From 745899ea7b6ac789c667167803c3ef1977994957 Mon Sep 17 00:00:00 2001 From: CentOS Buildsys Date: Nov 01 2013 17:23:31 +0000 Subject: import yum-utils-1.1.31-19.el7.src.rpm --- diff --git a/.yum-utils.metadata b/.yum-utils.metadata new file mode 100644 index 0000000..43c6fd2 --- /dev/null +++ b/.yum-utils.metadata @@ -0,0 +1 @@ +aa96ccb97ad3a7c53a47c1bda418ce2604b77f1e SOURCES/yum-utils-1.1.31.tar.gz diff --git a/README.md b/README.md deleted file mode 100644 index 0e7897f..0000000 --- a/README.md +++ /dev/null @@ -1,5 +0,0 @@ -The master branch has no content - -Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6 - -If you find this file in a distro specific branch, it means that no content has been checked in yet diff --git a/SOURCES/BZ-1002491-remove-security-plugin.patch b/SOURCES/BZ-1002491-remove-security-plugin.patch new file mode 100644 index 0000000..98648e1 --- /dev/null +++ b/SOURCES/BZ-1002491-remove-security-plugin.patch @@ -0,0 +1,1182 @@ +commit a5c7a3011bb9d2497c980791111389d226445281 +Author: Zdenek Pavlas +Date: Thu Oct 3 14:15:11 2013 +0200 + + remove yum-plugin-security. BZ 1002491 + + This functionality is now implemented in core (yum updateinfo). + +diff --git a/docs/Makefile b/docs/Makefile +index acb8559..481f0f3 100644 +--- a/docs/Makefile ++++ b/docs/Makefile +@@ -5,7 +5,7 @@ DOCS = repoquery package-cleanup repo-rss yumdownloader yum-builddep yum-changel + find-repos-of-install needs-restarting repo-graph repoclosure \ + repomanage repotrack verifytree yum-config-manager + DOCS5 = yum-changelog.conf yum-versionlock.conf yum-fs-snapshot.conf +-DOCS8 = yum-security yum-complete-transaction yumdb ++DOCS8 = yum-complete-transaction yumdb + + all: + echo "Nothing to do" +diff --git a/docs/yum-security.8 b/docs/yum-security.8 +deleted file mode 100644 +index c7d9c8b..0000000 +--- a/docs/yum-security.8 ++++ /dev/null +@@ -1,190 +0,0 @@ +-.\" yum security plugin +-.TH "yum-security" "8" "12 April 2007" "James Antill" "" +-.SH "NAME" +-yum security plugin +-.SH "SYNOPSIS" +-\fByum\fP [options] [command] [package ...] +-.SH "DESCRIPTION" +-.PP +-This plugin extends \fByum\fP to allow lists and updates to be limited using security relevant criteria. +-.PP +-Added yum \fIcommand\fPs are: +-.br +-.I \fR yum update-minimal +-.PP +-This works like the update command, but if you have the package foo-1 +-installed and have foo-2 and foo-3 available with updateinfo.xml then +-update-minimal will update you to foo-3. +-.br +-.I \fR yum updateinfo info +-.br +-.I \fR yum updateinfo list +-.br +-.I \fR yum updateinfo summary +-.PP +-All of the last three take these \fIsub-command\fPs: +-.br +-.I \fR yum updateinfo * all +-.br +-.I \fR yum updateinfo * available +-.br +-.I \fR yum updateinfo * installed +-.br +-.I \fR yum updateinfo * updates +-.PP +-and then: +-.br +-.I \fR * [advisory...] +-.br +-.I \fR * +-.br +-.I \fR * bugzillas +-.br +-.I \fR * cves +-.br +-.I \fR * enhancement +-.br +-.I \fR * security +-.br +-.I \fR * new-packages +-.br +-.br +-.PP +-.IP "\fBall\fP" +-Is used to display information about both install and available advisories. +-.PP +-.IP "\fBavailable\fP" +-Is used to display information about just available advisories. This is the +-default. +-.PP +-.IP "\fBinstalled\fP" +-Is used to display information about just install advisories. +-.PP +-.IP "\fBupdates\fP" +-This is mostly the same as "available" but it only shows advisory information +-for packages that can be updated to. +-.PP +-.IP "\fB [advisory...]\fP" +-Is used to display information about one or more advisories. +-.PP +-.IP "\fB [package...]\fP" +-Is used to display information about one or more packages. +-.PP +-.IP "\fBlist\fP" +-Is used to list all of the relevant errata notice information, from the +-updateinfo.xml data in yum. This includes bugzillas, CVEs, security updates and +-new. +-.PP +-.IP "\fBinfo\fP" +-Is used to show all the errata notice information, from the +-updateinfo.xml data in yum. This includes bugzillas, CVEs, security updates and +-new. +-.PP +-.IP "\fBlist\fP" +-Is used to list all of the relevant errata notice information, from the +-updateinfo.xml data in yum. This includes bugzillas, CVEs, security updates and +-new. +-.IP +-.IP "\fBbugzillas / bzs\fP" +-Is the subset of the updateinfo information, pertaining to the bugzillas. +-.IP +-.IP "\fBcves\fP" +-Is the subset of the updateinfo information, pertaining to the CVEs. +-.IP +-.IP "\fBsecurity / sec\fP" +-Is the subset of the updateinfo information, pertaining to security. +-.IP "\fBbugfix\fP" +-Is the subset of the updateinfo information, pertaining to bugfixes. +-.IP "\fBenhancement\fP" +-Is the subset of the updateinfo information, pertaining to enhancements. +-.IP "\fBrecommended\fP" +-Is the subset of the updateinfo information, pertaining to recommended updates. +-.IP "\fBnew-packages\fP" +-Is the subset of the updateinfo information, pertaining to new packages. These +-are packages which weren't available at the initial release of your +-distribution. +-.IP +-.PP +-.SH "GENERAL OPTIONS" +-There are four options added to yum that are available in the "list updates", "info updates", "check-update" and "update" commands. They are: +-.PP +-.IP "\fB\-\-advisory\fP" +-This option includes packages corresponding to the advisory ID, Eg. FEDORA-2201-123. +-.IP "\fB\-\-bz\fP" +-This option includes packages that say they fix a Bugzilla ID, Eg. 123. +-.IP "\fB\-\-cve\fP" +-This option includes packages that say they fix a CVE - Common Vulnerabilities and Exposures ID (http://cve.mitre.org/about/), Eg. CVE-2201-0123. +-.IP "\fB\-\-bugfixes\fP" +-This option includes packages that say they fix a bugfix issue. +-.IP "\fB\-\-security\fP" +-This option includes packages that say they fix a security issue. +-.PP +-.PP +- +-.SH "EXAMPLES" +-.PP +-To list all updates that are security relevant, and get a return code on whether there are security updates use: +-.IP +-yum \-\-security check-update +-.PP +-To upgrade packages that have security errata (upgrades to the latest +-available package) use: +-.IP +-yum \-\-security update +-.PP +-To upgrade packages that have security errata (upgrades to the last +-security errata package) use: +-.IP +-yum \-\-security update-minimal +-.PP +-To get a list of all BZs that are fixed for packages you have installed use: +-.IP +-yum updateinfo list bugzillas +-.PP +-To get a list of all security advisories, including the ones you have already +-installed use: +-.IP +-yum updateinfo list all security +-.PP +-To get the information on advisory FEDORA-2707-4567 use: +-.IP +-yum updateinfo info FEDORA-2707-4567 +-.PP +-To update packages to the latest version which contain fixes for Bugzillas 123, 456 and 789; and all security updates use: +-.IP +-yum \-\-bz 123 \-\-bz 456 \-\-bz 789 \-\-security update +-.PP +-To update to the packages which just update Bugzillas 123, 456 and 789; and all security updates use: +-.IP +-yum \-\-bz 123 \-\-bz 456 \-\-bz 789 \-\-security update-minimal +-.PP +-To get an info list of the latest packages which contain fixes for Bugzilla 123; CVEs CVE-2207-0123 and CVE-2207-3210; and Fedora advisories FEDORA-2707-4567 and FEDORA-2707-7654 use: +-.IP +-yum \-\-bz 123 \-\-cve CVE-2207-0123 \-\-cve CVE-2207-3210 \-\-advisory FEDORA-2707-4567 \-\-advisory FEDORA-2707-7654 info updates +-.PP +-To get a list of packages which are "new". +-.IP +-yum updateinfo list new +-.PP +-To get a summary of advisories you haven't installed yet use: +-.IP +-yum updateinfo summary +- +- +-.SH "SEE ALSO" +-.nf +-.I yum (8) +-.I yum.conf (5) +-.fi +- +-.SH "AUTHORS" +-.nf +-James Antill . +-.fi +- +-.SH "BUGS" +-The update-minimal command ignores the \-\-obsoletes flag. +- +-The update-minimal command can only directly affect things atm., so if you update pkgA minimally but that requires an update to pkgB then pkgB will be updated to the newest version by the depsolver. Also the above will happen even if you've also minimally updated pkgB, if either the direct (minimal) update for pkgB happens after or if the minimal update for pkgB doesn't satisfy the requirements of pkgA. +- +-The main "problem" is that if the data is not correct the plugin cannot work correctly. For instance "\-\-bz 123" will not fix BZ 123 if a package is updated to fix that BZ without referencing that it does so in the updateinfo.xml. +diff --git a/plugins/security/security.conf b/plugins/security/security.conf +deleted file mode 100644 +index 8e4d76c..0000000 +--- a/plugins/security/security.conf ++++ /dev/null +@@ -1,2 +0,0 @@ +-[main] +-enabled=1 +diff --git a/plugins/security/security.py b/plugins/security/security.py +deleted file mode 100755 +index a60cf9b..0000000 +--- a/plugins/security/security.py ++++ /dev/null +@@ -1,892 +0,0 @@ +-#! /usr/bin/python -tt +-# This program is free software; you can redistribute it and/or modify +-# it under the terms of the GNU General Public License as published by +-# the Free Software Foundation; either version 2 of the License, or +-# (at your option) any later version. +-# +-# This program is distributed in the hope that it will be useful, +-# but WITHOUT ANY WARRANTY; without even the implied warranty of +-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-# GNU Library General Public License for more details. +-# +-# You should have received a copy of the GNU General Public License +-# along with this program; if not, write to the Free Software +-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +-# +-# +-# Copyright Red Hat Inc. 2007, 2008 +-# +-# Author: James Antill +-# +-# Examples: +-# +-# yum --security info updates +-# yum --security list updates +-# yum --security check-update +-# yum --security update +-# +-# yum --cve CVE-2007-1667 +-# yum --bz 235374 --bz 234688 +-# yum --advisory FEDORA-2007-420 --advisory FEDORA-2007-346 +-# +-# yum list-updateinfo +-# yum list-updateinfo bugzillas / bzs +-# yum list-updateinfo cves +-# yum list-updateinfo security / sec +-# yum list-updateinfo new +-# +-# yum summary-updateinfo +-# +-# yum update-minimal --security +- +-import yum +-import fnmatch +-from yum.plugins import TYPE_INTERACTIVE +-from yum.update_md import UpdateMetadata +-import logging # for commands +- +-from yum.constants import * +- +-import rpmUtils.miscutils +- +-requires_api_version = '2.5' +-plugin_type = (TYPE_INTERACTIVE,) +-__package_name__ = "yum-plugin-security" +- +-# newpackages is weird, in that we'll never display that because we filter to +-# things relevant to installed pkgs... +-__update_info_types__ = ("security", "bugfix", "enhancement", +- "recommended", "newpackage") +- +-def _rpm_tup_vercmp(tup1, tup2): +- """ Compare two "std." tuples, (n, a, e, v, r). """ +- return rpmUtils.miscutils.compareEVR((tup1[2], tup1[3], tup1[4]), +- (tup2[2], tup2[3], tup2[4])) +- +-class CliError(yum.Errors.YumBaseError): +- +- """ +- Command line interface related Exception. +- """ +- +- def __init__(self, args=''): +- yum.Errors.YumBaseError.__init__(self) +- self.args = args +- +-def ysp_gen_metadata(repos): +- """ Generate the info. from the updateinfo.xml files. """ +- md_info = UpdateMetadata() +- for repo in repos: +- if not repo.enabled: +- continue +- +- try: # attempt to grab the updateinfo.xml.gz from the repodata +- md_info.add(repo) +- except yum.Errors.RepoMDError: +- continue # No metadata found for this repo +- return md_info +- +-def ysp__safe_refs(refs): +- """ Sometimes refs == None, if so return the empty list here. +- So we don't have to check everywhere. """ +- if refs == None: +- return [] +- return refs +- +-def _match_sec_cmd(sec_cmds, pkgname, notice): +- for i in sec_cmds: +- if fnmatch.fnmatch(pkgname, i): +- return i +- if notice['update_id'] == i: +- return i +- return None +- +-def _has_id(used_map, refs, ref_type, ref_ids): +- ''' Check if the given ID is a match. ''' +- for ref in ysp__safe_refs(refs): +- if ref['type'] != ref_type: +- continue +- if ref['id'] not in ref_ids: +- continue +- used_map[ref_type][ref['id']] = True +- return ref +- return None +- +-def ysp_should_filter_pkg(opts, pkgname, notice, used_map): +- """ Do the package filtering for should_show and should_keep. """ +- +- rcmd = _match_sec_cmd(opts.sec_cmds, pkgname, notice) +- if rcmd: +- used_map['cmd'][rcmd] = True +- return True +- elif opts.advisory and notice['update_id'] in opts.advisory: +- used_map['id'][notice['update_id']] = True +- return True +- elif (opts.severity and notice['type'] == 'security' and +- notice['severity'] in opts.severity): +- used_map['sev'][notice['severity']] = True +- return True +- elif opts.cve and _has_id(used_map, notice['references'], "cve", opts.cve): +- return True +- elif opts.bz and _has_id(used_map, notice['references'],"bugzilla",opts.bz): +- return True +- # FIXME: Add opts for enhancement/etc.? -- __update_info_types__ +- elif (opts.security and notice['type'] == 'security' and +- (not opts.severity or 'severity' not in notice or +- not notice['severity'])): +- return True +- elif opts.bugfixes and notice['type'] == 'bugfix': +- return True +- elif not (opts.advisory or opts.cve or opts.bz or +- opts.security or opts.bugfixes or opts.sec_cmds or opts.severity): +- return True # This is only possible from should_show_pkg +- return False +- +-def ysp_has_info_md(rname, md): +- if rname in __update_info_types__: +- if md['type'] == rname: +- return md +- for ref in ysp__safe_refs(md['references']): +- if ref['type'] != rname: +- continue +- return md +- +-def ysp_gen_used_map(opts): +- used_map = {'bugzilla' : {}, 'cve' : {}, 'id' : {}, 'cmd' : {}, 'sev' : {}} +- for i in opts.sec_cmds: +- used_map['cmd'][i] = False +- for i in opts.advisory: +- used_map['id'][i] = False +- for i in opts.bz: +- used_map['bugzilla'][i] = False +- for i in opts.cve: +- used_map['cve'][i] = False +- for i in opts.severity: +- used_map['sev'][i] = False +- return used_map +- +-def ysp_chk_used_map(used_map, msg): +- for i in used_map['cmd']: +- if not used_map['cmd'][i]: +- msg('No update information found for \"%s\"' % i) +- for i in used_map['id']: +- if not used_map['id'][i]: +- msg('Advisory \"%s\" not found applicable for this system' % i) +- for i in used_map['bugzilla']: +- if not used_map['bugzilla'][i]: +- msg('BZ \"%s\" not found applicable for this system' % i) +- for i in used_map['cve']: +- if not used_map['cve'][i]: +- msg('CVE \"%s\" not found applicable for this system' % i) +- for i in used_map['sev']: +- if not used_map['sev'][i]: +- msg('Severity \"%s\" not found applicable for this system' % i) +- +-class UpdateinfoCommand: +- # Old command names... +- direct_cmds = {'list-updateinfo' : 'list', +- 'list-security' : 'list', +- 'list-sec' : 'list', +- 'info-updateinfo' : 'info', +- 'info-security' : 'info', +- 'info-sec' : 'info', +- 'summary-updateinfo' : 'summary'} +- +- # Note that this code (instead of using inheritance and multiple +- # cmd classes) means that "yum help" only displays the updateinfo command. +- # Which is what we want, because the other commands are just backwards +- # compatible gunk we don't want the user using). +- def getNames(self): +- return ['updateinfo'] + sorted(self.direct_cmds.keys()) +- +- def getUsage(self): +- return "[info|list|...] [security|...] [installed|available|all] [pkgs|id]" +- +- def getSummary(self): +- return "Acts on repository update information" +- +- def doCheck(self, base, basecmd, extcmds): +- pass +- +- def list_show_pkgs(self, base, md_info, list_type, show_type, +- iname2tup, data, msg): +- n_maxsize = 0 +- r_maxsize = 0 +- t_maxsize = 0 +- for (notice, pkgtup, pkg) in data: +- n_maxsize = max(len(notice['update_id']), n_maxsize) +- tn = notice['type'] +- if tn == 'security' and notice['severity']: +- tn = notice['severity'] + '/Sec.' +- t_maxsize = max(len(tn), t_maxsize) +- if show_type: +- for ref in ysp__safe_refs(notice['references']): +- if ref['type'] != show_type: +- continue +- r_maxsize = max(len(str(ref['id'])), r_maxsize) +- +- for (notice, pkgtup, pkg) in data: +- mark = '' +- if list_type == 'all': +- mark = ' ' +- if _rpm_tup_vercmp(iname2tup[pkgtup[0]], pkgtup) >= 0: +- mark = 'i ' +- tn = notice['type'] +- if tn == 'security' and notice['severity']: +- tn = notice['severity'] + '/Sec.' +- +- if show_type and ysp_has_info_md(show_type, notice): +- for ref in ysp__safe_refs(notice['references']): +- if ref['type'] != show_type: +- continue +- msg("%s %-*s %-*s %s" % (mark, r_maxsize, str(ref['id']), +- t_maxsize, tn, pkg)) +- elif hasattr(pkg, 'name'): +- print base.fmtKeyValFill("%s: " % pkg.name, +- base._enc(pkg.summary)) +- else: +- msg("%s%-*s %-*s %s" % (mark, n_maxsize, notice['update_id'], +- t_maxsize, tn, pkg)) +- +- def info_show_pkgs(self, base, md_info, list_type, show_type, +- iname2tup, data, msg): +- show_pkg_info_done = {} +- for (notice, pkgtup, pkg) in data: +- if notice['update_id'] in show_pkg_info_done: +- continue +- show_pkg_info_done[notice['update_id']] = notice +- +- if hasattr(notice, 'text'): +- debug_log_lvl = yum.logginglevels.DEBUG_3 +- vlog = logging.getLogger("yum.verbose.main") +- if vlog.isEnabledFor(debug_log_lvl): +- obj = notice.text(skip_data=[]) +- else: +- obj = notice.text() +- else: +- # Python-2.4.* doesn't understand str(x) returning unicode +- obj = notice.__str__() +- +- if list_type == 'all': +- if _rpm_tup_vercmp(iname2tup[pkgtup[0]], pkgtup) >= 0: +- obj = obj + "\n Installed : true" +- else: +- obj = obj + "\n Installed : false" +- msg(obj) +- +- def summary_show_pkgs(self, base, md_info, list_type, show_type, +- iname2tup, data, msg): +- def _msg(x): +- print x +- counts = {} +- sev_counts = {} +- show_pkg_info_done = {} +- for (notice, pkgtup, pkg) in data: +- if notice['update_id'] in show_pkg_info_done: +- continue +- show_pkg_info_done[notice['update_id']] = notice +- counts[notice['type']] = counts.get(notice['type'], 0) + 1 +- if notice['type'] == 'security': +- sev = notice['severity'] +- if sev is None: +- sev = '' +- sev_counts[sev] = sev_counts.get(sev, 0) + 1 +- +- maxsize = 0 +- for T in ('newpackage', 'security', 'bugfix', 'enhancement'): +- if T not in counts: +- continue +- size = len(str(counts[T])) +- if maxsize < size: +- maxsize = size +- if not maxsize: +- _check_running_kernel(base, md_info, _msg) +- return +- +- outT = {'newpackage' : 'New Package', +- 'security' : 'Security', +- 'bugfix' : 'Bugfix', +- 'enhancement' : 'Enhancement'} +- print "Updates Information Summary:", list_type +- for T in ('newpackage', 'security', 'bugfix', 'enhancement'): +- if T not in counts: +- continue +- n = outT[T] +- if T == 'security' and len(sev_counts) == 1: +- sn = sev_counts.keys()[0] +- if sn != '': +- n = sn + " " + n +- print " %*u %s notice(s)" % (maxsize, counts[T], n) +- if T == 'security' and len(sev_counts) != 1: +- def _sev_sort_key(key): +- # We want these in order, from "highest" to "lowest". +- # Anything unknown is "higher". meh. +- return {'Critical' : "zz1", +- 'Important': "zz2", +- 'Moderate' : "zz3", +- 'Low' : "zz4", +- }.get(key, key) +- +- for sn in sorted(sev_counts, key=_sev_sort_key): +- args = (maxsize, sev_counts[sn],sn or '?', outT['security']) +- print " %*u %s %s notice(s)" % args +- _check_running_kernel(base, md_info, _msg) +- self.show_pkg_info_done = {} +- +- def _get_new_pkgs(self, md_info): +- for notice in md_info.notices: +- if notice['type'] != "newpackage": +- continue +- for upkg in notice['pkglist']: +- for pkg in upkg['packages']: +- pkgtup = (pkg['name'], pkg['arch'], pkg['epoch'] or '0', +- pkg['version'], pkg['release']) +- yield (notice, pkgtup) +- +- _cmd2filt = {"bugzillas" : "bugzilla", +- "bugzilla" : "bugzilla", +- "bzs" : "bugzilla", +- "bz" : "bugzilla", +- +- "sec" : "security", +- +- "cves" : "cve", +- "cve" : "cve", +- +- "newpackages" : "newpackage", +- "new-packages" : "newpackage", +- "newpackage" : "newpackage", +- "new-package" : "newpackage", +- "new" : "newpackage"} +- for filt_type in __update_info_types__: +- _cmd2filt[filt_type] = filt_type +- +- def doCommand(self, base, basecmd, extcmds): +- if basecmd in self.direct_cmds: +- subcommand = self.direct_cmds[basecmd] +- elif extcmds and extcmds[0] in ('list', 'info', 'summary'): +- subcommand = extcmds[0] +- extcmds = extcmds[1:] +- elif extcmds and extcmds[0] in self._cmd2filt: +- subcommand = 'list' +- elif extcmds: +- subcommand = 'info' +- else: +- subcommand = 'summary' +- +- if subcommand == 'list': +- return self.doCommand_li(base, 'updateinfo list', extcmds, +- self.list_show_pkgs) +- if subcommand == 'info': +- return self.doCommand_li(base, 'updateinfo info', extcmds, +- self.info_show_pkgs) +- +- if subcommand == 'summary': +- return self.doCommand_li(base, 'updateinfo summary', extcmds, +- self.summary_show_pkgs) +- +- def doCommand_li_new(self, base, list_type, extcmds, md_info, msg, +- show_pkgs): +- done_pkgs = set() +- data = [] +- for (notice, pkgtup) in sorted(self._get_new_pkgs(md_info), +- key=lambda x: x[1][0]): +- if extcmds and not _match_sec_cmd(extcmds, pkgtup[0], notice): +- continue +- n = pkgtup[0] +- if n in done_pkgs: +- continue +- ipkgs = list(reversed(sorted(base.rpmdb.searchNames([n])))) +- if list_type in ('installed', 'updates') and not ipkgs: +- done_pkgs.add(n) +- continue +- if list_type == 'available' and ipkgs: +- done_pkgs.add(n) +- continue +- +- pkgs = base.pkgSack.searchPkgTuple(pkgtup) +- if not pkgs: +- continue +- if list_type == "updates" and pkgs[0].verLE(ipkgs[0]): +- done_pkgs.add(n) +- continue +- done_pkgs.add(n) +- data.append((notice, pkgtup, pkgs[0])) +- show_pkgs(base, md_info, list_type, None, {}, data, msg) +- +- def _parse_extcmds(self, extcmds): +- filt_type = None +- show_type = None +- if len(extcmds) >= 1: +- filt_type = None +- +- if extcmds[0] in self._cmd2filt: +- filt_type = self._cmd2filt[extcmds.pop(0)] +- show_type = filt_type +- if filt_type and filt_type in __update_info_types__: +- show_type = None +- return extcmds, show_type, filt_type +- +- def doCommand_li(self, base, basecmd, extcmds, show_pkgs): +- self.repos = base.repos +- md_info = ysp_gen_metadata(self.repos.listEnabled()) +- def msg(x): +- # Don't use: logger.log(logginglevels.INFO_2, x) +- # or -q deletes everything. +- print x +- +- opts, cmdline = base.plugins.cmdline +- extcmds, show_type, filt_type = self._parse_extcmds(extcmds) +- +- list_type = "available" +- if extcmds and extcmds[0] in ("updates","available","installed", "all"): +- list_type = extcmds.pop(0) +- +- if filt_type == "newpackage": +- # No filtering here, as we want what isn't installed... +- self.doCommand_li_new(base, list_type, extcmds, md_info, msg, +- show_pkgs) +- return 0, [basecmd + ' new done'] +- +- opts.sec_cmds = extcmds +- used_map = ysp_gen_used_map(opts) +- iname2tup = {} +- if False: pass +- elif list_type in ('installed', 'all'): +- name2tup = _get_name2allpkgtup(base) +- iname2tup = _get_name2instpkgtup(base) +- elif list_type == 'updates': +- name2tup = _get_name2oldpkgtup(base) +- elif list_type == 'available': +- name2tup = _get_name2instpkgtup(base) +- +- def _show_pkgtup(pkgtup): +- name = pkgtup[0] +- notices = reversed(md_info.get_applicable_notices(pkgtup)) +- for (pkgtup, notice) in notices: +- if filt_type and not ysp_has_info_md(filt_type, notice): +- continue +- +- if list_type == 'installed': +- # Remove any that are newer than what we have installed +- if _rpm_tup_vercmp(iname2tup[name], pkgtup) < 0: +- continue +- +- if ysp_should_filter_pkg(opts, name, notice, used_map): +- yield (pkgtup, notice) +- +- data = [] +- for pkgname in sorted(name2tup): +- for (pkgtup, notice) in _show_pkgtup(name2tup[pkgname]): +- d = {} +- (d['n'], d['a'], d['e'], d['v'], d['r']) = pkgtup +- if d['e'] == '0': +- d['epoch'] = '' +- else: +- d['epoch'] = "%s:" % d['e'] +- data.append((notice, pkgtup, +- "%(n)s-%(epoch)s%(v)s-%(r)s.%(a)s" % d)) +- show_pkgs(base, md_info, list_type, show_type, iname2tup, data, msg) +- +- ysp_chk_used_map(used_map, msg) +- +- return 0, [basecmd + ' done'] +- +- +-# "Borrowed" from yumcommands.py +-def yumcommands_checkRootUID(base): +- """ +- Verify that the program is being run by the root user. +- +- @param base: a YumBase object. +- """ +- if base.conf.uid != 0: +- base.logger.critical('You need to be root to perform this command.') +- raise CliError +-def yumcommands_checkGPGKey(base): +- if not base.gpgKeyCheck(): +- for repo in base.repos.listEnabled(): +- if repo.gpgcheck != 'false' and repo.gpgkey == '': +- msg = """ +-You have enabled checking of packages via GPG keys. This is a good thing. +-However, you do not have any GPG public keys installed. You need to download +-the keys for packages you wish to install and install them. +-You can do that by running the command: +- rpm --import public.gpg.key +- +- +-Alternatively you can specify the url to the key you would like to use +-for a repository in the 'gpgkey' option in a repository section and yum +-will install it for you. +- +-For more information contact your distribution or package provider. +-""" +- base.logger.critical(msg) +- raise CliError +- +-def _get_name2pkgtup(base, pkgtups): +- name2tup = {} +- for pkgtup in pkgtups: +- # Get the latest "old" pkgtups +- if (pkgtup[0] in name2tup and +- _rpm_tup_vercmp(name2tup[pkgtup[0]], pkgtup) > 0): +- continue +- name2tup[pkgtup[0]] = pkgtup +- return name2tup +-def _get_name2oldpkgtup(base): +- """ Get the pkgtups for all installed pkgs. which have an update. """ +- oupdates = map(lambda x: x[1], base.up.getUpdatesTuples()) +- return _get_name2pkgtup(base, oupdates) +-def _get_name2instpkgtup(base): +- """ Get the pkgtups for all installed pkgs. """ +- return _get_name2pkgtup(base, base.rpmdb.simplePkgList()) +-def _get_name2allpkgtup(base): +- """ Get the pkgtups for all installed pkgs. and munge that to be the +- first possible pkgtup. """ +- ofirst = [(pt[0], pt[1], '0','0','0') for pt in base.rpmdb.simplePkgList()] +- return _get_name2pkgtup(base, ofirst) +- +- +- +-class SecurityUpdateCommand: +- def getNames(self): +- return ['update-minimal'] +- +- def getUsage(self): +- return "[PACKAGE-wildcard]" +- +- def getSummary(self): +- return "Works like update, but goes to the 'newest' package match which fixes a problem that affects your system" +- +- def doCheck(self, base, basecmd, extcmds): +- yumcommands_checkRootUID(base) +- yumcommands_checkGPGKey(base) +- +- def doCommand(self, base, basecmd, extcmds): +- if hasattr(base, 'run_with_package_names'): +- base.run_with_package_names.add(__package_name__) +- md_info = ysp_gen_metadata(base.repos.listEnabled()) +- opts = base.plugins.cmdline[0] +- opts.sec_cmds = [] +- used_map = ysp_gen_used_map(opts) +- +- ndata = not (opts.security or opts.bugfixes or +- opts.advisory or opts.bz or opts.cve or opts.severity) +- +- # NOTE: Not doing obsoletes processing atm. ... maybe we should? -- +- # Also worth pointing out we don't go backwards for obsoletes in the: +- # update --security case etc. +- +- # obsoletes = base.up.getObsoletesTuples(newest=False) +- # for (obsoleting, installed) in sorted(obsoletes, key=lambda x: x[0]): +- # pass +- +- # Tuples == (n, a, e, v, r) +- oupdates = map(lambda x: x[1], base.up.getUpdatesTuples()) +- for oldpkgtup in sorted(oupdates): +- data = md_info.get_applicable_notices(oldpkgtup) +- if ndata: # No options means pick the oldest update +- data.reverse() +- +- for (pkgtup, notice) in data: +- name = pkgtup[0] +- if extcmds and not _match_sec_cmd(extcmds, name, notice): +- continue +- if (not ndata and +- not ysp_should_filter_pkg(opts, name, notice, used_map)): +- continue +- base.update(name=pkgtup[0], arch=pkgtup[1], epoch=pkgtup[2], +- version=pkgtup[3], release=pkgtup[4]) +- break +- +- if len(base.tsInfo) > 0: +- msg = '%d packages marked for minimal Update' % len(base.tsInfo) +- return 2, [msg] +- else: +- return 0, ['No Packages marked for minimal Update'] +- +-def config_hook(conduit): +- ''' +- Yum Plugin Config Hook: +- Setup the option parser with the '--advisory', '--bz', '--cve', +- '--security' and '--severity' command line options. Also the 'updateinfo' +- and 'update-minimal' commands. +- ''' +- +- parser = conduit.getOptParser() +- if not parser: +- return +- +- if hasattr(parser, 'plugin_option_group'): +- parser = parser.plugin_option_group +- +- conduit.registerCommand(UpdateinfoCommand()) +- conduit.registerCommand(SecurityUpdateCommand()) +- def osec(opt, key, val, parser): +- # CVE is a subset of --security on RHEL, but not on Fedora +- parser.values.security = True +- def obug(opt, key, val, parser): +- parser.values.bugfixes = True +- def ocve(opt, key, val, parser): +- parser.values.cve.extend(val.split(',')) +- def obz(opt, key, val, parser): +- parser.values.bz.append(str(val)) +- def oadv(opt, key, val, parser): +- parser.values.advisory.extend(val.split(',')) +- def osev(opt, key, val, parser): +- parser.values.severity.extend(val.split(',')) +- +- parser.add_option('--security', action="callback", +- callback=osec, dest='security', default=False, +- help='Include security relevant packages') +- parser.add_option('--bugfixes', action="callback", +- callback=obug, dest='bugfixes', default=False, +- help='Include bugfix relevant packages') +- parser.add_option('--cve', action="callback", type="string", +- callback=ocve, dest='cve', default=[], +- help='Include packages needed to fix the given CVE') +- parser.add_option('--bz', action="callback", +- callback=obz, dest='bz', default=[], type="int", +- help='Include packages needed to fix the given BZ') +- parser.add_option('--sec-severity', action="callback", +- callback=osev, dest='severity', default=[], type="string", +- help='Include security relevant packages, of this severity') +- parser.add_option('--advisory', action="callback", +- callback=oadv, dest='advisory', default=[], type="string", +- help='Include packages needed to fix the given advisory') +- +-# You might think we'd just use the exclude_hook, and call delPackage +-# and indeed that works for list updates etc. +-# +-# __but__ that doesn't work for dependancies on real updates +-# +-# So to fix deps. we need to do it at the preresolve stage and take the +-# "transaction package list" and then remove packages from that. +-# +-# __but__ that doesn't work for lists ... so we do it two ways +-# +-def ysp_should_keep_pkg(opts, pkgtup, md_info, used_map): +- """ Do we want to keep this package to satisfy the security limits. """ +- name = pkgtup[0] +- for (pkgtup, notice) in md_info.get_applicable_notices(pkgtup): +- if ysp_should_filter_pkg(opts, name, notice, used_map): +- return True +- return False +- +-def ysp_check_func_enter(conduit): +- """ Stuff we need to do in both list and update modes. """ +- +- opts, args = conduit.getCmdLine() +- +- ndata = not (opts.security or opts.bugfixes or +- opts.advisory or opts.bz or opts.cve or opts.severity) +- +- ret = None +- if len(args) >= 2: +- if ((args[0] == "list") and (args[1] in ("obsoletes", "updates"))): +- ret = {"skip": ndata, "list_cmd": True} +- if ((args[0] == "info") and (args[1] in ("obsoletes", "updates"))): +- ret = {"skip": ndata, "list_cmd": True} +- if len(args): +- +- # All the args. stuff is done in our command: +- if (args[0] == "update-minimal"): +- return (opts, {"skip": True, "list_cmd": False, "msg": True}) +- +- if (args[0] == "check-update"): +- ret = {"skip": ndata, "list_cmd": True} +- if (args[0] in ["update", "upgrade"]): +- ret = {"skip": ndata, "list_cmd": False} +- if args[0] == 'updateinfo': +- return (opts, {"skip": True, "list_cmd": True}) +- if (args[0] in UpdateinfoCommand.direct_cmds): +- return (opts, {"skip": True, "list_cmd": True}) +- +- if ret: +- return (opts, ret) +- +- if not ndata: +- conduit.error(2, 'Skipping security plugin, other command') +- return (opts, {"skip": True, "list_cmd": False, "msg": True}) +- +-def exclude_hook(conduit): +- ''' +- Yum Plugin Exclude Hook: +- Check and remove packages that don\'t align with the security config. +- ''' +- +- opts, info = ysp_check_func_enter(conduit) +- if info["skip"]: +- return +- +- if not info["list_cmd"]: +- return +- +- if hasattr(conduit, 'registerPackageName'): +- conduit.registerPackageName(__package_name__) +- conduit.info(2, 'Limiting package lists to security relevant ones') +- +- md_info = ysp_gen_metadata(conduit.getRepos().listEnabled()) +- +- def ysp_del_pkg(pkg): +- """ Deletes a package from all trees that yum knows about """ +- conduit.info(3," --> %s from %s excluded (non-security)" % +- (pkg,pkg.repoid)) +- conduit.delPackage(pkg) +- +- opts.sec_cmds = [] +- used_map = ysp_gen_used_map(opts) +- +- # The official API is: +- # +- # pkgs = conduit.getPackages() +- # +- # ...however that is _extremely_ slow, deleting all packages. So we ask +- # for the list of update packages, which is all we care about. +- upds = conduit._base.doPackageLists(pkgnarrow='updates') +- pkgs = upds.updates +- # In theory we don't need to do this in some cases, but meh. +- upds = conduit._base.doPackageLists(pkgnarrow='obsoletes') +- pkgs += upds.obsoletes +- +- name2tup = _get_name2oldpkgtup(conduit._base) +- +- tot = 0 +- cnt = 0 +- for pkg in pkgs: +- tot += 1 +- name = pkg.name +- if (name not in name2tup or +- not ysp_should_keep_pkg(opts, name2tup[name], md_info, used_map)): +- ysp_del_pkg(pkg) +- continue +- cnt += 1 +- +- ysp_chk_used_map(used_map, lambda x: conduit.error(2, x)) +- if cnt: +- conduit.info(2, '%d package(s) needed for security, out of %d available' % (cnt, tot)) +- else: +- conduit.info(2, 'No packages needed for security; %d packages available' % tot) +- +- _check_running_kernel(conduit._base, md_info, lambda x: conduit.info(2, x)) +- +-def _check_running_kernel(yb, md_info, msg): +- if not hasattr(yum.misc, 'get_running_kernel_pkgtup'): +- return # Back compat. +- +- kern_pkgtup = yum.misc.get_running_kernel_pkgtup(yb.ts) +- if kern_pkgtup[0] is None: +- return +- +- found_sec = False +- for (pkgtup, notice) in md_info.get_applicable_notices(kern_pkgtup): +- if found_sec or notice['type'] != 'security': +- continue +- found_sec = True +- ipkg = yb.rpmdb.searchPkgTuple(pkgtup) +- if not ipkg: +- continue # Not installed +- ipkg = ipkg[0] +- +- e = '' +- if kern_pkgtup[2] != '0': +- e = '%s:' % kern_pkgtup[2] +- rpkg = '%s-%s%s-%s.%s' % (kern_pkgtup[0], e, +- kern_pkgtup[3], kern_pkgtup[4], +- kern_pkgtup[1]) +- +- msg('Security: %s is an installed security update' % ipkg) +- msg('Security: %s is the currently running version' % rpkg) +- break +- +- +-def preresolve_hook(conduit): +- ''' +- Yum Plugin PreResolve Hook: +- Check and remove packages that don\'t align with the security config. +- ''' +- +- opts, info = ysp_check_func_enter(conduit) +- if info["skip"]: +- return +- +- if info["list_cmd"]: +- return +- +- if hasattr(conduit, 'registerPackageName'): +- conduit.registerPackageName(__package_name__) +- conduit.info(2, 'Limiting packages to security relevant ones') +- +- md_info = ysp_gen_metadata(conduit.getRepos().listEnabled()) +- +- def ysp_del_pkg(tspkg): +- """ Deletes a package within a transaction. """ +- conduit.info(3," --> %s from %s excluded (non-security)" % +- (tspkg.po,tspkg.po.repoid)) +- tsinfo.remove(tspkg.pkgtup) +- +- tot = 0 +- cnt = 0 +- opts.sec_cmds = [] +- used_map = ysp_gen_used_map(opts) +- tsinfo = conduit.getTsInfo() +- tspkgs = tsinfo.getMembers() +- # Ok, here we keep any pkgs that pass "ysp" tests, then we keep all +- # related pkgs ... Ie. "installed" version marked for removal. +- keep_pkgs = set() +- +- count_states = set(TS_INSTALL_STATES + [TS_ERASE]) +- count_pkgs = set() +- for tspkg in tspkgs: +- if tspkg.output_state in count_states: +- count_pkgs.add(tspkg.po) +- +- name2tup = _get_name2oldpkgtup(conduit._base) +- for tspkg in tspkgs: +- if tspkg.output_state in count_states: +- tot += 1 +- name = tspkg.po.name +- if (name not in name2tup or +- not ysp_should_keep_pkg(opts, name2tup[name], md_info, used_map)): +- continue +- if tspkg.output_state in count_states: +- cnt += 1 +- keep_pkgs.add(tspkg.po) +- +- scnt = cnt +- mini_depsolve_again = True +- while mini_depsolve_again: +- mini_depsolve_again = False +- +- for tspkg in tspkgs: +- if tspkg.po in keep_pkgs: +- # Find any related pkgs, and add them: +- for (rpkg, reason) in tspkg.relatedto: +- if rpkg not in keep_pkgs: +- if rpkg in count_pkgs: +- cnt += 1 +- keep_pkgs.add(rpkg) +- mini_depsolve_again = True +- else: +- # If related to any keep pkgs, add us +- for (rpkg, reason) in tspkg.relatedto: +- if rpkg in keep_pkgs: +- if rpkg in count_pkgs: +- cnt += 1 +- keep_pkgs.add(tspkg.po) +- mini_depsolve_again = True +- break +- +- for tspkg in tspkgs: +- if tspkg.po not in keep_pkgs: +- ysp_del_pkg(tspkg) +- +- ysp_chk_used_map(used_map, lambda x: conduit.error(2, x)) +- +- if cnt: +- conduit.info(2, '%d package(s) needed (+%d related) for security, out of %d available' % (scnt, cnt - scnt, tot)) +- else: +- conduit.info(2, 'No packages needed for security; %d packages available' % tot) +- +-if __name__ == '__main__': +- print "This is a plugin that is supposed to run from inside YUM" +diff --git a/po/POTFILES.in b/po/POTFILES.in +index d85030c..2f12118 100644 +--- a/po/POTFILES.in ++++ b/po/POTFILES.in +@@ -34,7 +34,6 @@ plugins/merge-conf/merge-conf.py + plugins/aliases/aliases.py + plugins/protectbase/protectbase.py + plugins/versionlock/versionlock.py +-plugins/security/security.py + plugins/nofsync/nofsync.py + plugins/tmprepo/tmprepo.py + plugins/priorities/priorities.py +diff --git a/yum-utils.spec b/yum-utils.spec +index 6d6d699..de6fbfd 100644 +--- a/yum-utils.spec ++++ b/yum-utils.spec +@@ -155,20 +155,6 @@ This yum plugin adds the "--merge-conf" command line option. With this option, + Yum will ask you what to do with config files which have changed on updating a + package. + +-%package -n yum-plugin-security +-Summary: Yum plugin to enable security filters +-Group: System Environment/Base +-Provides: yum-security = %{version}-%{release} +-Obsoletes: yum-security < 1.1.20-0 +-Conflicts: yum-security < 1.1.20-0 +-Requires: yum >= 3.2.18 +- +-%description -n yum-plugin-security +-This plugin adds the options --security, --cve, --bz and --advisory flags +-to yum and the list-security and info-security commands. +-The options make it possible to limit list/upgrade of packages to specific +-security relevant ones. The commands give you the security information. +- + %package -n yum-plugin-upgrade-helper + Summary: Yum plugin to help upgrades to the next distribution version + Group: System Environment/Base +@@ -396,7 +382,6 @@ plugins="\ + tsflags \ + priorities \ + merge-conf \ +- security \ + upgrade-helper \ + aliases \ + list-data \ +@@ -565,13 +550,6 @@ fi + %config(noreplace) %{_sysconfdir}/yum/pluginconf.d/merge-conf.conf + %{pluginhome}/merge-conf.* + +-%files -n yum-plugin-security +-%defattr(-, root, root) +-%doc COPYING +-%config(noreplace) %{_sysconfdir}/yum/pluginconf.d/security.conf +-%{pluginhome}/security.* +-%{_mandir}/man8/yum-security.8.* +- + %files -n yum-plugin-upgrade-helper + %defattr(-, root, root) + %doc COPYING diff --git a/SOURCES/yum-utils-HEAD.patch b/SOURCES/yum-utils-HEAD.patch new file mode 100644 index 0000000..4db6be8 --- /dev/null +++ b/SOURCES/yum-utils-HEAD.patch @@ -0,0 +1,4891 @@ +diff --git a/COPYING b/COPYING +index e77696a..d159169 100644 +--- a/COPYING ++++ b/COPYING +@@ -1,12 +1,12 @@ +- GNU GENERAL PUBLIC LICENSE +- Version 2, June 1991 ++ GNU GENERAL PUBLIC LICENSE ++ Version 2, June 1991 + +- Copyright (C) 1989, 1991 Free Software Foundation, Inc. +- 675 Mass Ave, Cambridge, MA 02139, USA ++ Copyright (C) 1989, 1991 Free Software Foundation, Inc., ++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +- Preamble ++ Preamble + + The licenses for most software are designed to take away your + freedom to share and change it. By contrast, the GNU General Public +@@ -15,7 +15,7 @@ software--to make sure the software is free for all its users. This + General Public License applies to most of the Free Software + Foundation's software and to any other program whose authors commit to + using it. (Some other Free Software Foundation software is covered by +-the GNU Library General Public License instead.) You can apply it to ++the GNU Lesser General Public License instead.) You can apply it to + your programs, too. + + When we speak of free software, we are referring to freedom, not +@@ -55,8 +55,8 @@ patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and + modification follow. +- +- GNU GENERAL PUBLIC LICENSE ++ ++ GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +@@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions: + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) +- ++ + These requirements apply to the modified work as a whole. If + identifiable sections of that work are not derived from the Program, + and can be reasonably considered independent and separate works in +@@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent + access to copy the source code from the same place counts as + distribution of the source code, even though third parties are not + compelled to copy the source along with the object code. +- ++ + 4. You may not copy, modify, sublicense, or distribute the Program + except as expressly provided under this License. Any attempt + otherwise to copy, modify, sublicense or distribute the Program is +@@ -225,7 +225,7 @@ impose that choice. + + This section is intended to make thoroughly clear what is believed to + be a consequence of the rest of this License. +- ++ + 8. If the distribution and/or use of the Program is restricted in + certain countries either by patents or by copyrighted interfaces, the + original copyright holder who places the Program under this License +@@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals + of preserving the free status of all derivatives of our free software and + of promoting the sharing and reuse of software generally. + +- NO WARRANTY ++ NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY + FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +@@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER + PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE + POSSIBILITY OF SUCH DAMAGES. + +- END OF TERMS AND CONDITIONS +- +- How to Apply These Terms to Your New Programs ++ END OF TERMS AND CONDITIONS ++ ++ How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest + possible use to the public, the best way to achieve this is to make it +@@ -291,7 +291,7 @@ convey the exclusion of warranty; and each file should have at least + the "copyright" line and a pointer to where the full notice is found. + + +- Copyright (C) 19yy ++ Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -303,16 +303,16 @@ the "copyright" line and a pointer to where the full notice is found. + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + +- You should have received a copy of the GNU General Public License +- along with this program; if not, write to the Free Software +- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ You should have received a copy of the GNU General Public License along ++ with this program; if not, write to the Free Software Foundation, Inc., ++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Also add information on how to contact you by electronic and paper mail. + + If the program is interactive, make it output a short notice like this + when it starts in an interactive mode: + +- Gnomovision version 69, Copyright (C) 19yy name of author ++ Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. +@@ -335,5 +335,5 @@ necessary. Here is a sample; alter the names: + This General Public License does not permit incorporating your program into + proprietary programs. If your program is a subroutine library, you may + consider it more useful to permit linking proprietary applications with the +-library. If this is what you want to do, use the GNU Library General ++library. If this is what you want to do, use the GNU Lesser General + Public License instead of this License. +diff --git a/ChangeLog b/ChangeLog +index bc802f6..e9be2e4 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -3370,7 +3370,7 @@ + 2008-08-04 James Antill + + * yum-builddep.py: Allow yum-builddep to use "extras" +- (installed/not-available pacakges ++ (installed/not-available packages + + 2008-08-04 James Antill + +diff --git a/debuginfo-install.py b/debuginfo-install.py +index 177c6c3..0f026f1 100755 +--- a/debuginfo-install.py ++++ b/debuginfo-install.py +@@ -7,11 +7,11 @@ + # This program is distributed in the hope that it will be useful, + # but WITHOUT ANY WARRANTY; without even the implied warranty of + # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-# GNU Library General Public License for more details. ++# GNU General Public License for more details. + # + # You should have received a copy of the GNU General Public License +-# along with this program; if not, write to the Free Software +-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ++# along with this program; if not, write to the Free Software Foundation, ++# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + # Copyright 2007 Seth Vidal + + import sys +@@ -52,7 +52,12 @@ class DebugInfoInstall(YumUtilBase): + action="store_true", + help="Turn off automatic installation/update of the yum debuginfo plugin") + +- self.main() ++ self.done = set() ++ try: ++ self.main() ++ except yum.Errors.YumBaseError, e: ++ print e ++ sys.exit(1) + + def doUtilConfigSetup(self, *args, **kwargs): + """ We override this to get our extra option out. """ +@@ -117,6 +122,9 @@ class DebugInfoInstall(YumUtilBase): + sys.exit(self.doUtilTransaction()) + + def di_try_install(self, po): ++ if po in self.done: ++ return ++ self.done.add(po) + if po.name.endswith('-debuginfo'): # Wildcard matches produce this + return + di_name = '%s-debuginfo' % po.name +@@ -156,6 +164,10 @@ class DebugInfoInstall(YumUtilBase): + self.di_try_install(deppo) + except yum.Errors.InstallError, e: + self.logger.critical('Could not find debuginfo pkg for dependency package %s' % deppo) ++ ++ for pkgname in u: ++ self.logger.critical('Could not find a package for: %s' % pkgname) ++ + # This is kinda hacky, accessing the option from the plugins code + # but I'm not sure of a better way of doing it + if not self.no_debuginfo_plugin and self.tsInfo: +diff --git a/docs/Makefile b/docs/Makefile +index d01c1e4..acb8559 100644 +--- a/docs/Makefile ++++ b/docs/Makefile +@@ -1,7 +1,9 @@ + DOCS = repoquery package-cleanup repo-rss yumdownloader yum-builddep yum-changelog reposync \ + yum-list-data yum-filter-data yum-verify yum-utils yum-aliases yum-debug-dump yum-versionlock \ + yum-groups-manager debuginfo-install repodiff yum-fs-snapshot \ +- show-installed show-changed-rco ++ show-installed show-changed-rco yum-debug-restore \ ++ find-repos-of-install needs-restarting repo-graph repoclosure \ ++ repomanage repotrack verifytree yum-config-manager + DOCS5 = yum-changelog.conf yum-versionlock.conf yum-fs-snapshot.conf + DOCS8 = yum-security yum-complete-transaction yumdb + +diff --git a/docs/debuginfo-install.1 b/docs/debuginfo-install.1 +index a47e28a..a829869 100644 +--- a/docs/debuginfo-install.1 ++++ b/docs/debuginfo-install.1 +@@ -1,7 +1,7 @@ + .\" debuginfo-install + .TH "debuginfo-install" "1" "21 October 2008" "James Antill" "" + .SH "NAME" +-debuginfo-install ++debuginfo-install \- install debuginfo packages and their dependencies + .SH "SYNOPSIS" + \fBdebuginfo-install\fP package + .SH "DESCRIPTION" +diff --git a/docs/find-repos-of-install.1 b/docs/find-repos-of-install.1 +new file mode 100644 +index 0000000..77be909 +--- /dev/null ++++ b/docs/find-repos-of-install.1 +@@ -0,0 +1,51 @@ ++.\" find-repos-of-install ++.TH "find-repos-of-install" "1" "13 January 2013" "" "" ++.SH "NAME" ++find-repos-of-install \- report which Yum repository a package was installed from ++.SH "SYNOPSIS" ++\fBfind-repos-of-install\fP [options] package1 [package2...] ++.SH "DESCRIPTION" ++.PP ++\fBfind-repos-of-install\fP is a program which reports the Yum repository that ++a specified package was installed from. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-\-version\fP" ++Report program version and exit. ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-\-repoid=REPOID\fP" ++Specify repo ids to query, can be specified multiple times (default is ++all enabled). ++.IP "\fB\-\-enablerepo=ENABLEREPOS\fP" ++In addition to the default set, query the given additional repository, even if ++it is disabled in YUM configuration. Can be used multiple times. ++.IP "\fB\-\-disablerepo=DISABLEREPOS\fP" ++Do not query the given repository, even if it is enabled in YUM ++configuration. Can be used multiple times. ++.IP "\fB\-\-repofrompath=REPOID,PATH/URL\fP" ++Specify a path or url to a repository (same path as in a baseurl) to add to ++the repositories for this query. This option can be used multiple times. If ++you want to view only the pkgs from this repository combine this with ++\-\-repoid. The repoid for the repository is specified by REPOID. ++.IP "\fB\-C, \-\-cache\fP" ++Tells repoquery to run entirely from YUM cache - does not download any metadata ++or update the cache. Queries in this mode can fail or give partial/incorrect ++results if the cache isn't fully populated beforehand with eg "yum makecache". ++.IP "\fB\-\-tempcache\fP" ++Use a temp dir for storing/accessing yum-cache. ++.IP "\fB\-\-sync2yumdb\fP" ++Sync anything that is found to the yumdb, if available. ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH AUTHORS ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/needs-restarting.1 b/docs/needs-restarting.1 +new file mode 100644 +index 0000000..74b1904 +--- /dev/null ++++ b/docs/needs-restarting.1 +@@ -0,0 +1,29 @@ ++.\" needs-restarting ++.TH "needs-restarting" "1" "13 January 2013" "" "" ++.SH "NAME" ++needs-restarting \- report running processes that have been updated ++.SH "SYNOPSIS" ++\fBneeds-restarting\fP [options] ++.SH "DESCRIPTION" ++.PP ++\fBneeds-restarting\fP is a program that reports a list of process ids that ++started running before they or some component that they use were updated. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-u, \-\-useronly\fP" ++Show processes for my userid only. ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH "AUTHORS" ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/package-cleanup.1 b/docs/package-cleanup.1 +index 867cf4d..61959ac 100644 +--- a/docs/package-cleanup.1 ++++ b/docs/package-cleanup.1 +@@ -1,7 +1,7 @@ + .\" package-cleanup + .TH "package-cleanup" "1" "03 November 2005" "Gijs Hollestelle" "" + .SH "NAME" +-package-cleanup ++package-cleanup \- clean up locally installed, duplicate, or orphaned packages + .SH "SYNOPSIS" + \fBpackage-cleanup\fP [options] + .SH "DESCRIPTION" +@@ -14,7 +14,7 @@ Use alternative config file (default is /etc/yum.conf). + .IP "\fB\-h, \-\-help\fP" + Help; display a help message and then quit\&. + .IP "\fB\-q, \-\-quiet\fP" +-Print out nothing unecessary. ++Print out nothing unnecessary. + .IP "\fB\-v, \-\-version\fP" + Report program version and exit. + .IP "\fB\-y\fP" +@@ -36,6 +36,8 @@ Scan for duplicates in the local RPM database. + .IP "\fB\-\-cleandupes\fP" + Scan for duplicates in the local RPM database and clean out the + older versions. ++.IP "\fB\-\-count \fP" ++Number of duplicate/kernel packages to keep on the system (default 2) + .PP + .SH "LEAVES OPTIONS" + .IP "\fB\-\-all\fP" +@@ -49,21 +51,19 @@ When listing leaf nodes do not list development packages. + When listing leaf nodes do not list packages with files in bin directories. + .PP + .SH "OLDKERNELS OPTIONS" +-.IP "\fB\-\-count \fP" +-Number of kernel packages to keep on the system (default 2) + .IP "\fB\-\-keepdevel\fP" + Do not remove kernel-devel packages when removing kernels + + .SH "EXAMPLES" + .IP "List all dependency problems:" +-\fBpackage-cleanup --problems\fP ++\fBpackage-cleanup \-\-problems\fP + .IP "List all packages that are not in any Yum repository:" +-\fBpackage-cleanup --orphans\fP ++\fBpackage-cleanup \-\-orphans\fP + .IP "Remove old kernels keeping 3 and leaving old kernel-devel packages installed:" +-\fBpackage-cleanup --oldkernels --count=3 --keepdevel\fP ++\fBpackage-cleanup \-\-oldkernels \-\-count=3 \-\-keepdevel\fP + .PP + .IP "List all leaf packages with no files in a bin directory whose name begins with either 'perl' or 'python':" +-\fBpackage-cleanup --leaves --exclude-bin --leaf-regex="^(perl)|(python)"\fP ++\fBpackage-cleanup \-\-leaves \-\-exclude\-bin \-\-leaf\-regex="^(perl)|(python)"\fP + .PP + .SH "FILES" + As package-cleanup uses YUM libraries for retrieving all the information, it +diff --git a/docs/repo-graph.1 b/docs/repo-graph.1 +new file mode 100644 +index 0000000..9bdbb20 +--- /dev/null ++++ b/docs/repo-graph.1 +@@ -0,0 +1,32 @@ ++.\" repo-graph ++.TH "repo-graph" "1" "13 January 2013" "" "" ++.SH "NAME" ++repo-graph \- output a full package dependency graph in dot format ++.SH "SYNOPSIS" ++\fBrepo-graph\fP [options] ++.SH "DESCRIPTION" ++.PP ++\fBrepo-graph\fP is a program that generates a full package dependency list ++from a yum repository and outputs it in dot format. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-\-repoid=REPOID\fP" ++Specify repo ids to query, can be specified multiple times (default is ++all enabled). ++.IP "\fB\-c CONFIG\fP" ++Config file to use (defaults to /etc/yum.conf). ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH "AUTHORS" ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/repo-rss.1 b/docs/repo-rss.1 +index 90788b8..62e00cc 100644 +--- a/docs/repo-rss.1 ++++ b/docs/repo-rss.1 +@@ -1,7 +1,7 @@ + .\" repo-rss + .TH "repo-rss" "1" "2005" "Seth Vidal" "" + .SH "NAME" +-repo-rss ++repo-rss \- generates an RSS feed from one or more Yum repositories + .SH "SYNOPSIS" + \fBrepo-rss\fP [options] repoid1 [repoid2...] + .SH "DESCRIPTION" +@@ -28,7 +28,7 @@ default for non-root users. + + .SH "EXAMPLES" + .IP "Generate an RSS for the updates-released repository and save it as updates-release.xml:" +-\fBrepo-rss -f updates-released.xml updates-released\fP ++\fBrepo-rss \-f updates-released.xml updates-released\fP + .PP + .SH "FILES" + As repo-rss uses YUM libraries for retrieving all the information, it +diff --git a/docs/repoclosure.1 b/docs/repoclosure.1 +new file mode 100644 +index 0000000..e0f7091 +--- /dev/null ++++ b/docs/repoclosure.1 +@@ -0,0 +1,57 @@ ++.\" repoclosure ++.TH "repoclosure" "1" "13 January 2013" "" "" ++.SH "NAME" ++repoclosure \- display a list of unresolved dependencies for a yum repository ++.SH "SYNOPSIS" ++\fBrepoclosure\fP [options] ++.SH "DESCRIPTION" ++.PP ++\fBrepoclosure\fP is a program that reads package metadata from one or more yum ++repositories, checks all dependencies, and displays a list of packages with ++unresolved dependencies. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-c CONFIG, \-\-config=CONFIG\fP" ++Config file to use (defaults to /etc/yum.conf). ++.IP "\fB\-a ARCH, \-\-arch=ARCH\fP" ++Check packages of the given archs, can be specified multiple times (default: ++current arch). ++.IP "\fB\-\-basearch=BASEARCH\fP" ++Set the basearch for yum to run as. ++.IP "\fB\-b, \-\-builddeps\fP" ++Check build dependencies only (needs source repos enabled). ++.IP "\fB\-l LOOKASIDE, \-\-lookaside=LOOKASIDE\fP" ++Specify a lookaside repo id to query, can be specified multiple times. ++.IP "\fB\-r REPOID, \-\-repoid=REPOID\fP" ++Specify repo ids to query, can be specified multiple times (default is ++all enabled). ++.IP "\fB\-t, \-\-tempcache\fP" ++Use a temp dir for storing/accessing yum-cache. ++.IP "\fB\-q, \-\-quiet\fP" ++Run quietly: no warnings printed to stderr. ++.IP "\fB\-n, \-\-newest\fP" ++Check only the newest packages in the repos. ++.IP "\fB\-\-repofrompath=REPOID,PATH/URL\fP" ++Specify a path or url to a repository (same path as in a baseurl) to add to ++the repositories for this query. This option can be used multiple times. If ++you want to view only the pkgs from this repository combine this with ++\-\-repoid. The repoid for the repository is specified by REPOID. ++.IP "\fB\-p PKG, \-\-pkg=PKG\fP" ++Check closure for this package only ++.IP "\fB\-g GROUP, \-\-group=GROUP\fP" ++Check closure for packages in this group only ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH "AUTHORS" ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/repodiff.1 b/docs/repodiff.1 +index c421c5d..75a8860 100644 +--- a/docs/repodiff.1 ++++ b/docs/repodiff.1 +@@ -1,37 +1,45 @@ + .\" repodiff + .TH "repodiff" "1" "21 October 2008" "James Antill" "" + .SH "NAME" +-repodiff ++repodiff \- list differences between two or more Yum repositories + .SH "SYNOPSIS" +-\fBrepodiff\fP --old=old_repo_baseurl --new=new_repo_baseurl ++\fBrepodiff\fP \-\-old=old_repo_baseurl \-\-new=new_repo_baseurl + .SH "DESCRIPTION" + .PP + \fBrepodiff\fP is a program which will list differences between two sets of + repositories. \fBNote\fP that by default only source packages are compared. + .PP + .SH "GENERAL OPTIONS" +-.IP "\fB\-\-old, -o\fP" +-Add a repo. as an old repo. +-.IP "\fB\-\-new, -n\fP" +-Add a repo. as an new repo. +-.IP "\fB\-\-archlist, -a\fP" ++.IP "\fB\-\-old, \-o\fP" ++Add a repo. as an old repo. Note that if you prefix the url with "mirror:" then ++the following url is treated as a mirror and not a baseurl. ++.IP "\fB\-\-new, \-n\fP" ++Add a repo. as an new repo. Note that if you prefix the url with "mirror:" then ++the following url is treated as a mirror and not a baseurl. ++.IP "\fB\-\-archlist, \-a\fP" + Add architectures to change the default from just comparing source packages. + Note that if you want the same as a native + "x86_64" architecture machine you just need to pass "x86_64" (this is different + from earlier versions where you needed to specify + "x86_64,athlon,i686,i586,i486,i386,noarch" and you still got "src"). +-.IP "\fB\-\-size, -s\fP" +-Ouput additional data about the size of the changes. +-.IP "\fB\-\-compare-arch\fP" ++.IP "\fB\-\-size, \-s\fP" ++Output additional data about the size of the changes. ++.IP "\fB\-\-compare\-arch\fP" + Normally packages are just compared based on their name, this flag makes the + comparison also use the arch. So foo.i386 and foo.x86_64 are different. ++.IP "\fB\-\-simple\fP" ++Output a simple one line message for modified packages. ++.IP "\fB\-\-downgrade\fP" ++Split the data for modified packages between upgraded and downgraded packages. + .SH "EXAMPLES" + .IP "Compare source pkgs in two local repos:" +-\fBrepodiff --old=/tmp/repo-old --new=/tmp/repo-new\fP ++\fBrepodiff \-\-old=/tmp/repo-old \-\-new=/tmp/repo-new\fP + .IP "Compare x86_64 compat. binary pkgs in two remote repos, and two local one:" +-\fBrepodiff -a x86_64 --old=http://example.com/repo1-old --old=/tmp/repo-old --new=http://example.com/repo1-new --new=/tmp/repo-new\fP ++\fBrepodiff \-a x86_64 \-\-old=http://example.com/repo1-old \-\-old=/tmp/repo-old \-\-new=http://example.com/repo1-new \-\-new=/tmp/repo-new\fP + .IP "Compare x86_64 compat. binary pkgs, but also compare arch:" +-\fBrepodiff -a x86_64 --compare-arch --old=http://example.com/repo1-old --old=/tmp/repo-old --new=http://example.com/repo1-new --new=/tmp/repo-new\fP ++\fBrepodiff \-a x86_64 \-\-compare\-arch \-\-old=http://example.com/repo1-old \-\-old=/tmp/repo-old \-\-new=http://example.com/repo1-new \-\-new=/tmp/repo-new\fP ++.IP "Compare two releases of Fedora (15 => 16):" ++\fBrepodiff \-\-old='mirror:https://mirrors.fedoraproject.org/metalink?repo=fedora-source-15&arch=i386' \-\-new='mirror:https://mirrors.fedoraproject.org/metalink?repo=fedora-source-16&arch=i386' \-\-size \-\-simple \-\-downgrade\fP + .PP + + .SH "SEE ALSO" +diff --git a/docs/repomanage.1 b/docs/repomanage.1 +new file mode 100644 +index 0000000..4d336a5 +--- /dev/null ++++ b/docs/repomanage.1 +@@ -0,0 +1,38 @@ ++.\" repomanage ++.TH "repomanage" "1" "13 January 2013" "" "" ++.SH "NAME" ++repomanage \- list the newest or oldest RPM packages in a directory ++.SH "SYNOPSIS" ++\fBrepomanage\fP [options] directory ++.SH "DESCRIPTION" ++.PP ++\fBrepomanage\fP is a program to manage a directory of RPM packages. It ++displays a list of the newest or oldest packages in a directory for easy ++piping to xargs or similar programs. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-o, \-\-old\fP" ++Print the oldest packages. ++.IP "\fB\-n, \-\-new\fP" ++Print the newest packages. ++.IP "\fB\-s, \-\-space\fP" ++Space-separated instead of newline-separated output. ++.IP "\fB\-k KEEP, \-\-keep=KEEP\fP" ++Newest N packages to keep - defaults to 1. ++.IP "\fB\-c, \-\-nocheck\fP" ++Do not check package payload signatures/digests. ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH "AUTHORS" ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/repoquery.1 b/docs/repoquery.1 +index f5a8c5d..30fda8a 100644 +--- a/docs/repoquery.1 ++++ b/docs/repoquery.1 +@@ -1,11 +1,11 @@ + .\" repoquery + .TH "repoquery" "1" "17 October 2005" "Panu Matilainen" "" + .SH "NAME" +-repoquery ++repoquery \- query information from Yum repositories + .SH "SYNOPSIS" + \fBrepoquery\fP [options] + .br +-\fBrepoquery\fP -a [options] ++\fBrepoquery\fP \-a [options] + .SH "DESCRIPTION" + .PP + \fBrepoquery\fP is a program for querying information from YUM repositories +@@ -18,7 +18,7 @@ List valid queryformat tags and exit.. + Report program version and exit. + .IP "\fB\-\-repoid=\fP" + Specify which repository to query. Using this option disables all repositories +-not explicitly enabled with --repoid option (can be used multiple times). By ++not explicitly enabled with \-\-repoid option (can be used multiple times). By + default repoquery uses whatever repositories are enabled in YUM configuration. + .IP "\fB\-\-enablerepo=\fP" + In addition to the default set, query the given additional repository, even if +@@ -30,7 +30,7 @@ configuration. Can be used multiple times. + Specify a path or url to a repository (same path as in a baseurl) to add to + the repositories for this query. This option can be used multiple times. If + you want to view only the pkgs from this repository combine this with +---repoid. The repoid for the repository is specified by . ++\-\-repoid. The repoid for the repository is specified by . + .IP "\fB\-\-plugins\fP" + Enable YUM plugin support. + .IP "\fB\-q, \-\-query\fP" +@@ -57,6 +57,13 @@ the releasever information from outside the installroot. + Note that with the default upstream cachedir, of /var/cache/yum, using this + option will corrupt your cache (and you can use $releasever in your cachedir + configuration to stop this). ++.IP "\fB\-\-installroot=root\fP" ++Specifies an alternative installroot, relative to which all packages will be ++installed. Think of this like doing "chroot yum" except using ++\-\-installroot allows yum to work before the chroot is created. ++Note: You may also want to use the option \-\-releasever=/ when creating the ++installroot as otherwise the $releasever value is taken from the rpmdb within ++the installroot (and thus. will be empty, before creation). + .IP "\fB\-\-setopt=option=value\fP" + Set any config option in yum config or repo files. For options in the global + config just use: \-\-setopt=option=value for repo options use: \-\-setopt=repoid.option=value +@@ -64,13 +71,13 @@ config just use: \-\-setopt=option=value for repo options use: \-\-setopt=repoid + .PP + .SH "PACKAGE QUERY OPTIONS" + .IP "\fB\-i, \-\-info\fP" +-Show general information about package similarly to "rpm -qi" ++Show general information about package similarly to "rpm \-qi" + .IP "\fB\-l, \-\-list\fP" + List files in package. + .IP "\fB\-R, \-\-requires\fP" + List package dependencies. + .IP "\fB\-\-resolve\fP" +-When used with --requires, resolve capabilities to originating packages. ++When used with \-\-requires, resolve capabilities to originating packages. + .IP "\fB\-\-provides\fP" + List capabilities package provides. + .IP "\fB\-\-obsoletes\fP" +@@ -81,7 +88,7 @@ List capabilities conflicting with package. + List package changelog. + .IP "\fB\-\-location\fP" + Show a location where the package could be downloaded from. +-For example: \fBwget `repoquery --location yum`\fP ++For example: \fBwget `repoquery \-\-location yum`\fP + .IP "\fB\-s, \-\-source\fP" + Show package source RPM name. + .IP "\fB\-\-srpm\fP" +@@ -95,16 +102,16 @@ Use name-epoch:version-release.architecture output format (default) + .IP "\fB\-\-envra\fP" + Use epoch:name-version-release.architecture output format + (easier to parse than nevra) +-.IP "\fB\--qf=FORMAT, \-\-queryformat=FORMAT\fP" ++.IP "\fB\-\-qf=FORMAT, \-\-queryformat=FORMAT\fP" + Specify custom output format for queries. You can add ":date", ":day" and + ":isodate" to all the tags that are a time, and you can add ":k", ":m", ":g", + ":t" and ":h" to sizes. You can also specify field width as in + sprintf (Eg. %-20{name}) + .IP "\fB\-\-output [text|ascii-tree|dot-tree]\fP" +-Output format which can be used with --requires/--whatrequires/--obsoletes/--conflicts. ++Output format which can be used with \-\-requires/\-\-whatrequires/\-\-obsoletes/\-\-conflicts. + Default output is 'text'. + .IP "\fB\-\-level [all|any int]\fP" +-In combination with --output ascii-tree|dot-tree this option specifies the ++In combination with \-\-output ascii-tree|dot-tree this option specifies the + number of level to print on the tree. Default level is 'all'. + .PP + +@@ -112,6 +119,8 @@ number of level to print on the tree. Default level is 'all'. + .IP "\fB\-a, \-\-all\fP" + Query all available packages (for rpmquery compatibility / shorthand for + repoquery '*') ++.IP "\fB\--show-duplicates\fP" ++Query all versions of packages. + .IP "\fB\-f, \-\-file FILE\fP" + Query package owning FILE. + .IP "\fB\-\-whatobsoletes CAPABILITY\fP" +@@ -123,14 +132,15 @@ Query all packages that provide CAPABILITY. + .IP "\fB\-\-whatrequires CAPABILITY\fP" + Query all packages that require CAPABILITY. + .IP "\fB\-\-alldeps\fP" +-When used with --whatrequires, look for non-explicit dependencies in ++When used with \-\-whatrequires, look for non-explicit dependencies in + addition to explicit ones (e.g. files and Provides in addition to + package names). This is the default. + .IP "\fB\-\-exactdeps\fP" +-When used with --whatrequires, search for dependencies only exactly as given. +-This is effectively the opposite of --alldeps. ++When used with \-\-whatrequires, search for dependencies only exactly as given. ++This is effectively the opposite of \-\-alldeps. + .IP "\fB\-\-recursive\fP" +-When used with --whatrequires, query packages recursively. ++When used with \-\-whatrequires, and \-\-requires \-\-resolve, query packages ++recursively. + .IP "\fB\-\-archlist=ARCH1[,ARCH2...]\fP" + Limit the query to packages of given architecture(s). Valid values are all + architectures known to rpm/yum such as 'i386' and 'src' for +@@ -166,19 +176,19 @@ Query groups instead of packages. + + .SH "EXAMPLES" + .IP "List all packages whose name contains 'perl':" +-\fBrepoquery '*perl*'\fP ++\fBrepoquery \(aq*perl*\(aq\fP + .IP "List all packages depending on openssl:" +-\fBrepoquery --whatrequires openssl\fP ++\fBrepoquery \-\-whatrequires openssl\fP + .IP "List all package names and the repository they come from, nicely formatted:" +-\fBrepoquery -a --qf "%-20{repoid} %{name}"\fP ++\fBrepoquery \-a \-\-qf "%-20{repoid} %{name}"\fP + .IP "List name and summary of all available updates (if any), nicely formatted:" +-\fBrepoquery -a --pkgnarrow=updates --qf "%{name}:\\n%{summary}\\n"\fP ++\fBrepoquery \-a \-\-pkgnarrow=updates \-\-qf "%{name}:\\n%{summary}\\n"\fP + .IP "List optional packages in base group:" +-\fBrepoquery -g --grouppkgs=optional -l base\fP ++\fBrepoquery \-g \-\-grouppkgs=optional \-l base\fP + .IP "List build requirements from 'anaconda' source rpm:" +-\fBrepoquery --requires anaconda.src\fP ++\fBrepoquery \-\-requires anaconda.src\fP + .IP "List packages which BuildRequire gail-devel" +-\fBrepoquery --archlist=src --whatrequires gail-devel\fP ++\fBrepoquery \-\-archlist=src \-\-whatrequires gail-devel\fP + NB: This command will only work if you have repositories enabled which include srpms. + + .\"TODO: Add more examples... +@@ -204,7 +214,7 @@ of the following: + .br + \fBepoch:name-ver-rel.arch\fP + .IP +-For example: \fBrepoquery -l kernel-2.4.1-10.i686\fP ++For example: \fBrepoquery \-l kernel-2.4.1-10.i686\fP + .br + Additionally wildcards (shell-style globs) can be used. + +diff --git a/docs/reposync.1 b/docs/reposync.1 +index c1bc818..29043fb 100644 +--- a/docs/reposync.1 ++++ b/docs/reposync.1 +@@ -1,7 +1,7 @@ + .\" reposync + .TH "reposync" "1" "27 April 2007" "" "" + .SH "NAME" +-reposync - synchronize yum repositories to a local directory ++reposync \- synchronize yum repositories to a local directory + .SH "SYNOPSIS" + \fBreposync\fP [options] + .SH "DESCRIPTION" +@@ -14,7 +14,7 @@ Display a help message, and then quit. + Config file to use (defaults to /etc/yum.conf). + .IP "\fB\-a ARCH, \-\-arch=ARCH\fP" + Act as if running the specified arch (default: current arch, note: does +-not override $releasever). ++not override $releasever. x86_64 is a superset for i*86.). + .IP "\fB\-\-source\fP" + Also download .src.rpm files. + .IP "\fB\-r REPOID, \-\-repoid=REPOID\fP" +@@ -26,21 +26,26 @@ Use a temp dir for storing/accessing yum-cache. + Path to download packages to: defaults to current directory. + .IP "\fB\-g, \-\-gpgcheck\fP" + Remove packages that fail GPG signature checking after downloading. ++exit status is '1' if at least one package was removed. + .IP "\fB\-u, \-\-urls\fP" + Just list urls of what would be downloaded, don't download. +-.IP "\fB\-n, \-\-newest-only\fP" ++.IP "\fB\-l, \-\-plugins\fP" ++Enable yum plugin support. ++.IP "\fB\-n, \-\-newest\-only\fP" + Download only newest packages per-repo. + .IP "\fB\-q, \-\-quiet\fP" + Output as little information as possible. + .SH "EXAMPLES" + .IP "Sync all packages from the 'updates' repo to the current directory:" +-\fB reposync --repoid=updates\fP ++\fB reposync \-\-repoid=updates\fP + .IP "Sync only the newest packages from the 'updates' repo to the current directory:" +-\fB reposync -n --repoid=updates\fP ++\fB reposync \-n \-\-repoid=updates\fP + .IP "Sync packages from the 'updates' and 'extras' repos to the current directory:" +-\fB reposync --repoid=updates --repoid=extras\fP ++\fB reposync \-\-repoid=updates \-\-repoid=extras\fP + .IP "Sync all packages from the 'updates' repo to the \fBrepos\fP directory:" +-\fB reposync -p repos --repoid=updates\fP ++\fB reposync \-p repos \-\-repoid=updates\fP ++.IP "Sync all packages from the 'updates' repo to the \fBrepos\fP directory excluding x86_64 arch. Edit \fI/etc/yum.conf\fR adding option \fBexclude=*.x86_64\fR. Then: ++\fBreposync \-p repos \-\-repoid=updates\fP + .SH "FILES" + \fBreposync\fP uses the yum libraries for retrieving information and + packages. If no configuration file is specified, the default yum +diff --git a/docs/repotrack.1 b/docs/repotrack.1 +new file mode 100644 +index 0000000..6b46ed0 +--- /dev/null ++++ b/docs/repotrack.1 +@@ -0,0 +1,44 @@ ++.\" repotrack ++.TH "repotrack" "1" "13 January 2013" "" "" ++.SH "NAME" ++repotrack \- track a package and its dependencies and download them ++.SH "SYNOPSIS" ++\fBrepotrack\fP [options] package1 [package2...] ++.SH "DESCRIPTION" ++.PP ++\fBrepotrack\fP is a program for keeping track of a particular package and its ++dependencies. It will download one or more packages and all dependencies. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-c CONFIG, \-\-config=CONFIG\fP" ++Config file to use (defaults to /etc/yum.conf). ++.IP "\fB\-a ARCH, \-\-arch=ARCH\fP" ++Act as if running the specified arch (default: current arch). ++.IP "\fB\-r REPOID, \-\-repoid=REPOID\fP" ++Specify repo ids to query, can be specified multiple times (default is ++all enabled). ++.IP "\fB\-t, \-\-tempcache\fP" ++Use a temp dir for storing/accessing yum-cache. ++.IP "\fB\-p DESTDIR, \-\-download_path=DESTDIR\fP" ++Path to download packages to. ++.IP "\fB\-u, \-\-urls\fP" ++Instead of downloading RPMs, list the URLs that would be downloaded. ++.IP "\fB\-n, \-\-newest\fP" ++Toggle downloading only the newest packages (defaults to newest-only). ++.IP "\fB\-q, \-\-quiet\fP" ++Output as little information as possible. ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH "AUTHORS" ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/show-changed-rco.1 b/docs/show-changed-rco.1 +index 3e3b62c..a88c942 100644 +--- a/docs/show-changed-rco.1 ++++ b/docs/show-changed-rco.1 +@@ -1,17 +1,17 @@ + .\" show-changed-rco + .TH "show-installed" "1" "30 March 2011" "James Antill" "" + .SH "NAME" +-show\-changed-\-rco ++show\-changed\-rco \- show changes in an RPM package + .SH "SYNOPSIS" +-\fBshow\-changed-\-rco\fP [options] ++\fBshow\-changed\-rco\fP [options] + .SH "DESCRIPTION" + .PP +-\fBshow\-changed-\-rco\fP gives a compact description of the changes to a ++\fBshow\-changed\-rco\fP gives a compact description of the changes to a + packages Requires, Conflicts and Obsoletes data from the installed (or old) to + a specified rpm file. + .SH OPTIONS + .TP +-.IP \-h, \-\-help ++.IP "\fB\-h, \-\-help\fP" + show this help message and exit + .IP "\fB\-C, \-\-cache\fP" + Tells repoquery to run entirely from YUM cache - does not download any metadata +@@ -22,7 +22,7 @@ Use alternative config file (default is /etc/yum.conf). + + .IP "\fB\-\-repoid=\fP" + Specify which repository to query. Using this option disables all repositories +-not explicitly enabled with --repoid option (can be used multiple times). By ++not explicitly enabled with \-\-repoid option (can be used multiple times). By + default repoquery uses whatever repositories are enabled in YUM configuration. + .IP "\fB\-\-enablerepo=\fP" + In addition to the default set, query the given additional repository, even if +@@ -34,13 +34,13 @@ configuration. Can be used multiple times. + Specify a path or url to a repository (same path as in a baseurl) to add to + the repositories for this query. This option can be used multiple times. If + you want to view only the pkgs from this repository combine this with +---repoid. The repoid for the repository is specified by . ++\-\-repoid. The repoid for the repository is specified by . + +-.IP "\fB\-\-old-packages=\fP" ++.IP "\fB\-\-old\-packages=\fP" + Explicitly list the valid old packages to match the new packages against. +-.IP "\fB\-\-ignore-arch\fP" ++.IP "\fB\-\-ignore\-arch\fP" + Ignore arch. so you can compare foo-2.i686 to foo-1.x86_64. +-.IP "\fB\-\-skip-new\fP" ++.IP "\fB\-\-skip\-new\fP" + Only give output for packages which we've found an old package for. + + .PP +diff --git a/docs/show-installed.1 b/docs/show-installed.1 +index 7072b63..0907ea2 100644 +--- a/docs/show-installed.1 ++++ b/docs/show-installed.1 +@@ -1,7 +1,7 @@ + .\" show-installed + .TH "show-installed" "1" "21 October 2010" "Florian Festi" "" + .SH "NAME" +-show\-installed ++show\-installed \- show installed RPM packages and descriptions + .SH "SYNOPSIS" + \fBshow\-installed\fP [options] + .SH "DESCRIPTION" +@@ -16,10 +16,10 @@ show this help message and exit + yum, kickstart or human; yum gives the result as a yum command line; kickstart the content of a %packages section; "human" readable is default. + .TP + .B \-i INPUT, \-\-input=INPUT +-File to read the package list from instead of using the rpmdb. \- for stdin. The file must contain package names only separated by white space (including newlines). rpm \-qa \-\-qf='%{name}\\n' produces proper output. ++File to read the package list from instead of using the rpmdb. \- for stdin. The file must contain package names only separated by white space (including newlines). rpm \-qa \-\-qf=\(aq%{name}\\n\(aq produces proper output. + .TP + .B \-o OUTPUT, \-\-output=OUTPUT +-File to write the result to. Stdout is used if option is omited. ++File to write the result to. Stdout is used if option is omitted. + .TP + .B \-q, \-\-quiet + Do not show warnings. +diff --git a/docs/verifytree.1 b/docs/verifytree.1 +new file mode 100644 +index 0000000..1389e0f +--- /dev/null ++++ b/docs/verifytree.1 +@@ -0,0 +1,33 @@ ++.\" verifytree ++.TH "verifytree" "1" "13 January 2013" "" "" ++.SH "NAME" ++verifytree \- verify that a local yum repository is consistent ++.SH "SYNOPSIS" ++\fBverifytree\fP [options] directory ++.SH "DESCRIPTION" ++.PP ++\fBverifytree\fP is a program that verifies whether a local yum repository is ++consistent. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-a, \-\-checkall\fP" ++Check all packages in the repository. ++.IP "\fB\-t TESTOPIA, \-\-testopia=TESTOPIA\fP" ++Report results to the given testopia run number. ++.IP "\fB\-r, \-\-treeinfo\fP" ++Check the checksums of listed files in a .treeinfo file, if available. ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH "AUTHORS" ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/yum-aliases.1 b/docs/yum-aliases.1 +index c0f148d..62fae3e 100644 +--- a/docs/yum-aliases.1 ++++ b/docs/yum-aliases.1 +@@ -26,9 +26,9 @@ last form creates a new alias. + .PP + .SH Explanation of alias to final result conversion + .PP +-When you type an aliased command, like "yum --disableexcludes UPT lsu" using ++When you type an aliased command, like "yum \-\-disableexcludes UPT lsu" using + the default aliases, the yum-aliases plugin first takes the first "command", by +-skiping over any options, and then looks up the result (in this case "UPT" is converted to "--enablerepo=updates-tesintg"). If there is a match, then it will ++skipping over any options, and then looks up the result (in this case "UPT" is converted to "\-\-enablerepo=updates-testing"). If there is a match, then it will + replace the aliased "command" in the argument list and try again (again + skipping over any options). By convention, in the default aliases list, alias + "commands" that are in all CAPS only add options so you can join together a +@@ -49,19 +49,19 @@ yum + .B alias + rm remove + .PP +-To always add the --skip-broken --disableexcludes=all --obsoletes options to ++To always add the \-\-skip\-broken \-\-disableexcludes=all \-\-obsoletes options to + the update command (but leaving the upgrade option alone), you could use: + .IP + yum + .B alias +-update \\update --skip-broken --disableexcludes=all --obsoletes ++update \\update \-\-skip\-broken \-\-disableexcludes=all \-\-obsoletes + .PP + To override the default "up" alias to use the above update command, and never + ask for confirmation, you could use: + .IP + yum + .B alias +-up update -y ++up update \-y + .br + + +diff --git a/docs/yum-builddep.1 b/docs/yum-builddep.1 +index 4e6c1d7..ac7601e 100644 +--- a/docs/yum-builddep.1 ++++ b/docs/yum-builddep.1 +@@ -1,7 +1,7 @@ + .\" yum-builddep + .TH "yum-builddep" "1" "17 July 2005 " "Panu Matilainen" "" + .SH "NAME" +-yum-builddep ++yum-builddep \- install missing dependencies for building an RPM package + .SH "SYNOPSIS" + \fByum-builddep\fP package + .SH "DESCRIPTION" +diff --git a/docs/yum-changelog.1 b/docs/yum-changelog.1 +index 64910dc..c7b5486 100644 +--- a/docs/yum-changelog.1 ++++ b/docs/yum-changelog.1 +@@ -14,12 +14,12 @@ is a Yum plugin for viewing package changelogs before/after updating. + yum will invoke + .BR yum-changelog(1) + plugin if the +-.B --changelog ++.B \-\-changelog + option or the + .B changelog + command is used with yum. + .SH OPTIONS +-.IP --changelog ++.IP \-\-changelog + Show changelog delta of updated packages + .SH COMMANDS + .IP changelog +@@ -53,7 +53,7 @@ changelog stats. 33 pkgs, 12 source pkgs, 1 changelog + .br + .br + # yum update ktechlab +-.B --changelog ++.B \-\-changelog + .br + Loading "changelog" plugin + .br +diff --git a/docs/yum-complete-transaction.8 b/docs/yum-complete-transaction.8 +index 945eee8..965c0b1 100644 +--- a/docs/yum-complete-transaction.8 ++++ b/docs/yum-complete-transaction.8 +@@ -1,13 +1,13 @@ + .\" yum-complete-transaction + .TH "yum-complete-transaction" "8" "10 December 2007" "Seth Vidal" "" + .SH "NAME" +-yum-complete-transaction ++yum-complete-transaction \- attempt to complete failed or aborted Yum transactions + .SH "SYNOPSIS" + \fByum-complete-transaction\fP [options] + .SH "GENERAL OPTIONS" + .IP "\fB\-h, \-\-help\fP" + Help; display a help message and then quit\&. +-.IP "\fB\-\-cleanup-only\fP" ++.IP "\fB\-\-cleanup\-only\fP" + Only clean up only transaction journal files and exit\&. + + .SH "DESCRIPTION" +diff --git a/docs/yum-config-manager.1 b/docs/yum-config-manager.1 +new file mode 100644 +index 0000000..81b895b +--- /dev/null ++++ b/docs/yum-config-manager.1 +@@ -0,0 +1,39 @@ ++.\" yum-config-manager ++.TH "yum-config-manager" "1" "13 January 2013" "" "" ++.SH "NAME" ++yum-config-manager \- manage yum configuration options and yum repositories ++.SH "SYNOPSIS" ++\fByum-config-manager\fP [options] ++.SH "DESCRIPTION" ++.PP ++\fByum-config-manager\fP is a program that can manage main yum configuration ++options, toggle which repositories are enabled or disabled, and add new ++repositories. ++.PP ++.SH "OPTIONS" ++.IP "\fB\-h, \-\-help\fP" ++Display a help message, and then quit. ++.IP "\fB\-\-save\fP" ++Save the current options (useful with \-\-setopt). ++.IP "\fB\-\-enable\fP" ++Enable the specified repos (automatically saves). ++.IP "\fB\-\-disable\fP" ++Disable the specified repos (automatically saves). ++.IP "\fB\-\-add\-repo=ADDREPO\fP" ++Add (and enable) the repo from the specified file or url. ++.SH "ADDITIONAL OPTIONS" ++Yum-config-manager inherits all other options from yum. See the yum(8) ++man page for more information. ++ ++.PP ++.SH "SEE ALSO" ++.nf ++.I yum.conf (5) ++http://yum.baseurl.org/ ++.fi ++ ++.PP ++.SH "AUTHORS" ++.nf ++See the Authors file included with this program. ++.fi +diff --git a/docs/yum-debug-dump.1 b/docs/yum-debug-dump.1 +index 0e65a07..3f1e2e5 100644 +--- a/docs/yum-debug-dump.1 ++++ b/docs/yum-debug-dump.1 +@@ -1,7 +1,7 @@ + .\" yum-debug-dump + .TH "yum-debug-dump" "1" "28 April 2008" "Seth Vidal" "" + .SH "NAME" +-yum-debug-dump ++yum-debug-dump \- write system RPM configuration to a debug-dump file + .SH "SYNOPSIS" + \fByum-debug-dump\fP + .SH "DESCRIPTION" +@@ -10,11 +10,15 @@ yum-debug-dump + lot of information useful to developers trying to debug a problem. + .PP + By default it will output a file to the current working directory named +-yum_debug_dump.txt.gz. This file contains no private information but does ++yum_debug_dump--