diff options
author | salo <salo@pkgsrc.org> | 2005-05-23 10:37:38 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2005-05-23 10:37:38 +0000 |
commit | 21319edee53f62a5d03dd9da7b73e737145bb5d4 (patch) | |
tree | 93c4c743e1cbdd6e5075d39d8ad0aa4ee6a20623 | |
parent | 9541a34e284d225eecb6d7a4683a8725de20647b (diff) | |
download | pkgsrc-21319edee53f62a5d03dd9da7b73e737145bb5d4.tar.gz |
Pullup ticket 499 - requested by Thomas Klausner
various changes in bulk/upload script
Module Name: pkgsrc
Committed By: hubertf
Date: Wed Mar 30 22:26:37 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
Before calculating checksums, print a line that says what's happening.
With a slow NFS server (as mine), this can take a lot of time.
---
Module Name: pkgsrc
Committed By: hubertf
Date: Wed Mar 30 22:36:18 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
If SIGN_AS is not set, remind the user to please sign the checksum
files manually.
Suggested and OK'd by jschauma@
---
Module Name: pkgsrc
Committed By: jschauma
Date: Sun Apr 10 21:44:04 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
uncomment the checksums for IRIX
(the commented version was committed by mistake)
---
Module Name: pkgsrc
Committed By: jschauma
Date: Sat Apr 30 21:35:06 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
s/upto date/up-to-date/
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun May 8 13:29:09 UTC 2005
Modified Files:
pkgsrc/mk/bulk: upload
Log Message:
Changes to the upload script:
vulnerable packages are uploaded directly into the vulnerable subdir.
While here:
quote variables
better handling of the temporary directory
remove some backwards compatibility code that's been here long enough
opsys-specific package handling was doing the same as non-opsys
specific, so fold them together.
Written together with dillo.
-rw-r--r-- | mk/bulk/upload | 113 |
1 files changed, 56 insertions, 57 deletions
diff --git a/mk/bulk/upload b/mk/bulk/upload index a5ed84ce3c2..65b79f51ca5 100644 --- a/mk/bulk/upload +++ b/mk/bulk/upload @@ -1,5 +1,5 @@ #!/bin/sh -# $NetBSD: upload,v 1.21 2005/01/24 15:00:48 jschauma Exp $ +# $NetBSD: upload,v 1.21.2.1 2005/05/23 10:37:38 salo Exp $ # # Upload non-restricted binary pkgs to ftp server @@ -16,9 +16,9 @@ NetBSD) BMAKE=make; SYSVSUM="sum -o 2"; ;; IRIX*) BMAKE=bmake; -# BSDSUM="sum -r"; -# CKSUM="cksum"; -# SYSVSUM="sum"; + BSDSUM="sum -r"; + CKSUM="cksum"; + SYSVSUM="sum"; ;; *) BMAKE=bmake ;; esac @@ -39,35 +39,30 @@ fi cd $USR_PKGSRC -if [ "$RSYNC_DST_SPECIFIC" != "" -o "$RSYNC_DST_OTHER" != "" ]; then - echo Use of RSYNC_DST_SPECIFIC and RSYNC_DST_OTHER is deprecated. - echo Please just set RSYNC_DST in build.conf. - exit 1 -fi - if [ -z "$RSYNC_DST" ]; then echo "You must set the variable RSYNC_DST, see build.conf-example." exit 1 fi -# Paths for both OS-version-specific and general pkgs: -RSYNC_DST_SPECIFIC=${RSYNC_DST} -RSYNC_DST_OTHER=${RSYNC_DST} - # # Some temp files # -umask 22 -TMPDIR=${TMPDIR:-/tmp} -TMP=${TMPDIR}/pkg_upload.$$ -mkdir $TMP +umask 022 +TMPDIR="${TMPDIR:-/tmp}" +TMP="${TMPDIR}"/pkg_upload.$$ +(umask 077 && mkdir "${TMP}") +if [ $? -ne 0 ] +then + echo $0: cannot create temporary directory \""${TMP}"\" >&2 + exit 1 +fi -exf=$TMP/exclude -osf=$TMP/osversion_specific -upload=$TMP/upload -upload_specific=$TMP/upload_specific -upload_others=$TMP/upload_others +exf="$TMP"/exclude +vf="$TMP"/vulnerable +upload="$TMP"/upload +upload_general="$TMP"/upload_general +upload_vulnerable="$TMP"/upload_vulnerable # May be different than $USR_PKGSRC: pkgsrcdir=`cd pkgtools/pkglint ; ${BMAKE} show-var VARNAME=_PKGSRCDIR` @@ -79,7 +74,7 @@ distdir=`cd pkgtools/pkglint ; ${BMAKE} show-var VARNAME=DISTDIR` ( cd net/rsync ; ${BMAKE} bulk-install ) ( cd security/audit-packages ; ${BMAKE} bulk-install ) -echo "Making sure vulnerability-list is upto date:" +echo "Making sure vulnerability-list is up-to-date:" if [ -z "$UPDATE_VULNERABILITY_LIST" -o "$UPDATE_VULNERABILITY_LIST" = "yes" ] then env PKGVULNDIR=${distdir} download-vulnerability-list @@ -96,14 +91,13 @@ yes|YES) ;; esac -echo "Checking for restricted, out of date, and vulnerable packages:" +echo "Checking for restricted and out of date packages:" # -p = report old versions of packages # -R = report restricted packages -# -V = report vulnerable packages -lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -pRV | sed 's@'$packages'/@@' > $exf +lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -pR | sed 's@'$packages'/@@' > "$exf" -echo "Checking for OSVERSION_SPECIFIC pkgs:" -lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -O | sed 's@'$packages'/@@' > $osf +echo "Checking for vulnerable packages:" +lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -V | sed 's@'$packages'/@@' > "$vf" RSFLAGS="-vap --progress $RSYNC_OPTS" @@ -112,6 +106,8 @@ cd $packages if [ "${MKSUMS}" = "yes" -o "${MKSUMS}" = "YES" ]; then + echo "Calculating checksum files..." + SUMFILES="BSDSUM CKSUM MD5 SHA1 SYSVSUM" rm -f ${SUMFILES} @@ -150,50 +146,53 @@ if [ "${MKSUMS}" = "yes" -o "${MKSUMS}" = "YES" ]; then if [ -s $i ]; then echo "Signing $i" gpg --clearsign $i && rm $i - echo ${i}.asc >> $osf fi done + else + echo "Checksum files not PGP-signed. Please do so manually!" + echo "(Run 'gpg --clearsign' on all of them)" fi fi -echo "#!/bin/sh" > $upload -echo "packages=$packages" >> $upload -echo "if ! cd $packages ; then" >> $upload -echo " echo \"could not cd to $packages\"" >> $upload -echo " exit 1" >> $upload -echo "fi" >> $upload - -echo "Uploading OSVERSION_SPECIFIC pkgs" -cmd="rsync $RSFLAGS --include '*/' --exclude-from=$exf --include-from=$osf \ - --exclude '*' . $RSYNC_DST_SPECIFIC" -cp -f $upload $upload_specific -echo $cmd >> $upload_specific -chmod 755 $upload_specific -echo $cmd -. $upload_specific +echo "#!/bin/sh" > "$upload" +echo "packages=$packages" >> "$upload" +echo "if ! cd $packages ; then" >> "$upload" +echo " echo \"could not cd to $packages\"" >> "$upload" +echo " exit 1" >> "$upload" +echo "fi" >> "$upload" + +echo "Uploading non-vulnerable pkgs" +cmd="rsync $RSFLAGS --exclude-from=\"$exf\" --exclude-from=\"$vf\" . \"$RSYNC_DST\"" +cp -f "$upload" "$upload_general" +echo "$cmd" >> "$upload_general" +chmod 755 "$upload_general" +echo "$cmd" +sh "$upload_general" if [ $? != 0 ]; then echo "--------------------------------------------------" echo " " - echo "WARNING rsync failed. To retry later, you can run" - echo " $upload_specific" + echo "WARNING: rsync failed. To retry later, you can run" + echo " $upload_general" echo " " echo "--------------------------------------------------" failed=yes fi -echo "Uploading non-OSVERSION_SPECIFIC pkgs" -cmd="rsync $RSFLAGS --exclude-from=$exf --exclude-from=$osf . $RSYNC_DST_OTHER" -cp -f $upload $upload_others -echo $cmd >> $upload_others -chmod 755 $upload_others -echo $cmd -. $upload_others +echo "Uploading vulnerable pkgs" +sed -n "s@All/@@p" "$exf" > "$exf.new" +sed -n "s@All/@@p" "$vf" > "$vf.new" +cmd="rsync $RSFLAGS --exclude-from=\"$exf.new\" --include-from=\"$vf.new\" --exclude='*' All/ \"$RSYNC_DST/vulnerable/\"" +cp -f "$upload" "$upload_vulnerable" +echo "$cmd" >> "$upload_vulnerable" +chmod 755 "$upload_vulnerable" +echo "$cmd" +sh "$upload_vulnerable" if [ $? != 0 ]; then echo "--------------------------------------------------" echo " " - echo "WARNING rsync failed. To retry later, you can run" - echo " $upload_others" + echo "WARNING: rsync failed. To retry later, you can run" + echo " $upload_vulnerable" echo " " echo "--------------------------------------------------" failed=yes @@ -201,5 +200,5 @@ fi # clean up temp files if [ "$failed" = "no" ]; then - rm -fr $TMP + rm -fr "$TMP" fi |