1. 17 Jul, 2019 8 commits
  2. 08 Jul, 2019 1 commit
  3. 20 Jun, 2019 1 commit
    • Max Rees's avatar
      abuild-sudo: don't allow --keys-dir · 297de93a
      Max Rees authored
      Not allowing --allow-untrusted is obviously a good idea, but it can be
      trivially bypassed if --keys-dir is allowed:
      
      $ abuild-apk add foo-1-r0.apk
      ERROR: foo-1-r0.apk: UNTRUSTED signature
      $ abuild-apk --allow-untrusted add foo-1-r0.apk
      abuild-apk: --allow-untrusted: not allowed option
      $ cp -rp /etc/apk/keys /tmp/keys
      $ cp untrusted.pub /tmp/keys
      $ abuild-apk --keys-dir /tmp/keys add foo-1-r0.apk
      (1/1) Installing foo (1-r0)
      OK: 4319 MiB in 806 packages
      
      If both --allow-untrusted and --keys-dir are not allowed, then it should
      no longer be possible for an unprivileged member of the abuild group to
      add an untrusted package.
      
      $ abuild-apk --keys-dir /tmp/keys add foo-1-r0.apk
      abuild-apk: --keys-dir: not allowed option
      297de93a
  4. 14 Jun, 2019 1 commit
  5. 12 Jun, 2019 9 commits
  6. 03 May, 2019 2 commits
  7. 30 Apr, 2019 4 commits
  8. 29 Apr, 2019 13 commits
  9. 25 Apr, 2019 1 commit
    • Natanael Copa's avatar
      Revert "abuild: unset depends for subpackages" · c0dc7ace
      Natanael Copa authored
      Apparently there are many packages that does soemthing like:
      
      subpackages="$pkgname-foo:_foo"
      
      _foo() {
      	depends="$depends something-else"
      }
      
      and thus depend on the previous behavior. We need to revert and plan
      this better.
      
      This reverts commit 8fbbffd2.
      c0dc7ace