cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
101,143 Commits 1 Branch 0 Tags
Commit Graph

4100 Commits

Author SHA1 Message Date
espie
70b1c1c81b chdir($distdir) at the start of expire_old 
First, it makes for simpler code. It also allows things to work when your
cwd is not readable by your user, such as /root, since File::Find wants the
cwd.
 2015-05-16 15:27:48 +00:00
espie
6dd937461c In -F mode, things are run directly from within dpb, so we must ensure 
the user changes correctly.

OO is cool: no need to store the user in each distfile, since it's in
the repository.
 2015-05-16 12:23:05 +00:00
espie
627af03a40 run this part as the correct user. 
avoids situations where dpb is run from a dir inaccessible by unpriv_user
found out by aja@
 2015-05-16 10:52:19 +00:00
jasper
6b318f7309 add PORTROACH_COMMENT, requested by sthen@: 
"For use when there's a specific reason why you have been slacking on the
update and want an easy place to make a note of it :-)"
 2015-05-14 18:00:27 +00:00
espie
b6fb756731 only use the first group in the list 2015-05-14 11:15:29 +00:00
espie
cc0f115edf make sure the base_user has everything it needs 2015-05-13 15:14:13 +00:00
espie
a51ddc650d grr, thinko 2015-05-13 15:05:56 +00:00
espie
a084101510 duplicated code 2015-05-13 14:44:13 +00:00
espie
004ce15105 fix the kde3 vs kde4 bug. 
frequent occurrences of tag mismatches were probably triggered by
the import of qt5, which is a long-running nojunk port.

when we're finished with kdeN ports, there's pressure to force junking to
go thru kdeM ports, BUT actual junking *won't* happen in the presence of
a nojunk port, though the current code make it seem as though
we've "succeeded".

Forensics shows:
23826@1431149112: K: x11/kde4/webdev openbsd-2 kde3 vs kde4
23826@1431149112: J: devel/hs-FindBin openbsd-2
23826@1431149119: B: security/p5-Crypt-OpenSSL-RSA
23826@1431149120: J: x11/tellico-kde4 openbsd-2

which made no sense since nothing happened between the K and the J.

But the log of tellico shows the junk not happening.

Still tainted: 1
>>> Running junk in x11/tellico-kde4 at 1431149274
Can't run junk because of lock on x11/qt5,,-main

So synch "can_be_unjunked" for forced junks: it should not succeed if there's
a nojunk port.
 2015-05-13 14:27:13 +00:00
espie
c85aabe25e oops, clock abstract core does NOT follow the pattern. 2015-05-13 12:21:11 +00:00
espie
b712e8531b complete local users with groups list using id -G. 
Use that when switching groups to enforce full correct list of groups.

Figure out users that must exist locally, and error out if they don't.

Based on feedback by sthen@
 2015-05-13 11:03:18 +00:00
espie
ad4edd7671 was obvious for me... 2015-05-13 09:12:39 +00:00
espie
37f70a2c09 go to root more correctly. 2015-05-12 19:49:54 +00:00
espie
eeebd8a244 sthen@ has more paranoia than me. Fix a few access cases 2015-05-12 19:48:29 +00:00
espie
635973b622 fix the start as root, non chroot distant case, by making it chroot / 2015-05-12 19:47:47 +00:00
espie
01699a3d54 scrape non-working round-robin code 2015-05-12 19:47:02 +00:00
sthen
fb0ccf4020 .it not .It; was hiding the option name for "nochecksum=0/1" 2015-05-12 09:55:52 +00:00
espie
a4616aa5b7 get a build_user for whatever host we've set, if everything else fails. 2015-05-12 08:27:58 +00:00
espie
ed6376b0e3 avoid creating multiple user objects for the same user 2015-05-12 08:20:08 +00:00
espie
74fbdfb67a oops, mixed this up. 2015-05-12 08:08:04 +00:00
espie
0a51f3d69a move obsolete stuff check AFTER Makefile.inc and modules handling, so it 
catches issues in there as well
 2015-05-11 12:07:17 +00:00
espie
19295ce330 make sure we get DIRMODE and DROPPRIV 
default build_user/log_user/fetch_user as the documentation says.

Deal with BUILD_USER on the command line correctly, pass it off to
default_prop

(this should fix various config issues reported by sthen@ and aja@)
 2015-05-11 10:33:47 +00:00
espie
4c84f258a0 move the fcntl FD_CLOEXEC code over to User, so that all opened files are 
marked that way.
 2015-05-11 07:32:42 +00:00
espie
75013757cc fetch_user is still taken from default prop... 2015-05-10 10:12:40 +00:00
espie
10b7ca049d forgot to synch with the rest 2015-05-10 10:00:43 +00:00
espie
43e571d3ca compat with old config breaks new config, so ditch it. 2015-05-10 08:40:06 +00:00
espie
b150b6d2ec rename logger interface to desambiguate vs user. 2015-05-10 08:14:14 +00:00
espie
191922623a must re-evaluate users after reading config files. 
open permanent log correctly.
 2015-05-10 07:55:35 +00:00
espie
3feef3d107 fix writing of permanent logs 2015-05-09 19:10:10 +00:00
espie
7ae9845c70 document more details. In particular, UNPRIV_USER. 
Stress that the old sudo model is going away.
 2015-05-08 12:47:25 +00:00
espie
194e468c2d introduce "UNPRIV_USER" so that we don't run as root that often. 
Move FETCH_USER, LOG_USER to defines, because they're not really
host-dependent.

Keep the equiv so that ppl old config doesn't break...
 2015-05-08 12:37:16 +00:00
espie
678040b6ac it's all about the names. 
Change "sudo" into "as_root" since in many cases, it won't use sudo at all
(and in the end, it WON'T use sudo ever)
 2015-05-08 12:35:53 +00:00
espie
1b06c79c82 make sure we're root when killing stuff. I'm mixing up right and left, 
obviously.
 2015-05-07 12:30:46 +00:00
espie
8be5de417c run kill as root, so trhat ssh masters are cleaned up properly 2015-05-06 12:20:35 +00:00
espie
fb70e18c6a don't write this as root 2015-05-06 10:58:19 +00:00
espie
a24437df0e open distinfo with the correct user, start clamping down on read rights 
as well as write rights.
 2015-05-06 09:17:28 +00:00
espie
63eb9e7deb fix gid handling: first switch back to being root, THEN set gid, THEN set 
uid.
 2015-05-06 09:16:32 +00:00
espie
d056f13bac duh. 2015-05-05 13:38:19 +00:00
espie
3eefd2bae0 when local is too local, it can't work. Requires an extra indirection so that 
dirs are made with the correct user.
 2015-05-05 08:55:25 +00:00
espie
a4b8c76e29 go back to being groot if we dropped privileges. 2015-05-05 08:54:22 +00:00
espie
bb202eca87 a few more things to wrap as the correct user 2015-05-05 08:52:05 +00:00
espie
f5e1489f2c simplify 2015-05-05 08:51:13 +00:00
espie
1532f8dcb3 tweak affinity checks to include user in schizophrenic mode 2015-05-03 12:26:10 +00:00
espie
7e2d303386 store the user if necessary for round-robin mode 2015-05-03 12:22:42 +00:00
espie
9d105d68a0 that's cute 2015-05-03 12:15:05 +00:00
espie
8b8d117cf7 do a few more things with the correct user 2015-05-03 10:33:59 +00:00
espie
27015304c3 add a few more user convenience functions 2015-05-03 10:33:02 +00:00
espie
4567e005fe comment on that quirk 2015-05-03 10:32:28 +00:00
espie
c4d6e7991c typo in comment 2015-05-03 08:15:35 +00:00
espie
34d88abf1c create "common" dirs using install -d and a knob for changing ownership 
This should help people working on communalized machines (and also dpb
in round-robin mode).
 2015-05-03 08:06:03 +00:00