Some targets like Contents-udeb are special-needs targets. Shipping the
configuration snippet for them is okay, but they shouldn't be downloaded
by default. Forcing the user to enable targets by uncommenting targets
is wrong and this would still not really solve the problem completely as
even if you want to download some -udebs it will probably not be for all
sources you have enabled, so having the possibility of disabling a
target by default, but giving the user the option to enable it on a
per-source entry basis is better.
use c++11 algorithms to avoid strange compiler warnings
Nobody knows what makes the 'unable to optimize loop' warning to appear
in the sourceslist minus-options parsing, especially if we use a foreach
loop, but we can replace it with some nice c++11 algorithm+lambda usage,
which also helps in making even clearer what happens here.
And as this would be a lonely change, lets do it for a few more loops as
well where I might or might not have seen the warning at some point in
time, too.
Some additional files like 'Contents' are very big and should therefore
kept compressed on the disk, which apt-file did in the past. It also
implemented pdiff patching of these files by un- and recompressing these
files on-the-fly, with this commit we can do the same – but we can do
this in both pdiff patching styles (client and server merging) and
secured by hashes.
Hashes are in so far slightly complicated as we can't compare the hashes
of the compressed files as we might compress them differently than the
server would (different compressor versions, options, …), so we must
compare the hashes of the uncompressed content.
While this commit has changes in public headers, the classes it changes
are marked as hidden, so nobody can use them directly, which means the
ABI break is internal only.
auto-prefix $(SITE) for indextargets Description field
This updates the documentation for a change which actually happened in c2a4a8dded2dfb56dbcab9689b6cb4b96c9999b6 already. The acquire system
expects the $(SITE) to be there (e.g. for mirror rewriting) so we are
better of prefixing it automatically than giving frontends the chance to
forget it. There is no point in not showing $(SITE) first anyway.
Disabling pdiffs can be useful occasionally, like if you have a fast
local mirror where the download doesn't matter, but still want to use it
for non-local mirrors. Also, some users might prefer it to only use it
for very big indextargets like Contents.
This could allow an attacker to mark a package as installed in a
remote package index, as long as the package was not listed in
the dpkg status file.
This way, an attacker could force the installation of a package
during a dist-upgrade, by providing two packages in an index,
an older marked as installed, and a newer - apt would "upgrade"
to the newer version.
We dup() the file descriptor when opening compressed files, so we
always need to close the dup()ed one. Furthermore, not unsetting
the d-pointer causes issues when running OpenDescriptor() multiple
times on the same file descriptor.
cacheset: Prefer the depcache over the policy again
By preferring the policy over the depcache, we ignore any changes
we made in the depcache, which makes it impossible for code to
change the candidate used here.
allow explicit dis/enable of IndexTargets in sources options
While Target{,-Add,-Remove} is available for configuring IndexTargets
already, allow Targets to be mentioned explicitely as yes/no options as
well, so that the Target 'Contents' can be disabled via 'Contents: no'
as well as 'Target-Remove: Contents'.
use always priv-dropping for changelog download as root
First of, the temporary directory we download the changelog to needs to
be owned by _apt, but that also means that we don't need to check if we
could/should drop privs as the download happens to a dedicated tempdir
and only after that it is moved to its final location by a privileged user.
For many usecases like the acquire system libapt-pkg actually needs
tools and config found in the apt package. apt tends to be installed
everywhere libapt-pkg appears usually anyhow, but just in case to nudge
users (and tools) in the right direction.
Note that this isn't and shouldn't be a hard depends as there are
usecases working perfectly without 'apt' and as this is such an esoteric
problem incurring the costs arising from a Depends-Breaks-loop isn't
deemd as worth it.
The parameter name suggests that it should forbid the building of the
entire cache in memory, but this isn't how it was previously and as
AllowMem is false by default it actually prevents previous usecases from
working like being root and configuring apt to build no caches at all.
This should be fixed at some point to actually work, but that is hard to
pull off as it means switching the default and some callers (including
apt itself) actually did call it explicitly with false in certain
cases for no apparent reason (at least now where it is common to have
enough memory to throw at every problem and even if not is a slow apt
usally better than an apt erroring out).
Fetched() was reported for mostly nothing, while we should be calling it
for files worked with from non-local sources (e.g. http, but not file or
xz). Previously this was called from an acquire item, but got moved to
the acquire worker instead to avoid having it (re)implemented in all
items, but the checks were faulty.
We deal with Conflicts in SmartUnpack in pretty much the same way, but
Breaks weren't handled in SmartConfigure so that the remove was sheduled
after the configuration of the package breaking the to-be-removed.
After fixing Bug#796999, we noticed that there were
some more instances of iterators which had no associated
Dynamic object, causing them to not be updated when
the cache was remapped.
This happened in two places: In NewPackage() and in
NewProvidesAllArch().
pkgcachegen: Account for remapping when parsing depends from NewPackage
In both the Ver and Dep variables, we need to account for remapping,
as otherwise we would still reference the old bug.
Reproduction environment:
* An i386 system with amd64 foreign architecture
* A sources.list with
deb http://snapshot.debian.org/archive/debian/20150826T102846Z/ unstable main
deb http://snapshot.debian.org/archive/debian/20150826T102846Z/ experimental main
Thanks: Jakub Wilk for the bug report and the backtraces Closes: #796999
Do not crash in 'apt show' for non-installed packages
For a non-installed package, manual_installed was set to the null
pointer. This was passed to Tag::Rewrite, which expects an string
(empty for null-type values) and the conversion from null pointer
to string does not work correctly.
Drop the Section field from pkgCache::Package again
This somehow got back, we don't really know why. Emulate the
Section() method in the PkgIterator by looking at the section
of the head of the VersionList.