summaryrefslogtreecommitdiff
path: root/cmdline
AgeCommit message (Collapse)AuthorFilesLines
2016-12-31apt-key: ignore gpg1 already imported secret key import failureDavid Kalnischkies1-2/+5
On Travis and co the default gpg implementation is gpg1 which for some reason fails if a secret key which was already imported is imported again. We would prefer it to be a NOP like gpg2 handles it so we crudely check the error message. apt-key usually doesn't deal with secret keys – it only learned to do it for manual testing and the integration framework usage, so no public interface is effected. Triggered-By: 4ce2f35248123ff2366c8c365ad6a94945578d66 Gbp-Dch: Ignore
2016-12-21tests: cache the apt-key homedir used for Release signingDavid Kalnischkies1-11/+20
Importing a new secret key into gpg(2) can be increadibly slow which prolongs the test runs significantly – by caching the homedir we gain a significant speedbonus as reimporting already present keys seems like a far less costly operation. Git-Dch: Ignore
2016-11-25add apt-key support for armored GPG key files (*.asc)David Kalnischkies1-30/+106
Having binary files in /etc is kinda annoying – not that the armored files are much better – but it is hard to keep tabs on which format the file has ("simple" or "keybox") and different gnupg versions have different default binary formats which can be confusing for users to work with (beside that it is binary). Adding support for this now will enable us in some distant future to move to armored later on, much like we added trusted.gpg.d years before the world picked it up.
2016-11-24report apt-key errors via status-fd messagesDavid Kalnischkies1-15/+22
We report warnings from apt-key this way already since 29c590951f812d9e9c4f17706e34f2c3315fb1f6, so reporting errors seems like a good addition. Most of those errors aren't really from apt-key through, but from the code setting up and actually calling it which used to just print to stderr which might or might not intermix them with (other) progress lines in update calls. Having them as proper error messages in the system means that the errors are actually collected later on for the list instead of ending up with our relatively generic but in those cases bogus hint regarding "is gpgv installed?". The effective difference is minimal as the errors apply mostly to systems which have far worse problems than a not as nice looking error message, which makes this pretty hard to test – but at least now the hint that your system is broken can be read in proper order (= there aren't many valid cases in which the permissions of /tmp are messed up…). LP: #1522988
2016-08-27Merge branch 'portability/freebsd'Julian Andres Klode3-1/+3
2016-08-26apt-key: Only use readlink -f for existing componentsJulian Andres Klode1-1/+1
On FreeBSD, readlink -f requires the last component to exist.
2016-08-26Add missing includes and external definitionsJulian Andres Klode2-0/+2
Several modules use std::array without including the array header. Bad modules. Some modules use STDOUT_FILENO and friends, or close() without including unistd.h, where they are defined. One module also uses WIFEXITED() without including sys/wait.h. Finally, environ is not specified to be defined in unistd.h. We are required to define it ourselves according to POSIX, so let's do that.
2016-08-25show apt-key warnings in apt updateDavid Kalnischkies1-0/+15
In 105503b4b470c124bc0c271bd8a50e25ecbe9133 we got a warning implemented for unreadable files which greatly improves the behavior of apt update already as everything will work as long as we don't need the keys included in these files. The behavior if they are needed is still strange through as update will fail claiming missing keys and a manual test (which the user will likely perform as root) will be successful. Passing the new warning generated by apt-key through to apt is a bit strange from an interface point of view, but basically duplicating the warning code in multiple places doesn't feel right either. That means we have no translation for the message through as apt-key has no i18n yet. It also means that if the user has a bunch of sources each of them will generate a warning for each unreadable file which could result in quite a few duplicated warnings, but "too many" is better than none. Closes: 834973
2016-08-25apt-key: warn instead of fail on unreadable keyringsDavid Kalnischkies1-26/+31
apt-key has inconsistent behaviour if it can't read a keyring file: Commands like 'list' skipped silently over such keyrings while 'verify' failed hard resulting in apt to report cconfusing gpg errors (#834973). As a first step we teach apt-key to be more consistent here skipping in all commands over unreadable keyrings, but issuing a warning in the process, which is as usual for apt commands displayed at the end of the run.
2016-08-17allow spaces in fingerprints for 'apt-key del'David Kalnischkies1-2/+2
Fingerprints tend to be displayed in space-separated octet pairs so be nice and allow delete to remove a key based on such a string rather than requiring that the user is deleting all the spaces manually.
2016-08-17add the gpg-classic variant to the gpgv/gnupg or-groupDavid Kalnischkies1-3/+6
We need to support partial upgrades anyhow, so we have to deal with the different versions and your tests try to ensure that we do, so we shouldn't make any explicit higher requirements.
2016-08-10Get rid of the old buildsystemJulian Andres Klode1-119/+0
Bye, bye, old friend.
2016-08-06CMake: Add basic CMake build systemJulian Andres Klode1-0/+59
Introduce an initial CMake buildsystem. This build system can build a fully working apt system without translation or documentation. The FindBerkelyDB module is from kdelibs, with some small adjustements to also look in db5 directories. Initial work on this CMake build system started in 2009, and was resumed in August 2016.
2016-07-31apt-key: ignore any error produced by gpgconf --killDavid Kalnischkies1-1/+1
gpgconf wasn't always equipped with a --kill option as highlighted by our testcases failing on Travis and co as these use a much older version of gpg2. As this is just for cleaning up slightly faster we ignore any error a call might produce and carry on. Use a recent enough gpg2 version if you need the immediate killing… Gbp-Dch: Ignore Reported-By: Travis CI
2016-07-31apt-key: kill gpg-agent explicitly in cleanupDavid Kalnischkies1-1/+13
apt-key has (usually) no secret key material so it doesn't really need the agent at all, but newer gpgs insist on starting it anyhow. The agents die off rather quickly after the underlying home-directory is cleaned up, but that is still not fast enough for tools like sbuild which want to unmount but can't as the agent is still hanging onto a non-existent homedir. Reported-By: Johannes 'josch' Schauer on IRC
2016-07-05use the right key for compressor configuration dumpDavid Kalnischkies1-2/+10
The generated dump output is incorrect in sofar as it uses the name as the key for this compressor, but they don't need to be equal as is the case if you force some of the inbuilt ones to be disabled as our testing framework does it at times. This is hidden from changelog as nobody will actually notice while describing it in a few words make it sound like an important change… Git-Dch: Ignore
2016-07-05indextargets: Check that cache could be built before using itJulian Andres Klode1-3/+3
This caused a crash because the cache was a nullptr. Closes: #829651
2016-07-02use +0000 instead of UTC by default as timezone in outputDavid Kalnischkies1-1/+1
All apt versions support numeric as well as 3-character timezones just fine and its actually hard to write code which doesn't "accidently" accepts it. So why change? Documenting the Date/Valid-Until fields in the Release file is easy to do in terms of referencing the datetime format used e.g. in the Debian changelogs (policy §4.4). This format specifies only the numeric timezones through, not the nowadays obsolete 3-character ones, so in the interest of least surprise we should use the same format even through it carries a small risk of regression in other clients (which encounter repositories created with apt-ftparchive). In case it is really regressing in practice, the hidden option -o APT::FTPArchive::Release::NumericTimezone=0 can be used to go back to good old UTC as timezone. The EDSP and EIPP protocols use this 'new' format, the text interface used to communicate with the acquire methods does not for compatibility reasons even if none of our methods would be effected and I doubt any other would (in these instances the timezone is 'GMT' as that is what HTTP/1.1 requires). Note that this is only true for apt talking to methods, (libapt-based) methods talking to apt will respond with the 'new' format. It is therefore strongly adviced to support both also in method input.
2016-07-02deprecate 'apt-key update' and no-op it in DebianDavid Kalnischkies1-0/+7
Debian isn't using 'update' anymore for years and the command is in direct conflict with our goal of not requiring gnupg anymore, so it is high time to officially declare this command as deprecated.
2016-07-01warn if apt-key is used in scripts/its output parsedDavid Kalnischkies1-1/+19
apt-key needs gnupg for most of its operations, but depending on it isn't very efficient as apt-key is hardly used by users – and scripts shouldn't use it to begin with as it is just a silly wrapper. To draw more attention on the fact that e.g. 'apt-key add' should not be used in favor of "just" dropping a keyring file into the trusted.gpg.d directory this commit implements the display of warnings.
2016-07-01alias apt-key list to fingerDavid Kalnischkies1-4/+1
There is no real point in having two commands which roughly do the same thing, especially if the difference is just in the display of the fingerprint and hence security sensitive information. Closes: 829232
2016-06-29eipp: let apt make a plan, not make stuff planeDavid Kalnischkies2-13/+13
Julian noticed on IRC that I fall victim to a lovely false friend by calling referring to a 'planer' all the time even through these are machines to e.g. remove splinters from woodwork ("make stuff plane"). The term I meant is written in german in this way (= with a single n) but in english there are two, aka: 'planner'. As that is unreleased code switching all instances without any transitional provisions. Also the reason why its skipped in changelog. Thanks: Julian Andres Klode Gbp-Dch: Ignore
2016-06-27eipp: rename stanza 'Install' to 'Unpack'David Kalnischkies1-1/+1
Freeing 'Install' for future use as an interface for "dpkg --install", which is currently not used by any existent planer, so the implementation of it itself will be delayed until then.
2016-06-27eipp: add Allow-Temporary-Remove-of-EssentialsDavid Kalnischkies1-0/+1
A rather special need option, but the internal planer supports this and we have a testcase for it & sometimes it is hit (as a bug through). The option itself mostly serves as a reminder for implementors that they should be careful with removes and especially temporary removes if they perform any.
2016-06-27eipp: include global errors in reported errorDavid Kalnischkies1-2/+8
Git-Dch: Ignore
2016-06-27eipp: implement Immediate-Configuration flagDavid Kalnischkies1-0/+2
APT has 3 modes: no immediate configuration, all packages are configured immediately and its default mode of configuring essentials and pseudo-essentials immediately only. While this seems like a job of different planers at first, it might be handy to have it as an option, too, in case a planer (like apts internal one) supports different modes where the introduction of individual planers would be counter intuitive.
2016-06-27eipp: provide the internal planer as an external oneDavid Kalnischkies2-1/+194
Testing the current implementation can benefit from being able to be feed an EIPP request and produce a fully compliant response. It is also a great test for EIPP in general.
2016-06-20implement and document DIRECT for auto-detect-proxyDavid Kalnischkies1-1/+2
There is a subtile difference between an empty setting and "DIRECT" in the configuration as the later overrides the generic settings while the earlier does not. Also, non-zero exitcodes should really be reported as an error rather than silently discarded.
2016-06-14apt-key: don't search PATH if command is a path alreadyDavid Kalnischkies1-0/+1
2016-06-08edsp: drop privileges before executing solversDavid Kalnischkies1-0/+2
Most (if not all) solvers should be able to run perfectly fine without root privileges as they get the entire state they are supposed to work on via stdin and do not perform any action directly, but just pass suggestions on via stdout. The new default is to run them all as _apt hence, but each solver can configure another user if it chooses/must. The security benefits are minimal at best, but it helps preventing silly mistakes (see 35f3ed061f10a25a3fb28bc988fddbb976344c4d) and that is always good. Note that our 'apt' and 'dump' solver already dropped privileges if they had them.
2016-06-08edsp: optionally store a compressed copy of the last scenarioDavid Kalnischkies3-56/+164
For bugreports and co it could be handy to have the scenario and all the settings used in it around later for inspection for EDSP like protocols. EDSP might not be the most interesting as the user can still interrupt the process before the solution is applied and users tend to have an opinion on the "rightness" of a solution, so it is disabled by default.
2016-06-04edsp: use a stanza based interface for solution writingDavid Kalnischkies1-1/+17
EDSP had a WriteSolution method to write out the entire solution based on the inspection of a given pkgDepCache, but that is rather inflexible both for EDSP itself and for other EDSP like-protocols. It seems better to use a smaller scope in printing just a single stanza based on a given version as there is more reuse potential.
2016-06-02apt-key: change to / before find to satisfy its CWD needsDavid Kalnischkies1-14/+10
First seen on hurd, but easily reproducible on all systems by removing the 'execution' bit from the current working directory and watching some tests (mostly the no-output expecting tests) fail due to find printing: "find: Failed to restore initial working directory: …" Samuel Thibault says in the bugreport: | To do its work, find first records the $PWD, then goes to | /etc/apt/trusted.gpg.d/ to find the files, and then goes back to $PWD. | | On Linux, getting $PWD from the 700 directory happens to work by luck | (POSIX says that getcwd can return [EACCES]: Search permission was denied | for the current directory, or read or search permission was denied for a | directory above the current directory in the file hierarchy). And going | back to $PWD fails, and thus find returns 1, but at least it emitted its | output. | | On Hurd, getting $PWD from the 700 directory fails, and find thus aborts | immediately, without emitting any output, and thus no keyring is found. | | So, to summarize, the issue is that since apt-get update runs find as a | non-root user, running it from a 700 directory breaks find. Solved as suggested by changing to '/' before running find, with some paranoia extra care taking to ensure the paths we give to find are really absolute paths first (they really should, but TMPDIR=. or a similar Dir::Etc::trustedparts setting could exist somewhere in the wild). The commit takes also the opportunity to make these lines slightly less error ignoring and the two find calls using (mostly) the same parameters. Thanks: Samuel Thibault for 'finding' the culprit! Closes: 826043
2016-05-28look into the right textdomain for apt-utils againDavid Kalnischkies10-20/+0
Broken in e7e10e47476606e3b2274cf66b1e8ea74b236757 by looking always into "apt" while we ship some tools in "apt-utils"…
2016-05-27prevent C++ locale number formatting in text APIsDavid Kalnischkies1-1/+1
Setting the C++ locale via std::locale::global(std::locale("")); which would otherwise default to the default C locale (aka: unaffected by setlocale) effects the formatting of numeric types in IO streams, which for output for humans is perfectly sensible, but breaks our many text interfaces used and parsed by us and others without expecting the numbers to be formatted. Closes: #825396
2016-05-20edsp: use a limited scenario based on bool-arrayDavid Kalnischkies1-1/+6
Its more space and runtime efficient to use a boolean set instead of a CacheSet-based implementation. Git-Dch: Ignore
2016-05-20edsp: add Forbid-{New-Install,Remove} and Upgrade-AllDavid Kalnischkies1-7/+14
This allows to differentiate properly between 'apt-get upgrade', 'apt upgrade' and 'apt full-upgrade'.
2016-05-20edsp: dump: support dumping into compressed fileDavid Kalnischkies1-1/+1
2016-05-20convert EDSP to be based on FileFd instead of FILE*David Kalnischkies2-9/+18
I doubt there is any non-src:apt usage of these interfaces.
2016-05-20fail instead of segfault on unreadable config filesDavid Kalnischkies1-15/+12
The report mentions "apt list --upgradable", but there are others which have inconsistent behavior ranging from segfaulting to doing something with the partial (and hence incomplete) data. We had a recent report about sources.list (#818628), this one mentions prefences, the obvious next step is conf files… so the testcase is adapted to check for all three in file and directory versions and run a bunch of commands each time which should all have more or less the same behavior in such a case (aka error out). Closes: 824503
2016-05-01apt-key: add \n to dpkg-query --show --showformatCarsten Hey1-1/+1
Guarding against 'broken' greps not dealing with non-text inputs "just in case" by making the input text with a proper newline. [commit message by David Kalnischkies] Reported-On: IRC Git-Dch: Ignore
2016-05-01warn if apt-key is run unconditionally in maintainerscriptDavid Kalnischkies1-1/+14
We want to stop hard-depending on gnupg and for this it is essential that apt-key isn't used in any critical execution path, which maintainerscript are. Especially as it is likely that these script call apt-key either only for (potentially now outdated cleanup) or still not use the much simpler trusted.gpg.d infrastructure.
2016-03-06add test for apt-key 0xKEY and use parameter expansionDavid Kalnischkies1-1/+1
Fixed in f7bd44bae0d7cb7f9838490b5eece075da83899e already, but the commit misses the Closes tag and while we are at it we can add a simple regression test and micro-optimize it a bit. Thanks: James McCoy for the suggestion. Closes: 816691
2016-03-04apt-key del should correctly handle keyids prefixed with 0xDaniel Kahn Gillmor1-0/+4
2016-01-08support '-' and no parameter for stdin in apt-helper cat-fileDavid Kalnischkies1-3/+17
This way it works more similar to the compressor binaries, which we can relief in this way from their job in the test framework avoiding the need of adding e.g. liblz4-tool to the test dependencies.
2016-01-08keep compressed indexes in a low-cost formatDavid Kalnischkies1-0/+2
Downloading and storing are two different operations were different compression types can be preferred. For downloading we provide the choice via Acquire::CompressionTypes::Order as there is a choice to be made between download size and speed – and limited by whats available in the repository. Storage on the other hand has all compressions currently supported by apt available and to reduce runtime of tools accessing these files the compression type should be a low-cost format in terms of decompression. apt traditionally stores its indexes uncompressed on disk, but has options to keep them compressed. Now that apt downloads additional files we also deal with files which simply can't be stored uncompressed as they are just too big (like Contents for apt-file). Traditionally they are downloaded in a low-cost format (gz) as repositories do not provide other formats, but there might be even lower-cost formats and for download we could introduce higher-cost in the repositories. Downloading an entire index potentially requires recompression to another format, so an update takes potentially longer – but big files are usually updated via pdiffs which has to de- and re-compress anyhow and does it on the fly anyhow, so there is no extra time needed and in general it seems to be benefitial to invest the time in update to save time later on file access.
2016-01-07apt-helper: cat-file: Add -C/--compress optionJulian Andres Klode1-2/+31
This allows passing compressing the output. The compressor must be a compressor name, extension, or an extension without the leading dot.
2016-01-03apt-cache: stats: Show a table utilization as percentageJulian Andres Klode1-0/+1
Gbp-Dch: ignore
2016-01-03apt-cache: stats: Average is over used, not all, bucketsJulian Andres Klode1-1/+1
It does not make sense to consider empty buckets in the average, as they do not affect the lookup performance.
2015-12-28apt-helper: Use CopyFile() for concatenating the filesJulian Andres Klode1-10/+2
There's no point in keeping using yet another read-then-write loop. Gbp-Dch: ignore