- Commit ac0ab016a5 unintentionally
changed the order of the problems shown in verify strings due to
a dumb oversight (greetings to self, duh). In other words, this
fixes a verify output regression in rpm >= 4.9.x by restoring
the long-standing (and documented) order of the verify output chars.
- Also fix the testcase which unfortunately was only added after
the output-changing commit so it didn't catch the breakage either :-/
- Add NULL checks and add/adjust comments where appropriate.
- The remaining callers should handle NULL fi gracefully if not
entirely correctly: rpmfiFC() returns 0 on NULL fi, so these
callers just see the erronous file info set as "no files" case.
Something to fine-tune later...
- Return error from verifyscript if rpmteNew() fails. This can't
currently happen but handling this error makes it possible to
do sanity checks on the header contents, such as file list integrity etc.
Unlikely to occur for installed packages, but verify can be run
on non-installed packages as well, where failure is more of a possibility.
- The common pattern here is grabbing current flags to a local
variable, modifying them for an operation and then restoring,
which is fine... but we dont care about the previous flags
when we're restoring them.
- Verification from non-installed packages can be useful sometimes:
http://lists.rpm.org/pipermail/rpm-maint/2011-May/003015.html
- %verifyscript is unlike all other scriptlets so might as well
take some shortcuts and bypass rpmteProcess() & all, just
create a lone rpmte, force the header we got and call rpmpsmRun()
directly on it, bypassing rpmteProcess() which is only an
unnecessary complication here (based on patch by Michael Schroeder)
- Non-regular files mostly share the same unverifiable properties,
no point in listing all the cases separately. Links are a notable
exception in that they're different from everything else, handle
that separately.
- Also clean up other formatting: wrap lines at a better point +
avoid multiline-comments when single line suffices.
- We can't verify any properties of replaced files, but we can and
should still see if it exists at all.
- Files skipped due to wrong color are supposed to share some of
the attributes with the file that got actually installed, such
as permissions and whether it exists at all. Verify what we can
instead of silently ignoring.
- We'll want to unify this and the similar caching done in librpmbuild,
so we need to expose these in the ABI at least, rename to get
them namespaced and use a separate source module (again) as
this is a pretty distinct functionality.
- This would really belong to librpmio but leaving here for now...
- Shuts up couple of "not in enum" complaints from gcc, and actually
"no state" is a perfectly valid state for one case: non-installed
packages (so remove the "not valid" comment from formats.c)
- OTOH, this created a new complaint for not handled case in a switch.
Oh well, fix it up too...
- Technically this changes the rpmcliQuery() and rpmcliVerify() API
in the sense that we no longer honor the qva->qva_flags for the
--nosignature and others, but we assume anybody using these (as if
anybody was using the "cli" API) uses rpmcliInit() which takes
care of these common bits... shrug.
- Ditch ancient and hidden --nopgp --nogpg switches along with the
dishwater which are simply alias to --nosignature.
- Eliminate now unused qva_flags from rpmInstallArguments (along with
a double vsflags goo from rpmgraph)
- Eliminates some copy-paste slopping. Verify code traditionally only
shows the first attribute, take care to keep that format to avoid
breaking scripts unnecessarily
- rpmVerifyFile() reports things as they are in reality - if timestamps
on disk differ to header then it reports it. Filtering on the result
belongs to the code interpreting the results.
- test verifyscript existence in rpmVerifyScript() instead of caller,
making it safe+correct for calling on any header
- eliminate unused/unnecessary arguments, local variables and bogus leftover
comments
- a couple of important steps in chroot() in and out sequence missing,
causing "No such file or directory" whining on return from chroot()
unless cwd happened to be /
- only init problem iterator if there are problems
- use problems and nevra from the faked up transaction element
- the return code is the number of problems, no need to count separately
- The psm structures aren't stored or passed around by any users,
so there's no need for them to separately allocate and free the
struct, bury this all inside rpmpsmRun() which takes care of
initialization, actual actions and freeing.
- There's also no need for refcounting now as allocations are completely
contained within the rpmpsmRun() blackbox. Lose psm-debug foo which
was only used for refcount debugging.
- No functional changes
- Loose rpmpsmScriptStage() hack and bury the psm details inside
the psm implementation
- Map the script-only goal enums to the corresponding script tag
to avoid having to re-re-re-map stuff unnecessarily
- pretrans and posttrans should really be handled as a part of PKG_INSTALL
process, but as these stages are disconnected from the main install
part we can't remember the state in the psm - it would need to be
stashed into transaction elements in the meanwhile
- disable dependency caching on chrooted verify to avoid ugly spew
from paths containing outside paths while we're actually inside the
root during verification
- correct fix would be to fix the temporary db path calculation
- add %verify(nofiledigest) as %verify(nomd5) file attribute alias
- reference digests as digests not checksums
- make old md5 related symbols obsolete and use newer reference
- update man page accordingly
- fake up a transction element set that we can use to convince psm to
execute the script
- a bit hacky but by no means worse than the former fi->h abuse with
scaremem and all
Panu Matilainen