Age | Commit message (Collapse) | Author |
|
- it comes with free collation when moving the LC_ALL declaration up a bit;
this fixes a bug where the .FILES were not being properly sorted and
their order depended on directory creation order, which broke
reproducible builds in the wild.
- it handles sorting null-delimited output everywhere, without sort -z;
this lets us get rid of sed hacks
- it is faster than invoking multiple find subprocesses
- dotfiles can be automatically printed *and the C locale sorts them first*
with a single ** glob
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We don't need to translate the "Copyright YEAR AUTHOR" part, no part of
it should probably be translated and it definitely shouldn't turn every
single license terms notice into a separate translation just because the
author/year is different.
Fixes FS#58452
Also consistently add a blank line after the copyright and before the
license terms.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This reverts commit 9cdfd18739cc4b0e2b2efeb9a92a3ea612c8505f.
We've never documented whirlpoolsums support in the manpage and no one
really seems to have realized we support it, let alone use it -- except
for a few parabola packages, being the contributor's motivation for
adding support.
The problem is that for two years the code has been broken. In commit
577701250d645d1fc1a505cde34aedbeb3208ea5 we moved to coreutils to
provide checksum commands, rather than openssl, but there is no
whirlpoolsums binary.
Properly fixing this would require re-adding a dependency on openssl,
independent of the libalpm crypto backend -- which defeats the purpose
of moving to coreutils in the general case. nettle-hash does not provide
a whirlpool algorithm any more than it does base64 (the original reason
for moving to coreutils).
Therefore, we should just drop support for this again.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It's most likely a case where output is being captured, so we shouldn't
be interleaving status messages with function output regardless. Setting
the pkgver() status message (the one time we use it in a subshell)
separately also makes it safe to change whether message.sh functions write
to stdout or stderr.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
`run_function_safe pkgver` is evaluated in a subshell and therefore does
not abort when it should. Explicitly check the return outside of the
subshell and abort if necessary.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Both run_function and run_function_safe will save and restore `shopt -p`
but the former is only called from the latter. It makes sense to save
this as part of a "safe" runner, so let's just do it in one place, there
where we save and restore everything else too.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When re-running makepkg for fakeroot, if `bash -x makepkg` was used this
is lost. Fix by encoding the current set of options explicitly in the
invocation, both for makepkg and for the wrapper used to test scripts
inside the source tree.
Also change to use ${BASH_SOURCE[0]} instead of $0 as the latter can be
anything the parent process wants, while the former is explicitly set by
bash itself to the filepath of the script.
See http://mywiki.wooledge.org/BashFAQ/028
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This causes package_$pkgname() to be preferred over package() in the
non-split case, but the behavior if both functions exist was
undocumented anyway.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The biggest issue is directly supplying the data within the format
string which can result in misinterpreting formatter sequences if a
printed variable contains an "%" in it. This character is currently
permitted in the pkgver field, though not in the pkgname. Also
pacman/libalpm itself has much looser limitations and this can appear
anywhere at all if a package was created by some other program.
For the package "iambroke-1%s-1-any.pkg.tar.xz", installed in the build
environment, the result is:
-> Generating .BUILDINFO file...
awk: cmd. line:3: (FILENAME=- FNR=1085) fatal: not enough arguments to satisfy format string
`-1%s-1'
^ ran out for this one
Followed by a .BUILDINFO which contains an LC_ALL=C sorted list of
$pkgname-${epoch:+$epoch:}$pkgver-$pkgrel-$arch ending in:
installed = iambroke
Which is cut short, then fails to list the succeeding packages. The
package itself successfully builds.
It's also unnecessary to save the output of pacman -Qq in order to get the
information for pacman -Qi, since the latter will, just like the former,
return information for all installed packages if not given a package
name(s).
While I am at it, pipe this directly to awk rather than keeping a copy
in an unnecessary local variable. This is slightly more efficient in
addition to preventing the <<< herestring from re-interpreting the
content of "$pkginfos" in ways that don't really matter for our usage.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This reverts commit 9e52a36794552b77ecf26f7f34b226d096978f1e.
The change to use declare for the split package metadata backup/restore
resulted in variables being declared at a local scope. When these variables
were unset (mostly noticed with debug packaging) this left the variable at
global scope defined. Revert back to the known good state.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When comparing the $BUILDDIR to the $startdir, we used string equality
instead of testing whether they are the same location, and ended up
appending $pkgbase even though there's no reason to use it here.
In some cases, this could result in makepkg erroring when trying to
create $srcdir/$pkgdir, if a file with the same name as the $pkgbase
exists. This is expected behavior if a file "src" or "pkg" exists, but
decidedly less so for $pkgbase.
This could be fixed either by setting $startdir to an absolute path, or
by ensuring the test checks this directly; I've chosen to do both, since
the test should really be correctly checking the thing it actually cares
about, but since we ensure absolute paths are used everywhere else, this
might bite us elsewhere someday. It's also more consistent.
Fixes FS#58865
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It's especially dangerous in trap handlers since the return value of the
function becomes the return value of the last command before the trap,
not the last command in the current function. This applies to any
function executed in a trap handler, nested functions included.
In one case, install_packages failed (via return 14), which was inside a
conditional that then ran exit 14, which triggered the EXIT handler,
which called clean_up, which called remove_deps, which had !RMDEPS and
thus returned. The return value of remove_deps became the return value
of install_packages, triggering the ERR handler, which (due to another
problem) was still the user function handler, which then printed a
misleading error message and overrode the exit code with 4.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit 8ff03868a37b1f9c447784ae2fd639a49e426399 PACMAN_OPTS was
turned into an array. Unfortunately, that array was generated by
treating the "--color never" option as one string, instead of an
array of two strings...
Fixes FS#58820
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
$restoretrap is empty if the trap was not set. This caused the trap
handler to remain and override later exit codes.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit d8717a6a9666ec80c8645d190d6f9c7ab73084ac the write permission
checks were refactored. Initially we intended to drop this chmod in the
process, but due to some confusion about whether it was needed, I ended
up submitting patches both to preserve and to remove it... but it's not
needed after all. We do it on the individual $srcdir/$pkgdir, later on.
Then, we used the wrong version, which causes unnecessary restrictions.
See FS#58790
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Reported-by: Rafael Ascensão <rafa.almas@gmail.com>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit d8591dd3418d55c5736022ef003891fc03b953e0 when teaching
--packagelist to print the full filepath for built arches only, I forgot
to update the helptext at the same time as I updated the manpage.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit 5698d7b66daa2a0bc99cab7a989cef1c806c3bf6 a new non-root use of
pacman was added -- previously we used -T or -Qq, and run_pacman did not
know how to special-case -Qi to skip being prepended with sudo.
The result is:
-> Generating .BUILDINFO file...
ERROR: ld.so: object 'libfakeroot.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
[sudo] password for eschwartz:
-> Adding changelog file...
Fix this by using a more generic glob since neither -Q nor -T will ever
need sudo or PACMAN_OPTS
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Many of these are pointless (e.g. there is no need to explicitly turn on
spellchecking and language dictionaries for the manpages by default).
The only useful modelines are the ones enforcing the project coding
standards for indentation style (and "maybe" filetype/syntax, but
everything except the asciidoc manpages and makepkg.conf is already
autodetected), and indent style can be applied more easily with
.editorconfig
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Adding the architecture to the 'installed' elements of the .BUILDINFO
file makes it easier to retrieve the packages needed to reconstruct
the build environment.
Signed-off-by: Robin Broda <robin@broda.me>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Architecture information is required for repro tooling
This is a revised version of https://patchwork.archlinux.org/patch/475/
Signed-off-by: Robin Broda <robin@broda.me>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
micro-optimization: We only care about temporarily enforcing extglob, so
that is the only one we need to explicitly restore.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Some scripts are using `break 2` to break out of the option parsing
loop.
Since a single `break` is sufficient in these cases, remove the extra
argument.
Signed-off-by: Rafael Ascensão <rafa.almas@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Rather than manually crafting foo_backup in a loop and eval'ing them
with a complicated escape pattern, store every splitpkg_overrides
element into a single variable via the eval-friendly `declare` builtin.
An alternative to eval would be using `printf -v` but this does not work
for arrays.
This has the additional benefit of reducing the number of
variables/arrays floating around in the environment.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Currently the only things we check are:
- Things that should be arrays, are not strings, and vice versa (this
was mostly copy-pasted from the similar code in lint_pkgbuild).
- Variables that are meant to contain pathname components cannot contain
a newline character, because newline characters in pathnames are weird
and also don't play well with future changes intended for the
--packagelist option.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Followup on c6b04c04653ba9933fe978829148312e412a9ea7 which refactored
the signing function to run outside of fakeroot, and in the process
moved the status message to outside the $SIGNPKG check.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Additionally provide a separate error for failure to create the
directory vs lack of write permissions on a pre-existing directory.
This also means we now consistently try to create any nonexistent *DEST
directories as needed before aborting with E_FS_PERMISSIONS. Previously
only $BUILDDIR received that kindness.
Fixes FS#43537
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
make update-copyright OLD=2017 NEW=201
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
makepkg configures the umask 0022 as a sane default for building
packages. After installing dependencies, it sources `/etc/profile`
again. If the user configured a umask other than Arch's default of
0022 (or 022) in `/etc/profile`, this sane default is now gone and
needs to be set again.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Before this change, LC_TIME=zh_TW.UTF-8 makepkg has the following line:
==> Making package: foobar 1-1 (日 2月 11 01:13:42 CST 2018)
With this patch, this line becomes:
==> Making package: foobar 1-1 (西元2018年02月11日 (週日) 01時13分57秒)
The latter is more natural for a Chinese native speaker.
Signed-off-by: Chih-Hsuan Yen <yan12125@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit ab2be5794de8a57426ec3fc0f631cc766a0b8227 return codes were
implemented, and the output of install_package was improperly assigned
to a variable when the return code was wanted.
All we need to do is restore the previous exit handling, but return $?
instead of hardcoding "0".
Reported-by: xftroxgpx <xftroxgpx@protonmail.com>
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Commit 8bec63bf92d8dd028aa88dbd5109c314cdb9ebea attempted to switch to
using -fdebug-prefix-map to set file locations in debug packages. It
make a few mistakes...
1) Adding debug C{,XX}FLAGS only worked if DBGSRCDIR was defined in
makepkg.conf. Fix this by falling back to the default value.
2) Using -fdebug-prefix-map altered a lot of assumptions about file
locations when copying source files into debug packages. This resulted
in lots of messages of failed cp in packaging output.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In eaa82b4d0775252856a4e54a6f2a9ea191cf0b8f source_has_signature() was
modified to check if git repositories are marked as signed. However, due
to a typo the unused variable $netfile was checked. This worked as long
as the last source element was marked as signed, due to $netfile being
mistakenly set as a global in check_vcs_software(), but usually failed
with multiple sources.
Break this more consistently by properly declaring $netfile as a local
variable in check_vcs_software() which it should be regardless. Fix it
again by completely moving over to $netfile in source_has_signature()
as netfile is more descriptive of the current state.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In commit 8b0d59b83a60eb504567590346119fe4cd891cad support was added for
storing the source files of binaries in debug packages. This made use of
the debugedit program which is part of the RPM package manager, which is
not very standalone.
The same effect can be achieved using -fdebug-prefix-map, an option
accepted by both the gcc and clang compilers which modifies how the
compiler itself stores the references to the source files rather than
requiring us to later edit the produced binaries. This also removes the
dependency on external programs like debugedit.
As a result of this change, source files will only be effectively added
for programs which actually use the exported CFLAGS. This is a reasonable
tradeoff as we expect our CFLAGS to be used rather than ignored. Upstream
software which do not produce useful debug packages are expected to fix
their build systems to respect the environment CFLAGS.
As a result of this change, the routine for extracting source filenames
from binaries had to be modified to derive the source file from the
final debug location, rather than the other way around.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This allows for more easily extending the list of allowed compression
methods, as it has to be modified in only one place.
Also allow the user to specify their own preferred command + options for
source packages in addition to compiled packages. Currently,
makepkg.conf(5) erroneously claims this is already possible.
|
|
The extra variables on the commandline were inconsistently applied. They
should override anything else, instead, most were overridden by
environment variables with the exception of BUILDDIR (and this was not
sanity-checked to see if it had write permissions).
e.g. given the commandline:
`PKGDEST="$(pwd)"` BUILDDIR="$(pwd)" makepkg PKGDEST=/doesnt/exist BUILDDIR=/doesnt/exist`
We would incorrectly use the current working directory for PKGDEST.
Meanwhile, we checked the wrong directory for BUILDDIR, and later
errored when we tried to create $srcdir inside the non-writable
directory "/doesnt/exist".
In order to fix this, use the preferred bash builtin for saving variable
definitions, similar to how we restore traps etc. rather than tediously
redefining each one by hand, and restore this immediately after
makepkg.conf is sourced. Finally, the `make`-style commandline overrides
are applied.
Also canonicalize_path is applied only on the final paths we try to use.
While it is unlikely the value in makepkg.conf will be a relative path,
since we now properly respect commandline overrides, they should be
canonicalized as well.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
For your convenience, makepkg now has 16 distinct ways to fail.
Also closes FS#54204.
Signed-off-by: Ivy Foster <iff@escondida.tk>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Not all sed implementations on linux accept the --follow-symlinks
argument, so let the user configure the arguments passed to sed if
required.
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
[Allan: fixed configure summary output]
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If SOURCE_DATE_EPOCH is set, `touch` all source files between the (optional)
prepare() and build() functions to unify the modification times. This works
around build systems and compilers that embed the file modification times
into the file contents of release artifacts.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The .BUILDINFO file should retain all the information needed to reproducibly
build a package. Add some extra information to the file and also provide a
version number to keep track of future changes.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In write_pkginfo, we checked if $PACKAGER was undefined, and gave a default
value if not. Just do this upfront to simplify this function.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
There is little savings in only writing pkgbase when different to pkgname, and
it makes determining the pkgbase by parsing .PKGINFO slightly easier. Lets just
write it...
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Since 8a02abcf19, this attribute will never exist. Remove check to write it.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This patch introduces the SOURCE_DATE_EPOCH environmental variable. All files
in a package are adjusted to have their modification dates set to the value
of SOURCE_DATE_EPOCH, which defaults to "date +%s".
Setting this variable allows a package that is built twice in the same
environment to be (potentially) reproducible in that the checksum of the
generated package file will be the same.
Also adjust the compression of the mtree file to avoid gzip embedding a
timestamp.
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
|
|
This information is duplicated (in less friendly format) in the "builddate"
entry and removing it improves reproducible packaging.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
|