From 5dd7ed82e788ebad2e920e0f2db7468cc6547cfe Mon Sep 17 00:00:00 2001 From: root Date: Sat, 29 Dec 2012 02:13:48 -0800 Subject: Sat Dec 29 02:10:20 PST 2012 --- ...flict-for-replacing-owned-empty-directory.patch | 152 +++++++++++++++++++++ .../0002-Check-empty-subdirectory-ownership.patch | 61 +++++++++ ...pgrade-scriptlet-gets-old-package-version.patch | 29 ++++ core/pacman/PKGBUILD | 87 ++++++++++++ core/pacman/makepkg.conf | 121 ++++++++++++++++ core/pacman/pacman.conf | 95 +++++++++++++ core/pacman/pacman.conf.x86_64 | 106 ++++++++++++++ core/pacman/pacman.install | 75 ++++++++++ 8 files changed, 726 insertions(+) create mode 100644 core/pacman/0001-Add-conflict-for-replacing-owned-empty-directory.patch create mode 100644 core/pacman/0002-Check-empty-subdirectory-ownership.patch create mode 100644 core/pacman/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch create mode 100644 core/pacman/PKGBUILD create mode 100644 core/pacman/makepkg.conf create mode 100644 core/pacman/pacman.conf create mode 100644 core/pacman/pacman.conf.x86_64 create mode 100644 core/pacman/pacman.install (limited to 'core/pacman') diff --git a/core/pacman/0001-Add-conflict-for-replacing-owned-empty-directory.patch b/core/pacman/0001-Add-conflict-for-replacing-owned-empty-directory.patch new file mode 100644 index 000000000..85622aaac --- /dev/null +++ b/core/pacman/0001-Add-conflict-for-replacing-owned-empty-directory.patch @@ -0,0 +1,152 @@ +From 717fdb8ee0fd23cf72fc7d2832317f513caefa2c Mon Sep 17 00:00:00 2001 +From: Allan McRae +Date: Sun, 8 Jul 2012 21:36:36 +1000 +Subject: [PATCH 1/4] Add conflict for replacing owned empty directory + +When two packages own an empty directory, pacman finds no conflict when +one of those packages wants to replace the directory with a file or a +symlink. When it comes to actually extracting the new file/symlink, +pacman sees the directory is still there (we do not remove empty +directories if they are owned by a package) and refuses to extract. + +Detect this potential conflict early and bail. Note that it is a +_potential_ conflict and not a guaranteed one as the other package owning +the directory could be updated or removed first which would remove +the conflict. However, pacman currently can not sort package installation +order to ensure this, so this conflict requires manual upgrade ordering. + +Signed-off-by: Allan McRae +Signed-off-by: Dan McGee +--- + lib/libalpm/conflict.c | 32 ++++++++++++++++++++++++++------ + test/pacman/tests/fileconflict009.py | 20 ++++++++++++++++++++ + test/pacman/tests/fileconflict010.py | 20 ++++++++++++++++++++ + 3 files changed, 66 insertions(+), 6 deletions(-) + create mode 100644 test/pacman/tests/fileconflict009.py + create mode 100644 test/pacman/tests/fileconflict010.py + +diff --git a/lib/libalpm/conflict.c b/lib/libalpm/conflict.c +index 32f6f30..efa1a87 100644 +--- a/lib/libalpm/conflict.c ++++ b/lib/libalpm/conflict.c +@@ -328,15 +328,35 @@ const alpm_file_t *_alpm_filelist_contains(alpm_filelist_t *filelist, + return NULL; + } + +-static int dir_belongsto_pkg(const char *root, const char *dirpath, ++static int dir_belongsto_pkg(alpm_handle_t *handle, const char *dirpath, + alpm_pkg_t *pkg) + { ++ alpm_list_t *i; + struct stat sbuf; + char path[PATH_MAX]; + char abspath[PATH_MAX]; +- struct dirent *ent = NULL; + DIR *dir; ++ struct dirent *ent = NULL; ++ const char *root = handle->root; ++ ++ /* TODO: this is an overly strict check but currently pacman will not ++ * overwrite a directory with a file (case 10/11 in add.c). Adjusting that ++ * is not simple as even if the directory is being unowned by a conflicting ++ * package, pacman does not sort this to ensure all required directory ++ * "removals" happen before installation of file/symlink */ ++ ++ /* check that no other _installed_ package owns the directory */ ++ for(i = _alpm_db_get_pkgcache(handle->db_local); i; i = i->next) { ++ if(pkg == i->data) { ++ continue; ++ } ++ ++ if(_alpm_filelist_contains(alpm_pkg_get_files(i->data), dirpath)) { ++ return 0; ++ } ++ } + ++ /* check all files in directory are owned by the package */ + snprintf(abspath, PATH_MAX, "%s%s", root, dirpath); + dir = opendir(abspath); + if(dir == NULL) { +@@ -349,13 +369,13 @@ static int dir_belongsto_pkg(const char *root, const char *dirpath, + if(strcmp(name, ".") == 0 || strcmp(name, "..") == 0) { + continue; + } +- snprintf(path, PATH_MAX, "%s/%s", dirpath, name); ++ snprintf(path, PATH_MAX, "%s%s", dirpath, name); + snprintf(abspath, PATH_MAX, "%s%s", root, path); + if(stat(abspath, &sbuf) != 0) { + continue; + } + if(S_ISDIR(sbuf.st_mode)) { +- if(dir_belongsto_pkg(root, path, pkg)) { ++ if(dir_belongsto_pkg(handle, path, pkg)) { + continue; + } else { + closedir(dir); +@@ -529,9 +549,9 @@ alpm_list_t *_alpm_db_find_fileconflicts(alpm_handle_t *handle, + sprintf(dir, "%s/", filestr); + if(_alpm_filelist_contains(alpm_pkg_get_files(dbpkg), dir)) { + _alpm_log(handle, ALPM_LOG_DEBUG, +- "check if all files in %s belongs to %s\n", ++ "check if all files in %s belong to %s\n", + dir, dbpkg->name); +- resolved_conflict = dir_belongsto_pkg(handle->root, filestr, dbpkg); ++ resolved_conflict = dir_belongsto_pkg(handle, dir, dbpkg); + } + free(dir); + } +diff --git a/test/pacman/tests/fileconflict009.py b/test/pacman/tests/fileconflict009.py +new file mode 100644 +index 0000000..904af4a +--- /dev/null ++++ b/test/pacman/tests/fileconflict009.py +@@ -0,0 +1,20 @@ ++self.description = "dir->symlink change during package upgrade (directory conflict)" ++ ++lp1 = pmpkg("pkg1") ++lp1.files = ["dir/"] ++self.addpkg2db("local", lp1) ++ ++lp2 = pmpkg("pkg2") ++lp2.files = ["dir/"] ++self.addpkg2db("local", lp2) ++ ++p = pmpkg("pkg1", "1.0-2") ++p.files = ["dir -> /usr/dir"] ++self.addpkg2db("sync", p) ++ ++self.args = "-S pkg1" ++ ++self.addrule("PACMAN_RETCODE=1") ++self.addrule("PKG_VERSION=pkg1|1.0-1") ++self.addrule("PKG_VERSION=pkg2|1.0-1") ++self.addrule("DIR_EXIST=dir/") +diff --git a/test/pacman/tests/fileconflict010.py b/test/pacman/tests/fileconflict010.py +new file mode 100644 +index 0000000..0a3ce83 +--- /dev/null ++++ b/test/pacman/tests/fileconflict010.py +@@ -0,0 +1,20 @@ ++self.description = "dir->file change during package upgrade (directory conflict)" ++ ++lp1 = pmpkg("pkg1") ++lp1.files = ["dir/"] ++self.addpkg2db("local", lp1) ++ ++lp2 = pmpkg("pkg2") ++lp2.files = ["dir/"] ++self.addpkg2db("local", lp2) ++ ++p = pmpkg("pkg1", "1.0-2") ++p.files = ["dir"] ++self.addpkg2db("sync", p) ++ ++self.args = "-S pkg1" ++ ++self.addrule("PACMAN_RETCODE=1") ++self.addrule("PKG_VERSION=pkg1|1.0-1") ++self.addrule("PKG_VERSION=pkg2|1.0-1") ++self.addrule("DIR_EXIST=dir/") +-- +1.7.11.1 + diff --git a/core/pacman/0002-Check-empty-subdirectory-ownership.patch b/core/pacman/0002-Check-empty-subdirectory-ownership.patch new file mode 100644 index 000000000..6cf496d16 --- /dev/null +++ b/core/pacman/0002-Check-empty-subdirectory-ownership.patch @@ -0,0 +1,61 @@ +From 44e9fdd0e848382337edb97d41e7317638a67bac Mon Sep 17 00:00:00 2001 +From: Allan McRae +Date: Sun, 8 Jul 2012 23:58:37 +1000 +Subject: [PATCH 2/4] Check empty subdirectory ownership + +When checking if a package owns a directory, it is important to check +not only that all the files in the directory are part of the package, +but also if the directory is part of a package. This catches empty +subdirectories during conflict checking for directory to file/symlink +replacements. + +Signed-off-by: Allan McRae +Signed-off-by: Dan McGee +--- + lib/libalpm/conflict.c | 5 +++++ + test/pacman/tests/fileconflict012.py | 17 +++++++++++++++++ + 2 files changed, 22 insertions(+) + create mode 100644 test/pacman/tests/fileconflict012.py + +diff --git a/lib/libalpm/conflict.c b/lib/libalpm/conflict.c +index efa1a87..d6e5d8c 100644 +--- a/lib/libalpm/conflict.c ++++ b/lib/libalpm/conflict.c +@@ -339,6 +339,11 @@ static int dir_belongsto_pkg(alpm_handle_t *handle, const char *dirpath, + struct dirent *ent = NULL; + const char *root = handle->root; + ++ /* check directory is actually in package - used for subdirectory checks */ ++ if(!_alpm_filelist_contains(alpm_pkg_get_files(pkg), dirpath)) { ++ return 0; ++ } ++ + /* TODO: this is an overly strict check but currently pacman will not + * overwrite a directory with a file (case 10/11 in add.c). Adjusting that + * is not simple as even if the directory is being unowned by a conflicting +diff --git a/test/pacman/tests/fileconflict012.py b/test/pacman/tests/fileconflict012.py +new file mode 100644 +index 0000000..421b739 +--- /dev/null ++++ b/test/pacman/tests/fileconflict012.py +@@ -0,0 +1,17 @@ ++self.description = "dir->file change during package upgrade (filesystem file conflict)" ++ ++lp1 = pmpkg("pkg1") ++lp1.files = ["dir/"] ++self.addpkg2db("local", lp1) ++ ++self.filesystem = ["dir/file"] ++ ++p = pmpkg("pkg1", "1.0-2") ++p.files = ["dir"] ++self.addpkg2db("sync", p) ++ ++self.args = "-S pkg1" ++ ++self.addrule("PACMAN_RETCODE=1") ++self.addrule("PKG_VERSION=pkg1|1.0-1") ++self.addrule("DIR_EXIST=dir/") +-- +1.7.11.1 + diff --git a/core/pacman/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch b/core/pacman/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch new file mode 100644 index 000000000..ae3a57ecd --- /dev/null +++ b/core/pacman/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch @@ -0,0 +1,29 @@ +From 1bf05e706b5edac92e9c913a69ca8686c6440f8b Mon Sep 17 00:00:00 2001 +From: Dan McGee +Date: Fri, 04 May 2012 16:41:40 +0000 +Subject: Ensure pre_upgrade scriptlet gets old package version + +This was accidentally broken in the refactor done in commit 73139ccb. + +Fixes FS#29371. + +Signed-off-by: Dan McGee +--- +diff --git a/lib/libalpm/add.c b/lib/libalpm/add.c +index 6c2f0cb..c49d99b 100644 +--- a/lib/libalpm/add.c ++++ b/lib/libalpm/add.c +@@ -488,8 +488,9 @@ static int commit_single_pkg(alpm_handle_t *handle, alpm_pkg_t *newpkg, + if(alpm_pkg_has_scriptlet(newpkg) && + !(trans->flags & ALPM_TRANS_FLAG_NOSCRIPTLET)) { + const char *scriptlet_name = is_upgrade ? "pre_upgrade" : "pre_install"; +- _alpm_runscriptlet(handle, pkgfile, +- scriptlet_name, newpkg->version, NULL, 1); ++ ++ _alpm_runscriptlet(handle, pkgfile, scriptlet_name, ++ newpkg->version, oldpkg ? oldpkg->version : NULL, 1); + } + + /* we override any pre-set reason if we have alldeps or allexplicit set */ +-- +cgit v0.9.0.2-13-g2bd3 diff --git a/core/pacman/PKGBUILD b/core/pacman/PKGBUILD new file mode 100644 index 000000000..6ee826d15 --- /dev/null +++ b/core/pacman/PKGBUILD @@ -0,0 +1,87 @@ +# vim: set ts=2 sw=2 et: +# $Id: PKGBUILD 171528 2012-11-18 11:37:56Z allan $ +# Maintainer: Dan McGee +# Maintainer: Dave Reisner + +pkgname=pacman +pkgver=4.0.3 +pkgrel=5 +pkgdesc="A library-based package manager with dependency support" +arch=('i686' 'x86_64') +url="http://www.archlinux.org/pacman/" +license=('GPL') +groups=('base') +depends=('bash' 'glibc>=2.15' 'libarchive>=3.0.2' 'curl>=7.19.4' + 'gpgme' 'pacman-mirrorlist' 'archlinux-keyring') +makedepends=('asciidoc') +optdepends=('fakeroot: for makepkg usage as normal user') +backup=(etc/pacman.conf etc/makepkg.conf) +install=pacman.install +options=(!libtool) +source=(ftp://ftp.archlinux.org/other/pacman/$pkgname-$pkgver.tar.gz{,.sig} + 0001-Add-conflict-for-replacing-owned-empty-directory.patch + 0002-Check-empty-subdirectory-ownership.patch + 0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch + pacman.conf + pacman.conf.x86_64 + makepkg.conf) +md5sums=('387965c7125e60e5f0b9ff3b427fe0f9' + '1a70392526c8768470da678b31905a6e' + '1a9b79788640907a2b34e8671cacc94a' + 'a9ddd43891bed364e1e97d27b2887bf1' + '2e8cbf55a94b1954b167c5dee6b62317' + '99734ea46795f466d41c503e9e23b6d4' + '556d49489e82b5750cf026d3b18c8f4f' + '589cd34eb9d5b678455e8289394f523e') + +build() { + cd $srcdir/$pkgname-$pkgver + + patch -p1 -i $srcdir/0001-Add-conflict-for-replacing-owned-empty-directory.patch + patch -p1 -i $srcdir/0002-Check-empty-subdirectory-ownership.patch + patch -p1 -i $srcdir/0003-Ensure-pre_upgrade-scriptlet-gets-old-package-version.patch + + ./configure --prefix=/usr --sysconfdir=/etc \ + --localstatedir=/var --enable-doc + make +} + +check() { + make -C "$pkgname-$pkgver" check +} + +package() { + cd $srcdir/$pkgname-$pkgver + make DESTDIR=$pkgdir install + + # install Arch specific stuff + mkdir -p $pkgdir/etc + case "$CARCH" in + i686) + install -m644 $srcdir/pacman.conf $pkgdir/etc/pacman.conf + mycarch="i686" + mychost="i686-pc-linux-gnu" + myflags="-march=i686" + ;; + x86_64) + install -m644 $srcdir/pacman.conf.x86_64 $pkgdir/etc/pacman.conf + mycarch="x86_64" + mychost="x86_64-unknown-linux-gnu" + myflags="-march=x86-64" + ;; + esac + install -m644 $srcdir/makepkg.conf $pkgdir/etc/ + # set things correctly in the default conf file + sed -i $pkgdir/etc/makepkg.conf \ + -e "s|@CARCH[@]|$mycarch|g" \ + -e "s|@CHOST[@]|$mychost|g" \ + -e "s|@CARCHFLAGS[@]|$myflags|g" + + # install completion files + install -Dm644 contrib/bash_completion "$pkgdir/usr/share/bash-completion/completions/pacman" + for f in makepkg pacman-key; do + ln -s pacman "$pkgdir/usr/share/bash-completion/completions/$f" + done + + install -Dm644 contrib/zsh_completion $pkgdir/usr/share/zsh/site-functions/_pacman +} diff --git a/core/pacman/makepkg.conf b/core/pacman/makepkg.conf new file mode 100644 index 000000000..25ca01590 --- /dev/null +++ b/core/pacman/makepkg.conf @@ -0,0 +1,121 @@ +# +# /etc/makepkg.conf +# + +######################################################################### +# SOURCE ACQUISITION +######################################################################### +# +#-- The download utilities that makepkg should use to acquire sources +# Format: 'protocol::agent' +DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u' + 'http::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' + 'https::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' + 'rsync::/usr/bin/rsync -z %u %o' + 'scp::/usr/bin/scp -C %u %o') + +# Other common tools: +# /usr/bin/snarf +# /usr/bin/lftpget -c +# /usr/bin/wget + +######################################################################### +# ARCHITECTURE, COMPILE FLAGS +######################################################################### +# +CARCH="@CARCH@" +CHOST="@CHOST@" + +#-- Compiler and Linker Flags +# -march (or -mcpu) builds exclusively for an architecture +# -mtune optimizes for an architecture, but builds for whole processor family +CFLAGS="@CARCHFLAGS@ -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2" +CXXFLAGS="@CARCHFLAGS@ -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2" +LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro" +#-- Make Flags: change this for DistCC/SMP systems +#MAKEFLAGS="-j2" + +######################################################################### +# BUILD ENVIRONMENT +######################################################################### +# +# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign) +# A negated environment option will do the opposite of the comments below. +# +#-- fakeroot: Allow building packages as a non-root user +#-- distcc: Use the Distributed C/C++/ObjC compiler +#-- color: Colorize output messages +#-- ccache: Use ccache to cache compilation +#-- check: Run the check() function if present in the PKGBUILD +#-- sign: Generate PGP signature file +# +BUILDENV=(fakeroot !distcc color !ccache check !sign) +# +#-- If using DistCC, your MAKEFLAGS will also need modification. In addition, +#-- specify a space-delimited list of hosts running in the DistCC cluster. +#DISTCC_HOSTS="" +# +#-- Specify a directory for package building. +#BUILDDIR=/tmp/makepkg + +######################################################################### +# GLOBAL PACKAGE OPTIONS +# These are default values for the options=() settings +######################################################################### +# +# Default: OPTIONS=(strip docs libtool emptydirs zipman purge !upx) +# A negated option will do the opposite of the comments below. +# +#-- strip: Strip symbols from binaries/libraries +#-- docs: Save doc directories specified by DOC_DIRS +#-- libtool: Leave libtool (.la) files in packages +#-- emptydirs: Leave empty directories in packages +#-- zipman: Compress manual (man and info) pages in MAN_DIRS with gzip +#-- purge: Remove files specified by PURGE_TARGETS +#-- upx: Compress binary executable files using UPX +# +OPTIONS=(strip docs libtool emptydirs zipman purge !upx) + +#-- File integrity checks to use. Valid: md5, sha1, sha256, sha384, sha512 +INTEGRITY_CHECK=(md5) +#-- Options to be used when stripping binaries. See `man strip' for details. +STRIP_BINARIES="--strip-all" +#-- Options to be used when stripping shared libraries. See `man strip' for details. +STRIP_SHARED="--strip-unneeded" +#-- Options to be used when stripping static libraries. See `man strip' for details. +STRIP_STATIC="--strip-debug" +#-- Manual (man and info) directories to compress (if zipman is specified) +MAN_DIRS=({usr{,/local}{,/share},opt/*}/{man,info}) +#-- Doc directories to remove (if !docs is specified) +DOC_DIRS=(usr/{,local/}{,share/}{doc,gtk-doc} opt/*/{doc,gtk-doc}) +#-- Files to be removed from all packages (if purge is specified) +PURGE_TARGETS=(usr/{,share}/info/dir .packlist *.pod) + +######################################################################### +# PACKAGE OUTPUT +######################################################################### +# +# Default: put built package and cached source in build directory +# +#-- Destination: specify a fixed directory where all packages will be placed +#PKGDEST=/home/packages +#-- Source cache: specify a fixed directory where source files will be cached +#SRCDEST=/home/sources +#-- Source packages: specify a fixed directory where all src packages will be placed +#SRCPKGDEST=/home/srcpackages +#-- Packager: name/email of the person or organization building packages +#PACKAGER="John Doe " +#-- Specify a key to use for package signing +#GPGKEY="" + +######################################################################### +# EXTENSION DEFAULTS +######################################################################### +# +# WARNING: Do NOT modify these variables unless you know what you are +# doing. +# +PKGEXT='.pkg.tar.xz' +SRCEXT='.src.tar.gz' + +# vim: set ft=sh ts=2 sw=2 et: diff --git a/core/pacman/pacman.conf b/core/pacman/pacman.conf new file mode 100644 index 000000000..0596b7a9e --- /dev/null +++ b/core/pacman/pacman.conf @@ -0,0 +1,95 @@ +# +# /etc/pacman.conf +# +# See the pacman.conf(5) manpage for option and repository directives + +# +# GENERAL OPTIONS +# +[options] +# The following paths are commented out with their default values listed. +# If you wish to use different paths, uncomment and update the paths. +#RootDir = / +#DBPath = /var/lib/pacman/ +#CacheDir = /var/cache/pacman/pkg/ +#LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ +HoldPkg = pacman glibc +# If upgrades are available for these packages they will be asked for first +SyncFirst = pacman +#XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u +#CleanMethod = KeepInstalled +Architecture = auto + +# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup +#IgnorePkg = +#IgnoreGroup = + +#NoUpgrade = +#NoExtract = + +# Misc options +#UseSyslog +#UseDelta +#TotalDownload +CheckSpace +#VerbosePkgLists + +# By default, pacman accepts packages signed by keys that its local keyring +# trusts (see pacman-key and its man page), as well as unsigned packages. +#SigLevel = Optional TrustedOnly + +# NOTE: You must run `pacman-key --init` before first using pacman; the local +# keyring can then be populated with the keys of all official Arch Linux +# packagers with `pacman-key --populate archlinux`. + +# +# REPOSITORIES +# - can be defined here or included from another file +# - pacman will search repositories in the order defined here +# - local/custom mirrors can be added here or in separate files +# - repositories listed first will take precedence when packages +# have identical names, regardless of version number +# - URLs will have $repo replaced by the name of the current repo +# - URLs will have $arch replaced by the name of the architecture +# +# Repository entries are of the format: +# [repo-name] +# Server = ServerName +# Include = IncludePath +# +# The header [repo-name] is crucial - it must be present and +# uncommented to enable the repo. +# + +# The testing repositories are disabled by default. To enable, uncomment the +# repo name header and Include lines. You can add preferred servers immediately +# after the header, and they will be used before the default mirrors. + +#[testing] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +[core] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +[extra] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +#[community-testing] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +[community] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +# An example of a custom package repository. See the pacman manpage for +# tips on creating your own repositories. +#[custom] +#SigLevel = Optional TrustAll +#Server = file:///home/custompkgs + diff --git a/core/pacman/pacman.conf.x86_64 b/core/pacman/pacman.conf.x86_64 new file mode 100644 index 000000000..42321bbd9 --- /dev/null +++ b/core/pacman/pacman.conf.x86_64 @@ -0,0 +1,106 @@ +# +# /etc/pacman.conf +# +# See the pacman.conf(5) manpage for option and repository directives + +# +# GENERAL OPTIONS +# +[options] +# The following paths are commented out with their default values listed. +# If you wish to use different paths, uncomment and update the paths. +#RootDir = / +#DBPath = /var/lib/pacman/ +#CacheDir = /var/cache/pacman/pkg/ +#LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ +HoldPkg = pacman glibc +# If upgrades are available for these packages they will be asked for first +SyncFirst = pacman +#XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u +#CleanMethod = KeepInstalled +Architecture = auto + +# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup +#IgnorePkg = +#IgnoreGroup = + +#NoUpgrade = +#NoExtract = + +# Misc options +#UseSyslog +#UseDelta +#TotalDownload +CheckSpace +#VerbosePkgLists + +# By default, pacman accepts packages signed by keys that its local keyring +# trusts (see pacman-key and its man page), as well as unsigned packages. +#SigLevel = Optional TrustedOnly + +# NOTE: You must run `pacman-key --init` before first using pacman; the local +# keyring can then be populated with the keys of all official Arch Linux +# packagers with `pacman-key --populate archlinux`. + +# +# REPOSITORIES +# - can be defined here or included from another file +# - pacman will search repositories in the order defined here +# - local/custom mirrors can be added here or in separate files +# - repositories listed first will take precedence when packages +# have identical names, regardless of version number +# - URLs will have $repo replaced by the name of the current repo +# - URLs will have $arch replaced by the name of the architecture +# +# Repository entries are of the format: +# [repo-name] +# Server = ServerName +# Include = IncludePath +# +# The header [repo-name] is crucial - it must be present and +# uncommented to enable the repo. +# + +# The testing repositories are disabled by default. To enable, uncomment the +# repo name header and Include lines. You can add preferred servers immediately +# after the header, and they will be used before the default mirrors. + +#[testing] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +[core] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +[extra] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +#[community-testing] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +[community] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +# If you want to run 32 bit applications on your x86_64 system, +# enable the multilib repositories as required here. + +#[multilib-testing] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +#[multilib] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +# An example of a custom package repository. See the pacman manpage for +# tips on creating your own repositories. +#[custom] +#SigLevel = Optional TrustAll +#Server = file:///home/custompkgs + diff --git a/core/pacman/pacman.install b/core/pacman/pacman.install new file mode 100644 index 000000000..487819ab7 --- /dev/null +++ b/core/pacman/pacman.install @@ -0,0 +1,75 @@ +#!/bin/sh +# arg 1: the new package version +# arg 2: the old package version +post_upgrade() { + # one time stuff for md5sum issue with older pacman versions + if [ "$(vercmp $2 3.0.2)" -lt 0 ]; then + _resetbackups + fi + if [ "$(vercmp $2 3.5.0)" -lt 0 ]; then + _warnupgrade + fi + if [ ! -f "etc/pacman.d/gnupg/pubring.gpg" ] || [ "$(vercmp $2 4.0.3-2)" -lt 0 ]; then + _check_pubring + fi +} + +post_install() { + _check_pubring +} + +_check_pubring() { + echo " >>> Run \`pacman-key --init; pacman-key --populate archlinux\`" + echo " >>> to import the data required by pacman for package verification." + echo " >>> See: https://www.archlinux.org/news/having-pacman-verify-packages" +} + +_warnupgrade() { + echo ">>> The pacman database format has changed as of pacman 3.5.0." + echo ">>> You will need to run \`pacman-db-upgrade\` as root." + echo ">>>" +} + +_resetbackups() { + echo ">>> Performing one-time reset of NoUpgrade md5sums. After this reset" + echo ">>> you are able to remove all NoUpgrade lines of already protected" + echo ">>> files from pacman.conf." + echo ">>>" + + # path variables + pacconf="/etc/pacman.conf" + dbpath="/var/lib/pacman/local" + + # get a list of NoUpgrade files from the user's pacman.conf + echo ">>> Retrieving pacman.conf NoUpgrade list..." + config=$(grep "^NoUpgrade" $pacconf | cut -d'=' -f2) + # add the standard list of files, even if they are already above + config="$config \ + etc/passwd etc/group etc/shadow etc/sudoers \ + etc/fstab etc/raidtab etc/ld.so.conf \ + etc/rc.conf etc/rc.local \ + etc/modprobe.conf etc/modules.conf \ + etc/lilo.conf boot/grub/menu.lst" + + # blank md5sum for use in sed expression + zeroes='00000000000000000000000000000000' + + for file in $config; do + echo ">>> -> finding owner of /$file..." + line=$(LC_ALL=C LANG=C pacman -Qo /$file 2>/dev/null) + # if file is owned by a package, go find its incorrectly stored sum + if [ ! -z "$line" ]; then + # get the name and version of the package owning file + name=$(echo $line | awk '{print $5}') + version=$(echo $line | awk '{print $6}') + # set the path to the backup array holding the md5sum + path="$dbpath/$name-$version/files" + # run a sed on the path to reset the line containing $file + # NOTE: literal tab characters in sed expression after $file + echo ">>> -> resetting sum of /$file..." + sed -i "s#$file [0-9a-fA-F]*#$file $zeroes#" $path + else + echo ">>> -> $file is unowned." + fi + done +} -- cgit v1.2.3-54-g00ecf