1. 22 Jun, 2021 1 commit
  2. 16 Jun, 2021 4 commits
    • Karel Koci's avatar
      Merge branch 'v69.1.3' · 1bb45704
      Karel Koci authored
      1bb45704
    • Karel Koci's avatar
      Version 69.1.3 · e84fce9b
      Karel Koci authored
      Changed
      * Error generated from Lua when URI is being finished now includes error
        message from downloader if it was download failure.
      e84fce9b
    • Karel Koci's avatar
      gitlab-ci: allow failure for linters · d1297737
      Karel Koci authored
      Linters in general sometimes do invalid assumptions and try to rather
      report possible issue over ignoring it. This makes them kind of
      unreliable as tests required for success. The failed tests are still
      manifested with alert but it clearly differentiates between just
      possible error and truly hones error detected in tests.
      d1297737
    • Karel Koci's avatar
      lib/uri_lua: append download error message on download fail · 0e9f9b33
      Karel Koci authored
      The download error reported on URI finish was handled by else branch
      that only printed error that download failed. This reaches to downloader
      for error message in case of download fail. This should expand info
      available to users on download fail.
      0e9f9b33
  3. 11 Jun, 2021 1 commit
    • Karel Koci's avatar
      Add FilesSignature support · 7a82e5b3
      Karel Koci authored
      We need this to cover case when files change in package without anything
      other changing. The issue this tries to cover is conflicts between
      packages because two packages provide same file but in reality that is
      only because local version is older than the one in repository. This
      forces reinstall and thus resolved such collision.
      7a82e5b3
  4. 28 May, 2021 2 commits
    • Karel Koci's avatar
      Version 69.1.2 · e6b3e14a
      Karel Koci authored
      Fixed
      - Immediate reboot not being performed when combined with replan that actually
        performs some changes in the system
      e6b3e14a
    • Karel Koci's avatar
      Fix issue where reboot wasn't performed because of replan · 8ad32a5e
      Karel Koci authored
      The replan correctly passed flag to pkgupdate that reboot has to be
      performed but if that run did any changes we unconditionally overwrote
      it. This fixes that.
      
      The test verifies that fix is really working by forcing installation and
      removal of package while at the same time requesting reboot.
      8ad32a5e
  5. 15 Apr, 2021 4 commits
    • Karel Koci's avatar
      Version 69.1.1 · f92ac353
      Karel Koci authored
      Fixed
      * error on transaction recovery created by updater before version 69.0.1
        about `upgraded_packages` being nil
      f92ac353
    • Karel Koci's avatar
      src/lib/lua/transaction: fix upgraded_packages packages being nil · 1273a2b7
      Karel Koci authored
      On update the old transaction created by updater version before 69.0.1
      does not contain this field. We should not expect it. In worst case it
      is going to be reported as not upgrade as it was previously.
      1273a2b7
    • Karel Koci's avatar
      Version 69.1.0 · a293ce66
      Karel Koci authored
      Changed
      * Package requests solver no longer tries to maximize number of selected
        requests but rahter follows strictly rules of requests priority
      * `Install` requests with same priority as `Unistall` are resolved first
      * `Install` and `Unistall` requests without condition as resolved before
        requests with condition given they have same priority specified.
      
      Removed
      * Error reported when request to install and unistall same package was
        specified
      a293ce66
    • Karel Koci's avatar
      Change how requests are resolved to have strict order · 815fd35c
      Karel Koci authored
      The original implementation tries to satisfy maximum number of requests
      in given priority level. This has been seen as ideal solution because
      this way most of the user's requests are satisfied.
      This changes this behavior to rather be strictly defined. This means
      that we do not care about number of requests satisfied. We care only
      about priority of request and satisfy them in order.
      
      This also removes error raised when there was Install and Uninstall
      request for same package with same priority. Now Install request is
      simply preferred.
      
      This was required because of conditions. The demonstration of this issue
      can be done on two packages. Let's have package 'a' and 'b'. There are
      three requests of same priority:
      * To install 'a'
      * To unistall 'b'
      * To install 'b' with condition 'a'
      The intuitive resolution is that user clearly wants to install 'a' and
      not to have 'b'. The third request need not apply as there is more
      accurate request to not have 'b'.
      The original implementation tries to solve this by maximizing number of
      satisfied requests. This has three solution, which is on its own pretty
      problematic. The first solution is the intuitive one. Second solution is
      to install 'a' as well as 'b'. But the third solution is to not install
      any package. This is because third request can be satisfied either by
      installing 'b' or by not installing 'a'. All of these solutions are
      equivalent in solvers conditions as they all result in only one of the
      requests to not be satisfied, thus we have no direct way to hint solver
      what to do. What is even worst we even don't know what should be the
      correct solution without defining additional resolution rules.
      
      Using the new algorithm the solution for problematic request combination
      is simply that we order them using our new defined rules, that is also
      the order they are ordered in example. Now we take and resolve one
      request at the time. We can clearly satisfy installation of 'a' and thus
      first request. We can also satisfy not-installation of 'b' and thus
      second request. The third request now can't be satisfied and thus
      resulting in just 'a' installed.
      
      Full order rules are described in documentation. Reasoning for them is
      also hinted but to be complete there are also alternative orders we
      could choose. The reasoning is as follows:
      * We need to resolve critical packages first to make sure that all of
        them can be satisfied (so we would not close some combination by
        regular requests).
      * The user specified priority has to be abided.
      * The requests without condition are preferred as they clearly state
        what should happen. Conditions can have side effect such as forcing
        some specific combination to satisfy given request. This is of course
        highly undesirable as condition should control only if request is
        satisfied not to influence packages specified in condition. Given the
        nature of satisfiability solver this backward injection is just going
        to happen so we instead simply prioritize requests that have no such
        effect.
      * Another major change buried in these changes is that Install and
        Uninstall requests for same package no longer raise error. We prefer
        Install requests as a choice. The removal of error is because it was
        arbitrary anyway. There are simple ways Install and Unistall requests
        can be in direct collision without specifying same package name, such
        example being if package 'a' depends on 'b' and there is request to
        install 'a' and to unistall 'b'.
      * The last resort order is order of definition is scripts. In the effect
        this is not that important. This affects only requests that have same
        priority, same type (install or uninstall) and both have or not have
        condition. Such requests effectively want the same thing so they
        hopefully should not collide that much in their requests.
      815fd35c
  6. 17 Mar, 2021 3 commits
    • Karel Koci's avatar
      Version 69.0.1 · 4c478bf6
      Karel Koci authored
      Fixed
      * environment variable `PKG_UPGRADE` were always set to `1` for package
        `postinst` script no matter if it was package upgrade or not.
      
      Changed
      * usage of `example.org` replaced with `application-test.turris.cz` in
        tests
      4c478bf6
    • Karel Koci's avatar
      tests/system/simple-upgdate: check if scripts are correctly invoked · e44d3280
      Karel Koci authored
      This simply adds these script to dep-package as well as to test-package.
      It is nice test for this as one package is newly installed and another
      is only upgraded.
      e44d3280
    • Karel Koci's avatar
      lib/lua/transaction: fix postinst configure always reporting upgrade · 15b93504
      Karel Koci authored
      The issue here was that control fields in status were updated in
      pkg_move function but same and thus invalid check was used in
      pkg_scripts later on.
      This adds new table with all upgraded packages. This way we check
      original state before it is removed from status and pass this info to
      subsequent pkg_scripts.
      15b93504
  7. 17 Feb, 2021 2 commits
    • Karel Koci's avatar
      tests/lua/postprocess: remove usage of example.org · 839b7f78
      Karel Koci authored
      Web example.org now responds with valid HTML site on any URL thus we
      have to use different web to get 404 response. We use our own server
      that is used in other tests already.
      
      It also turns out that curl changed error messages so instead of
      matching exact error message this just tries to match the known minimum.
      839b7f78
    • Karel Koci's avatar
      gitlab-ci: drop perl file slurp · 57bbfb6b
      Karel Koci authored
      The usage of this was removed in commit
      6e670a7a.
      57bbfb6b
  8. 24 Nov, 2020 2 commits
    • Karel Koci's avatar
      Version 69.0.0 · 73bc26bf
      Karel Koci authored
      Added
      * extra argument `pkg_hash_required` for `Repository` command
      * support for version limitation of `Install` and `Uninstall` requests
        in package name (such as `foo (>= 1.0.0)`).
      
      Changed
      * Execution is now terminated when there is no hash for package being
        installed in repository index unless `pkg_hash_required` is set to
        `false` for that repository.
      
      Removed
      * Extra option `version` for `Install` request. You should append
        version specifier to package name the same way as it is done for
        dependencies.
      
      Fixed
      * `ROOT_DIR` not being defined for `hook_postinst` and
        `hook_reboot_required` on replan execution.
      73bc26bf
    • Karel Koci's avatar
      pkgupdate: fix missing ROOT_DIR in postupdate hook on replan · e8c800d4
      Karel Koci authored
      The previous expectation that ROOT_DIR is already set is true only if
      current execution is reexecution (subsequent execution after replan). In
      case of reexecution the ROOT_DIR set is skipped so we have to add it for
      postinst as well.
      
      That applies for both postupdate as well as reboot required hook.
      e8c800d4
  9. 21 Nov, 2020 2 commits
    • Karel Koci's avatar
      Refine support for Install and Uninstall version requests · 6a0bb155
      Karel Koci authored
      This changes how user can specify version limitation for Install request
      and adds the same feature for Uninstall as well.
      
      The original method might have been in some ways confusing. Extra field
      affects potentially multiple packages but version is commonly specified
      only for one specific package request. There is also fully supported way
      to specify version limitation in dependency description. This includes
      that and reuses the same code.
      
      Also note that code that splits package name from version is improved
      here. It should be more reliable now.
      
      This change makes extra option version of Install request obsolete so it
      is removed and no longer supported.
      
      Important thing to point out is also that documentation stated that
      version extra option can be also table but code never supported that. It
      could always have been just single string. That means that we do not
      loose any feature set.
      6a0bb155
    • Karel Koci's avatar
      Make missing package hashes in repository index fatal · e7f1fdac
      Karel Koci authored
      This changes default behavior for security reasons. The idea is to fail
      if package can't be verified from repository index as there is no hash
      supported to use for that. This prevents issue that packages can be
      potentially even falsified if index contains hashes unsupported by
      updater or even no hash at all.
      
      New extra argument was added to Repository command `pkg_hash_required`.
      This is considered in default as set to `true` but it can be
      overwritten and set to `false` to disable new behavior.
      
      This new behavior is reported by new feature in updater language:
      fatal_missing_pkg_hash
      e7f1fdac
  10. 20 Nov, 2020 2 commits
    • Karel Koci's avatar
      tests/c/subprocess: fix potential test fail · 99177d34
      Karel Koci authored
      It is possible that if we try to immediately kill process that it won't
      make it to exec and that way kill might be caught by check library and
      reported as failure. By waiting at least short amount we pretty much
      make sure that exec happens and that we are killing sleep process rather
      our fork.
      99177d34
    • Karel Koci's avatar
      tests/c/download: decrease number of parallel downloads · 22bd00a4
      Karel Koci authored
      With four parallel jobs it is common that connection fails with OCSP
      response error. This seems to be an issue with some sort of
      rate-limiting in nginx (target web server) on OCSP stamping. It looks
      like as 3 is the magic number here for that.
      22bd00a4
  11. 10 Nov, 2020 2 commits
  12. 06 Nov, 2020 1 commit
    • Karel Koci's avatar
      Version 68.0.0 · cf313897
      Karel Koci authored
      Added
      * Queue messages for 'upgrade' and 'downgrade' now also print current
        version in square brackets.
      
      Changed
      * Default connection timeout for download was extended from one minute
        to ten minutes.
      
      Removed
      * Possibility to reboot immediatelly after package installation. Reboot
        after update is deemed sufficient.
      
      Fixed
      * Queue messages now state 'upgrade', 'downgrade' and 'reinstall'
        instead of original generic 'install'.
      cf313897
  13. 01 Nov, 2020 1 commit
    • Karel Koci's avatar
      lib/lua/updater: fix broken queue messages about upgrade and downgrade · baa57c58
      Karel Koci authored
      The code used for checking current system status was invalid and in
      result whole if condition was being skipped silently. This now enabled
      "upgrade", "downgrade" and "reinstall" messages instead of "install".
      
      This also adds current version to upgrades and downgrades of packages.
      This is info that is beneficial to know in most cases so it makes no
      sense to not show it when we have simple access to it.
      baa57c58
  14. 30 Oct, 2020 4 commits
    • Karel Koci's avatar
      lib/lua/transaction: fix previous commit · 75e168ef
      Karel Koci authored
      75e168ef
    • Karel Koci's avatar
      lib/lua/transaction: remove unused variable · b85324a2
      Karel Koci authored
      b85324a2
    • Karel Koci's avatar
      Remove immediate reboot · 7e559673
      Karel Koci authored
      This removes immediate reboot possibility from updater.
      
      Original reasoning was to reboot router because update of specific
      package broke system so much it can't continue. We never used it. It is
      also questionable how such package could break system in a way where
      reboot helps. That would have to be kernel module but having some core
      systems in module that we would have to do reboot and were unable to
      finish update seems like impossible. To finish update we in general need
      just filesystem and shell. Existing solution would not work with
      theoretical breakage of any of those anyway so it is pretty much useless
      feature. Anything this can solve can be also solved by reboot at the end
      of update.
      7e559673
    • Karel Koci's avatar
      lib/download: extend connection timeout to ten minutes · 37751919
      Karel Koci authored
      This should increase reliability on unstable network connection.
      
      One minute was was way short as it looks like. Ten minutes should be
      better, hopefully not the other way around (too long).
      37751919
  15. 28 Oct, 2020 1 commit
    • Josef Schlehofer's avatar
      Create notification: drop Czech language · 3823547d
      Josef Schlehofer authored
      We are now focusing primary on English and, in the future, this could be
      translated via Weblate. By removing Czech language this script does not
      longer prints warning about running in compatible mode
      3823547d
  16. 21 Oct, 2020 2 commits
    • Karel Koci's avatar
      Version 67.0.3 · eef34f86
      Karel Koci authored
      Changed
      * pkgupdate's conf.lua now loads scripts with Full security level
        instead of Local
      * libupdater is now versioned with release version (there is no API
        compatibility between versions)
      eef34f86
    • Karel Koci's avatar
      pkgupdate: run all conf.d scripts with Full privileges · 5e7ed7ae
      Karel Koci authored
      Original idea was to limit what scripts placed there can do but in the
      end it makes code of those scripts pretty much ugly as it then requires
      duplicate code and prevents usage of libraries.
      
      We lost nothing with Full security as Local allows running any arbitrary
      shell code.
      5e7ed7ae
  17. 22 Sep, 2020 2 commits
    • Karel Koci's avatar
      libupdater: version library · 6230b6ef
      Karel Koci authored
      We use -release because libupdater is technically binary compatible only
      with same version of binary tools. This means every build requires new
      version of library and vice versa.
      6230b6ef
    • Karel Koci's avatar
      tests/system: add test for configuration stealing · e2b064a9
      Karel Koci authored
      This adds additional test for configuration stealing. It checks that
      stealing between installed packages works. It also renames original test
      to more reflect that it tests only stealing when package is being
      replaced.
      e2b064a9
  18. 06 Aug, 2020 2 commits
    • Karel Koci's avatar
      Version 67.0.2 · 97bda434
      Karel Koci authored
      Fixed
      * Warning about cycles for packages providing and at the same time
        conflicting with some other package
      * Configure script now checks if uthash is available
      97bda434
    • Karel Koci's avatar
      lib: Fix invalid warning about cycles · 25c4013e
      Karel Koci authored
      The reason is that Conflicts are included as negative dependencies but
      to allows flow that package can Conflict and at the same time Provide
      specific package (to do effectively replacement) it is implemented as
      negative dependency for any version. Version dependencies are satisfied
      only by packages of exact name, not by provided packages (for obvious
      reasons as Provided packages do not have same versioning scheme).
      
      Fix is that we pass to planning function version limitation of
      dependency and plan package only if that is fulfilled by candidate
      selected for given group.
      25c4013e
  19. 04 Aug, 2020 1 commit
  20. 01 Jul, 2020 1 commit
    • Karel Koci's avatar
      Version 67.0.1.1 · 9aa7af2d
      Karel Koci authored
      This is release to only fix build because of missing submodule.
      
      Changed
      * Lunit submodule now points to new Github repository
      9aa7af2d