lib: don't allow xbps self-update to bypass integrity checks

This reverts 83ade39.

In the past, self-updates mandated that only xbps and its dependencies can be
updated if an xbps update is avaliable.

As updating dependencies may break their depndents, xbps used
XBPS_FLAG_FORCE_REMOVE_REVDEPS in order to bypass integrety checks when using
xbps-install -u xbps.

This can result in circumstances where the the system is rendered inoperable
due to missing or mismatched dependencies of core system packages (e.g. PAM).

Remove the auto-update mechanism until a better designed system can be
implemented.

Author: oreo639

lib/transaction_ops.c

@@ -222,80 +222,6 @@ trans_find_pkg(struct xbps_handle *xhp, const char *pkg, bool force)
 	return 0;
 }
 
-/*
- * Returns 1 if there's an update, 0 if none or -1 on error.
- */
-static int
-xbps_autoupdate(struct xbps_handle *xhp)
-{
-	xbps_array_t rdeps;
-	xbps_dictionary_t pkgd;
-	const char *pkgver = NULL, *pkgname = NULL;
-	int rv;
-
-	/*
-	 * Check if there's a new update for XBPS before starting
-	 * another transaction.
-	 */
-	if (((pkgd = xbps_pkgdb_get_pkg(xhp, "xbps")) == NULL) &&
-	    ((pkgd = xbps_pkgdb_get_virtualpkg(xhp, "xbps")) == NULL))
-		return 0;
-
-	if (!xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver)) {
-		return EINVAL;
-	}
-	if (!xbps_dictionary_get_cstring_nocopy(pkgd, "pkgname", &pkgname)) {
-		return EINVAL;
-	}
-
-	rv = trans_find_pkg(xhp, pkgname, false);
-
-	xbps_dbg_printf("%s: trans_find_pkg xbps: %d\n", __func__, rv);
-
-	if (rv == 0) {
-		if (xhp->flags & XBPS_FLAG_DOWNLOAD_ONLY) {
-			return 0;
-		}
-		/* a new xbps version is available, check its revdeps */
-		rdeps = xbps_pkgdb_get_pkg_revdeps(xhp, "xbps");
-		for (unsigned int i = 0; i < xbps_array_count(rdeps); i++)  {
-			const char *curpkgver = NULL;
-			char curpkgn[XBPS_NAME_SIZE] = {0};
-
-			xbps_array_get_cstring_nocopy(rdeps, i, &curpkgver);
-			xbps_dbg_printf("%s: processing revdep %s\n", __func__, curpkgver);
-
-			if (!xbps_pkg_name(curpkgn, sizeof(curpkgn), curpkgver)) {
-				abort();
-			}
-			rv = trans_find_pkg(xhp, curpkgn, false);
-			xbps_dbg_printf("%s: trans_find_pkg revdep %s: %d\n", __func__, curpkgver, rv);
-			if (rv && rv != ENOENT && rv != EEXIST && rv != ENODEV)
-				return -1;
-		}
-		/*
-		 * Set XBPS_FLAG_FORCE_REMOVE_REVDEPS to ignore broken
-		 * reverse dependencies in xbps_transaction_prepare().
-		 *
-		 * This won't skip revdeps of the xbps pkg, rather other
-		 * packages in rootdir that could be broken indirectly.
-		 *
-		 * A sysup transaction after updating xbps should fix them
-		 * again.
-		 */
-		xhp->flags |= XBPS_FLAG_FORCE_REMOVE_REVDEPS;
-		return 1;
-	} else if (rv == ENOENT || rv == EEXIST || rv == ENODEV) {
-		/* no update */
-		return 0;
-	} else {
-		/* error */
-		return -1;
-	}
-
-	return 0;
-}
-
 int
 xbps_transaction_update_packages(struct xbps_handle *xhp)
 {
@@ -305,17 +231,8 @@ xbps_transaction_update_packages(struct xbps_handle *xhp)
 	bool newpkg_found = false;
 	int rv = 0;
 
-	rv = xbps_autoupdate(xhp);
-	switch (rv) {
-	case 1:
-		/* xbps needs to be updated, don't allow any other update */
-		return EBUSY;
-	case -1:
-		/* error */
+	if (xbps_pkgdb_init(xhp) != 0)
 		return EINVAL;
-	default:
-		break;
-	}
 
 	iter = xbps_dictionary_iterator(xhp->pkgdb);
 	assert(iter);
@@ -355,22 +272,6 @@ xbps_transaction_update_pkg(struct xbps_handle *xhp, const char *pkg, bool force
 	xbps_array_t rdeps;
 	int rv;
 
-	rv = xbps_autoupdate(xhp);
-	xbps_dbg_printf("%s: xbps_autoupdate %d\n", __func__, rv);
-	switch (rv) {
-	case 1:
-		/* xbps needs to be updated, only allow xbps to be updated */
-		if (strcmp(pkg, "xbps"))
-			return EBUSY;
-		return 0;
-	case -1:
-		/* error */
-		return EINVAL;
-	default:
-		/* no update */
-		break;
-	}
-
 	/* update its reverse dependencies */
 	rdeps = xbps_pkgdb_get_pkg_revdeps(xhp, pkg);
 	if (xhp->flags & XBPS_FLAG_DOWNLOAD_ONLY) {
@@ -406,21 +307,6 @@ xbps_transaction_install_pkg(struct xbps_handle *xhp, const char *pkg, bool forc
 	xbps_array_t rdeps;
 	int rv;
 
-	rv = xbps_autoupdate(xhp);
-	switch (rv) {
-	case 1:
-		/* xbps needs to be updated, only allow xbps to be updated */
-		if (strcmp(pkg, "xbps"))
-			return EBUSY;
-		return 0;
-	case -1:
-		/* error */
-		return EINVAL;
-	default:
-		/* no update */
-		break;
-	}
-
 	/* update its reverse dependencies */
 	rdeps = xbps_pkgdb_get_pkg_revdeps(xhp, pkg);
 	if (xhp->flags & XBPS_FLAG_DOWNLOAD_ONLY) {

tests/xbps/libxbps/shell/Kyuafile

@@ -20,7 +20,6 @@ atf_test_program{name="preserve_files_test"}
 atf_test_program{name="update_shlibs_test"}
 atf_test_program{name="update_hold_test"}
 atf_test_program{name="update_repolock_test"}
-atf_test_program{name="update_itself_test"}
 atf_test_program{name="cyclic_deps_test"}
 atf_test_program{name="conflicts_test"}
 atf_test_program{name="hold_test"}

tests/xbps/libxbps/shell/Makefile

@@ -7,7 +7,7 @@ TESTSHELL+= replace_test installmode_test obsoletefiles_test
 TESTSHELL+= issue31_test scripts_test incorrect_deps_test
 TESTSHELL+= vpkg_test install_test preserve_files_test configure_test
 TESTSHELL+= update_shlibs_test update_hold_test update_repolock_test
-TESTSHELL+= cyclic_deps_test conflicts_test update_itself_test
+TESTSHELL+= cyclic_deps_test conflicts_test
 TESTSHELL+= hold_test ignore_test preserve_test repo_test
 TESTSHELL+= noextract_files_test orphans_test transaction_check_revdeps_test
 EXTRA_FILES = Kyuafile

tests/xbps/libxbps/shell/install_test.sh

@@ -484,7 +484,7 @@ update_xbps_body() {
 	cd ..
 	xbps-rindex -d -a repo/*.xbps
 	atf_check_equal $? 0
-	out=$(xbps-install -r root --repository=repo -yun)
+	out=$(xbps-install -r root --repository=repo -yun xbps)
 	set -- $out
 	exp="$1 $2 $3 $4"
 	atf_check_equal "$exp" "xbps-1.1_1 update noarch $(readlink -f repo)"
@@ -537,7 +537,7 @@ update_xbps_virtual_body() {
 	cd ..
 	xbps-rindex -d -a repo/*.xbps
 	atf_check_equal $? 0
-	out=$(xbps-install -r root --repository=repo -yun)
+	out=$(xbps-install -r root --repository=repo -yun xbps-git)
 	set -- $out
 	exp="$1 $2 $3 $4"
 	atf_check_equal "$exp" "xbps-git-1.1_1 update noarch $(readlink -f repo)"