move to use v5.36;
tested by me over the last few weeks, and tb@
also fixed a "manual install" bug properly reported by tb@

aside that there should be *no functional change*.
If you see any message like "hey, the number of params is wrong"
it is a fringe case I didn't run into and should be easy to fix.

restore documentation: explain what ArcCheck does

explicitly rename internal methods with an _

clean visible interface a bit: Ustar does not use errsay (but ArcCheck does)
and having a forwarder for system for ONE use is a bit much !

cleaner documentation of what's going on

expand on the mismatches between the tarball and the packing-list

systematically remove setuid/setgid from files before archiving AND
during extractions. Those bits belong in a museum^Win the packing-list.

thx naddy@ for checking this thru a bulk.

adjust comment. ArcCheck hasn't dealt with long names ever since
OpenBSD::Ustar gained support for xhdr.

use twice the same code for prepare_long and verify_modes so that it can't
diverge.

tested for a few days and okay aja@

allow root files to be root-writable.

common work with aja@, okay aja@

streamline the code that checks meta information before extracting files
- verify_modes should only verify modes
- put the whole checking code in one single routine in validate_meta, makes
the size checking code more obvious
- document what's going on
- prevent PkgCreate from creating impossible packages, only a few Ustar
objects are actually usable.

tweak meta-info checking a bit.
- remove IsLink tests, there's no reason to treat them specially.
- files are forced to root, no need to allow for bin anymore.

- force libraries to be not executable, if there's no explicit @mode
annotation

much simpler checks, always enforce root/bin (or root/wheel for symlinks)
for files without @owner/@group annotations, independently of who you are.

This should fix building-as-root for good, even without twiddling
FAKE_AS_ROOT.

if a @ts annotation is detected, wipe tarball timestamp. Archives will
look as if all files were born in 1970. The useful side-effect is that
meta-data for content-identical files WILL be identical as well.

register @newuser/@newgroup so that we try creating tarballs with the correct
users (which doesn't really matter all that much, as the owner/group in
the plist are what matters)

Otherwise, if we're not root, dismiss user id and groups, replace
with root/bin (significant fix from previous version: this interprets $(
correctly). Should help with FAKE_AS_ROOT=No

be a wee bit more paranoid about file sizes.

if pkg_create is run as non-root, restory correct group/owner to root/bin.

also, remove write permissions without explicit modes. Allows fake installs
to keep directories/files writable while producing correct package.

turns out there are exactly 3 ports that actually use longnames:

eclipse-plugins-wtp-sdk
openclipart
qt4-html

so switch to pax extended headers now, the transition period is not
really needed. :)

more ArcCheck nits: don't allow a file to be u-r/g-r without an explicit
@mode annotation.

This mostly fixes packaging bugs (like documentation only readable by root
and such nonsense), and also force *actual* mode settings for security
reasons to be apparent in the packing-list.

make ArcCheck less confusing, don't archive stuff that WON'T survive
extraction anyways (those metadatas ARE in the packing-list anyways).

get rid of "copy_long", we don't really need to recheck names while copying
a package contents.

Allow -o/-S for output/signature dirs for batch operations.
Fix copying of packages while signing, add progressmeter.

create formatted manpages as temporary files we remove after the fact.

handle failures from ports tree with more care.
this does avoid infinite loops in case of wrong plists.
necessary since print-plist-with-depends CAN fail...

whitespace

pass state to Ustar objects, use it to display those pesky error and
fatal messages.

zap $opt_x from pkg_mklocated, do things like other commands do.

allow say and errsay to work without parameters, as it's ways common.
create verbose_system up in state, because it makes sense without verbose.

whitespace cleanup

whitespace fixes

remove extra warnings

bad espie: use strict/warnings consistently, and fix two nits and two
actual errors !

fix creating packages with long names in plist; from espie@

synch with my new style search/location changes
It's likely there will be some fallout, but it's getting a bit too large
to keep around.
This does kill a few very old oddities as well.

tidy error messages: uses $! more consistently, do not append \n on die,
do append \n on warn.

Fix the two cases where the temp dir vanished too soon: not copying +DESC
should have been apparent. Not finding a +DISPLAY file is not a reason for
burping all over the place.

some minor systematic changes.
- mark all regexps I can with /o if they can be compiled once.
- turn $o->method() into $o->method
- remove unneeded prototypes
- reduce split /re/ into split "string" where possible.

until people finally fix their @group issues in packages, at least refuse
flat-out to write packages with no @group annotations on fishy stuff
(writable directories, setuid/setgid stuff)

move the mode checker code from pkg_create into ArcCheck, so that pkg_add
can reuse it.

$o->method() becomes $o->method

update copyright years, standardize licence.
reword the introduction to the stuff originally from FreeBSD to clarify
slightly.

cosmetic: comments, and better method name.

pass actual items to prepare_long and check_name so that we can also
verify that modes/groups/owners are correct (code to come)

move uname/gname existence check into ArcCheck: Ustar archives deal with
this differently. Namely, use specific variables that default to the
numeric value if the uid/gid don't exist in mkheader.
Since the entry fields are not filled, ArcCheck gets all it needs for
the package check.

wrapper around Ustar that replaces long names/links with LongName#/LongLink#.

The archive will unpack correctly with tar, except that those names won't
be preserved.

The wrapper checks names against the packing-list to restore the correct names
on the fly.

Put into a separate file, as it is an extension of Ustar proper, and we're
going to do more archive checking in the future.

Lots of tests by Bernd Ahlers. Comments by Tom Cosgrove.

expand on the mismatches between the tarball and the packing-list

systematically remove setuid/setgid from files before archiving AND
during extractions. Those bits belong in a museum^Win the packing-list.

thx naddy@ for checking this thru a bulk.

adjust comment. ArcCheck hasn't dealt with long names ever since
OpenBSD::Ustar gained support for xhdr.

use twice the same code for prepare_long and verify_modes so that it can't
diverge.

tested for a few days and okay aja@

allow root files to be root-writable.

common work with aja@, okay aja@

streamline the code that checks meta information before extracting files
- verify_modes should only verify modes
- put the whole checking code in one single routine in validate_meta, makes
the size checking code more obvious
- document what's going on
- prevent PkgCreate from creating impossible packages, only a few Ustar
objects are actually usable.

tweak meta-info checking a bit.
- remove IsLink tests, there's no reason to treat them specially.
- files are forced to root, no need to allow for bin anymore.

- force libraries to be not executable, if there's no explicit @mode
annotation

much simpler checks, always enforce root/bin (or root/wheel for symlinks)
for files without @owner/@group annotations, independently of who you are.

This should fix building-as-root for good, even without twiddling
FAKE_AS_ROOT.

if a @ts annotation is detected, wipe tarball timestamp. Archives will
look as if all files were born in 1970. The useful side-effect is that
meta-data for content-identical files WILL be identical as well.

register @newuser/@newgroup so that we try creating tarballs with the correct
users (which doesn't really matter all that much, as the owner/group in
the plist are what matters)

Otherwise, if we're not root, dismiss user id and groups, replace
with root/bin (significant fix from previous version: this interprets $(
correctly). Should help with FAKE_AS_ROOT=No

be a wee bit more paranoid about file sizes.

if pkg_create is run as non-root, restory correct group/owner to root/bin.

also, remove write permissions without explicit modes. Allows fake installs
to keep directories/files writable while producing correct package.

turns out there are exactly 3 ports that actually use longnames:

eclipse-plugins-wtp-sdk
openclipart
qt4-html

so switch to pax extended headers now, the transition period is not
really needed. :)

more ArcCheck nits: don't allow a file to be u-r/g-r without an explicit
@mode annotation.

This mostly fixes packaging bugs (like documentation only readable by root
and such nonsense), and also force *actual* mode settings for security
reasons to be apparent in the packing-list.

make ArcCheck less confusing, don't archive stuff that WON'T survive
extraction anyways (those metadatas ARE in the packing-list anyways).

get rid of "copy_long", we don't really need to recheck names while copying
a package contents.

Allow -o/-S for output/signature dirs for batch operations.
Fix copying of packages while signing, add progressmeter.

create formatted manpages as temporary files we remove after the fact.

handle failures from ports tree with more care.
this does avoid infinite loops in case of wrong plists.
necessary since print-plist-with-depends CAN fail...

whitespace

pass state to Ustar objects, use it to display those pesky error and
fatal messages.

zap $opt_x from pkg_mklocated, do things like other commands do.

allow say and errsay to work without parameters, as it's ways common.
create verbose_system up in state, because it makes sense without verbose.

whitespace cleanup

whitespace fixes

remove extra warnings

bad espie: use strict/warnings consistently, and fix two nits and two
actual errors !

fix creating packages with long names in plist; from espie@

synch with my new style search/location changes
It's likely there will be some fallout, but it's getting a bit too large
to keep around.
This does kill a few very old oddities as well.

tidy error messages: uses $! more consistently, do not append \n on die,
do append \n on warn.

Fix the two cases where the temp dir vanished too soon: not copying +DESC
should have been apparent. Not finding a +DISPLAY file is not a reason for
burping all over the place.

some minor systematic changes.
- mark all regexps I can with /o if they can be compiled once.
- turn $o->method() into $o->method
- remove unneeded prototypes
- reduce split /re/ into split "string" where possible.

until people finally fix their @group issues in packages, at least refuse
flat-out to write packages with no @group annotations on fishy stuff
(writable directories, setuid/setgid stuff)

move the mode checker code from pkg_create into ArcCheck, so that pkg_add
can reuse it.

$o->method() becomes $o->method

update copyright years, standardize licence.
reword the introduction to the stuff originally from FreeBSD to clarify
slightly.

cosmetic: comments, and better method name.

pass actual items to prepare_long and check_name so that we can also
verify that modes/groups/owners are correct (code to come)

move uname/gname existence check into ArcCheck: Ustar archives deal with
this differently. Namely, use specific variables that default to the
numeric value if the uid/gid don't exist in mkheader.
Since the entry fields are not filled, ArcCheck gets all it needs for
the package check.

wrapper around Ustar that replaces long names/links with LongName#/LongLink#.

The archive will unpack correctly with tar, except that those names won't
be preserved.

The wrapper checks names against the packing-list to restore the correct names
on the fly.

Put into a separate file, as it is an extension of Ustar proper, and we're
going to do more archive checking in the future.

Lots of tests by Bernd Ahlers. Comments by Tom Cosgrove.

systematically remove setuid/setgid from files before archiving AND
during extractions. Those bits belong in a museum^Win the packing-list.

thx naddy@ for checking this thru a bulk.

adjust comment. ArcCheck hasn't dealt with long names ever since
OpenBSD::Ustar gained support for xhdr.

use twice the same code for prepare_long and verify_modes so that it can't
diverge.

tested for a few days and okay aja@

allow root files to be root-writable.

common work with aja@, okay aja@

streamline the code that checks meta information before extracting files
- verify_modes should only verify modes
- put the whole checking code in one single routine in validate_meta, makes
the size checking code more obvious
- document what's going on
- prevent PkgCreate from creating impossible packages, only a few Ustar
objects are actually usable.

tweak meta-info checking a bit.
- remove IsLink tests, there's no reason to treat them specially.
- files are forced to root, no need to allow for bin anymore.

- force libraries to be not executable, if there's no explicit @mode
annotation

much simpler checks, always enforce root/bin (or root/wheel for symlinks)
for files without @owner/@group annotations, independently of who you are.

This should fix building-as-root for good, even without twiddling
FAKE_AS_ROOT.

if a @ts annotation is detected, wipe tarball timestamp. Archives will
look as if all files were born in 1970. The useful side-effect is that
meta-data for content-identical files WILL be identical as well.

register @newuser/@newgroup so that we try creating tarballs with the correct
users (which doesn't really matter all that much, as the owner/group in
the plist are what matters)

Otherwise, if we're not root, dismiss user id and groups, replace
with root/bin (significant fix from previous version: this interprets $(
correctly). Should help with FAKE_AS_ROOT=No

be a wee bit more paranoid about file sizes.

if pkg_create is run as non-root, restory correct group/owner to root/bin.

also, remove write permissions without explicit modes. Allows fake installs
to keep directories/files writable while producing correct package.

turns out there are exactly 3 ports that actually use longnames:

eclipse-plugins-wtp-sdk
openclipart
qt4-html

so switch to pax extended headers now, the transition period is not
really needed. :)

more ArcCheck nits: don't allow a file to be u-r/g-r without an explicit
@mode annotation.

This mostly fixes packaging bugs (like documentation only readable by root
and such nonsense), and also force *actual* mode settings for security
reasons to be apparent in the packing-list.

make ArcCheck less confusing, don't archive stuff that WON'T survive
extraction anyways (those metadatas ARE in the packing-list anyways).

get rid of "copy_long", we don't really need to recheck names while copying
a package contents.

Allow -o/-S for output/signature dirs for batch operations.
Fix copying of packages while signing, add progressmeter.

create formatted manpages as temporary files we remove after the fact.

handle failures from ports tree with more care.
this does avoid infinite loops in case of wrong plists.
necessary since print-plist-with-depends CAN fail...

whitespace

pass state to Ustar objects, use it to display those pesky error and
fatal messages.

zap $opt_x from pkg_mklocated, do things like other commands do.

allow say and errsay to work without parameters, as it's ways common.
create verbose_system up in state, because it makes sense without verbose.

whitespace cleanup

whitespace fixes

remove extra warnings

bad espie: use strict/warnings consistently, and fix two nits and two
actual errors !

fix creating packages with long names in plist; from espie@

synch with my new style search/location changes
It's likely there will be some fallout, but it's getting a bit too large
to keep around.
This does kill a few very old oddities as well.

tidy error messages: uses $! more consistently, do not append \n on die,
do append \n on warn.

Fix the two cases where the temp dir vanished too soon: not copying +DESC
should have been apparent. Not finding a +DISPLAY file is not a reason for
burping all over the place.

some minor systematic changes.
- mark all regexps I can with /o if they can be compiled once.
- turn $o->method() into $o->method
- remove unneeded prototypes
- reduce split /re/ into split "string" where possible.

until people finally fix their @group issues in packages, at least refuse
flat-out to write packages with no @group annotations on fishy stuff
(writable directories, setuid/setgid stuff)

move the mode checker code from pkg_create into ArcCheck, so that pkg_add
can reuse it.

$o->method() becomes $o->method

update copyright years, standardize licence.
reword the introduction to the stuff originally from FreeBSD to clarify
slightly.

cosmetic: comments, and better method name.

pass actual items to prepare_long and check_name so that we can also
verify that modes/groups/owners are correct (code to come)

move uname/gname existence check into ArcCheck: Ustar archives deal with
this differently. Namely, use specific variables that default to the
numeric value if the uid/gid don't exist in mkheader.
Since the entry fields are not filled, ArcCheck gets all it needs for
the package check.

wrapper around Ustar that replaces long names/links with LongName#/LongLink#.

The archive will unpack correctly with tar, except that those names won't
be preserved.

The wrapper checks names against the packing-list to restore the correct names
on the fly.

Put into a separate file, as it is an extension of Ustar proper, and we're
going to do more archive checking in the future.

Lots of tests by Bernd Ahlers. Comments by Tom Cosgrove.

adjust comment. ArcCheck hasn't dealt with long names ever since
OpenBSD::Ustar gained support for xhdr.

use twice the same code for prepare_long and verify_modes so that it can't
diverge.

tested for a few days and okay aja@

allow root files to be root-writable.

common work with aja@, okay aja@

streamline the code that checks meta information before extracting files
- verify_modes should only verify modes
- put the whole checking code in one single routine in validate_meta, makes
the size checking code more obvious
- document what's going on
- prevent PkgCreate from creating impossible packages, only a few Ustar
objects are actually usable.

tweak meta-info checking a bit.
- remove IsLink tests, there's no reason to treat them specially.
- files are forced to root, no need to allow for bin anymore.

- force libraries to be not executable, if there's no explicit @mode
annotation

much simpler checks, always enforce root/bin (or root/wheel for symlinks)
for files without @owner/@group annotations, independently of who you are.

This should fix building-as-root for good, even without twiddling
FAKE_AS_ROOT.

if a @ts annotation is detected, wipe tarball timestamp. Archives will
look as if all files were born in 1970. The useful side-effect is that
meta-data for content-identical files WILL be identical as well.

register @newuser/@newgroup so that we try creating tarballs with the correct
users (which doesn't really matter all that much, as the owner/group in
the plist are what matters)

Otherwise, if we're not root, dismiss user id and groups, replace
with root/bin (significant fix from previous version: this interprets $(
correctly). Should help with FAKE_AS_ROOT=No

be a wee bit more paranoid about file sizes.

if pkg_create is run as non-root, restory correct group/owner to root/bin.

also, remove write permissions without explicit modes. Allows fake installs
to keep directories/files writable while producing correct package.

turns out there are exactly 3 ports that actually use longnames:

eclipse-plugins-wtp-sdk
openclipart
qt4-html

so switch to pax extended headers now, the transition period is not
really needed. :)

more ArcCheck nits: don't allow a file to be u-r/g-r without an explicit
@mode annotation.

This mostly fixes packaging bugs (like documentation only readable by root
and such nonsense), and also force *actual* mode settings for security
reasons to be apparent in the packing-list.

make ArcCheck less confusing, don't archive stuff that WON'T survive
extraction anyways (those metadatas ARE in the packing-list anyways).

get rid of "copy_long", we don't really need to recheck names while copying
a package contents.

Allow -o/-S for output/signature dirs for batch operations.
Fix copying of packages while signing, add progressmeter.

create formatted manpages as temporary files we remove after the fact.

handle failures from ports tree with more care.
this does avoid infinite loops in case of wrong plists.
necessary since print-plist-with-depends CAN fail...

whitespace

pass state to Ustar objects, use it to display those pesky error and
fatal messages.

zap $opt_x from pkg_mklocated, do things like other commands do.

allow say and errsay to work without parameters, as it's ways common.
create verbose_system up in state, because it makes sense without verbose.

whitespace cleanup

whitespace fixes

remove extra warnings

bad espie: use strict/warnings consistently, and fix two nits and two
actual errors !

fix creating packages with long names in plist; from espie@

synch with my new style search/location changes
It's likely there will be some fallout, but it's getting a bit too large
to keep around.
This does kill a few very old oddities as well.

tidy error messages: uses $! more consistently, do not append \n on die,
do append \n on warn.

Fix the two cases where the temp dir vanished too soon: not copying +DESC
should have been apparent. Not finding a +DISPLAY file is not a reason for
burping all over the place.

some minor systematic changes.
- mark all regexps I can with /o if they can be compiled once.
- turn $o->method() into $o->method
- remove unneeded prototypes
- reduce split /re/ into split "string" where possible.

until people finally fix their @group issues in packages, at least refuse
flat-out to write packages with no @group annotations on fishy stuff
(writable directories, setuid/setgid stuff)

move the mode checker code from pkg_create into ArcCheck, so that pkg_add
can reuse it.

$o->method() becomes $o->method

update copyright years, standardize licence.
reword the introduction to the stuff originally from FreeBSD to clarify
slightly.

cosmetic: comments, and better method name.

pass actual items to prepare_long and check_name so that we can also
verify that modes/groups/owners are correct (code to come)

move uname/gname existence check into ArcCheck: Ustar archives deal with
this differently. Namely, use specific variables that default to the
numeric value if the uid/gid don't exist in mkheader.
Since the entry fields are not filled, ArcCheck gets all it needs for
the package check.

wrapper around Ustar that replaces long names/links with LongName#/LongLink#.

The archive will unpack correctly with tar, except that those names won't
be preserved.

The wrapper checks names against the packing-list to restore the correct names
on the fly.

Put into a separate file, as it is an extension of Ustar proper, and we're
going to do more archive checking in the future.

Lots of tests by Bernd Ahlers. Comments by Tom Cosgrove.

use twice the same code for prepare_long and verify_modes so that it can't
diverge.

tested for a few days and okay aja@

allow root files to be root-writable.

common work with aja@, okay aja@

streamline the code that checks meta information before extracting files
- verify_modes should only verify modes
- put the whole checking code in one single routine in validate_meta, makes
the size checking code more obvious
- document what's going on
- prevent PkgCreate from creating impossible packages, only a few Ustar
objects are actually usable.

tweak meta-info checking a bit.
- remove IsLink tests, there's no reason to treat them specially.
- files are forced to root, no need to allow for bin anymore.

- force libraries to be not executable, if there's no explicit @mode
annotation

much simpler checks, always enforce root/bin (or root/wheel for symlinks)
for files without @owner/@group annotations, independently of who you are.

This should fix building-as-root for good, even without twiddling
FAKE_AS_ROOT.

if a @ts annotation is detected, wipe tarball timestamp. Archives will
look as if all files were born in 1970. The useful side-effect is that
meta-data for content-identical files WILL be identical as well.

register @newuser/@newgroup so that we try creating tarballs with the correct
users (which doesn't really matter all that much, as the owner/group in
the plist are what matters)

Otherwise, if we're not root, dismiss user id and groups, replace
with root/bin (significant fix from previous version: this interprets $(
correctly). Should help with FAKE_AS_ROOT=No

be a wee bit more paranoid about file sizes.

if pkg_create is run as non-root, restory correct group/owner to root/bin.

also, remove write permissions without explicit modes. Allows fake installs
to keep directories/files writable while producing correct package.

turns out there are exactly 3 ports that actually use longnames:

eclipse-plugins-wtp-sdk
openclipart
qt4-html

so switch to pax extended headers now, the transition period is not
really needed. :)

more ArcCheck nits: don't allow a file to be u-r/g-r without an explicit
@mode annotation.

This mostly fixes packaging bugs (like documentation only readable by root
and such nonsense), and also force *actual* mode settings for security
reasons to be apparent in the packing-list.

make ArcCheck less confusing, don't archive stuff that WON'T survive
extraction anyways (those metadatas ARE in the packing-list anyways).

get rid of "copy_long", we don't really need to recheck names while copying
a package contents.

Allow -o/-S for output/signature dirs for batch operations.
Fix copying of packages while signing, add progressmeter.

create formatted manpages as temporary files we remove after the fact.

handle failures from ports tree with more care.
this does avoid infinite loops in case of wrong plists.
necessary since print-plist-with-depends CAN fail...

whitespace

pass state to Ustar objects, use it to display those pesky error and
fatal messages.

zap $opt_x from pkg_mklocated, do things like other commands do.

allow say and errsay to work without parameters, as it's ways common.
create verbose_system up in state, because it makes sense without verbose.

whitespace cleanup

whitespace fixes

remove extra warnings

bad espie: use strict/warnings consistently, and fix two nits and two
actual errors !

fix creating packages with long names in plist; from espie@

synch with my new style search/location changes
It's likely there will be some fallout, but it's getting a bit too large
to keep around.
This does kill a few very old oddities as well.

tidy error messages: uses $! more consistently, do not append \n on die,
do append \n on warn.

Fix the two cases where the temp dir vanished too soon: not copying +DESC
should have been apparent. Not finding a +DISPLAY file is not a reason for
burping all over the place.

some minor systematic changes.
- mark all regexps I can with /o if they can be compiled once.
- turn $o->method() into $o->method
- remove unneeded prototypes
- reduce split /re/ into split "string" where possible.

until people finally fix their @group issues in packages, at least refuse
flat-out to write packages with no @group annotations on fishy stuff
(writable directories, setuid/setgid stuff)

move the mode checker code from pkg_create into ArcCheck, so that pkg_add
can reuse it.

$o->method() becomes $o->method

update copyright years, standardize licence.
reword the introduction to the stuff originally from FreeBSD to clarify
slightly.

cosmetic: comments, and better method name.

pass actual items to prepare_long and check_name so that we can also
verify that modes/groups/owners are correct (code to come)

move uname/gname existence check into ArcCheck: Ustar archives deal with
this differently. Namely, use specific variables that default to the
numeric value if the uid/gid don't exist in mkheader.
Since the entry fields are not filled, ArcCheck gets all it needs for
the package check.

wrapper around Ustar that replaces long names/links with LongName#/LongLink#.

The archive will unpack correctly with tar, except that those names won't
be preserved.

The wrapper checks names against the packing-list to restore the correct names
on the fly.

Put into a separate file, as it is an extension of Ustar proper, and we're
going to do more archive checking in the future.

Lots of tests by Bernd Ahlers. Comments by Tom Cosgrove.