pkget

pkget (17144B)

---

 #!/bin/sh
 # pkget - binary package fetcher and installer
 # Fetches packages from a binary repo, resolves deps, verifies, installs via pkgadd
 # Usage: pkget [options] <package> [package ...]
 
 REPO_URL="${REPO_URL:-}"
 CACHEDIR="${CACHEDIR:-/var/cache/pkget}"
 DBCACHE="${DBCACHE:-$CACHEDIR/repo.db}"
 SUMCACHE="${SUMCACHE:-$CACHEDIR/repo.sha256}"
 PKGADD="${PKGADD:-pkgadd}"
 VERBOSE=0
 DRY_RUN=0
 NO_DEPS=0
 FORCE=0
 UPGRADE=0
 FULL_UPGRADE=0
 DO_OUTDATED=0
 OUTDATED_NAMES=""
 
 usage() {
     cat <<USAGE
 Usage: pkget [options] <package> [package ...]
 
 Options:
   -u <url>    Repository base URL (required, or set REPO_URL)
   -c <dir>    Cache directory (default: /var/cache/pkget)
   -s          Sync repo DB from server
   -n          Dry run: resolve and print, no install
   -N          Skip dependency resolution
   -f          Force reinstall even if already installed
   -U          Upgrade mode (passes -u to pkgadd)
   -o          Show outdated packages (compare installed vs repo)
   -v          Verbose output
   -h          Show this help
 
 Environment:
   REPO_URL    Repository base URL (e.g. https://pkg.example.com)
   CACHEDIR    Local cache dir
 
 Examples:
   pkget -u https://pkg.example.com -s          # sync DB
   pkget -u https://pkg.example.com wget        # install wget + deps
   pkget -n wget                                # dry run
   pkget -U -u https://pkg.example.com curl     # upgrade curl
   pkget -o -u https://pkg.example.com            # list outdated packages
 USAGE
     exit 0
 }
 
 log()  { [ "$VERBOSE" -eq 1 ] && printf '[v] %s\n' "$*" >&2; }
 info() { printf '==> %s\n' "$*" >&2; }
 warn() { printf 'pkget: warning: %s\n' "$*" >&2; }
 err()  { printf 'pkget: error: %s\n'   "$*" >&2; }
 die()  { err "$*"; exit 1; }
 
 # ---------------------------------------------------------------------------
 # fetch <url> <dest>
 # ---------------------------------------------------------------------------
 fetch() {
     _url="$1"; _dest="$2"
     if command -v curl >/dev/null 2>&1; then
         curl -fsSL -o "$_dest" "$_url"
     elif command -v wget >/dev/null 2>&1; then
         wget -q -O "$_dest" "$_url"
     else
         die "neither curl nor wget found"
     fi
 }
 
 # ---------------------------------------------------------------------------
 # _mktemp -- portable temp file creation (GNU + BSD)
 # ---------------------------------------------------------------------------
 _mktemp() {
     mktemp 2>/dev/null || mktemp -t pkget 2>/dev/null || \
         die "mktemp failed"
 }
 
 # ---------------------------------------------------------------------------
 # _sha256 <file> -- print SHA256 hash, portable across implementations
 # ---------------------------------------------------------------------------
 _sha256() {
     if command -v sha256sum >/dev/null 2>&1; then
         sha256sum "$1" | awk '{print $1}'
     elif command -v shasum >/dev/null 2>&1; then
         shasum -a 256 "$1" | awk '{print $1}'
     elif command -v sha256 >/dev/null 2>&1; then
         sha256 -q "$1"
     else
         die "no sha256 tool found (need sha256sum, shasum, or sha256)"
     fi
 }
 
 # ---------------------------------------------------------------------------
 # DB helpers
 # ---------------------------------------------------------------------------
 db_has() {
     # db_has <dbfile> <pkgname>
     grep -Fx "name:${2}" "$1" >/dev/null 2>&1
 }
 
 db_get() {
     # db_get <dbfile> <pkgname> <field>  -> prints value
     awk -v pkg="$2" -v field="$3" '
         /^$/ { in_pkg=0 }
         /^name:/ { in_pkg=(substr($0,6)==pkg) }
         in_pkg && $0 ~ "^" field ":" { print substr($0, length(field)+2); exit }
     ' "$1"
 }
 
 # ---------------------------------------------------------------------------
 # Sync repo DB + checksums from server
 # ---------------------------------------------------------------------------
 sync_db() {
     [ -z "$REPO_URL" ] && die "REPO_URL not set (use -u)"
     info "syncing repo DB from $REPO_URL"
     mkdir -p "$CACHEDIR"
     fetch "$REPO_URL/repo.db"     "$DBCACHE"  || die "failed to fetch repo.db"
     fetch "$REPO_URL/repo.sha256" "$SUMCACHE" || die "failed to fetch repo.sha256"
     _count=$(grep -c '^name:' "$DBCACHE" 2>/dev/null || printf '0')
     info "synced: $_count packages available"
 }
 
 # ---------------------------------------------------------------------------
 # verify_pkg <path>  -- verify against repo.sha256
 # ---------------------------------------------------------------------------
 verify_pkg() {
     _pkgpath="$1"
     _basename="${_pkgpath##*/}"
 
     _expected=$(awk -v f="$_basename" '$2==f{print $1}' "$SUMCACHE")
     if [ -z "$_expected" ]; then
         warn "no checksum entry for $_basename"
         return 1
     fi
 
     _actual=$(_sha256 "$_pkgpath")
     if [ "$_actual" = "$_expected" ]; then
         log "checksum OK: $_basename"
         return 0
     else
         err "checksum MISMATCH: $_basename"
         err "  expected: $_expected"
         err "  actual:   $_actual"
         return 1
     fi
 }
 
 # ---------------------------------------------------------------------------
 # run_script <pkgname> <pre-install|post-install>
 # ---------------------------------------------------------------------------
 run_script() {
     _pkg="$1"; _type="$2"
     _script="$CACHEDIR/${_pkg}.${_type}"
 
     if [ ! -f "$_script" ]; then
         _val=$(db_get "$DBCACHE" "$_pkg" "$_type")
         case "$_val" in
             b64:*)
                 # Embedded base64 script in DB (current format)
                 printf '%s' "${_val#b64:}" | base64 -d > "$_script" 2>/dev/null || {
                     rm -f "$_script"; return 0
                 }
                 ;;
             1)
                 # Legacy: fetch separate script file from repo
                 fetch "$REPO_URL/${_pkg}.${_type}" "$_script" 2>/dev/null || {
                     rm -f "$_script"; return 0
                 }
                 ;;
             *)  return 0 ;;
         esac
     fi
 
     [ -f "$_script" ] || return 0
 
     info "running ${_type} for ${_pkg}"
     chmod +x "$_script"
     sh "$_script" || warn "${_type} script for ${_pkg} exited non-zero"
 }
 
 # ---------------------------------------------------------------------------
 # url_encode_path <string>  -- encode characters unsafe in URL paths
 # Only encodes # (fragment marker); extend if needed.
 # ---------------------------------------------------------------------------
 url_encode_path() {
     # Encode chars unsafe in URL path: % first to avoid double-encoding
     printf '%s' "$1" | sed \
         -e 's/%/%25/g' \
         -e 's/#/%23/g' \
         -e 's/ /%20/g' \
         -e 's/?/%3F/g' \
         -e 's/&/%26/g'
 }
 
 # ---------------------------------------------------------------------------
 # fetch_pkg <pkgname>  -- fetch to cache, verify; prints local path
 # ---------------------------------------------------------------------------
 fetch_pkg() {
     _pkg="$1"
     _file=$(db_get "$DBCACHE" "$_pkg" "file")
     [ -z "$_file" ] && die "no file entry for $_pkg in DB"
 
     _dest="$CACHEDIR/$_file"
     # Encode # in filename for use in HTTP URL (curl/wget treat # as fragment)
     _urlfile=$(url_encode_path "$_file")
 
     if [ -f "$_dest" ]; then
         log "cached: $_file"
         verify_pkg "$_dest" || {
             info "re-fetching (bad cache): $_file"
             rm -f "$_dest"
         }
     fi
 
     if [ ! -f "$_dest" ]; then
         info "fetching: $_file"
         fetch "$REPO_URL/$_urlfile" "$_dest" || die "fetch failed: $_file"
         verify_pkg "$_dest" || die "checksum failed: $_file"
     fi
 
     printf '%s' "$_dest"
 }
 
 # ---------------------------------------------------------------------------
 # is_installed <pkgname>
 # ---------------------------------------------------------------------------
 is_installed() {
     if command -v pkginfo >/dev/null 2>&1; then
         pkginfo -i | awk '{print $1}' | grep -Fx "$1" >/dev/null 2>&1
     else
         [ -f /var/lib/pkg/db ] && grep -Fx "$1" /var/lib/pkg/db >/dev/null 2>&1
     fi
 }
 
 # ---------------------------------------------------------------------------
 # _list_outdated <outfile>
 # Writes "name inst_verrel repo_verrel" for each outdated package to <outfile>.
 # ---------------------------------------------------------------------------
 _list_outdated() {
     _out="$1"
     _repo_tmp=$(_mktemp)
     awk '
       /^name:/    { name=substr($0,6) }
       /^version:/ { ver=substr($0,9) }
       /^release:/ { rel=substr($0,9) }
       /^$/        { if(name) { printf "%s %s %s\n", name, ver, rel }
                     name=""; ver=""; rel="" }
       END         { if(name) printf "%s %s %s\n", name, ver, rel }
     ' "$DBCACHE" | LC_ALL=C sort > "$_repo_tmp"
 
     _inst_tmp=$(_mktemp)
     if command -v pkginfo >/dev/null 2>&1; then
         pkginfo -i 2>/dev/null | awk '{print $1, $2}' | LC_ALL=C sort > "$_inst_tmp"
     else
         while IFS= read -r _pkg; do
             [ -z "$_pkg" ] && continue
             _v=$(cat "/var/lib/pkg/$_pkg/version" 2>/dev/null)
             _r=$(cat "/var/lib/pkg/$_pkg/release" 2>/dev/null)
             [ -n "$_v" ] && printf '%s %s-%s\n' "$_pkg" "$_v" "$_r"
         done < /var/lib/pkg/db | LC_ALL=C sort > "$_inst_tmp"
     fi
 
     _joined=$(_mktemp)
     LC_ALL=C join "$_repo_tmp" "$_inst_tmp" > "$_joined"
 
     while IFS=' ' read -r _name _repo_ver _repo_rel _inst_verrel; do
         [ -z "$_name" ] && continue
         _repo_verrel="${_repo_ver}-${_repo_rel}"
         [ "$_inst_verrel" != "$_repo_verrel" ] && \
             printf '%s %s %s\n' "$_name" "$_inst_verrel" "$_repo_verrel"
     done < "$_joined" > "$_out"
 
     rm -f "$_repo_tmp" "$_inst_tmp" "$_joined"
 }
 
 # ---------------------------------------------------------------------------
 # install_pkg <pkgname> <local_path>
 # ---------------------------------------------------------------------------
 install_pkg() {
     _pkg="$1"; _path="$2"
 
     _has_pre=$(db_get  "$DBCACHE" "$_pkg" "pre-install")
     _has_post=$(db_get "$DBCACHE" "$_pkg" "post-install")
 
     [ -n "$_has_pre"  ] && run_script "$_pkg" "pre-install"
 
     _flags=""
     [ "$UPGRADE" -eq 1 ] && _flags="$_flags -u"
     [ "$FORCE"   -eq 1 ] && _flags="$_flags -f"
 
     info "installing: $_pkg"
     # shellcheck disable=SC2086
     "$PKGADD" $_flags "$_path" || die "pkgadd failed: $_pkg"
 
     [ -n "$_has_post" ] && run_script "$_pkg" "post-install"
 }
 
 # ---------------------------------------------------------------------------
 # main
 # ---------------------------------------------------------------------------
 DO_SYNC=0
 
 while getopts 'u:c:snNfUovh' _opt; do
     case "$_opt" in
         u) REPO_URL="$OPTARG" ;;
         c) CACHEDIR="$OPTARG"
            DBCACHE="$CACHEDIR/repo.db"
            SUMCACHE="$CACHEDIR/repo.sha256" ;;
         s) DO_SYNC=1 ;;
         n) DRY_RUN=1 ;;
         N) NO_DEPS=1 ;;
         f) FORCE=1 ;;
         U) UPGRADE=1 ;;
         o) DO_OUTDATED=1 ;;
         v) VERBOSE=1 ;;
         h) usage ;;
         *) usage ;;
     esac
 done
 shift $((OPTIND - 1))
 
 [ "$DO_SYNC" -eq 1 ] && sync_db
 [ $# -eq 0 ] && [ "$DO_SYNC" -eq 1 ] && exit 0
 if [ $# -eq 0 ]; then
     [ "$DO_OUTDATED" -ne 1 ] && [ "$UPGRADE" -ne 1 ] && usage
 fi
 
 [ -z "$REPO_URL" ] && die "REPO_URL not set (use -u or export REPO_URL)"
 [ -f "$DBCACHE"  ] || die "repo DB not found at $DBCACHE  -- run: pkget -s"
 [ -f "$SUMCACHE" ] || die "checksum file not found at $SUMCACHE  -- run: pkget -s"
 
 # -------------------------------------------------------------------
 # Outdated mode: compare installed versions against repo
 # -------------------------------------------------------------------
 if [ "$DO_OUTDATED" -eq 1 ]; then
     _outdated_raw=$(_mktemp)
     _list_outdated "$_outdated_raw"
 
     # If named packages, filter to just those
     if [ $# -gt 0 ]; then
         _filtered=$(_mktemp)
         for _pkg in "$@"; do
             grep "^${_pkg} " "$_outdated_raw" >> "$_filtered" 2>/dev/null || \
                 warn "'$_pkg' is not installed, not in repo, or up to date"
         done
         LC_ALL=C sort -u "$_filtered" > "$_outdated_raw"
         rm -f "$_filtered"
     fi
 
     _outdated=$(wc -l < "$_outdated_raw" | tr -d ' ')
     if [ "$_outdated" -eq 0 ]; then
         info "all packages up to date"
         rm -f "$_outdated_raw"
         exit 0
     fi
 
     info "outdated packages ($_outdated):"
     while IFS=' ' read -r _name _inst_verrel _repo_verrel; do
         printf '  %-24s %s -> %s\n' "$_name" "$_inst_verrel" "$_repo_verrel"
     done < "$_outdated_raw"
 
     rm -f "$_outdated_raw"
     exit 0
 fi
 
 # -------------------------------------------------------------------
 # Full upgrade: -U with no package args → upgrade all outdated
 # -------------------------------------------------------------------
 if [ "$UPGRADE" -eq 1 ] && [ $# -eq 0 ]; then
     _upgrade_raw=$(_mktemp)
     _list_outdated "$_upgrade_raw"
 
     _count=$(wc -l < "$_upgrade_raw" | tr -d ' ')
     if [ "$_count" -eq 0 ]; then
         info "all packages up to date"
         rm -f "$_upgrade_raw"
         exit 0
     fi
 
     info "outdated packages ($_count):"
     while IFS=' ' read -r _name _inst_verrel _repo_verrel; do
         printf '  %-24s %s -> %s\n' "$_name" "$_inst_verrel" "$_repo_verrel"
     done < "$_upgrade_raw"
 
     OUTDATED_NAMES=$(_mktemp)
     awk '{print $1}' "$_upgrade_raw" > "$OUTDATED_NAMES"
     FULL_UPGRADE=1
 
     # Replace positional args with outdated package names (dep resolver runs below)
     set --
     while IFS=' ' read -r _name _inst_verrel _repo_verrel; do
         [ -n "$_name" ] && set -- "$@" "$_name"
     done < "$_upgrade_raw"
     rm -f "$_upgrade_raw"
 fi
 
 mkdir -p "$CACHEDIR"
 
 _raw_list=$(_mktemp)
 
 if [ "$NO_DEPS" -eq 1 ]; then
     for _pkg in "$@"; do
         db_has "$DBCACHE" "$_pkg" || die "package not found in repo: $_pkg"
         printf '%s\n' "$_pkg"
     done >> "$_raw_list"
 else
     # Pre-extract deps from DB
     _deps_cache=$(_mktemp)
     awk '
       /^name:/  { name=substr($0,6) }
       /^deps:/  { deps=substr($0,6)
                   if (name) { printf "%s:%s\n", name, deps; name="" } }
       /^$/      { name="" }
     ' "$DBCACHE" > "$_deps_cache"
 
     # Validate roots exist in the cache
     for _pkg in "$@"; do
         grep "^${_pkg}:" "$_deps_cache" >/dev/null 2>&1 || \
             die "package not found in repo: $_pkg"
     done
 
     printf '%s\n' "$@" | awk -v depsfile="$_deps_cache" '
     BEGIN {
         while ((getline < depsfile) > 0) {
             col = index($0, ":")
             name = substr($0, 1, col-1)
             deps[name] = substr($0, col+1)
         }
         close(depsfile)
     }
     { roots[++nr] = $0 }
     END {
         for (i = 1; i <= nr; i++) visit(roots[i])
         for (i = 1; i <= oi; i++) print order[i]
     }
     function visit(pkg,    j, n, a) {
         if (pkg in visited) return
         if (pkg in stack) {
             printf "pkget: warning: circular dependency: %s\n", pkg > "/dev/stderr"
             return
         }
         if (pkg in deps) {
             stack[pkg] = 1
             n = split(deps[pkg], a, " ")
             for (j = 1; j <= n; j++) {
                 if (a[j] != "") visit(a[j])
             }
             delete stack[pkg]
         }
         visited[pkg] = 1
         order[++oi] = pkg
     }
     ' >> "$_raw_list"
 
     rm -f "$_deps_cache"
 fi
 
 _full_list=$(_mktemp)
 awk '!seen[$0]++' "$_raw_list" > "$_full_list"
 rm -f "$_raw_list"
 
 _to_install=$(_mktemp)
 while IFS= read -r _pkg; do
     [ -z "$_pkg" ] && continue
     if is_installed "$_pkg" && [ "$FORCE" -eq 0 ] && [ "$UPGRADE" -eq 0 ] && [ "$FULL_UPGRADE" -eq 0 ]; then
         log "already installed: $_pkg"
     elif [ "$FULL_UPGRADE" -eq 1 ] && is_installed "$_pkg"; then
         if grep -Fx "$_pkg" "$OUTDATED_NAMES" >/dev/null 2>&1; then
             printf '%s\n' "$_pkg" >> "$_to_install"
         else
             log "up to date: $_pkg"
         fi
     else
         printf '%s\n' "$_pkg" >> "$_to_install"
     fi
 done < "$_full_list"
 rm -f "$_full_list"
 
 _count=$(wc -l < "$_to_install" | tr -d ' ')
 if [ "$_count" -eq 0 ]; then
     info "nothing to do (all packages already installed)"
     rm -f "$_to_install"
     [ -n "$OUTDATED_NAMES" ] && rm -f "$OUTDATED_NAMES"
     exit 0
 fi
 
 info "packages to install ($_count):"
 while IFS= read -r _pkg; do
     _ver=$(db_get "$DBCACHE" "$_pkg" "version")
     _rel=$(db_get "$DBCACHE" "$_pkg" "release")
     printf '  %-20s %s-%s\n' "$_pkg" "$_ver" "$_rel"
 done < "$_to_install"
 
 [ "$DRY_RUN" -eq 1 ] && { info "dry run, not installing"; rm -f "$_to_install"; exit 0; }
 
 printf 'Proceed? [y/N] '
 read -r _ans
 case "$_ans" in
     [Yy]|[Yy][Ee][Ss]) ;;
     *) info "aborted"; rm -f "$_to_install"; exit 0 ;;
 esac
 
 info "fetching packages..."
 _fetch_map=$(_mktemp)
 
 while IFS= read -r _pkg; do
     [ -z "$_pkg" ] && continue
     _path=$(fetch_pkg "$_pkg") || {
         rm -f "$_to_install" "$_fetch_map"
         die "fetch failed, aborting"
     }
     printf '%s\t%s\n' "$_pkg" "$_path" >> "$_fetch_map"
 done < "$_to_install"
 
 # Install phase
 info "installing..."
 while IFS= read -r _pkg; do
     [ -z "$_pkg" ] && continue
     _path=$(awk -v p="$_pkg" -F'\t' '$1==p{print $2}' "$_fetch_map")
     install_pkg "$_pkg" "$_path"
 done < "$_to_install"
 
 rm -f "$_to_install" "$_fetch_map"
 [ -n "$OUTDATED_NAMES" ] && rm -f "$OUTDATED_NAMES"
 info "done"