Re: [Rpm-maint] [rpm-software-management/rpm] Disable SHA1, MD5, RIPEMD160, and <2048 bit RSA/DSA (#1467)
Those ancient hashes, SIGMD5 in particular, are a mandatory part of the rpm package format as documented in LSB. Rpm >= 4.14.2 has the necessary technology to finally make the MD5 header+payload hash properly obsolete, but that's a very, very new development in terms of rpm time. A thing like this is a policy decision, and we try to avoid those in rpm. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1467#issuecomment-754524344___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RFE: read sources checksums from the SPEC file and verify them (#463)
Yes, that's what I meant. Some implicit hook in %prep implementation, or before. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/463#issuecomment-754662328___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
Uhh, what? That not true. Nobody in Fedora deprecated RPM. Where did you get this information? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754650549___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RFE: read sources checksums from the SPEC file and verify them (#463)
Lemme know if you think that some PoC macro in /usr/lib/rpm/macros.d doing exactly this would be useful (as first %prep instruction). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/463#issuecomment-754653630___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RFE: read sources checksums from the SPEC file and verify them (#463)
Implementing it that way would require making changes to `%prep` initialization in RPM, so that it would run before anything is executed... -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/463#issuecomment-754656171___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
:popcorn: -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754660817___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] command line help: option -q is not mentioned (#1473)
Ahh. It is simple output of `rpm` without any param. And yes, it is not there. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1473#issuecomment-754667423___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
@lnussel , @malmond77 - if you want to talk about CoW on rpm outside the context of this PR, please just open a ticket here instead of going private email. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-754650373___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RFE: read sources checksums from the SPEC file and verify them (#463)
Could RPM hook in a check right before executing `%prep` section if e.g. macro like `%global source_1_sha256 ` is defined? Older RPM implementations would just ignore such macro. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/463#issuecomment-754650431___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
DNF _can't_ replace RPM, it's built on top of it. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754655240___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] command line help: option -q is not mentioned (#1473)
How you get this output? I see `-q` in both `man rpm` and `rpm -h` - but output of both differs from what you posted. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1473#issuecomment-754666446___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] [WIP] Added fapolicyd plugin (#1475)
The plugin notifies fapolicyd daemon about ongoing rpm transaction via linux pipe. It sends files info in %s %lu %64s\n format. The daemon adds these records dynamically to the DB and they are considered as trusted. Related PRs: https://github.com/linux-application-whitelisting/fapolicyd/pull/105 https://github.com/linux-application-whitelisting/fapolicyd/pull/106 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1876975 You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1475 -- Commit Summary -- * Added fapolicyd plugin -- File Changes -- M Makefile.am (1) M configure.ac (8) M macros.in (1) M plugins/Makefile.am (6) A plugins/fapolicyd.c (175) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1475.patch https://github.com/rpm-software-management/rpm/pull/1475.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1475 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
Oh and yet another related remark: nothing against having rpm support reflink where possible, it's actually something I've wanted to do for a long time. Rpm would need to track per-filesystem capabilities somehow (there are several other use-cases for that). Related to that, something mentioned in the fedora devel discussion: unpacking to per-filesystem "temporary" hidden location is something that would be useful to rpm beyond this case. And related to that in turn: a long, long overdue thing is to have rpm first unpack the whole package and only if everything up to that point succeeds, replace existing files in one final swoop. That is not an if but when, so you'll want to make sure you don't build too many assumptions around the current broken file by file unpack + replace operation. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-754647627___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
> Uhh, what? That not true. Nobody in Fedora deprecated RPM. Where did you get > this information? They say DNL is chad now. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754652494___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
> DNF _can't_ replace RPM, it's built on top of it. That means RPM is needed only for DNF and DNF developers, so no RPM HOWTO is needed. > Use DNF Instead of RPM Whenever Possible -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754656553___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
> They say DNL is chad now. Any link to source? I am not aware of any such statement. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754665056___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] Redundant requires from generators are not merged (#1476)
I wrote a requires generator for `.qml` files, which converts import statements to RPM capabilities in the format ``` qt5qmlimport(QtQuick.Controls.2) >= 3 qt5qmlimport(QtQuick.Controls.Layouts.2) >= 3 ``` This works as expected, but the dependency generator is called for each file, so they accumulate. If one file needs version `2.3` and another needs `2.4`, the final package has: ``` qt5qmlimport(QtQuick.Controls.2) >= 3 qt5qmlimport(QtQuick.Controls.2) >= 4 qt5qmlimport(QtQuick.Controls.Layouts.2) >= 3 qt5qmlimport(QtQuick.Controls.Layouts.2) >= 4 ``` The dependency generator is smart enough to only print the highest required version, but that can only work if it's fed with all files inside each package. That doesn't seem to be possible without using the external dep generator... Would it be possible to merge those in RPM itself? Or even better, introduce a flag so that the generator is called only once for each package? That would also provide a speedup. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1476___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
> Where? DNF is certainly far from dead... By no means, and DNF replaces RPM. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754653862___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
Where? DNF is certainly far from dead... -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754653435___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
[RPM](https://docs.fedoraproject.org/en-US/fedora/f33/system-administrators-guide/RPM/) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474#issuecomment-754666020___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Harden against crafted inputs (#1471)
Do you have actual reproducers for these cases or is this just by code-analysis / compiler warnings? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1471#issuecomment-754569889___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
@pmatilai commented on this pull request. > @@ -106,7 +106,8 @@ typedef enum rpmRC_e { RPMRC_NOTFOUND = 1,/*!< Generic not found code. */ RPMRC_FAIL = 2,/*!< Generic failure code. */ RPMRC_NOTTRUSTED = 3,/*!< Signature is OK, but key is not trusted. */ -RPMRC_NOKEY= 4 /*!< Public key is unavailable. */ +RPMRC_NOKEY= 4,/*!< Public key is unavailable. */ +RPMRC_PLUGIN_CONTENTS = 5 /*!< fsm_file_pre plugin is handling content */ NAK for adding what effectively is an internal corner case to the highly visible RPMRC enum. RPMRC was originally supposed to be a package open result, but is (mis)used for all sorts of bad and worse purposes throughout rpm, more likely we should move the plugins to use a separate error code system. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#pullrequestreview-561734509___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
I concur with @DemiMarie 's security concerns: we only just got the full payload pre-transaction verification in place *finally* in 4.14.2, but this effectively disables not just that but *all* digest and signature verification for the incoming package (in rpm2extent), which is nothing but an untrusted binary from somewhere AIUI. That's not acceptable, really. Note that you don't need rpmdb to verify signatures, you just need the keys which can be populated from any source you like. It's just the default setup that relies on rpmdb. Another point that might be of relevance is that despite saying so in the payload tag, the payload isn't always "cpio" these days, packages with large files are handled with a different format which only uses an integer as the file "header" in the payload. Which might be more reusable for your purposes, and if that was used for the package originally then the alt payload could perhaps be calculated more easily. I don't remember all the details so might be missing something here, but I think there should be something in that direction... -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-754611698___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Phasing out obsolete crypto in rpm (#1292)
> It is important to recognize that security enhancements need to be balanced > with usability and accessibility, otherwise nobody will use either for long. > RPM has also been around for 25 years, and until _very_ recently, all RPMs > produced in that timeframe were still accessible by the latest version of RPM. I don't remember anything in this regard in recent times. @Conan-Kudo , what are you referring to here? @DemiMarie , nobody is going to disagree on header parsing code being ridiculously complicated. I streamlined it a lot in the 4.14.x cycle so that there's a) one code path (instead of three) b) install and signature check verify agree on whether something passing or not c) we can now signature check *before* loading the header to be checked But that's getting off track. The thing is, there can never be "only one" set of algorithms in rpm. The initial design did just that, and that's why we're still forced to deal with MD5 as a required field in packages produced a decade after MD5 was declared obsolete. The rpm lifespan and the consequences it has is something very few people realize. For example, with the simple header-only digests and signatures, it's not that big a deal if there is two or three generations of them with different algorithms. But per-file hashes are so expensive there can only be one, and when people need to build across different versions sometimes targeting a version released 15 years ago, it has to be configurable. It's a complex tradeoff with tonne of historical baggage to be lugged, and what we need instead of "one true set" is a mechanism which allows us to deal with the inevitable churn over time - algorithms come and go, rpm the dinosaur stays :sweat_smile: -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1292#issuecomment-754551687___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Phasing out obsolete crypto in rpm (#1292)
> I don't remember anything in this regard in recent times. @Conan-Kudo , what > are you referring to here? Ah, I was mistaken, we haven't ripped out RPM v3 format support just yet, we only deprecated it in ba385ec5b7f4340a4f9b6815efd0f1a9521a0b15. But removal of LSB/v3 support is coming... -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1292#issuecomment-754573746___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Do not parse header when validating signatures (#1468)
Would be wonderful if things were that simple. But there's no such thing as "the signature", there are multiple digests and signatures ranging over various parts of the package, mostly contained in the signature header (so you need to parse an unprotected header anyhow) but the payload digests are, for security, in the main header. Rpm does parse of the header intro and a simple text retrieve when signature checking, not because its fun to do but it needs to. The act of actually importing (aka loading) the main header which involves a far more complex set of operations is only done after the signature and digests checks pass. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1468#issuecomment-754564673___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Harden against crafted inputs (#1471)
@pmatilai commented on this pull request. > @@ -169,8 +169,8 @@ rpmRC rpmpkgRead(struct rpmvs_s *vs, FD_t fd, goto exit; } -/* Read the signature header. Might not be in a contiguous region. */ -if (hdrblobRead(fd, 1, 0, RPMTAG_HEADERSIGNATURES, sigblob, )) +/* Read the signature header. Must be in a contiguous region. */ +if (hdrblobRead(fd, 1, 1, RPMTAG_HEADERSIGNATURES, sigblob, )) NAK on this, there's an entirely reasonable case for non-contiguous signature header that we might actually adopt. Please do check back on history when suggesting changes, there's often a reason things are the way they are. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1471#discussion_r551865145___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
Haven't had a chance to properly look review and think through the concept etc yet, but a few preliminary review remarks to follow... -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-754592489___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
@pmatilai commented on this pull request. > @@ -850,10 +852,21 @@ int rpmPackageFilesInstall(rpmts ts, rpmte te, rpmfiles > files, char *tid = NULL; const char *suffix; char *fpath = NULL; +Header h = rpmteHeader(te); +const char *payloadfmt = headerGetString(h, RPMTAG_PAYLOADFORMAT); +bool cpio = true; Rpm uses 0/1 integers for booleans throughout. While C99 is fine as such, to me this lone "bool" only ends up looking out of place. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#pullrequestreview-561732682___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] Remove RedHat from HOWTO (#1474)
RedHat, or rather Fedora, has deprecated RPM and does not offer any support for it. Please remove links to RedHat and mentions thereof from the HOWTO document. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1474___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RFE: `rpm --macrofile` for using arbitrary macro file directories (#1469)
Um? --macros= exists since beginning of times, any 4.x version certainly. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1469#issuecomment-754572938___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RFE: `rpm --macrofile` for using arbitrary macro file directories (#1469)
臘 -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1469#issuecomment-754574381___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RFE: `rpm --macrofile` for using arbitrary macro file directories (#1469)
Closed #1469. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1469#event-4169253497___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Phasing out obsolete crypto in rpm (#1292)
Okay, in that case we agree :smile: I think the "nice" way of killing v3 support is letting the obsolete crypto those packages use make it effectively uninstallable due to being unverifiable. That would actually already be the case, if it wasn't for the MD5 header+payload digest being the only available non-signature means of verification for the payload in much of rpm 4.x too, all the way up to < 4.14. It's configurable already though. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1292#issuecomment-754584228___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
@pmatilai commented on this pull request. > for (i = 0; i < plugins->count; i++) { rpmPlugin plugin = plugins->plugins[i]; RPMPLUGINS_SET_HOOK_FUNC(fsm_file_pre); - if (hookFunc && hookFunc(plugin, fi, path, file_mode, op) == RPMRC_FAIL) { - rpmlog(RPMLOG_ERR, "Plugin %s: hook fsm_file_pre failed\n", plugin->name); - rc = RPMRC_FAIL; + if (hookFunc) { + hook_rc = hookFunc(plugin, fi, path, file_mode, op); + if (hook_rc == RPMRC_FAIL) { + rpmlog(RPMLOG_ERR, "Plugin %s: hook fsm_file_pre failed\n", plugin->name); + rc = RPMRC_FAIL; + } else if (hook_rc == RPMRC_PLUGIN_CONTENTS && rc != RPMRC_FAIL) { + if (rc == RPMRC_PLUGIN_CONTENTS) { + /* + Another plugin already said it'd handle contents. It's undefined how + these would combine, so treat this as a failure condition. + */ The rpm coding style for multi-line comments is as follow, please use that: ``` /* * * */ ``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#pullrequestreview-561735911___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
@pmatilai commented on this pull request. > +#define NOT_FOUND 0 + +#define BUFFER_SIZE (1024 * 128) + +/* magic value at end of file (64 bits) that indicates this is a transcoded rpm */ +#define MAGIC 3472329499408095051 + +struct reflink_state_s { + /* Stuff that's used across rpms */ + long fundamental_block_size; + char *buffer; + + /* stuff that's used/updated per psm */ + uint32_t keys, keysize; + + // table for current rpm, keys * (keysize + sizeof(rpm_loff_t)) Please use `/* ... */` comments consistently everywhere. `//` comments have occasionally slipped into the codebase but the generic style is `/* */`. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#pullrequestreview-561736879___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] command line help: option -q is undocumented (#1473)
{ rpm; } > Składnia: rpm [-afgplsiv?] [-a|--all] [-f|--file] [-g|--group] [-p|--package] >[--pkgid] [--hdrid] [--triggeredby] [--whatconflicts] [--whatrequires] >[--whatobsoletes] [--whatprovides] [--whatrecommends] [--whatsuggests] >[--whatsupplements] [--whatenhances] [--nomanifest] [-c|--configfiles] >[-d|--docfiles] [-L|--licensefiles] [-A|--artifactfiles] [--noghost] >[--noconfig] [--noartifact] [--dump] [-l|--list] >[--queryformat=QUERYFORMAT] [-s|--state] [--nofiledigest] [--nofiles] >[--nodeps] [--noscript] [--allfiles] [--allmatches] [--badreloc] >[-e|--erase=+] [--excludedocs] [--excludepath=<ścieżka>] > [--force] >[-F|--freshen=+] [-h|--hash] [--ignorearch] [--ignoreos] >[--ignoresize] [--noverify] [-i|--install] [--justdb] [--nodeps] >[--nofiledigest] [--nocontexts] [--nocaps] [--noorder] [--noscripts] >[--notriggers] [--oldpackage] [--percent] [--prefix=] >[--relocate==] [--replacefiles] [--replacepkgs] > [--test] >[-U|--upgrade=+] [--reinstall=+] >[-D|--define="MAKRO WYRAŻENIE"] [--undefine=MAKRO] > [-E|--eval="WYRAŻENIE"] >[--target=PROCESOR-PRODUCENT-SYSTEM_OPERACYJNY] [--macros=] >[--load=] [--noplugins] [--nodigest] [--nosignature] >[--rcfile=] [-r|--root=ROOT] [--dbpath=KATALOG] [--querytags] >[--showrc] [--quiet] [-v|--verbose] [--version] [-?|--help] [--usage] >[--scripts] [--setperms] [--setugids] [--setcaps] [--restore] >[--conflicts] [--obsoletes] [--provides] [--requires] [--recommends] >[--suggests] [--supplements] [--enhances] [--info] [--changelog] >[--changes] [--xml] [--triggers] [--filetriggers] [--last] [--dupes] >[--filesbypkg] [--fileclass] [--filecolor] [--fileprovide] > [--filerequire] >[--filecaps] -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1473___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)
Another broader thought is that perhaps it might be better to add a new plugin slot for this kind of purpose, which gets the fd as an argument and so doesn't need rpmteFd() which is something I'm not really comfortable in exposing in the external API. That would probably eliminate the need for that special PLUGIN_CONTENT return too. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-754619160___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Redundant requires from generators are not merged (#1476)
(At least I thought it does that. Maybe that just was wishful thinking...) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1476#issuecomment-754729408___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Redundant requires from generators are not merged (#1476)
rpm needs to assign dependencies to files so that 'rpm -q --filerequire' works. So it can't simply drop dependencies. In case you're wondering: rpm does this to ignore dependencies for files that are not installed, e.g. because they have the wrong file color. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1476#issuecomment-754720860___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Harden against crafted inputs (#1471)
@DemiMarie commented on this pull request. > @@ -169,8 +169,8 @@ rpmRC rpmpkgRead(struct rpmvs_s *vs, FD_t fd, goto exit; } -/* Read the signature header. Might not be in a contiguous region. */ -if (hdrblobRead(fd, 1, 0, RPMTAG_HEADERSIGNATURES, sigblob, )) +/* Read the signature header. Must be in a contiguous region. */ +if (hdrblobRead(fd, 1, 1, RPMTAG_HEADERSIGNATURES, sigblob, )) That’s understandable, so long as we never call `headerImport` on this header. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1471#discussion_r552219453___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint