summaryrefslogtreecommitdiff
path: root/apt-private/private-download.h
AgeCommit message (Collapse)Author
2015-08-31if file is inaccessible for _apt, disable privilege drop in acquireDavid Kalnischkies
We had a very similar method previously for our own private usage, but with some generalisation we can move this check into the acquire system proper so that all frontends profit from this compatibility change. As we are disabling a security feature here a warning is issued and frontends are advised to consider reworking their download logic if possible. Note that this is implemented as an all or nothing situation: We can't just (not) drop privileges for a subset of the files in a fetcher, so in case you have to download some files with and some without you need to use two fetchers.
2015-08-10show or-groups in not-installed recommends and suggests listsDavid Kalnischkies
Further abstracting our new ShowList allows to use it for containers of strings as well giving us the option to implement an or-groups display for the recommends and suggests lists which is a nice trick given that it also helps with migrating the last remaining other cases of old ShowList.
2014-10-15check for available space, excluding root reserved blocksDavid Kalnischkies
We are checking the space requirements for ages, but the check uses the free blocks count, which includes the blocks reserved for usage by root. Now that we use an unprivileged user it has no access to these blocks anymore – and more importantly these blocks are a reserve, they shouldn't be used by apt without special encouragement by the user as it would be bad to have dpkg run out of diskspace and maintainerscripts like man-db skip certain actions if not enough space is available freely.
2014-10-15don't drop privileges if _apt has not enough rightsDavid Kalnischkies
Privilege dropping breaks download/source/changelog commands as they require the _apt user to have write permissions in the current directory, which is e.g. the case in /tmp, but not in /root, so we disable the privilege dropping if we deal with such a directory based on idea and code by Michael Vogt. The alternative would be to download always to a temp directory and move it then done, but this breaks partial file support. To resolve this, we could move to one of our partial/ directories, but this would require a lock which would block root from using two of these commands in parallel. As both seems unacceptable we instead let the user choose what to do: Either a directory is setupped for _apt, downloading as root is accepted or – which is potentially even better – an unprivileged user is used for the commands.
2014-06-02Show unauthenticated warning for source packages as wellMichael Vogt
This will show the same unauthenticated warning for source packages as for binary packages and will not download a source package if it is unauthenticated. This can be overridden with --allow-unauthenticated Closes: #749795
2014-03-21enable fvisibility=hidden for our private libraryDavid Kalnischkies
While it is a huge undertaking to enable it for our public libraries as basically everything we exported so far could be seen as public interface our private library is new and under our full control, so we can do whatever we like with it. The benefits are not that big in return of course, but it reduces the size a bit, so thats great nontheless. Git-Dch: ignore
2014-03-13cleanup headers and especially #includes everywhereDavid Kalnischkies
Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
2013-10-03put fetch errors in 'source' on our errorstackDavid Kalnischkies
refactor the fetching process so that it looks more like the others we have in the hope that we can reuse code in the future. This is a soft interface change as 'source' previously printed errors directly on stderr, while it will now push it onto our usual error stack.