summaryrefslogtreecommitdiff
path: root/apt-pkg/init.cc
AgeCommit message (Collapse)Author
2019-01-14Add support for /etc/apt/auth.conf.d/*.conf (netrcparts)Julian Andres Klode
This allows us to install matching auth files for sources.list.d files, for example; very useful. This converts aptmethod's authfd from one FileFd to a vector of pointers to FileFd, as FileFd cannot be copied, and move operators are hard. (cherry picked from commit bbfcc05c1978decd28df9681fd73e2a7d9a8c2a5) LP: #1811120 (cherry picked from commit 5629f35ecb7956b180364ebaf57e79f35885344e)
2018-03-15Use https for Ubuntu changelogsJulian Andres Klode
We just enabled https on changelogs.ubuntu.com, let's use it.
2018-01-03allow a method to request auxiliary filesDavid Kalnischkies
If a method needs a file to operate like e.g. mirror needs to get a list of mirrors before it can redirect the the actual requests to them. That could easily be solved by moving the logic into libapt directly, but by allowing a method to request other methods to do something we can keep this logic contained in the method and allow e.g. also methods which perform binary patching or similar things. Previously they would need to implement their own acquire system inside the existing one which in all likelyhood will not support the same features and methods nor operate with similar security compared to what we have already running 'above' the requesting method. That said, to avoid methods producing conflicts with "proper" files we are downloading a new directory is introduced to keep the auxiliary files in. [The message magic number 351 is a tribute to the german Grundgesetz article 35 paragraph 1 which defines that all authorities of the state(s) help each other on request.]
2017-07-26show warnings instead of errors if files are unreadableDavid Kalnischkies
We used to fail on unreadable config/preferences/sources files, but at least for sources we didn't in the past and it seems harsh to refuse to work because of a single file, especially as the error messages are inconsistent and end up being silly (like suggesting to run apt update to fix the problem…). LP: #1701852
2017-07-12Reformat and sort all includes with clang-formatJulian Andres Klode
This makes it easier to see which headers includes what. The changes were done by running git grep -l '#\s*include' \ | grep -E '.(cc|h)$' \ | xargs sed -i -E 's/(^\s*)#(\s*)include/\1#\2 include/' To modify all include lines by adding a space, and then running ./git-clang-format.sh.
2017-03-07Ignore \.ucf-[a-z]+$ like we do for \.dpkg-[a-z]+$Julian Andres Klode
This gets rid of warnings about .ucf-dist files Reported-By: Axel Beckert (on IRC)
2017-01-19fix various typos reported by codespellDavid Kalnischkies
Nothing in user visible strings. Gbp-Dch: Ignore Reported-By: codespell
2017-01-17Read dpkg tables to handle architecture wildcardsJulian Andres Klode
Our implementation of wildcards was rudimentary. It worked for some common ones, but it was also broken: For example, armel matched any-armel, but should match any-arm. With this commit, we load the correct tables from dpkg. Supported are both triplets and quadruplet tables (the latter introduced in dpkg 1.18.11). There are some odd things we have to deal with in the cache filter for historical and API reasons: * The character "*" must be accepted as an alternative to any - in fact it may appear anywhere in the wildcard as we also allow fnmatch() style wildcard matching on the commandline. * The code might get passed an arch with a minus at the end, for example the cmdline "install apt:any-arm-" will first try to check if any-arm- is a valid architecture. We deal with this by rejecting any wildcard ending in a minus. * Triplets are actually implemented by extending them to faux quadruplets - by prepending a "base" component for the architecture tuple, and "any" if there is a wildcard component. Once we have constructed a wildcard, it is transformed into an fnmatch() expression for historical reasons. In the future, we should really get a tuple class and implement matching in a better, more explicit way. This does for now though - it passes all the test cases and accepts all things it should accept. Closes: #748936 Thanks: James Clarke <jrtc27@jrtc27.com> for the initial patch
2016-08-29init: Add Dir::Bin::planners default entryJulian Andres Klode
Apparently we had no default defined for this. Reported-By: David Kalnischkies
2016-08-29init: Fix path to external solversJulian Andres Klode
This accidentally had two apt in it. This fixes a regression from commit 8757a0f. Gbp-Dch: ignore
2016-08-26Make directory paths configurableJulian Andres Klode
This allows other vendors to use different paths, or to build your own APT in /opt for testing. Note that this uses + 1 in some places, as the paths we receive are absolute, but we need to strip of the initial /.
2016-06-29if conf unset, don't read / as conf/pref/sources dirDavid Kalnischkies
Usually these config options are set to sensible values, but if init isn't run or the user interferes with configuration clearing or similar the options could indeed carry an empty value, which will result in FindDir returning a '/'. That feels kinda wrong, but as a public interface there isn't much we can do about it and instead make it so that we get the special file /dev/null back we know how to deal with in such cases.
2016-06-29eipp: let apt make a plan, not make stuff planeDavid Kalnischkies
Julian noticed on IRC that I fall victim to a lovely false friend by calling referring to a 'planer' all the time even through these are machines to e.g. remove splinters from woodwork ("make stuff plane"). The term I meant is written in german in this way (= with a single n) but in english there are two, aka: 'planner'. As that is unreleased code switching all instances without any transitional provisions. Also the reason why its skipped in changelog. Thanks: Julian Andres Klode Gbp-Dch: Ignore
2016-06-27eipp: enable xz-compressed scenario loggingDavid Kalnischkies
In 385d9f2f23057bc5808b5e013e77ba16d1c94da4 I implemented the storage of scenario files based on enabling this by default for EIPP, but I implemented it first optionally for EDSP to have it independent. The reasons mentioned in the earlier commit (debugging and bugreports) obviously apply here, especially as EIPP solutions aren't user approved, nearly impossible to verify before starting the execution and at the time of error the scenario has changed already, so that reproducing the issue becomes hard(er).
2016-06-22add insecure (and weak) allow-options for sources.listDavid Kalnischkies
Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
2016-06-22forbid insecure repositories by default expect in apt-getDavid Kalnischkies
With this commit all APT-based clients default to refusing to work with unsigned or otherwise insufficently secured repositories. In terms of apt and apt-get this changes nothing, but it effects all tools using libapt like aptitude, synaptic or packagekit. The exception remains apt-get for stretch for now as this might break too many scripts/usecases too quickly. The documentation is updated and extended to reflect how to opt out or in on this behaviour change. Closes: 808367
2016-06-08edsp: optionally store a compressed copy of the last scenarioDavid Kalnischkies
For bugreports and co it could be handy to have the scenario and all the settings used in it around later for inspection for EDSP like protocols. EDSP might not be the most interesting as the user can still interrupt the process before the solution is applied and users tend to have an opinion on the "rightness" of a solution, so it is disabled by default.
2016-02-11use local changelog from /usr/share/doc if possibleDavid Kalnischkies
If pkgAcqChangelog is told to acquire the changelog for a version it will check first if this version is installed on the disk and if so will use the local changelog in /usr/share/doc (possibily/likely gz compressed) instead of downloading the file from the web. An option is provided to disable this, which is enabled by default for the Ubuntu vendor as they truncate the local changelogs – and for apts --print-uris action.
2015-12-02use @CHANGEPATH@ as placeholder in changelog URI templatesDavid Kalnischkies
This should make it more obvious that CHANGEPATH is a placeholder which apt will replace with a package specific path rather than a string constant. Mail-Reference: <87d1upgvaf.fsf@deep-thought.43-1.org> Mail-Archive: https://lists.debian.org/debian-dak/2015/12/msg00005.html
2015-08-17Cleanup includes after running iwyuMichael Vogt
2015-08-14Set Acquire::Changelogs::URI::Origin::Tanglu for Tanglu changelogsJulian Andres Klode
2015-08-10rename 'apt-get files' to 'apt-get indextargets'David Kalnischkies
'files' is a bit too generic as a name for a command usually only used programmatically (if at all) by developers, so instead of "wasting" this generic name for this we use "indextargets" which is actually the name of the datastructure the displayed data is stored in. Along with this rename the config options are renamed accordingly.
2015-08-10remove the longtime deprecated vendor{,list} stuffDavid Kalnischkies
History suggests that this comes from an earlier apt-secure implementation, but never really became a thing, totally unused and marked as deprecated for "ages" now. Especially as it did nothing even if it would have been used (libapt itself didn't use it at all).
2015-06-15provide a public interface for acquiring changelogsDavid Kalnischkies
Provided is a specialized acquire item which given a version can figure out the correct URI to try by itself and if not provides an error message alongside with static methods to get just the URI it would try to download if it should just be displayed or similar such. The URI is constructed as follows: Release files can provide an URI template in the "Changelogs" field, otherwise we lookup a configuration item based on the "Label" or "Origin" of the Release file to get a (hopefully known) default value for now. This template should contain the string CHANGEPATH which is replaced with the information about the version we want the changelog for (e.g. main/a/apt/apt_1.1). This middleway was choosen as this path part was consistent over the three known implementations (+1 defunct), while the rest of the URI varies widely between them. The benefit of this construct is that it is now easy to get changelogs for Debian packages on Ubuntu and vice versa – even at the moment where the Changelogs field is present nowhere. Strictly better than what apt-get had before as it would even fail to get changelogs from security… Now it will notice that security identifies as Origin: Debian and pick this setting (assuming again that no Changelogs field exists). If on the other hand security would ship its changelogs in a different location we could set it via the Label option overruling Origin. Closes: 687147, 739854, 784027, 787190
2015-06-10store all targets data in IndexTarget structDavid Kalnischkies
We still need an API for the targets, so slowly prepare the IndexTargets to let them take this job. Git-Dch: Ignore
2015-06-09configureable acquire targets to download additional filesDavid Kalnischkies
First pass at making the acquire system capable of downloading files based on configuration rather than hardcoded entries. It is now possible to instruct 'deb' and 'deb-src' sources.list lines to download more than just Packages/Translation-* and Sources files. Details on how to do that can be found in the included documentation file.
2014-11-08mark internal interfaces as hiddenDavid Kalnischkies
We have a bunch of classes which are of no use for the outside world, but were still exported and so needed to preserve ABI/API. Marking them as hidden to not export them any longer is a big API break in theory, but in practice nobody is using them – as if they would its a bug.
2014-10-13Change default of Acquire::AllowInsecureRepositories to "true"Michael Vogt
This change is made for backward compatiblity and should be reverted once jessie is out.
2014-10-13Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()Michael Vogt
Do not drop privileges in the methods when using a older version of libapt that does not support the chown magic in partial/ yet. To do this DropPrivileges() now will ignore a empty Apt::Sandbox::User. Cleanup all hardcoded _apt along the way.
2014-10-01Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}Michael Vogt
The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now).
2014-04-25reduce delta from ubuntuMichael Vogt
2014-03-13cleanup headers and especially #includes everywhereDavid Kalnischkies
Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
2014-02-10do not use an empty APT_CONFIG environment variableDavid Kalnischkies
2013-12-01drop old /var/state to /var/lib transition artefactsDavid Kalnischkies
Regardless of when this transition was, it is so long ago that everyone who would still need this has a million other problems to deal with now so lets just drop this code.
2012-03-22the previously used VERSION didn't work everywhere so we are switchingDavid Kalnischkies
to the more standard PACKAGE_VERSION and make it work in every file
2011-10-30merge with my debian-sid branchDavid Kalnischkies
2011-09-21* apt-pkg/init.cc:David Kalnischkies
- silently ignore *.orig and *.save files by default
2011-09-19use forward declaration in headers if possible instead of includesDavid Kalnischkies
2011-09-19do not pollute namespace in the headers with using (Closes: #500198)David Kalnischkies
2011-09-13reorder includes: add <config.h> if needed and include it at firstDavid Kalnischkies
2011-07-15merged from http://bzr.debian.org/bzr/apt/apt/debian-sidMichael Vogt
2011-07-06* apt-pkg/init.cc:David Kalnischkies
- use CndSet in pkgInitConfig (Closes: #629617)
2011-06-29merge lp:~mvo/apt/abi-breakMichael Vogt
2011-05-28* apt-pkg/init.cc:Jörg Sommer
- don't set deprecated APT::Acquire::Translation, thanks Jörg Sommer!
2011-05-02handle Dir::Bin::Solvers as a list of directories and find theDavid Kalnischkies
solver in this list of directories
2011-02-03merge 'after squeeze release'-stuffDavid Kalnischkies
[ David Kalnischkies ] * apt-pkg/depcache.cc: - add SetCandidateRelease() to set a candidate version and the candidates of dependencies if needed to a specified release (Closes: #572709) * cmdline/apt-get.cc: - if --print-uris is used don't setup downloader as we don't need progress, lock nor the directories it would create otherwise - show dependencies of essential packages which are going to remove only if they cause the remove of this essential (Closes: #601961) - keep not installed garbage packages uninstalled instead of showing in the autoremove section and installing those (Closes: #604222) - change pkg/release behavior to use the new SetCandidateRelease so installing packages from experimental or backports is easier - really do not show packages in the extra section if they were requested on the commandline, e.g. with a modifier (Closes: #184730) * debian/control: - add Vcs-Browser now that loggerhead works again (Closes: #511168) - depend on debhelper 7 to raise compat level - depend on dpkg-dev (>= 1.15.8) to have c++ symbol mangling * apt-pkg/contrib/fileutl.cc: - add a RealFileExists method and check that your configuration files are real files to avoid endless loops if not (Closes: #604401) - ignore non-regular files in GetListOfFilesInDir (Closes: #594694) * apt-pkg/contrib/weakptr.h: - include stddefs.h to fix compile error (undefined NULL) with gcc-4.6 * methods/https.cc: - fix CURLOPT_SSL_VERIFYHOST by really passing 2 to it if enabled * deb/dpkgpm.cc: - fix popen/fclose mismatch reported by cppcheck. Thanks to Petter Reinholdtsen for report and patch! (Closes: #607803) * doc/apt.conf.5.xml: - fix multipl{y,e} spelling error reported by Jakub Wilk (Closes: #607636) * apt-inst/contrib/extracttar.cc: - let apt-utils work with encoded tar headers if uid/gid are large. Thanks to Nobuhiro Hayashi for the patch! (Closes: #330162) * apt-pkg/cacheiterator.h: - do not segfault if cache is not build (Closes: #254770) * doc/apt-get.8.xml: - remove duplicated mentioning of --install-recommends * doc/sources.list.5.xml: - remove obsolete references to non-us (Closes: #594495) * debian/rules: - use -- instead of deprecated -u for dh_gencontrol - remove shlibs.local creation and usage - show differences in the symbol files, but never fail * pre-build.sh: - remove as it is not needed for a working 'bzr bd' * debian/{apt,apt-utils}.symbols: - ship experimental unmangled c++ symbol files * methods/rred.cc: - operate optional on gzip compressed pdiffs * apt-pkg/acquire-item.cc: - don't uncompress downloaded pdiff files before feeding it to rred - try downloading clearsigned InRelease before trying Release.gpg - change the internal handling of Extensions in pkgAcqIndex - add a special uncompressed compression type to prefer those files - download and use i18n/Index to choose which Translations to download * cmdline/apt-key: - don't set trustdb-name as non-root so 'list' and 'finger' can be used without being root (Closes: #393005, #592107) * apt-pkg/deb/deblistparser.cc: - rewrite LoadReleaseInfo to cope with clearsigned Releasefiles * ftparchive/writer.cc: - add config option to search for more patterns in release command - include Index files by default in the Release file * methods/{gzip,bzip}.cc: - print a good error message if FileSize() is zero * apt-pkg/aptconfiguration.cc: - remove the inbuilt Translation files whitelist
2011-02-01* apt-pkg/cdrom.cc, apt-pkg/init.cc, methods/cdrom.cc:Michael Vogt
- use /media/cdrom as default mountoint (closes: #611569)
2011-01-12* apt-pkg/contrib/fileutl.cc:David Kalnischkies
- add a RealFileExists method and check that your configuration files are real files to avoid endless loops if not (Closes: #604401)
2010-09-04* apt-pkg/indexcopy.cc:David Kalnischkies
- support really still the APT::GPGV::TrustedKeyring setting, as it breaks d-i badly otherwise (Closes: #595428)
2010-08-19* apt-pkg/init.cc:David Kalnischkies
- set the default values for dir::etc::trusted options correctly