commit f25455d2d48d20f6086effe47971ed439cee2cc5
Author: Richard Hughes <richard@hughsie.com>
Date: Thu Jun 6 13:10:58 2013 +0100
systemd-updates: Do not exit with an error for a race condition
The daemon plugin pk-plugin-systemd-update deletes the /var/lib/PackageKit/prepared-update
file if any transaction is done that affects the prepared state.
This includes the offline-update process itself.
If the daemon deletes the file before the pk-offline-update process tries to do
it a warning is shown and the systemd unit fails.
diff --git a/contrib/systemd-updates/pk-offline-update.c b/contrib/systemd-updates/pk-offline-update.c
index 8678959..7b8d812 100644
--- a/contrib/systemd-updates/pk-offline-update.c
+++ b/contrib/systemd-updates/pk-offline-update.c
@@ -500,16 +500,20 @@ main (int argc, char *argv[])
pk_progress_bar_end (progressbar);
pk_offline_update_write_results (results);
- /* delete prepared-update file */
+ /* delete prepared-update file if it's not already been done by the
+ * pk-plugin-systemd-update daemon plugin */
file = g_file_new_for_path (PK_OFFLINE_PREPARED_UPDATE_FILENAME);
ret = g_file_delete (file, NULL, &error);
if (!ret) {
- retval = EXIT_FAILURE;
- g_warning ("failed to delete %s: %s",
- PK_OFFLINE_PREPARED_UPDATE_FILENAME,
- error->message);
- g_error_free (error);
- goto out;
+ if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND)) {
+ retval = EXIT_FAILURE;
+ g_warning ("failed to delete %s: %s",
+ PK_OFFLINE_PREPARED_UPDATE_FILENAME,
+ error->message);
+ g_error_free (error);
+ goto out;
+ }
+ g_clear_error (&error);
}
retval = EXIT_SUCCESS;
commit 3eb921f2ddbe94dc5b180522b8aa5a057dd6eac2
Author: Richard Hughes <richard@hughsie.com>
Date: Thu May 23 15:06:41 2013 +0100
Raise the package process threshold to 5000
TeXLive has officially jumped the shark, and it's quite plausible to have > 2500
updates in one transaction now.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=894731
diff --git a/etc/PackageKit.conf.in b/etc/PackageKit.conf.in
index 3440be5..c09c8d2 100644
--- a/etc/PackageKit.conf.in
+++ b/etc/PackageKit.conf.in
@@ -228,8 +228,8 @@ MaximumItemsToResolve=1200
# Setting this lower decreases the risk of a local denial of service, but may
# cause errors if the desktop client is trying to do a large transaction.
#
-# default=2500
-MaximumPackagesToProcess=2500
+# default=5000
+MaximumPackagesToProcess=5000
# How long the transaction is valid before it's destroyed, in seconds
#
commit cac9936e0950831905039c25f4b8e25ee4db3ce1
Author: Richard Hughes <richard@hughsie.com>
Date: Thu Jun 13 13:05:07 2013 +0100
yum: Use yb.downloadPkgs() to download updates
There were two bugs here:
- Using repo.getPackage() did not check the package checksum, only the size,
so it was possible to download a corrupt package and then not be able to
apply the updates
- By restricting to TS_UPDATE and TS_INSTALL we were ignoring any package that
was obsoleting another which could miss out packages.
Many thanks to Zdenek Pavlas for all the help in finding these issues.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=968936
diff --git a/backends/yum/yumBackend.py b/backends/yum/yumBackend.py
index 289f10f..49a0f7b 100755
--- a/backends/yum/yumBackend.py
+++ b/backends/yum/yumBackend.py
@@ -2365,22 +2365,16 @@ class PackageKitYumBackend(PackageKitBaseBackend, PackagekitPackage):
self.percentage(100)
return
+ # just download packages ready for the actual transaction
if TRANSACTION_FLAG_ONLY_DOWNLOAD in transaction_flags:
- package_list = []
for txmbr in self.yumbase.tsInfo:
- if txmbr.output_state in (TS_UPDATE, TS_INSTALL):
- self._show_package(txmbr.po, INFO_DOWNLOADING)
- repo = self.yumbase.repos.getRepo(txmbr.po.repoid)
+ if txmbr.output_state in TS_INSTALL_STATES:
try:
- path = repo.getPackage(txmbr.po)
- except yum.Errors.RepoError, e:
- self.error(ERROR_PACKAGE_DOWNLOAD_FAILED, "Cannot download file: %s" % _to_unicode(e), exit=False)
- return
- except IOError, e:
- self.error(ERROR_PACKAGE_DOWNLOAD_FAILED, "Cannot write to file: %s" % _to_unicode(e), exit=False)
- return
+ self._show_package(txmbr.po, INFO_DOWNLOADING)
+ self.yumbase.downloadPkgs([txmbr.po])
except Exception, e:
- raise PkError(ERROR_INTERNAL_ERROR, _format_str(traceback.format_exc()))
+ self.error(ERROR_PACKAGE_DOWNLOAD_FAILED, "Cannot download packages: %s" % _to_unicode(e), exit=False)
+ return
self.percentage(100)
return
From b78af414daf2176aac74540039b341a3e4e49412 Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Tue, 28 May 2013 14:34:59 +0100
Subject: [PATCH] Allow local active users in the wheel group to install signed
packages without a password
---
contrib/PackageKit.spec.in | 1 +
policy/Makefile.am | 5 +++++
policy/org.freedesktop.packagekit.policy.in | 2 +-
policy/org.freedesktop.packagekit.rules | 7 +++++++
4 files changed, 14 insertions(+), 1 deletion(-)
create mode 100644 policy/org.freedesktop.packagekit.rules
diff --git a/policy/Makefile.am b/policy/Makefile.am
index ebb7808..6babe33 100644
--- a/policy/Makefile.am
+++ b/policy/Makefile.am
@@ -2,6 +2,11 @@
NULL =
if SECURITY_TYPE_POLKIT
+polkit_rulesdir = $(datadir)/polkit-1/rules.d
+dist_polkit_rules_DATA = \
+ org.freedesktop.packagekit.rules \
+ $(NULL)
+
polkit_policydir = $(datadir)/polkit-1/actions
dist_polkit_policy_DATA = \
org.freedesktop.packagekit.policy \
diff --git a/policy/org.freedesktop.packagekit.policy.in b/policy/org.freedesktop.packagekit.policy.in
index 28ab3b1..19cdd20 100644
--- a/policy/org.freedesktop.packagekit.policy.in
+++ b/policy/org.freedesktop.packagekit.policy.in
@@ -42,7 +42,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
- <allow_active>yes</allow_active>
+ <allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
diff --git a/policy/org.freedesktop.packagekit.rules b/policy/org.freedesktop.packagekit.rules
new file mode 100644
index 0000000..6a1c8a7
--- /dev/null
+++ b/policy/org.freedesktop.packagekit.rules
@@ -0,0 +1,7 @@
+polkit.addRule(function(action, subject) {
+ if (action.id == "org.freedesktop.packagekit.package-install" &&
+ subject.active == true && subject.local == true &&
+ subject.isInGroup("wheel")) {
+ return polkit.Result.YES;
+ }
+});
--
1.8.2.1