[Yum-devel] [PATCH] Add aclpkgs configuration variable

James Antill james at and.org
Mon Oct 26 21:41:00 UTC 2009


---
 docs/yum.conf.5 |   27 +++++++++++++++++++++++++++
 yum/__init__.py |   43 +++++++++++++++++++++++++++++++++++++++++++
 yum/config.py   |    4 +++-
 3 files changed, 73 insertions(+), 1 deletions(-)

diff --git a/docs/yum.conf.5 b/docs/yum.conf.5
index eab9335..b2b5366 100644
--- a/docs/yum.conf.5
+++ b/docs/yum.conf.5
@@ -111,6 +111,28 @@ separated list.
 Shell globs using wildcards (eg. * and ?) are allowed.
 
 .IP
+\fBaclpkgs\fR
+List of ACLs, and if needed packages to match. ACLs are split into 2 or 3 parts,
+separated by ".". The first part is either: include, exclude, mark or wash. The
+second part specifies the what you are operatoring on: name, nevr, nevra, arch,
+blank (meaning the full 7 matches used in exclude/includepkgs) marked, washed
+and "*". The last part, if needed, says if the match should be a strict
+equality check or allow shell globs using wildcards (eg. * and ?) are with
+either: eq or match. There is an implicit "include.*" as the final ACL.
+ Eg. Both these ACLs will exclude 32bit pkgs on x86_64, except glibc.
+
+aclpkgs = include.name.eq:glibc exclude.arch.match:i?86
+.br
+aclpkgs = mark.washed
+.br
+          wash.arch.eq:x86_64 wash.arch.eq:noarch
+.br
+          wash.name.eq:glibc
+.br
+          exclude.marked
+.br
+
+.IP
 \fBexactarch\fR
 Either `1' or `0'. Set to `1' to make yum update only update the architectures
 of packages that you have installed. ie: with this enabled yum will not install
@@ -591,6 +613,11 @@ Same as the [main] \fBexclude\fR option but only for this repository.
 Substitution variables, described below, are honored here.
 
 .IP
+\fBaclpkgs\fR
+Same as the [main] \fBaclpkgs\fR option but only for this repository.
+Substitution variables, described below, are honored here.
+
+.IP
 \fBincludepkgs\fR
 Inverse of exclude. This is a list of packages you want to use from a
 repository. If this option lists only one package then that is all yum will
diff --git a/yum/__init__.py b/yum/__init__.py
index ff5e485..d3c0ee8 100644
--- a/yum/__init__.py
+++ b/yum/__init__.py
@@ -552,6 +552,7 @@ class YumBase(depsolve.Depsolve):
         self._pkgSack = self.repos.getPackageSack()
         
         self.excludePackages()
+        self.aclPackages()
         self._pkgSack.excludeArchs(archlist)
         
         #FIXME - this could be faster, too.
@@ -560,6 +561,7 @@ class YumBase(depsolve.Depsolve):
         for repo in repos:
             self.includePackages(repo)
             self.excludePackages(repo)
+            self.aclPackages(repo)
         self.plugins.run('exclude')
         self._pkgSack.buildIndexes()
 
@@ -1258,6 +1260,47 @@ class YumBase(depsolve.Depsolve):
         exid = "yum.includepkgs.3"
         self.pkgSack.addPackageExcluder(repo.id, exid, 'exclude.marked')
         
+    def aclPackages(self, repo=None):
+        """ Allow users to apply somewhat arbitrary ACLs to the pkg list. """
+
+        if repo is None:
+            acllist = self.conf.aclpkgs
+            repoid = None
+            exid_beg = 'yum.aclpkgs'
+        else:
+            acllist = repo.aclpkgs
+            repoid = repo.id
+            exid_beg = 'yum.aclpkgs.' + repoid
+
+        if not acllist:
+            return
+
+        acl_end = {'marked' : 1, 'washed' : 1, 'nevr.eq' : 2, '*' : 1}
+        for acl in ('eq', 'match'):
+            acl_end['name.'  + acl] = 2
+            acl_end['arch.'  + acl] = 2
+            acl_end['nevra.' + acl] = 2
+            acl_end[acl] = 2
+        valid_acls = {}
+        for acl in acl_end:
+            valid_acls['include.' + acl] = acl_end[acl]
+            valid_acls['exclude.' + acl] = acl_end[acl]
+            valid_acls['mark.'    + acl] = acl_end[acl]
+            valid_acls['wash.'    + acl] = acl_end[acl]
+        count = 0
+        for acl_data in acllist:
+            count += 1
+            exid = "%s.%u" % (exid_beg, count)
+            acl_data = acl_data.split(':', 2)
+            if len(acl_data) != valid_acls.get(acl_data[0], 0):
+                continue
+
+            if len(acl_data) == 2:
+                acl, val = acl_data
+                self.pkgSack.addPackageExcluder(repoid, exid, acl, val)
+            else:
+                self.pkgSack.addPackageExcluder(repoid, exid, acl_data[0])
+
     def doLock(self, lockfile = YUM_PID_FILE):
         """perform the yum locking, raise yum-based exceptions, not OSErrors"""
         
diff --git a/yum/config.py b/yum/config.py
index 2ae7e89..376a478 100644
--- a/yum/config.py
+++ b/yum/config.py
@@ -617,6 +617,7 @@ class YumConf(StartupConf):
 
     commands = ListOption()
     exclude = ListOption()
+    aclpkgs = ListOption()
     failovermethod = Option('roundrobin')
     proxy = UrlOption(schemes=('http', 'ftp', 'https'), allow_none=True)
     proxy_username = Option()
@@ -733,8 +734,9 @@ class RepoConf(BaseConfig):
     metalink   = UrlOption()
     mediaid = Option()
     gpgkey = UrlListOption()
-    exclude = ListOption() 
+    exclude = ListOption()     # Should be excludepkgs, but need to migrate
     includepkgs = ListOption() 
+    aclpkgs = ListOption()
 
     proxy = Inherit(YumConf.proxy)
     proxy_username = Inherit(YumConf.proxy_username)
-- 
1.6.2.5



More information about the Yum-devel mailing list