#!/bin/sh
#
# Copyright (C) 2012-2020 Etersoft
# Copyright (C) 2012-2020 Vitaly Lipatov <lav@etersoft.ru>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
load_helper epm-sh-altlinux
load_helper epm-query
__fast_hack_for_filter_out_installed_rpm()
{
LANG=C LC_ALL=C xargs -n1 rpm -q 2>&1 | grep 'is not installed' |
sed -e 's|^.*package \(.*\) is not installed.*|\1|g'
}
# pass only uninstalled packages
filter_out_installed_packages()
{
[ -z "$skip_installed" ] && cat && return
case $PMTYPE in
yum-rpm|dnf-rpm)
if [ "$($DISTRVENDOR -a)" = "x86_64" ] && [ "$DISTRNAME" != "ROSA" ] ; then
# shellcheck disable=SC2013
for i in $(cat) ; do
is_installed "$(__print_with_arch_suffix $i .x86_64)" && continue
is_installed "$(__print_with_arch_suffix $i .noarch)" && continue
echo $i
done
else
__fast_hack_for_filter_out_installed_rpm
fi
;;
*-rpm)
__fast_hack_for_filter_out_installed_rpm
;;
# dpkg -l lists some non ii status (un, etc)
#"deb")
# LANG=C LC_ALL=C xargs -n1 dpkg -l 2>&1 | grep -i 'no packages found matching' |
# sed -e 's|\.\+$||g' -e 's|^.*[Nn]o packages found matching \(.*\)|\1|g'
# ;;
*)
# shellcheck disable=SC2013
for i in $(cat) ; do
is_installed $i || echo $i
done
;;
esac | sed -e "s|rpm-build-altlinux-compat[^ ]*||g" | filter_strip_spaces
}
get_only_installed_packages()
{
local installlist="$*"
estrlist exclude "$(echo "$installlist" | (skip_installed='yes' filter_out_installed_packages))" "$installlist"
}
__convert_pkgallowscripts_to_regexp()
{
local tmpalf=$(mktemp) || fatal
# copied from eget's filter_glob
# check man glob
# remove commentы and translate glob to regexp
grep -v "^[[:space:]]*#" "$1" | grep -v "^[[:space:]]*$" | sed -e "s|\*|.*|g" -e "s|?|.|g" -e "s|^|^|" -e "s|$|\$|" >$tmpalf
echo "$tmpalf"
}
__epm_package_ok_scripts()
{
local pkg="$1"
local alf="$CONFIGDIR/pkgallowscripts.list"
[ -s "$alf" ] || return 1
local name
name="$(epm print field Name for "$pkg" 2>/dev/null)"
[ -n "$name" ] || return 1
local tmpalf=$(__convert_pkgallowscripts_to_regexp "$alf")
echo "$name" | grep -q -f $tmpalf
local res=$?
rm $tmpalf
return $res
}
__epm_vendor_ok_scripts()
{
local vendor="$1"
local alf="$CONFIGDIR/vendorallowscripts.list"
[ -s "$alf" ] || return 1
[ -n "$vendor" ] || return 1
local tmpalf=$(__convert_pkgallowscripts_to_regexp "$alf")
echo "$vendor" | grep -q -f $tmpalf
local res=$?
rm $tmpalf
return $res
}
# Args: package names. Set noscripts for outside packages.
__epm_check_vendor()
{
# don't check vendor if there are forced script options
[ -n "$scripts$noscripts" ] && return
# only ALT
[ "$BASEDISTRNAME" = "alt" ] || return
local i
for i in $* ; do
local vendor rpmversion
# skip checking if the package is unaccessible
rpmversion="$(epm print field Version for "$i" 2>/dev/null)"
[ -n "$rpmversion" ] || continue
vendor="$(epm print field Vendor for "$i" 2>/dev/null)"
# TODO: check GPG
# check separately to be quiet
[ "$vendor" = "ALT Linux Team" ] && continue
if __epm_vendor_ok_scripts "$vendor" ; then
warning "Scripts are ENABLED for package $i from outside vendor '$vendor' (this vendor is listed in $CONFIGDIR/vendorallowscripts.list). Use --noscripts if you need disable scripts in such packages."
continue
fi
if __epm_package_ok_scripts "$i" ; then
warning "Scripts are ENABLED for package $i from outside vendor '$vendor' (the package is listed in $CONFIGDIR/pkgallowscripts.list). Use --noscripts if you need disable scripts in such packages."
continue
fi
warning "Scripts are DISABLED for package $i from outside vendor '$vendor'. Use --scripts if you need run scripts from such packages."
noscripts="--noscripts"
done
}