summaryrefslogtreecommitdiff
path: root/cmdline
AgeCommit message (Collapse)Author
2014-01-16use gpg --homedir instead of explicit file placementDavid Kalnischkies
Avoids that gpg gets the idea it could use files from the user which weren't overridden specifically like secret keyring and trustdb as before.
2013-12-27Merge branch 'feature/test-apt-key-net-update' into debian/sidMichael Vogt
2013-12-22factor GetTempDir outMichael Vogt
2013-12-19fix apt-key net-update test to use the buildin webserverMichael Vogt
2013-12-13make apt-key net-update actually testableMichael Vogt
2013-12-12Merge remote-tracking branch 'mvo/bugfix/conffile' into debian/sidMichael Vogt
2013-12-12clarify error message when apt-get source=ver fails, print a real error ↵Michael Vogt
message instead of "ignoring"
2013-12-11improve error messageMichael Vogt
2013-12-11improve error message for apt-get source pkg:arch{=ver,/release}Michael Vogt
2013-12-11add support for "apt-get source pkg:arch"Michael Vogt
2013-12-10user-requested version tag gets precedence in apt-get source -t dist ↵Michael Vogt
pkg=version requests
2013-12-10fix typoMichael Vogt
2013-12-10if there is only deb-src pick higest version in deb-src release matchingMichael Vogt
2013-12-05* enable release based selection for deb-src (closes: 731102)Michael Vogt
2013-12-01generate apt-key script with vendor info about keysDavid Kalnischkies
The apt-key script uses quiet a few keyring files for operation which are specific to the distribution it is build on and is hence one of the most patched parts – even if it is not that often used anymore now that a fragment directory for trusted.gpg exists.
2013-12-01cherry-pick ubuntus (disabled) net-update fixesDavid Kalnischkies
With the net-update command a special keyring can be downloaded and imported into apt, which must be signed by a master key. Its is currently disabled because of security problems with it – and the only known user before that was Ubuntu.
2013-11-28move EditSources into its own fileMichael Vogt
2013-11-26add check when sources.list changedMichael Vogt
2013-11-26add syntax check for sources.listMichael Vogt
2013-11-25add basic "edit-sources" commandMichael Vogt
2013-10-22Merge remote-tracking branch 'mvo/feature/upgrade-api' into debian/sidMichael Vogt
2013-10-08Merge remote-tracking branch 'mvo/feature/upgrade-with-new' into debian/sidMichael Vogt
2013-10-05rename FORBID_NEW_INSTALL_PACKAGES to FORBID_INSTALL_NEW_PACKAGESMichael Vogt
2013-10-05* move upgrade releated code into upgrade.{cc,h}Michael Vogt
The upgrade releated code is moved into upgrade.{cc,h} and all pkg*Upgrade* prototypes are included in algorihms.h to avoid breaking API (unless build with APT_9_CLEANER_HEADERS).
2013-10-05cleanup upgrade API some more (thanks for the feedback from David)Michael Vogt
2013-10-03use pkgAcqArchive in 'download' for proper errorsDavid Kalnischkies
With a bit of trickery we can reuse the usual infrastructure we have in place to acquire deb files for the 'download' operation as well, which gains us authentification check & display, error messages, correct filenames and "downloads" from the root-owned archives.
2013-10-03put fetch errors in 'source' on our errorstackDavid Kalnischkies
refactor the fetching process so that it looks more like the others we have in the hope that we can reuse code in the future. This is a soft interface change as 'source' previously printed errors directly on stderr, while it will now push it onto our usual error stack.
2013-09-03fix vim-style foldmarkerDavid Kalnischkies
Git-Dch: Ignore
2013-08-28Merge remote-tracking branch 'upstream/debian/sid' into feature/upgrade-with-newMichael Vogt
2013-08-28add man-page, improve option, use --with-new-pkgs as the flagMichael Vogt
2013-08-27allow pkg manipulation in the upgrade/dist-upgrade commandline, e.g. apt-get ↵Michael Vogt
dist-upgrade 2vcard- 4g8+
2013-08-22do chdir("/") after chroot()Michael Vogt
2013-08-17Merge remote-tracking branch 'mvo/feature/apt-binary2' into debian/sidMichael Vogt
Conflicts: cmdline/apt-get.cc
2013-08-15merge patch from Daniel Hartwig to Show a error message if {,dist-}upgrade ↵Michael Vogt
is used with additional arguments (closes: #705510)
2013-08-12squash merge of the feature/apt-binary branch without the changes from ↵Michael Vogt
experimental
2013-08-12let apt-key del work better with softlink and single key keyringsDavid Kalnischkies
Having fragement files means there is a good chance that there is one key per keyring, so deal with that as well as with setups in which keyrings are linked into trusted.gpg.d as we can't just modify those files (they might be in /usr for example).
2013-08-12make the keyring locations in apt-key configurableDavid Kalnischkies
Might come in handy for more than just a simple testcase.
2013-08-12do not double-slash paths in apt-keyDavid Kalnischkies
Closes: 665411
2013-08-12use a tmpfile for trustdb.gpg in apt-keyDavid Kalnischkies
for some "interesting" reason gpg decides that it needs to update its trustdb.gpg file in a --list-keys command even if right before gpg is asked to --check-trustdb. That wouldn't be as bad if it wouldn't modify the keyring being listed at that moment as well, which generates not only warnings which are not a problem for us, but as the keyring modified can be in /usr it modified files which aren't allowed to be modified. The suggested solution in the bugreport is running --check-trustdb unconditionally in an 'apt-key update' call, but this command will not be used in the future and this could still potentially bite us in net-update or adv calls. All of this just to keep a file around, which we do not need… The commit therefore switches to the use of a temporary created trusted.gpg file for everyone and asks gpg to not try to update the trustdb after its intial creation, which seems to avoid the problem altogether. It is using your also faked secring btw as calling the check-trustdb without a keyring is a lot slower … Closes: #687611 Thanks: Andreas Beckmann for the initial patch!
2013-08-12always use our own trustdb.gpg in apt-keyDavid Kalnischkies
APT doesn't care for the trustdb.gpg, but gnupg requires one even for the simplest commands, so we either use the one root has available in /etc or if we don't have access to it (as only root can read that file) we create a temporary directory to store a trustdb.gpg in it. We can't create just a temporary file as gpg requires the given trustdb.gpg file to be valid (if it exists), so we would have to remove the file before calling gnupg which would allow mktemp (and co) to hand exactly this filename out to another program (unlikely, but still).
2013-08-12add a not documented apt-key --fakeroot optionDavid Kalnischkies
Usually, most apt-key commands require root, so the script is checking for being run as root, but in your tests we use a non-root location, so we don't need to be root and therefore need an option to skip the check. Git-Dch: Ignore
2013-08-12improve error messageMichael Vogt
2013-08-08fix -Wall errorsMichael Vogt
2013-08-01unset LANGUAGE for showing [Y/n] answer hintsDavid Kalnischkies
nl_langinfo is used to acquire the YESEXPR of the language used, but it will return the one from LC_MESSAGES, which might be different from the language chosen for display of the question (based on LANGUAGE) so this commit removes the [Y/n] help text from the questions itself and moves it to the prompt creation in which the usage of LC_MESSAGES is forced for it, so that the helptext shown actually represents the characters accepted as input for the question. There is still room for problems of course starting with an untranslated "[Y/n]" but a translated YESEXPR or the problem that the question is asked in a completely different language which might have a conflicting definition of [Y/n] input or the user simple ignores the helptext and assumes that an answer matching the question language is accepted, but the mayority of users will never have this problem to begin with, so we should be fine (or at least a bit finer than before). Closes nothing really, but should at least help a bit with bugs like deb:194614, deb:471102, lp:1205578, and countless others.
2013-07-28Merge remote-tracking branch 'mvo/bugfix/coverity' into debian/sidMichael Vogt
2013-07-26fix some coverity chroot() releated warningsMichael Vogt
2013-07-26use FileFd::Write instead of fwrite for errorsDavid Kalnischkies
Using the static FileFd::Write method gives us error messages for free so we use it here to avoid failing silently (with a fail silent error). Git-Dch: Ignore
2013-07-25fix potential GetLock() fd leakMichael Vogt
2013-07-18fix 'apt-cache search' crash with missing descriptionDavid Kalnischkies
Beside the earlier fixed 'apt-cache show', 'showpkg' and 'search' deal with descriptions. 'showpkg' was fixed by fixing the cache generation for 'show', but 'search' still segfaulted. On the upside, it doesn't segfault any longer, on the downside, if a package has no description at all (aka: not in the Packages file and not in a Translation-* file) the package can't be found with 'search', even if we search only by name. That is a shortcoming in the code, but fixing it means rewriting it completely for dubious gain at best. So this commit just skips packages without a description and is done. Closes: 647590
2013-07-18skip all Description fields in apt-cache, not just firstDavid Kalnischkies
Given a Packages file like: […] Description: foo bar baz moo moo moo Multi-Arch: foreign Description-md5: 97e204a9f4ad8c681dbd54ec7c505251 […] We have to display the Multi-Arch flag field as well as the fields after the Description-md5, but not this field itself, as we already have one printed alongside the Description we display. Closes: 717254