wok-current view cookutils/stuff/pkgdb-absolute.patch @ rev 25692

Up gnutls CVE-2024-28834, CVE-2024-28835, Up python3 CVE-2023-52425, CVE-2024-0450, CVE-2023-6597
author Stanislas Leduc <shann@slitaz.org>
date Fri Mar 22 16:28:42 2024 +0000 (8 months ago)
parents
children
line source
1 Using the absolute paths is safer than using the relative ones,
2 or using no paths at all.
4 --- a/modules/pkgdb
5 +++ b/modules/pkgdb
6 @@ -50,8 +50,8 @@
7 { _ 'Cook pkgdb started: %s' "$(date "$(_ '+%%F %%R')")"; newline; } | dblog
9 cd $PKGS
10 -rm -f packages.* extra.list
11 -touch packages.equiv
12 +rm -f $PKGS/packages.* $PKGS/extra.list
13 +touch $PKGS/packages.equiv
15 _n 'Creating file "%s"' 'packages.list' | dblog
16 ls -1 *.tazpkg | sed s'/.tazpkg//' > $PKGS/packages.list
17 @@ -62,16 +62,16 @@
18 echo " ($(filesize $PKGS/packages.md5))" | dblog
19 cp $PKGS/packages.md5 $PKGS/packages.toremove # list of unnecessary packages
21 -md5sum packages.md5 | cut -d' ' -f1 > ID
22 -( cat ./ID | tr $'\n' ' '; date -ur ./ID +%s ) > IDs # md5 and timestamp
23 +md5sum $PKGS/packages.md5 | cut -d' ' -f1 > $PKGS/ID
24 +( cat $PKGS/ID | tr $'\n' ' '; date -ur $PKGS/ID +%s ) > $PKGS/IDs # md5 and timestamp
26 _n 'Creating file "%s"' 'descriptions.txt' | dblog
27 rm $PKGS/descriptions.txt 2>/dev/null
28 for i in $(ls $WOK | sort); do
29 if [ -e "$WOK/$i/description.txt" ]; then
30 - echo "$i" >> descriptions.txt
31 - cat "$WOK/$i/description.txt" | sed 's|^$| |' >> descriptions.txt
32 - echo >> descriptions.txt
33 + echo "$i" >> $PKGS/descriptions.txt
34 + cat "$WOK/$i/description.txt" | sed 's|^$| |' >> $PKGS/descriptions.txt
35 + echo >> $PKGS/descriptions.txt
36 fi
37 done
38 echo " ($(filesize $PKGS/descriptions.txt))" | dblog
39 @@ -81,9 +81,9 @@
40 cd $WOK
41 for pkg in *; do
42 unset_receipt
43 - . $pkg/receipt
44 + . $WOK/$pkg/receipt
45 # PACKED_SIZE and UNPACKED_SIZE are only in built receipt
46 - [ -s $pkg/taz/*/receipt ] && . $pkg/taz/*/receipt
47 + [ -s $WOK/$pkg/taz/*/receipt ] && . $WOK/$pkg/taz/*/receipt
49 if [ -f "$PKGS/$PACKAGE-$VERSION$EXTRAVERSION.tazpkg" ] || \
50 [ -f "$PKGS/$PACKAGE-$VERSION$EXTRAVERSION-$ARCH.tazpkg" ]; then
51 @@ -125,7 +125,7 @@
52 done
54 # files.list provides a list of all packages files.
55 - cat $pkg/taz/*/files.list | sed s/^/"$pkg: \0"/ >> \
56 + cat $WOK/$pkg/taz/*/files.list | sed s/^/"$pkg: \0"/ >> \
57 $PKGS/files.list
59 # list of unnecessary packages
60 @@ -167,38 +167,38 @@
62 # files.list.lzma
63 _n 'Creating file "%s"' 'files.list.lzma' | dblog
64 -touch files.list
65 +touch $PKGS/files.list
66 # pkgs.slitaz.org strongly depends on list sorted by packages names
67 -lzma e files.list files.list.lzma
68 +lzma e $PKGS/files.list $PKGS/files.list.lzma
69 echo " ($(filesize $PKGS/files.list.lzma))" | dblog
71 # Pre-sorting filenames causes 10% smaller resulting lzma file
72 _n 'Creating file "%s"' 'files-list.lzma' | dblog
73 -cat files.list | sort -k2 -o files.list.sorted
74 -lzma e files.list.sorted files-list.lzma
75 -rm -f files.list files.list.sorted
76 +cat $PKGS/files.list | sort -k2 -o $PKGS/files.list.sorted
77 +lzma e $PKGS/files.list.sorted $PKGS/files-list.lzma
78 +rm -f $PKGS/files.list $PKGS/files.list.sorted
79 echo " ($(filesize $PKGS/files-list.lzma))" | dblog
81 -[ -e files.list.md5 ] && rm files.list.md5
82 -md5sum files-list.lzma | cut -d' ' -f1 | tr -d $'\n' > files-list.md5
83 +[ -e $PKGS/files.list.md5 ] && rm $PKGS/files.list.md5
84 +md5sum $PKGS/files-list.lzma | cut -d' ' -f1 | tr -d $'\n' > $PKGS/files-list.md5
86 # Make bundle to fast recharge
87 _n 'Creating file "%s"' 'bundle.tar.lzma' | dblog
88 -[ -f bundle.tar.lzma ] && rm bundle.tar.lzma
89 +[ -f $PKGS/bundle.tar.lzma ] && rm $PKGS/bundle.tar.lzma
90 # Make sure to get "mirrors" file
91 until [ -e 'mirrors' ]; do
92 wget -q http://mirror1.slitaz.org/mirrors
93 echo -n '.' | dblog; sleep 5
94 done
95 # Make sure to get "extra.list" file
96 -until [ -e 'extra.list' ]; do
97 - wget -q -O extra.list http://mirror1.slitaz.org/packages/get.list
98 +until [ -e $PKGS/extra.list ]; do
99 + wget -q -O $PKGS/extra.list http://mirror1.slitaz.org/packages/get.list
100 echo -n '.' | dblog; sleep 5
101 done
102 -busybox tar -chaf bundle.tar.lzma \
103 +busybox tar -chaf $PKGS/bundle.tar.lzma \
104 mirrors extra.list files-list.md5 packages.info descriptions.txt \
105 packages.desc packages.md5 packages.txt packages.list packages.equiv
106 -rm ./mirrors
107 +rm $PKGS/mirrors
108 echo " ($(filesize $PKGS/bundle.tar.lzma))" | dblog
110 # Display some info.
111 @@ -242,7 +242,7 @@
113 cd $live
114 _ 'Starting to generate flavors...' | dblog
115 -rm -f flavors.list *.flavor
116 +rm -f $live/flavors.list $live/*.flavor
117 for i in $flavors/*; do
118 fl=$(basename $i)
119 _ 'Packing flavor "%s"' "$fl" | dblog