diff options
| author | Luke T. Shumaker <lukeshu@parabola.nu> | 2024-02-20 23:46:59 -0700 |
|---|---|---|
| committer | Luke T. Shumaker <lukeshu@parabola.nu> | 2024-02-21 10:17:52 -0700 |
| commit | 63d3993a320ee03c20da05d0e04ddbd3cc800335 (patch) | |
| tree | 7be4a7f3ff29d34f43f9fe0116282d61b5fb9009 /po | |
| parent | 9a0328490c2ea30d0eda470cb4da8da0030c96e9 (diff) | |
fix: libremakepkg: Have startdir be RO unless the -W flag is passed to make it RW
A key aspect of libremakepkg is that it tries to be strict about many
things, in order to catch issues.
One issue is that sources are downloaded during build(), meaning that
they're missing from the .src.pkg.tar sourceball. So, by default
libremakepkg runs build() with networking disabled, to catch this
issue. If there is a problematic package, we have an -N flag to
enable networking, as an escape hatch; as we only have finite packager
time/effort.
One issue is when a package can't be rebuilt from the .src.pkg.tar
sourceball. If the PKGBUILD modifies itself, then it won't match
what's in the sourceball. This is what the
libremakepkg.bats:"libremakepkg does not run pkgver" test demonstrates
and tests-for; this failing demonstration testcase was added in
044b4e1 (test: libremakepkg: Add some failing tests [ci-skip],
2018-07-31, Luke Shumaker <lukeshu@lukeshu.com>). We solved by
mounting the $startdir read-only in 646ac02 (libremakepkg,chcleanup:
Be stricter about network access, 2018-08-03, Luke Shumaker
<lukeshu@lukeshu.com>). However, it turns out that this caused issues
for a few packages. So, this protection was reverted in a6f6ac4
(libremakepkg: fix building packages requring a rw startdir,
2019-05-17, Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>). This
is bad, it potentially lets many issues slip through undetected.
Instead, handle it like we do networking: Have the protection on by
default, say "PLEASE don't turn this off", but recognize the increased
cost in time and efforts and so provide the `-W` flag as an escape
hatch.
Diffstat (limited to 'po')
| -rw-r--r-- | po/es/libretools.po | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/po/es/libretools.po b/po/es/libretools.po index 57a8e19..fbd4122 100644 --- a/po/es/libretools.po +++ b/po/es/libretools.po @@ -1072,6 +1072,11 @@ msgstr "No deshabilita la conexión a internet durante build() y " "package(). POR FAVOR no use esta opción al menos que tenga una razón " "en especial, su uso es una violación a la política de Parabola." +#: src/chroot-tools/libremakepkg:194 +msgid "Don't make the startdir read-only. PLEASE don't use this unless you " + "have a special reason, its use is a violation of Parabola policy." +msgstr "" + #: src/chroot-tools/libremakepkg:184 msgid "Repackage contents of the package without rebuilding" msgstr "Reempaqueta los contenidos del paquete sin recompilar" |