X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=daklib%2Farchive.py;h=dd4a22ca3c376a6a890ad344e87823e13ea108ac;hb=a4e40115e7b82033b5fcbf9482b95811bc823eec;hp=a55bfaba6f17aace3da4bb745691e96c937ff58c;hpb=c9035a5de77db26ff734e89107deddf19d8da1f8;p=dak.git diff --git a/daklib/archive.py b/daklib/archive.py index a55bfaba..dd4a22ca 100644 --- a/daklib/archive.py +++ b/daklib/archive.py @@ -595,9 +595,24 @@ class ArchiveUpload(object): @type: bool """ + self._checked = False + """checks passes. set by C{check} + @type: bool + """ + self._new_queue = self.session.query(PolicyQueue).filter_by(queue_name='new').one() self._new = self._new_queue.suite + def warn(self, message): + """add a warning message + + Adds a warning message that can later be seen in C{self.warnings} + + @type message: string + @param message: warning message + """ + self.warnings.append(message) + def prepare(self): """prepare upload for further processing @@ -618,11 +633,12 @@ class ArchiveUpload(object): cnf = Config() session = self.transaction.session - self.directory = tempfile.mkdtemp(dir=cnf.get('Dir::TempPath')) + self.directory = utils.temp_dirname(parent=cnf.get('Dir::TempPath'), + mode=0o2750, group=cnf.unprivgroup) with FilesystemTransaction() as fs: src = os.path.join(self.original_directory, self.original_changes.filename) dst = os.path.join(self.directory, self.original_changes.filename) - fs.copy(src, dst) + fs.copy(src, dst, mode=0o640) self.changes = upload.Changes(self.directory, self.original_changes.filename, self.keyrings) @@ -631,7 +647,7 @@ class ArchiveUpload(object): dst = os.path.join(self.directory, f.filename) if not os.path.exists(src): continue - fs.copy(src, dst) + fs.copy(src, dst, mode=0o640) source = self.changes.source if source is not None: @@ -683,7 +699,7 @@ class ArchiveUpload(object): if src == suite_name: suite_name = dst if rtype != "silent-map": - self.warnings.append('Mapping {0} to {0}.'.format(src, dst)) + self.warnings.append('Mapping {0} to {1}.'.format(src, dst)) elif rtype == "ignore": ignored = fields[1] if suite_name == ignored: @@ -724,17 +740,20 @@ class ArchiveUpload(object): @return: C{True} if the upload is NEW, C{False} otherwise """ session = self.session + new = False # Check for missing overrides for b in self.changes.binaries: override = self._binary_override(suite, b) if override is None: - return True + self.warnings.append('binary:{0} is NEW.'.format(b.control['Package'])) + new = True if self.changes.source is not None: override = self._source_override(suite, self.changes.source) if override is None: - return True + self.warnings.append('source:{0} is NEW.'.format(self.changes.source.control['Source'])) + new = True # Check if we reference a file only in a tainted archive files = self.changes.files.values() @@ -748,7 +767,10 @@ class ArchiveUpload(object): in_untainted_archive = (query_untainted.first() is not None) if in_archive and not in_untainted_archive: - return True + self.warnings.append('{0} is only available in NEW.'.format(f.filename)) + new = True + + return new def _final_suites(self): session = self.session @@ -850,28 +872,36 @@ class ArchiveUpload(object): assert self.changes.valid_signature try: + # Validate signatures and hashes before we do any real work: for chk in ( checks.SignatureCheck, checks.ChangesCheck, - checks.TransitionCheck, - checks.UploadBlockCheck, checks.HashesCheck, + checks.ExternalHashesCheck, checks.SourceCheck, checks.BinaryCheck, checks.BinaryTimestampCheck, - checks.ACLCheck, checks.SingleDistributionCheck, - checks.NoSourceOnlyCheck, - checks.LintianCheck, ): chk().check(self) final_suites = self._final_suites() if len(final_suites) == 0: - self.reject_reasons.append('Ended with no suite to install to.') + self.reject_reasons.append('No target suite found. Please check your target distribution and that you uploaded to the right archive.') return False + self.final_suites = final_suites + for chk in ( + checks.TransitionCheck, + checks.ACLCheck, + checks.NoSourceOnlyCheck, + checks.LintianCheck, + ): + chk().check(self) + + for chk in ( + checks.ACLCheck, checks.SourceFormatCheck, checks.SuiteArchitectureCheck, checks.VersionCheck, @@ -882,7 +912,7 @@ class ArchiveUpload(object): if len(self.reject_reasons) != 0: return False - self.final_suites = final_suites + self._checked = True return True except checks.Reject as e: self.reject_reasons.append(unicode(e)) @@ -936,7 +966,7 @@ class ArchiveUpload(object): if suite.copychanges: src = os.path.join(self.directory, self.changes.filename) dst = os.path.join(suite.archive.path, 'dists', suite.suite_name, self.changes.filename) - self.transaction.fs.copy(src, dst) + self.transaction.fs.copy(src, dst, mode=suite.archive.mode) return (db_source, db_binaries) @@ -984,7 +1014,7 @@ class ArchiveUpload(object): self.transaction.session.flush() dst = os.path.join(policy_queue.path, self.changes.filename) - self.transaction.fs.copy(self.changes.path, dst) + self.transaction.fs.copy(self.changes.path, dst, mode=policy_queue.change_perms) return u @@ -999,6 +1029,7 @@ class ArchiveUpload(object): assert len(self.reject_reasons) == 0 assert self.changes.valid_signature assert self.final_suites is not None + assert self._checked byhand = self.changes.byhand_files if len(byhand) == 0: @@ -1029,7 +1060,7 @@ class ArchiveUpload(object): remaining.append(f) continue - if rule['Source'] != control['Source'] or rule['Section'] != f.section or rule['Extension'] != ext: + if rule['Source'] != self.changes.source_name or rule['Section'] != f.section or rule['Extension'] != ext: remaining.append(f) continue @@ -1060,7 +1091,7 @@ class ArchiveUpload(object): src = os.path.join(self.directory, hashed_file.filename) dst = os.path.join(policy_queue.path, hashed_file.filename) - fs.copy(src, dst) + fs.copy(src, dst, mode=policy_queue.change_perms) return byhand_file @@ -1090,7 +1121,7 @@ class ArchiveUpload(object): for binary in self.changes.binaries: control = binary.control source_package, source_version = binary.source - line = " ".join([control['Package'], control['Version'], source_package, source_version]) + line = " ".join([control['Package'], control['Version'], control['Architecture'], source_package, source_version]) print >>debinfo, line debinfo.close() @@ -1110,6 +1141,7 @@ class ArchiveUpload(object): assert len(self.reject_reasons) == 0 assert self.changes.valid_signature assert self.final_suites is not None + assert self._checked assert not self.new db_changes = self._install_changes() @@ -1125,7 +1157,14 @@ class ArchiveUpload(object): if policy_queue is not None: redirected_suite = policy_queue.suite - source_suites = self.session.query(Suite).filter(Suite.suite_id.in_([suite.suite_id, redirected_suite.suite_id])).subquery() + # source can be in the suite we install to or any suite we enhance + source_suite_ids = set([suite.suite_id, redirected_suite.suite_id]) + for enhanced_suite_id, in self.session.query(VersionCheck.reference_id) \ + .filter(VersionCheck.suite_id.in_(source_suite_ids)) \ + .filter(VersionCheck.check == 'Enhances'): + source_suite_ids.add(enhanced_suite_id) + + source_suites = self.session.query(Suite).filter(Suite.suite_id.in_(source_suite_ids)).subquery() source_component_func = lambda source: self._source_override(overridesuite, source).component binary_component_func = lambda binary: self._binary_component(overridesuite, binary) @@ -1159,16 +1198,22 @@ class ArchiveUpload(object): binaries = self.changes.binaries byhand = self.changes.byhand_files - new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='new').one() - if len(byhand) > 0: - new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='byhand').one() - new_suite = new_queue.suite - # we need a suite to guess components suites = list(self.final_suites) assert len(suites) == 1, "NEW uploads must be to a single suite" suite = suites[0] + # decide which NEW queue to use + if suite.new_queue is None: + new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='new').one() + else: + new_queue = suite.new_queue + if len(byhand) > 0: + # There is only one global BYHAND queue + new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='byhand').one() + new_suite = new_queue.suite + + def binary_component_func(binary): return self._binary_component(suite, binary, only_overrides=False)