Conary 2.0.44 is a maintenance release.

• Conary can now be configured with a set of certificate authorities (trustedCerts) against which all secure repository access will be validated. (CNY-2735)
• Conary now logs the starting, output, and error exit codes of trove scripts to the /var/log/conary file. (CNY-3150)
• The "conary updateall" command now honors the --just-db option. (CNY-3167)
• The EULA_Conary.txt file has been renamed to EULA_Conary_Dual_License.txt in order to highlight the contents of the beginning of the file, which describe a choice of license terms. The contents of the file are not changed, and the licenses under which Conary may be used are not changed. (CNY-3168)
• The SetModes build action now takes an optional allowNoMatch keyword argument, that causes a warning to be printed instead of failing the build when the target file does not exist. (CNY-3171)

• Added removeInvalidRollbacks() to client API. (CNY-2933)
• The conary.lib.mainhandler.MainHandler.main() method now sets sys.excepthook only if the setSysExcepthook method variable is True (as it is by default), allowing subclasses to take responsibility for setting sys.excepthook differently. (CNY-3170)

• An internal function used to install files no longer leaks a file descriptor on error. (CNY-3152)
• Unknown errors while retrieving PGP keys for archive verification are now gracefully handled. (CNY-3120)
• The cvc refresh command now ignores negative cache entries. (CNY-3157)
• The cvc sign command properly handles keys specified by key ID, in addition to fingerprints. (CNY-3139)
• The conary updateall --items command now honors --labels, --full-versions and --flavors flags. (CNY-3138)
• The --lsprof option now writes out profiling information even if an exception occurs, for both the conary and cvc commands.
• Dependency numbers in temporary dependency checking tables no longer overlap dependency numbers in the persistent database.
• Dependencies with multiple flags previously were not marked as satisfied during dependency resolution passes, forcing extra work on subsequent passes.
• Local rollbacks previously failed to restore contents when a file's metadata changed but the contents stayed the same.
• Generating local rollbacks previously failed for non-root users when the file was unreadable due to permissions.
• The ccs2tar script uses tarfile.open() in a way that is compatible with both python 2.4 and 2.6 (CNY-3160)
• Brace expansion produces results similar to bash. (CNY-3158)
• Trove searches with invalid (non-ASCII) input no longer cause a crash on PostgreSQL-backed repositories. (CNY-3165)
• Flavor processing in depSetFreeze previously did not properly handle return codes from depFreezeRaw, which could lead to a segmentation fault. (CNY-3166)
• Path normalization no longer produces erroneous double-slash entries in /etc/ld.so.conf. (CNY-3142)
• Accessing a server through a Conary proxy that injects entitlements now correctly forces the use of SSL. (CNY-3176)

• Update handling now looks for preerase trove scripts in the local database instead of instantiating full troves from the database and looking in those troves.
• Dependency tables for removed troves are no longer dropped and rebuilt during each iteration of dependency solving; they are now incrementally built during subsequent iterations.
• Dependency ordering code now looks in the local database for trove references instead of instantiating troves to get that information.
• Code which decides what referenced troves need to be erased when collections are erased now:
  • looks in the local database for trove references instead of instantiating troves to get that information
  • batches reference checks, pin checks, and presence checks across troves instead of checking those for each trove individually
• Fast-pathed code which matches old troves with new troves for the case where only a single old trove and a single new trove with a given name exist.
• Graph calculations for dependency ordering now only occur when the results are needed instead of for every pass through the dependency resolver.
• Reworked rdiff to not download a full changeset from the repository. It now downloads only the config (text) files and diffs them on the client. This allows it to show diffs for changes across repositories and yields a nice speedup. (CNY-3039)
• Reworked "conary remove" functionality to generate a changeset for the file remove and commit that through the normal update path.
• During dependency checks for new troves, no longer include every trove which requires a given dependency in the SQL tables. Instead, include that dependency only once and expand the matched requirements when we order troves (which is the only time it matters).
• Added simple caching of path hashes from the database to improve performance of large system updates.

rMake 1.0.29 is a maintenance release.

• Jobs are now properly marked as failed after an abrupt server restart. (RMK-976)
• New files are now much less likely to be marked as config files when they are really binary files. (RMK-973)
• The Conary client resolveDependencies() method return value is now treated in a way that is compatible with older and newer versions of Conary; without this change, rMake will not work with Conary 2.0.44 and later.
• A race condition that could occur when two authenticated XML-RPC requests came in at the same time has been corrected. (RMK-935)
• A race condition that could occur when two flavors with the exact same build requirements (including flavors) are built at the same time (normally part of the same build job) has been resolved. (RMK-980)

rPA 3.1.3 is a maintenance release.

• Fixed a bug in readSchedule, which could cause the UpdateTroves plugin to become unusable if the schedule for automatic update checks was changed or disabled. (RAA-900)
• If allow_json is unspecified on a function without a template, the log message noting this now only appears in the DEBUG loglevel. (RAA-1555)
• The logged in user's name in the upper right corner of the page now links to the Change Password plugin rather than User Management, as User Management could be disabled or inaccessible to the user (RAA-1602)
• Pressing F12 in the Reboot and Shutdown confirmation screens in rapa-console no longer confirms the action. (RAA-1624)
• When the backup archive creation process fails, more specific errors are now sent back to the user. (RAA-1708)
• Calls to XML-RPC functions will now advance the Wizard when appropriate. (RAA-1710)
• getBackupMetadata now unmounts the backup location before returning. (RAA-1711)
• Network locations are no longer bind mounted when a mount already exists. Among other benefits, this prevents the backup plugin from improperly validating incorrect user credentials for a backup location (RAA-1712)
• raadb is no longer created as world-readable. (RAA-1714)
• rapa-console no longer raises errors when network interfaces are not yet configured. (RAA-1715)
• When a DatabaseLocked error occurs, the "lock journal" is now logged, showing a stack trace to the point where the lock is being held. (RAA-1717)
• Fixed a bug which could cause backups to fail if a temporary file was removed after being added to the backup file list. (RAA-1718)
• Several possible exceptions in plugins which use "callBackend" are now handled more gracefully. (RAA-1719)
• Fixed a bug which could cause the raa-service to die due to an unhandled exception in the listener thread. (RAA-1721)
• The backup encryption feature relies on PyCrypto which may provide a faulty SHA-256 implementation; this feature now uses a module provided by Conary which consistently matches the previous behavior even on platforms with a correct SHA-256 implementation. (RAA-1723)

• A new authorization predicate called LocalhostOK has been added, which allows a process on localhost to make a call without authenticating, while still requiring authenticate for remote calls (RAA-1701)

Today, we updated rBuilder Online with a non-service-interrupting update that improves a number of features.

RESTful API Improvements

As part of the process toward improved API access, we have added HTTP Basic Authentication support to the REST API. (It was already available for the XML-RPC API.) This allows authenticated access to privileged API functions without requiring client cookie suport.

We have not at this time published API documentation for rBuilder Online and have not committed to maintaining a stable API, but calling the API is acceptable use. We are currently developing some initial documentation for getting started using the REST API.

Appliance Content Editing

Unfortunately, our last update broke the appliance editing interface for newly-created appliances. This affected only appliances created after the update. We have now fixed this for all new appliances.

Finding things

The Find feature has been improved somewhat with better search response times once your search has narrowed to less than 100 items. However, there are still further improvements we need to make here to better support find-by-title and find-by-description.

Scrolling

Scrolling behavior in the various list views has been improved.

Thank you!

As always, we welcome your feedback. Please click the "Provide Feedback" link at the top of your rBuilder pages for the quickest route to ensuring that we hear you! Alternatively, you are still welcome, as always, to tell us about bugs by filing issues in our issue tracking system.

Today, we updated rBuilder Online with a non-service-interrupting update that fixes an important bug. Previously, using the new flex-based UI, if you had defined your own group manually by editing a group recipe and then tried to use the web interface to manage the contents of your appliance, rBuilder would overwrite your group recipe file with an essentially blank template, and then you could use the UI to re-populate the group. Now, instead of overwriting the group recipe, rBuilder will disable the UI components for adding packages to the group.

If the flex UI does not allow you to add packages, and you have an older group built with the group-appliance superclass and implementing the addPackages() method, you can enable adding packages in the flex UI with the following steps. (Note that these steps are specific to the rPath Linux 2 platform; if you need to apply these steps on another platform and are unsure how, please feel free to file an issue in the Bugs component.)

1. If the file appliance-manifest.xml does not exist, create and add it with the contents (modified for your appliance):
   

   <?xml version='1.0' encoding='UTF-8'?>
   <manifest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.rpath.org/permanent/appmanifest-1.0.xsd appmanifest-1.0.xsd">
     <troveName>group-YOURAPPLIANCENAMEHERE-appliance</troveName>
     <troveVersion>1</troveVersion>
     <searchPaths>
       <searchPath>group-os=conary.rpath.com@rpl:2</searchPath>
       <searchPath>group-rapa=raa.rpath.org@rpath:rapa-3</searchPath>
     </searchPaths>
     <explicitTroves/>
     <implicitTroves/>
   </manifest>
   

2. Change your recipe to derive from FactoryRecipeClass if it does not do so already.
3. Change any definition of the addPackages() method to addRecipePackages()
4. Run the command cvc factory factory-group-base=conary.rpath.com@rpl:2 if the recipe did not already derive from FactoryRecipeClass.
5. Check in your changes with cvc commit

If you have a group that rBuilder Online replaced with an empty group in the past few weeks before we fixed this issue, it is possible to merge the contents of your pre-existing group by checking out the previous version of your group and copying the group recipe to a current checkout, and then following the simple conversion steps above. This will work only if you were already using the group-appliance superclass and defining the addPackages() method. If you instead define the setup()> method, conversion requires more work; please see the migration guide for more detailed information on the process. (Be aware that the migration guide was written for rBuilder Appliance rather than rBuilder Online, so some of the description involves a local installation of rBuilder Appliance. This is not important to the migration process.)