- This stuff doesn't belong in rpmfi, rpmte, psm or anywhere else either.
Invent a new dark hole to shove it into...
- No functional changes as such, just shuffling things around.
- rpmplugins.[ch] implements the rpm internal plugin management
infrastructure, which is no business of anybody else. Mark the
symbols internal while at it.
- rpmplugin.h describes the API for the actual plugins, this is
to be made public once the API is considered stable enough (which
it certainly is not yet ;)
- Adjust our plugins to include the right header
- We hereby unceremoniously declare that from now on, SELinux and
other similar mechanisms are to live in plugins, rpm doesn't need
to know about every possible security etc mechanism there might be.
Its a big commit but as its really just removals...
- We need to disable sepolicy collection plugin for now as it relies on
built-in support for selinux, this not only makes no sense but
wont work now that there is no built-in support. The sepolicy
plugin needs to be merged into the selinux base plugin now.
- Another "breakage" is that --rebuilddb no longer relabels the database,
this needs plugins to called in a place where they currently cannot
be called. This needs to be resolved before next actual release.
- At least initially we're likely to use dbiIndexSet as an unifying
API between possible alternative backends, so this needs to
be available outside rpmdb.c.
- The mergesort() implementation we've carried all this time (even if
not compiled in when glibc is used) is one with the nasty BSD
advertisement clause, ugh. Better remove it late than never,
but let systems having mergesort() in their system libraries
(such as OSX) use it instead of qsort().
- We haven't removed or changed any interfaces in a way that would
require full soname bump, only a handful of new interfaces have
been added.
- There aren't actually any new interfaces in librpmbuild or librpmsign
but for sanity and consistency's sake they're all updated...
- Add an internal header for rpmds too to allow adding interfaces we
dont necessarily want to export in the public API, make the indexed
accessors available internally.
- rpmdb_dump, load, recover, verify, stat etc are useful at times,
but these are not. This also fixes build with internal db for
more recent versions of Berkeley DB.
- This is stupid... only librpm and librpmio actually need the bump due
to ABI breakage, librpmbuild and librpmsign are unchanged and could
use just a revision bump. But just incrementing the revision (or age)
would set us on collision course with maintenance updates to 4.9.x.
Then again its not like you can actually use librpmbuild or librpmsign
without also linking to librpm(io) so from everything needs rebuilding
anyway. This all also pretty much makes the whole libtool library
versioning a bit moot. Bah.
- There are places in rpmio and build that would benefit from hashing, but
hashFunctionString() being internal to librpm has prevented that. Rename
to rstrhash() to resemble the other foo in rpmstring.h for
minimal namespacing as its now public function and update callers.
- Also mark the function as "pure" - it only looks at its arguments.
This is one of the busiest functions in entire rpm so any optimization
no matter how minor is well worth it.
- Hereby awarding hashFunctionString() with the grand prize for
the Most Moved Around Function in rpm ;)
- We'll want to unify this and the similar caching done in librpmbuild,
so we need to expose these in the ABI at least, rename to get
them namespaced and use a separate source module (again) as
this is a pretty distinct functionality.
- This would really belong to librpmio but leaving here for now...
- Lots and lots of API changes, including what amounts to
rewriting of librpmbuild external API... The only exception is
librpmsign which is new and starts with 0
- In 4.4.x days, we used to have bunch of helper binaries in /usr/lib/rpm
executed through popt ping-pong, but there's nothing now that we'd
want to execute through aliases. Instead use bindir for the
default path, and additionally permit overriding through
RPM_POPTEXEC_PATH environment variable (mostly probably useful for
the testsuite)
- For a library with just one public function this might seem like
a huge overkill but it permits cleanly separating dependencies:
nothing but package signing requires GnuPG. This lets the signing
support be stuffed into a separate package, avoiding having to
drag gpg in on every installation (signing isn't something everybody
does) and without having potentially broken interfaces in the API,
essentially solving RhBug:624585.
It also liberates signing to use libraries that might be off-limits
for the core rpm, such as perhaps in the future doing signing
by ourselves with the help of something like gpgme (which requires
far too many things to drag into core rpm).
- This isn't a regular source file: its not compiled as such but only
included from tagname.c. Rename to disambiguate, and make it similar
to rpmhash.[CH]
- Add popt exec aliases to rpmdb for backwards compatibility
- Change test-suite to use 'rpmdb --initdb' instead of 'rpm --initdb'
as popt exec aliases with absolute paths dont play very well
with the test-suite, duh...
This moves most of the plugin logic to a new rpmplugins file with a
struct and functions for managing plugins, allowing for plugins to carry
state. This also adds init and cleanup hooks for plugins to initialize
and cleanup their state, and a new 'open te' hook allowing plugins to
read and save information from transaction elements.
This also generalizes the plugin architecture a bit so it isn't so
specific to collections.
This patch adds a simple plugin system that makes simple problems easy to
solve, and difficult problems, such as SELinux, possible.
When the transaction gets to the point where a collection action should occur,
it expands a macro of the form %__collection_<collection name> to get the path
to a plugin and any additional options. The plugin is dlopen'ed, and the
appropriate function is called in the plugin, with the additional arguments
passed in.
This also adds a --nocollections option to disable performing Collection
actions.
- Chroot is a process global state so it needs to be tracked globally.
A process can (in theory) have several transaction sets, each with
different roots (although only one can be active at any time), so
associating the chroot state with transaction set (as currently done)
is not right.
- "Reference count" chroot entering and exiting so callers dont need
to track the state changes individually when they need to go
in and out of chroot if not already done.
- This should probably go to librpmio eventually but as there are no
needs outside librpm currently, keeping this internal so we're free
to fiddle with the api if necessary
- Besides there not being much point in having a separate source + header
for a small single function, this fixes build on case-insensitive
systems such as Mac OS X.
- the dbi presents an internal api of its own, and deserves a separate
header (baby steps to making dbiIndex opaque outside the backend)
- move dbiVerify() to the backend where it belongs
- mark all the dbiFoo() functions as internal
- Split the low-level scriptlet machinery out of psm
- New struct to hold the necessary information about scriptlets so
we can execute them without having a header at hand.
- Trigger handling is hackish and needs more love...
- while the "really public" API of librpmio has only been enhanced,
librpm and librpmbuild use some supposedly internal bits which *have*
changed considerably, so just to prevent anybody thinking they can
combine librpmio from rpm 4.7 and librpm from this...
- librpmbuild hasn't seen much real change but some (unfortunately)
exposed struct members have changed so...
- librpm is mostly compatible but as rpmal has become internal API,
we need to bump (annoyingly, as nothing actually uses rpmal ... sigh)
- new pgpVerifySig() call to perform the lowlevel verify, use for
verifying DSA/RSA signatures
- librpm is now free of NSS specifics (apart from what still leaks through
including rpmio/digest.h), remove linkage
- if built with --with-acl, check that files and directories don't have
any extra acl's set
- for now, any acl beyond the regular unix permission set is reported as
file mode difference as the acl's cannot have been set by rpm itself
- patch from Andreas Gruenbacher, modified to use libacl instead of raw
xattrs for portability, BUT atm this uses non-portable acl_equiv_mode()
Linux libacl extension, the posix draft doesn't seem to have much in
the way of comparing entries :-/
- add minimal bits and pieces to check for capabilities in files on verify
- for now, any capability set is a verification failure as the capability
cannot have been set by rpm itself
- patch from Andreas Gruenbacher, modified to use libcap instead of raw
xattrs for portability
- everything is now accessible through other methods, no need to expose
our internals
- tagtbl.c is now included from tagname.c instead and not separately built
Panu Matilainen