[yum-commits] docs/yum-security.8 plugins/security

James Antill james at osuosl.org
Tue Oct 20 18:06:46 UTC 2009


 docs/yum-security.8          |   13 ++++----
 plugins/security/security.py |   69 ++++++++++++++++++++++++++++++++-----------
 2 files changed, 60 insertions(+), 22 deletions(-)

New commits:
commit a9e57ce4c54182849dbb128e763f438e4d3d1828
Author: James Antill <james at and.org>
Date:   Tue Oct 20 14:02:09 2009 -0400

     Add option to list-updateinfo command to see new packages in repos.
    
     Change list-security => list-updateinfo, as it's now grossly wrong.

diff --git a/docs/yum-security.8 b/docs/yum-security.8
index e854151..f8e65d5 100644
--- a/docs/yum-security.8
+++ b/docs/yum-security.8
@@ -16,9 +16,9 @@ This works like the update command, but if you have the the package foo-1
 installed and have foo-2 and foo-3 available with updateinfo.xml then
 update-minimal will update you to foo-3.
 .br 
-.I \fR * info-security
+.I \fR * info-updateinfo
 .br 
-.I \fR * list-security
+.I \fR * list-updateinfo
 .PP 
 both of the last two take these \fIsub-commands\fPs:
 .br 
@@ -30,14 +30,17 @@ both of the last two take these \fIsub-commands\fPs:
 .br 
 .I \fR * * security
 .br 
+.I \fR * * new-packages
+.br 
 .br 
 .PP
 .IP "\fB<advisory> [advisory...]\fP"
 Is used to display information about one or more advisories.
 .PP 
-.IP "\fBlist-security\fP" "\fBinfo-security\fP"
+.IP "\fBlist-updateinfo\fP" "\fBinfo-updateinfo\fP"
 Is used to list all of the relevant errata notice information, from the
 updateinfo.xml data in yum. This includes bugzillas, CVEs and security updates.
+You can also list "new" packages, by passing new as the first argument.
 .IP 
 .IP "\fBbugzillas / bzs\fP"
 Is the subset of the security information, pertaining to the bugzillas.
@@ -89,11 +92,11 @@ yum --security update-minimal
 .PP
 To get a list of all BZs that are fixed for packages you have installed use:
 .IP
-yum list-security bugzillas
+yum list-updateinfo bugzillas
 .PP
 To get the information on advisory FEDORA-2707-4567 use:
 .IP
-yum info-security FEDORA-2707-4567
+yum info-updateinfo FEDORA-2707-4567
 .PP
 To update packages to the latest version which contain fixes for Bugzillas 123, 456 and 789; and all security updates use:
 .IP
diff --git a/plugins/security/security.py b/plugins/security/security.py
index d79916a..8ab8147 100755
--- a/plugins/security/security.py
+++ b/plugins/security/security.py
@@ -29,10 +29,11 @@
 # yum --bz  235374 --bz 234688 <cmd>
 # yum --advisory FEDORA-2007-420 --advisory FEDORA-2007-346 <cmd>
 #
-# yum list-security
-# yum list-security bugzillas / bzs
-# yum list-security cves
-# yum list-security security / sec
+# yum list-updateinfo
+# yum list-updateinfo bugzillas / bzs
+# yum list-updateinfo cves
+# yum list-updateinfo security / sec
+# yum list-updateinfo new
 #
 # yum update-minimal --security
 
@@ -144,7 +145,7 @@ def ysp_has_info_md(rname, md):
         return md
 
 def ysp_should_show_pkgtup(opts, pkgtup, md_info, used_map, rname=None):
-    """ Do we want to show this package in list-security. """
+    """ Do we want to show this package in list-updateinfo. """
     
     name = pkgtup[0]
     for (pkgtup, notice) in reversed(md_info.get_applicable_notices(pkgtup)):
@@ -181,10 +182,10 @@ def ysp_chk_used_map(used_map, msg):
 
 class SecurityListCommand:
     def getNames(self):
-        return ['list-security', 'list-sec']
+        return ['list-updateinfo', 'list-security', 'list-sec']
 
     def getUsage(self):
-        return "[security|bugzilla|cve] [PACKAGE-wildcard]"
+        return "[security|bugzilla|cve|new-packages] [PACKAGE-wildcard]"
 
     def getSummary(self):
         return "Returns security data for the packages listed, that affects your system"
@@ -192,7 +193,7 @@ class SecurityListCommand:
     def doCheck(self, base, basecmd, extcmds):
         pass
 
-    def show_pkg(self, msg, pkg, notice, disp=None):
+    def show_pkg(self, base, msg, pkg, notice, disp=None):
         # Make the list view much smaller
         # ysp_show_pkg_md_info(pkg, md, msg)
         if disp and ysp_has_info_md(disp, notice):
@@ -200,12 +201,24 @@ class SecurityListCommand:
                 if ref['type'] != disp:
                     continue
                 msg(" %s %-8s %s" % (str(ref['id']), notice['type'], pkg))
+        elif notice['type'] == 'newpackage':
+            print base.fmtKeyValFill("%s: " % pkg.name, base._enc(pkg.summary))
         else:
             msg("%s %-8s %s" % (notice['update_id'], notice['type'], pkg))
 
     def show_pkg_exit(self):
         pass
-            
+
+    def _get_new_pkgs(self, md_info):
+        for notice in md_info.notices:
+            if notice['type'] != "newpackage":
+                continue
+            for upkg in notice['pkglist']:
+                for pkg in upkg['packages']:
+                    pkgtup = (pkg['name'], pkg['arch'], pkg['epoch'] or '0',
+                              pkg['version'], pkg['release'])
+                    yield (notice, pkgtup)
+
     def doCommand(self, base, basecmd, extcmds):
         self.repos = base.repos
         md_info = ysp_gen_metadata(self.repos.listEnabled())
@@ -240,13 +253,35 @@ class SecurityListCommand:
                 filt_type = "cve"
             elif filt_type == "cve":
                 pass
+            elif filt_type == "newpackages":
+                filt_type = "newpackage"
+            elif filt_type == "new-packages":
+                filt_type = "newpackage"
+            elif filt_type == "new":
+                filt_type = "newpackage"
             else:
                 extcmds = [filt_type] + extcmds
                 filt_type = None
             show_type = filt_type
             if filt_type and filt_type in __update_info_types__:
                 show_type = None
-            
+
+        if filt_type == "newpackage":
+            # No filtering here, as we want what isn't installed...
+            done_pkgs = set()
+            for (notice, pkgtup) in sorted(self._get_new_pkgs(md_info),
+                                           key=lambda x: x[1][0]):
+                if extcmds and not _match_sec_cmd(extcmds, pkgtup[0], notice):
+                    continue
+                if pkgtup[0] in done_pkgs:
+                    continue
+                pkgs = base.pkgSack.searchPkgTuple(pkgtup)
+                if not pkgs:
+                    continue
+                done_pkgs.add(pkgs[0].name)
+                self.show_pkg(base, msg, pkgs[0], notice, None)
+            return 0, [basecmd + ' new done']
+
         opts.sec_cmds = extcmds
         used_map = ysp_gen_used_map(opts)
         name2tup = _get_name2oldpkgtup(base)
@@ -261,7 +296,7 @@ class SecurityListCommand:
                     d['epoch'] = ''
                 else:
                     d['epoch'] = "%s:" % d['e']
-                self.show_pkg(msg, "%(n)s-%(epoch)s%(v)s-%(r)s.%(a)s" % d,
+                self.show_pkg(base, msg, "%(n)s-%(epoch)s%(v)s-%(r)s.%(a)s" % d,
                               notice, show_type)
         ysp_chk_used_map(used_map, msg)
 
@@ -271,9 +306,9 @@ class SecurityListCommand:
 class SecurityInfoCommand(SecurityListCommand):
     show_pkg_info_done = {}
     def getNames(self):
-        return ['info-security', 'info-sec']
+        return ['info-updateinfo', 'info-security', 'info-sec']
 
-    def show_pkg(self, msg, pkg, notice, disp=None):
+    def show_pkg(self, base, msg, pkg, notice, disp=None):
         if notice['update_id'] in self.show_pkg_info_done:
             return
         self.show_pkg_info_done[notice['update_id']] = True
@@ -386,8 +421,8 @@ def config_hook(conduit):
     '''
     Yum Plugin Config Hook: 
     Setup the option parser with the '--advisory', '--bz', '--cve', and
-    '--security' command line options. And the 'list-security',
-    'info-security', and 'update-minimal' commands.
+    '--security' command line options. And the 'list-updateinfo',
+    'info-updateinfo', and 'update-minimal' commands.
     '''
 
     parser = conduit.getOptParser()
@@ -470,9 +505,9 @@ def ysp_check_func_enter(conduit):
             ret = {"skip": ndata, "list_cmd": True}
         if (args[0] in ["update", "upgrade"]):
             ret = {"skip": ndata, "list_cmd": False}
-        if (args[0] == "list-sec") or (args[0] == "list-security"):
+        if (args[0] in ("list-sec", "list-security", 'list-updateinfo')):
             return (opts, {"skip": True, "list_cmd": True})
-        if (args[0] == "info-sec") or (args[0] == "info-security"):
+        if (args[0] in ("info-sec", "info-security", 'info-updateinfo')):
             return (opts, {"skip": True, "list_cmd": True})
 
     if ret:


More information about the Yum-commits mailing list