". Use the term "dot" as it is more computing relevant compared to "full stop" or "period" which vary depending on English locale. Signed-off-by:
-
- 29 May, 2013 2 commits
-
-
Signed-off-by:
Eric Bélanger <snowmaniscool@gmail.com> Signed-off-by:
Dan McGee <dan@archlinux.org>
-
imporve -> improve diskspace -> disk space BTRFS -> Btrfs filelists -> file lists filesize -> file size Signed-off-by:
Jason St. John <jstjohn@purdue.edu> Signed-off-by:
-
- 19 May, 2013 1 commit
-
-
Allan McRae authored
The wrong bug number is mentioned in commit 32327dc8 and this was perpetuated into the NEWS file. Signed-off-by:
-
- 18 May, 2013 5 commits
-
-
Allan McRae authored
If LOGDEST is set, we may not check that $startdir is writable. Store the log pipe in LOGDEST instead. Signed-off-by: -
Allan McRae authored
Signed-off-by: -
Signed-off-by:
William Giokas <1007380@gmail.com> Signed-off-by:
-
su is terribad. In addition to reverting, this also removes support for privilege escalation via su. If you want to use paccache as root and fail to comprehend how much better sudo is than su, then run paccache directly via su. Fixes FS#35173. This reverts commit 597286eb . Signed-off-by:
-
bzr support "worked", but didn't handle any of the actual features we wanted with makepkg. This moves the revision specification to the proper place (extraction, rather than download), and fixes an additional broken reference to $repo which was never set. Fixes FS#35281. Signed-off-by:
-
- 07 May, 2013 4 commits
-
-
Allan McRae authored
Signed-off-by: -
Allan McRae authored
Signed-off-by: -
Signed-off-by:
Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by:
-
Flush stream before taking input in select_question() and only flush once during question(). Also fix some tabs inside related fprintf statements. Signed-off-by:
-
- 30 Apr, 2013 2 commits
-
-
Allan McRae authored
Signed-off-by: -
Signed-off-by:
-
- 28 Apr, 2013 1 commit
-
-
If stdout is already redirected, redirecting stderr to stdout can lead to undesirable results. Fixes FS#34974. Signed-off-by:
-
- 26 Apr, 2013 1 commit
-
-
Allan McRae authored
We currently use the pacman version number in the libalpm.pc file. It makes more sense to use the libalpm version. Fixes FS#34967. Signed-off-by:
-
- 24 Apr, 2013 1 commit
-
-
Signed-off-by:
-
- 18 Apr, 2013 1 commit
-
-
Signed-off-by:
-
- 11 Apr, 2013 6 commits
-
-
Avoids problems with one of the worst CLI tools ever created, su. Fixes FS#34656. Signed-off-by:
-
Allan McRae authored
Copy SVN repos rather than using "svn export" to keep all anotation files in the repo for build scripts that use (e.g.) "svin info". Signed-off-by: -
Allan McRae authored
Using the checkout directory for the SVN config can result in clashes between config files and files from the SVN checkout. Instead, use a ".makepkg" directory within the checkout. Signed-off-by: -
Add support for all bzr URLs, including "lp:" URLs, in the source array. This, however, requires an internet connection and will fall back to the current behavior for offline builds. In that case, only the URL reported by 'bzr config parent_location' run inside the local repo can be used, and is outputted. Signed-off-by:Maxime Gauduin <alucryd@gmail.com>
-
remove_deps already has a check and won't run unless -r is specified, so if this was meant to remove dependencies of a failure no matter what, then it's not doing it, and with -r it is run twice on a failure for no real reason. Signed-off-by:
-
Allan McRae authored
Signed-off-by:
-
- 09 Apr, 2013 3 commits
-
-
Allan McRae authored
Avoid the log file filling up with "[PACMAN] synchronizing package lists". Signed-off-by: -
Signed-off-by:
-
Don't force people to see /etc. Signed-off-by:
-
