Sat Dec 29 02:10:20 PST 2012

author: root <root@rshg054.dnsready.net> 2012-12-29 02:13:48 -0800
committer: root <root@rshg054.dnsready.net> 2012-12-29 02:13:48 -0800
commit: 5dd7ed82e788ebad2e920e0f2db7468cc6547cfe (patch)
tree: f467412e09912ababcd8fe6c05193d829f514dcd /core/pacman
parent: 3009e8addb4a894329bf8ab3e8fb763361833978 (diff)
8 files changed, 726 insertions, 0 deletions
diff --git a/core/pacman/0001-Add-conflict-for-replacing-owned-empty-directory.patch b/core/pacman/0001-Add-conflict-for-replacing-owned-empty-directory.patch
new file mode 100644
index 000000000..85622aaac
--- /dev/null
+++ b/core/pacman/0001-Add-conflict-for-replacing-owned-empty-directory.patch
@@ -0,0 +1,152 @@
+From 717fdb8ee0fd23cf72fc7d2832317f513caefa2c Mon Sep 17 00:00:00 2001
+From: Allan McRae <allan@archlinux.org>
+Date: Sun, 8 Jul 2012 21:36:36 +1000
+Subject: [PATCH 1/4] Add conflict for replacing owned empty directory
+
+When two packages own an empty directory, pacman finds no conflict when
+one of those packages wants to replace the directory with a file or a
+symlink.  When it comes to actually extracting the new file/symlink,
+pacman sees the directory is still there (we do not remove empty
+directories if they are owned by a package) and refuses to extract.
+
+Detect this potential conflict early and bail. Note that it is a
+_potential_ conflict and not a guaranteed one as the other package owning
+the directory could be updated or removed first which would remove
+the conflict.  However, pacman currently can not sort package installation
+order to ensure this, so this conflict requires manual upgrade ordering.
+
+Signed-off-by: Allan McRae <allan@archlinux.org>
+Signed-off-by: Dan McGee <dan@archlinux.org>
+---
+ lib/libalpm/conflict.c               | 32 ++++++++++++++++++++++++++------
+ test/pacman/tests/fileconflict009.py | 20 ++++++++++++++++++++
+ test/pacman/tests/fileconflict010.py | 20 ++++++++++++++++++++
+ 3 files changed, 66 insertions(+), 6 deletions(-)
+ create mode 100644 test/pacman/tests/fileconflict009.py
+ create mode 100644 test/pacman/tests/fileconflict010.py
+
+diff --git a/lib/libalpm/conflict.c b/lib/libalpm/conflict.c
+index 32f6f30..efa1a87 100644
+--- a/lib/libalpm/conflict.c
++++ b/lib/libalpm/conflict.c
+@@ -328,15 +328,35 @@ const alpm_file_t *_alpm_filelist_contains(alpm_filelist_t *filelist,
+ 	return NULL;
+ }
+ 
+-static int dir_belongsto_pkg(const char *root, const char *dirpath,
++static int dir_belongsto_pkg(alpm_handle_t *handle, const char *dirpath,
+ 		alpm_pkg_t *pkg)
+ {
++	alpm_list_t *i;
+ 	struct stat sbuf;
+ 	char path[PATH_MAX];
+ 	char abspath[PATH_MAX];
+-	struct dirent *ent = NULL;
+ 	DIR *dir;
++	struct dirent *ent = NULL;
++	const char *root = handle->root;
++
++	/* TODO: this is an overly strict check but currently pacman will not
++	 * overwrite a directory with a file (case 10/11 in add.c). Adjusting that
++	 * is not simple as even if the directory is being unowned by a conflicting
++	 * package, pacman does not sort this to ensure all required directory
++	 * "removals" happen before installation of file/symlink */
++
++	/* check that no other _installed_ package owns the directory */
++	for(i = _alpm_db_get_pkgcache(handle->db_local); i; i = i->next) {
++		if(pkg == i->data) {
++			continue;
++		}
++
++		if(_alpm_filelist_contains(alpm_pkg_get_files(i->data), dirpath)) {
++			return 0;
++		}
++	}
+ 
++	/* check all files in directory are owned by the package */
+ 	snprintf(abspath, PATH_MAX, "%s%s", root, dirpath);
+ 	dir = opendir(abspath);
+ 	if(dir == NULL) {
+@@ -349,13 +369,13 @@ static int dir_belongsto_pkg(const char *root, const char *dirpath,
+ 		if(strcmp(name, ".") == 0 || strcmp(name, "..") == 0) {
+ 			continue;
+ 		}
+-		snprintf(path, PATH_MAX, "%s/%s", dirpath, name);
++		snprintf(path, PATH_MAX, "%s%s", dirpath, name);
+ 		snprintf(abspath, PATH_MAX, "%s%s", root, path);
+ 		if(stat(abspath, &sbuf) != 0) {
+ 			continue;
+ 		}
+ 		if(S_ISDIR(sbuf.st_mode)) {
+-			if(dir_belongsto_pkg(root, path, pkg)) {
++			if(dir_belongsto_pkg(handle, path, pkg)) {
+ 				continue;
+ 			} else {
+ 				closedir(dir);
+@@ -529,9 +549,9 @@ alpm_list_t *_alpm_db_find_fileconflicts(alpm_handle_t *handle,
+ 				sprintf(dir, "%s/", filestr);
+ 				if(_alpm_filelist_contains(alpm_pkg_get_files(dbpkg), dir)) {
+ 					_alpm_log(handle, ALPM_LOG_DEBUG,
+-							"check if all files in %s belongs to %s\n",
++							"check if all files in %s belong to %s\n",
+ 							dir, dbpkg->name);
+-					resolved_conflict = dir_belongsto_pkg(handle->root, filestr, dbpkg);
++					resolved_conflict = dir_belongsto_pkg(handle, dir, dbpkg);
+ 				}
+ 				free(dir);
+ 			}
+diff --git a/test/pacman/tests/fileconflict009.py b/test/pacman/tests/fileconflict009.py
+new file mode 100644
+index 0000000..904af4a
+--- /dev/null
++++ b/test/pacman/tests/fileconflict009.py
+@@ -0,0 +1,20 @@
++self.description = "dir->symlink change during package upgrade (directory conflict)"
++
++lp1 = pmpkg("pkg1")
++lp1.files = ["dir/"]
++self.addpkg2db("local", lp1)
++
++lp2 = pmpkg("pkg2")
++lp2.files = ["dir/"]
++self.addpkg2db("local", lp2)
++
++p = pmpkg("pkg1", "1.0-2")
++p.files = ["dir -> /usr/dir"]
++self.addpkg2db("sync", p)
++
++self.args = "-S pkg1"
++
++self.addrule("PACMAN_RETCODE=1")
++self.addrule("PKG_VERSION=pkg1|1.0-1")
++self.addrule("PKG_VERSION=pkg2|1.0-1")
++self.addrule("DIR_EXIST=dir/")
+diff --git a/test/pacman/tests/fileconflict010.py b/test/pacman/tests/fileconflict010.py
+new file mode 100644
+index 0000000..0a3ce83
+--- /dev/null
++++ b/test/pacman/tests/fileconflict010.py
+@@ -0,0 +1,20 @@
++self.description = "dir->file change during package upgrade (directory conflict)"
++
++lp1 = pmpkg("pkg1")
++lp1.files = ["dir/"]
++self.addpkg2db("local", lp1)
++
++lp2 = pmpkg("pkg2")
++lp2.files = ["dir/"]
++self.addpkg2db("local", lp2)
++
++p = pmpkg("pkg1", "1.0-2")
++p.files = ["dir"]
++self.addpkg2db("sync", p)
++
++self.args = "-S pkg1"
++
++self.addrule("PACMAN_RETCODE=1")
++self.addrule("PKG_VERSION=pkg1|1.0-1")
++self.addrule("PKG_VERSION=pkg2|1.0-1")
++self.addrule("DIR_EXIST=dir/")
+-- 
+1.7.11.1
+
diff --git a/core/pacman/0002-Check-empty-subdirectory-ownership.patch b/core/pacman/0002-Check-empty-subdirectory-ownership.patch
new file mode 100644
index 000000000..6cf496d16
--- /dev/null
+++ b/core/pacman/0002-Check-empty-subdirectory-ownership.patch
@@ -0,0 +1,61 @@
+From 44e9fdd0e848382337edb97d41e7317638a67bac Mon Sep 17 00:00:00 2001
+From: Allan McRae <allan@archlinux.org>
+Date: Sun, 8 Jul 2012 23:58:37 +1000
+Subject: [PATCH 2/4] Check empty subdirectory ownership
+
+When checking if a package owns a directory, it is important to check
+not only that all the files in the directory are part of the package,
+but also if the directory is part of a package.  This catches empty
+subdirectories during conflict checking for directory to file/symlink
+replacements.
+
+Signed-off-by: Allan McRae <allan@archlinux.org>
+Signed-off-by: Dan McGee <dan@archlinux.org>
+---
+ lib/libalpm/conflict.c               |  5 +++++
+ test/pacman/tests/fileconflict012.py | 17 +++++++++++++++++
+ 2 files changed, 22 insertions(+)
+ create mode 100644 test/pacman/tests/fileconflict012.py
+
+diff --git a/lib/libalpm/conflict.c b/lib/libalpm/conflict.c
+index efa1a87..d6e5d8c 100644
+--- a/lib/libalpm/conflict.c
++++ b/lib/libalpm/conflict.c
+@@ -339,6 +339,11 @@ static int dir_belongsto_pkg(alpm_handle_t *handle, const char *dirpath,
+ 	struct dirent *ent = NULL;
+ 	const char *root = handle->root;
+ 
++	/* check directory is actually in package - used for subdirectory checks */
++	if(!_alpm_filelist_contains(alpm_pkg_get_files(pkg), dirpath)) {
++		return 0;
++	}
++
+ 	/* TODO: this is an overly strict check but currently pacman will not
+ 	 * overwrite a directory with a file (case 10/11 in add.c). Adjusting that
+ 	 * is not simple as even if the directory is being unowned by a conflicting
+diff --git a/test/pacman/tests/fileconflict012.py b/test/pacman/tests/fileconflict012.py
+new file mode 100644
+index 0000000..421b739
+--- /dev/null
++++ b/test/pacman/tests/fileconflict012.py
+@@ -0,0 +1,17 @@
++self.description = "dir->file change during package upgrade (filesystem file conflict)"
++
++lp1 = pmpkg("pkg1")
++lp1.files = ["dir/"]
++self.addpkg2db("local", lp1)
++
++self.filesystem = ["dir/file"]
++
++p = pmpkg("pkg1", "1.0-2")
++p.files = ["dir"]
++self.addpkg2db("sync", p)
++
++self.args = "-S pkg1"
++
++self.addrule("PACMAN_RETCODE=1")
++self.addrule("PKG_VERSION=pkg1|1.0-1")
++self.addrule("DIR_EXIST=dir/")
+-- 
+1.7.11.1
+
diff --git a/core/pacman/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch b/core/pacman/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch
new file mode 100644
index 000000000..ae3a57ecd
--- /dev/null
+++ b/core/pacman/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch
@@ -0,0 +1,29 @@
+From 1bf05e706b5edac92e9c913a69ca8686c6440f8b Mon Sep 17 00:00:00 2001
+From: Dan McGee <dan@archlinux.org>
+Date: Fri, 04 May 2012 16:41:40 +0000
+Subject: Ensure pre_upgrade scriptlet gets old package version
+
+This was accidentally broken in the refactor done in commit 73139ccb.
+
+Fixes FS#29371.
+
+Signed-off-by: Dan McGee <dan@archlinux.org>
+---
+diff --git a/lib/libalpm/add.c b/lib/libalpm/add.c
+index 6c2f0cb..c49d99b 100644
+--- a/lib/libalpm/add.c
++++ b/lib/libalpm/add.c
+@@ -488,8 +488,9 @@ static int commit_single_pkg(alpm_handle_t *handle, alpm_pkg_t *newpkg,
+ 	if(alpm_pkg_has_scriptlet(newpkg) &&
+ 			!(trans->flags & ALPM_TRANS_FLAG_NOSCRIPTLET)) {
+ 		const char *scriptlet_name = is_upgrade ? "pre_upgrade" : "pre_install";
+-		_alpm_runscriptlet(handle, pkgfile,
+-				scriptlet_name, newpkg->version, NULL, 1);
++
++		_alpm_runscriptlet(handle, pkgfile, scriptlet_name,
++				newpkg->version, oldpkg ? oldpkg->version : NULL, 1);
+ 	}
+ 
+ 	/* we override any pre-set reason if we have alldeps or allexplicit set */
+--
+cgit v0.9.0.2-13-g2bd3
diff --git a/core/pacman/PKGBUILD b/core/pacman/PKGBUILD
new file mode 100644
index 000000000..6ee826d15
--- /dev/null
+++ b/core/pacman/PKGBUILD
@@ -0,0 +1,87 @@
+# vim: set ts=2 sw=2 et:
+# $Id: PKGBUILD 171528 2012-11-18 11:37:56Z allan $
+# Maintainer: Dan McGee <dan@archlinux.org>
+# Maintainer: Dave Reisner <dreisner@archlinux.org>
+
+pkgname=pacman
+pkgver=4.0.3
+pkgrel=5
+pkgdesc="A library-based package manager with dependency support"
+arch=('i686' 'x86_64')
+url="http://www.archlinux.org/pacman/"
+license=('GPL')
+groups=('base')
+depends=('bash' 'glibc>=2.15' 'libarchive>=3.0.2' 'curl>=7.19.4'
+         'gpgme' 'pacman-mirrorlist' 'archlinux-keyring')
+makedepends=('asciidoc')
+optdepends=('fakeroot: for makepkg usage as normal user')
+backup=(etc/pacman.conf etc/makepkg.conf)
+install=pacman.install
+options=(!libtool)
+source=(ftp://ftp.archlinux.org/other/pacman/$pkgname-$pkgver.tar.gz{,.sig}
+        0001-Add-conflict-for-replacing-owned-empty-directory.patch
+        0002-Check-empty-subdirectory-ownership.patch
+        0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch
+        pacman.conf
+        pacman.conf.x86_64
+        makepkg.conf)
+md5sums=('387965c7125e60e5f0b9ff3b427fe0f9'
+         '1a70392526c8768470da678b31905a6e'
+         '1a9b79788640907a2b34e8671cacc94a'
+         'a9ddd43891bed364e1e97d27b2887bf1'
+         '2e8cbf55a94b1954b167c5dee6b62317'
+         '99734ea46795f466d41c503e9e23b6d4'
+         '556d49489e82b5750cf026d3b18c8f4f'
+         '589cd34eb9d5b678455e8289394f523e')
+
+build() {
+  cd $srcdir/$pkgname-$pkgver
+
+  patch -p1 -i $srcdir/0001-Add-conflict-for-replacing-owned-empty-directory.patch
+  patch -p1 -i $srcdir/0002-Check-empty-subdirectory-ownership.patch
+  patch -p1 -i $srcdir/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch
+
+  ./configure --prefix=/usr --sysconfdir=/etc \
+    --localstatedir=/var --enable-doc
+  make
+}
+
+check() {
+  make -C "$pkgname-$pkgver" check
+}
+
+package() {
+  cd $srcdir/$pkgname-$pkgver
+  make DESTDIR=$pkgdir install
+
+  # install Arch specific stuff
+  mkdir -p $pkgdir/etc
+  case "$CARCH" in
+    i686)
+      install -m644 $srcdir/pacman.conf $pkgdir/etc/pacman.conf
+      mycarch="i686"
+      mychost="i686-pc-linux-gnu"
+      myflags="-march=i686"
+      ;;
+    x86_64)
+      install -m644 $srcdir/pacman.conf.x86_64 $pkgdir/etc/pacman.conf
+      mycarch="x86_64"
+      mychost="x86_64-unknown-linux-gnu"
+      myflags="-march=x86-64"
+      ;;
+  esac
+  install -m644 $srcdir/makepkg.conf $pkgdir/etc/
+  # set things correctly in the default conf file
+  sed -i $pkgdir/etc/makepkg.conf \
+    -e "s|@CARCH[@]|$mycarch|g" \
+    -e "s|@CHOST[@]|$mychost|g" \
+    -e "s|@CARCHFLAGS[@]|$myflags|g"
+
+  # install completion files
+  install -Dm644 contrib/bash_completion "$pkgdir/usr/share/bash-completion/completions/pacman"
+  for f in makepkg pacman-key; do
+    ln -s pacman "$pkgdir/usr/share/bash-completion/completions/$f"
+  done
+
+  install -Dm644 contrib/zsh_completion $pkgdir/usr/share/zsh/site-functions/_pacman
+}
diff --git a/core/pacman/makepkg.conf b/core/pacman/makepkg.conf
new file mode 100644
index 000000000..25ca01590
--- /dev/null
+++ b/core/pacman/makepkg.conf
@@ -0,0 +1,121 @@
+#
+# /etc/makepkg.conf
+#
+
+#########################################################################
+# SOURCE ACQUISITION
+#########################################################################
+#
+#-- The download utilities that makepkg should use to acquire sources
+#  Format: 'protocol::agent'
+DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u'
+          'http::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'https::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'rsync::/usr/bin/rsync -z %u %o'
+          'scp::/usr/bin/scp -C %u %o')
+
+# Other common tools:
+# /usr/bin/snarf
+# /usr/bin/lftpget -c
+# /usr/bin/wget
+
+#########################################################################
+# ARCHITECTURE, COMPILE FLAGS
+#########################################################################
+#
+CARCH="@CARCH@"
+CHOST="@CHOST@"
+
+#-- Compiler and Linker Flags
+# -march (or -mcpu) builds exclusively for an architecture
+# -mtune optimizes for an architecture, but builds for whole processor family
+CFLAGS="@CARCHFLAGS@ -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2"
+CXXFLAGS="@CARCHFLAGS@ -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2"
+LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro"
+#-- Make Flags: change this for DistCC/SMP systems
+#MAKEFLAGS="-j2"
+
+#########################################################################
+# BUILD ENVIRONMENT
+#########################################################################
+#
+# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign)
+#  A negated environment option will do the opposite of the comments below.
+#
+#-- fakeroot: Allow building packages as a non-root user
+#-- distcc:   Use the Distributed C/C++/ObjC compiler
+#-- color:    Colorize output messages
+#-- ccache:   Use ccache to cache compilation
+#-- check:    Run the check() function if present in the PKGBUILD
+#-- sign:     Generate PGP signature file
+#
+BUILDENV=(fakeroot !distcc color !ccache check !sign)
+#
+#-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
+#-- specify a space-delimited list of hosts running in the DistCC cluster.
+#DISTCC_HOSTS=""
+#
+#-- Specify a directory for package building.
+#BUILDDIR=/tmp/makepkg
+
+#########################################################################
+# GLOBAL PACKAGE OPTIONS
+#   These are default values for the options=() settings
+#########################################################################
+#
+# Default: OPTIONS=(strip docs libtool emptydirs zipman purge !upx)
+#  A negated option will do the opposite of the comments below.
+#
+#-- strip:     Strip symbols from binaries/libraries
+#-- docs:      Save doc directories specified by DOC_DIRS
+#-- libtool:   Leave libtool (.la) files in packages
+#-- emptydirs: Leave empty directories in packages
+#-- zipman:    Compress manual (man and info) pages in MAN_DIRS with gzip
+#-- purge:     Remove files specified by PURGE_TARGETS
+#-- upx:       Compress binary executable files using UPX
+#
+OPTIONS=(strip docs libtool emptydirs zipman purge !upx)
+
+#-- File integrity checks to use. Valid: md5, sha1, sha256, sha384, sha512
+INTEGRITY_CHECK=(md5)
+#-- Options to be used when stripping binaries. See `man strip' for details.
+STRIP_BINARIES="--strip-all"
+#-- Options to be used when stripping shared libraries. See `man strip' for details.
+STRIP_SHARED="--strip-unneeded"
+#-- Options to be used when stripping static libraries. See `man strip' for details.
+STRIP_STATIC="--strip-debug"
+#-- Manual (man and info) directories to compress (if zipman is specified)
+MAN_DIRS=({usr{,/local}{,/share},opt/*}/{man,info})
+#-- Doc directories to remove (if !docs is specified)
+DOC_DIRS=(usr/{,local/}{,share/}{doc,gtk-doc} opt/*/{doc,gtk-doc})
+#-- Files to be removed from all packages (if purge is specified)
+PURGE_TARGETS=(usr/{,share}/info/dir .packlist *.pod)
+
+#########################################################################
+# PACKAGE OUTPUT
+#########################################################################
+#
+# Default: put built package and cached source in build directory
+#
+#-- Destination: specify a fixed directory where all packages will be placed
+#PKGDEST=/home/packages
+#-- Source cache: specify a fixed directory where source files will be cached
+#SRCDEST=/home/sources
+#-- Source packages: specify a fixed directory where all src packages will be placed
+#SRCPKGDEST=/home/srcpackages
+#-- Packager: name/email of the person or organization building packages
+#PACKAGER="John Doe <john@doe.com>"
+#-- Specify a key to use for package signing
+#GPGKEY=""
+
+#########################################################################
+# EXTENSION DEFAULTS
+#########################################################################
+#
+# WARNING: Do NOT modify these variables unless you know what you are
+#          doing.
+#
+PKGEXT='.pkg.tar.xz'
+SRCEXT='.src.tar.gz'
+
+# vim: set ft=sh ts=2 sw=2 et:
diff --git a/core/pacman/pacman.conf b/core/pacman/pacman.conf
new file mode 100644
index 000000000..0596b7a9e
--- /dev/null
+++ b/core/pacman/pacman.conf
@@ -0,0 +1,95 @@
+#
+# /etc/pacman.conf
+#
+# See the pacman.conf(5) manpage for option and repository directives
+
+#
+# GENERAL OPTIONS
+#
+[options]
+# The following paths are commented out with their default values listed.
+# If you wish to use different paths, uncomment and update the paths.
+#RootDir     = /
+#DBPath      = /var/lib/pacman/
+#CacheDir    = /var/cache/pacman/pkg/
+#LogFile     = /var/log/pacman.log
+#GPGDir      = /etc/pacman.d/gnupg/
+HoldPkg     = pacman glibc
+# If upgrades are available for these packages they will be asked for first
+SyncFirst   = pacman
+#XferCommand = /usr/bin/curl -C - -f %u > %o
+#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
+#CleanMethod = KeepInstalled
+Architecture = auto
+
+# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
+#IgnorePkg   =
+#IgnoreGroup =
+
+#NoUpgrade   =
+#NoExtract   =
+
+# Misc options
+#UseSyslog
+#UseDelta
+#TotalDownload
+CheckSpace
+#VerbosePkgLists
+
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
+#SigLevel = Optional TrustedOnly
+
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
+#
+# REPOSITORIES
+#   - can be defined here or included from another file
+#   - pacman will search repositories in the order defined here
+#   - local/custom mirrors can be added here or in separate files
+#   - repositories listed first will take precedence when packages
+#     have identical names, regardless of version number
+#   - URLs will have $repo replaced by the name of the current repo
+#   - URLs will have $arch replaced by the name of the architecture
+#
+# Repository entries are of the format:
+#       [repo-name]
+#       Server = ServerName
+#       Include = IncludePath
+#
+# The header [repo-name] is crucial - it must be present and
+# uncommented to enable the repo.
+#
+
+# The testing repositories are disabled by default. To enable, uncomment the
+# repo name header and Include lines. You can add preferred servers immediately
+# after the header, and they will be used before the default mirrors.
+
+#[testing]
+#SigLevel = PackageRequired
+#Include = /etc/pacman.d/mirrorlist
+
+[core]
+SigLevel = PackageRequired
+Include = /etc/pacman.d/mirrorlist
+
+[extra]
+SigLevel = PackageRequired
+Include = /etc/pacman.d/mirrorlist
+
+#[community-testing]
+#SigLevel = PackageRequired
+#Include = /etc/pacman.d/mirrorlist
+
+[community]
+SigLevel = PackageRequired
+Include = /etc/pacman.d/mirrorlist
+
+# An example of a custom package repository.  See the pacman manpage for
+# tips on creating your own repositories.
+#[custom]
+#SigLevel = Optional TrustAll
+#Server = file:///home/custompkgs
+
diff --git a/core/pacman/pacman.conf.x86_64 b/core/pacman/pacman.conf.x86_64
new file mode 100644
index 000000000..42321bbd9
--- /dev/null
+++ b/core/pacman/pacman.conf.x86_64
@@ -0,0 +1,106 @@
+#
+# /etc/pacman.conf
+#
+# See the pacman.conf(5) manpage for option and repository directives
+
+#
+# GENERAL OPTIONS
+#
+[options]
+# The following paths are commented out with their default values listed.
+# If you wish to use different paths, uncomment and update the paths.
+#RootDir     = /
+#DBPath      = /var/lib/pacman/
+#CacheDir    = /var/cache/pacman/pkg/
+#LogFile     = /var/log/pacman.log
+#GPGDir      = /etc/pacman.d/gnupg/
+HoldPkg     = pacman glibc
+# If upgrades are available for these packages they will be asked for first
+SyncFirst   = pacman
+#XferCommand = /usr/bin/curl -C - -f %u > %o
+#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
+#CleanMethod = KeepInstalled
+Architecture = auto
+
+# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
+#IgnorePkg   =
+#IgnoreGroup =
+
+#NoUpgrade   =
+#NoExtract   =
+
+# Misc options
+#UseSyslog
+#UseDelta
+#TotalDownload
+CheckSpace
+#VerbosePkgLists
+
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
+#SigLevel = Optional TrustedOnly
+
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
+#
+# REPOSITORIES
+#   - can be defined here or included from another file
+#   - pacman will search repositories in the order defined here
+#   - local/custom mirrors can be added here or in separate files
+#   - repositories listed first will take precedence when packages
+#     have identical names, regardless of version number
+#   - URLs will have $repo replaced by the name of the current repo
+#   - URLs will have $arch replaced by the name of the architecture
+#
+# Repository entries are of the format:
+#       [repo-name]
+#       Server = ServerName
+#       Include = IncludePath
+#
+# The header [repo-name] is crucial - it must be present and
+# uncommented to enable the repo.
+#
+
+# The testing repositories are disabled by default. To enable, uncomment the
+# repo name header and Include lines. You can add preferred servers immediately
+# after the header, and they will be used before the default mirrors.
+
+#[testing]
+#SigLevel = PackageRequired
+#Include = /etc/pacman.d/mirrorlist
+
+[core]
+SigLevel = PackageRequired
+Include = /etc/pacman.d/mirrorlist
+
+[extra]
+SigLevel = PackageRequired
+Include = /etc/pacman.d/mirrorlist
+
+#[community-testing]
+#SigLevel = PackageRequired
+#Include = /etc/pacman.d/mirrorlist
+
+[community]
+SigLevel = PackageRequired
+Include = /etc/pacman.d/mirrorlist
+
+# If you want to run 32 bit applications on your x86_64 system,
+# enable the multilib repositories as required here.
+
+#[multilib-testing]
+#SigLevel = PackageRequired
+#Include = /etc/pacman.d/mirrorlist
+
+#[multilib]
+#SigLevel = PackageRequired
+#Include = /etc/pacman.d/mirrorlist
+
+# An example of a custom package repository.  See the pacman manpage for
+# tips on creating your own repositories.
+#[custom]
+#SigLevel = Optional TrustAll
+#Server = file:///home/custompkgs
+
diff --git a/core/pacman/pacman.install b/core/pacman/pacman.install
new file mode 100644
index 000000000..487819ab7
--- /dev/null
+++ b/core/pacman/pacman.install
@@ -0,0 +1,75 @@
+#!/bin/sh
+# arg 1:  the new package version
+# arg 2:  the old package version
+post_upgrade() {
+    # one time stuff for md5sum issue with older pacman versions
+    if [ "$(vercmp $2 3.0.2)" -lt 0 ]; then
+        _resetbackups
+    fi
+    if [ "$(vercmp $2 3.5.0)" -lt 0 ]; then
+        _warnupgrade
+    fi
+    if [ ! -f "etc/pacman.d/gnupg/pubring.gpg" ] || [ "$(vercmp $2 4.0.3-2)" -lt 0 ]; then
+        _check_pubring
+    fi
+}
+
+post_install() {
+    _check_pubring
+}
+
+_check_pubring() {
+    echo " >>> Run  \`pacman-key --init; pacman-key --populate archlinux\`"
+    echo " >>> to import the data required by pacman for package verification."
+    echo " >>> See: https://www.archlinux.org/news/having-pacman-verify-packages"
+}
+
+_warnupgrade() {
+    echo ">>> The pacman database format has changed as of pacman 3.5.0."
+    echo ">>> You will need to run \`pacman-db-upgrade\` as root."
+    echo ">>>"
+}
+
+_resetbackups() {
+    echo ">>> Performing one-time reset of NoUpgrade md5sums. After this reset"
+    echo ">>> you are able to remove all NoUpgrade lines of already protected"
+    echo ">>> files from pacman.conf."
+    echo ">>>"
+
+    # path variables
+    pacconf="/etc/pacman.conf"
+    dbpath="/var/lib/pacman/local"
+
+    # get a list of NoUpgrade files from the user's pacman.conf
+    echo ">>> Retrieving pacman.conf NoUpgrade list..."
+    config=$(grep "^NoUpgrade" $pacconf | cut -d'=' -f2)
+    # add the standard list of files, even if they are already above
+    config="$config \
+    etc/passwd etc/group etc/shadow etc/sudoers \
+    etc/fstab etc/raidtab etc/ld.so.conf \
+    etc/rc.conf etc/rc.local \
+    etc/modprobe.conf etc/modules.conf \
+    etc/lilo.conf boot/grub/menu.lst"
+
+    # blank md5sum for use in sed expression
+    zeroes='00000000000000000000000000000000'
+
+    for file in $config; do
+        echo ">>> -> finding owner of /$file..."
+        line=$(LC_ALL=C LANG=C pacman -Qo /$file 2>/dev/null)
+        # if file is owned by a package, go find its incorrectly stored sum
+        if [ ! -z "$line" ]; then
+            # get the name and version of the package owning file
+            name=$(echo $line | awk '{print $5}')
+            version=$(echo $line | awk '{print $6}')
+            # set the path to the backup array holding the md5sum
+            path="$dbpath/$name-$version/files"
+            # run a sed on the path to reset the line containing $file
+            # NOTE: literal tab characters in sed expression after $file
+            echo ">>> -> resetting sum of /$file..."
+            sed -i "s#$file [0-9a-fA-F]*#$file  $zeroes#" $path
+        else
+            echo ">>> -> $file is unowned."
+        fi
+    done
+}
author	root <root@rshg054.dnsready.net>	2012-12-29 02:13:48 -0800
committer	root <root@rshg054.dnsready.net>	2012-12-29 02:13:48 -0800
commit	5dd7ed82e788ebad2e920e0f2db7468cc6547cfe (patch)
tree	f467412e09912ababcd8fe6c05193d829f514dcd /core/pacman
parent	3009e8addb4a894329bf8ab3e8fb763361833978 (diff)