kiss/kiss
2020-09-14 15:02:04 +03:00

1595 lines
53 KiB
Bash
Executable File

#!/bin/sh
# shellcheck source=/dev/null
#
# This is a simple package manager written in POSIX shell for use
# in KISS Linux (https://k1ss.org).
#
# Created by Dylan Araps.
log() {
printf '%b%s %b%s%b %s\n' \
"$lcol" "${3:-->}" "${lclr}${2:+$lcol2}" "$1" "$lclr" "$2" >&2
}
war() {
log "$1" "$2" "${3:-WARNING}"
}
die() {
log "$1" "$2" "${3:-ERROR}"
exit 1
}
contains() {
case " $1 " in *" $2 "*) return 0; esac; return 1
}
prompt() {
[ "$1" ] && log "$1"
log "Continue?: Press Enter to continue or Ctrl+C to abort here"
[ "$KISS_PROMPT" = 0 ] || read -r _
}
as_root() {
[ "$uid" = 0 ] || log "Using '${su:=su}' (to become ${user:=root})"
case ${su##*/} in
doas|sudo|sls)
"$su" -u "$user" -- env "$@"
;;
su)
"$su" -c "env $* <&3" "$user" 3<&0 </dev/tty
;;
*)
die "Invalid KISS_SU value: $su (valid: doas, sudo, sls, su)"
;;
esac
}
file_owner() {
read -r _ _ user _ <<EOF
$(ls -ld "$1")
EOF
id -u "${user:=root}" >/dev/null 2>&1 || user=root
}
run_hook() {
# Provide a default post-build hook to remove files and directories
# for things we don't support out of the box. One can simply define
# their own hook to override this behavior.
set -- "${1:-null}" "${2:-null}" "${3:-null}"
case ${KISS_HOOK:--}$1 in
-post-build)
rm -rf \
"$3/usr/share/gettext" \
"$3/usr/share/polkit-1" \
"$3/usr/share/locale" \
"$3/usr/share/info"
;;
[!-]*)
TYPE=$1 PKG=$2 DEST=$3 . "$KISS_HOOK"
;;
esac
}
decompress() {
case ${1##*.} in
bz2) bzip2 -dc ;;
lzma) lzma -dc ;;
lz) lzip -dc ;;
tar) cat ;;
tgz | gz) gzip -dc ;;
txz | xz) xz -dc ;;
zst) zstd -dc ;;
esac < "$1"
}
sh256() {
# There's no standard utility to generate sha256 checksums.
# This unifies various tools using the first available.
[ -e "$1" ] || return 0
hash=$(
sha256sum "$1" ||
sha256 -r "$1" ||
openssl dgst -sha256 -r "$1" ||
shasum -a 256 "$1" ||
digest -a sha256 "$1"
) 2>/dev/null
printf '%s\n' "${hash%% *}"
}
pkg_lint() {
pkg_find "$1"
cd "$repo_dir"
read -r _ release 2>/dev/null < version ||
die "Version file not found"
[ "$release" ] ||
die "$1" "Release field not found in version file"
[ -x build ] ||
die "$1" "Build file not found or not executable"
[ -f sources ] ||
war "$1" "Sources file not found"
}
pkg_find() {
# Figure out which repository a package belongs to by searching for
# directories matching the package name in $KISS_PATH/*.
query=$1 all=$2 what=$3 IFS=:
set --
# Globbing disabled for KISS_PATH word-splitting
for path in $KISS_PATH "${what:-"$sys_db"}"; do
set +f
# Globbing enabled for search.
for path2 in "$path/"${query%%/*}; do
test "${what:--d}" "$path2" &&
set -f -- "$@" "$path2"
done
done
unset IFS
repo_dir=$1
[ "$1" ] || {
log "Package '$query' not in any repository"
return 1
}
[ -z "$all" ] || printf '%s\n' "$@"
}
pkg_list() {
[ "$1" ] || {
set +f
set -f -- "$sys_db/"*
}
for _pkg do
[ -d "$sys_db/${_pkg##*/}" ] || {
log "${_pkg##*/}" "not installed"
return 1
}
read -r _ver 2>/dev/null < "$sys_db/${_pkg##*/}/version" ||
_ver=null
printf '%s\n' "${_pkg##*/} $_ver"
done
}
pkg_cache() {
# Find the tarball of a package using a glob. Use the first found match
# of '<pkg_name>#<pkg_version><pkg_release>.tar.*'.
pkg_find "$1"
read -r version release 2>/dev/null < "$repo_dir/version"
set +f
set -f -- "$bin_dir/$1#$version-$release.tar."*
tar_file=$1
[ -f "$tar_file" ]
}
pkg_sources() {
# Download any remote package sources. The existence of local files is
# also checked.
pkg_find "$1"
# Support packages without sources. Simply do nothing.
[ -f "$repo_dir/sources" ] || return 0
log "$1" "Fetching sources"
# Store each downloaded source in a directory named after the package it
# belongs to. This avoid conflicts between two packages having a source
# of the same name.
mkdir -p "$src_dir/$1" && cd "$src_dir/$1"
while read -r src dest || [ "$src" ]; do
if [ -z "${src##\#*}" ]; then
continue
elif [ -z "${src##git+*}" ]; then
log "$1" "Found git source '${src##git+}'"
elif [ -f "${src##*/}" ]; then
log "$1" "Found cached source '${src##*/}'"
elif [ -z "${src##*://*}" ]; then
log "$1" "Downloading $src"
curl "$src" -fLo "${src##*/}" || {
rm -f "${src##*/}"
die "$1" "Failed to download $src"
}
elif [ -e "$repo_dir/$src" ]; then
log "$1" "Found local relative source '$src'"
elif [ -e "/$src" ]; then
log "$1" "Found local absolute source '$src'"
else
die "$1" "No local file '$src'"
fi
done < "$repo_dir/sources"
}
pkg_extract() {
# Extract all source archives to the build directory and copy over any
# local repository files.
pkg_find "$1"
# Support packages without sources. Simply do nothing.
[ -f "$repo_dir/sources" ] || return 0
log "$1" "Extracting sources"
while read -r src dest || [ "$src" ]; do
mkdir -p "$mak_dir/$1/$dest" && cd "$mak_dir/$1/$dest"
case $src in
\#*|'')
# Comments and blank lines.
;;
# Git repository.
git+*)
# Split the source into URL + OBJECT (branch or commit).
url=${src##git+} com=${url##*[@#]} com=${com#${url%[#@]*}}
# This magic will shallow clone branches, commits or the
# regular repository. It correctly handles cases where a
# shallow clone is not possible.
log "$1" "Cloning ${url%[#@]*}"; {
git init
git remote add origin "${url%[#@]*}"
git fetch --depth=1 origin "$com" || git fetch
git checkout "${com:-FETCH_HEAD}"
} || die "$1" "Failed to clone $src"
;;
# Tarballs of any kind. This is a shell equivalent of
# GNU tar's '--strip-components 1'.
*://*.tar|*://*.tar.??|*://*.tar.???|*://*.tar.????|*://*.t?z)
# Decompress the archive to a temporary .tar archive.
decompress "$src_dir/$1/${src##*/}" > .ktar
# Extract the tar archive to the current directory.
tar xf .ktar || die "$1" "Couldn't extract ${src##*/}"
# Iterate over all directories in the first level of the
# tarball's manifest. This is our equivalent of GNU tar's
# '--strip-components 1'.
tar tf .ktar | while IFS=/ read -r dir _; do
# Some tarballs contain './' as the top-level directory,
# we need to skip these occurances.
[ -d "${dir#.}" ] || continue
# Move the directory to prevent naming conflicts between
# the child and parent
mv -f "$dir" "$pid-$dir"
# First attempt to move all files up a directory level,
# if any files/directories fail (due to mv's lack of
# directory merge capability), simply do the exercise
# again and copy-merge the remaining files/directories.
#
# We can't use '-exec {} +' with any arguments between
# the '{}' and '+' as this is not POSIX. We must also
# use '$0' and '$@' to reference all arguments.
#
# Using only '$@' causes a single file from each
# invocation to be left out of the list. Weird, right?
{
find "$pid-$dir/." ! -name . -prune \
-exec sh -c 'mv -f "$0" "$@" .' {} + ||
find "$pid-$dir/." ! -name . -prune \
-exec sh -c 'cp -fRp "$0" "$@" .' {} +
} 2>/dev/null
# Remove the directory now that all files have been
# transferred out of it. This can't be a simple 'rmdir'
# as we may leave files in here due to above.
rm -rf "$pid-$dir"
done
# Clean up after ourselves and remove the temporary tar
# archive we've created. Not needed at all really.
rm -f .ktar
;;
# Zip archives.
*://*.zip)
unzip "$src_dir/$1/${src##*/}" ||
die "$1" "Couldn't extract ${src##*/}"
;;
*)
# Local directory (relative).
if [ -d "$repo_dir/$src" ]; then
cp -Rf "$repo_dir/$src/." .
# Local directory (absolute).
elif [ -d "/$src" ]; then
cp -Rf "/$src/." .
# Local file (relative).
elif [ -f "$repo_dir/$src" ]; then
cp -f "$repo_dir/$src" .
# Local file (absolute).
elif [ -f "/$src" ]; then
cp -f "/$src" .
# Remote file.
elif [ -f "$src_dir/$1/${src##*/}" ]; then
cp -f "$src_dir/$1/${src##*/}" .
else
die "$1" "file $src not found"
fi
;;
esac
done < "$repo_dir/sources"
}
pkg_depends() {
# Resolve all dependencies and generate an ordered list. The deepest
# dependencies are listed first and then the parents in reverse order.
contains "$deps" "$1" || {
pkg_list "$1" >/dev/null 2>&1 && return 0
pkg_find "$1"
# Recurse through the dependencies of the child packages.
[ -f "$repo_dir/depends" ] && {
while read -r dep _ || [ "$dep" ]; do
case $dep in
[!\#]*) pkg_depends "$dep" ;;
esac
done < "$repo_dir/depends"
}
# After child dependencies are added to the list,
# add the package which depends on them.
[ "$2" = explicit ] || deps="$deps $1 "
}
}
pkg_strip() {
# Strip package binaries and libraries. This saves space on the system as
# well as on the tarballs we ship for installation.
[ -f "$mak_dir/$pkg/nostrip" ] || [ "$KISS_STRIP" = 0 ] && return
log "$1" "Stripping binaries and libraries"
# Strip only files matching the below ELF types. This uses 'od' to print
# the first 18 bytes of the file. This is the location of the ELF header
# (up to the ELF type) and contains the type information we need.
#
# Static libraries (.a) are in reality AR archives which contain ELF
# objects. We simply read from the same 18 bytes and assume that the AR
# header equates to an archive containing objects (.o).
#
# Example ELF output ('003' is ELF type):
# 0000000 177 E L F 002 001 001 \0 \0 \0 \0 \0 \0 \0 \0 \0
# 0000020 003 \0
# 0000022
#
# Example AR output (.a):
# 0000000 ! < a r c h > \n /
# 0000020
# 0000022
find "$pkg_dir/$1" -type f | while read -r file; do
case $(od -A o -t c -N 18 "$file") in
# REL (object files (.o), static libraries (.a)).
*177*E*L*F*0000020\ 001\ *|*\!*\<*a*r*c*h*\>*)
strip -g -R .comment -R .note "$file"
;;
# EXEC (binaries), DYN (shared libraries).
# Shared libraries keep global symbols in a separate ELF section
# called '.dynsym'. '--strip-all/-s' does not touch the dynamic
# symbol entries which makes this safe to do.
*177*E*L*F*0000020\ 00[23]\ *)
strip -s -R .comment -R .note "$file"
;;
esac
done 2>/dev/null ||:
}
pkg_fixdeps() {
# Dynamically look for missing runtime dependencies by checking each
# binary and library with 'ldd'. This catches any extra libraries and or
# dependencies pulled in by the package's build suite.
log "$1" "Checking for missing dependencies"
pkg_name=$1
# Go to the built package directory to simplify path building.
cd "$pkg_dir/$1/$pkg_db/$1"
# Generate a list of all installed manifests.
set +f
set -f -- "$sys_db/"*/manifest
# Create the depends file if it doesn't exist to have something to
# compare against (even if empty). We will remove this blank file
# later if needed.
: >> depends
# Get a list of binaries and libraries, false files will be found,
# however it's faster to get 'ldd' to check them anyway than to filter
# them out.
find "$pkg_dir/${PWD##*/}/" -type f 2>/dev/null |
while read -r file; do
# Run 'ldd' on the file and parse each line. The code then checks to
# see which packages own the linked libraries and it prints the result.
ldd "$file" 2>/dev/null | while read -r _ _ dep _; do
# Resolve path symlinks to find the real location to the library.
cd -P "${dep%/*}" 2>/dev/null || continue
# Skip files owned by libc and POSIX.
case ${dep##*/} in
"" | ld-* | libpthread.so* | lib[cm].so* | libdl.so* |\
librt.so* | libtrace.so* | libxnet.so*)
continue
;;
esac
# Figure out which package owns the file.
dep=$(grep -lFx "${PWD#"$KISS_ROOT"}/${dep##*/}" "$@")
dep=${dep%/*} dep=${dep##*/}
case $dep in
# Skip listing these packages as dependencies.
# The pkg_name portions are to workaround incorrect detections
# from -bin or -esr packages.
""|gcc|llvm|"${pkg_name%%-bin}"|\
"${pkg_name%%-esr}"|"${pkg_name%%-esr-bin}") ;;
*) printf '%s\n' "$dep"
esac
done ||:
done | sort -uk1,1 depends - > "$mak_dir/d"
# Display a 'diff' of the new dependencies against the old ones.
diff -U 3 depends - < "$mak_dir/d" ||:
# Swap out the old depends file for the new one which contains
# an amended dependency list.
mv -f "$mak_dir/d" depends
# Remove the package's depends file if it's empty. (The package has
# no dependencies, automatically detected or otherwise).
[ -s depends ] || rm -f depends
}
pkg_manifest() (
# Generate the package's manifest file. This is a list of each file
# and directory inside the package. The file is used when uninstalling
# packages, checking for package conflicts and for general debugging.
log "$1" "Generating manifest"
# This function runs as a sub-shell to avoid having to 'cd' back to the
# prior directory before being able to continue.
cd "${2:-$pkg_dir}/$1"
# find: Print all files and directories and append '/' to directories.
# sort: Sort the output in *reverse*. Directories appear *after* their
# contents.
# sed: Remove the first character in each line (./dir -> /dir) and
# remove all lines which only contain '.'.
find . -type d -exec printf '%s/\n' {} + -o -print | sort -r |
sed '/^\.\/$/d;ss.ss' > "${2:-$pkg_dir}/$1/$pkg_db/$1/manifest"
)
pkg_manifest_verify() {
# Ensure that everything listed in the manifest exists in the tarball.
while read -r line; do
[ -h "./$line" ] ||
[ -e "./$line" ] ||
man_err="$man_err$line, "
done < "$1"
[ -z "$man_err" ] ||
die "$pkg" "Files in manifest missing from tarball: ${man_err%, }"
}
pkg_etcsums() (
# Generate checksums for each configuration file in the package's /etc/
# directory for use in "smart" handling of these files.
log "$1" "Generating etcsums"
# This function runs as a sub-shell to avoid having to 'cd' back to the
# prior directory before being able to continue.
[ -d "$pkg_dir/$1/etc" ] || return 0
cd "$pkg_dir/$1"
# This can't be a simple 'find -exec' as 'sh256' is a shell function
# and not a real command of any kind. This is the shell equivalent.
find etc -type f | sort | while read -r line; do
sh256 "$line"
done > "$pkg_dir/$1/$pkg_db/$1/etcsums"
)
pkg_tar() (
# Create a tarball from the built package's files. This tarball also
# contains the package's database entry.
log "$1" "Creating tarball"
pkg_find "$1"
# Read the version information to name the package.
read -r version release < "$repo_dir/version"
# Use 'cd' to avoid needing tar's '-C' flag which may not be portable
# across implementations.
cd "$pkg_dir/$1"
# Create a tarball from the contents of the built package.
tar cf - . | case ${KISS_COMPRESS:-gz} in
bz2) bzip2 -z ;;
gz) gzip -6 ;;
lzma) lzma -z ;;
lz) lzip -z ;;
xz) xz -zT 0 ;;
zst) zstd -z ;;
esac > "$bin_dir/$1#$version-$release.tar.${KISS_COMPRESS:-gz}"
log "$1" "Successfully created tarball"
run_hook post-package "$1"
)
pkg_build() {
# Mark packages passed on the command-line separately from those
# detected as dependencies. We need to treat explicitly passed packages
# differently from those pulled in as dependencies.
#
# This also resolves all dependencies and stores the result in '$deps'.
# Any duplicates are also filtered out.
for pkg do
contains "$explicit" "$pkg" || {
pkg_depends "$pkg" explicit
explicit="$explicit $pkg "
}
done
# If this is an update, don't always build explicitly passsed packages
# and instead install pre-built binaries if they exist.
[ "$pkg_update" ] || explicit_build=$explicit
# If an explicit package is a dependency of another explicit package,
# remove it from the explicit list as it needs to be installed as a
# dependency.
for pkg do
contains "$deps" "$pkg" || explicit2=" $explicit2 $pkg "
done
explicit=$explicit2
# See [1] at top of script.
# shellcheck disable=2046,2086
set -- $deps $explicit
# Only ask for confirmation if more than one package needs to be built.
[ "$#" -gt 1 ] || [ "$pkg_update" ] && prompt "Building: $*"
for pkg do pkg_lint "$pkg"; done
log "Checking for pre-built dependencies"
# Install any pre-built dependencies if they exist in the binary
# directory and are up to date.
for pkg do
! contains "$explicit_build" "$pkg" && pkg_cache "$pkg" && {
log "$pkg" "Installing binary from cache"
(KISS_FORCE=1 args i "$tar_file")
# Remove the now installed package from the build list.
shift
}
done
for pkg do pkg_sources "$pkg"; done
pkg_verify "$@"
# Finally build and create tarballs for all passed packages and
# dependencies.
for pkg do
log "$pkg" "Building package ($((in+=1))/$#)"
run_hook pre-extract "$pkg" "$pkg_dir/$pkg"
pkg_extract "$pkg"
pkg_find "$pkg"
# Install built packages to a directory under the package name to
# avoid collisions with other packages.
mkdir -p "$pkg_dir/$pkg/$pkg_db" "$mak_dir/$pkg"
cd "$mak_dir/$pkg"
# Log the version so we can pass it to the package build file.
read -r build_version _ < "$repo_dir/version"
log "$pkg" "Starting build"
run_hook pre-build "$pkg" "$pkg_dir/$pkg"
# Call the build script, log the output to the terminal and to a file.
# There's no PIPEFAIL in POSIX shelll so we must resort to tricks like
# killing the script ourselves.
{ "$repo_dir/build" "$pkg_dir/$pkg" "$build_version" 2>&1 || {
log "$pkg" "Build failed"
log "$pkg" "Log stored to $log_dir/$pkg-$time-$pid"
run_hook build-fail "$pkg" "$pkg_dir/$pkg"
pkg_clean
kill 0
} } | tee "$log_dir/$pkg-$time-$pid"
# Delete the log file if the build succeeded to prevent the directory
# from filling very quickly with useless logs.
[ "$KISS_KEEPLOG" = 1 ] || rm -f "$log_dir/$pkg-$time-$pid"
# Copy the repository files to the package directory. This acts as the
# database entry.
cp -LRf "$repo_dir" "$pkg_dir/$pkg/$pkg_db/"
log "$pkg" "Successfully built package"
run_hook post-build "$pkg" "$pkg_dir/$pkg"
# Remove all .la files from the packages. They're unneeded and cause
# issues when a package stops providing one. This recently caused an
# issue with harfbuzz (See: 05096e5a4dc6db5d202342f538d067d87ae7135e).
find "$pkg_dir/$pkg/usr/lib" -name \*.la -exec rm -f {} + 2>/dev/null ||:
# Remove this unneeded file from all packages as it is an endless
# source of conflicts. This is used with info pages we we do not support.
rm -f "$pkg_dir/$pkg/usr/lib/charset.alias"
# Create the manifest file early and make it empty. This ensures that
# the manifest is added to the manifest.
: > "$pkg_dir/$pkg/$pkg_db/$pkg/manifest"
# If the package contains '/etc', add a file called 'etcsums' to the
# manifest. See comment directly above.
[ -d "$pkg_dir/$pkg/etc" ] && : > "$pkg_dir/$pkg/$pkg_db/$pkg/etcsums"
pkg_strip "$pkg"
pkg_fixdeps "$pkg"
pkg_manifest "$pkg"
pkg_etcsums "$pkg"
pkg_tar "$pkg"
# Install only dependencies of passed packages. If this is an update,
# install the built package regardless.
contains "$explicit" "$pkg" && [ -z "$pkg_update" ] && continue
log "$pkg" "Needed as a dependency or has an update, installing"
(KISS_FORCE=1 args i "$pkg")
done
log "Successfully built all packages"
}
pkg_checksums() {
pkg_find "$1"
[ -f "$repo_dir/sources" ] || return 0
while read -r src _ || [ "$src" ]; do
# Skip comments, blank lines and git sources.
if [ -z "${src##\#*}" ] || [ -z "${src##git+*}" ]; then
:
# Remote source.
elif [ -z "${src##*://*}" ]; then
sh256 "$src_dir/$1/${src##*/}"
# Skip directories.
elif [ -d "$repo_dir/$src" ] || [ -d "/$src" ]; then
:
# Local file (relative).
elif [ -f "$repo_dir/$src" ]; then
sh256 "$repo_dir/$src"
# Local file (absolute).
elif [ -f "/$src" ]; then
sh256 "/$src"
fi
done < "$repo_dir/sources" || die "$1" "Failed to generate checksums"
}
pkg_verify() {
# Verify all package checksums. This is achieved by generating a new set
# of checksums and then comparing those with the old set.
verify_cmd="NR==FNR{a[\$1];next}/^git .*/{next}!((\$1)in a){exit 1}"
for pkg do
pkg_find "$pkg"
[ -f "$repo_dir/sources" ] || continue
verify_sum=$(pkg_checksums "$pkg")
[ "$verify_sum" ] || continue
[ -f "$repo_dir/checksums" ] || die "$pkg" "checksums file missing"
# Check that the first column (separated by whitespace) match in both
# checksum files. If any part of either file differs, mismatch. Abort.
printf '%s\n' "$verify_sum" |
awk "$verify_cmd" - "$repo_dir/checksums" || {
log "$pkg" "Checksum mismatch"
# Instead of dying above, log it to the terminal. Also define a
# variable so we *can* die after all checksum files have been
# checked.
mismatch="$mismatch$pkg "
}
done
[ -z "$mismatch" ] || die "Checksum mismatch with: ${mismatch% }"
log "Verified all checksums"
}
pkg_conflicts() {
# Check to see if a package conflicts with another.
log "$1" "Checking for package conflicts"
# Filter the tarball's manifest and select only files. Resolve all
# symlinks in file paths as well.
while read -r file; do
file=$KISS_ROOT/${file#/}
# Skip all directories.
case $file in */) continue; esac
# Attempt to resolve symlinks by using 'cd'.
# If this fails, fallback to the file's parent
# directory.
cd -P "${file%/*}" 2>/dev/null || PWD=${file%/*}
# Print the file with all symlinks in its path
# resolved to their real locations.
printf '%s\n' "${PWD#"$KISS_ROOT"}/${file##*/}"
done < "$tar_dir/$1/$pkg_db/$1/manifest" > "$mak_dir/$pid-m"
p_name=$1
set +f
set -f "$sys_db"/*/manifest
# Generate a list of all installed package manifests and remove the
# current package from the list. This is the simplest method of
# dropping an item from the argument list. The one downside is that
# it cannot live in a function due to scoping of arguments.
for manifest do
shift
[ "$sys_db/$p_name/manifest" = "$manifest" ] && continue
set -- "$@" "$manifest"
done
# Return here if there is nothing to check conflicts against.
[ "$#" != 0 ] || return 0
# Store the list of found conflicts in a file as we'll be using the
# information multiple times. Storing things in the cache dir allows
# us to be lazy as they'll be automatically removed on script end.
grep -Fxf "$mak_dir/$pid-m" -- "$@" 2>/dev/null > "$mak_dir/$pid-c" ||:
# Enable alternatives automatically if it is safe to do so.
# This checks to see that the package that is about to be installed
# doesn't overwrite anything it shouldn't in '/var/db/kiss/installed'.
grep -q ":/var/db/kiss/installed/" "$mak_dir/$pid-c" || choice_auto=1
if [ "$KISS_CHOICE" != 0 ] &&
[ "$choice_auto" = 1 ] &&
[ -s "$mak_dir/$pid-c" ]; then
# This is a novel way of offering an "alternatives" system.
# It is entirely dynamic and all "choices" are created and
# destroyed on the fly.
#
# When a conflict is found between two packages, the file
# is moved to a directory called "choices" and its name
# changed to store its parent package and its intended
# location.
#
# The package's manifest is then updated to reflect this
# new location.
#
# The 'kiss alternatives' command parses this directory and
# offers you the CHOICE of *swapping* entries in this
# directory for those on the filesystem.
#
# The alternatives command does the same thing we do here,
# it rewrites manifests and moves files around to make
# this work.
#
# Pretty nifty huh?
while IFS=: read -r _ con; do
printf '%s\n' "Found conflict $con"
# Create the "choices" directory inside of the tarball.
# This directory will store the conflicting file.
mkdir -p "$tar_dir/$p_name/${cho_dir:=var/db/kiss/choices}"
# Construct the file name of the "db" entry of the
# conflicting file. (pkg_name>usr>bin>ls)
con_name=$(printf %s "$con" | sed 's|/|>|g')
# Move the conflicting file to the choices directory
# and name it according to the format above.
mv -f "$tar_dir/$p_name/$con" \
"$tar_dir/$p_name/$cho_dir/$p_name$con_name" 2>/dev/null || {
log "File must be in ${con%/*} and not a symlink to it"
log "This usually occurs when a binary is installed to"
log "/sbin instead of /usr/bin (example)"
log "Before this package can be used as an alternative,"
log "this must be fixed in $p_name. Contact the maintainer"
die "by finding their details via 'kiss-maintainer'" "" "!>"
}
done < "$mak_dir/$pid-c"
log "$p_name" "Converted all conflicts to choices (kiss a)"
# Rewrite the package's manifest to update its location
# to its new spot (and name) in the choices directory.
pkg_manifest "$p_name" "$tar_dir" 2>/dev/null
elif [ -s "$mak_dir/$pid-c" ]; then
log "Package '$p_name' conflicts with another package" "" "!>"
log "Run 'KISS_CHOICE=1 kiss i $p_name' to add conflicts" "" "!>"
die "as alternatives." "" "!>"
fi
}
pkg_swap() {
# Swap between package alternatives.
pkg_list "$1" >/dev/null
alt=$(printf %s "$1$2" | sed 's|/|>|g')
cd "$sys_db/../choices"
[ -f "$alt" ] || [ -h "$alt" ] ||
die "Alternative '$1 $2' doesn't exist"
if [ -f "$2" ]; then
# Figure out which package owns the file we are going to swap for
# another package's. Print the full path to the manifest file which
# contains the match to our search.
pkg_owns=$(set +f; grep -lFx "$2" "$sys_db/"*/manifest) ||:
# Extract the package name from the path above.
pkg_owns=${pkg_owns%/*}
pkg_owns=${pkg_owns##*/}
# Ensure that the file we're going to swap is actually owned by a
# package. If it is not, we have to die here.
[ "$pkg_owns" ] || die "File '$2' exists on filesystem but isn't owned"
log "Swapping '$2' from '$pkg_owns' to '$1'"
# Convert the current owner to an alternative and rewrite its manifest
# file to reflect this.
cp -Pf "$KISS_ROOT/$2" "$pkg_owns>${alt#*>}"
# Replace the matching line in the manifest with the desired replacement.
# This used to be a 'sed' call which turned out to be a little
# error-prone in some cases. This new method is a tad slower but ensures
# we never wipe the file due to a command error.
while read -r line; do
case $line in
"$2") printf '%s\n' "${PWD#"$KISS_ROOT"}/$pkg_owns>${alt#*>}" ;;
*) printf '%s\n' "$line" ;;
esac
done < "../installed/$pkg_owns/manifest" | sort -r > "$mak_dir/.$1"
mv -f "$mak_dir/.$1" "../installed/$pkg_owns/manifest"
fi
# Convert the desired alternative to a real file and rewrite the manifest
# file to reflect this. The reverse of above.
mv -f "$alt" "$KISS_ROOT/$2"
# Replace the matching line in the manifest with the desired replacement.
# This used to be a 'sed' call which turned out to be a little error-prone
# in some cases. This new method is a tad slower but ensures we never wipe
# the file due to a command error.
while read -r line; do
case $line in
"${PWD#"$KISS_ROOT"}/$alt") printf '%s\n' "$2" ;;
*) printf '%s\n' "$line" ;;
esac
done < "../installed/$1/manifest" | sort -r > "$mak_dir/.$1"
mv -f "$mak_dir/.$1" "../installed/$1/manifest"
}
pkg_install_files() {
# Reverse the manifest file so that we start shallow and go deeper as we
# iterate over each item. This is needed so that directories are created
# going down the tree.
sort "$2/$pkg_db/${2##*/}/manifest" |
while read -r line; do
# Grab the octal permissions so that directory creation
# preserves permissions.
# See: [2] at top of script.
rwx=$(ls -ld "$2/$line") oct='' b='' o=0
# Convert the output of 'ls' (rwxrwx---) to octal. This is simply
# a 1-9 loop with the second digit being the value of the field.
for c in 14 22 31 44 52 61 74 82 91; do
rwx=${rwx#?}
case $rwx in
[rwx]*): "$((o+=${c#?}))" ;;
[st]*): "$((o+=1))" "$((b+=4 / (${c%?}/3)))" ;;
[ST]*): "$((b+=1))" ;;
esac
[ "$((${c%?} % 3))" = 0 ] && oct=$oct$o o=0
done
# Copy files and create directories (preserving permissions),
# skipping anything located in /etc/.
case $line in
/etc/?*[!/])
# Handle file in /etc/.
[ -d "$KISS_ROOT/$line" ] || test "$1" "$KISS_ROOT/$line" ||
pkg_etc_file "$2" "${line#/}"
;;
*/)
# Skip directories if they already exist in the file system.
# (Think /usr/bin, /usr/lib, etc).
[ -d "$KISS_ROOT/$line" ] || mkdir -m "$oct" "$KISS_ROOT/$line"
;;
*)
# Skip directories as they're likely symlinks in this case.
# Pure directories in manifests have a suffix of '/'.
[ -d "$KISS_ROOT/$line" ] || test "$1" "$KISS_ROOT/$line" || {
cp -fP "$2/$line" "$KISS_ROOT/$line"
# Skip changing permissions of symlinks. This prevents
# errors when the symlink exists prior to the target.
[ -h "$KISS_ROOT/$line" ] ||
chmod "$b$oct" "$KISS_ROOT/$line"
}
esac
done ||:
pkg_etc_cnt=0
}
pkg_remove_files() {
# Remove a file list from the system. This function runs during package
# installation and package removal. Combining the removals in these two
# functions allows us to stop duplicating code.
while read -r file; do
case $file in /etc/?*[!/])
sum_sys=$(sh256 "$KISS_ROOT/$file")
sum_old=$(grep -F "$sum_sys" "$mak_dir/c")
[ "$sum_sys" = "$sum_old" ] || {
printf 'Skipping %s (modified)\n' "$file"
continue
}
esac 2>/dev/null ||:
file=$KISS_ROOT/$file
# Remove files.
if [ -f "$file" ] && [ ! -h "$file" ]; then
rm -f "$file"
# Remove file symlinks.
elif [ -h "$file" ] && [ ! -d "$file" ]; then
rm -f "$file"
# Remove directories if empty.
elif [ -d "$file" ] && [ ! -h "$file" ]; then
rmdir "$file" 2>/dev/null ||:
fi
done ||:
}
pkg_etc_file() {
pkg_etc_cnt=$((pkg_etc_cnt + 1))
log "$pkg" "Doing 3-way handshake for $2"
sum_new=$(sh256 "$1/$2") 2>/dev/null ||:
sum_sys=$(cd "$KISS_ROOT/"; sh256 "$2") 2>/dev/null ||:
sum_old=$(awk "NR == $pkg_etc_cnt" "$mak_dir/c") 2>/dev/null ||:
echo $pkg_etc_cnt
printf '%s\n' "Previous: ${sum_old:-null}"
printf '%s\n' "System: ${sum_sys:-null}"
printf '%s\n' "New: ${sum_new:-null}"
# Use a case statement to easily compare three strings at
# the same time. Pretty nifty.
case ${sum_old:-null}${sum_sys:-null}${sum_new} in
# old = Y, sys = X, new = Y
"${sum_new}${sum_sys}${sum_old}")
log "Skipping $2"
return 0
;;
# old = X, sys = X, new = X
# old = X, sys = Y, new = Y
# old = X, sys = X, new = Y
"${sum_old}${sum_old}${sum_old}"|\
"${sum_old:-null}${sum_sys}${sum_sys}"|\
"${sum_sys}${sum_old}"*)
log "Installing $2"
new=
;;
# All other cases.
*)
war "$pkg" "saving /$2 as /$2.new"
new=.new
;;
esac
cp -fPp "$1/$2" "$KISS_ROOT/${2}${new}"
chown root:root "$KISS_ROOT/${2}${new}" 2>/dev/null
}
pkg_remove() {
# Remove a package and all of its files. The '/etc' directory is handled
# differently and configuration files are *not* overwritten.
pkg_list "$1" >/dev/null
# Make sure that nothing depends on this package.
[ "$KISS_FORCE" = 1 ] || {
log "$1" "Checking for reverse dependencies"
(cd "$sys_db"; set +f; grep -lFx "$1" -- */depends) &&
die "$1" "Can't remove package, others depend on it"
}
# Block being able to abort the script with 'Ctrl+C' during removal.
# Removes all risk of the user aborting a package removal leaving an
# incomplete package installed.
trap '' INT
if [ -x "$sys_db/$1/pre-remove" ]; then
log "$1" "Running pre-remove script"
"$sys_db/$1/pre-remove" ||:
fi
# Make a backup of the etcsums file (if it exists).
cp -f "$sys_db/$1/etcsums" "$mak_dir/c" 2>/dev/null ||:
log "$1" "Removing package"
pkg_remove_files < "$sys_db/$1/manifest"
# Reset 'trap' to its original value. Removal is done so
# we no longer need to block 'Ctrl+C'.
trap pkg_clean EXIT INT
log "$1" "Removed successfully"
}
pkg_install() {
# Install a built package tarball.
#
# Package installation works similarly to the method used by Slackware in
# some of their tooling. It's not the obvious solution to the problem,
# however it is the best solution at this given time.
#
# When an installation is an update to an existing package, instead of
# removing the old version first we do something different.
#
# The new version is installed overwriting any files which it has in
# common with the previously installed version of the package.
#
# A "diff" is then generated between the old and new versions and contains
# any files existing in the old version but not the new version.
#
# The package manager then goes and removes these files which leaves us
# with the new package version in the file system and all traces of the
# old version gone.
#
# For good measure the package manager will then install the new package
# an additional time. This is to ensure that the above diff didn't contain
# anything incorrect.
#
# This is the better method as it is "seamless". An update to busybox won't
# create a window in which there is no access to all of its utilities to
# give an example.
# Install can also take the full path to a tarball. We don't need to check
# the repository if this is the case.
if [ -z "${1%%*.tar.*}" ] && [ -f "$1" ]; then
tar_file=$1 pkg=${1##*/} pkg=${pkg%#*}
elif ! pkg_cache "$1" 2>/dev/null; then
case $1 in
*.tar.*) die "Tarball '$1' does not exist" ;;
*) die "Package '$1' has not yet been built"
esac
fi
mkdir -p "$tar_dir/$pkg"
cd "$tar_dir/$pkg"
# The tarball is extracted to a temporary directory where its contents are
# then "installed" to the filesystem. Running this step as soon as possible
# allows us to also check the validity of the tarball and bail out early
# if needed.
decompress "$tar_file" | tar xf -
# Naively assume that the existence of a manifest file is all that
# determines a valid KISS package from an invalid one. This should be a
# fine assumption to make in 99.99% of cases.
[ -f "./$pkg_db/$pkg/manifest" ] || die "Not a valid KISS package"
# Ensure that the tarball's manifest is correct by checking that each file
# and directory inside of it actually exists.
[ "$KISS_FORCE" = 1 ] || {
pkg_manifest_verify "$pkg_db/$pkg/manifest"
# Intentional.
# shellcheck disable=2030
(
KISS_PATH=$tar_dir/$pkg/$pkg_db:$KISS_PATH
pkg_depends "$pkg" explicit 2>/dev/null ||:
[ -z "$deps" ] || die "$pkg" "Missing $deps"
)
}
run_hook pre-install "$pkg" "$tar_dir/$pkg"
pkg_conflicts "$pkg"
# Block being able to abort the script with Ctrl+C during installation.
# Removes all risk of the user aborting a package installation leaving
# an incomplete package installed.
trap '' INT
# If the package is already installed (and this is an upgrade) make a
# backup of the manifest and etcsums files.
cp -f "$sys_db/$pkg/manifest" "$mak_dir/m" 2>/dev/null ||:
cp -f "$sys_db/$pkg/etcsums" "$mak_dir/c" 2>/dev/null ||:
log "$pkg" "Installing package"
pkg_install_files -z "$tar_dir/$pkg"
# This is the aforementioned step removing any files from the old version of
# the package if the installation is an update. Each file type has to be
# specially handled to ensure no system breakage occurs.
#
# Files in /etc/ are skipped entirely as they'll be handled via a 3-way
# checksum system due to the nature of their existence.
grep -vFxf "$sys_db/$pkg/manifest" "$mak_dir/m" 2>/dev/null |
pkg_remove_files
# Install the package's files a second time to fix any mess caused by the
# above removal of the previous version of the package.
log "$pkg" "Verifying installation"
pkg_install_files -e "$tar_dir/$pkg"
trap pkg_clean EXIT INT
if [ -x "$sys_db/$pkg/post-install" ]; then
log "$pkg" "Running post-install hook"
hook_output=$("$sys_db/$pkg/post-install" 2>&1)
[ -z "$hook_output" ] || {
log "$pkg" "Running post-install hook" 2>&1
printf '%s\n' "$hook_output"
} |
# 'tee' is used as we would still like to display 'stderr'
tee -a "$log_dir/post-install-$time-$pid" >/dev/null
fi
run_hook post-install "$pkg" "$sys_db/$pkg"
log "$pkg" "Installed successfully"
}
pkg_updates() {
# Check all installed packages for updates. So long as the installed
# version and the version in the repositories differ, it's considered
# an update.
log "Updating repositories"
# Create a list of all repositories.
# See [1] at top of script.
# shellcheck disable=2046,2086
{
IFS=:
set -- $KISS_PATH
unset IFS
}
# Update each repository in '$KISS_PATH'.
for repo do
cd "$repo"
case $(git remote 2>/dev/null) in
"")
log "$repo" " "
printf 'Skipping git pull, not a repository\n'
;;
*)
cd "$(git rev-parse --show-toplevel)"
git_root=$(git rev-parse --show-superproject-working-tree)
cd "${git_root:-.}"
contains "$repos" "$PWD" || {
repos="$repos $PWD "
# Display a tick if signing is enabled for this repository.
case $(git config merge.verifySignatures) in
true) log "$PWD" "[signed] " ;;
*) log "$PWD" " " ;;
esac
if [ -w "$PWD" ] && [ "$uid" != 0 ]; then
git pull
git submodule update --remote --init -f
else
[ "$uid" = 0 ] || log "$PWD" "Need root to update"
# Find out the owner of the repository and spawn
# git as this user below.
#
# This prevents 'git' from changing the original
# ownership of files and directories in the rare
# case that the repository is owned by a 3rd user.
(
file_owner "$PWD"
# We're in a repository which is owned by a 3rd
# user. Not root or the current user.
[ "$user" = root ] ||
log "Dropping to $user for pull"
# Nesting is deep and line is long.
git_cmd="
git pull && git submodule update --remote --init -f
"
# 'sudo' and 'doas' properly parse command-line
# arguments and split them in the common way. 'su'
# on the other hand requires that each argument be
# properly quoted as the command passed to it must
# be a string... This sets quotes where needed.
case $su in *su) git_cmd="'$git_cmd'"; esac
# Spawn a subshell to run multiple commands as
# root at once. This makes things easier on users
# who aren't using persist/timestamps for auth
# caching.
user=$user as_root sh -c "$git_cmd"
)
fi
}
;;
esac
[ ! -x update ] || {
log "$PWD" "Running update hook"
./update
}
done
log "Checking for new package versions"
set +f --
for pkg in "$sys_db/"*; do
pkg_find "${pkg##*/}"
read -r db_ver db_rel < "$pkg/version"
read -r re_ver re_rel < "$repo_dir/version"
# Compare installed packages to repository packages.
[ "$db_ver-$db_rel" = "$re_ver-$re_rel" ] || {
printf '%s\n' "${pkg##*/} $db_ver-$db_rel -> $re_ver-$re_rel"
set -- "$@" "${pkg##*/}"
}
done
set -f
contains "$*" kiss && {
log "Detected package manager update"
prompt "The package manager will be updated first"
pkg_build kiss
args i kiss
log "Updated the package manager"
log "Re-run 'kiss update' to update your system"
exit 0
}
[ "$1" ] || {
log "Everything is up to date"
return
}
pkg_update=1
pkg_build "$@"
}
pkg_clean() {
# Clean up on exit or error. This removes everything related to the build.
[ "$KISS_DEBUG" = 1 ] ||
rm -rf \
"$mak_dir" \
"$pkg_dir" \
"$tar_dir"
}
args() {
# Parse script arguments manually. This is rather easy to do in our case
# since the first argument is always an "action" and the arguments that
# follow are all package names.
action=$1
shift "$(($# != 0))"
case $action in
b|build|c|checksum|d|download|i|install|r|remove)
[ "$1" ] || {
# Intentional.
# shellcheck disable=2031
export KISS_PATH=${PWD%/*}:$KISS_PATH
set -- "${PWD##*/}"
}
for arg do
case $arg in
*'*'*|*'!'*|*'['*|*']'*|*' '*|*' '*)
die "Argument contains: '!*[ \t]' ($arg)"
;;
esac
done
;;
esac
# Rerun the script as root with a fixed environment if needed. We sadly
# can't run singular functions as root so this is needed.
case $action in
a|alternatives|i|install|r|remove)
[ -z "$1" ] || [ -w "$KISS_ROOT/" ] || [ "$uid" = 0 ] || {
as_root HOME="$HOME" \
XDG_CACHE_HOME="$XDG_CACHE_HOME" \
KISS_PATH="$KISS_PATH" \
KISS_FORCE="$KISS_FORCE" \
KISS_ROOT="$KISS_ROOT" \
KISS_CHOICE="$KISS_CHOICE" \
KISS_COLOR="$KISS_COLOR" \
KISS_TMPDIR="$KISS_TMPDIR" \
KISS_PID="$KISS_PID" \
"$0" "$action" "$@"
return
}
;;
esac
# Actions can be abbreviated to their first letter. This saves keystrokes
# once you memorize the commands.
case $action in
a|alternatives)
if [ "$1" = - ]; then
while read -r pkg path; do
pkg_swap "$pkg" "$path"
done
elif [ "$1" ]; then
pkg_swap "$@"
else
# Go over each alternative and format the file
# name for listing. (pkg_name>usr>bin>ls)
set +f; for pkg in "$sys_db/../choices"/*; do
printf '%s\n' "${pkg##*/}"
done | sed 's|>| /|; s|>|/|g; /\*/d'
fi
;;
c|checksum)
for pkg do pkg_lint "$pkg"; done
for pkg do pkg_sources "$pkg" c; done
for pkg do
pkg_find "$pkg"
[ -f "$repo_dir/sources" ] || {
log "$pkg" "No sources file, skipping checksums"
continue
}
sums=$(pkg_checksums "$pkg")
[ "$sums" ] || {
log "$pkg" "No sources needing checksums"
continue
}
# False positive ('>> file' with no command).
# shellcheck disable=2188
printf '%s\n' "$sums" |
if 2>/dev/null >> "$repo_dir/checksums"; then
tee "$repo_dir/checksums"
else
log "$pkg" "Need permissions to generate checksums"
file_owner "$repo_dir"
user=$user as_root tee "$repo_dir/checksums"
fi
log "$pkg" "Generated checksums"
done
;;
i|install)
for pkg do
pkg_install "$pkg"
done
;;
r|remove)
for pkg do
pkg_remove "$pkg"
done
;;
b|build) pkg_build "${@:?No packages installed}" ;;
d|download) for pkg do pkg_sources "$pkg"; done ;;
l|list) pkg_list "$@" ;;
u|update) pkg_updates ;;
s|search) for pkg do pkg_find "$pkg" all; done ;;
v|version) printf '5.1.0\n' ;;
'')
log 'kiss [a|b|c|d|i|l|r|s|u|v] [pkg]...'
log 'alternatives List and swap to alternatives'
log 'build Build a package'
log 'checksum Generate checksums'
log 'download Pre-download all sources'
log 'install Install a package'
log 'list List installed packages'
log 'remove Remove a package'
log 'search Search for a package'
log 'update Update the system'
log 'version Package manager version'
printf '\nRun "kiss help-ext" to see all actions\n'
;;
help-ext)
log 'Installed extensions (kiss-* in PATH)'
# shellcheck disable=2046
# see [1] at top of script.
set -- $(KISS_PATH=$PATH pkg_find kiss-\* all -x)
# To align descriptions figure out which extension has the longest
# name by doing a simple 'name > max ? name : max' on the basename
# of the path with 'kiss-' stripped as well.
#
# This also removes any duplicates found in '$PATH', picking the
# first match.
for path do p=${path#*/kiss-}
case " $seen " in
*" $p "*) shift ;;
*) seen=" $seen $p " max=$((${#p} > max ? ${#p}+1 : max))
esac
done
# Print each extension, grab its description from the second line
# in the file and align the output based on the above max.
for path do
printf "%b->%b %-${max}s " "$lcol" "$lclr" "${path#*/kiss-}"
sed -n 's/^# *//;2p' "$path"
done >&2
;;
*)
KISS_PATH=$PATH pkg_find "kiss-$action*" "" -x 2>/dev/null ||
die "'kiss $action' is not a valid command"
"$repo_dir" "$@"
;;
esac
if [ -s "$log_dir/post-install-$time-$pid" ]; then
cat "$log_dir/post-install-$time-$pid"
log "Post-install log stored to $log_dir/post-install-$time-$pid"
fi
}
main() {
# Globally disable globbing and enable exit-on-error.
set -ef
# Allow the user to disable colors in output via an environment variable.
# Check this once so as to not slow down printing.
[ "$KISS_COLOR" = 0 ] || lcol='\033[1;33m' lcol2='\033[1;34m' lclr='\033[m'
# The PID of the current shell process is used to isolate directories
# to each specific KISS instance. This allows multiple package manager
# instances to be run at once. Store the value in another variable so
# that it doesn't change beneath us.
pid=${KISS_PID:-$$}
# Catch errors and ensure that build files and directories are cleaned
# up before we die. This occurs on 'Ctrl+C' as well as success and error.
trap pkg_clean EXIT INT
# Figure out which 'sudo' command to use based on the user's choice or what
# is available on the system.
su=${KISS_SU:-"$(command -v sudo || command -v doas || command -v sls)"} ||:
# Store the date and time of script invocation to be used as the name of
# the log files the package manager creates uring builds.
time=$(date +%Y-%m-%d-%H:%M)
# Make note of the user's current ID to do root checks later on.
# This is used enough to warrant a place here.
uid=$(id -u)
# Make sure that the KISS_ROOT doesn't end with a '/'. This might break
# some operations if left unchecked.
KISS_ROOT=${KISS_ROOT%/} KISS_ROOT=${KISS_ROOT%/} KISS_ROOT=${KISS_ROOT%/}
# Define some paths which we will then use throughout the script.
sys_db=$KISS_ROOT/${pkg_db:=var/db/kiss/installed}
# This allows for automatic setup of a KISS chroot and will
# do nothing on a normal system.
mkdir -p "$KISS_ROOT/" 2>/dev/null ||:
# Create cache directories and define variables.
mkdir -p \
"${cac_dir:="${XDG_CACHE_HOME:-"${HOME:?HOME is null}/.cache"}/kiss"}" \
"${mak_dir:="${KISS_TMPDIR:="$cac_dir"}/build-$pid"}" \
"${pkg_dir:="${KISS_TMPDIR:="$cac_dir"}/pkg-$pid"}" \
"${tar_dir:="${KISS_TMPDIR:="$cac_dir"}/extract-$pid"}" \
"${src_dir:="$cac_dir/sources"}" \
"${log_dir:="$cac_dir/logs"}" \
"${bin_dir:="$cac_dir/bin"}"
args "$@"
}
main "$@"