Toshaan Bharvani
4 months ago
17 changed files with 1134 additions and 2 deletions
@ -0,0 +1,40 @@
@@ -0,0 +1,40 @@
|
||||
From 48546ffc0a3f3eb15bfd439a19fc9722eaea592f Mon Sep 17 00:00:00 2001 |
||||
From: Florian Festi <ffesti@redhat.com> |
||||
Date: Tue, 28 Jun 2022 12:50:54 +0200 |
||||
Subject: [PATCH] Give warning on not supported hash for RSA keys |
||||
|
||||
This can happen when old keys are used on systems that have disabled SHA1 |
||||
e.g. for FIPS requirements. |
||||
|
||||
This is less than ideal but there is currently no way to pass a meaningful |
||||
error code up to rpmtsImportPubkey. rpmPubkeyNew just returns a valid key |
||||
or NULL. |
||||
|
||||
See rhbz#2069877 |
||||
--- |
||||
rpmio/digest_openssl.c | 2 ++ |
||||
1 file changed, 2 insertions(+) |
||||
|
||||
diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c |
||||
index a28a13acc..2ec5140f1 100644 |
||||
--- a/rpmio/digest_openssl.c |
||||
+++ b/rpmio/digest_openssl.c |
||||
@@ -4,6 +4,7 @@ |
||||
#include <openssl/rsa.h> |
||||
#include <openssl/dsa.h> |
||||
#include <rpm/rpmpgp.h> |
||||
+#include <rpm/rpmlog.h> |
||||
|
||||
#include "rpmio/digest.h" |
||||
|
||||
@@ -483,6 +484,7 @@ static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, |
||||
|
||||
ret = EVP_PKEY_CTX_set_signature_md(pkey_ctx, getEVPMD(hash_algo)); |
||||
if (ret < 0) { |
||||
+ rpmlog(RPMLOG_WARNING, "Signature not supported. Hash algorithm %s not available.\n", pgpValString(PGPVAL_HASHALGO, hash_algo)); |
||||
rc = 1; |
||||
goto done; |
||||
} |
||||
-- |
||||
2.36.1 |
||||
|
@ -0,0 +1,51 @@
@@ -0,0 +1,51 @@
|
||||
From 1a2554da434548e916240796fe7ca9689c5771fe Mon Sep 17 00:00:00 2001 |
||||
From: Panu Matilainen <pmatilai@redhat.com> |
||||
Date: Thu, 27 May 2021 13:58:58 +0300 |
||||
Subject: [PATCH] Macroize find-debuginfo script location |
||||
|
||||
Makes it easier to handle varying paths, mainly in preparation for the |
||||
next step. |
||||
|
||||
(cherry picked from commit ce48167f37af59b6366083fb78a314f7931c0c6b) |
||||
--- |
||||
configure.ac | 1 + |
||||
macros.in | 4 +++- |
||||
2 files changed, 4 insertions(+), 1 deletion(-) |
||||
|
||||
diff --git a/configure.ac b/configure.ac |
||||
index 39f9a0e5b..35b4dff4c 100644 |
||||
--- a/configure.ac |
||||
+++ b/configure.ac |
||||
@@ -113,6 +113,7 @@ AC_PATH_PROG(__NM, nm, /usr/bin/nm, $MYPATH) |
||||
AC_PATH_PROG(__OBJCOPY, objcopy, /usr/bin/objcopy, $MYPATH) |
||||
AC_PATH_PROG(__OBJDUMP, objdump, /usr/bin/objdump, $MYPATH) |
||||
AC_PATH_PROG(__STRIP, strip, /usr/bin/strip, $MYPATH) |
||||
+AC_PATH_PROG(__FIND_DEBUGINFO, find-debuginfo, /usr/bin/find-debuginfo, $MYPATH) |
||||
|
||||
AC_PATH_PROG(__GIT, git, /usr/bin/git, $MYPATH) |
||||
AC_PATH_PROG(__HG, hg, /usr/bin/hg, $MYPATH) |
||||
diff --git a/macros.in b/macros.in |
||||
index 24b124702..2bcf07ef8 100644 |
||||
--- a/macros.in |
||||
+++ b/macros.in |
||||
@@ -80,6 +80,8 @@ |
||||
%__remsh %{__rsh} |
||||
%__strip @__STRIP@ |
||||
|
||||
+%__find_debuginfo @__FIND_DEBUGINFO@ |
||||
+ |
||||
#============================================================================== |
||||
# Conditional build stuff. |
||||
|
||||
@@ -149,7 +151,7 @@ |
||||
# _find_debuginfo_vendor_opts to pass options to the script. |
||||
# |
||||
%__debug_install_post \ |
||||
- %{_rpmconfigdir}/find-debuginfo.sh \\\ |
||||
+ %{__find_debuginfo} \\\ |
||||
%{?_smp_build_ncpus:-j%{_smp_build_ncpus}} \\\ |
||||
%{?_missing_build_ids_terminate_build:--strict-build-id} \\\ |
||||
%{?_no_recompute_build_ids:-n} \\\ |
||||
-- |
||||
2.41.0 |
||||
|
@ -0,0 +1,29 @@
@@ -0,0 +1,29 @@
|
||||
From fe274b8f965582fdf97e6c46f90b9e7c124b0b8b Mon Sep 17 00:00:00 2001 |
||||
From: Florian Festi <ffesti@redhat.com> |
||||
Date: Fri, 16 Dec 2022 15:50:12 +0100 |
||||
Subject: [PATCH] rpm2archive: Don't print usage on no arguments |
||||
|
||||
given as we want to default to reading from stdin and writing to stdout in |
||||
that case. |
||||
--- |
||||
rpm2archive.c | 4 ---- |
||||
1 file changed, 4 deletions(-) |
||||
|
||||
diff --git a/rpm2archive.c b/rpm2archive.c |
||||
index 09da8d16b..53f047f58 100644 |
||||
--- a/rpm2archive.c |
||||
+++ b/rpm2archive.c |
||||
@@ -241,10 +241,6 @@ int main(int argc, const char *argv[]) |
||||
exit(EXIT_FAILURE); |
||||
} |
||||
} |
||||
- if (argc < 2 || poptGetNextOpt(optCon) == 0) { |
||||
- poptPrintUsage(optCon, stderr, 0); |
||||
- exit(EXIT_FAILURE); |
||||
- } |
||||
|
||||
rpmts ts = rpmtsCreate(); |
||||
rpmVSFlags vsflags = 0; |
||||
-- |
||||
2.38.1 |
||||
|
@ -0,0 +1,36 @@
@@ -0,0 +1,36 @@
|
||||
From 8f416b275a365426b07c75adfc017e0b18a85450 Mon Sep 17 00:00:00 2001 |
||||
From: Florian Festi <ffesti@redhat.com> |
||||
Date: Fri, 16 Dec 2022 15:45:20 +0100 |
||||
Subject: [PATCH] rpm2archive: Properly parse popt options |
||||
|
||||
and issue an error message for unknown options. Before unknown options |
||||
could mess up the argument parsing leading to reading and writing from |
||||
stdin/stdout. |
||||
|
||||
Thanks to Eva Mrakova and the Red Hat QE team for spotting this! |
||||
--- |
||||
rpm2archive.c | 8 ++++++++ |
||||
1 file changed, 8 insertions(+) |
||||
|
||||
diff --git a/rpm2archive.c b/rpm2archive.c |
||||
index de1a17d2b..09da8d16b 100644 |
||||
--- a/rpm2archive.c |
||||
+++ b/rpm2archive.c |
||||
@@ -233,6 +233,14 @@ int main(int argc, const char *argv[]) |
||||
|
||||
optCon = poptGetContext(NULL, argc, argv, optionsTable, 0); |
||||
poptSetOtherOptionHelp(optCon, "[OPTIONS]* <FILES>"); |
||||
+ while ((rc = poptGetNextOpt(optCon)) != -1) { |
||||
+ if (rc < 0) { |
||||
+ fprintf(stderr, "%s: %s\n", |
||||
+ poptBadOption(optCon, POPT_BADOPTION_NOALIAS), |
||||
+ poptStrerror(rc)); |
||||
+ exit(EXIT_FAILURE); |
||||
+ } |
||||
+ } |
||||
if (argc < 2 || poptGetNextOpt(optCon) == 0) { |
||||
poptPrintUsage(optCon, stderr, 0); |
||||
exit(EXIT_FAILURE); |
||||
-- |
||||
2.38.1 |
||||
|
@ -0,0 +1,41 @@
@@ -0,0 +1,41 @@
|
||||
Based on |
||||
|
||||
From 7db2efa95d859cebda2b095ffdffac42812bd6d9 Mon Sep 17 00:00:00 2001 |
||||
From: Darren Kenny <darren.kenny@oracle.com> |
||||
Date: Tue, 22 Feb 2022 16:57:00 +0000 |
||||
Subject: [PATCH] ima: Install on filesystems without xattr support without |
||||
failing |
||||
|
||||
If an RPM contains IMA signed digests and rpm-plugin-ima is installed, |
||||
then any attempt to install to a filesystem that doesn't support |
||||
extended attributes will cause the RPM installation to fail. |
||||
|
||||
This can be seen, for example, if installing a file /boot, which is |
||||
usually a vFAT filesystem. |
||||
|
||||
The rpm-plugin for selinux fixed this some time back, and that same |
||||
logic can be applied to IMA too - where, if a failure to set an extended |
||||
attribute results in an errno that is set to EOPNOTSUPP, then this |
||||
should not cause a complete failure, but should instead just be logged |
||||
at a debug level. |
||||
|
||||
Signed-off-by: Darren Kenny <darren.kenny@oracle.com> |
||||
|
||||
--- rpm-4.16.1.3/plugins/ima.c.orig 2023-05-02 18:19:25.095992859 +0200 |
||||
+++ rpm-4.16.1.3/plugins/ima.c 2023-05-02 18:21:46.032941008 +0200 |
||||
@@ -69,10 +69,13 @@ |
||||
fsig = rpmfiFSignature(fi, &len); |
||||
if (fsig && (check_zero_hdr(fsig, len) == 0)) { |
||||
if (lsetxattr(path, XATTR_NAME_IMA, fsig, len, 0) < 0) { |
||||
- rpmlog(RPMLOG_ERR, |
||||
+ int is_err = errno != EOPNOTSUPP; |
||||
+ rpmlog(is_err?RPMLOG_ERR:RPMLOG_DEBUG, |
||||
"ima: could not apply signature on '%s': %s\n", |
||||
path, strerror(errno)); |
||||
- rc = RPMRC_FAIL; |
||||
+ if (is_err) { |
||||
+ rc = RPMRC_FAIL; |
||||
+ } |
||||
} |
||||
} |
||||
|
@ -0,0 +1,57 @@
@@ -0,0 +1,57 @@
|
||||
diff --git a/scripts/rpm2cpio.sh b/scripts/rpm2cpio.sh |
||||
index 4531271cc..74aeed851 100755 |
||||
--- a/scripts/rpm2cpio.sh |
||||
+++ b/scripts/rpm2cpio.sh |
||||
@@ -15,13 +15,23 @@ _dd() { |
||||
} |
||||
|
||||
calcsize() { |
||||
+ |
||||
+ case "$(_dd $1 bs=4 count=1 | tr -d '\0')" in |
||||
+ "$(printf '\216\255\350')"*) ;; # '\x8e\xad\xe8' |
||||
+ *) fatal "File doesn't look like rpm: $pkg" ;; |
||||
+ esac |
||||
+ |
||||
offset=$(($1 + 8)) |
||||
|
||||
local i b b0 b1 b2 b3 b4 b5 b6 b7 |
||||
|
||||
i=0 |
||||
while [ $i -lt 8 ]; do |
||||
- b="$(_dd $(($offset + $i)) bs=1 count=1)" |
||||
+ # add . to not loose \n |
||||
+ # strip \0 as it gets dropped with warning otherwise |
||||
+ b="$(_dd $(($offset + $i)) bs=1 count=1 | tr -d '\0' ; echo .)" |
||||
+ b=${b%.} # strip . again |
||||
+ |
||||
[ -z "$b" ] && |
||||
b="0" || |
||||
b="$(exec printf '%u\n' "'$b")" |
||||
@@ -33,7 +43,7 @@ calcsize() { |
||||
offset=$(($offset + $rsize)) |
||||
} |
||||
|
||||
-case "$(_dd 0 bs=8 count=1)" in |
||||
+case "$(_dd 0 bs=4 count=1 | tr -d '\0')" in |
||||
"$(printf '\355\253\356\333')"*) ;; # '\xed\xab\xee\xdb' |
||||
*) fatal "File doesn't look like rpm: $pkg" ;; |
||||
esac |
||||
@@ -44,11 +54,11 @@ sigsize=$rsize |
||||
calcsize $(($offset + (8 - ($sigsize % 8)) % 8)) |
||||
hdrsize=$rsize |
||||
|
||||
-case "$(_dd $offset bs=3 count=1)" in |
||||
- "$(printf '\102\132')"*) _dd $offset | bunzip2 ;; # '\x42\x5a' |
||||
- "$(printf '\037\213')"*) _dd $offset | gunzip ;; # '\x1f\x8b' |
||||
- "$(printf '\375\067')"*) _dd $offset | xzcat ;; # '\xfd\x37' |
||||
- "$(printf '\135\000')"*) _dd $offset | unlzma ;; # '\x5d\x00' |
||||
- "$(printf '\050\265')"*) _dd $offset | unzstd ;; # '\x28\xb5' |
||||
- *) fatal "Unrecognized rpm file: $pkg" ;; |
||||
+case "$(_dd $offset bs=2 count=1 | tr -d '\0')" in |
||||
+ "$(printf '\102\132')") _dd $offset | bunzip2 ;; # '\x42\x5a' |
||||
+ "$(printf '\037\213')") _dd $offset | gunzip ;; # '\x1f\x8b' |
||||
+ "$(printf '\375\067')") _dd $offset | xzcat ;; # '\xfd\x37' |
||||
+ "$(printf '\135')") _dd $offset | unlzma ;; # '\x5d\x00' |
||||
+ "$(printf '\050\265')") _dd $offset | unzstd ;; # '\x28\xb5' |
||||
+ *) fatal "Unrecognized payload compression format in rpm file: $pkg" ;; |
||||
esac |
@ -0,0 +1,40 @@
@@ -0,0 +1,40 @@
|
||||
From 35739c2a2298e61caacb45157706bf342ffcd20e Mon Sep 17 00:00:00 2001 |
||||
From: Florian Festi <ffesti@redhat.com> |
||||
Date: Tue, 27 Apr 2021 10:09:41 +0200 |
||||
Subject: [PATCH] find-lang.sh: Support long languages names for QT |
||||
|
||||
Most language abbreviations are just two characters but some are longer. |
||||
Allow an arbiraty number of character instead of exactly two in the names |
||||
of .qm files (QT translations). This brings the handling of .qm files in |
||||
line with all other file types. |
||||
|
||||
Resolves: #1642 |
||||
--- |
||||
scripts/find-lang.sh | 14 +++++++------- |
||||
1 file changed, 7 insertions(+), 7 deletions(-) |
||||
|
||||
diff --git a/scripts/find-lang.sh b/scripts/find-lang.sh |
||||
index f2aa7d8951..b97210b117 100755 |
||||
--- a/scripts/find-lang.sh |
||||
+++ b/scripts/find-lang.sh |
||||
@@ -249,13 +249,13 @@ s:%lang(C) :: |
||||
|
||||
find "$TOP_DIR" -type f -o -type l|sed ' |
||||
s:'"$TOP_DIR"':: |
||||
-'"$NO_ALL_NAME$QT"'s:\(.*/'"$NAME"'_\([a-zA-Z]\{2\}\([_@].*\)\?\)\.qm$\):%lang(\2) \1: |
||||
-'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1: |
||||
-'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1: |
||||
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1: |
||||
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1: |
||||
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1: |
||||
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1: |
||||
+'"$NO_ALL_NAME$QT"'s:\(.*/'"$NAME"'_\([a-zA-Z]\+\([_@].*\)\?\)\.qm$\):%lang(\2) \1: |
||||
+'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1: |
||||
+'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1: |
||||
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1: |
||||
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1: |
||||
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1: |
||||
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1: |
||||
s:^[^%].*:: |
||||
s:%lang(C) :: |
||||
/^$/d' >> $MO_NAME |
@ -0,0 +1,217 @@
@@ -0,0 +1,217 @@
|
||||
From 7b1fc619a5c828828dad7c1f61f525d957b9e2c5 Mon Sep 17 00:00:00 2001 |
||||
From: Petr Viktorin <pviktori@redhat.com> |
||||
Date: Wed, 27 Jan 2021 17:32:51 +0100 |
||||
Subject: [PATCH] Add %bcond macro for defining build conditionals |
||||
|
||||
Move documentation from comments to reference manual |
||||
Fixes: https://github.com/rpm-software-management/rpm/issues/941 |
||||
|
||||
(cherry picked from commit a99b6373af0774f4bef62aa89defc84cfcacc078) |
||||
--- |
||||
macros.in | 54 +++++++---------------- |
||||
tests/Makefile.am | 1 + |
||||
tests/data/SPECS/bcondtest.spec | 33 +++++++++++++++ |
||||
tests/rpmbuild.at | 73 ++++++++++++++++++++++++++++++++ |
||||
5 files changed, 157 insertions(+), 42 deletions(-) |
||||
create mode 100644 tests/data/SPECS/bcondtest.spec |
||||
|
||||
diff --git a/macros.in b/macros.in |
||||
index 7c458f5d8a..35462c933c 100644 |
||||
--- a/macros.in |
||||
+++ b/macros.in |
||||
@@ -78,47 +78,25 @@ |
||||
%defined() %{expand:%%{?%{1}:1}%%{!?%{1}:0}} |
||||
%undefined() %{expand:%%{?%{1}:0}%%{!?%{1}:1}} |
||||
|
||||
-# Shorthand for %{defined with_...} |
||||
+# Handle conditional builds. |
||||
+# (see 'conditionalbuilds' in the manual) |
||||
+# |
||||
+# Internally, the `--with foo` option defines the macro `_with_foo` and the |
||||
+# `--without foo` option defines the macro `_without_foo`. |
||||
+# Based on those and a default (used when neither is given), bcond macros |
||||
+# define the macro `with_foo`, which should later be checked: |
||||
+ |
||||
+%bcond() %[ (%2)\ |
||||
+ ? "%{expand:%%{!?_without_%{1}:%%global with_%{1} 1}}"\ |
||||
+ : "%{expand:%%{?_with_%{1}:%%global with_%{1} 1}}"\ |
||||
+] |
||||
+%bcond_with() %bcond %{1} 0 |
||||
+%bcond_without() %bcond %{1} 1 |
||||
+ |
||||
+# Shorthands for %{defined with_...}: |
||||
%with() %{expand:%%{?with_%{1}:1}%%{!?with_%{1}:0}} |
||||
%without() %{expand:%%{?with_%{1}:0}%%{!?with_%{1}:1}} |
||||
|
||||
-# Handle conditional builds. %bcond_with is for case when feature is |
||||
-# default off and needs to be activated with --with ... command line |
||||
-# switch. %bcond_without is for the dual case. |
||||
-# |
||||
-# %bcond_with foo defines symbol with_foo if --with foo was specified on |
||||
-# command line. |
||||
-# %bcond_without foo defines symbol with_foo if --without foo was *not* |
||||
-# specified on command line. |
||||
-# |
||||
-# For example (spec file): |
||||
-# |
||||
-# (at the beginning) |
||||
-# %bcond_with extra_fonts |
||||
-# %bcond_without static |
||||
-# (and later) |
||||
-# %if %{with extra_fonts} |
||||
-# ... |
||||
-# %else |
||||
-# ... |
||||
-# %endif |
||||
-# %if ! %{with static} |
||||
-# ... |
||||
-# %endif |
||||
-# %if %{with static} |
||||
-# ... |
||||
-# %endif |
||||
-# %{?with_static: ... } |
||||
-# %{!?with_static: ... } |
||||
-# %{?with_extra_fonts: ... } |
||||
-# %{!?with_extra_fonts: ... } |
||||
- |
||||
-# |
||||
-# The bottom line: never use without_foo, _with_foo nor _without_foo, only |
||||
-# with_foo. This way changing default set of bconds for given spec is just |
||||
-# a matter of changing single line in it and syntax is more readable. |
||||
-%bcond_with() %{expand:%%{?_with_%{1}:%%global with_%{1} 1}} |
||||
-%bcond_without() %{expand:%%{!?_without_%{1}:%%global with_%{1} 1}} |
||||
# |
||||
#============================================================================== |
||||
# ---- Required rpmrc macros. |
||||
diff --git a/tests/Makefile.am b/tests/Makefile.am |
||||
index 66cee3273b..6d41ef93c5 100644 |
||||
--- a/tests/Makefile.am |
||||
+++ b/tests/Makefile.am |
||||
@@ -40,6 +40,7 @@ EXTRA_DIST += $(TESTSUITE_AT) |
||||
|
||||
## testsuite data |
||||
EXTRA_DIST += data/SPECS/attrtest.spec |
||||
+EXTRA_DIST += data/SPECS/bcondtest.spec |
||||
EXTRA_DIST += data/SPECS/buildrequires.spec |
||||
EXTRA_DIST += data/SPECS/docmiss.spec |
||||
EXTRA_DIST += data/SPECS/hello.spec |
||||
diff --git a/tests/data/SPECS/bcondtest.spec b/tests/data/SPECS/bcondtest.spec |
||||
new file mode 100644 |
||||
index 0000000000..7172a31d29 |
||||
--- /dev/null |
||||
+++ b/tests/data/SPECS/bcondtest.spec |
||||
@@ -0,0 +1,33 @@ |
||||
+Name: bcondtest |
||||
+Version: 1.0 |
||||
+Release: 1 |
||||
+Group: Testing |
||||
+License: CC0 |
||||
+BuildArch: noarch |
||||
+Summary: Test package for the bcond macro |
||||
+ |
||||
+%bcond normally_on 1 |
||||
+%bcond normally_off 0 |
||||
+%bcond both_features %[%{with normally_on} && %{with normally_off}] |
||||
+ |
||||
+%if %{with normally_on} |
||||
+Provides: has_bcond(normally_on) |
||||
+%endif |
||||
+%if %{with normally_off} |
||||
+Provides: has_bcond(normally_off) |
||||
+%endif |
||||
+%if %{with both_features} |
||||
+Provides: has_bcond(both_features) |
||||
+%endif |
||||
+ |
||||
+%description |
||||
+%{summary} |
||||
+ |
||||
+%install |
||||
+mkdir -p %{buildroot}/opt |
||||
+touch %{buildroot}/opt/file |
||||
+ |
||||
+%files |
||||
+/opt/file |
||||
+ |
||||
+%changelog |
||||
diff --git a/tests/rpmbuild.at b/tests/rpmbuild.at |
||||
index 30d8e6895d..f378a4af2a 100644 |
||||
--- a/tests/rpmbuild.at |
||||
+++ b/tests/rpmbuild.at |
||||
@@ -1801,3 +1801,76 @@ runroot rpmbuild -ba --quiet \ |
||||
[], |
||||
[]) |
||||
AT_CLEANUP |
||||
+ |
||||
+AT_SETUP([bcond macro]) |
||||
+AT_KEYWORDS([bcond build]) |
||||
+RPMDB_INIT |
||||
+ |
||||
+# basic bcond behavior with --eval |
||||
+AT_CHECK([ |
||||
+runroot rpm \ |
||||
+ --eval "%bcond normally_on 1" \ |
||||
+ --eval "%bcond normally_off 0" \ |
||||
+ --eval "%bcond both_features %[[%{with normally_on} && %{with normally_off}]]" \ |
||||
+ --eval "%{with normally_on}" \ |
||||
+ --eval "%{with normally_off}" \ |
||||
+ --eval "%{with both_features}" |
||||
+], |
||||
+[0], |
||||
+[ |
||||
+ |
||||
+ |
||||
+1 |
||||
+0 |
||||
+0 |
||||
+], |
||||
+[]) |
||||
+ |
||||
+# bcond behavior, without CLI options |
||||
+AT_CHECK([ |
||||
+runroot rpmbuild -bb --quiet /data/SPECS/bcondtest.spec |
||||
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||
+ grep has_bcond | sort |
||||
+], |
||||
+[0], |
||||
+[has_bcond(normally_on) |
||||
+], |
||||
+[]) |
||||
+ |
||||
+# bcond behavior, --with |
||||
+AT_CHECK([ |
||||
+runroot rpmbuild -bb --quiet --with normally_on --with normally_off \ |
||||
+ /data/SPECS/bcondtest.spec |
||||
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||
+ grep has_bcond | sort |
||||
+], |
||||
+[0], |
||||
+[has_bcond(both_features) |
||||
+has_bcond(normally_off) |
||||
+has_bcond(normally_on) |
||||
+], |
||||
+[]) |
||||
+ |
||||
+# bcond behavior, --without |
||||
+AT_CHECK([ |
||||
+runroot rpmbuild -bb --quiet --without normally_on --without normally_off \ |
||||
+ /data/SPECS/bcondtest.spec |
||||
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||
+ grep has_bcond | sort |
||||
+], |
||||
+[0], |
||||
+[], |
||||
+[]) |
||||
+ |
||||
+# bcond behavior, CLI overriding a complex defailt |
||||
+AT_CHECK([ |
||||
+runroot rpmbuild -bb --quiet --with both_features /data/SPECS/bcondtest.spec |
||||
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||
+ grep has_bcond | sort |
||||
+], |
||||
+[0], |
||||
+[has_bcond(both_features) |
||||
+has_bcond(normally_on) |
||||
+], |
||||
+[]) |
||||
+AT_CLEANUP |
@ -0,0 +1,24 @@
@@ -0,0 +1,24 @@
|
||||
From 4420c78beb86cc67392274bf351478a3375626a2 Mon Sep 17 00:00:00 2001 |
||||
From: yangchenguang <89123114+yangchenguang94@users.noreply.github.com> |
||||
Date: Wed, 13 Jul 2022 16:52:07 +0800 |
||||
Subject: [PATCH] Fix query arguments with ^ not working |
||||
|
||||
when querying packages in the RPM database. |
||||
|
||||
Rersolves: #2104 |
||||
--- |
||||
lib/rpmdb.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/lib/rpmdb.c b/lib/rpmdb.c |
||||
index fa8f3c9b9c..fd2b0671ae 100644 |
||||
--- a/lib/rpmdb.c |
||||
+++ b/lib/rpmdb.c |
||||
@@ -1133,6 +1133,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep, |
||||
switch (*s) { |
||||
case '.': |
||||
case '+': |
||||
+ case '^': |
||||
if (!brackets) *t++ = '\\'; |
||||
break; |
||||
case '*': |
@ -0,0 +1,24 @@
@@ -0,0 +1,24 @@
|
||||
From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001 |
||||
From: Panu Matilainen <pmatilai@redhat.com> |
||||
Date: Tue, 6 Sep 2022 13:15:44 +0300 |
||||
Subject: [PATCH] Fix buffer overrun from commit |
||||
4420c78beb86cc67392274bf351478a3375626a2 |
||||
|
||||
The newly handled ^ needs to be accounted for when allocating memory. |
||||
Found when testing #1936, goes to show what a useful thing that is. |
||||
--- |
||||
lib/rpmdb.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/lib/rpmdb.c b/lib/rpmdb.c |
||||
index fd2b0671ae..b3c5da62d5 100644 |
||||
--- a/lib/rpmdb.c |
||||
+++ b/lib/rpmdb.c |
||||
@@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep, |
||||
case '.': |
||||
case '+': |
||||
case '*': |
||||
+ case '^': |
||||
if (!brackets) nb++; |
||||
break; |
||||
case '\\': |
@ -0,0 +1,11 @@
@@ -0,0 +1,11 @@
|
||||
--- rpm-4.16.1.3/tests/Makefile.am.orig 2023-05-03 12:44:36.287582896 +0200 |
||||
+++ rpm-4.16.1.3/tests/Makefile.am 2023-05-03 12:46:34.182938006 +0200 |
||||
@@ -170,7 +170,7 @@ |
||||
for d in dev etc magic tmp var; do if [ ! -d testing/$${d} ]; then mkdir testing/$${d}; fi; done |
||||
for node in urandom stdin stderr stdout null full; do ln -s /dev/$${node} testing/dev/$${node}; done |
||||
for cf in hosts resolv.conf passwd shadow group gshadow mtab ; do [ -f /etc/$${cf} ] && ln -s /etc/$${cf} testing/etc/$${cf}; done |
||||
- for prog in gzip cat patch tar sh ln chmod rm mkdir uname grep sed find file ionice mktemp nice cut sort diff touch install wc coreutils xargs; do p=`which $${prog}`; if [ "$${p}" != "" ]; then ln -s $${p} testing/$(bindir)/; fi; done |
||||
+ for prog in gzip cat patch tar sh ln chmod rm mkdir uname grep sed find file ionice mktemp nice cut sort diff touch install wc coreutils xargs debugedit find-debuginfo find-debuginfo.sh ; do p=`which $${prog}`; if [ "$${p}" != "" ]; then ln -s $${p} testing/$(bindir)/; fi; done |
||||
for d in /proc /sys /selinux /etc/selinux; do if [ -d $${d} ]; then ln -s $${d} testing/$${d}; fi; done |
||||
(cd testing/magic && file -C) |
||||
chmod -R u-w testing/ |
@ -0,0 +1,167 @@
@@ -0,0 +1,167 @@
|
||||
From 534fd1f0c84b12ba6080a46e07c57ef913c77cba Mon Sep 17 00:00:00 2001 |
||||
From: Radovan Sroka <rsroka@redhat.com> |
||||
Date: Thu, 25 Aug 2022 15:38:01 +0200 |
||||
Subject: [PATCH] fapolicyd: Make write() nonblocking |
||||
|
||||
- switch to read only and non blocking mode for pipe |
||||
- add 1 minute loop to wait for pipe to reappear |
||||
|
||||
Sometimes during the system update/upgrade fapolicyd |
||||
get restarted e.g. when systemd gets updated. |
||||
That can lead to the situation where fapolicyd pipe |
||||
has been removed and created again. |
||||
In such cases rpm-plugin-fapolicyd gets stuck on |
||||
write() to the pipe which does not exist anymore. |
||||
After switching to non blocking file descriptor |
||||
we can try to reopen the pipe if there is an error |
||||
from write(). Assuming that a new pipe should appear |
||||
when fapolicyd daemon starts again. |
||||
If not then after 1 minute of waiting we expect |
||||
fapolicyd daemon to be not active and we let the |
||||
transaction continue. |
||||
|
||||
Signed-off-by: Radovan Sroka <rsroka@redhat.com> |
||||
--- |
||||
plugins/fapolicyd.c | 74 +++++++++++++++++++++++++++++++++++++++------ |
||||
1 file changed, 65 insertions(+), 9 deletions(-) |
||||
|
||||
diff --git a/plugins/fapolicyd.c b/plugins/fapolicyd.c |
||||
index 1ff50c30f..6c6322941 100644 |
||||
--- a/plugins/fapolicyd.c |
||||
+++ b/plugins/fapolicyd.c |
||||
@@ -27,7 +27,7 @@ static rpmRC open_fifo(struct fapolicyd_data* state) |
||||
int fd = -1; |
||||
struct stat s; |
||||
|
||||
- fd = open(state->fifo_path, O_RDWR); |
||||
+ fd = open(state->fifo_path, O_WRONLY|O_NONBLOCK); |
||||
if (fd == -1) { |
||||
rpmlog(RPMLOG_DEBUG, "Open: %s -> %s\n", state->fifo_path, strerror(errno)); |
||||
goto bad; |
||||
@@ -55,15 +55,26 @@ static rpmRC open_fifo(struct fapolicyd_data* state) |
||||
} |
||||
|
||||
state->fd = fd; |
||||
+ |
||||
/* considering success */ |
||||
return RPMRC_OK; |
||||
|
||||
bad: |
||||
if (fd >= 0) |
||||
close(fd); |
||||
+ |
||||
+ state->fd = -1; |
||||
return RPMRC_FAIL; |
||||
} |
||||
|
||||
+static void close_fifo(struct fapolicyd_data* state) |
||||
+{ |
||||
+ if (state->fd > 0) |
||||
+ (void) close(state->fd); |
||||
+ |
||||
+ state->fd = -1; |
||||
+} |
||||
+ |
||||
static rpmRC write_fifo(struct fapolicyd_data* state, const char * str) |
||||
{ |
||||
ssize_t len = strlen(str); |
||||
@@ -86,6 +97,54 @@ static rpmRC write_fifo(struct fapolicyd_data* state, const char * str) |
||||
return RPMRC_FAIL; |
||||
} |
||||
|
||||
+static void try_to_write_to_fifo(struct fapolicyd_data* state, const char * str) |
||||
+{ |
||||
+ int reload = 0; |
||||
+ int printed = 0; |
||||
+ |
||||
+ /* 1min/60s */ |
||||
+ const int timeout = 60; |
||||
+ |
||||
+ /* wait up to X seconds */ |
||||
+ for (int i = 0; i < timeout; i++) { |
||||
+ |
||||
+ if (reload) { |
||||
+ if (!printed) { |
||||
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: waiting for the service connection to resume, it can take up to %d seconds\n", timeout); |
||||
+ printed = 1; |
||||
+ } |
||||
+ |
||||
+ (void) close_fifo(state); |
||||
+ (void) open_fifo(state); |
||||
+ } |
||||
+ |
||||
+ if (state->fd >= 0) { |
||||
+ if (write_fifo(state, str) == RPMRC_OK) { |
||||
+ |
||||
+ /* write was successful after few reopens */ |
||||
+ if (reload) |
||||
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: the service connection has resumed\n"); |
||||
+ |
||||
+ break; |
||||
+ } |
||||
+ } |
||||
+ |
||||
+ /* failed write or reopen */ |
||||
+ reload = 1; |
||||
+ sleep(1); |
||||
+ |
||||
+ /* the last iteration */ |
||||
+ /* consider failure */ |
||||
+ if (i == timeout-1) { |
||||
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: the service connection has not resumed\n"); |
||||
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: continuing without the service\n"); |
||||
+ } |
||||
+ |
||||
+ } |
||||
+ |
||||
+} |
||||
+ |
||||
+ |
||||
static rpmRC fapolicyd_init(rpmPlugin plugin, rpmts ts) |
||||
{ |
||||
if (rpmtsFlags(ts) & (RPMTRANS_FLAG_TEST|RPMTRANS_FLAG_BUILD_PROBS)) |
||||
@@ -102,10 +161,7 @@ static rpmRC fapolicyd_init(rpmPlugin plugin, rpmts ts) |
||||
|
||||
static void fapolicyd_cleanup(rpmPlugin plugin) |
||||
{ |
||||
- if (fapolicyd_state.fd > 0) |
||||
- (void) close(fapolicyd_state.fd); |
||||
- |
||||
- fapolicyd_state.fd = -1; |
||||
+ (void) close_fifo(&fapolicyd_state); |
||||
} |
||||
|
||||
static rpmRC fapolicyd_tsm_post(rpmPlugin plugin, rpmts ts, int res) |
||||
@@ -116,9 +172,9 @@ static rpmRC fapolicyd_tsm_post(rpmPlugin plugin, rpmts ts, int res) |
||||
/* we are ready */ |
||||
if (fapolicyd_state.fd > 0) { |
||||
/* send a signal that transaction is over */ |
||||
- (void) write_fifo(&fapolicyd_state, "1\n"); |
||||
+ (void) try_to_write_to_fifo(&fapolicyd_state, "1\n"); |
||||
/* flush cache */ |
||||
- (void) write_fifo(&fapolicyd_state, "2\n"); |
||||
+ (void) try_to_write_to_fifo(&fapolicyd_state, "2\n"); |
||||
} |
||||
|
||||
end: |
||||
@@ -133,7 +189,7 @@ static rpmRC fapolicyd_scriptlet_pre(rpmPlugin plugin, const char *s_name, |
||||
|
||||
if (fapolicyd_state.changed_files > 0) { |
||||
/* send signal to flush cache */ |
||||
- (void) write_fifo(&fapolicyd_state, "2\n"); |
||||
+ (void) try_to_write_to_fifo(&fapolicyd_state, "2\n"); |
||||
|
||||
/* optimize flushing */ |
||||
/* flush only when there was an actual change */ |
||||
@@ -176,7 +232,7 @@ static rpmRC fapolicyd_fsm_file_prepare(rpmPlugin plugin, rpmfi fi, |
||||
char * sha = rpmfiFDigestHex(fi, NULL); |
||||
|
||||
snprintf(buffer, 4096, "%s %lu %64s\n", dest, size, sha); |
||||
- (void) write_fifo(&fapolicyd_state, buffer); |
||||
+ (void) try_to_write_to_fifo(&fapolicyd_state, buffer); |
||||
|
||||
free(sha); |
||||
|
||||
-- |
||||
2.37.3 |
||||
|
@ -0,0 +1,20 @@
@@ -0,0 +1,20 @@
|
||||
--- rpm.orig/macros.in 2022-06-30 11:37:18.975312592 +0100 |
||||
+++ rpm-4.16.1.3/macros.in 2022-06-30 11:37:43.145158323 +0100 |
||||
@@ -167,6 +167,9 @@ |
||||
# A spec file can %%define _find_debuginfo_opts to pass options to |
||||
# the script. See the script for details. |
||||
# |
||||
+# Vendor spec files (eg redhat-rpm-config:macros) can %%define |
||||
+# _find_debuginfo_vendor_opts to pass options to the script. |
||||
+# |
||||
%__debug_install_post \ |
||||
%{_rpmconfigdir}/find-debuginfo.sh \\\ |
||||
%{?_smp_build_ncpus:-j%{_smp_build_ncpus}} \\\ |
||||
@@ -179,6 +182,7 @@ |
||||
%{?_unique_debug_srcs:--unique-debug-src-base "%{name}-%{VERSION}-%{RELEASE}.%{_arch}"} \\\ |
||||
%{?_find_debuginfo_dwz_opts} \\\ |
||||
%{?_find_debuginfo_opts} \\\ |
||||
+ %{?_find_debuginfo_vendor_opts} \\\ |
||||
%{?_debugsource_packages:-S debugsourcefiles.list} \\\ |
||||
"%{_builddir}/%{?buildsubdir}"\ |
||||
%{nil} |
@ -0,0 +1,51 @@
@@ -0,0 +1,51 @@
|
||||
From f1634250587479d664b34b6de1a6546b2c2b9de5 Mon Sep 17 00:00:00 2001 |
||||
From: Florian Festi <ffesti@redhat.com> |
||||
Date: Mon, 18 Jan 2021 15:02:34 +0100 |
||||
Subject: [PATCH] rpm2archive: Add more error handling |
||||
|
||||
Cleanly error out if file can't be written instead of segfaulting |
||||
|
||||
Resolves: #1091 |
||||
--- |
||||
rpm2archive.c | 17 ++++++++++++----- |
||||
1 file changed, 12 insertions(+), 5 deletions(-) |
||||
|
||||
diff --git a/rpm2archive.c b/rpm2archive.c |
||||
index 646f1663d..15c5da016 100644 |
||||
--- a/rpm2archive.c |
||||
+++ b/rpm2archive.c |
||||
@@ -119,9 +119,14 @@ static int process_package(rpmts ts, char * filename) |
||||
|
||||
/* create archive */ |
||||
a = archive_write_new(); |
||||
- archive_write_add_filter_gzip(a); |
||||
- archive_write_set_format_pax_restricted(a); |
||||
- |
||||
+ if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) { |
||||
+ fprintf(stderr, "Error: Could not create gzip output filter\n"); |
||||
+ exit(EXIT_FAILURE); |
||||
+ } |
||||
+ if (archive_write_set_format_pax_restricted(a) != ARCHIVE_OK) { |
||||
+ fprintf(stderr, "Error: Format pax restricted is not supported\n"); |
||||
+ exit(EXIT_FAILURE); |
||||
+ } |
||||
if (!strcmp(filename, "-")) { |
||||
if (isatty(STDOUT_FILENO)) { |
||||
fprintf(stderr, "Error: refusing to output archive data to a terminal.\n"); |
||||
@@ -130,9 +135,11 @@ static int process_package(rpmts ts, char * filename) |
||||
archive_write_open_fd(a, STDOUT_FILENO); |
||||
} else { |
||||
char * outname = rstrscat(NULL, filename, ".tgz", NULL); |
||||
- archive_write_open_filename(a, outname); |
||||
+ if (archive_write_open_filename(a, outname) != ARCHIVE_OK) { |
||||
+ fprintf(stderr, "Error: Can't open output file: %s\n", outname); |
||||
+ exit(EXIT_FAILURE); |
||||
+ } |
||||
_free(outname); |
||||
- // XXX error handling |
||||
} |
||||
|
||||
entry = archive_entry_new(); |
||||
-- |
||||
2.38.1 |
||||
|
@ -0,0 +1,173 @@
@@ -0,0 +1,173 @@
|
||||
From d8a169164cf40fc1cf6448792c1fa991f19bb375 Mon Sep 17 00:00:00 2001 |
||||
From: Florian Festi <ffesti@redhat.com> |
||||
Date: Thu, 22 Apr 2021 14:50:34 +0200 |
||||
Subject: [PATCH] Add --nocompression option to rpm2archive |
||||
|
||||
Also use popt for the command line handling. As we are using librpm |
||||
anyway there is no reason to keep the dependencies low (as with |
||||
rpm2cpio). |
||||
|
||||
Resolves: #1530 |
||||
--- |
||||
doc/rpm2archive.8 | 16 ++++++++++--- |
||||
rpm2archive.c | 60 ++++++++++++++++++++++++++++++++++------------- |
||||
2 files changed, 57 insertions(+), 19 deletions(-) |
||||
|
||||
diff --git a/doc/rpm2archive.8 b/doc/rpm2archive.8 |
||||
index 8bd6d4ed9d..3895d01981 100644 |
||||
--- a/doc/rpm2archive.8 |
||||
+++ b/doc/rpm2archive.8 |
||||
@@ -3,10 +3,10 @@ |
||||
.SH NAME |
||||
rpm2archive \- Create tar archive from RPM Package Manager (RPM) package. |
||||
.SH SYNOPSIS |
||||
-\fBrpm2archive\fP [filename] |
||||
+\fBrpm2archive\fP \fB{-n|--nocompression}\fR \fB\fIFILES\fB\fR |
||||
.SH DESCRIPTION |
||||
-\fBrpm2archive\fP converts the .rpm files specified as arguments to gz |
||||
-compressed tar files with suffix ".tgz". |
||||
+\fBrpm2archive\fP converts the .rpm files specified as arguments to |
||||
+tar files. By default they are gzip compressed and saved with postfix ".tgz". |
||||
|
||||
If '-' is given as argument, an rpm stream is read from standard in and |
||||
written to standard out. |
||||
@@ -16,6 +16,16 @@ containing files greater than 4GB which are not supported by cpio. Unless |
||||
\fBrpm2cpio\fP \fBrpm2archive\fP needs a working rpm installation which limits |
||||
its usefulness for some disaster recovery scenarios. |
||||
|
||||
+.SH "OPTIONS" |
||||
+.TP |
||||
+\fB\-n, --nocompression\fR |
||||
+Generate uncompressed tar archive and use ".tar" as postfix of the |
||||
+file name. |
||||
+.PP |
||||
+ |
||||
+.SH EXAMPLES |
||||
+.PP |
||||
+ |
||||
.br |
||||
.I "\fBrpm2archive glint-1.0-1.i386.rpm ; tar -xvz glint-1.0-1.i386.rpm.tgz\fP" |
||||
.br |
||||
diff --git a/rpm2archive.c b/rpm2archive.c |
||||
index d96db006ea..cb39c7a712 100644 |
||||
--- a/rpm2archive.c |
||||
+++ b/rpm2archive.c |
||||
@@ -10,6 +10,8 @@ |
||||
|
||||
#include <rpm/rpmts.h> |
||||
|
||||
+#include <popt.h> |
||||
+ |
||||
#include <archive.h> |
||||
#include <archive_entry.h> |
||||
#include <unistd.h> |
||||
@@ -18,6 +20,16 @@ |
||||
|
||||
#define BUFSIZE (128*1024) |
||||
|
||||
+int compress = 1; |
||||
+ |
||||
+static struct poptOption optionsTable[] = { |
||||
+ { "nocompression", 'n', POPT_ARG_VAL, &compress, 0, |
||||
+ N_("create uncompressed tar file"), |
||||
+ NULL }, |
||||
+ POPT_AUTOHELP |
||||
+ POPT_TABLEEND |
||||
+}; |
||||
+ |
||||
static void fill_archive_entry(struct archive * a, struct archive_entry * entry, rpmfi fi) |
||||
{ |
||||
archive_entry_clear(entry); |
||||
@@ -60,7 +72,7 @@ static void write_file_content(struct archive * a, char * buf, rpmfi fi) |
||||
} |
||||
} |
||||
|
||||
-static int process_package(rpmts ts, char * filename) |
||||
+static int process_package(rpmts ts, const char * filename) |
||||
{ |
||||
FD_t fdi; |
||||
FD_t gzdi; |
||||
@@ -119,9 +131,11 @@ static int process_package(rpmts ts, char * filename) |
||||
|
||||
/* create archive */ |
||||
a = archive_write_new(); |
||||
- if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) { |
||||
- fprintf(stderr, "Error: Could not create gzip output filter\n"); |
||||
- exit(EXIT_FAILURE); |
||||
+ if (compress) { |
||||
+ if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) { |
||||
+ fprintf(stderr, "%s\n", archive_error_string(a)); |
||||
+ exit(EXIT_FAILURE); |
||||
+ } |
||||
} |
||||
if (archive_write_set_format_pax_restricted(a) != ARCHIVE_OK) { |
||||
fprintf(stderr, "Error: Format pax restricted is not supported\n"); |
||||
@@ -142,7 +156,12 @@ static int process_package(rpmts ts, char * filename) |
||||
} |
||||
archive_write_open_fd(a, STDOUT_FILENO); |
||||
} else { |
||||
- char * outname = rstrscat(NULL, filename, ".tgz", NULL); |
||||
+ char * outname = rstrscat(NULL, filename, NULL); |
||||
+ if (compress) { |
||||
+ outname = rstrscat(&outname, ".tgz", NULL); |
||||
+ } else { |
||||
+ outname = rstrscat(&outname, ".tar", NULL); |
||||
+ } |
||||
if (archive_write_open_filename(a, outname) != ARCHIVE_OK) { |
||||
fprintf(stderr, "Error: Can't open output file: %s\n", outname); |
||||
exit(EXIT_FAILURE); |
||||
@@ -203,21 +222,22 @@ static int process_package(rpmts ts, char * filename) |
||||
return rc; |
||||
} |
||||
|
||||
-int main(int argc, char *argv[]) |
||||
+int main(int argc, const char *argv[]) |
||||
{ |
||||
- int rc = 0, i; |
||||
+ int rc = 0; |
||||
+ poptContext optCon; |
||||
+ const char *fn; |
||||
|
||||
xsetprogname(argv[0]); /* Portability call -- see system.h */ |
||||
rpmReadConfigFiles(NULL, NULL); |
||||
|
||||
- if (argc > 1 && (rstreq(argv[1], "-h") || rstreq(argv[1], "--help"))) { |
||||
- fprintf(stderr, "Usage: %s [file.rpm ...]\n", argv[0]); |
||||
+ optCon = poptGetContext(NULL, argc, argv, optionsTable, 0); |
||||
+ poptSetOtherOptionHelp(optCon, "[OPTIONS]* <FILES>"); |
||||
+ if (argc < 2 || poptGetNextOpt(optCon) == 0) { |
||||
+ poptPrintUsage(optCon, stderr, 0); |
||||
exit(EXIT_FAILURE); |
||||
} |
||||
|
||||
- if (argc == 1) |
||||
- argv[argc++] = "-"; /* abuse NULL pointer at the end of argv */ |
||||
- |
||||
rpmts ts = rpmtsCreate(); |
||||
rpmVSFlags vsflags = 0; |
||||
|
||||
@@ -227,13 +247,21 @@ int main(int argc, char *argv[]) |
||||
vsflags |= RPMVSF_NOHDRCHK; |
||||
(void) rpmtsSetVSFlags(ts, vsflags); |
||||
|
||||
- for (i = 1; i < argc; i++) { |
||||
+ /* if no file name is given use stdin/stdout */ |
||||
+ if (!poptPeekArg(optCon)) { |
||||
+ rc = process_package(ts, "-"); |
||||
+ if (rc != 0) |
||||
+ goto exit; |
||||
+ } |
||||
|
||||
- rc = process_package(ts, argv[i]); |
||||
+ while ((fn = poptGetArg(optCon)) != NULL) { |
||||
+ rc = process_package(ts, fn); |
||||
if (rc != 0) |
||||
- return rc; |
||||
+ goto exit; |
||||
} |
||||
|
||||
+ exit: |
||||
+ poptFreeContext(optCon); |
||||
(void) rpmtsFree(ts); |
||||
return rc; |
||||
} |
@ -0,0 +1,78 @@
@@ -0,0 +1,78 @@
|
||||
From 96888e99c5103d9dea5230c917b946732de2d302 Mon Sep 17 00:00:00 2001 |
||||
From: Panu Matilainen <pmatilai@redhat.com> |
||||
Date: Thu, 22 Sep 2022 11:54:47 +0300 |
||||
Subject: [PATCH] Add a handler for libselinux log messages (RhBug:2123719, |
||||
RhBug:2050774) |
||||
|
||||
libselinux logs to stderr by default, which up to now has been just fine |
||||
with us. However somewhere around libselinux 3.2 it begun issuing |
||||
log messages for events discovered in selinux_status_updated(). |
||||
We only call that to see whether the status *was* updated behind our |
||||
back and are not interested in these audit-style messages for our |
||||
functionality, but to suppress them while preserving actually relevant |
||||
errors and warnings, we need to have a log callback of our own. Might as |
||||
well forward them to rpmlog then. |
||||
|
||||
SELINUX_ERROR and SELINUX_WARNING are pretty obvious, of SELINUX_AVC |
||||
selinux_set_callback(3) says it should be treated as SELINUX_ERROR if |
||||
not audited. The rest we suppress to debug messages, they may be handy |
||||
for diagnostics some day. |
||||
|
||||
Note that this intentionally avoids explicit SELINUX_POLICYLOAD and |
||||
SELINUX_SETENFORCE cases in the switch: we don't want to introduce |
||||
libselinux >= 3.2 dependency just because of this silly thing. |
||||
--- |
||||
plugins/selinux.c | 30 ++++++++++++++++++++++++++++++ |
||||
1 file changed, 30 insertions(+) |
||||
|
||||
diff --git a/plugins/selinux.c b/plugins/selinux.c |
||||
index 747f62d05..0f10331f0 100644 |
||||
--- a/plugins/selinux.c |
||||
+++ b/plugins/selinux.c |
||||
@@ -18,6 +18,35 @@ static inline rpmlogLvl loglvl(int iserror) |
||||
return iserror ? RPMLOG_ERR : RPMLOG_DEBUG; |
||||
} |
||||
|
||||
+static int logcb(int type, const char *fmt, ...) |
||||
+{ |
||||
+ char *buf = NULL; |
||||
+ va_list ap; |
||||
+ int lvl; |
||||
+ |
||||
+ switch (type) { |
||||
+ case SELINUX_ERROR: |
||||
+ case SELINUX_AVC: |
||||
+ lvl = RPMLOG_ERR; |
||||
+ break; |
||||
+ case SELINUX_WARNING: |
||||
+ lvl = RPMLOG_WARNING; |
||||
+ break; |
||||
+ default: |
||||
+ lvl = RPMLOG_DEBUG; |
||||
+ break; |
||||
+ } |
||||
+ |
||||
+ va_start(ap, fmt); |
||||
+ rvasprintf(&buf, fmt, ap); |
||||
+ va_end(ap); |
||||
+ |
||||
+ rpmlog(lvl, "libselinux: type %d: %s", type, buf); |
||||
+ free(buf); |
||||
+ |
||||
+ return 0; |
||||
+} |
||||
+ |
||||
static void sehandle_fini(int close_status) |
||||
{ |
||||
if (sehandle) { |
||||
@@ -44,6 +73,7 @@ static rpmRC sehandle_init(int open_status) |
||||
if (selinux_status_open(0) < 0) { |
||||
return RPMRC_FAIL; |
||||
} |
||||
+ selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) &logcb); |
||||
} else if (!selinux_status_updated() && sehandle) { |
||||
return RPMRC_OK; |
||||
} |
||||
-- |
||||
2.38.1 |
||||
|
Loading…
Reference in new issue