summaryrefslogtreecommitdiff
path: root/apt-private/private-cmndline.cc
AgeCommit message (Collapse)Author
2017-06-28fail instead of warn on insecure repositories in apt-getDavid Kalnischkies
The exception was made to give (script) users a one-release grace period to adapt their setup to deal with apt enforcing signing of repositories. As we are now at the start of a new release cycle its as good a time as any to lift it now. Removes-Exception: 952ee63b0af14a534c0aca00c11d1a99be6b22b2
2017-03-19Ignore AutomaticRemove conffile option in upgradeDavid Kalnischkies
We are in a dilemma here: The regression of sorts was introduced in 2013 with commit d8a8f9d7f0 allowing pkg modifiers for the upgrade commands. That calls the autoremover as a sideeffect through and with it comes the option to remove the garbage packages in these commands (similar to aptitude). Having the option on the commandline is no problem – people aren't going to request what they don't want (or so I hope), but the documentation explicitly states that this option only effects install/remove and mentions a config knob users might use and expect to not suddenly apply (especially without documentation) to more commands. Just reverting the commit is out of question, completely ignoring the option breaks the workflow of every user who happened to use --autoremove on the commandline for upgrade and expects that to work given that it was accepted and worked in a stable release. Changing the documentation to reflect reality while perhaps the simplest and cleanest option contradicts freeze and is a surprising change we tend to avoid like the plague while just leaving it be confuses all users who end up believing the documentation even if was different in the last 3 years. So what we do is a tricky compromise: The configuration option if read from a file does apply only for install/remove as documented, while if the option is encountered on the commandline it is accepted and applies to the upgrade which should make 99% of the users happy. The rest has to wait for us to figure out for buster how to get that documented and implemented in a saner way. Closes: #855891
2016-12-31allow warning generation for non-whitelisted optionsDavid Kalnischkies
The idea is simple: Each¹ Find*( call starts with a call check if the given option (with the requested type) exists in the whitelist. The whitelist is specified via our configure-index file so that we have a better chance at keeping it current. the whitelist is loaded via a special (undocumented for now) configuration stanza and if none is loaded the empty whitelist will make it so that no warnings are shown. Much needs to be done still, but that is as good a time as any to take a snapshot of the current state and release it into the wild given that it found some bugs already and has no practical effect on users. ¹ not all in this iteration, but many
2016-12-31add --indep-only for build-dep commandDavid Kalnischkies
The implementation is quite different compared to --arch-only due to ABI reasons but functionality wise they are similar and usually both available for symmetry at least. Closes: #845775
2016-08-26Accept --autoremove as alias for --auto-removeJulian Andres Klode
I probably missed that when I did the usability work. But better late than never.
2016-08-17add --with-source option and Packages/Sources supportDavid Kalnischkies
We support "./foobar.deb" as a way to install a deb file directly. Recently .changes files were added. This highlights a problem as you can't add the changes file without also trying to install all of them. Now, it could also be handy to add entire Packages/Sources files to perhaps get a bunch of packages in without installing them all implicitly. This commit introduces --with-source which allows to add *.deb, *.changes, *.dsc, source-dirs, Packages & Sources files (the later can also be compressed) without also installing them.
2016-06-29eipp: let apt make a plan, not make stuff planeDavid Kalnischkies
Julian noticed on IRC that I fall victim to a lovely false friend by calling referring to a 'planer' all the time even through these are machines to e.g. remove splinters from woodwork ("make stuff plane"). The term I meant is written in german in this way (= with a single n) but in english there are two, aka: 'planner'. As that is unreleased code switching all instances without any transitional provisions. Also the reason why its skipped in changelog. Thanks: Julian Andres Klode Gbp-Dch: Ignore
2016-06-27eipp: provide the internal planer as an external oneDavid Kalnischkies
Testing the current implementation can benefit from being able to be feed an EIPP request and produce a fully compliant response. It is also a great test for EIPP in general.
2016-06-27eipp: implement version 0.1 of the protocolDavid Kalnischkies
The very first step in introducing the "external installation planer protocol" (short: EIPP) as part of my GSoC2016 project. The description reads: APT-based tools like apt-get, aptitude, synaptic, … work with the user to figure out how their system should look like after they are done installing/removing packages and their dependencies. The actual installation/removal of packages is done by dpkg with the constrain that dependencies must be fulfilled at any point in time (e.g. to run maintainer scripts). Historically APT has a super micro-management approach to this task which hasn't aged that well over the years mostly ignoring changes in dpkg and growing into an unmaintainable mess hardly anyone can debug and everyone fears to touch – especially as more and more requirements are tacked onto it like handling cycles and triggers, dealing with "important" packages first, package sources on removable media, touch minimal groups to be able to interrupt the process if needed (e.g. unattended-upgrades) which not only sky-rocket complexity but also can be mutually exclusive as you e.g. can't have minimal groups and minimal trigger executions at the same time.
2016-06-22add insecure (and weak) allow-options for sources.listDavid Kalnischkies
Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
2016-06-22forbid insecure repositories by default expect in apt-getDavid Kalnischkies
With this commit all APT-based clients default to refusing to work with unsigned or otherwise insufficently secured repositories. In terms of apt and apt-get this changes nothing, but it effects all tools using libapt like aptitude, synaptic or packagekit. The exception remains apt-get for stretch for now as this might break too many scripts/usecases too quickly. The documentation is updated and extended to reflect how to opt out or in on this behaviour change. Closes: 808367
2016-06-08edsp: drop privileges before executing solversDavid Kalnischkies
Most (if not all) solvers should be able to run perfectly fine without root privileges as they get the entire state they are supposed to work on via stdin and do not perform any action directly, but just pass suggestions on via stdout. The new default is to run them all as _apt hence, but each solver can configure another user if it chooses/must. The security benefits are minimal at best, but it helps preventing silly mistakes (see 35f3ed061f10a25a3fb28bc988fddbb976344c4d) and that is always good. Note that our 'apt' and 'dump' solver already dropped privileges if they had them.
2016-06-08edsp: optionally store a compressed copy of the last scenarioDavid Kalnischkies
For bugreports and co it could be handy to have the scenario and all the settings used in it around later for inspection for EDSP like protocols. EDSP might not be the most interesting as the user can still interrupt the process before the solution is applied and users tend to have an opinion on the "rightness" of a solution, so it is disabled by default.
2016-05-28look into the right textdomain for apt-utils againDavid Kalnischkies
Broken in e7e10e47476606e3b2274cf66b1e8ea74b236757 by looking always into "apt" while we ship some tools in "apt-utils"…
2016-01-07apt-helper: cat-file: Add -C/--compress optionJulian Andres Klode
This allows passing compressing the output. The compressor must be a compressor name, extension, or an extension without the leading dot.
2016-01-02Add new APT::Keep-Downloaded-Packages optionMichael Vogt
This option controls if downloaded packages should be kept after a successful install or if they should be deleted. The default for "apt-get" is that they are kept (just like before). However the default for "apt" is that they get deleted. Closes: #160743
2015-11-29use function pointers instead of weak symbols for cmdline parsingDavid Kalnischkies
Passing function pointers around while working on this was very icky, but if weak symbols are too much to ask for… Reverts "do not use "-Wl,-Bsymbolic-functions" during the build to avoid breakage" aka a5fc9be36211a290a7abc3ca2a8bf98943bc1f57.
2015-11-28Revert "Revert "appease adequate with some weak symbols for -private""Julian Andres Klode
This reverts commit 7ac9386cb6e272625490fcf3e8183b45e28bbc43.
2015-11-28Revert "appease adequate with some weak symbols for -private"Julian Andres Klode
This reverts commit 28f24d3dad1844af316337d565ba2ebc11c8ce97. This fails on Ubuntu as they build with -Bsymbolic-functions.
2015-11-27appease adequate with some weak symbols for -privateDavid Kalnischkies
Closes: #806422
2015-11-04revamp all tools help messagesDavid Kalnischkies
The general idea is: A small paragraph on the tool itself as a description, a list of the most used (!= all) commands available in the tool, a remark where to find more information on the tool and its commands (aka: in the manpage) and finally a common block referring to even more manpages. In exchange options are completely omitted from the output as well as deprecated or obscure commands. (Better) Information about them is available in the manpages anyway and the few options which were listed before were also the least interesting ones (-o -c -q and co are hardly of interest for someone totally new looking to find info by asking for help and anyone with a bit of experience doesn't need this short list. Those would need a list of options applying to the command they call, but they are too numerous and command specific to list them sanely in this context.
2015-11-04show version and type in "apt (r)depends"David Kalnischkies
We can't for compatibility reasons in apt-cache, but apt can. Closes: 218995
2015-11-04deal with --version more centrallyDavid Kalnischkies
Git-Dch: Ignore
2015-11-04move apts cmdline helper type into -privateDavid Kalnischkies
Its not as simple as I initially thought to abstract this enough to make it globally usable, so lets not pollute global namespace with this for now. Git-Dch: Ignore
2015-11-04generate commands array after config is loadedDavid Kalnischkies
This ensures that location strings loaded from a location specified via configuration (Dir::Locale) effect the help messages for commands. Git-Dch: Ignore
2015-11-04deduplicate main methodsDavid Kalnischkies
All mains pretty much do the same thing, so lets try a little harder to move the common parts into -private to have the real differences more visible. Git-Dch: Ignore
2015-11-04split up help messages for simpler reuseDavid Kalnischkies
That is one huge commit with busy work only: Help messages used to be one big translateable string, which is a pain for translators and hard to reuse for us. This change there 'explodes' this single string into new string for each documented string trying hard to split up the translated messages as well. This actually restores many translations as previously adding a single command made all of the bug message fuzzy. The splitup also highlighted that its easy to forget a line, duplicate one and similar stuff. Git-Dch: Ignore
2015-11-04disable updating insecure repositories in apt by defaultDavid Kalnischkies
apt is an interactive command and the reasons we haven't this option set for everything is mostly in keeping compatibility for a little while longer to allow scripts to be changed if need be.
2015-11-04move 'search' implementations as wellDavid Kalnischkies
Git-Dch: Ignore
2015-11-04centralize 'show' implementation of apt and apt-cacheDavid Kalnischkies
The show commands have different styles in both binaries as the audience is potentially very different, but that doesn't mean we need to separate the implementation especially as they are slightly similar. This also allows us to switch between the different show versions at runtime via an option. Git-Dch: Ignore
2015-11-04add binary-specific options via Binary scopeDavid Kalnischkies
Especially with apt now, it can be useful to set an option only for apt and not for apt-get. Using a binary-specific subtree which is merged into the root seems like a simple enough trick to achieve this.
2015-11-04allow all dpkg selections to be set via apt-mark and libaptDavid Kalnischkies
As we have support for 'hold', we need support for undoing a hold which in effect means that we implemented most other states as well, just that they weren't exposed in the interface directly so far.
2015-10-20Allow -i and -u as aliases for installed and upgradable in listJulian Andres Klode
This makes things much easier to use
2015-08-18Add support for "apt-cache showsrc --only-source srcpkgname"Michael Vogt
Thanks: Steve Slangasek for the suggestion Closes: 695633
2015-08-14Make auto-remove and auto-clean aliases for the versions without -Julian Andres Klode
Some people type them instead of autoremove and autoclean, so make them happy. Closes: #274159 Makes-Happy: Ansgar
2015-08-14Replace --force-yes by various options starting with --allowJulian Andres Klode
This enables more fine grained control over such exceptions.
2015-08-13Accept --upgradeable as synonym for --upgradableJulian Andres Klode
It's a tiny diff, so why not? But no need to document it. Closes: #787846
2015-08-10hide implicit deps in apt-cache again by defaultDavid Kalnischkies
Before MultiArch implicits weren't a thing, so they were hidden by default by definition. Adding them for MultiArch solved many problems, but having no reliable way of detecting which dependency (and provides) is implicit or not causes problems everytime we want to output dependencies without confusing our observers with unneeded implementation details. The really notworthy point here is actually that we keep now a better record of how a dependency came to be so that we can later reason about it more easily, but that is hidden so deep down in the library internals that change is more the problems it solves than the change itself.
2015-08-10rename 'apt-get files' to 'apt-get indextargets'David Kalnischkies
'files' is a bit too generic as a name for a command usually only used programmatically (if at all) by developers, so instead of "wasting" this generic name for this we use "indextargets" which is actually the name of the datastructure the displayed data is stored in. Along with this rename the config options are renamed accordingly.
2015-06-15implement default apt-get file --release-info modeDavid Kalnischkies
Selecting targets based on the Release they belong to isn't to unrealistic. In fact, it is assumed to be the most used case so it is made the default especially as this allows to bundle another thing we have to be careful with: Filenames and only showing targets we have acquired. Closes: 752702
2015-06-11implement 'apt-get files' to access index targetsDavid Kalnischkies
Downloading additional files is only half the job. We still need a way to allow external tools to know where the files are they requested for download given that we don't want them to choose their own location. 'apt-get files' is our answer to this showing by default in a deb822 format information about each IndexTarget with the potential to filter the records based on lines and an option to change the output format. The command serves also as an example on how to get to this information via libapt.
2015-03-16fix another d(e)select-upgrade typoDavid Kalnischkies
You would think one instance of this is enough, but 80e8d923ebc8d5f3f84eb3f922b28ca309c25026 wasn't as globally applied as the commit message suggested… LP: #1399037
2014-11-09streamline display of --help in all toolsDavid Kalnischkies
By convention, if I run a tool with --help or --version I expect it to exit successfully with the usage, while if I do call it wrong (like without any parameters) I expect the usage message shown with a non-zero exit.
2014-10-20reenable support for -s (and co) in apt-get sourceDavid Kalnischkies
The conversion to accept only relevant options for commands has forgotten another one, so adding it again even through the usecase might very well be equally good served by --print-uris. Closes: 742578
2014-10-01Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}Michael Vogt
The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now).
2014-09-07support regular expressions in 'apt search'David Kalnischkies
apt-cache search supported this since ever and in the code for apt was a fixme indicating this should be added here as well, so here we go.
2014-04-16support dist-upgrade options in full-upgradeDavid Kalnischkies
dist-upgrade is supposed to be an alias for full-upgrade in apt, but dist-upgrade was the only command recognized of the two in the option and flags recognition code.
2014-03-13follow method attribute suggestions by gccDavid Kalnischkies
Git-Dch: Ignore Reported-By: gcc -Wsuggest-attribute={pure,const,noreturn}
2014-03-13cleanup headers and especially #includes everywhereDavid Kalnischkies
Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
2014-03-13warning: no previous declaration for foobar() [-Wmissing-declarations]David Kalnischkies
Git-Dch: Ignore Reported-By: gcc -Wmissing-declarations