blob: 5dc55c0c22223433c34c81049409f449e805f9e7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
#!/bin/sh
# arg 1: the new package version
# arg 2: the old package version
post_upgrade() {
# one time stuff for md5sum issue with older pacman versions
if [ "$(vercmp $2 3.0.2)" -lt 0 ]; then
_resetbackups
fi
if [ "$(vercmp $2 3.5.0)" -lt 0 ]; then
_warnupgrade
fi
if [ ! -f "etc/pacman.d/gnupg/pubring.gpg" ] || [ "$(vercmp $2 4.0.3-2)" -lt 0 ]; then
_check_pubring
fi
}
post_install() {
_check_pubring
}
_check_pubring() {
echo " >>> Run \`pacman-key --init; pacman-key --populate archlinux\`"
echo " >>> And \`pacman-key --populate parabola\`"
echo " >>> to import the data required by pacman for package verification."
echo " >>> See: https://www.archlinux.org/news/having-pacman-verify-packages"
}
_warnupgrade() {
echo ">>> The pacman database format has changed as of pacman 3.5.0."
echo ">>> You will need to run \`pacman-db-upgrade\` as root."
echo ">>>"
}
_resetbackups() {
echo ">>> Performing one-time reset of NoUpgrade md5sums. After this reset"
echo ">>> you are able to remove all NoUpgrade lines of already protected"
echo ">>> files from pacman.conf."
echo ">>>"
# path variables
pacconf="/etc/pacman.conf"
dbpath="/var/lib/pacman/local"
# get a list of NoUpgrade files from the user's pacman.conf
echo ">>> Retrieving pacman.conf NoUpgrade list..."
config=$(grep "^NoUpgrade" $pacconf | cut -d'=' -f2)
# add the standard list of files, even if they are already above
config="$config \
etc/passwd etc/group etc/shadow etc/sudoers \
etc/fstab etc/raidtab etc/ld.so.conf \
etc/rc.conf etc/rc.local \
etc/modprobe.conf etc/modules.conf \
etc/lilo.conf boot/grub/menu.lst"
# blank md5sum for use in sed expression
zeroes='00000000000000000000000000000000'
for file in $config; do
echo ">>> -> finding owner of /$file..."
line=$(LC_ALL=C LANG=C pacman -Qo /$file 2>/dev/null)
# if file is owned by a package, go find its incorrectly stored sum
if [ ! -z "$line" ]; then
# get the name and version of the package owning file
name=$(echo $line | awk '{print $5}')
version=$(echo $line | awk '{print $6}')
# set the path to the backup array holding the md5sum
path="$dbpath/$name-$version/files"
# run a sed on the path to reset the line containing $file
# NOTE: literal tab characters in sed expression after $file
echo ">>> -> resetting sum of /$file..."
sed -i "s#$file [0-9a-fA-F]*#$file $zeroes#" $path
else
echo ">>> -> $file is unowned."
fi
done
}
|