void pkgAcquire::Item::QueueURI(ItemDesc &Item)
{
if (RealFileExists(DestFile))
- ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(), "_apt", "root", 0600);
+ {
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(),
+ SandboxUser.c_str(), "root", 0600);
+ }
Owner->Enqueue(Item);
}
void pkgAcquire::Item::Dequeue()
for (std::vector<pkgAcqIndexMergeDiffs *>::const_iterator I = allPatches->begin();
I != allPatches->end(); ++I)
{
- std::string const PartialFile = GetPartialFileNameFromURI(RealURI);
- std::string patch = PartialFile + ".ed." + (*I)->patch.file + ".gz";
- std::cerr << patch << std::endl;
- unlink(patch.c_str());
+ std::string const PartialFile = GetPartialFileNameFromURI(RealURI);
+ std::string patch = PartialFile + ".ed." + (*I)->patch.file + ".gz";
+ unlink(patch.c_str());
}
// all set and done
// a reverify (as its uncompressed on disk already)
DestFile = GetPartialFileNameFromURI(RealURI);
+ // do not reverify cdrom sources as apt-cdrom may rewrite the Packages
+ // file when its doing the indexcopy
+ if (RealURI.substr(0,6) == "cdrom:")
+ return;
+
// adjust DestFile if its compressed on disk
if (_config->FindB("Acquire::GzipIndexes",false) == true)
DestFile += '.' + CurrentCompressionExtension;
// on if-modfied-since hit to avoid a stale attack against us
if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
{
- // do not reverify cdrom sources as apt-cdrom may rewrite the Packages
- // file when its doing the indexcopy
- if (RealURI.substr(0,6) == "cdrom:")
- return;
-
// The files timestamp matches, reverify by copy into partial/
EraseFileName = "";
ReverifyAfterIMS();
indexRecords *MetaIndexParser)
: pkgAcqIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser)
{
- // load the filesize
- indexRecords::checkSum *Record = MetaIndexParser->Lookup(string(Target->MetaKey));
- if(Record)
- FileSize = Record->Size;
}
/*}}}*/
// AcqIndexTrans::Custom600Headers - Insert custom request headers /*{{{*/
if ((*I)->Status == pkgAcquire::Item::StatIdle)
(*I)->Status = pkgAcquire::Item::StatDone;
- // kill files in partial
- std::string const PartialFile = GetPartialFileName(flNotDir((*I)->DestFile));
- if(FileExists(PartialFile))
- Rename(PartialFile, PartialFile + ".FAILED");
+ // kill failed files in partial
+ if ((*I)->Status == pkgAcquire::Item::StatError)
+ {
+ std::string const PartialFile = GetPartialFileName(flNotDir((*I)->DestFile));
+ if(FileExists(PartialFile))
+ Rename(PartialFile, PartialFile + ".FAILED");
+ }
}
}
/*}}}*/
return;
}
}
+ else
+ _error->Warning(_("The data from '%s' is not signed. Packages "
+ "from that repository can not be authenticated."),
+ URIDesc.c_str());
// this ensures that any file in the lists/ dir is removed by the
// transaction
TransactionManager->TransactionStageRemoval(this, DestFile);
// only allow going further if the users explicitely wants it
- if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
+ if(MetaIndexParser->IsAlwaysTrusted() || _config->FindB("Acquire::AllowInsecureRepositories") == true)
{
// we parse the indexes here because at this point the user wanted
// a repository that may potentially harm him
}
else
{
- _error->Warning("Use --allow-insecure-repositories to force the update");
+ _error->Error("Use --allow-insecure-repositories to force the update");
}
Item::Failed(Message,Cnf);
// No Release file was present so fall
// back to queueing Packages files without verification
// only allow going further if the users explicitely wants it
- if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
+ if(MetaIndexParser->IsAlwaysTrusted() || _config->FindB("Acquire::AllowInsecureRepositories") == true)
{
// Done, queue for rename on transaction finished
if (FileExists(DestFile))
QueueIndexes(false);
} else {
// warn if the repository is unsinged
- _error->Warning("Use --allow-insecure-repositories to force the update");
+ _error->Error("Use --allow-insecure-repositories to force the update");
TransactionManager->AbortTransaction();
Status = StatError;
return;
// No Release file was present, or verification failed, so fall
// back to queueing Packages files without verification
// only allow going further if the users explicitely wants it
- if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
+ if(MetaIndexParser->IsAlwaysTrusted() || _config->FindB("Acquire::AllowInsecureRepositories") == true)
{
Status = StatDone;
QueueIndexes(false);
} else {
// warn if the repository is unsigned
- _error->Warning("Use --allow-insecure-repositories to force the update");
+ _error->Error("Use --allow-insecure-repositories to force the update");
TransactionManager->AbortTransaction();
Status = StatError;
}
else
{
PartialSize = Buf.st_size;
- ChangeOwnerAndPermissionOfFile("pkgAcqArchive::QueueNext", FinalFile.c_str(), "_apt", "root", 0600);
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ ChangeOwnerAndPermissionOfFile("pkgAcqArchive::QueueNext",DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
}
}
else
{
PartialSize = Buf.st_size;
- ChangeOwnerAndPermissionOfFile("pkgAcqFile", DestFile.c_str(), "_apt", "root", 0600);
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ ChangeOwnerAndPermissionOfFile("pkgAcqFile", DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
}
}