X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=daklib%2Farchive.py;h=c2cc8392777ce9750e501b6a6e01bb308f301f4a;hb=31de75724c3cf43d635c55cd18953329a87032b1;hp=a55bfaba6f17aace3da4bb745691e96c937ff58c;hpb=fb5b24b09968fc7351f2dc307b8cdc76463bbb0a;p=dak.git diff --git a/daklib/archive.py b/daklib/archive.py index a55bfaba..c2cc8392 100644 --- a/daklib/archive.py +++ b/daklib/archive.py @@ -595,9 +595,24 @@ class ArchiveUpload(object): @type: bool """ + self._checked = False + """checks passes. set by C{check} + @type: bool + """ + self._new_queue = self.session.query(PolicyQueue).filter_by(queue_name='new').one() self._new = self._new_queue.suite + def warn(self, message): + """add a warning message + + Adds a warning message that can later be seen in C{self.warnings} + + @type message: string + @param message: warning message + """ + self.warnings.append(message) + def prepare(self): """prepare upload for further processing @@ -618,11 +633,12 @@ class ArchiveUpload(object): cnf = Config() session = self.transaction.session - self.directory = tempfile.mkdtemp(dir=cnf.get('Dir::TempPath')) + self.directory = utils.temp_dirname(parent=cnf.get('Dir::TempPath'), + mode=0o2750, group=cnf.unprivgroup) with FilesystemTransaction() as fs: src = os.path.join(self.original_directory, self.original_changes.filename) dst = os.path.join(self.directory, self.original_changes.filename) - fs.copy(src, dst) + fs.copy(src, dst, mode=0o640) self.changes = upload.Changes(self.directory, self.original_changes.filename, self.keyrings) @@ -631,7 +647,7 @@ class ArchiveUpload(object): dst = os.path.join(self.directory, f.filename) if not os.path.exists(src): continue - fs.copy(src, dst) + fs.copy(src, dst, mode=0o640) source = self.changes.source if source is not None: @@ -850,28 +866,36 @@ class ArchiveUpload(object): assert self.changes.valid_signature try: + # Validate signatures and hashes before we do any real work: for chk in ( checks.SignatureCheck, checks.ChangesCheck, - checks.TransitionCheck, - checks.UploadBlockCheck, checks.HashesCheck, + checks.ExternalHashesCheck, checks.SourceCheck, checks.BinaryCheck, checks.BinaryTimestampCheck, - checks.ACLCheck, checks.SingleDistributionCheck, - checks.NoSourceOnlyCheck, - checks.LintianCheck, ): chk().check(self) final_suites = self._final_suites() if len(final_suites) == 0: - self.reject_reasons.append('Ended with no suite to install to.') + self.reject_reasons.append('No target suite found. Please check your target distribution and that you uploaded to the right archive.') return False + self.final_suites = final_suites + for chk in ( + checks.TransitionCheck, + checks.ACLCheck, + checks.NoSourceOnlyCheck, + checks.LintianCheck, + ): + chk().check(self) + + for chk in ( + checks.ACLCheck, checks.SourceFormatCheck, checks.SuiteArchitectureCheck, checks.VersionCheck, @@ -882,7 +906,7 @@ class ArchiveUpload(object): if len(self.reject_reasons) != 0: return False - self.final_suites = final_suites + self._checked = True return True except checks.Reject as e: self.reject_reasons.append(unicode(e)) @@ -936,7 +960,7 @@ class ArchiveUpload(object): if suite.copychanges: src = os.path.join(self.directory, self.changes.filename) dst = os.path.join(suite.archive.path, 'dists', suite.suite_name, self.changes.filename) - self.transaction.fs.copy(src, dst) + self.transaction.fs.copy(src, dst, mode=suite.archive.mode) return (db_source, db_binaries) @@ -984,7 +1008,7 @@ class ArchiveUpload(object): self.transaction.session.flush() dst = os.path.join(policy_queue.path, self.changes.filename) - self.transaction.fs.copy(self.changes.path, dst) + self.transaction.fs.copy(self.changes.path, dst, mode=policy_queue.change_perms) return u @@ -999,6 +1023,7 @@ class ArchiveUpload(object): assert len(self.reject_reasons) == 0 assert self.changes.valid_signature assert self.final_suites is not None + assert self._checked byhand = self.changes.byhand_files if len(byhand) == 0: @@ -1060,7 +1085,7 @@ class ArchiveUpload(object): src = os.path.join(self.directory, hashed_file.filename) dst = os.path.join(policy_queue.path, hashed_file.filename) - fs.copy(src, dst) + fs.copy(src, dst, mode=policy_queue.change_perms) return byhand_file @@ -1090,7 +1115,7 @@ class ArchiveUpload(object): for binary in self.changes.binaries: control = binary.control source_package, source_version = binary.source - line = " ".join([control['Package'], control['Version'], source_package, source_version]) + line = " ".join([control['Package'], control['Version'], control['Architecture'], source_package, source_version]) print >>debinfo, line debinfo.close() @@ -1110,6 +1135,7 @@ class ArchiveUpload(object): assert len(self.reject_reasons) == 0 assert self.changes.valid_signature assert self.final_suites is not None + assert self._checked assert not self.new db_changes = self._install_changes() @@ -1159,16 +1185,22 @@ class ArchiveUpload(object): binaries = self.changes.binaries byhand = self.changes.byhand_files - new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='new').one() - if len(byhand) > 0: - new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='byhand').one() - new_suite = new_queue.suite - # we need a suite to guess components suites = list(self.final_suites) assert len(suites) == 1, "NEW uploads must be to a single suite" suite = suites[0] + # decide which NEW queue to use + if suite.new_queue is None: + new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='new').one() + else: + new_queue = suite.new_queue + if len(byhand) > 0: + # There is only one global BYHAND queue + new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='byhand').one() + new_suite = new_queue.suite + + def binary_component_func(binary): return self._binary_component(suite, binary, only_overrides=False)