From d568b8aeb0be95d6a1da7da0434de23e6b2260e2 Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Wed, 23 Mar 2011 19:50:56 +0100 Subject: Add support for packages which use the epoch variable --- db-functions | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'db-functions') diff --git a/db-functions b/db-functions index 7d431fc..676ecf4 100644 --- a/db-functions +++ b/db-functions @@ -71,6 +71,19 @@ in_array() { return 1 # Not Found } +## +# usage : get_full_version( $epoch, $pkgver, $pkgrel ) +# return : full version spec, including epoch (if necessary), pkgver, pkgrel +## +get_full_version() { + if [[ $1 -eq 0 ]]; then + # zero epoch case, don't include it in version + echo $2-$3 + else + echo $1:$2-$3 + fi +} + script_lock() { local LOCKDIR="$TMPDIR/.scriptlock.$(basename $0)" if ! mkdir "$LOCKDIR" >/dev/null 2>&1 ; then @@ -328,7 +341,7 @@ check_pkgsvn() { [ $? -ge 1 ] && return 1 fi - local svnver="$(. "${WORKDIR}/pkgbuilds/${repo}-${_pkgarch}/${_pkgbase}"; echo "${pkgver}-${pkgrel}")" + local svnver="$(. "${WORKDIR}/pkgbuilds/${repo}-${_pkgarch}/${_pkgbase}"; echo $(get_full_version ${epoch:-0} ${pkgver} ${pkgrel}) )" [ "${svnver}" == "${_pkgver}" ] || return 1 local svnnames=($(. "${WORKDIR}/pkgbuilds/${repo}-${_pkgarch}/${_pkgbase}"; echo ${pkgname[@]})) -- cgit v1.2.3 From fc6a6ab07bde03c7f20d5a4ed971f8e699ee9b20 Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Sat, 26 Mar 2011 14:13:57 +0100 Subject: Use repo-add to create the files database for each repo --- db-functions | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) (limited to 'db-functions') diff --git a/db-functions b/db-functions index 676ecf4..b469039 100644 --- a/db-functions +++ b/db-functions @@ -148,7 +148,8 @@ trap cleanup EXIT #repo_lock [timeout] repo_lock () { local LOCKDIR="$TMPDIR/.repolock.$1.$2" - local LOCKFILE="${FTP_BASE}/${1}/os/${2}/${1}${DBEXT}.lck" + local DBLOCKFILE="${FTP_BASE}/${1}/os/${2}/${1}${DBEXT}.lck" + local FILESLOCKFILE="${FTP_BASE}/${1}/os/${2}/${1}${FILESEXT}.lck" local _count local _trial local _timeout @@ -156,8 +157,12 @@ repo_lock () { local _owner # This is the lock file used by repo-add and repo-remove - if [ -f "${LOCKFILE}" ]; then - error "Repo [${1}] (${2}) is already locked by repo-{add,remove} process $(cat $LOCKFILE)" + if [ -f "${DBLOCKFILE}" ]; then + error "Repo [${1}] (${2}) is already locked by repo-{add,remove} process $(cat $DBLOCKFILE)" + return 1 + fi + if [ -f "${FILESLOCKFILE}" ]; then + error "Repo [${1}] (${2}) is already locked by repo-{add,remove} process $(cat ${FILESLOCKFILE})" return 1 fi @@ -445,6 +450,7 @@ check_repo_permission() { local dir="${FTP_BASE}/${repo}/os/${arch}/" [ -w "${dir}" ] || return 1 [ -f "${dir}"${repo}${DBEXT} -a ! -w "${dir}"${repo}${DBEXT} ] && return 1 + [ -f "${dir}"${repo}${FILESEXT} -a ! -w "${dir}"${repo}${FILESEXT} ] && return 1 done return 0 @@ -454,11 +460,14 @@ set_repo_permission() { local repo=$1 local arch=$2 local dbfile="${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT}" + local filesfile="${FTP_BASE}/${repo}/os/${arch}/${repo}${FILESEXT}" if [ -w "${dbfile}" ]; then local group=$(/usr/bin/stat --printf='%G' "$(dirname "${dbfile}")") chgrp $group "${dbfile}" || error "Could not change group of ${dbfile} to $group" + chgrp $group "${filesfile}" || error "Could not change group of ${filesfile} to $group" chmod g+w "${dbfile}" || error "Could not set write permission for group $group to ${dbfile}" + chmod g+w "${filesfile}" || error "Could not set write permission for group $group to ${filesfile}" else error "You don't have permission to change ${dbfile}" fi @@ -471,8 +480,10 @@ arch_repo_add() { # package files might be relative to repo dir pushd "${FTP_BASE}/${repo}/os/${arch}" >/dev/null - /usr/bin/repo-add -q "${repo}${DBEXT}" ${pkgs[@]} >/dev/null \ + /usr/bin/repo-add -q "${repo}${DBEXT}" ${pkgs[@]} \ || error "repo-add ${repo}${DBEXT} ${pkgs[@]}" + /usr/bin/repo-add -f -q "${repo}${FILESEXT}" ${pkgs[@]} \ + || error "repo-add -f ${repo}${FILESEXT} ${pkgs[@]}" popd >/dev/null set_repo_permission "${repo}" "${arch}" } @@ -482,12 +493,15 @@ arch_repo_remove() { local arch=$2 local pkgs=(${@:3}) local dbfile="${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT}" + local filesfile="${FTP_BASE}/${repo}/os/${arch}/${repo}${FILESEXT}" if [ ! -f "${dbfile}" ]; then error "No database found at '${dbfile}'" return 1 fi - /usr/bin/repo-remove -q "${dbfile}" ${pkgs[@]} >/dev/null \ + /usr/bin/repo-remove -q "${dbfile}" ${pkgs[@]} \ || error "repo-remove ${dbfile} ${pkgs[@]}" + /usr/bin/repo-remove -q "${filesfile}" ${pkgs[@]} \ + || error "repo-remove ${filesfile} ${pkgs[@]}" set_repo_permission "${repo}" "${arch}" } -- cgit v1.2.3 From 1ce0c6368d0908e25f9bd1bb8183b5f29053fac8 Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Sat, 2 Apr 2011 13:19:05 +0200 Subject: Add simple checks for handling signed packages In addition to this dbscripts wont accept unsigned pacakges when REQUIRE_SIGNATURE is set to true. Note: At this point no signature verification is performed at all. --- db-functions | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'db-functions') diff --git a/db-functions b/db-functions index b469039..a3e2168 100644 --- a/db-functions +++ b/db-functions @@ -284,6 +284,9 @@ getpkgfile() { elif [ ! -f "${1}" ]; then error "Package ${1} not found!" exit 1 + elif ${REQUIRE_SIGNATURE} && [ ! -f "${1}.sig" ]; then + error "Package signature ${1}.sig not found!" + exit 1 fi echo ${1} @@ -300,6 +303,9 @@ getpkgfiles() { if [ ! -f "${f}" ]; then error "Package ${f} not found!" exit 1 + elif ${REQUIRE_SIGNATURE} && [ ! -f "${f}.sig" ]; then + error "Package signature ${f}.sig not found!" + exit 1 fi done @@ -411,14 +417,18 @@ check_pkgrepos() { [ $? -ge 1 ] && return 1 [ -f "${FTP_BASE}/${PKGPOOL}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT} ] && return 1 + [ -f "${FTP_BASE}/${PKGPOOL}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT}.sig ] && return 1 [ -f "${FTP_BASE}/${PKGPOOL}/$(basename ${pkgfile})" ] && return 1 + [ -f "${FTP_BASE}/${PKGPOOL}/$(basename ${pkgfile}).sig" ] && return 1 local repo local arch for repo in ${PKGREPOS[@]}; do for arch in ${ARCHES[@]}; do [ -f "${FTP_BASE}/${repo}/os/${arch}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT} ] && return 1 + [ -f "${FTP_BASE}/${repo}/os/${arch}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT}.sig ] && return 1 [ -f "${FTP_BASE}/${repo}/os/${arch}/$(basename ${pkgfile})" ] && return 1 + [ -f "${FTP_BASE}/${repo}/os/${arch}/$(basename ${pkgfile}).sig" ] && return 1 done done -- cgit v1.2.3