Add pacman/makepkg modifications

2 years ago · 71b21caafd
--- a/pacman/usr/local/bin/makepkg
+++ b/pacman/usr/local/bin/makepkg
--- a/pacman/usr/local/bin/pacman
+++ b/pacman/usr/local/bin/pacman
@ -0,0 +1,7 @@
 #!/bin/env bash

 source /usr/local/bin/pacmankeycheck.sh

 keyringcheck

 /usr/bin/pacman ${@:1}
--- a/pacman/usr/local/bin/pacmankeycheck.sh
+++ b/pacman/usr/local/bin/pacmankeycheck.sh
@ -0,0 +1,64 @@
 #!/bin/env bash
 #
 #   pacmankeycheck - Check age of Pacman PGP/GPG public key ring files and update if wanted
 #
 #   Copyright (C) 2021  Pekka Helenius <pekka.helenius@fjordtek.com>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
 #   the Free Software Foundation; either version 2 of the License, or
 #   (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be useful,
 #   but WITHOUT ANY WARRANTY; without even the implied warranty of
 #   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 #   GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program.  If not, see <http://www.gnu.org/licenses/>.

 LIBRARY=${LIBRARY:-'/usr/share/makepkg'}

 source "$LIBRARY/util/message.sh"
 source "$LIBRARY/util/pkgbuild.sh"

 colorize

 function keyringcheck() {
  keyfilepath="/etc/pacman.d/gnupg"

  keyfiles=(
    'pubring.gpg'
  #  'secring.gpg'
    'trustdb.gpg'
  )

  # Deadline in days
  deadline=30

  expiredkeys=0
  deadlineseconds=$(($deadline * 24 * 60 * 60))

  for i in ${keyfiles[@]}; do

    file="${keyfilepath}/${i}"
    age=$(( $(date "+%s") - $(stat -c %Z "${file}") ))
    lastupdated=$(date --date=@$(stat -c %Z "${file}"))

    if [[ $age -gt $deadlineseconds ]]; then
      expiredkeys=1
      warning "$(gettext "Pacman PGP/GPG public key ring file %s is over %s days old. Last updated: %s")" "${i}" "${deadline}" "${lastupdated}"
    fi

  done

  if [[ $expiredkeys -eq 1 ]]; then
    msg "$(gettext "Outdated pacman public key ring files may cause issues on package installations.")"
    msg "$(gettext "Do you wish to update the pacman key ring files before proceeding with the pacman command? [Y/n]")"
    read response

    if [[ $(echo $response) =~ ^([yY][eE][sS]|[yY])$ ]]; then
      su root -c 'pacman-key --populate archlinux; pacman-key --refresh'
    fi
  fi
 }
--- a/pacman/usr/share/makepkg/source.sh
+++ b/pacman/usr/share/makepkg/source.sh
@ -0,0 +1,113 @@
 #!/usr/bin/bash
 #
 #   source.sh - functions for downloading and extracting sources
 #
 #   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
 #   the Free Software Foundation; either version 2 of the License, or
 #   (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be useful,
 #   but WITHOUT ANY WARRANTY; without even the implied warranty of
 #   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 #   GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #

 [[ -n "$LIBMAKEPKG_SOURCE_SH" ]] && return
 LIBMAKEPKG_SOURCE_SH=1

 LIBRARY=${LIBRARY:-'/usr/share/makepkg'}

 source "$LIBRARY/util/message.sh"
 source "$LIBRARY/util/pkgbuild.sh"
 source "$LIBRARY/util/source.sh"


 for lib in "$LIBRARY/source/"*.sh; do
 	source "$lib"
 done


 download_sources() {
 	local netfile all_sources
 	local get_source_fn=get_all_sources_for_arch get_vcs=1

 	msg "$(gettext "Retrieving sources...")"

 	while true; do
 		case $1 in
 			allarch)
 				get_source_fn=get_all_sources
 				;;
 			novcs)
 				get_vcs=0
 				;;
 			*)
 				break
 				;;
 		esac
 		shift
 	done

 	"$get_source_fn" 'all_sources'
 	for netfile in "${all_sources[@]}"; do
 		pushd "$SRCDEST" &>/dev/null

 		local proto=$(get_protocol "$netfile")
 		case "$proto" in
 			local)
 				download_local "$netfile"
 				;;
 			bzr*)
 				(( get_vcs )) && download_bzr "$netfile"
 				;;
 			git*)
        		(( get_vcs )) && download_git "$netfile" "--depth" "1"
                ;;
 			hg*)
 				(( get_vcs )) && download_hg "$netfile"
 				;;
 			svn*)
 				(( get_vcs )) && download_svn "$netfile"
 				;;
 			*)
 				download_file "$netfile"
 				;;
 		esac

 		popd &>/dev/null
 	done
 }

 extract_sources() {
 	msg "$(gettext "Extracting sources...")"
 	local netfile all_sources

 	get_all_sources_for_arch 'all_sources'
 	for netfile in "${all_sources[@]}"; do
 		local file=$(get_filename "$netfile")
 		local proto=$(get_protocol "$netfile")
 		case "$proto" in
 			bzr*)
 				extract_bzr "$netfile"
 				;;
 			git*)
 				extract_git "$netfile"
 				;;
 			hg*)
 				extract_hg "$netfile"
 				;;
 			svn*)
 				extract_svn "$netfile"
 				;;
 			*)
 				extract_file "$file"
 				;;
 		esac
 	done
 }
--- a/pacman/usr/share/makepkg/source/git.sh
+++ b/pacman/usr/share/makepkg/source/git.sh
@ -0,0 +1,138 @@
 #!/usr/bin/bash
 #
 #   git.sh - function for handling the download and "extraction" of Git sources
 #
 #   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
 #   the Free Software Foundation; either version 2 of the License, or
 #   (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be useful,
 #   but WITHOUT ANY WARRANTY; without even the implied warranty of
 #   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 #   GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #

 [[ -n "$LIBMAKEPKG_SOURCE_GIT_SH" ]] && return
 LIBMAKEPKG_SOURCE_GIT_SH=1


 LIBRARY=${LIBRARY:-'/usr/share/makepkg'}

 source "$LIBRARY/util/message.sh"
 source "$LIBRARY/util/pkgbuild.sh"


 download_git() {
 	local netfile=$1

    local options=${@:2}

 	local dir=$(get_filepath "$netfile")
 	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"

 	local repo=$(get_filename "$netfile")

 	local url=$(get_url "$netfile")
 	url=${url#git+}
 	url=${url%%#*}
 	url=${url%%\?*}

 	if [[ ! -d "$dir" ]] || dir_is_empty "$dir" ; then
        if [[ ${options[@]} ]]; then
          msg2 "$(gettext "Cloning %s %s repo (params: %s)...")" "${repo}" "git" "${options[*]}"
        else
 		  msg2 "$(gettext "Cloning %s %s repo...")" "${repo}" "git"
        fi
 		if ! git clone ${options[*]} --mirror "$url" "$dir"; then
 			error "$(gettext "Failure while downloading %s %s repo")" "${repo}" "git"
 			plain "$(gettext "Aborting...")"
 			exit 1
 		fi
 	elif (( ! HOLDVER )); then
 		cd_safe "$dir"
 		# Make sure we are fetching the right repo
 		if [[ "$url" != "$(git config --get remote.origin.url)" ]] ; then
 			error "$(gettext "%s is not a clone of %s")" "$dir" "$url"
 			plain "$(gettext "Aborting...")"
 			exit 1
 		fi
 		msg2 "$(gettext "Updating %s %s repo...")" "${repo}" "git"
 		if ! git fetch --all -p; then
 			# only warn on failure to allow offline builds
 			warning "$(gettext "Failure while updating %s %s repo")" "${repo}" "git"
 		fi
 	fi
 }

 extract_git() {
 	local netfile=$1 tagname

 	local fragment=$(get_uri_fragment "$netfile")
 	local repo=$(get_filename "$netfile")

 	local dir=$(get_filepath "$netfile")
 	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"

 	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "git"
 	pushd "$srcdir" &>/dev/null

 	local updating=0
 	if [[ -d "${dir##*/}" ]]; then
 		updating=1
 		cd_safe "${dir##*/}"
 		if ! git fetch; then
 			error "$(gettext "Failure while updating working copy of %s %s repo")" "${repo}" "git"
 			plain "$(gettext "Aborting...")"
 			exit 1
 		fi
 		cd_safe "$srcdir"
    echo "${dir##*/}"
 	elif ! git clone "$dir" "${dir##*/}"; then
 		error "$(gettext "Failure while creating working copy of %s %s repo")" "${repo}" "git"
 		plain "$(gettext "Aborting...")"
 		exit 1
 	fi

 	cd_safe "${dir##*/}"

 	local ref=origin/HEAD
 	if [[ -n $fragment ]]; then
 		case ${fragment%%=*} in
 			commit|tag)
 				ref=${fragment##*=}
 				;;
 			branch)
 				ref=origin/${fragment##*=}
 				;;
 			*)
 				error "$(gettext "Unrecognized reference: %s")" "${fragment}"
 				plain "$(gettext "Aborting...")"
 				exit 1
 		esac
 	fi

 	if [[ ${fragment%%=*} = tag ]]; then
 		tagname="$(git tag -l --format='%(tag)' "$ref")"
 		if [[ -n $tagname && $tagname != $ref ]]; then
 			error "$(gettext "Failure while checking out version %s, the git tag has been forged")" "$ref"
 			plain "$(gettext "Aborting...")"
 			exit 1
 		fi
 	fi

 	if [[ $ref != "origin/HEAD" ]] || (( updating )) ; then
 		if ! git checkout --force --no-track -B makepkg $ref; then
 			error "$(gettext "Failure while creating working copy of %s %s repo")" "${repo}" "git"
 			plain "$(gettext "Aborting...")"
 			exit 1
 		fi
 	fi

 	popd &>/dev/null
 }