[yum-git] 2 commits - plugins/security
James Antill
james at linux.duke.edu
Wed Apr 9 17:13:48 UTC 2008
plugins/security/security.py | 44 +++++++++++++++++++++++++++++--------------
1 file changed, 30 insertions(+), 14 deletions(-)
New commits:
commit 060d303cd389083e39c678f1dd08c5dfa56c1d7a
Author: James Antill <james at and.org>
Date: Wed Apr 9 13:13:38 2008 -0400
Tidy code, due to pychecker
diff --git a/plugins/security/security.py b/plugins/security/security.py
index 3e8bb76..b70fe35 100755
--- a/plugins/security/security.py
+++ b/plugins/security/security.py
@@ -35,13 +35,9 @@
# yum sec-list security / sec
import yum
-import time
-import textwrap
import fnmatch
-import sys
from yum.plugins import TYPE_INTERACTIVE
from yum.update_md import UpdateMetadata
-from rpmUtils.miscutils import compareEVR
import logging # for commands
from yum import logginglevels
@@ -188,12 +184,9 @@ class SecurityListCommands:
ygh = base.doPackageLists('updates')
self.repos = base.repos
md_info = ysp_gen_metadata(self)
- done = False
logger = logging.getLogger("yum.verbose.main")
def msg(x):
logger.log(logginglevels.INFO_2, x)
- def msg_warn(x):
- logger.warn(x)
opts, cmdline = base.plugins.cmdline
ygh.updates.sort(key=lambda x: x.name)
@@ -276,12 +269,8 @@ def config_hook(conduit):
parser.values.security = False
def osec(opt, key, val, parser):
# CVE is a subset of --security on RHEL, but not on Fedora
- if False and parser.values.cve:
- raise OptionValueError("can't use %s after --cve" % key)
parser.values.security = True
def ocve(opt, key, val, parser):
- if False and parser.values.security:
- raise OptionValueError("can't use %s after --security" % key)
parser.values.cve.append(val)
def obz(opt, key, val, parser):
parser.values.bz.append(str(val))
commit c8103e5122fe5072cd639bfc1533caf224f3f07e
Author: James Antill <james at and.org>
Date: Wed Apr 9 13:06:22 2008 -0400
Fix xine-lib / xine-lib-extras-nonfree dep. problem.
Problem:
xine-lib doesn't require, xine-lib-extras-nonfree deps. on it but due to
being in a different repo. isn't _also_ in the security data.
And due to security filtering we filter the "remove txmbr" for the old
version of xine-libs, which means there's nothing in the transaction to
the check that xine-lib-extras-nonfree deps. on something that's going.
diff --git a/plugins/security/security.py b/plugins/security/security.py
index fbf4852..3e8bb76 100755
--- a/plugins/security/security.py
+++ b/plugins/security/security.py
@@ -393,6 +393,7 @@ def exclude_hook(conduit):
cnt += 1
else:
ysp_del_pkg(pkg)
+
ysp_chk_used_map(used_map, lambda x: conduit.error(2, x))
if cnt:
conduit.info(2, 'Needed %d of %d packages, for security' % (cnt, tot))
@@ -428,12 +429,38 @@ def preresolve_hook(conduit):
used_map = ysp_gen_used_map(opts)
tsinfo = conduit.getTsInfo()
tspkgs = tsinfo.getMembers()
+ # Ok, here we keep any pkgs that pass "ysp" tests, then we keep all
+ # related pkgs ... Ie. "installed" version marked for removal.
+ keep_pkgs = set()
for tspkg in tspkgs:
tot += 1
- if not ysp_should_keep_pkg(opts, tspkg.po, md_info, used_map):
+ if ysp_should_keep_pkg(opts, tspkg.po, md_info, used_map):
+ keep_pkgs.add(tspkg.po)
+
+ mini_depsolve_again = True
+ while mini_depsolve_again:
+ mini_depsolve_again = False
+
+ for tspkg in tspkgs:
+ if tspkg.po in keep_pkgs:
+ # Find any related pkgs, and add them:
+ for (rpkg, reason) in tspkg.relatedto:
+ if rpkg not in keep_pkgs:
+ keep_pkgs.add(rpkg)
+ mini_depsolve_again = True
+ else:
+ # If related to any keep pkgs, add us
+ for (rpkg, reason) in tspkg.relatedto:
+ if rpkg in keep_pkgs:
+ keep_pkgs.add(tspkg.po)
+ mini_depsolve_again = True
+ break
+
+ for tspkg in tspkgs:
+ if tspkg.po not in keep_pkgs:
ysp_del_pkg(tspkg)
- else:
- cnt += 1
+
+ cnt = len(keep_pkgs)
ysp_chk_used_map(used_map, lambda x: conduit.error(2, x))
if cnt:
More information about the Yum-cvs-commits
mailing list