GitLab

Implementing basic dependency handling, install_if and awareness
of pinning.

fixes #1476

Instead of:
ERROR: Index generation failed: Success

The following is now printed:
ERROR: Metadata for package timo-1.0-r0 is too long.
ERROR: Index generation failed: No buffer space available

make cache a special kind of repository, and automatically cache
special packages (virtual packages, or ones installed from command
line). add test cases for handling virtual packages. fixes #1617.

fixes #1578

fixes #1714

fchmodat does not support this flag - symlinks do not have permissions.

Sysadmin probably does not expect us to not follow symlinks either:
if /var -> /mnt/foo/var, we should be making sure the permissions
and ownership is correct on the target directory, not on the symlink.

Since fchmodat never returned ENOENT with AT_SYMLINK_NOFOLLOW, this
also fixes directory re-creation if it does not exist. fixes #1348.

If a directory has protection mask, but does not exist in db, we
do not handle it right unless we calculate the protection mask by
hand, or create temporary db dir entry for it. For simplicity create
always the db dir entry -- depending on audit type we likely need
to create it anyway. This commit also caches the db dir entry in the
audit tree context to avoid duplicate lookups. ref #1241.

Fixes --recurse during audit.

implementation is still not near finished, but now at least it
can handle it to a minimum degree. many cases are not done right
yet, though. ref #574.

in preparation for provides support. implements also some
dependency satisfaction helper routines.

ref #574.

Will use 'p' for provides.

This we use proper arch in case modifying chroot installation.

fixes #607.

audit is now mostly rewritten for the new functionality. And
has new features like --check-permissions, --recursive and
--packages.

$ROOT/etc/apk/protected_files.d/*.list can now contain additional
protected paths, one path per line:

+etc
@etc/init.d
-tmp

+ will include the directory as protected configuration directory.
@ considers the directory protected, but will backup only symlinks.
- removes any protection

lbu should be modified to put include and exclude paths in
etc/apk/protected_files.d/lbu.list. Additionally, some packages
might provide their own listings.

E.g. ssh might want to provide ssh.list with something like:
+root/.ssh
+home/*/.ssh

Load additional repositories from $ROOT/etc/apk/repositories.d/*.list
unless --repositories-file is given as parameter.

Just in case same repository is mentioned with different tags.

It is faster to just scan the cache directory for existing packages
at startup than trying to faccessat() them on demand. It also makes
quite a few parts of the code more readable and simpler.

* solver internally calculates now using tags; not repository masks
* installeddb now contains the tag name where the package came from
  -> we can now handle upgrades properly
* the pinning is still a preference, and not strictly enforced;
  versioned dependencies may overrule preference

And implement --directory-permissions for fix-applet to reset all
directory uid, gid and modes.

Only show a warning if we have a non-existing repository or bad
repository signature but don't abort.

This is not to break compat with behaviour in previous releases.

The 'r' variable is overwritten and no longer holds the repository
number.

Also clean up handling of signature failures for index files.

 * upgrade needs explicit check so we don't try self-upgrade
   (which would print additional messages on screen)
 * add can fix problems, so check against the new world
 * merge the code in few places

 * default writing the world with spaces if a space is found
   (for backwards compatibility) for now

call apk_pkg_install() and hlist_tail_ptr() only once. the latter
is O(n) and can get very slow.

Improves /etc/apk/repositories format so you can say:
http://nl.alpinelinux.org/alpine/v2.3/main
@edge http://nl.alpinelinux.org/alpine/edge/main
@testing http://nl.alpinelinux.org/alpine/edge/testing

After which you can pin dependencies to these tags using:
 apk add stableapp newapp@edge bleedingapp@testing

Apk will now by default only use the untagged repositories,
but adding a tag to specific dependency:
 1. will prefer that tag for the name
 2. allowing pulling in dependencies from that tag (though,
    it prefers untagged packages to satisfy deps if possible)

fixes #575