Mailinglist Archive: opensuse-commit (1083 mails)
| < Previous | Next > |
commit zypper
- From: root@xxxxxxxxxxxxxxx (h_root)
- Date: Wed, 19 Sep 2007 19:14:21 +0200
- Message-id: <20070919171421.7C1D467817A@xxxxxxxxxxxxxxx>
Hello community,
here is the log from the commit of package zypper
checked in at Wed Sep 19 19:14:21 CEST 2007.
--------
--- zypper/zypper.changes 2007-09-18 13:39:49.000000000 +0200
+++ /mounts/work_src_done/STABLE/zypper/zypper.changes 2007-09-19 09:46:02.232874000 +0200
@@ -1,0 +2,12 @@
+Wed Sep 19 09:33:25 CEST 2007 - aschnell@xxxxxxx
+
+- close file-descriptors > 2 in zypp-checkpatches-wrapper (bug
+ #325556)
+
+-------------------------------------------------------------------
+Tue Sep 18 17:48:16 CEST 2007 - aschnell@xxxxxxx
+
+- call setgid and umask and check file-descriptors 0, 1 and 2 in
+ zypp-checkpatches-wrapper (bug #325556)
+
+-------------------------------------------------------------------
@@ -26 +38 @@
-- Show reason of commit error (#308511)
+- Show reason of commit error (#308511)
@@ -180 +192 @@
- (#304672)
+ (#304672)
@@ -211 +223 @@
-- 0.8.15
+- 0.8.15
@@ -217 +229 @@
-- r6787
+- r6787
@@ -358 +370 @@
-- r6507
+- r6507
@@ -425 +437 @@
-- r6433
+- r6433
@@ -431 +443 @@
-- r6413
+- r6413
@@ -443 +455 @@
-- r6406
+- r6406
@@ -448 +460 @@
-- added xml error message to zypp-checkpatches-wrapper
+- added xml error message to zypp-checkpatches-wrapper
@@ -463 +475 @@
-- r6359
+- r6359
@@ -471 +483 @@
-- r6356
+- r6356
@@ -482 +494 @@
-- Removed keepExtra parameter in resolvePool; Bug 294727
+- Removed keepExtra parameter in resolvePool; Bug 294727
@@ -515 +527 @@
-- missing files added to .spec file
+- missing files added to .spec file
@@ -1021 +1033 @@
-- add missing return value
+- add missing return value
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ zypper.spec ++++++
--- /var/tmp/diff_new_pack.cv4516/_old 2007-09-19 19:14:11.000000000 +0200
+++ /var/tmp/diff_new_pack.cv4516/_new 2007-09-19 19:14:11.000000000 +0200
@@ -21,7 +21,7 @@
PreReq: permissions
Summary: Command Line Package Management Using Libzypp
Version: 0.8.22
-Release: 1
+Release: 3
Source: zypper-0.8.22.tar.bz2
Prefix: /usr
Url: http://en.opensuse.org/Zypper
@@ -97,6 +97,12 @@
%ghost %config(noreplace) %{_var}/log/zypper.log
%changelog
+* Wed Sep 19 2007 - aschnell@xxxxxxx
+- close file-descriptors > 2 in zypp-checkpatches-wrapper (bug
+ [#325556])
+* Tue Sep 18 2007 - aschnell@xxxxxxx
+- call setgid and umask and check file-descriptors 0, 1 and 2 in
+ zypp-checkpatches-wrapper (bug #325556)
* Tue Sep 18 2007 - dmacvicar@xxxxxxx
- fix (#309267) reinstalling already installed resolvables
(adds --force option)
++++++ zypper-0.8.22.tar.bz2 ++++++
++++ 2018 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/bug-309267.diff new/zypper-0.8.22/bug-309267.diff
--- old/zypper-0.8.22/bug-309267.diff 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/bug-309267.diff 1970-01-01 01:00:00.000000000 +0100
@@ -1,65 +0,0 @@
-diff --git a/src/zypper-misc.cc b/src/zypper-misc.cc
-index 1a7d21d..97078fd 100644
---- a/src/zypper-misc.cc
-+++ b/src/zypper-misc.cc
-@@ -273,15 +273,27 @@ void mark_for_install( const ResObject::Kind &kind,
-
- if (installer.installed_item &&
- installer.installed_item.resolvable()->edition() == installer.item.resolvable()->edition() &&
-- installer.installed_item.resolvable()->arch() == installer.item.resolvable()->arch()) {
-+ installer.installed_item.resolvable()->arch() == installer.item.resolvable()->arch() &&
-+ ( ! copts.count("force") ) )
-+ {
-+ // if it is needed install anyway, even if it is installed
-+ if ( installer.item.status().isNeeded() )
-+ {
-+ installer.item.status().setTransact( true, zypp::ResStatus::USER );
-+ }
-+
- cout_n << format(_("skipping %s '%s' (already installed)")) % kind_to_string_localized(kind,1) % name << endl;
- }
- else {
-+
- // TODO don't use setToBeInstalled for this purpose but higher level solver API
- bool result = installer.item.status().setToBeInstalled( zypp::ResStatus::USER );
-- if (!result) {
-- cerr << format(_("Failed to add '%s' to the list of packages to be installed.")) % name << endl;
-- ERR << "Could not set " << name << " as to-be-installed" << endl;
-+ if (!result)
-+ {
-+ // this is because the resolvable is installed and we are forcing.
-+ installer.item.status().setTransact( true, zypp::ResStatus::USER );
-+ //cerr << format(_("Failed to add '%s' to the list of packages to be installed.")) % name << endl;
-+ //ERR << "Could not set " << name << " as to-be-installed" << endl;
- }
- }
- }
-diff --git a/src/zypper.cc b/src/zypper.cc
-index d2786de..30aa9c1 100644
---- a/src/zypper.cc
-+++ b/src/zypper.cc
-@@ -277,6 +277,7 @@ int one_command(int argc, char **argv)
- {"type", required_argument, 0, 't'},
- // the default (ignored)
- {"name", no_argument, 0, 'n'},
-+ {"force", no_argument, 0, 'f'},
- {"capability", no_argument, 0, 'C'},
- // rug compatibility, we have global --non-interactive
- {"no-confirm", no_argument, 0, 'y'},
-@@ -302,6 +303,7 @@ int one_command(int argc, char **argv)
- "-r, --repo <alias> Install resolvables only from repository specified by alias.\n"
- "-t, --type <type> Type of resolvable (package, patch, pattern, product) (default: package)\n"
- "-n, --name Select resolvables by plain name, not by capability\n"
-+ "-f, --force Install even if the item is already installed (reinstall)\n"
- "-l, --auto-agree-with-licenses Automatically say 'yes' to third party license confirmation prompt.\n"
- " See 'man zypper' for more details.\n"
- " --debug-solver Create solver test case for debugging\n"
-@@ -1068,6 +1070,8 @@ int one_command(int argc, char **argv)
- gSettings.license_auto_agree = true;
- }
-
-+
-+
- if (command == ZypperCommand::REMOVE) {
- if (ghelp || arguments.size() < 1) {
- cerr << specific_help;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/CMakeLists.txt new/zypper-0.8.22/CMakeLists.txt
--- old/zypper-0.8.22/CMakeLists.txt 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/CMakeLists.txt 2007-09-19 09:44:24.000000000 +0200
@@ -59,6 +59,7 @@
"\\\\.project"
"\\\\.cproject"
# other
+"/build/"
"/_build/"
)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/doc/devel-checklist new/zypper-0.8.22/doc/devel-checklist
--- old/zypper-0.8.22/doc/devel-checklist 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/doc/devel-checklist 1970-01-01 01:00:00.000000000 +0100
@@ -1,9 +0,0 @@
-Things to check when adding/changing a feature:
-
-( ) use cout_n, cout_v, cout_vv, cerr_v, cerr_vv macros for output
-( ) mark *_n and *_v output for translation
-( ) use DBG, MIL, WAR, ERR macros for logging to zypper.log (not translated)
-( ) support --non-interactive mode (for scripting) if the feature requires
- interaction
-( ) check if documentation needs update (--help texts, man page, wiki)
-
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/package/zypper.changes new/zypper-0.8.22/package/zypper.changes
--- old/zypper-0.8.22/package/zypper.changes 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/package/zypper.changes 2007-09-19 09:44:24.000000000 +0200
@@ -1,4 +1,16 @@
-------------------------------------------------------------------
+Wed Sep 19 09:33:25 CEST 2007 - aschnell@xxxxxxx
+
+- close file-descriptors > 2 in zypp-checkpatches-wrapper (bug
+ #325556)
+
+-------------------------------------------------------------------
+Tue Sep 18 17:48:16 CEST 2007 - aschnell@xxxxxxx
+
+- call setgid and umask and check file-descriptors 0, 1 and 2 in
+ zypp-checkpatches-wrapper (bug #325556)
+
+-------------------------------------------------------------------
Tue Sep 18 13:02:21 CEST 2007 - dmacvicar@xxxxxxx
- fix (#309267) reinstalling already installed resolvables
@@ -23,7 +35,7 @@
-------------------------------------------------------------------
Thu Sep 13 11:28:41 CEST 2007 - dmacvicar@xxxxxxx
-- Show reason of commit error (#308511)
+- Show reason of commit error (#308511)
- 0.8.20
-------------------------------------------------------------------
@@ -177,7 +189,7 @@
Tue Aug 28 12:50:27 CEST 2007 - dmacvicar@xxxxxxx
- a init target at refresh to have keys available
- (#304672)
+ (#304672)
- rev 6928
-------------------------------------------------------------------
@@ -208,13 +220,13 @@
Tue Aug 21 15:07:29 CEST 2007 - dmacvicar@xxxxxxx
- fix invalid capability creation (#301690)
-- 0.8.15
+- 0.8.15
-------------------------------------------------------------------
Tue Aug 21 13:47:09 CEST 2007 - tgoettlicher@xxxxxxx
- unification and clean up of XML output
-- r6787
+- r6787
-------------------------------------------------------------------
Mon Aug 20 22:50:14 CEST 2007 - mls@xxxxxxx
@@ -355,7 +367,7 @@
- fixed zypper to complain when given an invalid answer in y/n prompt
(#232250) plus made the answer translatable.
-- r6507
+- r6507
-------------------------------------------------------------------
Mon Aug 6 18:17:31 CEST 2007 - jkupec@xxxxxxx
@@ -422,13 +434,13 @@
Fri Aug 3 13:56:19 CEST 2007 - tgoettlicher@xxxxxxx
- removed installnotify from xml output
-- r6433
+- r6433
-------------------------------------------------------------------
Fri Aug 3 10:57:36 CEST 2007 - tgoettlicher@xxxxxxx
- renamed resolvabletype to kind in xml output
-- r6413
+- r6413
-------------------------------------------------------------------
Fri Aug 3 10:22:06 CEST 2007 - tgoettlicher@xxxxxxx
@@ -440,12 +452,12 @@
Thu Aug 2 18:44:07 CEST 2007 - dmacvicar@xxxxxxx
- added xml output in terse mode
-- r6406
+- r6406
-------------------------------------------------------------------
Thu Aug 2 16:10:56 CEST 2007 - tgoettlicher@xxxxxxx
-- added xml error message to zypp-checkpatches-wrapper
+- added xml error message to zypp-checkpatches-wrapper
- r6395
-------------------------------------------------------------------
@@ -460,7 +472,7 @@
- added --non-interactive --terse to zypp-checkpatches-wrapper
- added to machine_readable to zypper-callbacks
-- r6359
+- r6359
-------------------------------------------------------------------
Wed Aug 1 11:18:00 CEST 2007 - tgoettlicher@xxxxxxx
@@ -468,7 +480,7 @@
- option xu only shows affect-package-manager patches when available
because they have top priority
- added installnotify message to xml
-- r6356
+- r6356
-------------------------------------------------------------------
Tue Jul 31 13:42:25 CEST 2007 - jkupec@xxxxxxx
@@ -479,7 +491,7 @@
-------------------------------------------------------------------
Tue Jul 31 11:15:46 CEST 2007 - schubi@xxxxxxx
-- Removed keepExtra parameter in resolvePool; Bug 294727
+- Removed keepExtra parameter in resolvePool; Bug 294727
- r6323
-------------------------------------------------------------------
@@ -512,7 +524,7 @@
- output functions for progress reporting now take ostream as argument
- made some progress displayed by default. This will need more tuning.
-- missing files added to .spec file
+- missing files added to .spec file
- r6285
- 0.8.5
@@ -1018,7 +1030,7 @@
-------------------------------------------------------------------
Sun Oct 29 02:27:24 CEST 2006 - ro@xxxxxxx
-- add missing return value
+- add missing return value
- also use RPM_OPT_FLAGS for C source
-------------------------------------------------------------------
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/src/zypp-checkpatches-wrapper.c new/zypper-0.8.22/src/zypp-checkpatches-wrapper.c
--- old/zypper-0.8.22/src/zypp-checkpatches-wrapper.c 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/src/zypp-checkpatches-wrapper.c 2007-09-19 09:44:24.000000000 +0200
@@ -1,8 +1,13 @@
/* A setuid-root wrapper for zypper refresh repositories */
+/* setgid, umask and open */
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <grp.h>
+#include <fcntl.h>
/* clearenv */
#include <stdlib.h>
-/* chdir, execl, setuid */
+/* chdir, execl, setuid, exit */
#include <unistd.h>
/* perror */
#include <stdio.h>
@@ -15,7 +20,24 @@
const char *arg3 = "-q";
const char *arg4 = "xu";
-int main (void) {
+int main (void)
+{
+ /* see http://rechner.lst.de/~okir/blackhats/node41.html */
+ while (1) {
+ int fd = open("/dev/null", O_RDWR);
+ if (fd < 0)
+ return WRAPPER_ERROR;
+ if (fd > 2) {
+ close(fd);
+ break;
+ }
+ }
+
+ /* see http://rechner.lst.de/~okir/blackhats/node35.html */
+ int fd = getdtablesize();
+ while (fd-- > 2)
+ close(fd);
+
/* cd / to avoid NFS problems */
if (chdir ("/")) {
perror ("chdir");
@@ -29,7 +51,16 @@
}
/* set minimal environment... done */
/* prevent the user from sending signals */
- if (setuid (0)) {
+
+ if (initgroups("root", 0) != 0 || setgid (0) != 0) {
+ fprintf (stdout, "<?xml version='1.0'?>\n");
+ fprintf (stdout, "<stream>\n");
+ fprintf (stdout, "<message type=\"error\">Unable to check for patches and updates because /usr/sbin/zypp-checkpatches-wrapper helper programm is not set SUID root.\nThis problem might be solved by setting \"File Permissons\" in YaST \"Local Security\" tab to \"easy\" or by modifying /etc/permissions.local</message>\n");
+ fprintf (stdout, "</stream>\n");
+ return WRAPPER_ERROR;
+ }
+
+ if (setuid (0) != 0) {
// perror ("setuid");
// fprintf (stderr, "Forgot to chmod this program?\n");
fprintf (stdout, "<?xml version='1.0'?>\n");
@@ -38,7 +69,9 @@
fprintf (stdout, "</stream>\n");
return WRAPPER_ERROR;
}
-
+
+ umask(0022);
+
/* execute the real application */
execl (app, app, arg1, arg2, arg3, arg4, (char *) NULL);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/zypper-#228216.diff new/zypper-0.8.22/zypper-#228216.diff
--- old/zypper-0.8.22/zypper-#228216.diff 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/zypper-#228216.diff 1970-01-01 01:00:00.000000000 +0100
@@ -1,19 +0,0 @@
-Index: src/zypper-sources.cc
-===================================================================
---- src/zypper-sources.cc (revision 7249)
-+++ src/zypper-sources.cc (working copy)
-@@ -922,6 +922,14 @@
- cout << format(_("Repository %s renamed to %s")) % alias % repo.alias() << endl;
- MIL << format("Repository %s renamed to %s") % alias % repo.alias() << endl;
- }
-+ catch (const RepoAlreadyExistsException & e)
-+ {
-+ ZYPP_CAUGHT(e);
-+ cerr << format(_("Repository named '%s' already exists. Please, use another alias."))
-+ % newalias << endl;
-+ ERR << "Repository named '" << newalias << "' already exists." << endl;
-+// return ZYPPER_EXIT_ERR_ZYPP;
-+ }
- catch (const RepoNotFoundException & ex)
- {
- cerr << format(_("Repository %s not found.")) % alias << endl;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/zypper-#325660.diff new/zypper-0.8.22/zypper-#325660.diff
--- old/zypper-0.8.22/zypper-#325660.diff 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/zypper-#325660.diff 1970-01-01 01:00:00.000000000 +0100
@@ -1,84 +0,0 @@
-Index: src/zypper-sources.cc
-===================================================================
---- src/zypper-sources.cc (revision 7249)
-+++ src/zypper-sources.cc (working copy)
-@@ -782,7 +782,10 @@
- tribool enabled, tribool autorefresh)
- {
- //! \todo handle local .repo files, validate the URL
-- Url url(repo_file_url);
-+ Url url = make_url(repo_file_url);
-+ if (!url.isValid())
-+ return ZYPPER_EXIT_ERR_INVALID_ARGS;
-+
- RepoManager manager;
- list<RepoInfo> repos;
-
-Index: src/zypper-utils.cc
-===================================================================
---- src/zypper-utils.cc (revision 7249)
-+++ src/zypper-utils.cc (working copy)
-@@ -87,3 +87,19 @@
- // default
- return _PL("resolvable", "resolvables", count);
- }
-+
-+// ----------------------------------------------------------------------------
-+
-+Url make_url (const string & url_s) {
-+ Url u;
-+
-+ try {
-+ u = Url( (url_s[0] == '/') ? string("dir:") + url_s : url_s );
-+ }
-+ catch ( const Exception & excpt_r ) {
-+ ZYPP_CAUGHT( excpt_r );
-+ cerr << _("Given URL is invalid.") << endl;
-+ cerr << excpt_r.asUserString() << endl;
-+ }
-+ return u;
-+}
-Index: src/zypper.cc
-===================================================================
---- src/zypper.cc (revision 7249)
-+++ src/zypper.cc (working copy)
-@@ -61,24 +61,6 @@
- DigestCallbacks digest_callbacks;
-
-
--/**
-- * Constructor wrapper catching exceptions,
-- * returning an empty one on error.
-- */
--Url make_url (const string & url_s) {
-- Url u;
--
-- try {
-- u = Url( (url_s[0] == '/') ? string("dir:") + url_s : url_s );
-- }
-- catch ( const Exception & excpt_r ) {
-- ZYPP_CAUGHT( excpt_r );
-- cerr << _("Given URL is invalid.") << endl;
-- cerr << excpt_r.asUserString() << endl;
-- }
-- return u;
--}
--
- bool ghelp = false;
- static string help_commands = _(
- " Commands:\n"
-Index: src/zypper-utils.h
-===================================================================
---- src/zypper-utils.h (revision 7249)
-+++ src/zypper-utils.h (working copy)
-@@ -21,4 +21,10 @@
- std::string kind_to_string_localized(
- const zypp::KindOf<zypp::Resolvable> & kind, unsigned long count);
-
-+/**
-+ * Constructor wrapper catching exceptions,
-+ * returning an empty one on error.
-+ */
-+zypp::Url make_url (const std::string & url_s);
-+
- #endif /*ZYPPER_UTILS_H*/
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/zypper-0.8.22/zypper-ZYPP_READONLY_HACK.diff new/zypper-0.8.22/zypper-ZYPP_READONLY_HACK.diff
--- old/zypper-0.8.22/zypper-ZYPP_READONLY_HACK.diff 2007-09-18 13:39:47.000000000 +0200
+++ new/zypper-0.8.22/zypper-ZYPP_READONLY_HACK.diff 1970-01-01 01:00:00.000000000 +0100
@@ -1,16 +0,0 @@
-Index: src/zypper.cc
-===================================================================
---- src/zypper.cc (revision 7249)
-+++ src/zypper.cc (working copy)
-@@ -737,7 +737,10 @@
-
- // here come commands that need the lock
- try {
-- if (command == ZypperCommand::LIST_REPOS)
-+ const char *roh = getenv("ZYPP_READONLY_HACK");
-+ if (roh != NULL && roh[0] == '1')
-+ zypp_readonly_hack::IWantIt ();
-+ else if (command == ZypperCommand::LIST_REPOS)
- zypp_readonly_hack::IWantIt (); // #247001, #302152
-
- God = zypp::getZYpp();
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx
| < Previous | Next > |