diff options
| author | Panu Matilainen <pmatilai@redhat.com> | 2010-10-08 11:59:51 +0300 |
|---|---|---|
| committer | Panu Matilainen <pmatilai@redhat.com> | 2010-10-08 12:29:59 +0300 |
| commit | 26125015e4321765582dce0b76f83530e7604d4e (patch) | |
| tree | bfd4cf4f2483f54632f7ec29f8aa763f895aa166 | |
| parent | 9138fec0f43610187df09ba87cd11cf6346ea3b6 (diff) | |
| download | librpm-tizen-26125015e4321765582dce0b76f83530e7604d4e.tar.gz librpm-tizen-26125015e4321765582dce0b76f83530e7604d4e.tar.bz2 librpm-tizen-26125015e4321765582dce0b76f83530e7604d4e.zip | |
Further split the cli-tools to rpminstall, rpmquery and rpmverify
- Installing/erasing packages, querying and verifying require different
amount of privileges on the system. Having separate binaries for
these functionalities permits limiting the capabilities through
SELinux and other similar security mechanisms: for example quering
needs much less privileges than installing.
- For now, leaving /bin/rpm to be the Swiss Army knife it
always was: capable of install/erase, query and verify. Eventually
it should be turned into just a dumb wrapper which just execs
the per-functionality binaries, but leaving that for later stage,
as popt exec/aliasing doesn't quite seem to up to par with the task.
Having the separate binaries available at least makes it possible
for callers to specify the amount of privileges they need.
| -rw-r--r-- | Makefile.am | 31 | ||||
| -rw-r--r-- | rpmqv.c | 10 |
2 files changed, 30 insertions, 11 deletions
diff --git a/Makefile.am b/Makefile.am index 907c721ec..17a565685 100644 --- a/Makefile.am +++ b/Makefile.am @@ -88,7 +88,8 @@ pkginclude_HEADERS += build/rpmspec.h rpmbindir = `echo $(bindir) | $(SED) -e s,usr/bin,bin,` rpmbin_PROGRAMS = rpm -bin_PROGRAMS = rpm2cpio rpmbuild rpmdb rpmkeys rpmsign rpmspec +bin_PROGRAMS = rpm2cpio rpmbuild rpmdb rpmkeys rpmsign rpmspec \ + rpminstall rpmverify rpmquery rpmlibexec_PROGRAMS = rpmconfig_SCRIPTS = find-provides find-requires mkinstalldirs \ @@ -103,11 +104,29 @@ libcliutils_la_LIBADD = lib/librpm.la rpmio/librpmio.la libcliutils_la_LIBADD += @WITH_POPT_LIB@ rpm_SOURCES = rpmqv.c debug.h system.h -rpm_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMEIU -DIAM_RPMQV +rpm_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMEIU -DIAM_RPMQ -DIAM_RPMV rpm_LDADD = libcliutils.la rpm_LDADD += lib/librpm.la rpmio/librpmio.la rpm_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@ +rpminstall_SOURCES = rpmqv.c debug.h system.h +rpminstall_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMEIU +rpminstall_LDADD = libcliutils.la +rpminstall_LDADD += lib/librpm.la rpmio/librpmio.la +rpminstall_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@ + +rpmquery_SOURCES = rpmqv.c debug.h system.h +rpmquery_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMQ +rpmquery_LDADD = libcliutils.la +rpmquery_LDADD += lib/librpm.la rpmio/librpmio.la +rpmquery_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@ + +rpmverify_SOURCES = rpmqv.c debug.h system.h +rpmverify_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMV +rpmverify_LDADD = libcliutils.la +rpmverify_LDADD += lib/librpm.la rpmio/librpmio.la +rpmverify_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@ + rpmdb_SOURCES = rpmdb.c debug.h system.h rpmdb_CPPFLAGS = $(AM_CPPFLAGS) rpmdb_LDADD = libcliutils.la @@ -221,12 +240,6 @@ usrsrcdir = $(prefix)/src rpmvardir = $(localstatedir)/lib/rpm rpmvar_DATA = -install-exec-hook: - rm -f $(DESTDIR)$(bindir)/rpmquery - @LN_S@ ../../bin/rpm $(DESTDIR)$(bindir)/rpmquery - rm -f $(DESTDIR)$(bindir)/rpmverify - @LN_S@ ../../bin/rpm $(DESTDIR)$(bindir)/rpmverify - install-data-local: @case "@host_os@" in \ solaris*|linux*|darwin*) \ @@ -236,8 +249,6 @@ install-data-local: # XXX to appease distcheck we need to remove "stuff" here... uninstall-local: - @rm -f $(DESTDIR)$(bindir)/rpmquery - @rm -f $(DESTDIR)$(bindir)/rpmverify @rm -rf $(DESTDIR)$(rpmconfigdir)/platform/ MAINTAINERCLEANFILES = ChangeLog @@ -13,6 +13,10 @@ const char *__progname; #include "debug.h" +#if defined(IAM_RPMQ) || defined(IAM_RPMV) +#define IAM_RPMQV +#endif + enum modes { MODE_QUERY = (1 << 0), @@ -40,13 +44,17 @@ static struct poptOption optionsTable[] = { { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmQVSourcePoptTable, 0, N_("Query/Verify package selection options:"), NULL }, +#endif +#ifdef IAM_RPMQ { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmQueryPoptTable, 0, N_("Query options (with -q or --query):"), NULL }, +#endif +#ifdef IAM_RPMV { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmVerifyPoptTable, 0, N_("Verify options (with -V or --verify):"), NULL }, -#endif /* IAM_RPMQV */ +#endif #ifdef IAM_RPMEIU { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmInstallPoptTable, 0, |