dpkg: Search for debsig-verify in PATH instead of using an absolute path

Check that the command exists in the PATH before using it. This makes it future proof, and friendlier to other systems that might not be using the same filesystem layout. It also makes it possible to use a local debsig-verify in a path such as /usr/local/bin.
author: Guillem Jover <guillem@debian.org> 2015-03-15 00:41:59 +0100
committer: Guillem Jover <guillem@debian.org> 2016-04-01 00:44:43 +0200
commit: 94e11e11b5a77d3be7b049316971a9b617b5cc54 (patch)
tree: 8d57078af923b7b04b2daf7efe3517501da85856 /src/unpack.c
parent: ccc09502395899eef8def40f4ef9b28cec74899e (diff)
download: dpkg-94e11e11b5a77d3be7b049316971a9b617b5cc54.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/src/unpack.c b/src/unpack.c
index 8d10cc5b9..04594daad 100644
--- a/src/unpack.c
+++ b/src/unpack.c
@@ -129,17 +129,18 @@ deb_reassemble(const char **filename, const char **pfilename)
 static void
 deb_verify(const char *filename)
 {
-  struct stat stab;
   pid_t pid;
 
-  if (stat(DEBSIGVERIFY, &stab) < 0)
+  /* We have to check on every unpack, in case the debsig-verify package
+   * gets installed or removed. */
+  if (!find_command(DEBSIGVERIFY))
     return;
 
   printf(_("Authenticating %s ...\n"), filename);
   fflush(stdout);
   pid = subproc_fork();
   if (!pid) {
-    execl(DEBSIGVERIFY, DEBSIGVERIFY, "-q", filename, NULL);
+    execlp(DEBSIGVERIFY, DEBSIGVERIFY, "-q", filename, NULL);
     ohshite(_("unable to execute %s (%s)"),
             _("package signature verification"), DEBSIGVERIFY);
   } else {
author	Guillem Jover <guillem@debian.org>	2015-03-15 00:41:59 +0100
committer	Guillem Jover <guillem@debian.org>	2016-04-01 00:44:43 +0200
commit	94e11e11b5a77d3be7b049316971a9b617b5cc54 (patch)
tree	8d57078af923b7b04b2daf7efe3517501da85856 /src/unpack.c
parent	ccc09502395899eef8def40f4ef9b28cec74899e (diff)
download	dpkg-94e11e11b5a77d3be7b049316971a9b617b5cc54.tar.gz