Age | Commit message (Collapse) | Author | Files | Lines |
|
Fix a double free. Reported by seb.
|
|
Simplify archive handling by depending on archive_read_finish and the
close callback where needed. Fixes a file descriptor leak as side
effect as reported by wiz.
|
|
|
|
Add new option -r to pkg_info, which works like -R, but expands it
recursively.
|
|
Plug a number of file descriptor leaks.
|
|
|
|
|
|
Integrate the PKG_PATH logic for tightly with the find_archive logic:
- remember initial current working directory from the time PKG_PATH is
processed, it will be used as reference for all relative entries
- remove now redundant fchdir dance in pkg_add
- pass down to find_archive if this is a top-level package (e.g.
requested on the command line) or not; the location of top-level
packages is searched for packages first and for URLs or path names the
PKG_PATH itself is not processed (e.g. pkg_add foo/bar not look into
PKG_PATH for bar). This addresses PR 33884 in a different way.
- document the rules for finding packages more explicitly
- allow specifying PKG_PATH in pkg_install.conf as well; environment
takes precendence.
- remove PKG_PATH related logic in pkg_info(1), it doesn't deal with
PKG_PATH anyway
- remove PKG_PATH, PKG_TMPDIR and TMPDIR description in pkg_info(1),
they are no longer used
|
|
Always try to preserve the +PRESERVE file from the old package, even
when the new one has one as well. This fixes the update case for the
special case of pkg_install itself as reported by tron@.
|
|
Rewrite pkg_delete to expand the list of packages to delete first and
reorder it if necessary. It will bail out if it knows in advance that it
can't remove a package. It will also fail for errors while removing one
package, unless forced. Add an option to remove automatically installed
packages that are no longer used.
The pkgviews support is kept, but untested. The error handling for
pkgviews most of all is as weak as before.
Basic review from hubertf@, man page changes by bad@.
|
|
|
|
|
|
|
|
|
|
|
|
happen e.g. if pkg_add finds a directory with that name.
Remove a bunch of HAVE_SSL conditionals that no longer apply as GPG
support is back in.
|
|
Fix pkg_delete -d:
- ignore @dirrm commands, directories are removed already on demand
- use local copy of dir before changing it, the caller expects it
unmodified for the call to pkgdb_remove
|
|
|
|
Print the error about missing build information even when the
+BUILD_INFO file is missing instead of segfaulting. The problem is from
PR 30276, a solution in the form of just installing it will not be
implemented.
|
|
|
|
|
|
|
|
|
|
- Restrict audit related commands to the documented set and/or fix the
documention.
- Add support for conditional fetch-pkg-vulnerabilities via -u option.
|
|
|
|
|
|
For PR 40544.
|
|
- DB support is always included from libnbcompat if needed
- pkg_view and linkfarm are not installed any more; they are not moved
into the attic yet, so they can easily be installed as separte package
- common configuration file to customise the behavior of various
components; this supersedes the old audit-packages.conf
- support for PKSC7 signatures (using X509 certs) and GPG signatures for
packages in a secure way. See pkg_admin(8) for how to create them and
pkg_install.conf(5) for the options to use them
- audit-packages and download-vulnerability-list are wrapper scripts
around pkg_admin. They try to mimic the classic options if used sanely.
"pkg_admin audit" is now an order of magnitude faster than before
- pkg_add uses libarchive and libfetch instead of external ftp and tar:
- progress bar is currently missing for downloads
- "pkg_add -" is no longer supported
- no adhoc check for conficts between dependencies and already
installed packages
- "pkg_add -s" has been replaced with an option in pkg_install.conf,
verification of plain detached GPG signatures is no longer supported
- optional check for vulnerabilities before adding a package
- if /var and /usr/pkg are on different fileystems it is twice as fast
now
- conflicts due to overlapping plists are checked before installation
- pkg_add no longer plays with the process limits
- pkg_add and pkg_delete have a new destdir option; scripts have to
either be modified to use PKG_DESTDIR or should be disabled
- pkg_add -u for now can't be used to update to the exact same version
- internal "rm -rf" and "mkdir_p" code
- all memory allocation failures are not explicitly fatal
- if a file is not removed due to a failed checksum, still remove the
entry from pkgdb
|
|
platforms.
|
|
going to be returned. This fixes some issues with automatic installation
of dependencies.
|
|
Explicitly cast time_t values to long and print them as such.
Reported by bjs@.
|
|
Merge from changes for read_plist from pkg_install-renovation to always
initialize the plist and add append_plist for the one case where this is
not desired. Fixes PR 39276.
|
|
Merge a number of bugfixes from the pkg_install-renovation branch:
- explicit include of nbcompat/md5.h
- use errx when dealing with libfetch as it doesn't set errno
- avoid optind = 0 as GNUish getopt will reset itself otherwise
|
|
|
|
|
|
|
|
Known regressions:
- "pkg_add -" (aka reading from stdin) is currently not supported
- "pkg_add -s" is not supported either
- no progress reports for the downloads
- binary packages with hardlinks created by pkg_create before
pkg_install-20080422 will not extract correctly (libarchive issue)
- no adhoc check for potential conflicts between dependencies and
already installed packages
Features:
- Twice as fast for the typical case of /var/tmp and /usr/pkg on
different filesystems
- Standalone
- implicit conflict detection before actual installation.
|
|
Make the linkresolver code more robust.
|
|
Make use of the linkresolver from libarchive and thereby fix the
permissions of hardlinks in archives. This wasn't a problem so far
as nbpax is (incorrectly) ignoring the permissions of the other entries.
|
|
Remove str_lowercase.
|
|
|
|
Add audit-history subcommand for pkg_admin, that lists all known
vulnerabilities for a given base package name. E.g. if you run a web
server, don't run "pkg_admin audit-history php" before going to bed.
|
|
Add command to print effective value of configuration variables.
Remove FETCH_CMD variable from pkg_admin, it is not used.
|
|
|
|
Switch pkg_info to use libfetch for remote access.
|
|
Reviewed by Joerg Sonnenberger and approved by Dieter Baron.
|
|
Audit functionality for pkg_admin. This uses the backend in
libpkg_install and will be extended to check for vulnerabilities at
pkg_add time later.
|
|
If the package db directory doesn't exist, handle it like an empty
pkgdb and just return.
|
|
|
|
|