| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
fixes #607.
audit is now mostly rewritten for the new functionality. And
has new features like --check-permissions, --recursive and
--packages.
$ROOT/etc/apk/protected_files.d/*.list can now contain additional
protected paths, one path per line:
+etc
@etc/init.d
-tmp
+ will include the directory as protected configuration directory.
@ considers the directory protected, but will backup only symlinks.
- removes any protection
lbu should be modified to put include and exclude paths in
etc/apk/protected_files.d/lbu.list. Additionally, some packages
might provide their own listings.
E.g. ssh might want to provide ssh.list with something like:
+root/.ssh
+home/*/.ssh
|
|
|
|
And implement --directory-permissions for fix-applet to reset all
directory uid, gid and modes.
|
|
|
|
|
|
this makes the database package entry smaller, and we propbably
get more fields to installed_package later too. this cleans up
the way scripts are stored and is a preparation for supporting
triggers. some parsing for trigger meta-data. ref #45.
|
|
so user can override trusted keys directory and repositories file.
|
|
they are not needed, and cause errors if signing keys are not
present.
|
|
|
|
usually we are interested on the actual file's length. but
audit is interested about the link. so add a flag for this and
use it in audit.
|
|
make the system audit compare only installed files, instead of
scanning the whole file system. also make it print only package
names with -q, so reinstalling modified packages becomes easy.
|
|
this way we never change cwd, and relative filenames are always
parsed consistently. this also helps filename construction in many
places. this patch also changes '--root' to override location of
all configuration to be in the new root. previously it depended
on the file which one was used.
|
|
also take precautions in audit code if the db is missing the
checksum.
|
|
and use it for /etc/init.d by default. fixes #99.
|
|
to check system files for changes.
|
|
this also convers scripts file to a tar archive.
|
|
avoid recalculating hashes, and store the lengths of names, so
we can optimize some operations.
|
|
in future we want to checksum on gzip boundary basis, not the
full file.
|
|
And add some more verbosity to the help message.
|
|
A = "added"
U = "updated"
|
|
Add flags field to db open call. Also make error reporting quite a bit
more detailed.
|
|
also introduce apk_verbosity. --quiet reduce verbosity and --verbose
increases it.
Default verbosity is 1.
|
|
Currently only implement --backup to get list of (config) files in
protected directories to backup.
This also fixes a database corruption bug in database.c.
|
