- Almost nothing works if crypto fails to initialize for whatever reason,
check and propagate rpmInitCrypto() failure from rpmReadConfigFiles().
- Logging the error left for individual crypto backends to let them
identify themselves: beecrypt requires no initialization whatsoever
so it cannot fail at all, but NSS can fail in a number of entertaining
ways due to missing dlopen()'ed bits and pieces, this should help
avoiding wild-goose chases in such cases (RhBug:909627, RhBug:909618...)
- During long-running transactions its entirely possible for some
other player to come and go leaving stale locks behind and cause
the transaction to get stuck until the cavalry comes along in the
form of somebody else opening the rpmdb, clearing the blockage.
- Presumably dbenv->failchk() is not entirely free of cost so we only
do this for writes which are way more critical and also more prone to
getting stuck.
- dbenv->failchk() could return DB_RUNRECOVER in which case we should
abort everything but we lack a mechanism to do it... just add
a reminder comment for now.
- Make rpmfiConfigConflict() consider any existing %ghost %config
as "modified". This causes them to be left alone on erasure to match
long-standing rpm behavior (whether the behavior is intended or not...)
Ghost config testcase passes again, talk about flip-flop. Sigh.
- Legacy behavior had an extra twist which we are intentionally NOT
restoring: if a non-empty %ghost exists at build-time, its digest
is stored in the header despite the file not being present in
the payload. With previous versions of rpm, the contents of an
existing %ghost %config would be compared to the one in header and
resulting in different behavior on erasure: if the contents matched
that of build-time, the file would be removed, otherwise it would
be preserved. Ghosts remembering their identity from previous life
goes a little bit too far into the land of paranormal for me...
- Explicitly test for shared file/dir being ghost when deciding whether
to skip create: we must never skip the creation of a real file/dir
because of a ghost as the ghosts do not get created.
- This fixes the shared ghost testcase, ie the thing that commit
a712252392 was supposed to fix,
without side-effects that I can see.
- Reverts the bad half of commit a712252392eca75443ca45c10a72873cabec7963:
treating files that wont be installed as skipped seems logical enough,
but rpm disagrees... making %ghosts FA_SKIP on install causes
upgrades on %ghost %config files to miss the necessary FA_SKIP getting
set on the erase half via handleInstInstalledFile() and
rpmfiDecideFate(), causing %ghost %config files to be nuked. Which isn't
very nice when your /var/lib/rpm/ contents are packaged as
%ghost %config...
- This fixes the %ghost %config testcase but breaks the shared %ghost
case in turn.
- Only skip shared file/dir creation if its actually being created
by another package. Previously we could've decided to skip an entry
where the other file was also being skipped for some other reason.
- Ensure %ghost entries always have FA_SKIP on install, previously
they often were FA_CREATE which makes no sense for %ghost. We dont
encounter %ghosts at all during install in the FSM as they dont
exist in the payload, but the file disposition calculations need
to take them into account now that we're avoiding redundant creates.
- Fixes a regression from commit f7f5f88f9f
which unearthed the %ghost FA_CREATE issue, reported here:
http://lists.fedoraproject.org/pipermail/buildsys/2013-January/004047.html
- Previously the pool would only get allocated on successfull addition
of install or erasure elements, causing assert() failures on
operations on empty transaction set, which should be just a no-op,
not an error.
- Make rpmtsPool() create the pool if it doesn't exist, update relevant
users to call rpmtsPool() instead of directly accessing tsmem->pool,
this avoids having to worry about pool existence in all the various cases.
- Also fix up the pool-related comment on rpmtsEmpty(): pools does not
and can not support emptying as it could break references to its
contents. Per-string refcount would be needed for emptying support.
- grabData() only returns non-NULL on data length > 0, separately
checking for length only makes it look like a possible case when
its not. If it were, it'd be a memory leak.
- rpmpkgRead() starts with assumed failure, but there are a number
of places assigning the return code, and by the time we get
to the parsePGPSig() calls its likely to be RPMRC_OK, so the
jumps to exit result in "all is well" return code on a signature
we couldn't even parse. Oops.
- Set the failure status explicitly to fix this fairly nasty regression
introduced in commit e8bc3ff5d7, ie
rpm >= 4.10.
-All post hooks take an additional rc argument that indicates general return code from operation.
-All post hooks are always called if correspoding pre hook has been called.
-The return value from post hooks is curently ignored
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Three new hooks added:
PLUGINHOOK_SCRIPTLET_PRE_FUNC
Called before scriptlet execution
PLUGINHOOK_SCRIPTLET_FORK_POST_FUNC
Called after fork() but before scriptlet execution
PLUGINHOOK_SCRIPTLET_POST_FUNC
Called after scriptlet execution
Currently pre and post hooks are called for externals and internal lua scripts.
post hook is called even if scriptlet execution has failed and
the return code is given as an argument.
fork_post hook is only called for external scriptlets,
because for internal scriptlets no fork() is currently performed.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Two new hooks added:
PLUGINHOOK_SCRIPT_PRE_FUNC
Called before script execution
PLUGINHOOK_SCRIPT_POST_FUNC
Called after script execution
Both hooks are called for externals and internal lua scripts.
POST hook is called even if script execution has failed and
the return code is given as an argument.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
- Since commit f7f5f88f9f, only the first
instance of shared files is created, the rest are FA_SKIP which
consume no disk space and are not counted either.
- When updating packages, we first create them with a temporary names
and only after all files from payload have been created this way,
the files are renamed to the final target. This means that performing
an update temporarily requires roughly twice the disk space (and inodes)
compared to the final result on per-package level. Which matters
when space is tight, such as presumably in RhBug:872314.
- Simulate what happens on upgrades by adding block and inode delta
to the equation: installing a file always consumes an inode and
the specified amount of disk space. But when replacing files,
reduce the size-delta from disk consumption *after* checking for
problems in a given DSI.
- Also fixes inode accounting which has been broken for forever (since
commit a9a1fd866c more exactly)
- There of course already is a drop-in directory for macro config bits
in $(sysconfdir)/rpm/ but as /etc is supposed to be per-host admin
territory, having another place for system package provided rpm config
doesn't seem unreasonable.
- Whether this early in the path is the best possible or even reasonable
position for this remains to be seen... but this way it could be used
for "factory default" config bits by rpm itself as well, while still
permitting vendor/host/user override.
This change adds a new type of the rpm plugin, called transaction plugin
and a set of initial hooks for this plugin. The hooks are:
PLUGINHOOK_TSM_PRE
Pre-transaction hook that is called before an rpm transaction begins
PLUGINHOOK_TSM_POST
Post-transaction hook that is called after an rpm transaction ends
PLUGINHOOK_PSM_PRE
Pre-transaction-element hook that is called before an rpm
transaction-element is processed
PLUGINHOOK_PSM_POST
Post-transaction-element hook that is called after an rpm
transaction-element is processed
PLUGINHOOK_SCRIPT_SETUP
Per-script hook that is called once for each rpm mainainers script
that is present in the package
Each hook is called for every plugin that have this hook registered.
The avaliable transaction plugins can be specified in macros.in via
transaction_plugins element.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
- In recent Fedora, struct selinux_opt value member is changed to an
anonymous union of char * and char **. Initialize the members by name
to avoid warnings in both (patched and unpatched) cases.
- We haven't removed or changed any interfaces in a way that would
require full soname bump, only a handful of new interfaces have
been added.
- There aren't actually any new interfaces in librpmbuild or librpmsign
but for sanity and consistency's sake they're all updated...
- In the package/transaction related things the strpool is more of
an internal implementation detail than an end-goal in itself, move
string pool related interfaces of rpmts, rpmfi and rpmds to
internal-only APIs for now. The kind interfaces we'll want to eventually
export a) dont exist yet and b) are likely to be something very different.
- The string pool itself remains exported however, its a handy data
structure for all sorts of things and both librpm and librpmbuild
heavily use it already.
- There are no guarantees Fread() will return all of the requested size:
it can return partial data eg on signals and pipe descriptors. Introduce
a helper function to handle this centrally for all package read IO,
effectively reintroducing timedRead() but without the caveats:
timedRead() did not work on compressed streams, did not handle
eg EINTR correctly and while really being an internal helper,
was exported in the API.
- When the "BEGIN PGP" marker is not found at all, we would silently
exit with success when trying to import utter garbage, such as
rpmkeys --import /bin/bash (not that I consider bash as gargabe ;)
- Prior to string pool existence, the static "caches" were kinda
necessary for sharing the relatively static content of user/group
names and file languages, but this is nothing but an unfreeable
block of memory at this point. Just use the same pool as everything
else - whether private or shared.
- If link or regular file sizes differ, they cannot possibly be
identical. Saves us from doing bunch of pointless string and
memory comparisons on what's a very busy path - not exactly a huge
with but measurable nevertheless.
Add compatibility support for both lua-5.1 and lua-5.2,
assuming that the LUA_COMPAT might have been disabled.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
- Calculating digest of %ghost config is useless as there's nothing
to compare the result to. Also we never take backups of %ghost
configuration anyway, so this is a total waste of time. One common
case of %ghost %config is the rpmdb (environment and all) which
can be rather large and calculating digests can take several seconds,
only for the results to be thrown away unused.
- There are some cases where it might be reasonable to back up %ghost
%config (eg if it gets replaced by non-config), but
rpmfiConfigConflictIndex() doesn't have sufficient context to figure
that out. For now, preserve the traditional simple rule: no backups
for ghosts, ever.
- Related to commit bee348b5d1,
use the newly added obsoletes hash to lookup already added
obsoleters. Eliminates the dumb linear lookup and is unsurprisingly
a whole lot faster on larger transactions.
- Similar lazily created hash as provides for fast obsoletes lookups.
This is so similar the provides that creation etc functions should
be unified, but leaving that exercise till later.
- Use indexed access to the dependencies so we're not mucking with
the rpmds iterator index behind anybodys back, this could affect
all sorts of things but miraculously nothing is hitting it atm...
- Add an internal header for rpmds too to allow adding interfaces we
dont necessarily want to export in the public API, make the indexed
accessors available internally.
- Various places in rpm need random access to the dependency sets,
save and restore on somebody elses "iterator index" just doesn't
cut it. This is merely preliminaries for further changes.
- Separate provides and files hash creation, delay both until the last
moment before first valid lookup. In practise, this means the provides
hash is created early due to lookups from rpmtsAddInstallElement(),
but the big bad file hash creation is delayed until the entire
transaction set has been more-or-less populated. Which means we have
a better idea about the necessary hash table size, meaning fewer
hash resizes, resulting in good deal faster execution with no
downsides - if something happened to trigger an early file lookup
it'll all still work, just slower.
- Replace the dumb linear search across all elements on each
addition with (filtered) rpmal lookups where possible. rpmal
doesn't (yet) have obsoletes information so for already added
obsoletions we have no choice but to walk the walk.
- As a result, findPos() is hugely faster for large transactions
but rpmal hashes are now generated on the fly for everything
instead of doing it all at once before the actual dependency
checks / ordering, which will cost us something in terms of
hash table resizes.
- rpmRelocateFileList() doesn't modify anything when no relocations
are to be done, but what it does is not exactly free, unnecessarily
calling it is dumb.
- The provides hash lookup can and does return hits that dont actually
satisfy the dependency. Dont bother callers with apparent hits
(ie non-NULL returns) when nothing actually matches the dependency.
- Avoids a little bit of extra work, we already have the relevant
bits of information in the rpmte and grabbing them from there is
cheaper than looking up stuff from headers. Also avoids creating
another copy of the new elements obsoletes dependency set unnecessarily.
- Now that the relevant places are accepting file index as argument,
we no longer need to save and restore fsm->ix in all the places
dealing with hard links.
Panu Matilainen