lib: don't allow xbps self-update to bypass integrity checks

In the past, self-updates mandated that only xbps and its dependencies can be updated if an xbps update is avaliable. As updating dependencies may break their depndents, xbps used XBPS_FLAG_FORCE_REMOVE_REVDEPS in order to bypass integrety checks when using xbps-install -u xbps. This can result in circumstances where the the system is rendered inoperable due to missing or mismatched dependencies of core system packages (e.g. PAM). As such, remove XBPS_FLAG_FORCE_REMOVE_REVDEPS when doing xbps-install -u xbps and allow full system upgrades when an xbps update is avaliable.
void-linux · Apr 9, 2024 · c364c79 · c364c79
1 parent e82437f
commit c364c79
Showing 1 changed file with 2 additions and 13 deletions.
diff --git a/lib/transaction_ops.c b/lib/transaction_ops.c
@@ -273,17 +273,6 @@ xbps_autoupdate(struct xbps_handle *xhp)
 			if (rv && rv != ENOENT && rv != EEXIST && rv != ENODEV)
 				return -1;
 		}
-		/*
-		 * Set XBPS_FLAG_FORCE_REMOVE_REVDEPS to ignore broken
-		 * reverse dependencies in xbps_transaction_prepare().
-		 *
-		 * This won't skip revdeps of the xbps pkg, rather other
-		 * packages in rootdir that could be broken indirectly.
-		 *
-		 * A sysup transaction after updating xbps should fix them
-		 * again.
-		 */
-		xhp->flags |= XBPS_FLAG_FORCE_REMOVE_REVDEPS;
 		return 1;
 	} else if (rv == ENOENT || rv == EEXIST || rv == ENODEV) {
 		/* no update */
@@ -308,8 +297,8 @@ xbps_transaction_update_packages(struct xbps_handle *xhp)
 	rv = xbps_autoupdate(xhp);
 	switch (rv) {
 	case 1:
-		/* xbps needs to be updated, don't allow any other update */
-		return EBUSY;
+		/* xbps needs to be updated, but allow full system upgrades */
+		break;
 	case -1:
 		/* error */
 		return EINVAL;