summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-11-27use pre-build hook to check for pre-export executionDavid Kalnischkies
Git-Dch: Ignore
2015-11-27debian/gbp.conf: point debian-branch to masterMichael Vogt
Git-Dch: ignore
2015-11-27Check if the Apt::Sandbox::User exists in CheckDropPrivsMustBeDisabled()Michael Vogt
If it does not exist disabled priv dropping as there is nothing we can drop to. This will unblock people with special chroots or systems that deleted the "_apt" user. Closes: #806406
2015-11-27Deal with killed acquire methods properly instead of hangingMichael Vogt
This fixes a regression caussed by commit 95278287f4e1eeaf5d96749d6fc9bfc53fb400d0 that moved the error detection of RunFds() later into the loop. However this broke detecting issues like dead acquire methods. Instead of relying on the global error state (which is bad) we now pass a boolean value back from RunFds() and break on false. Closes: #806406
2015-11-26release apt 1.11.1Michael Vogt
2015-11-26Do not run pre*export* functions in the pre*build* hookMichael Vogt
Unfortunately it seems like git-buildpackage does not have a pre-export hook so the hook is disabled for now. Git-Dch: ignore
2015-11-26Fix missing </literal> in sources.list.5.xml pageMichael Vogt
Git-Dch: ignore
2015-11-26Merge remote-tracking branch 'donkult/debian/experimental' into ↵Michael Vogt
debian/experimental
2015-11-26reword Trusted paragraph in sources.list(5)Justin B Rye
Git-Dch: Ignore
2015-11-25Run ./prepare-release pre-exportMichael Vogt
2015-11-25Prepare release 1.1~exp17Michael Vogt
2015-11-25update manpage last-modified from git via pre-export hookDavid Kalnischkies
Never updating this information is wrong, updating it automatically isn't super correct either, but it seems conventional to have it and updating it more often than needed seems better than updating it never. Git-Dch: Ignore
2015-11-25enforce a slightly more sensible default headerDavid Kalnischkies
In 12f7536 I chose to opt for a slightly better text which avoids assigning copyright to the FSF (not because it would be wrong to do it, but is usually not what the contributor intended, but just the default. xgettext has a --foreign flag for avoiding the copyright, but po4a hasn't and an empty copyright-holder doesn't work either, so this little rework of files with sed and cat. Git-Dch: Ignore
2015-11-25typo: run s#frontend#front-end# on all of src:aptDavid Kalnischkies
The manpages were fixed by Justin B Rye, lets deal with the rest now. Git-Dch: Ignore
2015-11-25review sources.list(5) manpageJustin B Rye
2015-11-25review apt-secure(8) manpageJustin B Rye
2015-11-25review apt-mark(8) manpageJustin B Rye
2015-11-25review apt(8) manpageJustin B Rye
2015-11-25slightly rephrase notice shown for insecure repositoriesJustin B Rye
Git-Dch: Ignore
2015-11-24releasing package apt version 1.1~exp161.1_exp16Michael Vogt
2015-11-21show potentially arch-qualified fullname in 'apt show'David Kalnischkies
We do not show the architecture as a dedicated field as this is rather technical information, but as packagename it makes sense to show the architecture as other part of apt will refer to it in this way.
2015-11-21review of new/changed translatable program stringsJustin B Rye
Reference mail: https://lists.debian.org/debian-l10n-english/2015/11/msg00006.html
2015-11-21do not sent Last-Modified if we expect a changed fileDavid Kalnischkies
In 8d041b4f we made apt figure out based on the last Release file it has if it should request a file or not given that the hashes changed or not. So if we have a last Release file and do a request, do not sent a Last-Modified header as we expect a change so much that a non-change would indeed be an error. The Last-Modified header is therefore at best ignored by the server, so sending it is just wasted effort. In the worst case as time is a fragile thing the server decides against sending us an update with the idea that we already have the latest content, which we know for a fact that we haven't. Given that we sent less information to the server our request is on its own also less identifiable as coming from a returning or new user. The disadvantage is that if we end up getting an old index file after getting a new Release file from another mirror the old mirror will not be able to tell us 'Hit', but instead sends us the complete file we discard, but both lets us end up with the same error class in the end, so the difference isn't big in practice.
2015-11-20fix a few typos in code-comments/apt manpageDavid Kalnischkies
Reported-By: codespell Git-Dch: Ignore
2015-11-20do not segfault in cache generation on mmap failureDavid Kalnischkies
Out of memory and similar circumstanzas could cause MMap::Map to fail and especially the mmap/malloc calls in it. With some additional checking we can avoid segfaults and similar in such situations – at least in theory as if this is a real out of memory everything we do to handle the error could just as well run into a memory problem as well… But at least in theory (if MMap::Map is made to fail always) we can deal with it so good that a user actually never sees a failure (as the cache it tries to load with it fails and is discarded, so that DynamicMMap takes over and a new one is build) instead of segfaulting. Closes: 803417
2015-11-19do not rerun ./configure causing FTCBFS with newer autotools-devDavid Kalnischkies
If the config.{sub,guess} files we linked in were newer than our configure script we ended up recreating configure and then rerun it without all the configuration options which were (potentially) present for a previous run. We avoid this by changing to the same ruleset as in the debian/rules file which compares the config.* files against a stamp file rather than the configure script itself as its the configuration itself which depends on all scripts, not configure on the config scripts. While at it, we also drop the 'make -s dirs' call as we don't need to do it explicitly here as proper dependencies will take care of it. Thanks: Helmut Grohne for the detailed bugreport. Closes: 804923
2015-11-19update libapt-{pkg,inst} symbols filesDavid Kalnischkies
2015-11-19move -std=c++11 from CXX to new CXXSTDDavid Kalnischkies
The hack introduced in aa91826f is replaced with a hopefully better working "proper" solution with a new variable just for the standard we use everywhere we use CXXFLAGS. Git-Dch: Ignore
2015-11-19ignore lost+found in private directory cleanupDavid Kalnischkies
In ce1f3a2c we started warning about failing unlinking, which we consistently do for directories. That isn't a problem as directories usually aren't in the places we do want to clean up – with the potential exeception of "lost+found", so lets ignore it like we ignore our own partial/ subdirectory. Closes: 805424
2015-11-19tests: use quiet level 0 by default in testsDavid Kalnischkies
Git-Dch: Ignore
2015-11-19support setting empty values (sanely) & removing support forDavid Kalnischkies
space-gapping: '-o option= value' That is a very old feature (straight from 1998), but it is super surprising if you try setting empty values and instead get error messages or a non-empty value as the next parameter is treated as the value – which could have been empty, so if for some reason you need a compatible way of setting an empty value try: '-o option="" ""'. I can only guess that the idea was to support '-o option value', but we survived 17 years without it, we will do fine in the future I guess. Similar is the case for '-t= testing' even through '-t testing' existed before and the code even tried to detect mistakes like '-t= -b' … all gone now. Technically that is as its removing a feature replacing it with another a major interface break. In practice I really hope for my and their sanity that nobody was using this; but if for some reaon you do: Remove the space and be done. I found the patch and the bugreport actually only after the fact, but its reassuring that others are puzzled by this as well and hence a thanks is in perfect order here as the patch is practical identical [expect that this one here adds tests and other bonus items]. Thanks: Daniel Hartwig for initial patch. Closes: 693092
2015-11-19more sensible default text in pot filesDavid Kalnischkies
Git-Dch: Ignore
2015-11-19Dutch manpages translation (NEW)Frans Spiesschaert
Closes: 805474
2015-11-19do not use _apt for file/copy sources if it isn't world-accessibleDavid Kalnischkies
In 0940230d we started dropping privileges for file (and a bit later for copy, too) with the intend of uniforming this for all methods. The commit message says that the source will likely fail based on the compressors already – and there isn't much secret in the repository content. After all, after apt has run the update everyone can access the content via apt anyway… There are sources through which worked before which are mostly single-deb (and those with the uncompressed files available). The first one being especially surprising for users maybe, so instead of failing, we make it so that apt detects that it can't access a source as _apt and if so doesn't drop (for all sources!) privileges – but we limit this to file/copy, so the uncompress which might be needed will still fail – but that failed before this regression. We display a notice about this, mostly so that if it still fails (e.g. compressed) the user has some idea what is wrong. Closes: 805069
2015-11-18tests: fail testsuccess if notices are shown, tooDavid Kalnischkies
Notices are just hints, but if they are printed in tests, they should be expected and if not the test should fail. No current test has this problem, so that is just potential future proving. Git-Dch: Ignore
2015-11-11releasing package apt version 1.1~exp151.1_exp15Michael Vogt
2015-11-05activate AI_IDN by default to support IDN domainsDavid Kalnischkies
AI_IDN is a glibc extension, but we can worry about this at the time actually anyone is seriously trying apt on non-glibc systems. Closes: 763437
2015-11-05"support" unsigned Release files without hashes againDavid Kalnischkies
This 'ignores' the component Release files you can find in Debian alongside the binary-* directories, which isn't exactly a common usecase, but it worked before, so lets support it again as this isn't worse than a valid Release file which is unsigned. Git-Dch: Ignore
2015-11-05encode UTF-8 characters correctly in QuoteStringDavid Kalnischkies
Limit the field length to a char to avoid bogus FF for utf-8 characters with the default length. Closes: 799123
2015-11-05apply various suggestions made by cppcheckDavid Kalnischkies
Reported-By: cppcheck Git-Dch: Ignore
2015-11-05do not use read() returned value unconditionallyDavid Kalnischkies
A slightly unlikely bug, but lets fix it while slightly reworking this whole function to be slightly saner to look at, even if still not good. Git-Dch: Ignore
2015-11-05allow acquire method specific options via Binary scopeDavid Kalnischkies
Allows users who know what they are getting themselves into with this trick to e.g. disable privilege dropping for e.g. file:// until they can fix up the permissions on those repositories. It helps also the test framework and people with a similar setup (= me) to run in less modified environments.
2015-11-05drop privileges in copy:// method as we do for file://David Kalnischkies
Continueing on the track of dropping privileges in all methods, lets drop it in copy, too, as the reasoning for it is very similar to file and the interaction between the too quiet interesting as copy kinda surfed as a fallback for file not being able to read the file. Both now show a better error message as well as it was previously claiming to have a hashsum mismatch, given that it couldn't read the file. Git-Dch: Ignore
2015-11-04allow getaddrinfo flag AI_ADDRCONFIG to be disabledDavid Kalnischkies
This flags is generally handy to avoid having to deal with ipv6 results on an ipv4-only system, but it prevents e.g. the testcases from working if the testsystem has no configured address at the moment (expect loopback), so allow it to be sidestepped and let the testcases sidestep it. Git-Dch: Ignore
2015-11-04wrap every unlink call to check for != /dev/nullDavid Kalnischkies
Unlinking /dev/null is bad, we shouldn't do that. Also, we should print at least a warning if we tried to unlink a file but didn't manage to pull it of (ignoring the case were the file is /dev/null or doesn't exist in the first place). This got triggered by a relatively unlikely to cause problem in pkgAcquire::Worker::PrepareFiles which would while temporary uncompressed files (which are set to keep compressed) figure out that to files are the same and prepare for sharing by deleting them. Bad move. That also shows why not printing a warning is a bad idea as this hide the error for in non-root test runs. Git-Dch: Ignore
2015-11-04ensure FileFd doesn't try to open /dev/null as atomic and coDavid Kalnischkies
The wrapping will fail in the best case and actually end up deleting /dev/null in the worst case. Given that there is no point in trying to write atomically to /dev/null as you can't read from it again just ignore these flags if higher level code ends up trying to use them on /dev/null. Git-Dch: Ignore
2015-11-04ignore newlines in dpkg-deb control output for installing debsDavid Kalnischkies
Leading or trailing newlines can be confusing for our parser as it expects two newlines to start/stop a new stanza. To solve this the lines we wanna add are printed first, ignore any leading newlines and then add the stanza as provided by dpkg-deb with or without trailing newlines as the parser will look at the first stanza only anyway and removing trailing newlines is considerably harder to do. Closes: 802553
2015-11-04support arch:all data e.g. in separate Packages fileDavid Kalnischkies
Based on a discussion with Niels Thykier who asked for Contents-all this implements apt trying for all architecture dependent files to get a file for the architecture all, which is treated internally now as an official architecture which is always around (like native). This way arch:all data can be shared instead of duplicated for each architecture requiring the user to download the same information again and again. There is one problem however: In Debian there is already a binary-all/ Packages file, but the binary-any files still include arch:all packages, so that downloading this file now would be a waste of time, bandwidth and diskspace. We therefore need a way to decide if it makes sense to download the all file for Packages in Debian or not. The obvious answer would be a special flag in the Release file indicating this, which would need to default to 'no' and every reasonable repository would override it to 'yes' in a few years time, but the flag would be there "forever". Looking closer at a Release file we see the field "Architectures", which doesn't include 'all' at the moment. With the idea outlined above that 'all' is a "proper" architecture now, we interpret this field as being authoritative in declaring which architectures are supported by this repository. If it says 'all', apt will try to get all, if not it will be skipped. This gives us another interesting feature: If I configure a source to download armel and mips, but it declares it supports only armel apt will now print a notice saying as much. Previously this was a very cryptic failure. If on the other hand the repository supports mips, too, but for some reason doesn't ship mips packages at the moment, this 'missing' file is silently ignored (= that is the same as the repository including an empty file). The Architectures field isn't mandatory through, so if it isn't there, we assume that every architecture is supported by this repository, which skips the arch:all if not listed in the release file.
2015-11-04reenable gcc warnings for deprecated functionsDavid Kalnischkies
In the meantime the strange warnings disappeared, so we can get back to showing them – and fix the one occurance which creeped in in the meantime. Git-Dch: Ignore
2015-11-04sanify API to get 'the' candidate versionDavid Kalnischkies
This was discussed a while ago on #debian-apt and now that I see myself making this mistake lets bite the bullet and fix it in the easy way out version: Using a new name which fits with a similar named setter and deprecate the old method instead of 'hostily' changing API. Closes: #803471