[gentoo-portage-dev] [PATCH]es -- several of 'em

[Jason Stubbs]

Hi all,

Bunch of patches here that have been sitting on my disk for a couple of 
months. There's actually a few more beyond this, but they'll likely need a 
little discussion. These are pretty much all open and shut. Acks would still 
be nice though.


DUAL-remove-CDEPEND-and-disable-RDEPENDs-on-buildpkgonly.patch

Kills of the reading of CDEPEND as it's not used at all. The second part 
clears RDEPEND and PDEPEND when --build-pkg-only is specified as these deps 
are not required to build the package(s).


add-newuse-to-help.patch

Completes the monstrosity that is `emerge --help` by adding the short hand 
option for --newuse.


check-world-writable-files.patch

Submitted by solar. Sets o-w on any u+s or g+s files and warns on any other 
file that is o+w.


correct-sizes-in-pretend-fetch.patch

Makes fetch() use the supplied USE flags rather than blanketly overriding 
them. This was causing emerge -p output to be incorrect when package.use came 
into play.


disallow-relative-globs.patch

Present portage looks at ">=sys-apps/portage-2.0*" as being valid. It's not.


dispatch-conf-typo-fix.patch

Harmless typo fix.


dist-mirror-update.patch

Decaptilizes "Linux" to match the upstream change.


ignore-pprovided-system-packages.patch

Removes anything in system that is satisfied by package.provided.


--
Jason Stubbs

diff -u -r1.201.2.40 ebuild.sh
--- bin/ebuild.sh	9 Aug 2005 11:25:44 -0000	1.201.2.40
+++ bin/ebuild.sh	11 Aug 2005 14:26:16 -0000
@@ -1017,12 +1017,24 @@
 	for i in $(find "${D}/" -type f -perm -2002); do
 		((UNSAFE++))
 		echo "UNSAFE SetGID: $i"
+		chmod -s,o-w "$i"
 	done
 	for i in $(find "${D}/" -type f -perm -4002); do
 		((UNSAFE++))
 		echo "UNSAFE SetUID: $i"
+		chmod -s,o-w "$i"
 	done
 	
+	# Now we look for all world writable files.
+	for i in $(find "${D}/" -type f -perm -2); do
+		echo -ne '\a'
+		echo "QA Security Notice:"
+		echo "- ${i:${#D}:${#i}} will be a world writable file."
+		echo "- This may or may not be a security problem, most of the time it is one."
+		echo "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."
+		sleep 1
+	done
+
 	if type -p scanelf > /dev/null ; then
 		# Make sure we disallow insecure RUNPATH/RPATH's
 		# Don't want paths that point to the tree where the package was built

diff -u -r1.8.2.2 emergehelp.py
--- pym/emergehelp.py	16 Jan 2005 02:35:33 -0000	1.8.2.2
+++ pym/emergehelp.py	11 Aug 2005 14:26:17 -0000
@@ -15,7 +15,7 @@
 	print "   "+turquoise("emerge")+" < "+turquoise("--sync")+" | "+turquoise("--metadata")+" | "+turquoise("--info")+" >"
 	print "   "+turquoise("emerge")+" "+turquoise("--resume")+" [ "+green("--pretend")+" | "+green("--ask")+" | "+green("--skipfirst")+" ]"
 	print "   "+turquoise("emerge")+" "+turquoise("--help")+" [ "+green("system")+" | "+green("config")+" | "+green("sync")+" ] "
-	print bold("Options:")+" "+green("-")+"["+green("abcCdDefhikKlnoOpPsSuUvV")+"] ["+green("--oneshot")+"] ["+green("--newuse")+"] ["+green("--noconfmem")+"]"
+	print bold("Options:")+" "+green("-")+"["+green("abcCdDefhikKlnNoOpPsSuUvV")+"] ["+green("--oneshot")+"] ["+green("--newuse")+"] ["+green("--noconfmem")+"]"
 	print      "                                    ["+green("--columns")+"] ["+green("--nospinner")+"]"
 	print bold("Actions:")+" [ "+green("--clean")+" | "+green("--depclean")+" | "+green("--inject")+" | "+green("--prune")+" | "+green("--regen")+" | "+green("--search")+" | "+green("--unmerge")+" ]"
 	print
@@ -185,7 +185,7 @@
 		print "              downloaded from the remote server without consulting packages"
 		print "              existing in the packages directory."
 		print
-		print "       "+green("--newuse")
+		print "       "+green("--newuse")+" ("+green("-N")+" short option)"
 		print "              Tells emerge to include installed packages where USE flags have "
 		print "              changed since installation."
 		print

diff -u -r1.524.2.76 portage.py
--- pym/portage.py	29 May 2005 12:40:08 -0000	1.524.2.76
+++ pym/portage.py	11 Aug 2005 14:26:18 -0000
@@ -3055,6 +3057,8 @@
 	mycpv_cps = catpkgsplit(dep_getcpv(atom))
 	operator = get_operator(atom)
 	if operator:
+		if operator[0] in "<>" and atom[-1] == "*":
+			return 0
 		if mycpv_cps and mycpv_cps[0] != "null":
 			# >=cat/pkg-1.0
 			return 1

diff -u -r1.524.2.76 portage.py
--- pym/portage.py	29 May 2005 12:40:08 -0000	1.524.2.76
+++ pym/portage.py	11 Aug 2005 14:26:18 -0000
@@ -5389,7 +5398,8 @@
 			print red("getfetchlist():")+" aux_get() error reading "+mypkg+"; aborting."
 			sys.exit(1)
 
-		useflags = string.split(mysettings["USE"])
+		if useflags is None:
+			useflags = string.split(mysettings["USE"])
 
 		myurilist = portage_dep.paren_reduce(myuris)
 		myurilist = portage_dep.use_reduce(myurilist,uselist=useflags,matchall=all)

diff -u -r1.7.2.10 dispatch-conf
--- bin/dispatch-conf	12 May 2005 15:20:22 -0000	1.7.2.10
+++ bin/dispatch-conf	11 Aug 2005 14:26:15 -0000
@@ -48,7 +48,7 @@
 
 # Ensure the scratch dir is deleted
 def cleanup(mydir=SCRATCH_DIR):
-    shutil.rmtree(SCRATCH_DIR)
+    shutil.rmtree(mydir)
 atexit.register(cleanup)
 
 MANDATORY_OPTS  = [ 'archive-dir', 'diff', 'replace-cvs', 'replace-wscomments', 'merge' ]

diff -u -r1.56.2.5 make.globals
--- cnf/make.globals	5 May 2005 03:59:59 -0000	1.56.2.5
+++ cnf/make.globals	11 Aug 2005 14:26:17 -0000
@@ -17,7 +17,7 @@
 SYNC="rsync://rsync.gentoo.org/gentoo-portage"
 
 # Default distfiles mirrors
-GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/Linux/distributions/gentoo";
+GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo";
 
 # Repository Paths
 PORTDIR=/usr/portage

diff -u -r1.345.2.37 emerge
--- bin/emerge	5 Aug 2005 04:15:00 -0000	1.345.2.37
+++ bin/emerge	11 Aug 2005 14:26:16 -0000
@@ -985,7 +993,6 @@
 				edepend["DEPEND"] =""
 				edepend["RDEPEND"]=string.join(string.split(edepend["RDEPEND"])," ")
 				edepend["PDEPEND"]=string.join(string.split(edepend["PDEPEND"])," ")
-				edepend["CDEPEND"]=string.join(string.split(edepend["CDEPEND"])," ")
 				edepend["SLOT"]   =string.strip(edepend["SLOT"])
 				#portage.db[portage.root]["bintree"].gettbz2(mykey)
 			else: # It's local.
@@ -993,14 +1000,16 @@
 				edepend["DEPEND"] =""
 				edepend["RDEPEND"]=string.join(mytbz2.getelements("RDEPEND")," ")
 				edepend["PDEPEND"]=string.join(mytbz2.getelements("PDEPEND")," ")
-				edepend["CDEPEND"]=string.join(mytbz2.getelements("CDEPEND")," ")
 				edepend["SLOT"]   =mytbz2.getfile("SLOT",mypkgparts[2])
 		elif mytype=="ebuild":
 			try:
-				mymeta = ["DEPEND","RDEPEND","PDEPEND","CDEPEND"]
+				mymeta = ["DEPEND","RDEPEND","PDEPEND"]
 				myfoo = portage.portdb.aux_get(mykey, mymeta)
 				for index in range(0,len(mymeta)):
 					edepend[mymeta[index]] = myfoo[index]
+				if "--buildpkgonly" in myopts:
+					edepend["RDEPEND"] = ""
+					edepend["PDEPEND"] = ""
 			except (KeyError,IOError):
 				print "emerge: create(): aux_get() error on",mykey+"; aborting..."
 				sys.exit(1)