Bug#588035: [buildd-tools-devel] Bug#588035: Bug#588035: Sbuild::AptitudeBuildDepSatisfier: Always passes Aptitude::CmdLine::Ignore-Trust-Violations=true

2010-10-26 Thread Roger Leigh 
tags 588035 + fixed-upstream pending
thanks

On Mon, Jul 05, 2010 at 05:21:29PM +0900, Ansgar Burchardt wrote:
>  · No longer pass '-o Apt::Install-Recommends=false' to aptitude.
>This option is implied by --without-recommends according to
>aptitude(8).
>(This should only be a cosmetic change.)
> 
>  · Set the value of Aptitude::CmdLine::Ignore-Trust-Violations depending
>on the $apt_allow_unauthenticated option.
> 
> The patches are against the 0.60.0 version currently in unstable.
> 
> I tested the patch with $apt_allow_unauthenticated set to both true and
> false and the correct option is passed to aptitude.

I have applied your patches to the current sbuild master branch in
our git repository, and they will be in the next release.  I did
need to alter them slightly because they would no longer apply due
to interim changes, but they should work as you intended.

http://git.debian.org/?p=buildd-tools/sbuild.git;a=commitdiff;h=7ac00d6608e54c9a7365451701ee12af73ba8303
http://git.debian.org/?p=buildd-tools/sbuild.git;a=commitdiff;h=b572872e0ef8a26c4ab174a79304323ac9118338
http://git.debian.org/?p=buildd-tools/sbuild.git;a=commitdiff;h=51d8b818c65101ec0145fb5bc53baf1c4a12aa7d

Thanks for your patience,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Bug#588035: [buildd-tools-devel] Bug#588035: Sbuild::AptitudeBuildDepSatisfier: Always passes Aptitude::CmdLine::Ignore-Trust-Violations=true

2010-07-05 Thread Ansgar Burchardt 
tags 588035 + patch
thanks

Roger Leigh  writes:

> On Sun, Jul 04, 2010 at 07:56:49PM +0900, Ansgar Burchardt wrote:
>> Sbuild::AptitudeBuildDepSatisfier always passes the option
>> Aptitude::CmdLine::Ignore-Trust-Violations=true to aptitude, allowing
>> the installation of unauthenticated packages.  I think this should
>> depend on the $apt_allow_unauthenticated option in the configuration
>> file:
>> 
>>   # Force APT to accept unauthenticated packages.
>>   # This is disabled by default: only enable it if you know what you are
>>   # doing.
>>   #$apt_allow_unauthenticated = 0;
>
> This certainly looks like we should be defaulting to what is
> set in $apt_allow_unauthenticated, unless there's some reason
> not to do that for dependency resolving?  Do you see any
> problems if you set
> Aptitude::CmdLine::Ignore-Trust-Violations=false ?

I changed the setting in the source and it works just fine.  I have
prepared two patches to

 · No longer pass '-o Apt::Install-Recommends=false' to aptitude.
   This option is implied by --without-recommends according to
   aptitude(8).
   (This should only be a cosmetic change.)

 · Set the value of Aptitude::CmdLine::Ignore-Trust-Violations depending
   on the $apt_allow_unauthenticated option.

The patches are against the 0.60.0 version currently in unstable.

I tested the patch with $apt_allow_unauthenticated set to both true and
false and the correct option is passed to aptitude.

Regards,
Ansgar
>From dfd1dd20fd4fe57357e3f03e256b59ae700958b6 Mon Sep 17 00:00:00 2001
From: Ansgar Burchardt 
Date: Mon, 5 Jul 2010 17:02:24 +0900
Subject: [PATCH 1/2] Do not pass -o Apt::Install-Recommends=false to aptitude

The option --without-recommends corresponds to the configuration options
Apt::Install-Recommends and Apt::AutoRemove::InstallRecommends.  There
is no need to pass the option explicitly.

Signed-off-by: Ansgar Burchardt 
---
 lib/Sbuild/AptitudeBuildDepSatisfier.pm |1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/lib/Sbuild/AptitudeBuildDepSatisfier.pm b/lib/Sbuild/AptitudeBuildDepSatisfier.pm
index 6dbf287..6f362b2 100644
--- a/lib/Sbuild/AptitudeBuildDepSatisfier.pm
+++ b/lib/Sbuild/AptitudeBuildDepSatisfier.pm
@@ -152,7 +152,6 @@ EOF
 	'aptitude', 
 	'-y', 
 	'--without-recommends', 
-	'-o', 'APT::Install-Recommends=false', 
 	'-o', 'Aptitude::CmdLine::Ignore-Trust-Violations=true', 
 	'-o', 'Aptitude::ProblemResolver::StepScore=100', 
 	'install',
-- 
1.7.1

>From 629b9fb435c8fce2693b49eb24a349b28b19ce41 Mon Sep 17 00:00:00 2001
From: Ansgar Burchardt 
Date: Mon, 5 Jul 2010 17:11:25 +0900
Subject: [PATCH 2/2] Do not ignore trust violations

Set the value of Aptitude::CmdLine::Ignore-Trust-Violations depending on
the $apt_allow_unauthenticated option.

Bug-Debian: http://bugs.debian.org/588035
Signed-off-by: Ansgar Burchardt 
---
 lib/Sbuild/AptitudeBuildDepSatisfier.pm |4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/lib/Sbuild/AptitudeBuildDepSatisfier.pm b/lib/Sbuild/AptitudeBuildDepSatisfier.pm
index 6f362b2..c4cec31 100644
--- a/lib/Sbuild/AptitudeBuildDepSatisfier.pm
+++ b/lib/Sbuild/AptitudeBuildDepSatisfier.pm
@@ -148,11 +148,13 @@ EOF
 
 my @non_default_deps = $self->get_non_default_deps($dep, {});
 
+my $ignore_trust_violations = $self->get_conf('APT_ALLOW_UNAUTHENTICATED') ? 'true' : 'false';
+
 my @aptitude_install_command = (
 	'aptitude', 
 	'-y', 
 	'--without-recommends', 
-	'-o', 'Aptitude::CmdLine::Ignore-Trust-Violations=true', 
+	'-o', "Aptitude::CmdLine::Ignore-Trust-Violations=$ignore_trust_violations",
 	'-o', 'Aptitude::ProblemResolver::StepScore=100', 
 	'install',
 	$dummy_pkg_name,
-- 
1.7.1

Bug#588035: [buildd-tools-devel] Bug#588035: Sbuild::AptitudeBuildDepSatisfier: Always passes Aptitude::CmdLine::Ignore-Trust-Violations=true

2010-07-04 Thread Roger Leigh 
On Sun, Jul 04, 2010 at 07:56:49PM +0900, Ansgar Burchardt wrote:
> Sbuild::AptitudeBuildDepSatisfier always passes the option
> Aptitude::CmdLine::Ignore-Trust-Violations=true to aptitude, allowing
> the installation of unauthenticated packages.  I think this should
> depend on the $apt_allow_unauthenticated option in the configuration
> file:
> 
>   # Force APT to accept unauthenticated packages.
>   # This is disabled by default: only enable it if you know what you are
>   # doing.
>   #$apt_allow_unauthenticated = 0;

This certainly looks like we should be defaulting to what is
set in $apt_allow_unauthenticated, unless there's some reason
not to do that for dependency resolving?  Do you see any
problems if you set
Aptitude::CmdLine::Ignore-Trust-Violations=false ?


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Bug#588035: Sbuild::AptitudeBuildDepSatisfier: Always passes Aptitude::CmdLine::Ignore-Trust-Violations=true

2010-07-04 Thread Ansgar Burchardt 
Package: sbuild
Version: 0.60.0-1
Severity: important

Hi,

Sbuild::AptitudeBuildDepSatisfier always passes the option
Aptitude::CmdLine::Ignore-Trust-Violations=true to aptitude, allowing
the installation of unauthenticated packages.  I think this should
depend on the $apt_allow_unauthenticated option in the configuration
file:

  # Force APT to accept unauthenticated packages.
  # This is disabled by default: only enable it if you know what you are
  # doing.
  #$apt_allow_unauthenticated = 0;

Regards,
Ansgar



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org