prtcheck: initial commit

pkgadd.8 and prt-get.8: more details added
2022-05-25 11:36:23 -04:00 · 2022-05-25 11:35:51 -04:00
4 changed files with 194 additions and 10 deletions
--- a/man1/prtcheck.1
+++ b/man1/prtcheck.1
@ -0,0 +1,42 @@
+.\" 
+.\" prtcheck manual page.
+.\" (C) 2003 by Martin Opel <mo@obbl-net.de> 
+.\"
+.TH prtcheck 1
+.SH NAME
+prtcheck \- check the port in the current directory
+.SH SYNOPSIS
+.PP
+.B prtcheck
+[ \-\-root ]
+.SH DESCRIPTION
+
+The \fIprtcheck\fP script checks the following things: existence of 
+Pkgfile, \.footprint, and \.signature. It warns, if any files with non-root
+user/group appear in the \.footprint, or if any of the fields Description, URL, 
+Packager, "Depends on" were omitted from the Pkgfile, or if any source
+needed for compiling and verifying the package is unsigned.
+
+\fIprtcheck\fP returns with an exit status of -1 if it encounters serious
+violations of port correctness, >0 if it only finds easily-fixed violations,
+and 0 if all checks were passed.
+
+.SH OPTIONS
+The following option is supported:
+.TP
+.I "\--root"
+This option is helpful if you create ports as a normal user. Even after
+debugging those Makefiles or source code packages that try to install directly
+in /usr/local or ignore DESTDIR variables, the .footprint might contain
+uid/gid entries matching the uid/gid of the user who called \fIpkgmk\fP (since
+\fIfakeroot\fP is no requirement in a basic CRUX installation). 
+\fIprtcheck\fP normally just issues a warning if it finds such uid/gid entries,
+but passing the --root option lets you create a new footprint, replacing the invalid
+uid/gid entries with root/root. Follow up with \fIprtverify(1)\fP to additionally
+check that your port's footprint respects CRUX filesystem conventions.
+
+.PP
+.SH AUTHORS
+
+\fIprtcheck\fP was written by Martin Opel <mo@obbl-net.de> for CRUX Linux,
+revised by John McQuah <jmcquah@disroot.org> to address FS#1763.
--- a/man8/pkgadd.8
+++ b/man8/pkgadd.8
@ -2,20 +2,35 @@
 .SH NAME
 pkgadd \- install software package
 .SH SYNOPSIS
-\fBpkgadd [options] <file>\fP
+\fBpkgadd [options] <package>\fP
 .SH DESCRIPTION
 \fBpkgadd\fP is a \fIpackage management\fP utility, which installs
 a software package. A \fIpackage\fP is an archive of files (.pkg.tar.gz).
 .SH OPTIONS
 .TP
 .B "\-u, \-\-upgrade"
-Upgrade/replace package with the same name as <file>.
+Upgrade/replace package with the same name as <package>. This action
+comprises several steps. First the contents of <package> are matched against
+the INSTALL NO directives in pkgadd.conf, and against those files listed in /var/lib/pkg/db
+that are NOT owned by the previously-installed version of <package>. Any file owned by the
+previously-installed version is considered eligible for overwriting, unless it matches an
+UPGRADE NO directive in pkgadd.conf.
+
+At this point pkgadd has constructed a "non-install" list, a "conflicting files" list, and a "keep"
+list. (The "keep" list is unique to an upgrade operation, but the other two lists also affect a
+regular install operation.)
+
+After writing the anticipated changes to the package database, \fIpkgadd\fP finishes by unpacking
+the contents of <package> onto the filesystem, using the "keep" list to shield wanted files from
+deletion, and the "conflicting files" list to skip the installation unless \-f is in effect. (See
+the next option.) Files that were not written to the disk are preserved under /var/lib/pkg/rejected
+(See the \fBCONFIGURATION\fP section for details).
+
 .TP
 .B "\-f, \-\-force"
-Force installation, overwrite conflicting files. If the package
-that is about to be installed contains files that are already
-installed this option will cause all those files to be overwritten.
-This option should be used with care, preferably not at all.
+Force installation, overwrite conflicting files. If <package> contains files
+that are already on the filesystem, this option will cause all those files to
+be overwritten. This option should be used with care, preferably not at all.
 .TP
 .B "\-r, \-\-root <altroot>"
 Specify alternative installation root (default is "/"). This
@ -25,6 +40,10 @@ if you want to install a package on a temporary mounted partition,
 which is "owned" by another system. By using this option you not only
 specify where the software should be installed, but you also
 specify which package database will be used.
+
+\fBpkgadd\fP processes spawned by \fBprt\-get install \-r <altroot>\fP will modify
+the package database under <altroot>, but the preliminary steps of downloading sources
+and building the requested packages can occur in a ports tree outside the <altroot> location.
 .TP
 .B "\-c, \-\-config <path>"
 Specify an alternative configuration file (default is "/etc/pkgadd.conf",
@ -48,13 +67,15 @@ UPGRADE         ^etc/X11/.*$            YES
 UPGRADE         ^etc/X11/XF86Config$    NO
 .fi

-The above example will cause pkgadd to never upgrade anything in /etc/ or /var/log/ (subdirectories included),
-except files in /etc/X11/ (subdirectories included), unless it is the file /etc/X11/XF86Config.
+The above example will cause pkgadd to never upgrade anything in /etc/ or /var/log/
+(subdirectories included), except files in /etc/X11/ (subdirectories included),
+unless it is the file /etc/X11/XF86Config.
 The default rule is to upgrade/install everything, rules in this file are exceptions to that rule.
 (NOTE! A \fIpattern\fP should never contain an initial "/" since you are referring to the files in the
 package, not the files on the disk.)

-If pkgadd finds that a specific file should not be upgraded it will install it under \fI/var/lib/pkg/rejected/\fP.
+If pkgadd finds that a specific file should not be upgraded it will install it under
+\fI/var/lib/pkg/rejected/\fP.
 The user is then free to examine/use/remove that file manually.
 .SH FILES
 .TP
--- a/man8/prt-get.8
+++ b/man8/prt-get.8
@ -410,7 +410,7 @@ Check whether each package given on the command line is installed. Output in the
 arguments is separated by newlines, suitable for processing by awk or grep. Similar to
 .B pkginfo \-i|grep \-E '^(package1|package2|...)'
 but does not print the version information. This command has a return value of 0 if
-<package> is installed, otherwise a return value greater than 0.
+all packages given as argument are installed, otherwise a return value greater than 0.

 .TP
 .B current <package>
--- a/scripts/prtcheck
+++ b/scripts/prtcheck
@ -0,0 +1,121 @@
+#!/bin/bash
+#
+# $Id: prtcheck,v 1.1.1.1 2003/08/27 11:43:05 opel Exp $
+# (c) 2003, Martin Opel <mo@obbl-net.de>
+# revised 2022 by John McQuah <jmcquah@disroot.org> to address FS#1763
+#
+# Utility to check a port for existence of .signature, .footprint and
+# the mandatory fields in Pkgfile. See "man 1 prtcheck" for details
+#
+# May be redistributed and modified under the terms of the GPL
+# only usable with CRUX Linux, version 1.0 or higher
+#
+# USE AT YOUR OWN RISK
+#
+
+
+msg() {
+	echo -n -e "====> $1"
+}
+
+warn() {
+	msg "WARNING: $1\n"
+	excode=$(( excode+1 ))
+}
+
+error() {
+	msg "ERROR: $1\n"
+	exit -1
+}
+
+ok() {
+	msg "$(basename "$PWD") ok"
+}
+
+get_filename() {
+        if [[ "$1" =~ ^(http|https|ftp|file)://.*/(.+) ]]; then
+                echo "${BASH_REMATCH[2]}"
+        else
+                echo "$1"
+        fi
+}
+
+#
+# read options
+#
+while [ $# -gt 0 ]; do
+	if [ "$1" = "--root" ]; then
+		convertfootprint="true"
+	else
+		error "unsupported option \"$1\""
+	fi
+	shift
+done
+
+((excode=0))
+
+#
+# Checking footprint
+#
+if [ ! -s .footprint ]; then
+	error "no footprint found or empty footprint!"
+fi
+if [ "$convertfootprint" = "true" ]; then
+	uid="$(id -nu)"
+	gid="$(id -ng)"
+	file=".footprint"
+	<$file sed -e "s,$uid/$gid,root/root," > $file.tmp
+	mv $file.tmp $file
+fi
+if [ "$( <.footprint cut -f 2 | grep -c -v "root/root" )" -gt 0 ]; then
+	warn "non-root users found!\nrun \"prtcheck --root\" to convert footprint"
+fi
+
+#
+# Checking Pkgfile
+#
+if [ ! -s Pkgfile ]; then
+	error "no Pkgfile found or Pkgfile empty!"
+fi
+desc="$(<Pkgfile awk '/^# Description:/ {print gensub(/# Description:[[:blank:]]*(.*)/,"\\1","g",$0)}')"
+if [ "$desc" = "" ]; then
+	error "no Description in Pkgfile!"
+fi
+url="$(<Pkgfile awk '/^# URL:/ {print gensub(/# URL:[[:blank:]]*(.*)/,"\\1","g",$0)}')"
+if [ "$url" = "" ]; then
+	error "no URL in Pkgfile!"
+fi
+maintainer="$(<Pkgfile awk '/^# Maintainer:/ {print gensub(/# Maintainer:[[:blank:]]*(.*)/,"\\1","g",$0)}')"
+if [ "$maintainer" = "" ]; then
+	error "no Maintainer in Pkgfile!"
+fi
+depends="$(<Pkgfile awk '/^# Depends on:/ {print gensub(/# Depends on:[[:blank:]]*(.*)/,"\\1","g",$0)}')"
+if [ "$depends" = "" ]; then
+	warn "no dependencies, please check!"
+fi
+
+#
+# Checking .signature
+#
+. Pkgfile
+(( unsigned=0 ))
+
+for f in Pkgfile .footprint; do
+	if ! grep -q "($f)" .signature; then
+		warn "$f not signed"
+		unsigned=$(( unsigned+1 ))
+	fi
+done
+
+for (( p=0; p<${#source[@]}; p++ )); do
+	if [ -z "${renames[$p]}" ] || [ "${renames[$p]}" = "SKIP" ]; then
+		renames[$p]=$( get_filename "${source[$p]}" )
+	fi
+	if ! grep -q "(${renames[$p]})" .signature; then
+		warn "${renames[$p]} not signed"
+		unsigned=$(( unsigned+1 ))
+	fi
+done
+
+[ "$unsigned" = 0 ] || error "incomplete signature file"
+[ "$excode" = 0 ] && ok || exit $excode
Author	SHA1	Message	Date
John McQuah	156a9452db	prtcheck: initial commit	2022-05-25 11:36:23 -04:00
John McQuah	06789efe1b	pkgadd.8 and prt-get.8: more details added	2022-05-25 11:35:51 -04:00