Age | Commit message (Collapse) | Author |
|
By restricting the Date field to be in the past, an attacker cannot
just create a repository from the future that would be accepted as
a valid update for a repository.
This check can be disabled by Acquire::Check-Date set to false. This
will also disable Check-Valid-Until and any future date related checking,
if any - the option means: "my computers date cannot be trusted."
Modify the tests to allow repositories to be up to 10 hours in the
future, so we can keep using hours there to simulate time changes.
|
|
|
|
|
|
This has not been used for a while. It was added for apt-mark
in 7b4159cf2a4b7de10622c7e4e29247067358a3ab, but apt-mark has
been rewritten in C++ quite some time ago.
Closes: #887607
|
|
If on_ac_power exits with 255 the script would fail at this point
because set -e was set, but it should continue, as 255 means the
power status could not be determined.
LP: #1742378
|
|
|
|
The mirror method is undocumented since 0.7.24, now with the
reimplementation it is high time to get something written about it.
|
|
Same reasoning as with the previous commit for http with the added
benefit of moving the hard to discover and untranslated example config
into a manpage which could be translated.
|
|
We had documentation for the http transport in our "catch-all" apt.conf
manpage, but it seems benefitial to document transports in their own
manpage instead of pushing them all into one.
|
|
Various corrections, mostly quoting, which shouldn't be a problem for us
as we tend to act in "sane" environments, but just to be sure.
[commit message written by committer]
References: Debian bugreport #849636
|
|
The signal was introduced with the introduction of the script itself,
but seems to have never got any user as all references to it I can find
are references to other code appearing in the cronjob.
It is also the wrong place nowadays as the cronjob is just one place an
update can be triggered by, so if notifications about an update being
run are desired it is better to use a hook which will be called by all
update calls (script, cron, user, …).
Removing this code solves also the problem of improving the check to
avoid running into problems with security systems like SELinux.
References: 0c1326826fd23ce859db8e923c37b7199c6da2c8
Closes: 849636
|
|
Beside adding the relatively new Item::Proxy method we are also slightly
preparing for gcc-8.
|
|
Clean up the control file a bit.
|
|
aptitude used to use gzip:// for changelog URLs, but is now
fixed to use store.
|
|
|
|
We need to use a versioned breaks again, otherwise the
transitional package would not be installable.
Gbp-Dch: ignore
|
|
|
|
Makes lintian happy, but is basically useless
Gbp-Dch: ignore
|
|
This fixes issues with debootstrap. The package will disappear
after the release of buster.
|
|
No further changes required.
|
|
We don't need fakeroot for building!
|
|
|
|
We do want to get our autopkgtests triggered by dpkg uploads
in Ubuntu, but this does not happen because we don't have
an explicit dependency on it. Add one.
|
|
|
|
|
|
This reduces the number of syscalls to about 140 from about
350 or so, significantly reducing security risks.
Also change prepare-release to ignore the architecture lists
in the build dependencies when generating the build-depends
package for travis.
We might want to clean up things a bit more and/or move it
somewhere else.
|
|
This automatically removes any old apt-transport-https, as
apt now Breaks it unversioned.
|
|
|
|
|
|
|
|
|
|
|
|
We now wait for being online ourselves, so all we need to wait
on is for services we are using to be online first. This avoids
severe boot slowdowns by other services having specified an
After=network-online.target without a Wants=.
Gbp-Dch: Full
|
|
|
|
|
|
We previously dlopen()ed it, but it seems painful to do that
without any real gain, except for possibly not having libudev
in the address space and not having code #ifdefed for Linux.
The latter means that we are a bit more likely to break stuff
for non-Linux systems now if we play with udev, but at least
we don't end up with it silently breaking because of a libudev
ABI break.
The existing function pointers in the struct were renamed and
kept for compat purposes.
Fixes Debian/apt#48
Also adjust prepare-release to strip [linux-any] from build-depends
for travis.
|
|
There's no real point in pulling it in in the timer already,
and it it somewhat saver to do so in the service.
|
|
Introduce a new helper, apt-helper wait-online that uses
NetworkManager and/or systemd-networkd to wait for them
reporting online, with a time out of 30 seconds; and run
that helper before running the daily update script.
LP: #1699850
Gbp-Dch: Full
|
|
Seems we forgot to update the packaging when adding the manual
page. Once we have translations for it, we need to add them
as well...
Closes: #873934
|
|
|
|
|
|
The version is probably wrong for most, but oh well,
let's just pretend we are introducing them now.
|
|
We now require gcc 7 on the packaging side, and add an appropriate
symbol to our symbols file.
Also adjust prepare-release to ignore g++ version requirements
when setting up build dependencies on CI.
Closes: #871275
|
|
debtorrent and its helper apt-transport-debtorrent were removed from
Debian in 2013 based on the bugreports #730459 and #731281. As they
aren't available, we shouldn't make references to them anymore. a-t-tor
is picked as replacement for the example.
|
|
The main process is guessed by systemd. This prevents killing dpkg
run by unattended-upgrades in the middle of installing packages
and ensures graceful shutdown.
The timeout of 900 seconds after which apt-daily-upgrade.service
is killed is in sync with unattended-upgrades's timer.
LP: #1690980
|
|
Gbp-Dch: ignore
|
|
|
|
[squashed:]
apt.systemd.daily: check_stamp: check for 'always' before numerical values
Prevents a crash when the configuration actually uses 'always':
apt.systemd.daily: 402: [: Illegal number: always
|
|
Reported-By: codespell & spellintian
Gbp-Dch: Ignore
|
|
|