| Age | Commit message (Collapse) | Author |
|---|
|
opkg is used e.g. as part of the yocto rootfs creation, where many packages are
installed. When there is an error, a log file with thousands of lines is
created, and people typically search for "error".
Thus, let's prefix error messages with "error: " instead of "* " which is easy to miss.
Before:
* check_data_file_clashes: Package systemd wants to install file build/tmp-glibc/work/my-arch/my-image/1234/rootfs/usr/bin/foobar
But that file is already provided by package * foo-package
After:
error: check_data_file_clashes: Package systemd wants to install file build/tmp-glibc/work/my-arch/my-image/1234/rootfs/usr/bin/foobar
But that file is already provided by package foo-package
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
* fields_filter is a CLI-only option but was never freed
* The temporary buffer used to hold the tmpdir template was never freed
when mkdtemp failed
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
opkg_conf_load() currently loads the configuration from a file and then
proceeds to finalize the config structure by filling in default values
or building the final config values based on other config parameters
(e.g. the offline root).
To enable overwriting of config options from the command line the
finalization phase is split out so it can be called only after the
command line arguments have been processed for the second time.
To retain API compatibility, opkg_conf_load() continues to read and
finalize the config. If the staged approach is desired opkg_conf_read()
followed by a opkg_conf_finalize() shall be used.
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Move freeing of resources claimed by opkg_config into a dedicated helper
function. This allows reuse in the upcoming two stage argument parsing
and also reduces the numbers of labels needed to perform the actual
freeing of memory.
This change is safe as the individual cleanup methods already check
whether the resource that should be freed has actually been allocated.
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
"r" was never changed in between this and the previous check.
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Also ensure that copy of filename is passed into archive_entry_set_pathname
so it can be operated upon by posix basename which expect non-const
character pointer as input.
This became evident with latest musl where basename declaration was
dropped from string.h [1]
[1] https://git.musl-libc.org/cgit/musl/commit/?id=725e17ed6dff4d0cd22487bb64470881e86a92e7
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
The libarchive library, which is being used by opkg supports ACLs
and xattr already.
More information can be read at this link:
https://github.com/libarchive/libarchive/pull/691
Signed-off-by: Maciej Liszewski <m.liszewski@welotec.com>
Signed-off-by: Piotr Łobacz <p.lobacz@welotec.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
WG14 N2350 made very clear that it is an UB having type definitions
within "offsetof" [1]. This patch enhances the implementation of macro
alignof_slot to use builtin "_Alignof" to avoid undefined behavior on
when using std=c11 or newer
clang 16+ has started to flag this [2]
Fixes build when using -std >= gnu11 and using clang16+
Older compilers gcc < 4.9 or clang < 8 has buggy _Alignof even though it
may support C11, exclude those compilers too
[1] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2350.htm
[2] https://reviews.llvm.org/D133574
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Create a dir-hash to track the number of packages installing the
same directory or a symlink to a directory. This directory or
symlink is deleted only when there is no other package using it.
This is in line with how dpkg deletes directories.
Fixes Bugzilla #10461.
Signed-off-by: Shruthi Ravichandran <shruthi.ravichandran@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Multiple packages can install the same directory, or a symlink to a
directory. Ensure that these entries are not removed from the
filelists of packages that are installed following a package that
first installs the directory or a symlink to a directory.
This is later used to ensure that out-of-order package removals do
not result in directory or symlink deletion.
Fixes Bugzilla #10461.
Signed-off-by: Shruthi Ravichandran <shruthi.ravichandran@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
In pkg_write_filelist(), the trailing '/' is removed from each entry
before writing to the .list file. But the same is not done when the
.list file doesn't exist yet for a package, and it has to be
generated from the package in pkg_get_installed(). This leads to a
different entry in the file hash for the same file, and multiple
packages claiming ownership of a file.
Fixes commit 70df4de62313cf973e98b296d467be1d73b9b9f9
Signed-off-by: Shruthi Ravichandran <shruthi.ravichandran@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Refactor the parsing of integer-valued fields into its own function,
and verify that the string is non-empty and a positive unsigned long
integer. (Previously, an empty string would result in a segfault.)
Fixes bugzilla: 14178
Signed-off-by: Brenda Streiff <brenda.streiff@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
rm_r prints an error message if the directory to be deleted does not
exist. There are some opkg commands that do not error, but print the
rm_r error message re: the tmp_dir during cleanup unnecessarily.
Therefore, check if the tmp_dir exists before trying to delete it.
Signed-off-by: Shruthi Ravichandran <shruthi.ravichandran@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Existing implementation silently returns when an abstract package (with
no real package to back it) is requested to be installed.
E.g., package 'a' recommends unknown package 'dne' but installing 'dne'
succeeds even though no operation has taken place.
This change makes sure an error is returned during such install
operations. A package is deemed unkonwn if it is absent from repos
'repo_installed', 'repo_available', 'repo_preferred', 'repo_to_install'.
Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
This patch adds a missing break in a switch case while parsing a
package's dependencies. This was causing a package's pre-dependency
to be added twice to the solvable, each time with a different marker.
Signed-off-by: Shruthi Ravichandran <shruthi.ravichandran@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
opkg installs a package's pre-dependencies but does not record them
in the package's status file. Due to this, opkg allows uninstallation
of an installed package's pre-dependency when it should complain.
This patch fixes that by adding the pre-depends print to the
package's status file. It also adds the pre-depends print to the
package's status info dump.
Given installed packages 'a' and 'b', where 'a'--'pre-depends'-->'b',
the following is the opkg output (after the patch is applied) when
asked to uninstall package 'b' before uninstalling 'a':
DEBUG cmd: /mnt/workspace/src/opkg -o /tmp/opkg --force-postinstall remove b
DEBUG stdout: * Solver encountered 1 problem(s):
* Problem 1/1:
* - package a-1.0.all requires b, but none of the providers can be installed
* - conflicting requests
* - problem with installed package a-1.0.all
*
* Solution 1:
* - allow deinstallation of a-1.0.all
* Solution 2:
* - do not ask to deinstall b
* - do not ask to deinstall b
Signed-off-by: Shruthi Ravichandran <shruthi.ravichandran@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
The signature file ought to be removed if the IPK is not
present so both can be re-downloaded. Removes the signature
file if the IPK is not present or if the package verification
fails.
Signed-off-by: Bryan Evenson <evensonbryan@gmail.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Add a function to delete the package signature file.
Signed-off-by: Bryan Evenson <evensonbryan@gmail.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Checks if the signature already exists in cache before attempting the
download. Previously, every call to 'opkg upgrade' would download the
signature. This led to problems in the following scenario:
* Call 'opkg --download-only upgrade' to download any package upgrades.
* Disconnect the package repository (i.e. disconnect removable media)
* Call 'opkg upgrade'
Previously 'opkg upgrade' would fail because it could not download the
signature files.
Signed-off-by: Bryan Evenson <evensonbryan@gmail.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Volatile cache directories are supposed to have a lifetime scoped to a
particular process. Prior to feb40ec55c07 ("libopkg: do not require uid
0 for RO cmds"), opkg operations were protected by a single lock;
however, we might now have multiple opkg operations in-flight (for
example, "opkg print-architecture" running independently of an "opkg
install"). To handle this, uniquify the volatile cache_dir by appending
the process ID so that different opkg processes will not stomp over each
other.
Signed-off-by: Brenda Streiff <brenda.streiff@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
libarchive has both "archive_error_string" and "archive_errno" methods;
the latter can provide greater detail. For instance, libarchive's
"file_open" will set the error to a string of "Failed to open '%s'",
but also set the errno value to the errno from the underlying open()
call, which can provide a bit more detail, like if we failed due to
ENOENT or ENOSPC, etc.
This patch adds archive_errno reporting to every msg in opkg_archive.c
where we are already returning the archive_error_string.
Signed-off-by: Brenda Streiff <brenda.streiff@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Fix parameter list for callback to remove compiler warnings.
Signed-off-by: Bill Pittman <bill.pittman@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Add optional support for zstandard compression (disabled by default).
Zstandard compression offers a significant speed increase at
decompression time over the current default (xz). This is amplified on
less capable hardware as used in embedded devices. Further more, it
offers a slightly faster compression speed at the highest compression
levels with a slightly lower compression ratio and the ability to
choose your own compromise between fast compression speed with less
compression and slower compression speed with more compression.
Zstandard would therefore be a good solution for package compression when:
* install time matters, especially if you are installing on less capable
hardware
* disk space is not a concern: lower compression can speed up developer
builds, especially incremental builds
* disk space is a concern: release builds can make use of the highest
compression setting to reduce package sizes
Signed-off-by: Henry Kleynhans <hkleynhans@fb.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
The OpenSSL libraries are used by libopkg directly, as an optional
method of verifying package feed signatures against a locally stored CA
certificate. They are enabled only when the --enable-openssl argument is
passed to AutoConf.
Assert that --enable-openssl is not widely used by opkg integrators and
that GPG feed signing (--enable-gpg) is preferred in all cases.
Remove:
* OpenSSL signature verification
* the --enable-openssl AutoConf option
* the `signature_ca_file` opkg conf setting
* the `signature_ca_path` opkg conf setting
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
pathfinder-pki is an option extension to OpenSSL which facilitates
path-validation of x509 certificates. It is linked into libopkg when
--enable-pathfinder is asserted at configure-time.
Assert that pathfinder is not frequently used by opkg integrators and
the library itself is obsolescent. (The project name is also obnoxiously
common when trying to google.)
Remove:
* all references to pathfinder-pki
* the --enable-pathfinder AutoConf option
* the `check_x509_path` opkg conf setting
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Return a nonzero error code (-1, which is code 255 in the shell) and an
error message when an 'opkg search' returns no results.
Additionally, add a test to verify this behavior.
Fixes bugzilla #14448.
Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
When libopkg is compiled with `--enable-curl` AND `--disable-ssl-curl`
options, the `int r` declaration in opkg_curl_init() becomes orphaned
from the code segments which actually use it (which are dropped via
DEFINEs). GCC throws an unused variable warning, as a result.
In modern C, there is no reason that variable declarations need to
happen at the top of the function block. So move the declaration into
the code segment that actually uses it, and within the relevant #DEFINE
block.
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Currently, packages specified with --add-exclude aren't registered at all
with libsolv. Because as far as libsolv is concerned they don't exist, if
an installation requires an excluded package, you get a less-than-ideal
message that "nothing provides" the excluded package.
Instead of pretending that they don't exist, instead utilize libsolv's
recent support for "blacklisted" packages. This changes the error output
to indicate that the excluded package "can only be installed by a direct
request"
Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
It is better practice to calculate the size of the memmove operation
based on the final buffer size. Clean up the claculation to perform the
same mathematics from that perspective.
Also, organize and make better use of the *_len calculations in the
early parts of the function.
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
GCC 8 throws stringop-truncate warnings when strncpy() operations are
performed on substrings - the reason being that the null-terminating
byte is often lost. The replace_token_in_str() function causes several
warnings for this reason.
Instead, use memmove(), which is functionally similar, but does not
imply that the data it is operating on is a well-formed string.
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
In the case that users direct opkg to download content from a URL which
uses `ftps://` as its transport scheme, the opkg_download cURL backend
will attempt to replace the scheme with `ftp://`, and allow cURL to
negotiate security parameters.
When the replce_token_in_str() function allocates a new char array for
the replaced string, it erroneously leaves no space for a
null-terminating byte.
Increase the replaced_str_len by 1 when allocating the array, to fix
that bug.
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Avoid unnecessary error when removing non-existent directory,
read-only commands do not create temp directories.
Signed-off-by: Bill Pittman <bill.pittman@ni.com>
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
- Remove unused force_defaults option
- Remove test alias option
- Add missing options to opkg.conf man page
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
- Remove undocumented command line parameters recursive, test, offline
and print-installation-architecture
- Correct opkg man page typos
- Add dist-upgrade and version to opkg help and man page
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
The return values of the opkg_download_cmd and opkg_install_cmd differ
appreciably. When any requested package in an install operation is not
solvable (eg. it is not present in the index), install returns -1
(return code 255 in the shell). If the download operation encounters the
same situation, it ignores the package and returns code 0.
As a result, there is no reliable way to determine if a download
operation was unsuccessful due to a missing package.
Set the return code on the opkg_download_cmd operation to -1 in the case
that any package cannot be found in the index.
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
Rename pkg_src_t disable_sig_check to signature_verified to better
reflect the field purpose
Signed-off-by: Zavaczki Raul <raul.zavaczki@ni.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
libsolv_solver_transaction_preamble
Currently, if the option for 'download first' is true, opkg will download packages even when noaction is set to false
Changing the function call to pass opkg_config->noaction instead of 0 will fix this behaviour
Signed-off-by: Zavaczki Raul <raul.zavaczki@ni.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
The lock file descriptor is not reset to its NULL-signalling value (-1)
after it is unlinked. As a result, calling _unlock() multiple times in
succession will fail in unintuitive ways, as the function attempts to
unlink a dead descriptor.
Reset the value of the lock_fd after the lock file has been successfully
unlinked, as a signal to later _unlock() calls to NOOP.
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
The current opkg_conf implementation acquires an exclusive lock in the
`/var/run/` directory, when it is initialized. As a result, all opkg
operations must be run as a user which has write access to that lock
directory - which should always be uid 0.
Instead, move the lock context to the opkg_cmd execution function and
add an attribute to the opkg_cmd_t which expresses whether or not the
command requires privileged execution. For all operations which do not
modify the system state, lock capture is eschewed.
When a non-root user tries to execute a privileged command, they will
receive an EPERM.
Fixes bugzilla #9348
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
The inclusion of the absolute path breaks reproducible builds for
sandboxes with random directory names.
Signed-off-by: Philipp Trommler <ptr@edex-ug.de>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
The opkg_validate_cached_file method sets a dummy write function on
the global curl session pointer that is used by opkg. It also sets
CURL_NOBODY to 1 which will only download the header. It does this
to check if the timestamp of the source has changed and if a
redownload is needed.
However, if that curl call for the header fails, it doesn't reset
back the curl options. Because of this, if a subsequent call to
opkg_download doesn't use cache (which is the case for uncompressed
feeds list files) and therefore opkg_validate_cache is not called at
all, the download will look as if it succeeded where in fact it
didn't write anything to the disk.
The opkg_validate_cached_file function already had some code to
cleanup the curl options so that they are in the same state then
before the call. However, that cleanup logic was not executed in
case of an error. This change makes the cleanup logic to be executed
also on error.
This fixes an issue where an opkg update would look as if it
successfully updated an uncompressed feed source but it didn't.
The issue occured only under the following conditions:
- before updating the uncompressed feed source, it tried to
update a compressed feed source and it failed
- volatile_cache is enabled.
Signed-off-by: Andrei Zene <andrei.zene@ni.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
Packages with Description fields without a summary, but with long
descriptions, are causing memory corruptions. Two problems:
* Amount of memory allocated is 1 byte short (not accounting for EOL)
* pkg->description memory block is not initialized with a NULL value.
The code calls strcat to append, which causes incosistent results
since strcat looks for NULL when appending.
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
Currenlty opkg keeps a running list of known errors (error_list),
which is printed before exit. This makes SEGFAULT and similar errors
hard to debug, since error_list is lost if the error was not handled.
Instead, print errors to stderr as they are triggered.
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
When `opkg download ${pkg}` is called on a package whose Filename
includes a directory tree (eg. `./path/to/ipk/foo.ipk`), opkg will
attempt to download it to a local path whose tree structure matches the
Filename attribute exactly - and error if the directory tree does not
exist.
Instead, discard the dir name information when determining the download
destination path, such that all downloaded packages end up in the
current working directory.
Fixes bugzilla #11301
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
The same memory region is going to be freed shortly, while iterating
over options array (on "lists_dir" element)
Confirmation from valgrind for original version:
$ valgrind opkg install something -d wrong_value
...
==7776==
==7776== Invalid free() / delete / delete[] / realloc()
==7776== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7776== by 0x4E4D206: opkg_conf_load (opkg_conf.c:912)
==7776== by 0x109FA8: main (opkg.c:454)
==7776== Address 0xf3cf2b0 is 0 bytes inside a block of size 30 free'd
==7776== at 0x4C30D3B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7776== by 0x4E4D6F6: opkg_conf_load (opkg_conf.c:889)
==7776== by 0x109FA8: main (opkg.c:454)
==7776== Block was alloc'd at
==7776== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7776== by 0x510C9B9: strdup (strdup.c:42)
==7776== by 0x4E5A28D: xstrdup (xfuncs.c:71)
==7776== by 0x4E4D643: opkg_conf_load (opkg_conf.c:791)
==7776== by 0x109FA8: main (opkg.c:454)
==7776==
...
Signed-off-by: Vladyslav Movchan <vladyslav.movchan@avast.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
In the case of a zero length string being returned by fgets(), the condition
checking for a trailing new line would perform a bad memory access outside
of `buf`. This might happen when line with a leading null byte is read.
Avoid this case by checking that the string has a length of at least one
byte. Also change the unsigned int types to size_t to store length values
while we're at it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
installed
Doesn't make sense to populate properties like Auto-Installed for
packages that are not installed.
Fixes bugzilla #13760
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
If package 'a' recommends package 'b' and 'a' is installed using
--no-install-recommends, any following operation will install 'b', since
the solver will detect that 'a' has a missing recommends.
Fixes bugzilla #13758
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
Fixes bugzilla #13759
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
Etienne Cordonnier
Philip Lorenz
Khem Raj
Maciej Liszewski
Shruthi Ravichandran
Brenda Streiff
Chaitanya Vadrevu
Bryan Evenson
Bill Pittman
Henry Kleynhans
Alex Stewart
Brandon Streiff
Alejandro del Castillo
Zavaczki Raul
Philipp Trommler
Andrei Zene
Vladyslav Movchan
Jo-Philipp Wich