summaryrefslogtreecommitdiff
path: root/apt-private
AgeCommit message (Collapse)Author
2015-08-31if file is inaccessible for _apt, disable privilege drop in acquireDavid Kalnischkies
We had a very similar method previously for our own private usage, but with some generalisation we can move this check into the acquire system proper so that all frontends profit from this compatibility change. As we are disabling a security feature here a warning is issued and frontends are advised to consider reworking their download logic if possible. Note that this is implemented as an all or nothing situation: We can't just (not) drop privileges for a subset of the files in a fetcher, so in case you have to download some files with and some without you need to use two fetchers.
2015-08-27install: Set a local deb as the candidate for that packageJulian Andres Klode
This ensures that we can install .deb files that are not the candidate for a given package.
2015-08-18Add support for "apt-cache showsrc --only-source srcpkgname"Michael Vogt
Thanks: Steve Slangasek for the suggestion Closes: 695633
2015-08-17Re-add support for G++ 4.8 and configure travis to use itJulian Andres Klode
This makes tests work again! Gbp-Dch: ignore
2015-08-17Do not crash in 'apt show' for non-installed packagesJulian Andres Klode
For a non-installed package, manual_installed was set to the null pointer. This was passed to Tag::Rewrite, which expects an string (empty for null-type values) and the conversion from null pointer to string does not work correctly.
2015-08-16Replace "extra" in "the following extra packages [...]" by "additional"Julian Andres Klode
This breaks the translation for no big gain, but we broke enough strings already for that to not really matter anymore. Closes: #82430
2015-08-16install: If package already is the newest version, display versionJulian Andres Klode
Also do it unconditionally, as it does not hurt. Closes: #315149
2015-08-15update: Check if the cache could be opened, don't just assume itJulian Andres Klode
This seems to cause Bug#756162, as in that case the depcache was NULL. I'm not entirely sure how that happens, but it's better to be check here rather then crash later on. Closes: #756162
2015-08-14Make auto-remove and auto-clean aliases for the versions without -Julian Andres Klode
Some people type them instead of autoremove and autoclean, so make them happy. Closes: #274159 Makes-Happy: Ansgar
2015-08-14Replace --force-yes by various options starting with --allowJulian Andres Klode
This enables more fine grained control over such exceptions.
2015-08-14Merge branch 'debian/experimental' of https://github.com/DonKult/apt into ↵Julian Andres Klode
debian/experimental
2015-08-13Accept --upgradeable as synonym for --upgradableJulian Andres Klode
It's a tiny diff, so why not? But no need to document it. Closes: #787846
2015-08-13Mark SPtr as deprecated, and convert users to std::unique_ptrJulian Andres Klode
Switch to std::unique_ptr, as this is safer than SPtr.
2015-08-12Replace all "press enter" occurrences with "press [Enter]"Luca Bruno
Thanks: Andre Felipe Machado for initial patch Closes: 414848
2015-08-11Annotate more methods with APT_OVERRIDEJulian Andres Klode
Gbp-Dch: ignore Reported-By: g++ -Wsuggest-override Thanks: g++ -Wsuggest-override
2015-08-10add volatile sources support in libapt-pkgDavid Kalnischkies
Sources are usually defined in sources.list (and co) and are pretty stable, but once in a while a frontend might want to add an additional "source" like a local .deb file to install this package (No support for 'real' sources being added this way as this is a multistep process). We had a hack in place to allow apt-get and apt to pull this of for a short while now, but other frontends are either left in the cold by this and/or the code for it looks dirty with FIXMEs plastering it and has on top of this also some problems (like including these 'volatile' sources in the srcpkgcache.bin file). So the biggest part in this commit is actually the rewrite of the cache generation as it is now potentially a three step process. The biggest problem with adding support now through is that this makes a bunch of previously mostly unusable by externs and therefore hidden classes public, so a bit of further tuneing on this now public API is in order…
2015-08-10hide implicit deps in apt-cache again by defaultDavid Kalnischkies
Before MultiArch implicits weren't a thing, so they were hidden by default by definition. Adding them for MultiArch solved many problems, but having no reliable way of detecting which dependency (and provides) is implicit or not causes problems everytime we want to output dependencies without confusing our observers with unneeded implementation details. The really notworthy point here is actually that we keep now a better record of how a dependency came to be so that we can later reason about it more easily, but that is hidden so deep down in the library internals that change is more the problems it solves than the change itself.
2015-08-10remove the compatibility markers for 4.13 abiDavid Kalnischkies
We aren't and we will not be really compatible again with the previous stable abi, so lets drop these markers (which never made it into a released version) for good as they have outlived their intend already. Git-Dch: Ignore
2015-08-10avoid virtual in the iteratorsDavid Kalnischkies
With a bit of trickery and the Curiously recurring template pattern we can free us from our use of virtual in the iterators were it is unneeded bloat as we never deal with pointers to iterators and similar such. Git-Dch: Ignore
2015-08-10show or-groups in not-installed recommends and suggests listsDavid Kalnischkies
Further abstracting our new ShowList allows to use it for containers of strings as well giving us the option to implement an or-groups display for the recommends and suggests lists which is a nice trick given that it also helps with migrating the last remaining other cases of old ShowList.
2015-08-10headers are for declarations onlyDavid Kalnischkies
Housekeeping. This used to be embedded in apt-get directly, then moved to into our (then new) private lib and now header and code get a proper separation. Git-Dch: Ignore
2015-08-10implement a more generic ShowList methodDavid Kalnischkies
apt-get is displaying various lists of package names, which until now it was building as a string before passing it to ShowList, which inserted linebreaks at fitting points and showed a title if needed, but it never really understood what it was working with. With the help of C++11 the new generic knows not only what it works with, but generates the list on the fly rather than asking for it and potentially discarding parts of the input (= the non-default verbose display). It also doubles as a test for how usable the CacheSets are with C++11. (Not all callers are adapted yet.) Git-Dch: Ignore
2015-08-10rename 'apt-get files' to 'apt-get indextargets'David Kalnischkies
'files' is a bit too generic as a name for a command usually only used programmatically (if at all) by developers, so instead of "wasting" this generic name for this we use "indextargets" which is actually the name of the datastructure the displayed data is stored in. Along with this rename the config options are renamed accordingly.
2015-08-10disable locking even for root in --simulateDavid Kalnischkies
Six years ago in 55a5a46c235a30bf024fb2301066553953701cc5 apt-get learned to disable locking if run as normal user and show a message. Helmut Grohne rightly suggests on IRC now that there isn't much point in getting the locks for root either as the output isn't in any way more authoritive than without locking given that after this call the lock is freed and any action can sneak in before we make the next call. So we exchange no benefit for the disavantage of blocking real calls. This can be especially confusing with the aliases --no-act and --just-print. We do not print the message we print for users through as the non-root users can be confronted with a lot more difference via unreadable files.
2015-08-10add c++11 override marker to overridden methodsDavid Kalnischkies
C++11 adds the 'override' specifier to mark that a method is overriding a base class method and error out if not. We hide it in the APT_OVERRIDE macro to ensure that we keep compiling in pre-c++11 standards. Reported-By: clang-modernize -add-override -override-macros Git-Dch: Ignore
2015-08-10prepare cachesets for -std=c++11David Kalnischkies
The "problem" is mostly in the erase() definitions as they slightly conflict and in pre-c++11 are not uniformly in different containers. By differenciating based on the standard we can provide erase() methods for both standards – and as the method is in a template and inline we don't need to worry about symbols here. The rest is adding wrappings for the new forward_list and unordered_set containers and correcting our iterators to use the same trait as the iterator they are wrapping instead of having all of them be simple forward iterators. This allows the use of specialized algorithms which are picked based on iterator_traits and implementing them all is simple to do as we can declare all methods easily and only if they are called they will generate errors (if the underlying iterator doesn't support these). Git-Dch: Ignore
2015-08-10fix memory leaks reported by -fsanitizeDavid Kalnischkies
Various small leaks here and there. Nothing particularily big, but still good to fix. Found by the sanitizers while running our testcases. Reported-By: gcc -fsanitize Git-Dch: Ignore
2015-06-15condense parallel requests with the same hashes to oneDavid Kalnischkies
It shouldn't be too common, but sometimes people have multiple mirrors in the sources or otherwise repositories with the same content. Now that we gracefully can handle multiple requests to the same URI, we can also fold multiple requests with the same expected hashes into one. Note that this isn't trying to find oppertunities for merging, but just merges if it happens to encounter the oppertunity for it. This is most obvious in the new testcase actually as it needs to delay the action to give the acquire system enough time to figure out that they can be merged.
2015-06-15show item ID in Hit, Ign and Err lines as wellDavid Kalnischkies
Again, consistency is the main sellingpoint here, but this way it is now also easier to explain that some files move through different stages and lines are printed for them hence multiple times: That is a bit hard to believe if the number is changing all the time, but now that it keeps consistent.
2015-06-15implement default apt-get file --release-info modeDavid Kalnischkies
Selecting targets based on the Release they belong to isn't to unrealistic. In fact, it is assumed to be the most used case so it is made the default especially as this allows to bundle another thing we have to be careful with: Filenames and only showing targets we have acquired. Closes: 752702
2015-06-11implement 'apt-get files' to access index targetsDavid Kalnischkies
Downloading additional files is only half the job. We still need a way to allow external tools to know where the files are they requested for download given that we don't want them to choose their own location. 'apt-get files' is our answer to this showing by default in a deb822 format information about each IndexTarget with the potential to filter the records based on lines and an option to change the output format. The command serves also as an example on how to get to this information via libapt.
2015-05-11rewrite all TFRewrite instances to use the new pkgTagSection::WriteDavid Kalnischkies
While it is mostly busywork to rewrite all instances it actually fixes bugs as the data storage used by the new method is std::string rather than a char*, the later mostly created by c_str() from a std::string which the caller has to ensure keeps in scope – something apt-ftparchive actually didn't ensure and relied on copy-on-write behavior instead which c++11 forbids and hence the new default gcc abi doesn't use it.
2015-04-10add a simple unit test for acquire progressDavid Kalnischkies
This isn't testing much of the 'complex' parts, but its better than nothing for now. Git-Dch: Ignore
2015-04-10reimplement the last uses of sprintfDavid Kalnischkies
Working with strings c-style is complicated and error-prune, so by converting to c++ style we gain some simplicity and avoid buffer overflows by later extensions. Git-Dch: Ignore
2015-03-16fix another d(e)select-upgrade typoDavid Kalnischkies
You would think one instance of this is enough, but 80e8d923ebc8d5f3f84eb3f922b28ca309c25026 wasn't as globally applied as the commit message suggested… LP: #1399037
2014-11-09use the same code to detect quiet setting in all toolsDavid Kalnischkies
Git-Dch: Ignore
2014-11-09streamline display of --help in all toolsDavid Kalnischkies
By convention, if I run a tool with --help or --version I expect it to exit successfully with the usage, while if I do call it wrong (like without any parameters) I expect the usage message shown with a non-zero exit.
2014-11-08use a abi version check similar to the gcc checkDavid Kalnischkies
Git-Dch: Ignore
2014-10-23chown finished partial files earlierDavid Kalnischkies
partial files are chowned by the Item baseclass to let the methods work with them. Now, this baseclass is also responsible for chowning the files back to root instead of having various deeper levels do this. The consequence is that all overloaded Failed() methods now call the Item::Failed base as their first step. The same is done for Done(). The effect is that even in partial files usually don't belong to _apt anymore, helping sneakernets and reducing possibilities of a bad method modifying files not belonging to them. The change is supported by the framework not only supporting being run as root, but with proper permission management, too, so that privilege dropping can be tested with them.
2014-10-20reenable support for -s (and co) in apt-get sourceDavid Kalnischkies
The conversion to accept only relevant options for commands has forgotten another one, so adding it again even through the usecase might very well be equally good served by --print-uris. Closes: 742578
2014-10-15check for available space, excluding root reserved blocksDavid Kalnischkies
We are checking the space requirements for ages, but the check uses the free blocks count, which includes the blocks reserved for usage by root. Now that we use an unprivileged user it has no access to these blocks anymore – and more importantly these blocks are a reserve, they shouldn't be used by apt without special encouragement by the user as it would be bad to have dpkg run out of diskspace and maintainerscripts like man-db skip certain actions if not enough space is available freely.
2014-10-15don't drop privileges if _apt has not enough rightsDavid Kalnischkies
Privilege dropping breaks download/source/changelog commands as they require the _apt user to have write permissions in the current directory, which is e.g. the case in /tmp, but not in /root, so we disable the privilege dropping if we deal with such a directory based on idea and code by Michael Vogt. The alternative would be to download always to a temp directory and move it then done, but this breaks partial file support. To resolve this, we could move to one of our partial/ directories, but this would require a lock which would block root from using two of these commands in parallel. As both seems unacceptable we instead let the user choose what to do: Either a directory is setupped for _apt, downloading as root is accepted or – which is potentially even better – an unprivileged user is used for the commands.
2014-10-07don't show ErrorText for Ign by defaultDavid Kalnischkies
Some distributions (or repositories) do not have as much "Ign-discipline" as I would like to, so that could be pretty distracting for our users if enabled by default. It is handy for testcases though. Git-Dch: Ignore
2014-10-07display errortext for all Err as well as Ign logsDavid Kalnischkies
consistently using Item::Failed in all specializec classes helps setting up some information bits otherwise unset, so some errors had an empty reason as an error. Ign is upgraded to display the error message we ignored to further help in understanding what happens.
2014-10-07ensure partial dirs are 0700 and owned by _apt:rootDavid Kalnischkies
Reworks the API involved in creating and setting up the fetcher to be a bit more pleasent to look at and work with as e.g. an empty string for no lock isn't very nice. With the lock we can also stop creating all our partial directories "just in case". This way we can also be a bit more aggressive with the partial directory itself as with a lock, we know we will gone need it.
2014-10-01Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}Michael Vogt
The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now).
2014-09-29Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/acquire-item.cc
2014-09-28replace c-string Mode with c++-string ActiveSubprocessDavid Kalnischkies
A long-lasting FIXME in the acquire code points out the problem that we e.g. for decompressors assign c-string representations of c++-strings to the Mode variable, which e.g. cppcheck points out as very bad. In practice, nothing major happens as the c++-strings do not run out of scope until Mode would do, but that is bad style and fragile, so the obvious proper fix is to use a c++ string for storage to begin with. The slight complications stems from the fact that progress reporting code in frontends potentially uses Mode and compares it with NULL, which can't be done with std::string, so instead of just changing the type we introduce a new variable and deprecate the old one. Git-Dch: Ignore
2014-09-27adapt to the new CacheSetHelper APIDavid Kalnischkies
Git-Dch: Ignore
2014-09-27rework cachesets API to allow future extensionDavid Kalnischkies
The introduction of Fnmatch showed that each new selector would require multiple new virtual methods in the CacheSetHelper to work correctly, which isn't that great. We now flip to a single virtual method which handles all cases separated by an enum – as new enum values can be added without an ABI break. Great care was taken to make old code work with the new way of organisation, which means in return that you might be bombarded with deprecation warnings now if you don't adapt, but code should still compile and work as before as can be seen in apt itself with this commit. Git-Dch: Ignore