From b98232208f580e7b2677af87fb22d21f61a0509a Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 25 Sep 2014 11:39:16 +0200 Subject: Use /var/empty as the homedir for _apt Thanks to Axel Beckert --- debian/apt.postinst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/apt.postinst b/debian/apt.postinst index fab026504..a538abde9 100644 --- a/debian/apt.postinst +++ b/debian/apt.postinst @@ -27,8 +27,8 @@ case "$1" in fi # add unprivileged user for the apt methods - adduser --force-badname --system --no-create-home \ - --quiet _apt || true + adduser --force-badname --system -home /var/empty \ + --no-create-home --quiet _apt || true chown -R _apt:root \ /var/lib/apt/lists \ /var/cache/apt/archives -- cgit v1.2.3 From 5b55915a9beca06c9993285aee9da9f4ac3bccc4 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 24 Jan 2014 15:18:14 +0100 Subject: rename postrm to apt.postrm It helps in identifying its affiliation. Also removes the old postinst which was hidden by apt.postinst for a long time now and would just install a sources.list in edgecases which is probably not a good idea (e.g. on my system /etc/apt/sources.list does not exist). It is better done by the installer of the distro. Git-Dch: Ignore --- debian/apt.postinst | 0 debian/apt.postrm | 22 ++++++++++++++++++++++ debian/postinst | 39 --------------------------------------- debian/postrm | 22 ---------------------- 4 files changed, 22 insertions(+), 61 deletions(-) mode change 100644 => 100755 debian/apt.postinst create mode 100755 debian/apt.postrm delete mode 100755 debian/postinst delete mode 100755 debian/postrm (limited to 'debian') diff --git a/debian/apt.postinst b/debian/apt.postinst old mode 100644 new mode 100755 diff --git a/debian/apt.postrm b/debian/apt.postrm new file mode 100755 index 000000000..ae1e18d33 --- /dev/null +++ b/debian/apt.postrm @@ -0,0 +1,22 @@ +#! /bin/sh + +# apt postrm +# Copyright (C) 1998, Ben Gertzfield + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. + +set -e + +#DEBHELPER# + +case "$1" in + remove) + ;; + purge) + rm -rf /var/cache/apt + rm -rf /var/lib/apt +esac + diff --git a/debian/postinst b/debian/postinst deleted file mode 100755 index 1588f5241..000000000 --- a/debian/postinst +++ /dev/null @@ -1,39 +0,0 @@ -#! /bin/sh - -# apt postinst, based liberally on James Troup's gpm postinst -# Copyright (C) 1998, Ben Gertzfield - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. - -set -e - -create_apt_conf () -{ - EXAMPLE_SOURCE=/usr/share/doc/apt/examples/sources.list - if [ -f $EXAMPLE_SOURCE ]; then - cp $EXAMPLE_SOURCE /etc/apt/sources.list - fi -} - -check_apt_conf () -{ - true - # this is for future expansion -} - -#DEBHELPER# - -case "$1" in - configure) - # - # If there is no /etc/apt/sources.list then create a default - # - if [ ! -f /etc/apt/sources.list ]; then - create_apt_conf - else - check_apt_conf - fi -esac diff --git a/debian/postrm b/debian/postrm deleted file mode 100755 index ae1e18d33..000000000 --- a/debian/postrm +++ /dev/null @@ -1,22 +0,0 @@ -#! /bin/sh - -# apt postrm -# Copyright (C) 1998, Ben Gertzfield - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. - -set -e - -#DEBHELPER# - -case "$1" in - remove) - ;; - purge) - rm -rf /var/cache/apt - rm -rf /var/lib/apt -esac - -- cgit v1.2.3 From 93d0d08cdd6854f9bfb779c13b5b78cd6ed263aa Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sun, 26 Jan 2014 18:28:50 +0100 Subject: support gnupg2 as drop-in replacement for gnupg If both are available APT will still prefer gpg over gpg2 as it is a bit more lightweight, but it shouldn't be a problem to use one or the other (at least at the moment, who knows what will happen in the future). --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/control b/debian/control index 51bb85d30..b86e828c5 100644 --- a/debian/control +++ b/debian/control @@ -18,7 +18,7 @@ XS-Testsuite: autopkgtest Package: apt Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gnupg +Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gnupg | gnupg2 Replaces: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~) Breaks: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~) Conflicts: python-apt (<< 0.7.93.2~) -- cgit v1.2.3 From c46a36adaf51fc28464ea1a0e826c754ee60672b Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 14 Apr 2014 18:24:17 +0200 Subject: add and use 'apt-key verify' which prefers gpgv over gpg gnupg/gnupg2 can do verify just fine of course, so we don't need to use gpgv here, but it is what we always used in the past, so there might be scripts expecting a certain output and more importantly the output of apt-cdrom contains messages from gpg and even with all the settings we activate to prevent it, it still shows (in some versions) a quiet scary: "gpg: WARNING: Using untrusted key!" message. Keeping the use of gpgv is the simplest way to prevent it. We are increasing also the "Breaks: apt" version from libapt as it requires a newer apt-key than might be installed in partial upgrades. --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/control b/debian/control index b86e828c5..6d29b0250 100644 --- a/debian/control +++ b/debian/control @@ -43,7 +43,7 @@ Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} -Breaks: apt (<< 0.9.4~), libapt-inst1.5 (<< 0.9.9~) +Breaks: apt (<< 1.0.2~), libapt-inst1.5 (<< 0.9.9~) Section: libs Description: package management runtime library This library provides the common functionality for searching and -- cgit v1.2.3 From 1d240b5a2dd5a82283f7d0b7fe05b6f90222957c Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 24 Jan 2014 15:45:09 +0100 Subject: remove empty keyrings in trusted.gpg.d on upgrade Adding and deleting many repositories could cause (empty) keyring files to pill up in older apt-key versions, which in the end might cause gnupg to run into its internal limit of at most 40 keyrings --- debian/apt.postinst | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'debian') diff --git a/debian/apt.postinst b/debian/apt.postinst index a538abde9..01f78a1dd 100755 --- a/debian/apt.postinst +++ b/debian/apt.postinst @@ -15,6 +15,15 @@ set -e case "$1" in configure) + if dpkg --compare-versions "$2" lt 1.0.7; then + # apt-key before 0.9.10 could leave empty keyrings around + find /etc/apt/trusted.gpg.d/ -name '*.gpg' | while read keyring; do + if ! test -s "$keyring"; then + rm -f "$keyring" + fi + done + fi + if dpkg --compare-versions "$2" lt-nl 0.9.9.5; then # we are using tmpfiles for both rm -f /etc/apt/trustdb.gpg -- cgit v1.2.3 From 98f0d7b3d9d7ed0a5cf11d8f9327a021954816b6 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 26 Sep 2014 23:09:01 +0200 Subject: add gnupg and gnupg2 as test-dependency apt can work with both, so it has an or-dependency on them, but the tests want to play with both of them. Git-Dch: Ignore --- debian/tests/control | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/tests/control b/debian/tests/control index f7e47c5f3..0e774d4ca 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,3 +1,3 @@ Tests: run-tests -Restrictions: allow-stderr -Depends: @, @builddeps@, fakeroot, wget, stunnel4, db-util +Restrictions: allow-stderr +Depends: @, @builddeps@, fakeroot, wget, stunnel4, db-util, gnupg, gnupg2 -- cgit v1.2.3 From 6eb377fb9fba6b7f17f635143e9201f0d62a50fb Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 29 Sep 2014 08:37:48 +0200 Subject: Add missing "adduser" dependency (for the new _apt user) Closes: #763004 Thanks: Russ Allbery --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/control b/debian/control index 6d29b0250..d95e56f92 100644 --- a/debian/control +++ b/debian/control @@ -18,7 +18,7 @@ XS-Testsuite: autopkgtest Package: apt Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gnupg | gnupg2 +Depends: ${shlibs:Depends}, ${misc:Depends}, ${apt:keyring}, gnupg | gnupg2, adduser Replaces: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~) Breaks: manpages-pl (<< 20060617-3~), manpages-it (<< 2.80-4~), sun-java6-jdk (>> 0), sun-java5-jdk (>> 0), openjdk-6-jdk (<< 6b24-1.11-0ubuntu1~) Conflicts: python-apt (<< 0.7.93.2~) -- cgit v1.2.3