Fixes a minor error in the documentation about syncing a medium, where
the id for a medium is falsely provided with a `--id <id>` argument.
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
some vendors don't just provide a single certificate but an entire
keyring for their repositories. apt can handle those gracefully, so
should we. this commit adds the ability to verify a repository's
signatures with a keyring.
we use `PacketParserEOF` to check if a stream of packets is likely a
single certificate or a keyring. if it is a keyring, we try to verify a
message with all certificates in the ring and only fail if no
certificate can verify the message.
Reported-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
It's a guard for the file lock which is meant to just stick around
until dropped, it does not need to be otherwise used.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
this ensures the X-Cargo-Built-Using (and soon, Static-Built-Using) substvars
are actually filled with contents, and allow to find out which rustc version
and dependency versions were used to build a particular binary package.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
garbage collection currently is quite aggressive in removing all files
under the link_dir, which are not a hard-link to a checksum file.
removing directories that remain empty below the link_dir should thus
not too dangerous.
without this patch, removing a snapshot on a mirror, running gc there,
and syncing everything to a medium, leaves the medium with an
hierarchy of empty directories below the removed snapshot (the files
get cleaned up the directories remain).
using WalkDir::content_first() seems better than to check for
emptiness after each file-removal [0]
[0] https://docs.rs/walkdir/latest/walkdir/struct.WalkDir.html#method.contents_first
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
path.is_empty() checks for the empty-path, not an empty directory [0].
as the check that the path is below the link_dir happens anyways in
the if we can directly call std::fs::remove_dir (which is even safer
than the std::fs::remove_dir_all call used in pool::remove_dir()).
the oversight seems to have been in place since the intial commit. I
ran across the issue when removing many snapshots of a Debian Bookworm
repository, syncing this to a medium, and still having a vast amount
of empty directories left behind (as debian has one directory per
package), which in turn increases the sync run-time.
[0] https://docs.rs/nix/latest/nix/trait.NixPath.html#tymethod.is_empty
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
commit c598cb154e changed the pool
layout to have the pool directory (.pool for a mirror) on the same
level as the link directory (instead of below), to enable pool-sharing
across multiple mirrors.
the condition will never be true, drop the if statement to avoid
confusion in the future.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
The recent changes to proxmox-apt along with the introduction of the
proxmox_apt_apit_types crate led to the following changes.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
the old location has been deprecated for a while, and rustc 1.78 will start to warn about it.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
they then get stripped into their own package anyway, but without this we don't
get debug symbols at all with rustc >= 1.77
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fixes the clippy lint
```
warning: the borrowed expression implements the required traits
--> src/medium.rs:143:9
|
143 | &statefile(base),
| ^^^^^^^^^^^^^^^^ help: change this to: `statefile(base)`
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrows_for_generic_args
= note: `#[warn(clippy::needless_borrows_for_generic_args)]` on by default
```
Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
Joining the strings might results in a double `//` in a path. This was
experienced in a ticket at our customer support in the following error:
Error: unable to read
"/var/lib/proxmox-offline-mirror/mirrors//.pool/sha256/<SOME_HASH>"
- Input/output error (os error 5) after downloading ±60GB of data.
Suggested-by: Stefan Sterz <s.sterz@proxmox.com>
Signed-off-by: Maximiliano Sandoval R <m.sandoval@proxmox.com>
