X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=daklib%2Fqueue.py;h=1fcfeaaf2e172e2761ddb06726245229c8ab4214;hb=f8a0c616c5fb38451273419a53380c42522ab9d0;hp=40960b9040e297cd2c10953e5015389ba297caa4;hpb=b0fa2768edc3523b7e6a081252a622c4121112d8;p=dak.git diff --git a/daklib/queue.py b/daklib/queue.py index 40960b90..1fcfeaaf 100755 --- a/daklib/queue.py +++ b/daklib/queue.py @@ -1,4 +1,5 @@ #!/usr/bin/env python +# vim:set et sw=4: # Queue utility functions for dak # Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006 James Troup @@ -217,12 +218,21 @@ class Upload: dump_filename = os.path.join(dest_dir,self.pkg.changes_file[:-8] + ".dak") dump_file = utils.open_file(dump_filename, 'w') try: - os.chmod(dump_filename, 0660) + os.chmod(dump_filename, 0664) except OSError, e: + # chmod may fail when the dumpfile is not owned by the user + # invoking dak (like e.g. when NEW is processed by a member + # of ftpteam) if errno.errorcode[e.errno] == 'EPERM': perms = stat.S_IMODE(os.stat(dump_filename)[stat.ST_MODE]) - if perms & stat.S_IROTH: - utils.fubar("%s is world readable and chmod failed." % (dump_filename)) + # security precaution, should never happen unless a weird + # umask is set anywhere + if perms & stat.S_IWOTH: + utils.fubar("%s is world writable and chmod failed." % \ + (dump_filename,)) + # ignore the failed chmod otherwise as the file should + # already have the right privileges and is just, at worst, + # unreadable for world else: raise @@ -839,22 +849,23 @@ distribution.""" ################################################################################ - def cross_suite_version_check(self, query_result, file, new_version): + def cross_suite_version_check(self, query_result, file, new_version, + sourceful=False): """Ensure versions are newer than existing packages in target suites and that cross-suite version checking rules as set out in the conf file are satisfied.""" # Check versions for each target suite for target_suite in self.pkg.changes["distribution"].keys(): - must_be_newer_than = [ i.lower for i in self.Cnf.ValueList("Suite::%s::VersionChecks::MustBeNewerThan" % (target_suite)) ] - must_be_older_than = [ i.lower for i in self.Cnf.ValueList("Suite::%s::VersionChecks::MustBeOlderThan" % (target_suite)) ] + must_be_newer_than = [ i.lower() for i in self.Cnf.ValueList("Suite::%s::VersionChecks::MustBeNewerThan" % (target_suite)) ] + must_be_older_than = [ i.lower() for i in self.Cnf.ValueList("Suite::%s::VersionChecks::MustBeOlderThan" % (target_suite)) ] # Enforce "must be newer than target suite" even if conffile omits it if target_suite not in must_be_newer_than: must_be_newer_than.append(target_suite) for entry in query_result: existent_version = entry[0] suite = entry[1] - if suite in must_be_newer_than and \ + if suite in must_be_newer_than and sourceful and \ apt_pkg.VersionCompare(new_version, existent_version) < 1: self.reject("%s: old version (%s) in %s >= new version (%s) targeted at %s." % (file, existent_version, suite, new_version, target_suite)) if suite in must_be_older_than and \ @@ -916,7 +927,8 @@ SELECT b.version, su.suite_name FROM binaries b, bin_associations ba, suite su, AND ba.bin = b.id AND ba.suite = su.id AND b.architecture = a.id""" % (files[file]["package"], files[file]["architecture"])) - self.cross_suite_version_check(q.getresult(), file, files[file]["version"]) + self.cross_suite_version_check(q.getresult(), file, + files[file]["version"], sourceful=False) # Check for any existing copies of the file q = self.projectB.query(""" @@ -941,7 +953,8 @@ SELECT b.id FROM binaries b, architecture a q = self.projectB.query(""" SELECT s.version, su.suite_name FROM source s, src_associations sa, suite su WHERE s.source = '%s' AND sa.source = s.id AND sa.suite = su.id""" % (dsc.get("source"))) - self.cross_suite_version_check(q.getresult(), file, dsc.get("version")) + self.cross_suite_version_check(q.getresult(), file, dsc.get("version"), + sourceful=True) return self.reject_message