Pullup ticket 499 - requested by Thomas Klausner

various changes in bulk/upload script Module Name: pkgsrc Committed By: hubertf Date: Wed Mar 30 22:26:37 UTC 2005 Modified Files: pkgsrc/mk/bulk: upload Log Message: Before calculating checksums, print a line that says what's happening. With a slow NFS server (as mine), this can take a lot of time. --- Module Name: pkgsrc Committed By: hubertf Date: Wed Mar 30 22:36:18 UTC 2005 Modified Files: pkgsrc/mk/bulk: upload Log Message: If SIGN_AS is not set, remind the user to please sign the checksum files manually. Suggested and OK'd by jschauma@ --- Module Name: pkgsrc Committed By: jschauma Date: Sun Apr 10 21:44:04 UTC 2005 Modified Files: pkgsrc/mk/bulk: upload Log Message: uncomment the checksums for IRIX (the commented version was committed by mistake) --- Module Name: pkgsrc Committed By: jschauma Date: Sat Apr 30 21:35:06 UTC 2005 Modified Files: pkgsrc/mk/bulk: upload Log Message: s/upto date/up-to-date/ --- Module Name: pkgsrc Committed By: wiz Date: Sun May 8 13:29:09 UTC 2005 Modified Files: pkgsrc/mk/bulk: upload Log Message: Changes to the upload script: vulnerable packages are uploaded directly into the vulnerable subdir. While here: quote variables better handling of the temporary directory remove some backwards compatibility code that's been here long enough opsys-specific package handling was doing the same as non-opsys specific, so fold them together. Written together with dillo.
author: salo <salo@pkgsrc.org> 2005-05-23 10:37:38 +0000
committer: salo <salo@pkgsrc.org> 2005-05-23 10:37:38 +0000
commit: 21319edee53f62a5d03dd9da7b73e737145bb5d4 (patch)
tree: 93c4c743e1cbdd6e5075d39d8ad0aa4ee6a20623
parent: 9541a34e284d225eecb6d7a4683a8725de20647b (diff)
download: pkgsrc-21319edee53f62a5d03dd9da7b73e737145bb5d4.tar.gz
1 files changed, 56 insertions, 57 deletions
diff --git a/mk/bulk/upload b/mk/bulk/upload
index a5ed84ce3c2..65b79f51ca5 100644
--- a/mk/bulk/upload
+++ b/mk/bulk/upload
@@ -1,5 +1,5 @@
 #!/bin/sh
-# $NetBSD: upload,v 1.21 2005/01/24 15:00:48 jschauma Exp $
+# $NetBSD: upload,v 1.21.2.1 2005/05/23 10:37:38 salo Exp $
 
 #
 # Upload non-restricted binary pkgs to ftp server
@@ -16,9 +16,9 @@ NetBSD)	BMAKE=make;
 	SYSVSUM="sum -o 2";
 	;;
 IRIX*)  BMAKE=bmake;
-#	BSDSUM="sum -r";
-#	CKSUM="cksum";
-#	SYSVSUM="sum";
+	BSDSUM="sum -r";
+	CKSUM="cksum";
+	SYSVSUM="sum";
 	;;
 *)	BMAKE=bmake ;;
 esac
@@ -39,35 +39,30 @@ fi
 
 cd $USR_PKGSRC
 
-if [ "$RSYNC_DST_SPECIFIC" != "" -o "$RSYNC_DST_OTHER" != "" ]; then
-	echo Use of RSYNC_DST_SPECIFIC and RSYNC_DST_OTHER is deprecated.
-	echo Please just set RSYNC_DST in build.conf.
-	exit 1
-fi
-
 if [ -z "$RSYNC_DST" ]; then
 	echo "You must set the variable RSYNC_DST, see build.conf-example."
 	exit 1
 fi
 
-# Paths for both OS-version-specific and general pkgs:
-RSYNC_DST_SPECIFIC=${RSYNC_DST}
-RSYNC_DST_OTHER=${RSYNC_DST}
-
 #
 # Some temp files
 #
 
-umask 22
-TMPDIR=${TMPDIR:-/tmp}
-TMP=${TMPDIR}/pkg_upload.$$
-mkdir $TMP
+umask 022
+TMPDIR="${TMPDIR:-/tmp}"
+TMP="${TMPDIR}"/pkg_upload.$$
+(umask 077 && mkdir "${TMP}")
+if [ $? -ne 0 ]
+then
+        echo $0: cannot create temporary directory \""${TMP}"\" >&2
+        exit 1
+fi
 
-exf=$TMP/exclude
-osf=$TMP/osversion_specific
-upload=$TMP/upload
-upload_specific=$TMP/upload_specific
-upload_others=$TMP/upload_others
+exf="$TMP"/exclude
+vf="$TMP"/vulnerable
+upload="$TMP"/upload
+upload_general="$TMP"/upload_general
+upload_vulnerable="$TMP"/upload_vulnerable
 
 # May be different than $USR_PKGSRC:
 pkgsrcdir=`cd pkgtools/pkglint ; ${BMAKE} show-var VARNAME=_PKGSRCDIR`
@@ -79,7 +74,7 @@ distdir=`cd pkgtools/pkglint ; ${BMAKE} show-var VARNAME=DISTDIR`
 ( cd net/rsync ;               ${BMAKE} bulk-install )
 ( cd security/audit-packages ; ${BMAKE} bulk-install )
 
-echo "Making sure vulnerability-list is upto date:"
+echo "Making sure vulnerability-list is up-to-date:"
 if [ -z "$UPDATE_VULNERABILITY_LIST" -o "$UPDATE_VULNERABILITY_LIST" = "yes" ]
 then
 	env PKGVULNDIR=${distdir} download-vulnerability-list
@@ -96,14 +91,13 @@ yes|YES)
 	;;
 esac
 
-echo "Checking for restricted, out of date, and vulnerable packages:"
+echo "Checking for restricted and out of date packages:"
 # -p  =  report old versions of packages
 # -R  =  report restricted packages
-# -V  =  report vulnerable packages
-lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -pRV  | sed 's@'$packages'/@@' > $exf
+lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -pR  | sed 's@'$packages'/@@' > "$exf"
 
-echo "Checking for OSVERSION_SPECIFIC pkgs:"
-lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -O  | sed 's@'$packages'/@@' > $osf
+echo "Checking for vulnerable packages:"
+lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -V  | sed 's@'$packages'/@@' > "$vf"
 
 RSFLAGS="-vap --progress $RSYNC_OPTS"
 
@@ -112,6 +106,8 @@ cd $packages
 
 if [ "${MKSUMS}" = "yes" -o "${MKSUMS}" = "YES" ]; then
 
+	echo "Calculating checksum files..."
+
 	SUMFILES="BSDSUM CKSUM MD5 SHA1 SYSVSUM"
 
 	rm -f ${SUMFILES}
@@ -150,50 +146,53 @@ if [ "${MKSUMS}" = "yes" -o "${MKSUMS}" = "YES" ]; then
 			if [ -s $i ]; then
 				echo "Signing $i"
 				gpg --clearsign $i && rm $i
-				echo ${i}.asc >> $osf
 			fi
 		done
+	else
+		echo "Checksum files not PGP-signed. Please do so manually!"
+		echo "(Run 'gpg --clearsign' on all of them)"
 	fi
 fi
 
 
-echo "#!/bin/sh" > $upload
-echo "packages=$packages" >> $upload
-echo "if ! cd $packages ; then" >> $upload
-echo "	echo \"could not cd to $packages\"" >> $upload
-echo "	exit 1" >> $upload
-echo "fi" >> $upload
-
-echo "Uploading OSVERSION_SPECIFIC pkgs"
-cmd="rsync $RSFLAGS --include '*/' --exclude-from=$exf --include-from=$osf \
-	--exclude '*' . $RSYNC_DST_SPECIFIC"
-cp -f $upload $upload_specific
-echo $cmd >> $upload_specific
-chmod 755 $upload_specific
-echo $cmd
-. $upload_specific
+echo "#!/bin/sh" > "$upload"
+echo "packages=$packages" >> "$upload"
+echo "if ! cd $packages ; then" >> "$upload"
+echo "	echo \"could not cd to $packages\"" >> "$upload"
+echo "	exit 1" >> "$upload"
+echo "fi" >> "$upload"
+
+echo "Uploading non-vulnerable pkgs"
+cmd="rsync $RSFLAGS --exclude-from=\"$exf\" --exclude-from=\"$vf\" . \"$RSYNC_DST\""
+cp -f "$upload" "$upload_general"
+echo "$cmd" >> "$upload_general"
+chmod 755 "$upload_general"
+echo "$cmd"
+sh "$upload_general"
 if [ $? != 0 ]; then
 	echo "--------------------------------------------------"
 	echo " "
-	echo "WARNING rsync failed.  To retry later, you can run"
-	echo "    $upload_specific"
+	echo "WARNING: rsync failed.  To retry later, you can run"
+	echo "    $upload_general"
 	echo " "
 	echo "--------------------------------------------------"
 	failed=yes
 fi
 
-echo "Uploading non-OSVERSION_SPECIFIC pkgs"
-cmd="rsync $RSFLAGS --exclude-from=$exf --exclude-from=$osf . $RSYNC_DST_OTHER"
-cp -f $upload $upload_others
-echo $cmd >> $upload_others
-chmod 755 $upload_others
-echo $cmd
-. $upload_others
+echo "Uploading vulnerable pkgs"
+sed -n "s@All/@@p" "$exf" > "$exf.new"
+sed -n "s@All/@@p" "$vf" > "$vf.new"
+cmd="rsync $RSFLAGS --exclude-from=\"$exf.new\" --include-from=\"$vf.new\" --exclude='*' All/ \"$RSYNC_DST/vulnerable/\""
+cp -f "$upload" "$upload_vulnerable"
+echo "$cmd" >> "$upload_vulnerable"
+chmod 755 "$upload_vulnerable"
+echo "$cmd"
+sh "$upload_vulnerable"
 if [ $? != 0 ]; then
 	echo "--------------------------------------------------"
 	echo " "
-	echo "WARNING rsync failed.  To retry later, you can run"
-	echo "    $upload_others"
+	echo "WARNING: rsync failed.  To retry later, you can run"
+	echo "    $upload_vulnerable"
 	echo " "
 	echo "--------------------------------------------------"
 	failed=yes
@@ -201,5 +200,5 @@ fi
 
 # clean up temp files
 if [ "$failed" = "no" ]; then
-	rm -fr $TMP
+	rm -fr "$TMP"
 fi
author	salo <salo@pkgsrc.org>	2005-05-23 10:37:38 +0000
committer	salo <salo@pkgsrc.org>	2005-05-23 10:37:38 +0000
commit	21319edee53f62a5d03dd9da7b73e737145bb5d4 (patch)
tree	93c4c743e1cbdd6e5075d39d8ad0aa4ee6a20623
parent	9541a34e284d225eecb6d7a4683a8725de20647b (diff)
download	pkgsrc-21319edee53f62a5d03dd9da7b73e737145bb5d4.tar.gz