[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/
commit: a671334b7c7b64bc779f1c2bfb4ed659d97c0d19 Author: Pavel Balaev void so> AuthorDate: Mon Mar 18 11:29:34 2024 + Commit: Sam James gentoo org> CommitDate: Sun May 26 23:27:08 2024 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=a671334b sync: don't use ipv6 for rsync when it's disabled socket.has_ipv6 gives a false result: $ sysctl net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.all.disable_ipv6 = 1 $ python Python 3.11.8 (main, Feb 24 2024, 17:10:38) [GCC 13.2.1 20240210] on linux >>> import socket >>> socket.has_ipv6 True This patch uses the portage.process.has_ipv6() function, which returns the correct result. Bug: https://bugs.gentoo.org/927241 Signed-off-by: Pavel Balaev void.so> Closes: https://github.com/gentoo/portage/pull/1309 Signed-off-by: Sam James gentoo.org> lib/portage/sync/modules/rsync/rsync.py | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index 15c3eb4da5..e89221ebc9 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -19,6 +19,7 @@ from portage import _unicode_decode from portage import os from portage.const import VCS_DIRS, TIMESTAMP_FORMAT, RSYNC_PACKAGE_ATOM from portage.output import create_color_func, yellow, blue, bold +from portage.process import has_ipv6 from portage.sync.getaddrinfo_validate import getaddrinfo_validate from portage.sync.syncbase import NewBase from portage.util import writemsg, writemsg_level, writemsg_stdout @@ -252,9 +253,7 @@ class RsyncSync(NewBase): family = socket.AF_UNSPEC if "-4" in all_rsync_opts or "--ipv4" in all_rsync_opts: family = socket.AF_INET -elif socket.has_ipv6 and ( -"-6" in all_rsync_opts or "--ipv6" in all_rsync_opts -): +elif has_ipv6() and ("-6" in all_rsync_opts or "--ipv6" in all_rsync_opts): family = socket.AF_INET6 addrinfos = None @@ -278,7 +277,7 @@ class RsyncSync(NewBase): if addrinfos: AF_INET = socket.AF_INET AF_INET6 = None -if socket.has_ipv6: +if has_ipv6(): AF_INET6 = socket.AF_INET6 ips_v4 = []
[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/, lib/portage/sync/, ...
commit: ddbe8bd019552573b3f9c1ef2e5701df2edb4dd6 Author: Frédéric Pierret (fepitre) qubes-os org> AuthorDate: Tue Aug 18 15:00:16 2020 + Commit: Zac Medico gentoo org> CommitDate: Mon Sep 7 23:31:06 2020 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=ddbe8bd0 syncbase: update with newer Gemato proxy parameter in openpgp env - Handle global proxy setting which is overrided by the one provided in Portage configuration (if exists). Bug: https://bugs.gentoo.org/740904 Closes: https://github.com/gentoo/portage/pull/607 See: https://github.com/mgorny/gemato/commit/9980de271de4f8f5e993e2b634d0e8d7753e382f Signed-off-by: Frédéric Pierret (fepitre) qubes-os.org> Signed-off-by: Zac Medico gentoo.org> lib/portage/sync/modules/git/git.py | 14 ++ lib/portage/sync/modules/rsync/rsync.py | 7 ++- lib/portage/sync/modules/webrsync/webrsync.py | 4 ++-- lib/portage/sync/syncbase.py | 21 + 4 files changed, 31 insertions(+), 15 deletions(-) diff --git a/lib/portage/sync/modules/git/git.py b/lib/portage/sync/modules/git/git.py index d87f1a601..8065fff33 100644 --- a/lib/portage/sync/modules/git/git.py +++ b/lib/portage/sync/modules/git/git.py @@ -207,19 +207,17 @@ class GitSync(NewBase): 'sync-git-verify-commit-signature', 'false').lower() not in ('true', 'yes')): return True - if self.repo.sync_openpgp_key_path is not None: - if gemato is None: - writemsg_level("!!! Verifying against specified key requires gemato-11.0+ installed\n", + if self.repo.sync_openpgp_key_path is not None and gemato is None: + writemsg_level("!!! Verifying against specified key requires gemato-14.5+ installed\n", level=logging.ERROR, noiselevel=-1) - return False - openpgp_env = gemato.openpgp.OpenPGPEnvironment() - else: - openpgp_env = None + return False + + openpgp_env = self._get_openpgp_env(self.repo.sync_openpgp_key_path) try: out = EOutput() env = None - if openpgp_env is not None: + if openpgp_env is not None and self.repo.sync_openpgp_key_path is not None: try: out.einfo('Using keys from %s' % (self.repo.sync_openpgp_key_path,)) with io.open(self.repo.sync_openpgp_key_path, 'rb') as f: diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index 35d1461e4..54e285d88 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -133,10 +133,7 @@ class RsyncSync(NewBase): if self.verify_metamanifest and gemato is not None: # Use isolated environment if key is specified, # system environment otherwise - if self.repo.sync_openpgp_key_path is not None: - openpgp_env = gemato.openpgp.OpenPGPEnvironment() - else: - openpgp_env = gemato.openpgp.OpenPGPSystemEnvironment() + openpgp_env = self._get_openpgp_env(self.repo.sync_openpgp_key_path) try: # Load and update the keyring early. If it fails, then verification @@ -361,7 +358,7 @@ class RsyncSync(NewBase): # if synced successfully, verify now if exitcode == 0 and self.verify_metamanifest: if gemato is None: - writemsg_level("!!! Unable to verify: gemato-11.0+ is required\n", + writemsg_level("!!! Unable to verify: gemato-14.5+ is required\n", level=logging.ERROR, noiselevel=-1) exitcode = 127 else: diff --git a/lib/portage/sync/modules/webrsync/webrsync.py b/lib/portage/sync/modules/webrsync/webrsync.py index 20cc25a2c..cc0dbc4a9 100644 --- a/lib/portage/sync/modules/webrsync/webrsync.py +++ b/lib/portage/sync/modules/webrsync/webrsync.py @@ -75,11 +75,11 @@ class WebRsync(SyncBase): return (1, False) if gemato is None: - writemsg_level("!!! Verifying against specified key requires gemato-11.0+ installed\n", + writemsg_level("!!! Verifying against specified key requires gemato-14.5+
[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/
commit: 051d75acf5e3fbca7c1083cb612e5f07a3a98919 Author: Frédéric Pierret (fepitre) qubes-os org> AuthorDate: Tue Aug 4 13:12:08 2020 + Commit: Zac Medico gentoo org> CommitDate: Mon Sep 7 22:49:53 2020 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=051d75ac rsync: ignore addrinfos with proxy settings Not doing so makes getting addrinfos failing due to "Temporary failure in name resolution" due to proxy settings. An alternative to this solution would be to define a socks.setdefaultproxy and passing socks.socksocket to socket. Bug: https://bugs.gentoo.org/740904 See: https://github.com/gentoo/portage/pull/607 Signed-off-by: Frédéric Pierret (fepitre) qubes-os.org> Signed-off-by: Zac Medico gentoo.org> lib/portage/sync/modules/rsync/rsync.py | 19 ++- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index 88b36ab79..35d1461e4 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -230,15 +230,16 @@ class RsyncSync(NewBase): addrinfos = None uris = [] - try: - addrinfos = getaddrinfo_validate( - socket.getaddrinfo(getaddrinfo_host, None, - family, socket.SOCK_STREAM)) - except socket.error as e: - writemsg_level( - "!!! getaddrinfo failed for '%s': %s\n" - % (_unicode_decode(hostname), str(e)), - noiselevel=-1, level=logging.ERROR) + if 'RSYNC_PROXY' not in self.spawn_kwargs['env']: + try: + addrinfos = getaddrinfo_validate( + socket.getaddrinfo( + getaddrinfo_host, None, family, socket.SOCK_STREAM)) + except socket.error as e: + writemsg_level( + "!!! getaddrinfo failed for '%s': %s\n" + % (_unicode_decode(hostname), str(e)), + noiselevel=-1, level=logging.ERROR) if addrinfos:
[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/
commit: f57d629053ceb7a5ec48826739625db76a057e20 Author: Aaron Bauman gentoo org> AuthorDate: Mon Aug 3 19:05:41 2020 + Commit: Zac Medico gentoo org> CommitDate: Mon Aug 3 19:21:15 2020 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=f57d6290 lib/portage/sync/modules/rsync/rsync.py: fix unused-import Signed-off-by: Aaron Bauman gentoo.org> Signed-off-by: Zac Medico gentoo.org> lib/portage/sync/modules/rsync/rsync.py | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index 33019534b..4ccf7769f 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -15,7 +15,6 @@ import tempfile import portage from portage import os from portage import _unicode_decode -from portage.exception import CommandNotFound from portage.util import writemsg_level from portage.output import create_color_func, yellow, blue, bold good = create_color_func("GOOD")
[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/, man/, lib/portage/sync/modules/git/, ...
commit: 141ef203661248a2c29945f8c6770ce0c242eaf0 Author: Wynn Wolf Arbor oriole systems> AuthorDate: Thu Jul 2 15:50:17 2020 + Commit: Zac Medico gentoo org> CommitDate: Thu Jul 2 21:37:02 2020 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=141ef203 repos.conf: Use consistent list of values for boolean options Valid values for boolean options in repos.conf are currently not managed in a consistent manner. Some options only support 'true' and 'false', whilst others additionally support 'yes' and 'no'. Using the latter forms on options that do not support them will lead to unexpected behaviour. For example, an option checking for 'true' will be disabled when 'yes' is used. This is counter-intuitive and adds additional burden: the user has to look up in the manual which form is accepted by which option. Have all boolean options consistently accept 'yes', 'no', 'true', and 'false' and make sure to document this in the portage(5) manual. Additionally, document the default value for each. Signed-off-by: Wynn Wolf Arbor oriole.systems> Signed-off-by: Zac Medico gentoo.org> lib/portage/repository/config.py| 4 +-- lib/portage/sync/modules/git/git.py | 4 +-- lib/portage/sync/modules/rsync/rsync.py | 6 ++--- man/portage.5 | 47 +++-- 4 files changed, 29 insertions(+), 32 deletions(-) diff --git a/lib/portage/repository/config.py b/lib/portage/repository/config.py index 6155c130a..3a5425be7 100644 --- a/lib/portage/repository/config.py +++ b/lib/portage/repository/config.py @@ -220,10 +220,10 @@ class RepoConfig(object): self.sync_depth = repo_opts.get('sync-depth') self.sync_hooks_only_on_change = repo_opts.get( - 'sync-hooks-only-on-change', 'false').lower() == 'true' + 'sync-hooks-only-on-change', 'false').lower() in ('true', 'yes') self.strict_misc_digests = repo_opts.get( - 'strict-misc-digests', 'true').lower() == 'true' + 'strict-misc-digests', 'true').lower() in ('true', 'yes') self.sync_allow_hardlinks = repo_opts.get( 'sync-allow-hardlinks', 'true').lower() in ('true', 'yes') diff --git a/lib/portage/sync/modules/git/git.py b/lib/portage/sync/modules/git/git.py index 7df4b6d61..ed8c1979f 100644 --- a/lib/portage/sync/modules/git/git.py +++ b/lib/portage/sync/modules/git/git.py @@ -1,4 +1,4 @@ -# Copyright 2005-2018 Gentoo Foundation +# Copyright 2005-2020 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 import io @@ -204,7 +204,7 @@ class GitSync(NewBase): def verify_head(self, revision='-1'): if (self.repo.module_specific_options.get( - 'sync-git-verify-commit-signature', 'false') != 'true'): + 'sync-git-verify-commit-signature', 'false').lower() not in ('true', 'yes')): return True if self.repo.sync_openpgp_key_path is not None: diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index a40e1c854..9be96c24c 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -1,4 +1,4 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2020 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 import sys @@ -68,7 +68,7 @@ class RsyncSync(NewBase): out = portage.output.EOutput(quiet=quiet) syncuri = self.repo.sync_uri if self.repo.module_specific_options.get( - 'sync-rsync-vcs-ignore', 'false').lower() == 'true': + 'sync-rsync-vcs-ignore', 'false').lower() in ('true', 'yes'): vcs_dirs = () else: vcs_dirs = frozenset(VCS_DIRS) @@ -102,7 +102,7 @@ class RsyncSync(NewBase): # via default repos.conf though. self.verify_metamanifest = ( self.repo.module_specific_options.get( - 'sync-rsync-verify-metamanifest', 'no') in ('yes', 'true')) + 'sync-rsync-verify-metamanifest', 'no').lower() in ('yes', 'true')) # Support overriding job count. self.verify_jobs = self.repo.module_specific_options.get( 'sync-rsync-verify-jobs', None) diff --git a/man/portage.5 b/man/portage.5 index 136ebaafe..a7e64cd5f 100644 --- a/man/portage.5 +++ b/man/portage.5 @@ -1,4 +1,4 @@ -.TH "PORTAGE" "5" "Jun 2020" "Portage VERSION" "Portage" +.TH "PORTAGE" "5" "Jul 2020" "Portage VERSION" "Portage" .SH NAME portage \- the heart of Gentoo .SH "DESCRIPTION" @@ -916,13 +916,11 @@ When 'force =
[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/
commit: 7ea06e6d87cd1394fe06c77ed5abad7f4497158d Author: Zac Medico gentoo org> AuthorDate: Wed Aug 28 17:42:51 2019 + Commit: Zac Medico gentoo org> CommitDate: Fri Aug 30 17:07:16 2019 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=7ea06e6d rsync: proxychains compatibility (bug 693026) Use the original hostname if it resolves to a single IP, since DNS lookup must occur in the rsync process for compatibility with things like proxychains that allocate a surrogate IP which is only valid within the current process. Bug: https://bugs.gentoo.org/693026 Signed-off-by: Zac Medico gentoo.org> lib/portage/sync/modules/rsync/rsync.py | 7 +++ 1 file changed, 7 insertions(+) diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index e6f2688f8..a40e1c854 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -283,6 +283,13 @@ class RsyncSync(NewBase): # With some configurations we need to use the plain hostname # rather than try to resolve the ip addresses (bug #340817). uris.append(syncuri) + elif len(uris) == 1: + # Use the original hostname if it resolves to a single IP, + # since DNS lookup must occur in the rsync process for + # compatibility with things like proxychains that allocate + # a surrogate IP which is only valid within the current + # process. + uris = [syncuri] # reverse, for use with pop() uris.reverse()
[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/
commit: 8ddc902ba8cb4712a2a8b49f46951c8ec326a678 Author: Zac Medico gentoo org> AuthorDate: Thu Jan 3 02:48:32 2019 + Commit: Zac Medico gentoo org> CommitDate: Thu Jan 3 06:21:42 2019 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=8ddc902b rsync: use ${PORTAGE_TMPDIR}/portage (bug 671808) Write temporary timestamp files in ${PORTAGE_TMPDIR}/portage, since writing files directly in ${PORTAGE_TMPDIR} is generally unexpected. Also, use the rsync --inplace option, since it's writing to a temp file created in advance and the usersync user does not necessarily have write access to the parent directory. Bug: https://bugs.gentoo.org/671808 Bug: https://bugs.gentoo.org/336503 Fixes: 3f7f72cf339d ("Bug #336503 - Use PORTAGE_TMPDIR for the emerge --sync server timestamp") Signed-off-by: Zac Medico gentoo.org> lib/portage/sync/modules/rsync/rsync.py | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index 0f8221776..e6f2688f8 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -583,11 +583,17 @@ class RsyncSync(NewBase): # Temporary file for remote server timestamp comparison. # NOTE: If FEATURES=usersync is enabled then the tempfile # needs to be in a directory that's readable by the usersync - # user. We assume that PORTAGE_TMPDIR will satisfy this + # user. We assume that ${PORTAGE_TMPDIR}/portage will satisfy this # requirement, since that's not necessarily true for the # default directory used by the tempfile module. if self.usersync_uid is not None: - tmpdir = self.settings['PORTAGE_TMPDIR'] + tmpdir = os.path.join(self.settings['PORTAGE_TMPDIR'], 'portage') + ensure_dirs_kwargs = {} + if portage.secpass >= 1: + ensure_dirs_kwargs['gid'] = portage.portage_gid + ensure_dirs_kwargs['mode'] = 0o70 + ensure_dirs_kwargs['mask'] = 0 + portage.util.ensure_dirs(tmpdir, **ensure_dirs_kwargs) else: # use default dir from tempfile module tmpdir = None @@ -598,6 +604,7 @@ class RsyncSync(NewBase): portage.util.apply_permissions(tmpservertimestampfile, uid=self.usersync_uid) command = rsynccommand[:] + command.append('--inplace') command.append(syncuri.rstrip("/") + \ "/metadata/timestamp.chk") command.append(tmpservertimestampfile)
[gentoo-commits] proj/portage:master commit in: lib/portage/sync/modules/rsync/
commit: e356d53ceb10ee24969ee79766f30e5004395f81 Author: Zac Medico gentoo org> AuthorDate: Mon Jul 23 19:39:39 2018 + Commit: Zac Medico gentoo org> CommitDate: Mon Jul 23 19:39:39 2018 + URL:https://gitweb.gentoo.org/proj/portage.git/commit/?id=e356d53c RsyncSync: fix _commit_download usersync privileges (bug 661834) Fix the _commit_download to drop privileges for the rsync call, in order to prevent it from creating files owned by root. Fixes: 84822ef7a214 ("rsync: quarantine data prior to verification (bug 660410)") Bug: https://bugs.gentoo.org/661834 lib/portage/sync/modules/rsync/rsync.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/portage/sync/modules/rsync/rsync.py b/lib/portage/sync/modules/rsync/rsync.py index fb1960a3c..56e38631e 100644 --- a/lib/portage/sync/modules/rsync/rsync.py +++ b/lib/portage/sync/modules/rsync/rsync.py @@ -94,7 +94,7 @@ class RsyncSync(NewBase): rsynccommand.append('--exclude=/%s' % os.path.basename(download_dir)) rsynccommand.append('%s/' % download_dir.rstrip('/')) rsynccommand.append('%s/' % self.repo.location) - exitcode = subprocess.call(rsynccommand) + exitcode = portage.process.spawn(rsynccommand, **self.spawn_kwargs) return exitcode