1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
#!/bin/sh
#
# Copyright (C) 2012-2020 Etersoft
# Copyright (C) 2012-2020 Vitaly Lipatov <lav@etersoft.ru>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
load_helper epm-sh-altlinux
load_helper epm-query
__fast_hack_for_filter_out_installed_rpm()
{
LANG=C LC_ALL=C xargs -n1 rpm -q 2>&1 | grep 'is not installed' |
sed -e 's|^.*package \(.*\) is not installed.*|\1|g'
}
# pass only uninstalled packages
filter_out_installed_packages()
{
[ -z "$skip_installed" ] && cat && return
case $PMTYPE in
yum-rpm|dnf-rpm)
if [ "$($DISTRVENDOR -a)" = "x86_64" ] && [ "$DISTRNAME" != "ROSA" ] ; then
# shellcheck disable=SC2013
for i in $(cat) ; do
is_installed "$(__print_with_arch_suffix $i .x86_64)" && continue
is_installed "$(__print_with_arch_suffix $i .noarch)" && continue
echo $i
done
else
__fast_hack_for_filter_out_installed_rpm
fi
;;
*-rpm)
__fast_hack_for_filter_out_installed_rpm
;;
# dpkg -l lists some non ii status (un, etc)
#"deb")
# LANG=C LC_ALL=C xargs -n1 dpkg -l 2>&1 | grep -i 'no packages found matching' |
# sed -e 's|\.\+$||g' -e 's|^.*[Nn]o packages found matching \(.*\)|\1|g'
# ;;
*)
# shellcheck disable=SC2013
for i in $(cat) ; do
is_installed $i || echo $i
done
;;
esac | sed -e "s|rpm-build-altlinux-compat[^ ]*||g" | filter_strip_spaces
}
get_only_installed_packages()
{
local installlist="$*"
estrlist exclude "$(echo "$installlist" | (skip_installed='yes' filter_out_installed_packages))" "$installlist"
}
__convert_pkgallowscripts_to_regexp()
{
local tmpalf=$(mktemp) || fatal
# copied from eget's filter_glob
# check man glob
# remove commentы and translate glob to regexp
grep -v "^[[:space:]]*#" "$1" | grep -v "^[[:space:]]*$" | sed -e "s|\*|.*|g" -e "s|?|.|g" -e "s|^|^|" -e "s|$|\$|" >$tmpalf
echo "$tmpalf"
}
__epm_package_ok_scripts()
{
local pkg="$1"
local alf="$CONFIGDIR/pkgallowscripts.list"
[ -s "$alf" ] || return 1
local name
name="$(epm print field Name for "$pkg" 2>/dev/null)"
[ -n "$name" ] || return 1
local tmpalf=$(__convert_pkgallowscripts_to_regexp "$alf")
echo "$name" | grep -q -f $tmpalf
local res=$?
rm $tmpalf
return $res
}
__epm_vendor_ok_scripts()
{
local vendor="$1"
local alf="$CONFIGDIR/vendorallowscripts.list"
[ -s "$alf" ] || return 1
[ -n "$vendor" ] || return 1
local tmpalf=$(__convert_pkgallowscripts_to_regexp "$alf")
echo "$vendor" | grep -q -f $tmpalf
local res=$?
rm $tmpalf
return $res
}
# Args: package names. Set noscripts for outside packages.
__epm_check_vendor()
{
# don't check vendor if there are forced script options
[ -n "$scripts$noscripts" ] && return
# only ALT
[ "$BASEDISTRNAME" = "alt" ] || return
local i
for i in $* ; do
local vendor rpmversion
# skip checking if the package is unaccessible
rpmversion="$(epm print field Version for "$i" 2>/dev/null)"
[ -n "$rpmversion" ] || continue
vendor="$(epm print field Vendor for "$i" 2>/dev/null)"
# TODO: check GPG
# check separately to be quiet
[ "$vendor" = "ALT Linux Team" ] && continue
if __epm_vendor_ok_scripts "$vendor" ; then
warning "Scripts are ENABLED for package $i from outside vendor '$vendor' (this vendor is listed in $CONFIGDIR/vendorallowscripts.list). Use --noscripts if you need disable scripts in such packages."
continue
fi
if __epm_package_ok_scripts "$i" ; then
warning "Scripts are ENABLED for package $i from outside vendor '$vendor' (the package is listed in $CONFIGDIR/pkgallowscripts.list). Use --noscripts if you need disable scripts in such packages."
continue
fi
warning "Scripts are DISABLED for package $i from outside vendor '$vendor'. Use --scripts if you need run scripts from such packages."
noscripts="--noscripts"
done
}