Panu Matilainen [Mon, 19 Mar 2012 10:41:12 +0000 (12:41 +0200)]
Fixup couple of md5/digest references regarding verify in the manual
- '5' in verify stands for digest nowadays, keep the md5 reference to
explain why 5 is for digest though (related to RhBug:804049)
- In --dump query everything relates to files, refer to the attribute
in question ie 'digest' instead of 'filedigest'
Vincent Untz [Tue, 13 Mar 2012 15:27:01 +0000 (16:27 +0100)]
Fix find-lang to correctly detect all translations for new gnome help
This was not working for locales with a territory (fr_FR, for instance).
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Panu Matilainen [Mon, 19 Mar 2012 06:43:58 +0000 (08:43 +0200)]
Include more package information in the progress output
- For non-hashed mode, dump the full NEVRA string. This might break
programs that are parsing the --percent format, but such programs
almost certainly need adjusting for the added erasure progress anyway.
- For hashed mode, show package NEVR instead of just name. Otherwise
somebody will sooner or later file a bug on "confusing output"
as it might seem it's removing what it just installed in upgrade-mode.
Full NEVRA would be better still but screen estate is tight as it is...
- Also get rid of headerFormat() call here, use RPMTAG_NEVR(A) extensions
instead.
Panu Matilainen [Mon, 19 Mar 2012 06:21:17 +0000 (08:21 +0200)]
Make a bit more room for names in progress output (cosmetics)
Panu Matilainen [Thu, 15 Mar 2012 09:41:40 +0000 (11:41 +0200)]
Fix rpm2cpio.sh error exit on unrecognized compression
- This is not a function so it needs to be exit, not return.
Reported as a side-note in RhBug:803421.
Panu Matilainen [Wed, 14 Mar 2012 09:30:34 +0000 (11:30 +0200)]
Unbreak lua's base64 encode/decode extensions
- Commit
70f063cb773bedb7d336429d9bc8ed1d4e5d18f4 accidentally
changed lua's base64 encode/decode interface too, ugh. Dangers of
search-and-replace... Only the function name string exported to
lua matters but renaming the internal functions back as well
for naming consistency.
Panu Matilainen [Wed, 14 Mar 2012 08:09:35 +0000 (10:09 +0200)]
Make rpm2cpio exit code accurate for large packages and partial copy
- Grab the uncompressed payload size from header and compare number
of bytes copied to that for exit code. Previously, truncated
payloads could have returned with success. This also fixes the
exit code for large payloads (RhBug:790396)
Panu Matilainen [Wed, 14 Mar 2012 08:05:32 +0000 (10:05 +0200)]
Fix ufdCopy() for large (> 2GB) files
- Files can be (much) larger than INT32_MAX, change the return
type to off_t and fix + simplify the calculations. Fixes the other
half of RhBug:790396 and makes ufdCopy() usable for other purposes too.
Panu Matilainen [Mon, 12 Mar 2012 13:25:12 +0000 (15:25 +0200)]
Teach rpm2cpio.sh about xz compression (RhBug:674348 & others)
Panu Matilainen [Fri, 9 Mar 2012 11:13:25 +0000 (13:13 +0200)]
Eliminate rpmSetTable() from the API
- Presumably the rpmrc internals still need the magic table tennis
but nobody else should want to mess with this, reconfiguration
for another (build) arch is done through rpmReadConfigFiles().
Panu Matilainen [Fri, 9 Mar 2012 11:05:38 +0000 (13:05 +0200)]
rpmSetTables() call in rpmbuild has been dying long enough by now
- The call to rpmSetTables() from rpmbuild is simply redundant for
all I can tell, it gets called from inside rpmrc/config processing
with the same values and the extra call here never changes anything
as the tables have already been set through rpmReadConfigFiles()
whether building for several targets or not.
Panu Matilainen [Fri, 9 Mar 2012 10:16:11 +0000 (12:16 +0200)]
Allow silent build on automake versions that support it
Panu Matilainen [Thu, 8 Mar 2012 13:12:33 +0000 (15:12 +0200)]
Whoops, dont make install progress callbacks on erasure
Panu Matilainen [Thu, 8 Mar 2012 08:17:47 +0000 (10:17 +0200)]
Optimize python db index instances list generation and fix related leak
- The number of entries is well know, allocate the entire list at
once and set instead of appending one by one. Also cures a leak from
created tuples not being decref'ed before - list set steals the
reference whereas append requires an additional decref to transfer
the ownership to the list.
Panu Matilainen [Thu, 8 Mar 2012 08:02:51 +0000 (10:02 +0200)]
Optimize header data python conversion for array tags a bit
- We know the array size beforehand, allocate the entire array
at once and set the elements instead of appending one by one.
This is (an obvious) and well-measurable, if not a huge, win.
Panu Matilainen [Wed, 7 Mar 2012 13:02:54 +0000 (15:02 +0200)]
Pull updated translations from Transifex
Panu Matilainen [Wed, 7 Mar 2012 12:31:42 +0000 (14:31 +0200)]
Revert to former spec query behavior + comment
- Various tools expect to get the full package list, not just those
that would actually be built. There are of just as valid reasons
for only wanting the packages that would be built, but we need
to make this caller specifiable, just changing the behavior breaks
existing tools unnecessarily. Add reminder comment why the thing
is the way it is...
Ville Skyttä [Sun, 19 Apr 2009 20:51:19 +0000 (23:51 +0300)]
Add --disable-dependency-tracking to %configure options.
autotools dependency tracking isn't generally useful in rpm builds;
disabling it results in cleaner build logs and possibly slight build
speedups.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Panu Matilainen [Wed, 7 Mar 2012 11:47:09 +0000 (13:47 +0200)]
Warn but dont fail the build on STABS debuginfo (RhBug:725378, others)
- debugedit doesn't support STABS but there are some crazy cases
like PPC Linux kernel which contains both STABS and DWARF debuginfo
sections, manually added. A better fix would be erroring out
if we didn't find any usable debuginfo and warning otherwise but
this at least folks get their kernels built.
Panu Matilainen [Wed, 7 Mar 2012 11:40:08 +0000 (13:40 +0200)]
Disable source fetch on build by default (for now) + comment
- We need to grow some digest (and why not external signature as well)
validation mechanism before we can let rpmbuild download + execute
arbitrary content from the internet, at least by default.
Panu Matilainen [Wed, 7 Mar 2012 09:31:15 +0000 (11:31 +0200)]
Teach find-lang about the new gnome help layout (RhBug:736523)
Jan Kratochvil [Wed, 7 Mar 2012 09:30:19 +0000 (11:30 +0200)]
Generate debug symlinks for all filenames sharing a build-id (RhBug:641377)
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Richard W.M. Jones [Wed, 22 Feb 2012 11:46:16 +0000 (11:46 +0000)]
Correctly quote tr [:blank:] in OCaml dependency scripts.
This fixes: https://bugzilla.redhat.com/show_bug.cgi?id=796149
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Panu Matilainen [Wed, 29 Feb 2012 09:04:25 +0000 (11:04 +0200)]
Explicitly remap device numbers along with inodes at build
- Buildroot cannot cross filesystem boundaries without evil tricks,
which is what the fs boundary sanity check from commit
7a9a5505667c681044bacb21c9b84ac66c062fe7 was intended to catch.
However in the case of source rpms, spec and sources can legitimately
reside on different filesystems (one case of this is rpmbuild -ts
from cwd on different fs than the %_topdir) and needs to be permitted.
- Since we flatten the inodes to appear from a single filesystem,
we need to also flatten the device numbers to match this. Turns
out handling this is simpler than trying to prevent it :) Oh well...
As we use the actual fs values for build-time hardlink discovery
this should correctly handle hardlinks even if packaging crosses
fs boundaries.
- Device number 1 which we use is probably equally bogus on all
platforms, but this is irrelevant as the device and inode numbers
are only used for hardlink discovery.
Panu Matilainen [Tue, 28 Feb 2012 13:22:32 +0000 (15:22 +0200)]
Only consider rpmdb growth for added packages
- Blargh, dumb thinko in previous commit: removed packages wont
necessarily decrease the rpmdb size, but they dont increase it
either.
Panu Matilainen [Tue, 28 Feb 2012 12:53:29 +0000 (14:53 +0200)]
Fix invalid memory access from rpmdb growth estimation (RhBug:766260)
- The dsi retrieved from rpmtsDbDSI() would become invalid whenever
ts->dsi structure got realloced, ie anytime when disk space is
calculated for a different fs than where the rpmdb resides. This
is likely to be the real issue behind RhBug:766260 and also RhBug:671056.
Just call rpmtsUpdateDSI() directly with suitable arguments for the
rpmdb to avoid the special (re)alloc paths.
- In addition, consider the db growth for packages with no files too.
Panu Matilainen [Tue, 28 Feb 2012 10:18:10 +0000 (12:18 +0200)]
Don't process spec %include in false branch of %if clauses (RhBug:782970)
Panu Matilainen [Tue, 28 Feb 2012 08:31:28 +0000 (10:31 +0200)]
Unbreak rpm -V output (RhBug:797964)
- Commit
ac0ab016a5ec31e65eb0c0910a5a6f1199aae3e7 unintentionally
changed the order of the problems shown in verify strings due to
a dumb oversight (greetings to self, duh). In other words, this
fixes a verify output regression in rpm >= 4.9.x by restoring
the long-standing (and documented) order of the verify output chars.
- Also fix the testcase which unfortunately was only added after
the output-changing commit so it didn't catch the breakage either :-/
Panu Matilainen [Tue, 21 Feb 2012 14:51:08 +0000 (16:51 +0200)]
Add a testcase for tag extension bad file name triplet detection
Panu Matilainen [Tue, 21 Feb 2012 14:49:51 +0000 (16:49 +0200)]
Raise exception in python on headerGet() invalid data failure
Panu Matilainen [Tue, 21 Feb 2012 14:24:18 +0000 (16:24 +0200)]
Test for file data tag sanity in fnTag() extensions
- Basename and dirindex counts must be equal, dirnames count must be
larger than zero and no larger than number of basenames. Check
that directory indexes are within range. Additionally file states
array size, if used, must equal to the genaral file count.
Panu Matilainen [Tue, 21 Feb 2012 13:59:34 +0000 (15:59 +0200)]
Fix crash on INSTFILENAMES extension on non-installed package
- Packages with no RPMTAG_FILESTATES cannot have installed files
from our POV, just exit early in that case.
- Rerrange the exit path a bit and only call rpmtdFreeData() on
file states if the corresponding headerGet() call was actually
made. Wont make any difference yet, but once we have other jumps
to exit it will.
Panu Matilainen [Tue, 21 Feb 2012 12:34:57 +0000 (14:34 +0200)]
Sanitize filename tag extension handling
- Rename rpmfiBuildFNames() to fnTag() and push all the td manipulation
there, making all the various different fn-related tags differ by
just the arguments to fnTag() and allowing central error etc
handling. No functional changes (yet) though.
Panu Matilainen [Tue, 21 Feb 2012 12:14:09 +0000 (14:14 +0200)]
Flag error in tag container for non-extension tag retrieval
- This should mostly be a can't happen case, but at least in theory
region retrieval could fail. So could unknown data type, but a header
with unknown data types shouldn't even load... Anyway, there could
be further error cases we might be able to flag here.
Panu Matilainen [Tue, 21 Feb 2012 11:52:18 +0000 (13:52 +0200)]
Add error indicator flag for tag data containers
- Tag retrieval can in some cases fail, especially so for tag
extensions. The headerGet() interface doesn't directly allow
distinguishing between non-existent tag and existent but invalid,
but we can sneak in that information through in the tag data flags.
Panu Matilainen [Tue, 21 Feb 2012 11:50:34 +0000 (13:50 +0200)]
Add getter for rpmtd flags
- While these are mostly of rpmtd-internal interest only, there are
cases when caller might want to know...
Panu Matilainen [Fri, 10 Feb 2012 08:40:45 +0000 (10:40 +0200)]
Remap inode numbers to fit into 32bit integer space on build (RhBug:714678)
- 64bit inode numbers lose their uniquity when brutally truncated
to 32bit integers as we've done so far. This can and will cause rpm
(and cpio) to mix up arbitrary file entries as hardlinks and vice versa.
- As the only interesting aspect of inode numbers is whether they're
equal to something else or not, we dont have to carry the "physical"
on-disk value to preserve semantics. So we can just remap the
inode numbers to something that fits our 32bit integer tags
without causing compatibility complexies with older rpms and
cpio (and since we can't handle more than INT32_MAX files in a package
anyway, breaking compatibility for this would be just braindead dumb).
An extremely simple way to achieve this is to use our
build-time file list index as the basis of stored inode number.
- In theory this breaks inode-device pairing, but as the buildroot
cannot span across filesystems in any remotely normal conditions,
just add a sanity check to catch the dirty tricksters...
- Based on a patch by Zdenek Pavlas, just further simplified and
buildroot fs boundary sanity check added.
Panu Matilainen [Thu, 9 Feb 2012 12:16:29 +0000 (14:16 +0200)]
Also test that total size is calculated correctly wrt hardlinks
Panu Matilainen [Wed, 8 Feb 2012 15:45:34 +0000 (17:45 +0200)]
Add a rough-cut testcase for hardlink handling
- Check that we get expected number of links in package generation,
that all the files got installed and that the linked files are
actually hardlinks (for our purposes, plain inode suffices)
Panu Matilainen [Wed, 8 Feb 2012 13:40:02 +0000 (15:40 +0200)]
Add tag extension to calculate hardlink count for files
Panu Matilainen [Wed, 8 Feb 2012 08:56:09 +0000 (10:56 +0200)]
Switch back to former, much smaller BDB memory pool size (RhBug:752897)
- A larger cache is beneficial in various scenarios, but triggers
horrible worst-case performance under memory pressure (or so my
current theory goes, there might be other factors too). The
worst-case degration is orders of magnitude bigger than the best-case
improvements from the larger cache and for many use-cases doesn't
make a whole lot difference. We could/should tune the cache with
priorizing indexes and all, and perhaps dynamically select the
cache size but for now, the 1Mb cache size is known to "just work".
Panu Matilainen [Fri, 3 Feb 2012 10:46:22 +0000 (12:46 +0200)]
Add --test option to rpmkeys
- Allows, well, testing whether a key could be imported before actually
doing it
Panu Matilainen [Fri, 3 Feb 2012 10:23:31 +0000 (12:23 +0200)]
Honor RPMTRANS_FLAG_TEST in rpmtsImportPubkey()
Panu Matilainen [Thu, 2 Feb 2012 17:13:03 +0000 (19:13 +0200)]
Remove the arbitrary limitation on transaction keyring change
- There are some situations where switching keyrings might be wanted,
especially as long as we dont export a way to pass keyring as
an argument to package reading/verification functions. Since thereäs
no technical reason to disallow it, might as well allow it...
Panu Matilainen [Thu, 2 Feb 2012 12:36:41 +0000 (14:36 +0200)]
Disable signature checking during database rebuild by default
- While it would be perfectly reasonable to perform signature
checking during db rebuild, this is problematic as long as our
keys live in the same database we're rebuilding: the environment
might be paniced, the indexes required for key lookups might be
corrupt or non-existent etc - one would assume there's a reason for
the db is getting rebuilt in the first place. When signature checking
is enabled, we're forced to generate missing indexes on the potentially
borked database we're just about to rebuild, which might not go very
well, and since they keyring loading has no clue its getting called
from middle of db rebuild it'll try to use a shared environment
which might be broken ... etc.
Panu Matilainen [Thu, 2 Feb 2012 12:31:17 +0000 (14:31 +0200)]
Use private environment for database rebuilds too, document
- One of the more common reasons for users to do --rebuilddb is
a paniced environment. Throwing DB_RUNRECOVER errors at the user
who is trying to recover by rebuilding the db isn't terribly
productive (RhBug:590710). Use a private environment while
rebuilding for both the original and new database, and dont bother
with CDB which only slows things down when there are no other
players present.
- Verify wants the same flags but for different reasons...
Panu Matilainen [Thu, 2 Feb 2012 11:53:38 +0000 (13:53 +0200)]
Never load ts keyring if signature checking is disabled
- Loading the pubkeys from database numerous often unwanted side-effects,
if signature checking is disabled then there's no point loading
the keys either.
- Commit
cad147070e5513312d851f44998012e8f0cdf1e3 did this for
rpmReadPackageFile() specifically but we really want it honored
for all operations including headerCheck() and friends, handle
it centrally in loadKeys() for simplicity.
Panu Matilainen [Wed, 1 Feb 2012 15:48:20 +0000 (17:48 +0200)]
Don't free up file info sets on transaction test-runs
- We'd like to get rid of the potentially huge amounts of memory
eaten by file info sets as early as possible, but when there's a
chance that we'll get called again with either added transacation
elements or on-disk changes, such as %pretrans changing something
underneath us, we need to (be able to) recalculate everything
from scratch. Only free up the memory when we know we dont need
it anymore, ie on an actual transaction run.
- This doesn't change anything for rpm itself, for yum and others
which do a separate test-transaction first, it means %pretrans
directory<->symlink replacement hacks and the like have a chance
of working again. I'm sure there's a bug filed on this somewhere but...
Panu Matilainen [Mon, 30 Jan 2012 08:23:51 +0000 (10:23 +0200)]
Use rpmReadHeader() on signature checking path too
- rpmReadHeader() performs far more initial sanity checks on the header
than headerRead() does, and makes behavior consistent with eg query
and install paths. As an added bonus we'll get more detailed
error messages too.
Panu Matilainen [Sat, 28 Jan 2012 16:03:42 +0000 (18:03 +0200)]
Add a basic testcase for bogus filename triplet detection
Panu Matilainen [Sat, 28 Jan 2012 15:53:11 +0000 (17:53 +0200)]
Test for filename triplet sanity in rpmfiNew()
- Basename and dirindex counts must be equal, dirnames count must be
larger than zero and no larger than number of basenames. Check
that directory indexes are within range.
- There are mountains of further checks to be added here (and elsewhere)
but we gotta start somewhere... and filename triplets are one of the more
critical elements we got.
Panu Matilainen [Sat, 28 Jan 2012 15:23:16 +0000 (17:23 +0200)]
xcalloc() cannot return NULL, remove redundant check
Panu Matilainen [Sat, 28 Jan 2012 15:07:42 +0000 (17:07 +0200)]
Don't assume rpmfiNew() always succeeds
- Add NULL checks and add/adjust comments where appropriate.
- The remaining callers should handle NULL fi gracefully if not
entirely correctly: rpmfiFC() returns 0 on NULL fi, so these
callers just see the erronous file info set as "no files" case.
Something to fine-tune later...
Panu Matilainen [Sat, 28 Jan 2012 13:54:40 +0000 (15:54 +0200)]
Add a basic testcase for bogus (incomplete) header detection
Panu Matilainen [Sat, 28 Jan 2012 13:20:48 +0000 (15:20 +0200)]
Add some basic sanity checks to rpmte creation, allow rpmteNew() to fail
- Verify that a header at least has the very basic elements like
name, version, release, os and arch (except for gpg-pubkeys which
dont have the latter two, sigh), fail if not.
- rpmfiNew() cannot currently fail but handling this error will allow
sanity checking the file metadata which can be inconsistent even if
a header is "physically" consistent.
- We'll eventually want to have sanity checks on dependency sets too, but
unlike rpmfiNew(), rpmdsNew() currently returns NULL for non-existent
dependencies (eg most packages do not have conflicts or obsoletes) to
save memory. Either that needs to change or we'll need to check
for tag existence for the meaning of a returned NULL here.
Panu Matilainen [Sat, 28 Jan 2012 13:17:02 +0000 (15:17 +0200)]
Don't assume rpmteNew() always succeeds, part III
- Return error from verifyscript if rpmteNew() fails. This can't
currently happen but handling this error makes it possible to
do sanity checks on the header contents, such as file list integrity etc.
Unlikely to occur for installed packages, but verify can be run
on non-installed packages as well, where failure is more of a possibility.
Panu Matilainen [Sat, 28 Jan 2012 12:50:16 +0000 (14:50 +0200)]
Move TR_ADDED file size init into addTE()
- No functional changes, just stuffing it there along with most
other rpmte init work and remove the pointless switch-case while at it
Panu Matilainen [Sat, 28 Jan 2012 12:18:35 +0000 (14:18 +0200)]
Don't assume rpmteNew() always succeeds, part II
- Return error from rpmtsAddInstallElement() if rpmteNew() fails. This
can't currently happen, but handling this error makes it possible
to do sanity checks on the header contents, such as file list integrity.
Panu Matilainen [Sat, 28 Jan 2012 12:11:08 +0000 (14:11 +0200)]
Error out early if rpmdb open fails on upgrade element addition
- If we can't open the rpmdb then we cannot correctly process the
upgrade, error out early. Mostly a "can't happen" case though.
Also makes the logic a bit clearer, hopefully.
Panu Matilainen [Sat, 28 Jan 2012 11:18:53 +0000 (13:18 +0200)]
Don't assume rpmteNew() always succeeds, part I
- Return error from removePackage() if rpmteNew() fails. This can't
currently happen and is unlikely anyway on already installed
packages (this is more interesting for added packages) but
just in case...
- Handling failure from upgrade- and obsoletes erasures is trickier
both can add any number of erasure elements, and if one of them
fails we'd need to undo all the erasures caused by this element.
Just add a reminder comment for now.
Panu Matilainen [Tue, 17 Jan 2012 11:17:31 +0000 (13:17 +0200)]
Axe unused cruft
Panu Matilainen [Tue, 17 Jan 2012 10:50:51 +0000 (12:50 +0200)]
Kill off yet more repackage remnants from fsm
- CPIO_ALL_HARDLINKS flag and related code has been unused and dead
since rpm >= 4.6.x
Panu Matilainen [Tue, 17 Jan 2012 10:33:26 +0000 (12:33 +0200)]
Lift hard-link payload writing to helper function, fsmStage is big enough
Panu Matilainen [Tue, 17 Jan 2012 09:03:27 +0000 (11:03 +0200)]
Eliminate FSM_WOPEN, FSM_WRITE and FSM_WCLOSE stages
- These are nothing but unnecessarily specialized Fopen(), Fwrite() and
Fclose() for what is a purely local need in expandRegular(). Move
the local stuff where it belongs.
Panu Matilainen [Tue, 17 Jan 2012 08:52:46 +0000 (10:52 +0200)]
Eliminate FSM_ROPEN, FSM_READ and FSM_RCLOSE stages
- These are nothing but unnecessarily specialized Fopen(), Fread() and
Fclose() for what is a purely local need in writeFile(). Move
the local stuff where it belongs.
Panu Matilainen [Tue, 17 Jan 2012 07:01:38 +0000 (09:01 +0200)]
Eliminate file digest related members from fsm struct
- Both digest algo and the current file digest from header are
only needed inside expandRegular(), push the stuff down there.
Panu Matilainen [Mon, 16 Jan 2012 12:35:37 +0000 (14:35 +0200)]
Eliminate the now obviously unnecessary opath member from fsm struct
Panu Matilainen [Mon, 16 Jan 2012 12:30:40 +0000 (14:30 +0200)]
Avoid fsm->opath usage for symlink target
- Instead of behind-the-scenes pointer updating, use fsm->wrbuf
explicitly for the link target. Doesn't make it less hackish
but at least it now stands out.
Panu Matilainen [Mon, 16 Jan 2012 12:17:35 +0000 (14:17 +0200)]
Avoid fsm->opath usage in fsmMakeLinks()
- opath is the file that links will be made to, we grab it at the
start and free at the end. No need to save and restore what we
dont modify, one more fsm->opath usage down...
Panu Matilainen [Mon, 16 Jan 2012 12:13:38 +0000 (14:13 +0200)]
Remove unused FSM_MKLINKS stage
Panu Matilainen [Mon, 16 Jan 2012 11:58:51 +0000 (13:58 +0200)]
Avoid fsm->opath usage in final file rename
- Hopefully this makes the actual operation stand out more clearly
with the unnecessary fsm->opath fiddling out of the picture,
other than that there's not much to gain here.
Panu Matilainen [Mon, 16 Jan 2012 11:15:09 +0000 (13:15 +0200)]
Eliminate unnecessary fsm->path/opath shuffle on unlink
- No need to save and restore what we dont modify...
- Add comments to double-check later for couple of fishy looking bits
Panu Matilainen [Mon, 16 Jan 2012 10:28:52 +0000 (12:28 +0200)]
Eliminate unnecessary fsm->path/opath shuffle on backup renaming
- Makes the code much more obvious to follow since we're not swapping
path/opath back and forwards just to be able to use a throwaway
path for the rename. Dont bother null-checking on logging,
if one of the paths was null we'd be dead already.
- Also fixes an ancient memleak: when osuffix is in use, fsm->path
gets newly malloced before fsmVerify() but this part did another
allocation on it, didn't save and restore fsm->path .. and nothing
was freeing the original (local) allocation of fsm->path, only
restoring the previous value.
Panu Matilainen [Mon, 16 Jan 2012 09:40:37 +0000 (11:40 +0200)]
Eliminate unnecessary st_mode save-modify-restore on dir creation
Panu Matilainen [Mon, 16 Jan 2012 09:31:02 +0000 (11:31 +0200)]
Eliminate unnecessary save-modify-restore around fsmUtime()
Panu Matilainen [Mon, 16 Jan 2012 09:27:49 +0000 (11:27 +0200)]
Eliminate unnecessary save-modify-restore on fifo creation
Panu Matilainen [Fri, 13 Jan 2012 16:15:30 +0000 (18:15 +0200)]
Move symlink() to separate helper function
- Similar to mkfifo(), mknod() & friends, doesn't do much but for
consistency and fsmStage() size sanity...
Panu Matilainen [Fri, 13 Jan 2012 16:05:44 +0000 (18:05 +0200)]
Eliminate stupid fsm->path/opath in FSM_COMMIT now that we can
- Now that we can directly operate on temporarily variables instead
of having to save-ping-restore-pong them, lets do so...
- Also eliminating NULL-checks on the path variables in logging - if
either of the paths were NULL we would've already crashed in rename()
Panu Matilainen [Fri, 13 Jan 2012 15:54:23 +0000 (17:54 +0200)]
Blarg, stupid stupid mistake breaking symlink handling
- Introduced in commit
d15bf56a70fdc2322a8d71f255241c20d895834f and
uncaught prior to push as none of the test-suite cases involve
symlinks. This is what happens when trying to quickly rewrite
git history to put combine a forgotten change into earlier ones,
guilty as charged :(
Panu Matilainen [Fri, 13 Jan 2012 15:02:23 +0000 (17:02 +0200)]
Only pass what little is actually needed in fsmMkdirs()
- Once all the other cruft has been carved out, turns out this needs
nothing but a directory iterator which we can init and free
in the caller easily enough, and selabel handle (duh). All the
rest is independent of fsm internals in reality.
Panu Matilainen [Fri, 13 Jan 2012 14:47:02 +0000 (16:47 +0200)]
Eliminate stupid fsm->sb.st_mode abuse from fsmMkdirs()
- At the point where this runs there's probably nothing at all to
save and restore in the stat buf anyway, but it's just stupid to
abuse that when all we need is a local mode_t temp variable. Fix
it now that we can.
Panu Matilainen [Fri, 13 Jan 2012 14:39:55 +0000 (16:39 +0200)]
Move mknod() to separate helper function
- Similar to mknod() and all, this doesn't do anything that special
but fsmStage() is big enough as it is.
Panu Matilainen [Fri, 13 Jan 2012 14:34:47 +0000 (16:34 +0200)]
Move mkfifo() to separate helper function
- Similar to the other fsm syscall wrappers, this doesn't do anything
that special, but fsmStage() is big enough without things like
this inline.
Panu Matilainen [Fri, 13 Jan 2012 14:21:11 +0000 (16:21 +0200)]
Change fsmReadLink() to take "normal" arguments
- This doesn't need access to the entire fsm, it just needs a buffer
to place the results in / return errors. Currently the "out" buffer
is (ab)used for the results, this just forces that to stand out
and should make it easier to sanitize later.
Panu Matilainen [Fri, 13 Jan 2012 13:23:23 +0000 (15:23 +0200)]
Change fsmUtime() to take "normal" arguments
- This doesn't need access to the entire fsm, just path and mtime
from coming from a header originally. Will allow eliminating
save -> abuse -> restore behavior in caller but leaving till later...
Panu Matilainen [Fri, 13 Jan 2012 13:14:24 +0000 (15:14 +0200)]
Change fsmChown(), fsmLChown() and fsmChmod() to take "normal" arguments
- None of these needs access to the entire fsm, they only
exist to map and filter errors to rpm special needs and to
create debug swew on top of the plain syscalls.
Panu Matilainen [Fri, 13 Jan 2012 13:06:06 +0000 (15:06 +0200)]
Change fsmMkdir() to take "normal" arguments
- This doesn't need access to the entire fsm, it only exists to
map errors to CPIOERR_* and create debug foo. This will allow
eliminating save -> abuse -> restore behavior in callers, but
leaving that till later.
Panu Matilainen [Fri, 13 Jan 2012 12:47:19 +0000 (14:47 +0200)]
Change fsmStat() to take "normal" arguments
- This doesn't need access to the entire fsm, just regular stat()
args and a flag whether to use lstat() or stat(). "followlinks"
or such would be saner name for the flag but leaving that for now...
Panu Matilainen [Fri, 13 Jan 2012 11:01:24 +0000 (13:01 +0200)]
Change fsmRename() to take "normal" arguments
- This doesn't need access to the entire fsm, just regular rename()
args and a flags to see whether "secure" delete should be done.
In itself this only looks like more trouble, but all the callers
are fiddling and saving and restoring with fsm->[o]path just
to call this, which we can now avoid. Leaving sanitizing the
callers till later though, this is a minefield...
Panu Matilainen [Fri, 13 Jan 2012 10:36:01 +0000 (12:36 +0200)]
Change fsmUnlink() and fsmRmdir() to take "normal" arguments
- Neither of these needs access to the entire fsm, they mostly
exist to create debug cruft and to map errors to CPIOERR_*
Panu Matilainen [Fri, 13 Jan 2012 09:36:28 +0000 (11:36 +0200)]
Sanitize file capability setting in fsm
- Move parsing, setting and freeing of capabilities into simple
helper function, there's no point whatsoever having the current
capability stored in fsm when it only complicates freeing and all.
WTH was I thinking when implementing this? (well, everything in
fsm was done that way so... but that's a lame excuse)
Panu Matilainen [Fri, 13 Jan 2012 09:08:47 +0000 (11:08 +0200)]
Sanitize selinux labeling in fsm
- Move all the label foobar into a simple helper function which
finds, sets and frees the context if selinux is enabled, use
for both regular operation and orphan directory labeling.
Simplifies things a good deal...
- While the selabel handle can change during a transaction, it
wont change while the fsm is running so its sufficient to grab
it on entry instead of repeatedly calling rpmtsSELabelHandle() after
figuring out where in the world our ts might be.
Panu Matilainen [Fri, 13 Jan 2012 08:27:11 +0000 (10:27 +0200)]
Eliminate unused subdir member from fsm struct
Panu Matilainen [Fri, 13 Jan 2012 08:19:50 +0000 (10:19 +0200)]
Eliminate silly sufbuf from fsm struct
- Allocate fsm->suffix directly when suffix is needed instead.
Doesn't change anything, only makes life that little bit simpler.
Panu Matilainen [Fri, 13 Jan 2012 08:06:09 +0000 (10:06 +0200)]
Ensure installs always use a temp suffix on files
- This bogosity goes back to commit
fcf6b50378eaeac4c1f7ca215b33586b4d41072f
which was supposed to fix files getting erased if time() returns
errors (RhBug:223931). Problem is, this "fix" didn't fix anything
at all as the suffix still wouldn't be created in the error
case, even if the FSM_UNDO part did the right thing. We always
want a suffix on installs, it doesn't matter *what* the suffix is.
Panu Matilainen [Fri, 13 Jan 2012 07:41:25 +0000 (09:41 +0200)]
Remove unused "orphan" directory creation tracking variable from fsm
Panu Matilainen [Fri, 13 Jan 2012 07:30:06 +0000 (09:30 +0200)]
Move directory tracking variables out of fsm struct to local scope
- These are not used or needed outside fsmMkdirs() so its just
plain dumb to have them in the big struct. No functional changes,
just taming the fsm monster a little bit.
Panu Matilainen [Fri, 13 Jan 2012 05:54:51 +0000 (07:54 +0200)]
Add bunch of links to test-suite chroot to allow selinux to work
- With the new warning on failure to open selinux labels from
commit
7a8b75d26605cf7a3fde9f624a80d6fb8390fcbd, the test-suite
fails on large number of tests due to the extra output. This
takes care of these false alarms on F16 at least.
- Recent selinux wants /etc/selinux and /sys (for /sys/fs/selinux),
older ones would want /selinux. Add in /proc for good measure,
selinux doesn't need it butit wont hurt either, other things will
want it sooner or later.
Ales Kozumplik [Thu, 22 Dec 2011 13:53:51 +0000 (14:53 +0100)]
remove the 'path' parameter of rpmtsSELabelInit()
- It is always selinux_file_context_path() anyway.
Ales Kozumplik [Thu, 22 Dec 2011 13:34:03 +0000 (14:34 +0100)]
selinux: reopen label between transactions if necessary (RhBug: 746073)