Sun Mar 21 15:31:42 2010 UTC ()
Revert unintended commit.


(wiz)
diff -r1.13 -r1.14 pkgsrc/mk/bulk/sort-packages
diff -r1.46 -r1.47 pkgsrc/mk/bulk/upload
cvs diff -r1.13 -r1.14 pkgsrc/mk/bulk/Attic/sort-packages (expand / switch to unified diff)

--- pkgsrc/mk/bulk/Attic/sort-packages 2010/03/21 10:52:29 1.13
+++ pkgsrc/mk/bulk/Attic/sort-packages 2010/03/21 15:31:41 1.14
@@ -1,41 +1,47 @@ @@ -1,41 +1,47 @@
1#! /bin/sh 1#! /bin/sh
2# $NetBSD: sort-packages,v 1.13 2010/03/21 10:52:29 wiz Exp $ 2# $NetBSD: sort-packages,v 1.14 2010/03/21 15:31:41 wiz Exp $
3 3
4# This program scans all binary packages in the current directory and 4# This program scans all binary packages in the current directory and
5# creates two lists of files in OUTDIR: 5# creates three lists of files in OUTDIR:
6# 6#
7# restricted_packages 7# restricted_packages
8# contains all packages that must not be published on the FTP 8# contains all packages that must not be published on the FTP
9# server, for whatever reason 9# server, for whatever reason
10# 10#
 11# vulnerable_packages
 12# contains all packages that are not restricted, but vulnerable
 13#
11# regular_packages 14# regular_packages
12# contains all the other ("good") packages. 15# contains all the other ("good") packages.
13# 16#
14 17
15set -eu 18set -eu
16 19
17: ${OUTDIR="/tmp"} 20: ${OUTDIR="/tmp"}
18: ${PKG_SUFX=".tgz"} 21: ${PKG_SUFX=".tgz"}
 22: ${AUDIT_PACKAGES="audit-packages"}
19: ${PKG_ADMIN="pkg_admin"} 23: ${PKG_ADMIN="pkg_admin"}
20: ${PKG_INFO="pkg_info"} 24: ${PKG_INFO="pkg_info"}
21 25
22regular_packages="${OUTDIR}/regular_packages" 26regular_packages="${OUTDIR}/regular_packages"
23restricted_packages="${OUTDIR}/restricted_packages" 27restricted_packages="${OUTDIR}/restricted_packages"
 28vulnerable_packages="${OUTDIR}/vulnerable_packages"
24newline=" 29newline="
25" 30"
26 31
27: > "${regular_packages}" 32: > "${regular_packages}"
28: > "${restricted_packages}" 33: > "${restricted_packages}"
 34: > "${vulnerable_packages}"
29 35
30for pkg in *${PKG_SUFX}; do 36for pkg in *${PKG_SUFX}; do
31 build_info=`${PKG_INFO} -B "${pkg}"` 37 build_info=`${PKG_INFO} -B "${pkg}"`
32 38
33 # Note: this code needs to be that complicated because licensing 39 # Note: this code needs to be that complicated because licensing
34 # issues are critical to pkgsrc, and we really don't want 40 # issues are critical to pkgsrc, and we really don't want
35 # anything unexpected to happen here. The worst case would be 41 # anything unexpected to happen here. The worst case would be
36 # that some file is sorted wrongly because some change in the 42 # that some file is sorted wrongly because some change in the
37 # output of pkg_info which had not been foreseen. Therefore it 43 # output of pkg_info which had not been foreseen. Therefore it
38 # is better to check as strictly as possible to make those 44 # is better to check as strictly as possible to make those
39 # changes immediately visible. 45 # changes immediately visible.
40 46
41 no_bin_on_ftp="unknown" 47 no_bin_on_ftp="unknown"
@@ -48,33 +54,45 @@ for pkg in *${PKG_SUFX}; do @@ -48,33 +54,45 @@ for pkg in *${PKG_SUFX}; do
48 ;; 54 ;;
49 esac 55 esac
50 56
51 restricted="unknown" 57 restricted="unknown"
52 case "${newline}${build_info}${newline}" in 58 case "${newline}${build_info}${newline}" in
53 *"${newline}RESTRICTED=${newline}"*) 59 *"${newline}RESTRICTED=${newline}"*)
54 restricted="no" 60 restricted="no"
55 ;; 61 ;;
56 *"${newline}RESTRICTED="*) 62 *"${newline}RESTRICTED="*)
57 restricted="yes" 63 restricted="yes"
58 ;; 64 ;;
59 esac 65 esac
60 66
61 if [ "${restricted}" != "unknown" ] && [ "${no_bin_on_ftp}" != "unknown" ]; then 67 if [ "${restricted}" = "no" ] && [ "${no_bin_on_ftp}" = "no" ]; then
 68 # Check whether the package is vulnerable or not.
 69 pkg_prefix="${pkg%%-*}"
 70 category="regular"
 71 _INFO_VER=`${PKG_INFO} -V`;
 72 vuln=`${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -p "${pkg}"`
 73 if [ -n "${vuln}" ]; then
 74 category="vulnerable"
 75 fi
 76 elif [ "${restricted}" != "unknown" ] && [ "${no_bin_on_ftp}" != "unknown" ]; then
62 category="restricted" 77 category="restricted"
63 else 78 else
64 category="unknown" 79 category="unknown"
65 fi 80 fi
66 81
67 : echo "upload> ${pkg} is ${category}." 82 : echo "upload> ${pkg} is ${category}."
68 83
69 case "${category}" in 84 case "${category}" in
70 "regular") 85 "regular")
71 echo "${pkg}" >> "${regular_packages}" 86 echo "${pkg}" >> "${regular_packages}"
72 ;; 87 ;;
 88 "vulnerable")
 89 echo "${pkg}" >> "${vulnerable_packages}"
 90 ;;
73 "restricted") 91 "restricted")
74 echo "${pkg}" >> "${restricted_packages}" 92 echo "${pkg}" >> "${restricted_packages}"
75 ;; 93 ;;
76 *) 94 *)
77 echo "sort-packages> WARNING: Could not sort ${pkg} into a category." 1>&2 95 echo "sort-packages> WARNING: Could not sort ${pkg} into a category." 1>&2
78 ;; 96 ;;
79 esac 97 esac
80done 98done
cvs diff -r1.46 -r1.47 pkgsrc/mk/bulk/Attic/upload (expand / switch to unified diff)

--- pkgsrc/mk/bulk/Attic/upload 2010/03/21 10:52:29 1.46
+++ pkgsrc/mk/bulk/Attic/upload 2010/03/21 15:31:42 1.47
@@ -1,15 +1,15 @@ @@ -1,15 +1,15 @@
1#!/bin/sh 1#!/bin/sh
2# $NetBSD: upload,v 1.46 2010/03/21 10:52:29 wiz Exp $ 2# $NetBSD: upload,v 1.47 2010/03/21 15:31:42 wiz Exp $
3 3
4# 4#
5# Upload non-restricted binary pkgs to ftp server 5# Upload non-restricted binary pkgs to ftp server
6# 6#
7 7
8AWK=${AWK:-/usr/bin/awk} 8AWK=${AWK:-/usr/bin/awk}
9PKG_ADMIN="pkg_admin" 9PKG_ADMIN="pkg_admin"
10PKG_INFO="pkg_info" 10PKG_INFO="pkg_info"
11 11
12set -eu 12set -eu
13 13
14# 14#
15# Find out where we are 15# Find out where we are
@@ -208,68 +208,85 @@ fi @@ -208,68 +208,85 @@ fi
208# 208#
209# Some temp files 209# Some temp files
210# 210#
211 211
212umask 022 212umask 022
213TMPDIR="${TMPDIR:-/tmp}" 213TMPDIR="${TMPDIR:-/tmp}"
214TMP="${TMPDIR}"/pkg_upload.$$ 214TMP="${TMPDIR}"/pkg_upload.$$
215(umask 077 && mkdir "${TMP}") \ 215(umask 077 && mkdir "${TMP}") \
216|| { 216|| {
217 echo "upload> ERROR: cannot create temporary directory \"${TMP}\"." 1>&2 217 echo "upload> ERROR: cannot create temporary directory \"${TMP}\"." 1>&2
218 exit 1 218 exit 1
219} 219}
220 220
 221vulnerable_packages="$TMP/vulnerable_packages"
221restricted_packages="$TMP/restricted_packages" 222restricted_packages="$TMP/restricted_packages"
222old_packages="$TMP/old_packages" 223old_packages="$TMP/old_packages"
223good_packages="$TMP/regular_packages" 224good_packages="$TMP/regular_packages"
224all_good_packages="$TMP/all_regular_packages" 225all_good_packages="$TMP/all_regular_packages"
225 226
226upload_general="$TMP"/upload_general 227upload_general="$TMP"/upload_general
 228upload_vulnerable="$TMP"/upload_vulnerable
227 229
228# May be different than $USR_PKGSRC: 230# May be different than $USR_PKGSRC:
229echo "upload> Running ${BMAKE} to get the pkgsrc variables" 231echo "upload> Running ${BMAKE} to get the pkgsrc variables"
230pkgsrcdir=`cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=_PKGSRCDIR` 232pkgsrcdir=`cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=_PKGSRCDIR`
231packages=`cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=PACKAGES` 233packages=`cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=PACKAGES`
232distdir=`cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=DISTDIR` 234distdir=`cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=DISTDIR`
233gzip_cmd=`cd pkgtools/lintpkgsrc; ${BMAKE} show-var VARNAME=GZIP_CMD USE_TOOLS=gzip` 235gzip_cmd=`cd pkgtools/lintpkgsrc; ${BMAKE} show-var VARNAME=GZIP_CMD USE_TOOLS=gzip`
234pkg_info=`cd pkgtools/lintpkgsrc && ${BMAKE} show-var VARNAME=PKG_INFO` 236pkg_info=`cd pkgtools/lintpkgsrc && ${BMAKE} show-var VARNAME=PKG_INFO`
235shell=`cd pkgtools/lintpkgsrc && ${BMAKE} show-var VARNAME=TOOLS_PLATFORM.sh` 237shell=`cd pkgtools/lintpkgsrc && ${BMAKE} show-var VARNAME=TOOLS_PLATFORM.sh`
236 238
237# Pull in some pkgs needed 239# Pull in some pkgs needed
238for pkg in ${REQUIRED_PACKAGES}; do 240for pkg in ${REQUIRED_PACKAGES}; do
239 install_required $pkg 241 install_required $pkg
240done 242done
241 243
 244echo "upload> Making sure vulnerability-list is up-to-date:"
 245if [ -z "$UPDATE_VULNERABILITY_LIST" -o "$UPDATE_VULNERABILITY_LIST" = "yes" ]
 246then
 247 _PKGVULNDIR=`audit-packages ${AUDIT_PACKAGES_FLAGS} -Q PKGVULNDIR`
 248 download-vulnerability-list ${DOWNLOAD_VULNERABILITY_LIST_FLAGS}
 249 if [ "x${_PKGVULNDIR}" != "x${distdir}" ]; then
 250 cp ${_PKGVULNDIR}/pkg-vulnerabilities ${distdir}
 251 fi
 252 echo " done."
 253else
 254 echo " (skipped)"
 255fi
 256
242case $LINTPKGSRC_CACHE in 257case $LINTPKGSRC_CACHE in
243yes|YES) 258yes|YES)
244 lintpkgsrc_cache="-I `cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=LINTPKGSRC_DB`" 259 lintpkgsrc_cache="-I `cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=LINTPKGSRC_DB`"
245 ;; 260 ;;
246*) 261*)
247 lintpkgsrc_cache='' 262 lintpkgsrc_cache=''
248 ;; 263 ;;
249esac 264esac
250 265
251echo "upload> Checking for out of date packages:" 266echo "upload> Checking for out of date packages:"
252# -p = report old versions of packages 267# -p = report old versions of packages
253lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -p > "${old_packages}.tmp" 268lintpkgsrc $lintpkgsrc_cache -K $packages -P $pkgsrcdir -p > "${old_packages}.tmp"
254sed 's@'$packages'/@@' < "${old_packages}.tmp" > "$old_packages" 269sed 's@'$packages'/@@' < "${old_packages}.tmp" > "$old_packages"
255 270
256RSFLAGS="-vap --progress $RSYNC_OPTS" 271RSFLAGS="-vap --progress $RSYNC_OPTS"
257 272
258failed=no 273failed=no
259cd $packages 274cd $packages
260 275
261echo "upload> Checking for restricted packages" 276echo "upload> Checking for restricted and vulnerable packages"
262(cd All && env PKG_INFO="${pkg_info}" OUTDIR="${TMP}" \ 277(cd All && env PKG_INFO="${pkg_info}" OUTDIR="${TMP}" PKGVULNDIR="${distdir}" \
 278 AUDIT_PACKAGES_FLAGS="${AUDIT_PACKAGES_FLAGS}" \
 279 DOWNLOAD_VULNERABILITY_LIST_FLAGS="${DOWNLOAD_VULNERABILITY_LIST_FLAGS}" \
263 ${shell} "${pkgsrcdir}/mk/bulk/sort-packages") 280 ${shell} "${pkgsrcdir}/mk/bulk/sort-packages")
264 281
265# Add the name of the package file, including all its symlinks to the 282# Add the name of the package file, including all its symlinks to the
266# list of files to be uploaded. 283# list of files to be uploaded.
267while read package; do 284while read package; do
268 ls -1 */"$package" 285 ls -1 */"$package"
269done < "$good_packages" > "$all_good_packages" 286done < "$good_packages" > "$all_good_packages"
270 287
271if [ "${MKSUMS}" = "yes" -o "${MKSUMS}" = "YES" ]; then 288if [ "${MKSUMS}" = "yes" -o "${MKSUMS}" = "YES" ]; then
272 289
273 echo "upload> Calculating checksum files..." 290 echo "upload> Calculating checksum files..."
274 291
275 SUMFILES="BSDSUM CKSUM MD5 SHA1 SYSVSUM" 292 SUMFILES="BSDSUM CKSUM MD5 SHA1 SYSVSUM"
@@ -281,27 +298,27 @@ if [ "${MKSUMS}" = "yes" -o "${MKSUMS}"  @@ -281,27 +298,27 @@ if [ "${MKSUMS}" = "yes" -o "${MKSUMS}"
281 for i in ${SUMFILES}; do 298 for i in ${SUMFILES}; do
282 echo > $i 299 echo > $i
283 echo "This file is signed with ${SIGN_AS}'s PGP key." >> $i 300 echo "This file is signed with ${SIGN_AS}'s PGP key." >> $i
284 echo >> $i 301 echo >> $i
285 done 302 done
286 fi 303 fi
287 304
288 install_required "pkgtools/digest" 305 install_required "pkgtools/digest"
289 306
290 [ -z "${BSDSUM}" ] && BSDSUM="echo" 307 [ -z "${BSDSUM}" ] && BSDSUM="echo"
291 [ -z "${CKSUM}" ] && CKSUM="echo" 308 [ -z "${CKSUM}" ] && CKSUM="echo"
292 [ -z "${SYSVSUM}" ] && SYSVSUM="echo" 309 [ -z "${SYSVSUM}" ] && SYSVSUM="echo"
293 310
294 for pkg in `cat "${good_packages}"`; do 311 for pkg in `cat "${good_packages}" "${vulnerable_packages}"`; do
295 pkg="All/$pkg" 312 pkg="All/$pkg"
296 ${BSDSUM} "$pkg" >> BSDSUM 313 ${BSDSUM} "$pkg" >> BSDSUM
297 ${CKSUM} "$pkg" >> CKSUM 314 ${CKSUM} "$pkg" >> CKSUM
298 ${MD5} "$pkg" >> MD5 315 ${MD5} "$pkg" >> MD5
299 ${SHA1} "$pkg" >> SHA1 316 ${SHA1} "$pkg" >> SHA1
300 ${SYSVSUM} "$pkg" >> SYSVSUM 317 ${SYSVSUM} "$pkg" >> SYSVSUM
301 done 318 done
302 319
303 [ "${BSDSUM}" = "echo" ] && rm BSDSUM 320 [ "${BSDSUM}" = "echo" ] && rm BSDSUM
304 [ "${CKSUM}" = "echo" ] && rm CKSUM 321 [ "${CKSUM}" = "echo" ] && rm CKSUM
305 [ "${SYSVSUM}" = "echo" ] && rm SYSVSUM 322 [ "${SYSVSUM}" = "echo" ] && rm SYSVSUM
306 323
307 if [ "${SIGN_AS-}" != "" ]; then 324 if [ "${SIGN_AS-}" != "" ]; then
@@ -323,34 +340,54 @@ if [ "${MKSUMMARY-}" = "yes" -o "${MKSUM @@ -323,34 +340,54 @@ if [ "${MKSUMMARY-}" = "yes" -o "${MKSUM
323 && ls -t | grep '\.t[gb]z$' | while read n; do pkg_info -X "$n"; done) \ 340 && ls -t | grep '\.t[gb]z$' | while read n; do pkg_info -X "$n"; done) \
324 | ${gzip_cmd} > "${packages}"/All/pkg_summary.gz 341 | ${gzip_cmd} > "${packages}"/All/pkg_summary.gz
325fi 342fi
326 343
327cat <<EOF > "$upload_general" 344cat <<EOF > "$upload_general"
328#! /bin/sh 345#! /bin/sh
329set -e 346set -e
330cd "$packages" 347cd "$packages"
331rsync $RSFLAGS --files-from="${all_good_packages}" --exclude-from="${old_packages}" . "$RSYNC_DST/" 348rsync $RSFLAGS --files-from="${all_good_packages}" --exclude-from="${old_packages}" . "$RSYNC_DST/"
332EOF 349EOF
333chmod +x "$upload_general" 350chmod +x "$upload_general"
334 351
335if [ "$do_upload" = "yes" ]; then 352if [ "$do_upload" = "yes" ]; then
336 echo "upload> Uploading packages" 353 echo "upload> Uploading non-vulnerable packages"
337 ${shell} "$upload_general" \ 354 ${shell} "$upload_general" \
338 || { 355 || {
339 echo "upload> ERROR: rsync failed. To retry later, you can run $upload_general" 1>&2 356 echo "upload> ERROR: rsync failed. To retry later, you can run $upload_general" 1>&2
340 failed=yes 357 failed=yes
341 } 358 }
342else 359else
343 echo "upload> Skipping upload of packages." 360 echo "upload> Skipping upload of non-vulnerable packages."
344 echo " Run \"$upload_general\" to upload them later." 361 echo " Run \"$upload_general\" to upload them later."
345fi 362fi
346 363
 364cat <<EOF > "$upload_vulnerable"
 365#! /bin/sh
 366set -e
 367cd "$packages/All"
 368rsync $RSFLAGS --files-from="${vulnerable_packages}" --exclude-from="${old_packages}" . "$RSYNC_DST/All/"
 369EOF
 370chmod +x "$upload_vulnerable"
 371
 372if [ "$do_upload" = "yes" ]; then
 373 echo "upload> Uploading vulnerable packages"
 374 ${shell} "$upload_vulnerable" \
 375 || {
 376 echo "upload> ERROR: rsync failed. To retry later, you can run $upload_vulnerable" 1>&2
 377 failed=yes
 378 }
 379else
 380 echo "upload> Skipping upload of vulnerable packages."
 381 echo " Run \"$upload_vulnerable\" to upload them later."
 382fi
 383
347# clean up temp files 384# clean up temp files
348if [ "$failed,$debug,$do_upload" = "no,no,yes" ]; then 385if [ "$failed,$debug,$do_upload" = "no,no,yes" ]; then
349 rm -fr "$TMP" 386 rm -fr "$TMP"
350else 387else
351 echo "upload> Preserving temporary directory ${TMP}" 388 echo "upload> Preserving temporary directory ${TMP}"
352fi 389fi
353 390
354if [ "$failed" = "yes" ]; then 391if [ "$failed" = "yes" ]; then
355 exit 1 392 exit 1
356fi 393fi