summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-09-28Add support for dpkg frontend lockJulian Andres Klode
The dpkg frontend lock is a lock dpkg tries to acquire except if the frontend already acquires it. This fixes a race condition in the install command where the dpkg lock is not held for a short period of time between different dpkg invocations. For this reason we also define an environment variable DPKG_FRONTEND_LOCKED for dpkg invocations so dpkg knows not to try to acquire the frontend lock because it's held by a parent process. We can set DPKG_FRONTEND_LOCKED only if the frontend lock really is held; that is, if our lock count is greater than 0 - otherwise an apt client not using the LockInner family of functions would run dpkg without the frontend lock set, but with DPKG_FRONTEND_LOCKED set. Such a process has a weaker guarantee: Because dpkg would not lock the frontend lock either, the process is prone to the existing races, and, more importantly, so is a new style process. Closes: #869546 [fixups: fix error messages, add public IsLocked() method, and make {Un,}LockInner return an error on !debSystem] (cherry picked from commit c2c8b4787b0882234ba2772ec7513afbf97b563a) LP: #1781169 (cherry picked from commit 6c0c94ed32b8e679b14b0f89b51c1c336dc0ab9c)
2018-09-28Support records larger than 32kb in 'apt show'David Kalnischkies
The default buffer size for pkgTagFile is 32kb which should be big enough for everything… expect for enormous lists of provides, resulting in: $ apt show librust-winapi-dev E: Unable to parse package file /var/lib/apt/lists/ftp.br.debian.org_debian_dists_unstable_main_binary-amd64_Packages (2) E: Internal Error, Unable to parse a package record The "apt-cache show" codepath uses instead a max size for all files, which seems a bit excessive, but works – using the max size for the file in question seems most appropriate. The patch is written for the 1.6.y series as a rewrite of the related code in the 1.7.y series (commit bf53f39c9a0221b670ffff74053ed36fc502d5a0) removed this problem before it was reported. Closes: #905527 LP: #1787120 (cherry picked from commit 409ceec9ed30cbebd8ece1ef7ce667ab5a32f9df)
2018-07-17apt.conf.autoremove: Add linux-cloud-tools to listJulian Andres Klode
LP: #1698159 (cherry picked from commit 923ba67464960940a19b24a341e896a9338161fb)
2018-06-26Release 1.2.271.2.27Julian Andres Klode
2018-06-25apt.conf.autoremove: Catch some new Ubuntu module packagesJulian Andres Klode
(cherry picked from commit 4ba9412d545232794bd7838e0174df8fda4152b8) LP: #1778551
2018-06-25Fix lock counting in debSystemJulian Andres Klode
debSystem uses a reference counted lock, so you can acquire it multiple times in your applications, possibly nested. Nesting locks causes a fd leak, though, as we only increment the lock count when we already have locked twice, rather than once, and hence when we call lock the second time, instead of increasing the lock count, we open another lock fd. This fixes the code to check if we have locked at all (> 0). There is no practical problem here aside from the fd leak, as closing the new fd releases the lock on the old one due to the weird semantics of fcntl locks. (cherry picked from commit 79f012bd09ae99d4c9d63dc0ac960376b5338b32) (cherry picked from commit 1edcb718293f24ad190703a345f8f868b6e3bcc4) LP: #1778547
2018-04-10don't hang if multiple sources use unavailable methodDavid Kalnischkies
APT clients always noticed if a method isn't supported and nowadays generate a message of the form: E: The method driver …/foobar could not be found. N: Is the package apt-transport-foobar installed? This only worked if a single source was using such an unavailable method through as we were registering the failed config the first round and the second would try to send requests to the not started method, which wouldn't work and hang instead (+ hiding the error messages as they would be shown only at the end of the execution). Closes: 870675 (cherry picked from commit e250a8d8d8ef2f8f8c5e2041f7645c49fba7aa36) (cherry picked from commit 281dbc8e481fbaeaf7310e0800468d4d212711b8) LP: #1762766
2018-03-06Release 1.2.261.2.26Julian Andres Klode
2018-03-06travis: Migrate to Docker to make CI work againJulian Andres Klode
This is based on 1.4.y, but with the old build system, and xenial as the base image.
2018-03-06Revert "http: A response with Content-Length: 0 has no content"Julian Andres Klode
This reverts commit dd547ebaffd2aceb42e2908f1d5f0ab386af6cb1. LP: #1751225
2017-09-26Release 1.2.25 to xenial1.2.25Julian Andres Klode
2017-09-13apt-daily: Pull in network-online.target in service, not timerJulian Andres Klode
There's no real point in pulling it in in the timer already, and it it somewhat saver to do so in the service. (cherry picked from commit 11417c1058e1b8441ee8f30f948e854b7a6ce89e) LP: #1716973 (cherry picked from commit 3e639687bbea08acd34f5a66dc99ea62848b7c17)
2017-09-13don't ask an uninit _system for supported archsDavid Kalnischkies
A libapt user who hasn't initialized _system likely has a reason, so we shouldn't greet back with a segfault usually deep down in the callstack for no reason. If the user had intended to pick up information from the system, _system wouldn't be uninitialized after all. LP: #1613184 SRU: 1.4.y (cherry picked from commit cba5c5a26a9bf00724f8ea647ac61b30e32734ba)
2017-09-13Gracefully terminate process when stopping apt-daily-upgradeBalint Reczey
The main process is guessed by systemd. This prevents killing dpkg run by unattended-upgrades in the middle of installing packages and ensures graceful shutdown. The timeout of 900 seconds after which apt-daily-upgrade.service is killed is in sync with unattended-upgrades's timer. LP: #1690980 (cherry picked from commit 78bc10d4702b30b46d802294ac43cffc34d9c431)
2017-09-13http: A response with Content-Length: 0 has no contentJulian Andres Klode
APT considered any response with a Content-Length to have a body, even if the value of the header was 0. A 0 length body however, is equal to no body. (cherry picked from commit d47fb34ae03566feec7fec6dccba80e45fa03e6f)
2017-09-13Reset failure reason when connection was successfulJulian Andres Klode
When APT was trying multiple addresses, any later error somewhere else would be reported with ConnectionRefused or ConnectionTimedOut as the FailReason because that was set by early connect attempts. This causes APT to handle the failures differently, leading to some weirdly breaking test cases (like the changed one). Add debugging to the previously failing test case so we can find out when something goes wrong there again. (cherry picked from commit d3a70c3e5ae68a0e5a3d4667dd1d0fc0887e6263)
2017-09-13use port from SRV record instead of initial portDavid Kalnischkies
An SRV record includes a portnumber to use with the host given, but apt was ignoring the portnumber and instead used either the port given by the user for the initial host or the default port for the service. In practice the service usually runs on another host on the default port, so it tends to work as intended and even if not and apt can't get a connection there it will gracefully fallback to contacting the initial host with the right port, so its a user invisible bug most of the time. (cherry picked from commit 9bdc09016f9570389451dd619d7e878bfeaa91df)
2017-09-13fix a "critical" typo in old changelog entryRobert Luberda
This typo exposes a bug in apt-listchanges that prevents commands like `apt-listchanges --show-all apt_*.deb' from showing the changelog. The bug will be fixed in next upload of apt-listchanges, but I think it would be nice have the typo fixed as well. Closes: 866358 (cherry picked from commit ec0ebf784d15821786334a4781d0b58b0b163363)
2017-06-19Release 1.2.241.2.24Julian Andres Klode
2017-06-19apt.systemd.daily: Use unattended-ugrade --download-only if availableJulian Andres Klode
Instead of passing -d, which enables a debugging mode; check if unattended-upgrade supports an option --download-only (which is yet to be implemented) and use that. Closes: #863859 Gbp-Dch: Full (cherry picked from commit 31c81a37ac6dceda0c94ce088b338b6b09afd5a4, cedf80c55766868eadc7ed59a27537c9a5d91edf) (cherry picked from commit 80b808940e69d2379d175da1aec97c3301cd0777)
2017-06-19Fix parsing of or groups in build-deps with ignored packagesJulian Andres Klode
If the last alternative(s) of an Or group is ignored, because it does not match an architecture list, we would end up keeping the or flag, effectively making the next AND an OR. For example, when parsing (on amd64): debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386] => debhelper (>= 9), libnacl-dev | Which can cause python-apt to crash. Even worse: debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar => debhelper (>= 9), libnacl-dev [amd64] | foobar By setting the previous alternatives Or flag to the current Or flag if the current alternative is ignored, we solve the issue. LP: #1694697 (cherry picked from commit 7ddf958e370d13f93edc6923bee289b2f6444b41) (cherry picked from commit 423ba4a958b9da02926e586bf59995817cafc32a)
2017-05-19Release 1.2.231.2.23Julian Andres Klode
2017-05-19apt.systemd.daily: Drop the LOCKFD variableJulian Andres Klode
Gbp-Dch: ignore (cherry picked from commit 3819004c2cb3893bfa136f3c44a5783c42cd2a8d) (cherry picked from commit 7e65cbfe4a073aa4e433681a8f52a3b87b31f63d)
2017-05-19apt.systemd.daily: fix error from locking codeAlan Jenkins
Error: pkgs that look like they should be upgraded: Error in function stop Traceback (most recent call last): File "/usr/lib/python3/dist-packages/apt/progress/text.py", line 240, in stop apt_pkg.size_to_str(self.current_cps))).rstrip("\n")) File "/usr/lib/python3/dist-packages/apt/progress/text.py", line 51, in _write self._file.write("\r") AttributeError: 'NoneType' object has no attribute 'write' fetch.run() result: 0 Caused by: LOCKFD=3 unattended_upgrades $LOCKFD>&- Unfortunately this code does not work, it is equivalent to unattended_upgrades 3 >&- I.e. it left fd 3 open, but closed stdout! Closes: #862567 (cherry picked from commit 7b4581cbe8fcf6e2bd56a27c5a7a1e6ea33d2973) (cherry picked from commit 3310f862cba0b997ede8fc4e2d270ab0f6b49e73)
2017-05-05Ubuntu release 1.2.221.2.22Julian Andres Klode
2017-05-05bash-completion: Fix spelling of autocleanMatt Kraai
Closes: #861846 (cherry picked from commit 6ff527b4f8c88ac406effb1d88fdb3c9ab42967b) (cherry picked from commit 732325f9d00cb5c32f4ba7a3d5524a467ff037b2)
2017-05-05Split apt-daily timer into twoJulian Andres Klode
The timer doing downloading runs throughout the day, whereas automatic upgrade and clean actions only happen in the morning. The upgrade service and timer have After= ordering requirements on their non-upgrade counterparts to ensure that upgrading at boot takes place after downloading. LP: #1686470 (cherry picked from commit 496313fb8e83af2ba71f6ce3d729be687c293dfd) (cherry picked from commit a234cfe1466066aa1f404cf01e544f16cb517846)
2017-05-05apt.systemd.daily: Add lockingJulian Andres Klode
Use a lock file to make sure only one instance of the script is running at the same time. (cherry picked from commit ea49b66372912354143b810e2826301d651a2b37) (cherry picked from commit 820b469f0648eaa63356a812cd96ca8c4af6ac71)
2017-05-05Run unattended-upgrade -d in download partJulian Andres Klode
We want to download the upgrades first, if unattended-upgrades is configured. We don't want to use the normal dist-upgrade -d thing for it, though, as unattended-upgrades only upgrades a subset. (cherry picked from commit 01e324a6893164feace153bc17fe6453b6fa97db) (cherry picked from commit f1f796a3c506400f54f4a39b6f43b0494cfb210c)
2017-05-05Allow the daily script to be run in two phasesJulian Andres Klode
This adds an argument to the script which may be update, install, or empty. In the update cases, downloads are performed. In the install case, installs are performed. If empty, both are run. Gbp-Dch: ignore (cherry picked from commit 007b22ee6fd33d9b03637577f8401a43c5e7c90c) (cherry picked from commit d02da9dcaa9daac2a29cf9d9ee3963bf6098fe4e)
2017-04-25Release 1.2.211.2.21Julian Andres Klode
2017-04-25apt-ftparchive: Support '.ddeb' dbgsym packagesUnit 193
(cherry picked from commit c832379bb1163800ed24412fbc19c53eea606a66) (cherry picked from commit 3e26e4e97a6f15bc0fbe16e67aa21165d96a5581)
2017-04-25systemd: Rework timing and add After=network-onlineJulian Andres Klode
The timeout values were so large that the timer could run at any random time of the day, possibly easily interfering with business hours, and causing trouble. Reduce them to 30 minutes of random delay and an accuracy to the default value (1 minute). Also drop the 18:00 event. People still actively use their device during that time, and for servers, there might be less attendance than in the regular 06:00 time slot, so longer time to fix things if something breaks. During a boot, the service might be run to catch up with a timer that would have normally elapsed. Due to no dependencies, it would have run before the network is online - that's bad. Adding an After and a Wants fixes that for boots, but still leaves the same issue for Resume. LP: #1615482 (cherry picked from commit b4f32b13055287d2ac46a08255db475af195b5f7) (cherry picked from commit 6267b47f85588fdd00f6e667598abe52887385ae)
2017-04-25Fix and avoid quoting in CommandLine::AsStringDavid Kalnischkies
In the intended usecase where this serves as a hack there is no problem with double/single quotes being present as we write it to a log file only, but nowadays our calling of apt-key produces a temporary config file containing this "setting" as well and suddently quoting is important as the config file syntax is allergic to it. So the fix is to ignore all quoting whatsoever in the input and just quote (with singles) the option values with spaces. That gives us 99% of the time the correct result and the 1% where the quote is an integral element of the option … doesn't exist – or has bigger problems than a log file not containing the quote. Same goes for newlines in values. LP: #1672710 (cherry picked from commit 2ce15bdeac6ee93faefd4b42b57f035bef80c567) (cherry picked from commit c75620dcfa749f8030e0180df44eec746402885d)
2017-04-25Ignore \.ucf-[a-z]+$ like we do for \.dpkg-[a-z]+$Julian Andres Klode
This gets rid of warnings about .ucf-dist files Reported-By: Axel Beckert (on IRC) (cherry picked from commit 5094697fe4b2459ff6f706a22006d3028369f3fa) (cherry picked from commit 0c42bab8534b4dc95dabdff2a8e08a3574291ec0)
2017-02-27Release 1.2.201.2.20Julian Andres Klode
2017-02-22Don't use -1 fd and AT_SYMLINK_NOFOLLOW for faccessat()Julian Andres Klode
-1 is not an allowed value for the file descriptor, the only allowed non-file-descriptor value is AT_FDCWD. So use that instead. AT_SYMLINK_NOFOLLOW has a weird semantic: It checks whether we have the specified access on the symbolic link. It also is implemented only by glibc on Linux, so it's inherently non-portable. We should just drop it. Thanks: James Clarke for debugging these issues Reported-by: James Clarke <jrtc27@jrtc27.com> (cherry picked from commit 25f54c960d7a4ceca7bd3e21f87baf48d6cbc2d3) (cherry picked from commit 21242490e80dadb167a64c1815c08e1d2258fb61)
2017-02-22Do not package names representing .dsc/.deb/... filesJulian Andres Klode
In the case of build-dep and other commands where a file can be passed we must make sure not to normalize the path name as that can have odd side effects, or well, cause the operation to do nothing. Test for build-dep-file is adjusted to perform the vcard check once as "vcard" and once as "VCard", thus testing that this solves the reported bug. We inline the std::transform() and optimize it a bit to not write anything in the common case (package names are defined to be lowercase, the whole transformation is just for names that should not exist...) to counter the performance hit of the added find() call (it's about 0.15% more instructions than with the existing transform, but we save about 0.67% in writes...). Closes: #854794 (cherry picked from commit 85ee4036c68d8ecd2c973d413a17aca81380900b) (cherry picked from commit 83e6e1a8fc942668f9a01906cb8349fb70a45b3d)
2017-02-22Only merge acquire items with the same meta keyJulian Andres Klode
Since the introduction of by-hash, two differently named files might have the same real URL. In our case, the files icons-64x64.tar.gz and icons-128x128.tar.gz of empty tarballs. APT would try to merge them and end with weird errors because it completed the first download and enters the second stage for decompressing and verifying. After that it would queue a new item to copy the original file to the location, but that copy item would be in the wrong stage, causing it to use the hashes for the decompressed item. Closes: #838441 (cherry picked from commit 7b78e8bef1fc9de22d826db1db9df25f97d3710c) (cherry picked from commit d2749c845954fc1ea38133b050ee49d6f6544235)
2017-02-22COPYING.GPL: Update to recent version (address, LGPL name)Julian Andres Klode
Just copied over from common-licenses. Seems we missed to do that earlier. Gbp-Dch: ignore (cherry picked from commit 84285d17bab32a0ceafe31a5b2be61cc4f520b42) (cherry picked from commit e87c862cbd3aee8200f9752a0023ff53312e6dbd)
2017-02-22travis: Run test suites for root and user in separate build jobsJulian Andres Klode
This hopefully cuts down on the test time. Optimally, we'd just have one build job and parallize, but that requires a tty or something, probably due to GNU parallel? Gbp-Dch: ignore (cherry picked from commit 9b7c71f145e51c2d655ef09fca434d02db08331d) (cherry picked from commit e12dbcbaf486d176762d82f75307b9f5dfa66752)
2017-02-22basehttp: Only read Content-Range on 416 and 206 responsesJulian Andres Klode
This fixes issues with sourceforge where the redirector includes such a Content-Range in a 302 redirect. Since we do not really know what file is meant in a redirect, let's just ignore it for all responses other than 416 and 206. Maybe we should also get rid of the other errors, and just ignore the field in those cases as well? LP: #1657567 (cherry picked from commit 4759a702081297bde66982efed8b2b7fd39ca27c) (cherry picked from commit b5d0e1be09fd07e693bae8046848059f578d029f)
2017-02-22stop rred from leaking debug messages on recovered errorsDavid Kalnischkies
rred can fail for a plentory of reasons, but its failure is usually recoverable (Ign lines) so it shouldn't leak unrequested debug messages to an observing user. Closes: #850759 (cherry picked from commit 2984d7aec37e09b473c7b99f43d20622c25dc99d) (cherry picked from commit d0a345d4a41802e9129b78d70aabd6239a3c651a)
2017-02-22remove 'old' FAILED files in the next acquire callDavid Kalnischkies
If apt renames a file to .FAILED it leaves its namespace and is never touched again – expect since 1.1~exp4 in which "apt clean" will remove those files. The usefulness of these files rapidly degrades if you don't keep the update log itself (together with debug output in the best case) through and on 99% of all system they will be kept around forever just to collect dust over time and eat up space. With this commit an update call will remove all FAILED files of previous runs, so that the FAILED files you have on disk are always only the ones related to the last apt run stopping apt from hoarding files. Closes: 846476 (cherry picked from commit 7ca83492e802967f183babf06ab541b1b51f1703) (cherry picked from commit c8540403ed35fa36e1610fd90aeae8f66c126fdb)
2017-02-22avoid validate/delete/load race in cache generationDavid Kalnischkies
Keeping the Fd of the cache file we have validated around to later load it into the mmap ensures not only that we load the same file (which wouldn't really be a problem in practice), but that this file also still exists and wasn't deleted e.g. by a 'apt clean' call run in parallel. (cherry picked from commit 06606f073210fe3902fe92d5ff77fa1ab621b972) (cherry picked from commit 2e5726edcac4fc9228c6b16281365c3ade189b8b)
2017-02-22don't lock dpkg in update commandsDavid Kalnischkies
The update command acquires a lock on lists/, but at the end it will also require the dpkg/lock while building the binary caches. That seems rather pointless as we are only reading those files, not causing writing in them. This can also cause problems if a package installation is running and a background process (like cron) starts an update: If you are "lucky" enough the update process will pick the dpkg lock in between apt calls causing the installation process to fail. (cherry picked from commit 0d9081598afa051409b03dbdbe5025cd7ce59ba4) (cherry picked from commit b234a610a3818af69952bf85c389588a99b4349f)
2017-02-22don't lock dpkg in 'apt-get clean'David Kalnischkies
We get the archives/lock for clean – that is enough to ensure that other apt instances aren't interfering (or are being interfered with). We don't need to block actions involving dpkg. (cherry picked from commit 22acd327ac39ffe3bb14b3e1f2d1f21761de13ca) (cherry picked from commit e3f9554224c59e1201d00716ef7d7ec046f79f5d)
2017-02-22don't show update stats if cache generation is disabledDavid Kalnischkies
Unlikely that anyone is actually running into this, but if we asked to not generate a cache and avoid it in the first step we shouldn't create one implicitly anyway by displaying the statistics. (cherry picked from commit 33f982b90a4f77be18cb82daf8c79e9c5513761c) (cherry picked from commit 1d017d04c5fdbf71a35e8f154f01bc94305ad798)
2017-02-22use FindB instead of FindI for Debug::pkgAutoRemoveDavid Kalnischkies
Again no practical difference, but for consistency a boolean option should really be accessed via a boolean method rather than an int especially if you happen to try setting the option to "true" … Gbp-Dch: Ignore (cherry picked from commit c15ba854b6736696f164e4d2c243a944e2d4006e) (cherry picked from commit c0dc26456ba74da449eae11c04c3edb3b5f1e35e)
2017-02-22avoid producing invalid options if repo has no hostDavid Kalnischkies
This can happen e.g. for file: repositories. There is no inherent problem with setting such values internally, but its bad style, forbidden in the manpage and could be annoying in the future. Gbp-Dch: Ignore (cherry picked from commit 44ecb8c3579e5ae8828f83530e4151a0ff84d5d6) (cherry picked from commit fec19de5e786564ed8699b38310f7d1a7c348c01)