By passing a NUL-separated filelist, this also fixes a bug where files
that look like bsdtar options in the package root could break the
package ("-C" was particularly troublesome because bsdtar interprets it
as an option anywhere in the file list, even following "--").Signed-off-by: Andrew Gregory <[email protected]> --- v2: replace LANG=C with LC_ALL=C for sorting. scripts/makepkg.sh.in | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 20004516..37adff1d 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -686,6 +686,15 @@ write_buildinfo() { write_kv_pair "installed" "${pkglist[@]}" } +# build a sorted NUL-separated list of the full contents of the current +# directory suitable for passing to `bsdtar --files-from` +# database files are placed at the beginning of the package regardless of +# sorting +list_package_files() { + (find . -path './.*' \! -name '.'; find . \! -path './.*' \! -name '.' | LC_ALL=C sort) | + sed -e 's|^\./||' | tr '\n' '\0' +} + create_package() { (( NOARCHIVE )) && return @@ -702,8 +711,6 @@ create_package() { write_pkginfo > .PKGINFO write_buildinfo > .BUILDINFO - local comp_files=('.PKGINFO' '.BUILDINFO') - # check for changelog/install files for i in 'changelog/.CHANGELOG' 'install/.INSTALL'; do IFS='/' read -r orig dest < <(printf '%s\n' "$i") @@ -715,7 +722,6 @@ create_package() { exit 1 fi chmod 644 "$dest" - comp_files+=("$dest") fi done @@ -727,15 +733,10 @@ create_package() { [[ -f $pkg_file ]] && rm -f "$pkg_file" [[ -f $pkg_file.sig ]] && rm -f "$pkg_file.sig" - # when fileglobbing, we want * in an empty directory to expand to - # the null string rather than itself - shopt -s nullglob - msg2 "$(gettext "Generating .MTREE file...")" - LANG=C bsdtar -czf .MTREE --format=mtree \ + list_package_files | LANG=C bsdtar -cnzf .MTREE --format=mtree \ --options='!all,use-set,type,uid,gid,mode,time,size,md5,sha256,link' \ - "${comp_files[@]}" * - comp_files+=(".MTREE") + --null --files-from - --exclude .MTREE msg2 "$(gettext "Compressing package...")" # TODO: Maybe this can be set globally for robustness @@ -743,7 +744,7 @@ create_package() { # bsdtar's gzip compression always saves the time stamp, making one # archive created using the same command line distinct from another. # Disable bsdtar compression and use gzip -n for now. - LANG=C bsdtar -cf - "${comp_files[@]}" * | + list_package_files | LANG=C bsdtar -cnf - --null --files-from - | case "$PKGEXT" in *tar.gz) ${COMPRESSGZ[@]:-gzip -c -f -n} ;; *tar.bz2) ${COMPRESSBZ2[@]:-bzip2 -c -f} ;; @@ -756,7 +757,6 @@ create_package() { "$PKGEXT"; cat ;; esac > "${pkg_file}" || ret=$? - shopt -u nullglob shopt -u -o pipefail if (( ret )); then -- 2.11.0
