Toshaan Bharvani
5 months ago
17 changed files with 1134 additions and 2 deletions
@ -0,0 +1,40 @@ |
|||||||
|
From 48546ffc0a3f3eb15bfd439a19fc9722eaea592f Mon Sep 17 00:00:00 2001 |
||||||
|
From: Florian Festi <ffesti@redhat.com> |
||||||
|
Date: Tue, 28 Jun 2022 12:50:54 +0200 |
||||||
|
Subject: [PATCH] Give warning on not supported hash for RSA keys |
||||||
|
|
||||||
|
This can happen when old keys are used on systems that have disabled SHA1 |
||||||
|
e.g. for FIPS requirements. |
||||||
|
|
||||||
|
This is less than ideal but there is currently no way to pass a meaningful |
||||||
|
error code up to rpmtsImportPubkey. rpmPubkeyNew just returns a valid key |
||||||
|
or NULL. |
||||||
|
|
||||||
|
See rhbz#2069877 |
||||||
|
--- |
||||||
|
rpmio/digest_openssl.c | 2 ++ |
||||||
|
1 file changed, 2 insertions(+) |
||||||
|
|
||||||
|
diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c |
||||||
|
index a28a13acc..2ec5140f1 100644 |
||||||
|
--- a/rpmio/digest_openssl.c |
||||||
|
+++ b/rpmio/digest_openssl.c |
||||||
|
@@ -4,6 +4,7 @@ |
||||||
|
#include <openssl/rsa.h> |
||||||
|
#include <openssl/dsa.h> |
||||||
|
#include <rpm/rpmpgp.h> |
||||||
|
+#include <rpm/rpmlog.h> |
||||||
|
|
||||||
|
#include "rpmio/digest.h" |
||||||
|
|
||||||
|
@@ -483,6 +484,7 @@ static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, |
||||||
|
|
||||||
|
ret = EVP_PKEY_CTX_set_signature_md(pkey_ctx, getEVPMD(hash_algo)); |
||||||
|
if (ret < 0) { |
||||||
|
+ rpmlog(RPMLOG_WARNING, "Signature not supported. Hash algorithm %s not available.\n", pgpValString(PGPVAL_HASHALGO, hash_algo)); |
||||||
|
rc = 1; |
||||||
|
goto done; |
||||||
|
} |
||||||
|
-- |
||||||
|
2.36.1 |
||||||
|
|
@ -0,0 +1,51 @@ |
|||||||
|
From 1a2554da434548e916240796fe7ca9689c5771fe Mon Sep 17 00:00:00 2001 |
||||||
|
From: Panu Matilainen <pmatilai@redhat.com> |
||||||
|
Date: Thu, 27 May 2021 13:58:58 +0300 |
||||||
|
Subject: [PATCH] Macroize find-debuginfo script location |
||||||
|
|
||||||
|
Makes it easier to handle varying paths, mainly in preparation for the |
||||||
|
next step. |
||||||
|
|
||||||
|
(cherry picked from commit ce48167f37af59b6366083fb78a314f7931c0c6b) |
||||||
|
--- |
||||||
|
configure.ac | 1 + |
||||||
|
macros.in | 4 +++- |
||||||
|
2 files changed, 4 insertions(+), 1 deletion(-) |
||||||
|
|
||||||
|
diff --git a/configure.ac b/configure.ac |
||||||
|
index 39f9a0e5b..35b4dff4c 100644 |
||||||
|
--- a/configure.ac |
||||||
|
+++ b/configure.ac |
||||||
|
@@ -113,6 +113,7 @@ AC_PATH_PROG(__NM, nm, /usr/bin/nm, $MYPATH) |
||||||
|
AC_PATH_PROG(__OBJCOPY, objcopy, /usr/bin/objcopy, $MYPATH) |
||||||
|
AC_PATH_PROG(__OBJDUMP, objdump, /usr/bin/objdump, $MYPATH) |
||||||
|
AC_PATH_PROG(__STRIP, strip, /usr/bin/strip, $MYPATH) |
||||||
|
+AC_PATH_PROG(__FIND_DEBUGINFO, find-debuginfo, /usr/bin/find-debuginfo, $MYPATH) |
||||||
|
|
||||||
|
AC_PATH_PROG(__GIT, git, /usr/bin/git, $MYPATH) |
||||||
|
AC_PATH_PROG(__HG, hg, /usr/bin/hg, $MYPATH) |
||||||
|
diff --git a/macros.in b/macros.in |
||||||
|
index 24b124702..2bcf07ef8 100644 |
||||||
|
--- a/macros.in |
||||||
|
+++ b/macros.in |
||||||
|
@@ -80,6 +80,8 @@ |
||||||
|
%__remsh %{__rsh} |
||||||
|
%__strip @__STRIP@ |
||||||
|
|
||||||
|
+%__find_debuginfo @__FIND_DEBUGINFO@ |
||||||
|
+ |
||||||
|
#============================================================================== |
||||||
|
# Conditional build stuff. |
||||||
|
|
||||||
|
@@ -149,7 +151,7 @@ |
||||||
|
# _find_debuginfo_vendor_opts to pass options to the script. |
||||||
|
# |
||||||
|
%__debug_install_post \ |
||||||
|
- %{_rpmconfigdir}/find-debuginfo.sh \\\ |
||||||
|
+ %{__find_debuginfo} \\\ |
||||||
|
%{?_smp_build_ncpus:-j%{_smp_build_ncpus}} \\\ |
||||||
|
%{?_missing_build_ids_terminate_build:--strict-build-id} \\\ |
||||||
|
%{?_no_recompute_build_ids:-n} \\\ |
||||||
|
-- |
||||||
|
2.41.0 |
||||||
|
|
@ -0,0 +1,29 @@ |
|||||||
|
From fe274b8f965582fdf97e6c46f90b9e7c124b0b8b Mon Sep 17 00:00:00 2001 |
||||||
|
From: Florian Festi <ffesti@redhat.com> |
||||||
|
Date: Fri, 16 Dec 2022 15:50:12 +0100 |
||||||
|
Subject: [PATCH] rpm2archive: Don't print usage on no arguments |
||||||
|
|
||||||
|
given as we want to default to reading from stdin and writing to stdout in |
||||||
|
that case. |
||||||
|
--- |
||||||
|
rpm2archive.c | 4 ---- |
||||||
|
1 file changed, 4 deletions(-) |
||||||
|
|
||||||
|
diff --git a/rpm2archive.c b/rpm2archive.c |
||||||
|
index 09da8d16b..53f047f58 100644 |
||||||
|
--- a/rpm2archive.c |
||||||
|
+++ b/rpm2archive.c |
||||||
|
@@ -241,10 +241,6 @@ int main(int argc, const char *argv[]) |
||||||
|
exit(EXIT_FAILURE); |
||||||
|
} |
||||||
|
} |
||||||
|
- if (argc < 2 || poptGetNextOpt(optCon) == 0) { |
||||||
|
- poptPrintUsage(optCon, stderr, 0); |
||||||
|
- exit(EXIT_FAILURE); |
||||||
|
- } |
||||||
|
|
||||||
|
rpmts ts = rpmtsCreate(); |
||||||
|
rpmVSFlags vsflags = 0; |
||||||
|
-- |
||||||
|
2.38.1 |
||||||
|
|
@ -0,0 +1,36 @@ |
|||||||
|
From 8f416b275a365426b07c75adfc017e0b18a85450 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Florian Festi <ffesti@redhat.com> |
||||||
|
Date: Fri, 16 Dec 2022 15:45:20 +0100 |
||||||
|
Subject: [PATCH] rpm2archive: Properly parse popt options |
||||||
|
|
||||||
|
and issue an error message for unknown options. Before unknown options |
||||||
|
could mess up the argument parsing leading to reading and writing from |
||||||
|
stdin/stdout. |
||||||
|
|
||||||
|
Thanks to Eva Mrakova and the Red Hat QE team for spotting this! |
||||||
|
--- |
||||||
|
rpm2archive.c | 8 ++++++++ |
||||||
|
1 file changed, 8 insertions(+) |
||||||
|
|
||||||
|
diff --git a/rpm2archive.c b/rpm2archive.c |
||||||
|
index de1a17d2b..09da8d16b 100644 |
||||||
|
--- a/rpm2archive.c |
||||||
|
+++ b/rpm2archive.c |
||||||
|
@@ -233,6 +233,14 @@ int main(int argc, const char *argv[]) |
||||||
|
|
||||||
|
optCon = poptGetContext(NULL, argc, argv, optionsTable, 0); |
||||||
|
poptSetOtherOptionHelp(optCon, "[OPTIONS]* <FILES>"); |
||||||
|
+ while ((rc = poptGetNextOpt(optCon)) != -1) { |
||||||
|
+ if (rc < 0) { |
||||||
|
+ fprintf(stderr, "%s: %s\n", |
||||||
|
+ poptBadOption(optCon, POPT_BADOPTION_NOALIAS), |
||||||
|
+ poptStrerror(rc)); |
||||||
|
+ exit(EXIT_FAILURE); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
if (argc < 2 || poptGetNextOpt(optCon) == 0) { |
||||||
|
poptPrintUsage(optCon, stderr, 0); |
||||||
|
exit(EXIT_FAILURE); |
||||||
|
-- |
||||||
|
2.38.1 |
||||||
|
|
@ -0,0 +1,41 @@ |
|||||||
|
Based on |
||||||
|
|
||||||
|
From 7db2efa95d859cebda2b095ffdffac42812bd6d9 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Darren Kenny <darren.kenny@oracle.com> |
||||||
|
Date: Tue, 22 Feb 2022 16:57:00 +0000 |
||||||
|
Subject: [PATCH] ima: Install on filesystems without xattr support without |
||||||
|
failing |
||||||
|
|
||||||
|
If an RPM contains IMA signed digests and rpm-plugin-ima is installed, |
||||||
|
then any attempt to install to a filesystem that doesn't support |
||||||
|
extended attributes will cause the RPM installation to fail. |
||||||
|
|
||||||
|
This can be seen, for example, if installing a file /boot, which is |
||||||
|
usually a vFAT filesystem. |
||||||
|
|
||||||
|
The rpm-plugin for selinux fixed this some time back, and that same |
||||||
|
logic can be applied to IMA too - where, if a failure to set an extended |
||||||
|
attribute results in an errno that is set to EOPNOTSUPP, then this |
||||||
|
should not cause a complete failure, but should instead just be logged |
||||||
|
at a debug level. |
||||||
|
|
||||||
|
Signed-off-by: Darren Kenny <darren.kenny@oracle.com> |
||||||
|
|
||||||
|
--- rpm-4.16.1.3/plugins/ima.c.orig 2023-05-02 18:19:25.095992859 +0200 |
||||||
|
+++ rpm-4.16.1.3/plugins/ima.c 2023-05-02 18:21:46.032941008 +0200 |
||||||
|
@@ -69,10 +69,13 @@ |
||||||
|
fsig = rpmfiFSignature(fi, &len); |
||||||
|
if (fsig && (check_zero_hdr(fsig, len) == 0)) { |
||||||
|
if (lsetxattr(path, XATTR_NAME_IMA, fsig, len, 0) < 0) { |
||||||
|
- rpmlog(RPMLOG_ERR, |
||||||
|
+ int is_err = errno != EOPNOTSUPP; |
||||||
|
+ rpmlog(is_err?RPMLOG_ERR:RPMLOG_DEBUG, |
||||||
|
"ima: could not apply signature on '%s': %s\n", |
||||||
|
path, strerror(errno)); |
||||||
|
- rc = RPMRC_FAIL; |
||||||
|
+ if (is_err) { |
||||||
|
+ rc = RPMRC_FAIL; |
||||||
|
+ } |
||||||
|
} |
||||||
|
} |
||||||
|
|
@ -0,0 +1,57 @@ |
|||||||
|
diff --git a/scripts/rpm2cpio.sh b/scripts/rpm2cpio.sh |
||||||
|
index 4531271cc..74aeed851 100755 |
||||||
|
--- a/scripts/rpm2cpio.sh |
||||||
|
+++ b/scripts/rpm2cpio.sh |
||||||
|
@@ -15,13 +15,23 @@ _dd() { |
||||||
|
} |
||||||
|
|
||||||
|
calcsize() { |
||||||
|
+ |
||||||
|
+ case "$(_dd $1 bs=4 count=1 | tr -d '\0')" in |
||||||
|
+ "$(printf '\216\255\350')"*) ;; # '\x8e\xad\xe8' |
||||||
|
+ *) fatal "File doesn't look like rpm: $pkg" ;; |
||||||
|
+ esac |
||||||
|
+ |
||||||
|
offset=$(($1 + 8)) |
||||||
|
|
||||||
|
local i b b0 b1 b2 b3 b4 b5 b6 b7 |
||||||
|
|
||||||
|
i=0 |
||||||
|
while [ $i -lt 8 ]; do |
||||||
|
- b="$(_dd $(($offset + $i)) bs=1 count=1)" |
||||||
|
+ # add . to not loose \n |
||||||
|
+ # strip \0 as it gets dropped with warning otherwise |
||||||
|
+ b="$(_dd $(($offset + $i)) bs=1 count=1 | tr -d '\0' ; echo .)" |
||||||
|
+ b=${b%.} # strip . again |
||||||
|
+ |
||||||
|
[ -z "$b" ] && |
||||||
|
b="0" || |
||||||
|
b="$(exec printf '%u\n' "'$b")" |
||||||
|
@@ -33,7 +43,7 @@ calcsize() { |
||||||
|
offset=$(($offset + $rsize)) |
||||||
|
} |
||||||
|
|
||||||
|
-case "$(_dd 0 bs=8 count=1)" in |
||||||
|
+case "$(_dd 0 bs=4 count=1 | tr -d '\0')" in |
||||||
|
"$(printf '\355\253\356\333')"*) ;; # '\xed\xab\xee\xdb' |
||||||
|
*) fatal "File doesn't look like rpm: $pkg" ;; |
||||||
|
esac |
||||||
|
@@ -44,11 +54,11 @@ sigsize=$rsize |
||||||
|
calcsize $(($offset + (8 - ($sigsize % 8)) % 8)) |
||||||
|
hdrsize=$rsize |
||||||
|
|
||||||
|
-case "$(_dd $offset bs=3 count=1)" in |
||||||
|
- "$(printf '\102\132')"*) _dd $offset | bunzip2 ;; # '\x42\x5a' |
||||||
|
- "$(printf '\037\213')"*) _dd $offset | gunzip ;; # '\x1f\x8b' |
||||||
|
- "$(printf '\375\067')"*) _dd $offset | xzcat ;; # '\xfd\x37' |
||||||
|
- "$(printf '\135\000')"*) _dd $offset | unlzma ;; # '\x5d\x00' |
||||||
|
- "$(printf '\050\265')"*) _dd $offset | unzstd ;; # '\x28\xb5' |
||||||
|
- *) fatal "Unrecognized rpm file: $pkg" ;; |
||||||
|
+case "$(_dd $offset bs=2 count=1 | tr -d '\0')" in |
||||||
|
+ "$(printf '\102\132')") _dd $offset | bunzip2 ;; # '\x42\x5a' |
||||||
|
+ "$(printf '\037\213')") _dd $offset | gunzip ;; # '\x1f\x8b' |
||||||
|
+ "$(printf '\375\067')") _dd $offset | xzcat ;; # '\xfd\x37' |
||||||
|
+ "$(printf '\135')") _dd $offset | unlzma ;; # '\x5d\x00' |
||||||
|
+ "$(printf '\050\265')") _dd $offset | unzstd ;; # '\x28\xb5' |
||||||
|
+ *) fatal "Unrecognized payload compression format in rpm file: $pkg" ;; |
||||||
|
esac |
@ -0,0 +1,40 @@ |
|||||||
|
From 35739c2a2298e61caacb45157706bf342ffcd20e Mon Sep 17 00:00:00 2001 |
||||||
|
From: Florian Festi <ffesti@redhat.com> |
||||||
|
Date: Tue, 27 Apr 2021 10:09:41 +0200 |
||||||
|
Subject: [PATCH] find-lang.sh: Support long languages names for QT |
||||||
|
|
||||||
|
Most language abbreviations are just two characters but some are longer. |
||||||
|
Allow an arbiraty number of character instead of exactly two in the names |
||||||
|
of .qm files (QT translations). This brings the handling of .qm files in |
||||||
|
line with all other file types. |
||||||
|
|
||||||
|
Resolves: #1642 |
||||||
|
--- |
||||||
|
scripts/find-lang.sh | 14 +++++++------- |
||||||
|
1 file changed, 7 insertions(+), 7 deletions(-) |
||||||
|
|
||||||
|
diff --git a/scripts/find-lang.sh b/scripts/find-lang.sh |
||||||
|
index f2aa7d8951..b97210b117 100755 |
||||||
|
--- a/scripts/find-lang.sh |
||||||
|
+++ b/scripts/find-lang.sh |
||||||
|
@@ -249,13 +249,13 @@ s:%lang(C) :: |
||||||
|
|
||||||
|
find "$TOP_DIR" -type f -o -type l|sed ' |
||||||
|
s:'"$TOP_DIR"':: |
||||||
|
-'"$NO_ALL_NAME$QT"'s:\(.*/'"$NAME"'_\([a-zA-Z]\{2\}\([_@].*\)\?\)\.qm$\):%lang(\2) \1: |
||||||
|
-'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1: |
||||||
|
-'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1: |
||||||
|
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1: |
||||||
|
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1: |
||||||
|
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1: |
||||||
|
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1: |
||||||
|
+'"$NO_ALL_NAME$QT"'s:\(.*/'"$NAME"'_\([a-zA-Z]\+\([_@].*\)\?\)\.qm$\):%lang(\2) \1: |
||||||
|
+'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1: |
||||||
|
+'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1: |
||||||
|
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1: |
||||||
|
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1: |
||||||
|
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1: |
||||||
|
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1: |
||||||
|
s:^[^%].*:: |
||||||
|
s:%lang(C) :: |
||||||
|
/^$/d' >> $MO_NAME |
@ -0,0 +1,217 @@ |
|||||||
|
From 7b1fc619a5c828828dad7c1f61f525d957b9e2c5 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Petr Viktorin <pviktori@redhat.com> |
||||||
|
Date: Wed, 27 Jan 2021 17:32:51 +0100 |
||||||
|
Subject: [PATCH] Add %bcond macro for defining build conditionals |
||||||
|
|
||||||
|
Move documentation from comments to reference manual |
||||||
|
Fixes: https://github.com/rpm-software-management/rpm/issues/941 |
||||||
|
|
||||||
|
(cherry picked from commit a99b6373af0774f4bef62aa89defc84cfcacc078) |
||||||
|
--- |
||||||
|
macros.in | 54 +++++++---------------- |
||||||
|
tests/Makefile.am | 1 + |
||||||
|
tests/data/SPECS/bcondtest.spec | 33 +++++++++++++++ |
||||||
|
tests/rpmbuild.at | 73 ++++++++++++++++++++++++++++++++ |
||||||
|
5 files changed, 157 insertions(+), 42 deletions(-) |
||||||
|
create mode 100644 tests/data/SPECS/bcondtest.spec |
||||||
|
|
||||||
|
diff --git a/macros.in b/macros.in |
||||||
|
index 7c458f5d8a..35462c933c 100644 |
||||||
|
--- a/macros.in |
||||||
|
+++ b/macros.in |
||||||
|
@@ -78,47 +78,25 @@ |
||||||
|
%defined() %{expand:%%{?%{1}:1}%%{!?%{1}:0}} |
||||||
|
%undefined() %{expand:%%{?%{1}:0}%%{!?%{1}:1}} |
||||||
|
|
||||||
|
-# Shorthand for %{defined with_...} |
||||||
|
+# Handle conditional builds. |
||||||
|
+# (see 'conditionalbuilds' in the manual) |
||||||
|
+# |
||||||
|
+# Internally, the `--with foo` option defines the macro `_with_foo` and the |
||||||
|
+# `--without foo` option defines the macro `_without_foo`. |
||||||
|
+# Based on those and a default (used when neither is given), bcond macros |
||||||
|
+# define the macro `with_foo`, which should later be checked: |
||||||
|
+ |
||||||
|
+%bcond() %[ (%2)\ |
||||||
|
+ ? "%{expand:%%{!?_without_%{1}:%%global with_%{1} 1}}"\ |
||||||
|
+ : "%{expand:%%{?_with_%{1}:%%global with_%{1} 1}}"\ |
||||||
|
+] |
||||||
|
+%bcond_with() %bcond %{1} 0 |
||||||
|
+%bcond_without() %bcond %{1} 1 |
||||||
|
+ |
||||||
|
+# Shorthands for %{defined with_...}: |
||||||
|
%with() %{expand:%%{?with_%{1}:1}%%{!?with_%{1}:0}} |
||||||
|
%without() %{expand:%%{?with_%{1}:0}%%{!?with_%{1}:1}} |
||||||
|
|
||||||
|
-# Handle conditional builds. %bcond_with is for case when feature is |
||||||
|
-# default off and needs to be activated with --with ... command line |
||||||
|
-# switch. %bcond_without is for the dual case. |
||||||
|
-# |
||||||
|
-# %bcond_with foo defines symbol with_foo if --with foo was specified on |
||||||
|
-# command line. |
||||||
|
-# %bcond_without foo defines symbol with_foo if --without foo was *not* |
||||||
|
-# specified on command line. |
||||||
|
-# |
||||||
|
-# For example (spec file): |
||||||
|
-# |
||||||
|
-# (at the beginning) |
||||||
|
-# %bcond_with extra_fonts |
||||||
|
-# %bcond_without static |
||||||
|
-# (and later) |
||||||
|
-# %if %{with extra_fonts} |
||||||
|
-# ... |
||||||
|
-# %else |
||||||
|
-# ... |
||||||
|
-# %endif |
||||||
|
-# %if ! %{with static} |
||||||
|
-# ... |
||||||
|
-# %endif |
||||||
|
-# %if %{with static} |
||||||
|
-# ... |
||||||
|
-# %endif |
||||||
|
-# %{?with_static: ... } |
||||||
|
-# %{!?with_static: ... } |
||||||
|
-# %{?with_extra_fonts: ... } |
||||||
|
-# %{!?with_extra_fonts: ... } |
||||||
|
- |
||||||
|
-# |
||||||
|
-# The bottom line: never use without_foo, _with_foo nor _without_foo, only |
||||||
|
-# with_foo. This way changing default set of bconds for given spec is just |
||||||
|
-# a matter of changing single line in it and syntax is more readable. |
||||||
|
-%bcond_with() %{expand:%%{?_with_%{1}:%%global with_%{1} 1}} |
||||||
|
-%bcond_without() %{expand:%%{!?_without_%{1}:%%global with_%{1} 1}} |
||||||
|
# |
||||||
|
#============================================================================== |
||||||
|
# ---- Required rpmrc macros. |
||||||
|
diff --git a/tests/Makefile.am b/tests/Makefile.am |
||||||
|
index 66cee3273b..6d41ef93c5 100644 |
||||||
|
--- a/tests/Makefile.am |
||||||
|
+++ b/tests/Makefile.am |
||||||
|
@@ -40,6 +40,7 @@ EXTRA_DIST += $(TESTSUITE_AT) |
||||||
|
|
||||||
|
## testsuite data |
||||||
|
EXTRA_DIST += data/SPECS/attrtest.spec |
||||||
|
+EXTRA_DIST += data/SPECS/bcondtest.spec |
||||||
|
EXTRA_DIST += data/SPECS/buildrequires.spec |
||||||
|
EXTRA_DIST += data/SPECS/docmiss.spec |
||||||
|
EXTRA_DIST += data/SPECS/hello.spec |
||||||
|
diff --git a/tests/data/SPECS/bcondtest.spec b/tests/data/SPECS/bcondtest.spec |
||||||
|
new file mode 100644 |
||||||
|
index 0000000000..7172a31d29 |
||||||
|
--- /dev/null |
||||||
|
+++ b/tests/data/SPECS/bcondtest.spec |
||||||
|
@@ -0,0 +1,33 @@ |
||||||
|
+Name: bcondtest |
||||||
|
+Version: 1.0 |
||||||
|
+Release: 1 |
||||||
|
+Group: Testing |
||||||
|
+License: CC0 |
||||||
|
+BuildArch: noarch |
||||||
|
+Summary: Test package for the bcond macro |
||||||
|
+ |
||||||
|
+%bcond normally_on 1 |
||||||
|
+%bcond normally_off 0 |
||||||
|
+%bcond both_features %[%{with normally_on} && %{with normally_off}] |
||||||
|
+ |
||||||
|
+%if %{with normally_on} |
||||||
|
+Provides: has_bcond(normally_on) |
||||||
|
+%endif |
||||||
|
+%if %{with normally_off} |
||||||
|
+Provides: has_bcond(normally_off) |
||||||
|
+%endif |
||||||
|
+%if %{with both_features} |
||||||
|
+Provides: has_bcond(both_features) |
||||||
|
+%endif |
||||||
|
+ |
||||||
|
+%description |
||||||
|
+%{summary} |
||||||
|
+ |
||||||
|
+%install |
||||||
|
+mkdir -p %{buildroot}/opt |
||||||
|
+touch %{buildroot}/opt/file |
||||||
|
+ |
||||||
|
+%files |
||||||
|
+/opt/file |
||||||
|
+ |
||||||
|
+%changelog |
||||||
|
diff --git a/tests/rpmbuild.at b/tests/rpmbuild.at |
||||||
|
index 30d8e6895d..f378a4af2a 100644 |
||||||
|
--- a/tests/rpmbuild.at |
||||||
|
+++ b/tests/rpmbuild.at |
||||||
|
@@ -1801,3 +1801,76 @@ runroot rpmbuild -ba --quiet \ |
||||||
|
[], |
||||||
|
[]) |
||||||
|
AT_CLEANUP |
||||||
|
+ |
||||||
|
+AT_SETUP([bcond macro]) |
||||||
|
+AT_KEYWORDS([bcond build]) |
||||||
|
+RPMDB_INIT |
||||||
|
+ |
||||||
|
+# basic bcond behavior with --eval |
||||||
|
+AT_CHECK([ |
||||||
|
+runroot rpm \ |
||||||
|
+ --eval "%bcond normally_on 1" \ |
||||||
|
+ --eval "%bcond normally_off 0" \ |
||||||
|
+ --eval "%bcond both_features %[[%{with normally_on} && %{with normally_off}]]" \ |
||||||
|
+ --eval "%{with normally_on}" \ |
||||||
|
+ --eval "%{with normally_off}" \ |
||||||
|
+ --eval "%{with both_features}" |
||||||
|
+], |
||||||
|
+[0], |
||||||
|
+[ |
||||||
|
+ |
||||||
|
+ |
||||||
|
+1 |
||||||
|
+0 |
||||||
|
+0 |
||||||
|
+], |
||||||
|
+[]) |
||||||
|
+ |
||||||
|
+# bcond behavior, without CLI options |
||||||
|
+AT_CHECK([ |
||||||
|
+runroot rpmbuild -bb --quiet /data/SPECS/bcondtest.spec |
||||||
|
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||||
|
+ grep has_bcond | sort |
||||||
|
+], |
||||||
|
+[0], |
||||||
|
+[has_bcond(normally_on) |
||||||
|
+], |
||||||
|
+[]) |
||||||
|
+ |
||||||
|
+# bcond behavior, --with |
||||||
|
+AT_CHECK([ |
||||||
|
+runroot rpmbuild -bb --quiet --with normally_on --with normally_off \ |
||||||
|
+ /data/SPECS/bcondtest.spec |
||||||
|
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||||
|
+ grep has_bcond | sort |
||||||
|
+], |
||||||
|
+[0], |
||||||
|
+[has_bcond(both_features) |
||||||
|
+has_bcond(normally_off) |
||||||
|
+has_bcond(normally_on) |
||||||
|
+], |
||||||
|
+[]) |
||||||
|
+ |
||||||
|
+# bcond behavior, --without |
||||||
|
+AT_CHECK([ |
||||||
|
+runroot rpmbuild -bb --quiet --without normally_on --without normally_off \ |
||||||
|
+ /data/SPECS/bcondtest.spec |
||||||
|
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||||
|
+ grep has_bcond | sort |
||||||
|
+], |
||||||
|
+[0], |
||||||
|
+[], |
||||||
|
+[]) |
||||||
|
+ |
||||||
|
+# bcond behavior, CLI overriding a complex defailt |
||||||
|
+AT_CHECK([ |
||||||
|
+runroot rpmbuild -bb --quiet --with both_features /data/SPECS/bcondtest.spec |
||||||
|
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm | |
||||||
|
+ grep has_bcond | sort |
||||||
|
+], |
||||||
|
+[0], |
||||||
|
+[has_bcond(both_features) |
||||||
|
+has_bcond(normally_on) |
||||||
|
+], |
||||||
|
+[]) |
||||||
|
+AT_CLEANUP |
@ -0,0 +1,24 @@ |
|||||||
|
From 4420c78beb86cc67392274bf351478a3375626a2 Mon Sep 17 00:00:00 2001 |
||||||
|
From: yangchenguang <89123114+yangchenguang94@users.noreply.github.com> |
||||||
|
Date: Wed, 13 Jul 2022 16:52:07 +0800 |
||||||
|
Subject: [PATCH] Fix query arguments with ^ not working |
||||||
|
|
||||||
|
when querying packages in the RPM database. |
||||||
|
|
||||||
|
Rersolves: #2104 |
||||||
|
--- |
||||||
|
lib/rpmdb.c | 1 + |
||||||
|
1 file changed, 1 insertion(+) |
||||||
|
|
||||||
|
diff --git a/lib/rpmdb.c b/lib/rpmdb.c |
||||||
|
index fa8f3c9b9c..fd2b0671ae 100644 |
||||||
|
--- a/lib/rpmdb.c |
||||||
|
+++ b/lib/rpmdb.c |
||||||
|
@@ -1133,6 +1133,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep, |
||||||
|
switch (*s) { |
||||||
|
case '.': |
||||||
|
case '+': |
||||||
|
+ case '^': |
||||||
|
if (!brackets) *t++ = '\\'; |
||||||
|
break; |
||||||
|
case '*': |
@ -0,0 +1,24 @@ |
|||||||
|
From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Panu Matilainen <pmatilai@redhat.com> |
||||||
|
Date: Tue, 6 Sep 2022 13:15:44 +0300 |
||||||
|
Subject: [PATCH] Fix buffer overrun from commit |
||||||
|
4420c78beb86cc67392274bf351478a3375626a2 |
||||||
|
|
||||||
|
The newly handled ^ needs to be accounted for when allocating memory. |
||||||
|
Found when testing #1936, goes to show what a useful thing that is. |
||||||
|
--- |
||||||
|
lib/rpmdb.c | 1 + |
||||||
|
1 file changed, 1 insertion(+) |
||||||
|
|
||||||
|
diff --git a/lib/rpmdb.c b/lib/rpmdb.c |
||||||
|
index fd2b0671ae..b3c5da62d5 100644 |
||||||
|
--- a/lib/rpmdb.c |
||||||
|
+++ b/lib/rpmdb.c |
||||||
|
@@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep, |
||||||
|
case '.': |
||||||
|
case '+': |
||||||
|
case '*': |
||||||
|
+ case '^': |
||||||
|
if (!brackets) nb++; |
||||||
|
break; |
||||||
|
case '\\': |
@ -0,0 +1,11 @@ |
|||||||
|
--- rpm-4.16.1.3/tests/Makefile.am.orig 2023-05-03 12:44:36.287582896 +0200 |
||||||
|
+++ rpm-4.16.1.3/tests/Makefile.am 2023-05-03 12:46:34.182938006 +0200 |
||||||
|
@@ -170,7 +170,7 @@ |
||||||
|
for d in dev etc magic tmp var; do if [ ! -d testing/$${d} ]; then mkdir testing/$${d}; fi; done |
||||||
|
for node in urandom stdin stderr stdout null full; do ln -s /dev/$${node} testing/dev/$${node}; done |
||||||
|
for cf in hosts resolv.conf passwd shadow group gshadow mtab ; do [ -f /etc/$${cf} ] && ln -s /etc/$${cf} testing/etc/$${cf}; done |
||||||
|
- for prog in gzip cat patch tar sh ln chmod rm mkdir uname grep sed find file ionice mktemp nice cut sort diff touch install wc coreutils xargs; do p=`which $${prog}`; if [ "$${p}" != "" ]; then ln -s $${p} testing/$(bindir)/; fi; done |
||||||
|
+ for prog in gzip cat patch tar sh ln chmod rm mkdir uname grep sed find file ionice mktemp nice cut sort diff touch install wc coreutils xargs debugedit find-debuginfo find-debuginfo.sh ; do p=`which $${prog}`; if [ "$${p}" != "" ]; then ln -s $${p} testing/$(bindir)/; fi; done |
||||||
|
for d in /proc /sys /selinux /etc/selinux; do if [ -d $${d} ]; then ln -s $${d} testing/$${d}; fi; done |
||||||
|
(cd testing/magic && file -C) |
||||||
|
chmod -R u-w testing/ |
@ -0,0 +1,167 @@ |
|||||||
|
From 534fd1f0c84b12ba6080a46e07c57ef913c77cba Mon Sep 17 00:00:00 2001 |
||||||
|
From: Radovan Sroka <rsroka@redhat.com> |
||||||
|
Date: Thu, 25 Aug 2022 15:38:01 +0200 |
||||||
|
Subject: [PATCH] fapolicyd: Make write() nonblocking |
||||||
|
|
||||||
|
- switch to read only and non blocking mode for pipe |
||||||
|
- add 1 minute loop to wait for pipe to reappear |
||||||
|
|
||||||
|
Sometimes during the system update/upgrade fapolicyd |
||||||
|
get restarted e.g. when systemd gets updated. |
||||||
|
That can lead to the situation where fapolicyd pipe |
||||||
|
has been removed and created again. |
||||||
|
In such cases rpm-plugin-fapolicyd gets stuck on |
||||||
|
write() to the pipe which does not exist anymore. |
||||||
|
After switching to non blocking file descriptor |
||||||
|
we can try to reopen the pipe if there is an error |
||||||
|
from write(). Assuming that a new pipe should appear |
||||||
|
when fapolicyd daemon starts again. |
||||||
|
If not then after 1 minute of waiting we expect |
||||||
|
fapolicyd daemon to be not active and we let the |
||||||
|
transaction continue. |
||||||
|
|
||||||
|
Signed-off-by: Radovan Sroka <rsroka@redhat.com> |
||||||
|
--- |
||||||
|
plugins/fapolicyd.c | 74 +++++++++++++++++++++++++++++++++++++++------ |
||||||
|
1 file changed, 65 insertions(+), 9 deletions(-) |
||||||
|
|
||||||
|
diff --git a/plugins/fapolicyd.c b/plugins/fapolicyd.c |
||||||
|
index 1ff50c30f..6c6322941 100644 |
||||||
|
--- a/plugins/fapolicyd.c |
||||||
|
+++ b/plugins/fapolicyd.c |
||||||
|
@@ -27,7 +27,7 @@ static rpmRC open_fifo(struct fapolicyd_data* state) |
||||||
|
int fd = -1; |
||||||
|
struct stat s; |
||||||
|
|
||||||
|
- fd = open(state->fifo_path, O_RDWR); |
||||||
|
+ fd = open(state->fifo_path, O_WRONLY|O_NONBLOCK); |
||||||
|
if (fd == -1) { |
||||||
|
rpmlog(RPMLOG_DEBUG, "Open: %s -> %s\n", state->fifo_path, strerror(errno)); |
||||||
|
goto bad; |
||||||
|
@@ -55,15 +55,26 @@ static rpmRC open_fifo(struct fapolicyd_data* state) |
||||||
|
} |
||||||
|
|
||||||
|
state->fd = fd; |
||||||
|
+ |
||||||
|
/* considering success */ |
||||||
|
return RPMRC_OK; |
||||||
|
|
||||||
|
bad: |
||||||
|
if (fd >= 0) |
||||||
|
close(fd); |
||||||
|
+ |
||||||
|
+ state->fd = -1; |
||||||
|
return RPMRC_FAIL; |
||||||
|
} |
||||||
|
|
||||||
|
+static void close_fifo(struct fapolicyd_data* state) |
||||||
|
+{ |
||||||
|
+ if (state->fd > 0) |
||||||
|
+ (void) close(state->fd); |
||||||
|
+ |
||||||
|
+ state->fd = -1; |
||||||
|
+} |
||||||
|
+ |
||||||
|
static rpmRC write_fifo(struct fapolicyd_data* state, const char * str) |
||||||
|
{ |
||||||
|
ssize_t len = strlen(str); |
||||||
|
@@ -86,6 +97,54 @@ static rpmRC write_fifo(struct fapolicyd_data* state, const char * str) |
||||||
|
return RPMRC_FAIL; |
||||||
|
} |
||||||
|
|
||||||
|
+static void try_to_write_to_fifo(struct fapolicyd_data* state, const char * str) |
||||||
|
+{ |
||||||
|
+ int reload = 0; |
||||||
|
+ int printed = 0; |
||||||
|
+ |
||||||
|
+ /* 1min/60s */ |
||||||
|
+ const int timeout = 60; |
||||||
|
+ |
||||||
|
+ /* wait up to X seconds */ |
||||||
|
+ for (int i = 0; i < timeout; i++) { |
||||||
|
+ |
||||||
|
+ if (reload) { |
||||||
|
+ if (!printed) { |
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: waiting for the service connection to resume, it can take up to %d seconds\n", timeout); |
||||||
|
+ printed = 1; |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ (void) close_fifo(state); |
||||||
|
+ (void) open_fifo(state); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ if (state->fd >= 0) { |
||||||
|
+ if (write_fifo(state, str) == RPMRC_OK) { |
||||||
|
+ |
||||||
|
+ /* write was successful after few reopens */ |
||||||
|
+ if (reload) |
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: the service connection has resumed\n"); |
||||||
|
+ |
||||||
|
+ break; |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ /* failed write or reopen */ |
||||||
|
+ reload = 1; |
||||||
|
+ sleep(1); |
||||||
|
+ |
||||||
|
+ /* the last iteration */ |
||||||
|
+ /* consider failure */ |
||||||
|
+ if (i == timeout-1) { |
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: the service connection has not resumed\n"); |
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: continuing without the service\n"); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+} |
||||||
|
+ |
||||||
|
+ |
||||||
|
static rpmRC fapolicyd_init(rpmPlugin plugin, rpmts ts) |
||||||
|
{ |
||||||
|
if (rpmtsFlags(ts) & (RPMTRANS_FLAG_TEST|RPMTRANS_FLAG_BUILD_PROBS)) |
||||||
|
@@ -102,10 +161,7 @@ static rpmRC fapolicyd_init(rpmPlugin plugin, rpmts ts) |
||||||
|
|
||||||
|
static void fapolicyd_cleanup(rpmPlugin plugin) |
||||||
|
{ |
||||||
|
- if (fapolicyd_state.fd > 0) |
||||||
|
- (void) close(fapolicyd_state.fd); |
||||||
|
- |
||||||
|
- fapolicyd_state.fd = -1; |
||||||
|
+ (void) close_fifo(&fapolicyd_state); |
||||||
|
} |
||||||
|
|
||||||
|
static rpmRC fapolicyd_tsm_post(rpmPlugin plugin, rpmts ts, int res) |
||||||
|
@@ -116,9 +172,9 @@ static rpmRC fapolicyd_tsm_post(rpmPlugin plugin, rpmts ts, int res) |
||||||
|
/* we are ready */ |
||||||
|
if (fapolicyd_state.fd > 0) { |
||||||
|
/* send a signal that transaction is over */ |
||||||
|
- (void) write_fifo(&fapolicyd_state, "1\n"); |
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, "1\n"); |
||||||
|
/* flush cache */ |
||||||
|
- (void) write_fifo(&fapolicyd_state, "2\n"); |
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, "2\n"); |
||||||
|
} |
||||||
|
|
||||||
|
end: |
||||||
|
@@ -133,7 +189,7 @@ static rpmRC fapolicyd_scriptlet_pre(rpmPlugin plugin, const char *s_name, |
||||||
|
|
||||||
|
if (fapolicyd_state.changed_files > 0) { |
||||||
|
/* send signal to flush cache */ |
||||||
|
- (void) write_fifo(&fapolicyd_state, "2\n"); |
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, "2\n"); |
||||||
|
|
||||||
|
/* optimize flushing */ |
||||||
|
/* flush only when there was an actual change */ |
||||||
|
@@ -176,7 +232,7 @@ static rpmRC fapolicyd_fsm_file_prepare(rpmPlugin plugin, rpmfi fi, |
||||||
|
char * sha = rpmfiFDigestHex(fi, NULL); |
||||||
|
|
||||||
|
snprintf(buffer, 4096, "%s %lu %64s\n", dest, size, sha); |
||||||
|
- (void) write_fifo(&fapolicyd_state, buffer); |
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, buffer); |
||||||
|
|
||||||
|
free(sha); |
||||||
|
|
||||||
|
-- |
||||||
|
2.37.3 |
||||||
|
|
@ -0,0 +1,20 @@ |
|||||||
|
--- rpm.orig/macros.in 2022-06-30 11:37:18.975312592 +0100 |
||||||
|
+++ rpm-4.16.1.3/macros.in 2022-06-30 11:37:43.145158323 +0100 |
||||||
|
@@ -167,6 +167,9 @@ |
||||||
|
# A spec file can %%define _find_debuginfo_opts to pass options to |
||||||
|
# the script. See the script for details. |
||||||
|
# |
||||||
|
+# Vendor spec files (eg redhat-rpm-config:macros) can %%define |
||||||
|
+# _find_debuginfo_vendor_opts to pass options to the script. |
||||||
|
+# |
||||||
|
%__debug_install_post \ |
||||||
|
%{_rpmconfigdir}/find-debuginfo.sh \\\ |
||||||
|
%{?_smp_build_ncpus:-j%{_smp_build_ncpus}} \\\ |
||||||
|
@@ -179,6 +182,7 @@ |
||||||
|
%{?_unique_debug_srcs:--unique-debug-src-base "%{name}-%{VERSION}-%{RELEASE}.%{_arch}"} \\\ |
||||||
|
%{?_find_debuginfo_dwz_opts} \\\ |
||||||
|
%{?_find_debuginfo_opts} \\\ |
||||||
|
+ %{?_find_debuginfo_vendor_opts} \\\ |
||||||
|
%{?_debugsource_packages:-S debugsourcefiles.list} \\\ |
||||||
|
"%{_builddir}/%{?buildsubdir}"\ |
||||||
|
%{nil} |
@ -0,0 +1,51 @@ |
|||||||
|
From f1634250587479d664b34b6de1a6546b2c2b9de5 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Florian Festi <ffesti@redhat.com> |
||||||
|
Date: Mon, 18 Jan 2021 15:02:34 +0100 |
||||||
|
Subject: [PATCH] rpm2archive: Add more error handling |
||||||
|
|
||||||
|
Cleanly error out if file can't be written instead of segfaulting |
||||||
|
|
||||||
|
Resolves: #1091 |
||||||
|
--- |
||||||
|
rpm2archive.c | 17 ++++++++++++----- |
||||||
|
1 file changed, 12 insertions(+), 5 deletions(-) |
||||||
|
|
||||||
|
diff --git a/rpm2archive.c b/rpm2archive.c |
||||||
|
index 646f1663d..15c5da016 100644 |
||||||
|
--- a/rpm2archive.c |
||||||
|
+++ b/rpm2archive.c |
||||||
|
@@ -119,9 +119,14 @@ static int process_package(rpmts ts, char * filename) |
||||||
|
|
||||||
|
/* create archive */ |
||||||
|
a = archive_write_new(); |
||||||
|
- archive_write_add_filter_gzip(a); |
||||||
|
- archive_write_set_format_pax_restricted(a); |
||||||
|
- |
||||||
|
+ if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) { |
||||||
|
+ fprintf(stderr, "Error: Could not create gzip output filter\n"); |
||||||
|
+ exit(EXIT_FAILURE); |
||||||
|
+ } |
||||||
|
+ if (archive_write_set_format_pax_restricted(a) != ARCHIVE_OK) { |
||||||
|
+ fprintf(stderr, "Error: Format pax restricted is not supported\n"); |
||||||
|
+ exit(EXIT_FAILURE); |
||||||
|
+ } |
||||||
|
if (!strcmp(filename, "-")) { |
||||||
|
if (isatty(STDOUT_FILENO)) { |
||||||
|
fprintf(stderr, "Error: refusing to output archive data to a terminal.\n"); |
||||||
|
@@ -130,9 +135,11 @@ static int process_package(rpmts ts, char * filename) |
||||||
|
archive_write_open_fd(a, STDOUT_FILENO); |
||||||
|
} else { |
||||||
|
char * outname = rstrscat(NULL, filename, ".tgz", NULL); |
||||||
|
- archive_write_open_filename(a, outname); |
||||||
|
+ if (archive_write_open_filename(a, outname) != ARCHIVE_OK) { |
||||||
|
+ fprintf(stderr, "Error: Can't open output file: %s\n", outname); |
||||||
|
+ exit(EXIT_FAILURE); |
||||||
|
+ } |
||||||
|
_free(outname); |
||||||
|
- // XXX error handling |
||||||
|
} |
||||||
|
|
||||||
|
entry = archive_entry_new(); |
||||||
|
-- |
||||||
|
2.38.1 |
||||||
|
|
@ -0,0 +1,173 @@ |
|||||||
|
From d8a169164cf40fc1cf6448792c1fa991f19bb375 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Florian Festi <ffesti@redhat.com> |
||||||
|
Date: Thu, 22 Apr 2021 14:50:34 +0200 |
||||||
|
Subject: [PATCH] Add --nocompression option to rpm2archive |
||||||
|
|
||||||
|
Also use popt for the command line handling. As we are using librpm |
||||||
|
anyway there is no reason to keep the dependencies low (as with |
||||||
|
rpm2cpio). |
||||||
|
|
||||||
|
Resolves: #1530 |
||||||
|
--- |
||||||
|
doc/rpm2archive.8 | 16 ++++++++++--- |
||||||
|
rpm2archive.c | 60 ++++++++++++++++++++++++++++++++++------------- |
||||||
|
2 files changed, 57 insertions(+), 19 deletions(-) |
||||||
|
|
||||||
|
diff --git a/doc/rpm2archive.8 b/doc/rpm2archive.8 |
||||||
|
index 8bd6d4ed9d..3895d01981 100644 |
||||||
|
--- a/doc/rpm2archive.8 |
||||||
|
+++ b/doc/rpm2archive.8 |
||||||
|
@@ -3,10 +3,10 @@ |
||||||
|
.SH NAME |
||||||
|
rpm2archive \- Create tar archive from RPM Package Manager (RPM) package. |
||||||
|
.SH SYNOPSIS |
||||||
|
-\fBrpm2archive\fP [filename] |
||||||
|
+\fBrpm2archive\fP \fB{-n|--nocompression}\fR \fB\fIFILES\fB\fR |
||||||
|
.SH DESCRIPTION |
||||||
|
-\fBrpm2archive\fP converts the .rpm files specified as arguments to gz |
||||||
|
-compressed tar files with suffix ".tgz". |
||||||
|
+\fBrpm2archive\fP converts the .rpm files specified as arguments to |
||||||
|
+tar files. By default they are gzip compressed and saved with postfix ".tgz". |
||||||
|
|
||||||
|
If '-' is given as argument, an rpm stream is read from standard in and |
||||||
|
written to standard out. |
||||||
|
@@ -16,6 +16,16 @@ containing files greater than 4GB which are not supported by cpio. Unless |
||||||
|
\fBrpm2cpio\fP \fBrpm2archive\fP needs a working rpm installation which limits |
||||||
|
its usefulness for some disaster recovery scenarios. |
||||||
|
|
||||||
|
+.SH "OPTIONS" |
||||||
|
+.TP |
||||||
|
+\fB\-n, --nocompression\fR |
||||||
|
+Generate uncompressed tar archive and use ".tar" as postfix of the |
||||||
|
+file name. |
||||||
|
+.PP |
||||||
|
+ |
||||||
|
+.SH EXAMPLES |
||||||
|
+.PP |
||||||
|
+ |
||||||
|
.br |
||||||
|
.I "\fBrpm2archive glint-1.0-1.i386.rpm ; tar -xvz glint-1.0-1.i386.rpm.tgz\fP" |
||||||
|
.br |
||||||
|
diff --git a/rpm2archive.c b/rpm2archive.c |
||||||
|
index d96db006ea..cb39c7a712 100644 |
||||||
|
--- a/rpm2archive.c |
||||||
|
+++ b/rpm2archive.c |
||||||
|
@@ -10,6 +10,8 @@ |
||||||
|
|
||||||
|
#include <rpm/rpmts.h> |
||||||
|
|
||||||
|
+#include <popt.h> |
||||||
|
+ |
||||||
|
#include <archive.h> |
||||||
|
#include <archive_entry.h> |
||||||
|
#include <unistd.h> |
||||||
|
@@ -18,6 +20,16 @@ |
||||||
|
|
||||||
|
#define BUFSIZE (128*1024) |
||||||
|
|
||||||
|
+int compress = 1; |
||||||
|
+ |
||||||
|
+static struct poptOption optionsTable[] = { |
||||||
|
+ { "nocompression", 'n', POPT_ARG_VAL, &compress, 0, |
||||||
|
+ N_("create uncompressed tar file"), |
||||||
|
+ NULL }, |
||||||
|
+ POPT_AUTOHELP |
||||||
|
+ POPT_TABLEEND |
||||||
|
+}; |
||||||
|
+ |
||||||
|
static void fill_archive_entry(struct archive * a, struct archive_entry * entry, rpmfi fi) |
||||||
|
{ |
||||||
|
archive_entry_clear(entry); |
||||||
|
@@ -60,7 +72,7 @@ static void write_file_content(struct archive * a, char * buf, rpmfi fi) |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
-static int process_package(rpmts ts, char * filename) |
||||||
|
+static int process_package(rpmts ts, const char * filename) |
||||||
|
{ |
||||||
|
FD_t fdi; |
||||||
|
FD_t gzdi; |
||||||
|
@@ -119,9 +131,11 @@ static int process_package(rpmts ts, char * filename) |
||||||
|
|
||||||
|
/* create archive */ |
||||||
|
a = archive_write_new(); |
||||||
|
- if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) { |
||||||
|
- fprintf(stderr, "Error: Could not create gzip output filter\n"); |
||||||
|
- exit(EXIT_FAILURE); |
||||||
|
+ if (compress) { |
||||||
|
+ if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) { |
||||||
|
+ fprintf(stderr, "%s\n", archive_error_string(a)); |
||||||
|
+ exit(EXIT_FAILURE); |
||||||
|
+ } |
||||||
|
} |
||||||
|
if (archive_write_set_format_pax_restricted(a) != ARCHIVE_OK) { |
||||||
|
fprintf(stderr, "Error: Format pax restricted is not supported\n"); |
||||||
|
@@ -142,7 +156,12 @@ static int process_package(rpmts ts, char * filename) |
||||||
|
} |
||||||
|
archive_write_open_fd(a, STDOUT_FILENO); |
||||||
|
} else { |
||||||
|
- char * outname = rstrscat(NULL, filename, ".tgz", NULL); |
||||||
|
+ char * outname = rstrscat(NULL, filename, NULL); |
||||||
|
+ if (compress) { |
||||||
|
+ outname = rstrscat(&outname, ".tgz", NULL); |
||||||
|
+ } else { |
||||||
|
+ outname = rstrscat(&outname, ".tar", NULL); |
||||||
|
+ } |
||||||
|
if (archive_write_open_filename(a, outname) != ARCHIVE_OK) { |
||||||
|
fprintf(stderr, "Error: Can't open output file: %s\n", outname); |
||||||
|
exit(EXIT_FAILURE); |
||||||
|
@@ -203,21 +222,22 @@ static int process_package(rpmts ts, char * filename) |
||||||
|
return rc; |
||||||
|
} |
||||||
|
|
||||||
|
-int main(int argc, char *argv[]) |
||||||
|
+int main(int argc, const char *argv[]) |
||||||
|
{ |
||||||
|
- int rc = 0, i; |
||||||
|
+ int rc = 0; |
||||||
|
+ poptContext optCon; |
||||||
|
+ const char *fn; |
||||||
|
|
||||||
|
xsetprogname(argv[0]); /* Portability call -- see system.h */ |
||||||
|
rpmReadConfigFiles(NULL, NULL); |
||||||
|
|
||||||
|
- if (argc > 1 && (rstreq(argv[1], "-h") || rstreq(argv[1], "--help"))) { |
||||||
|
- fprintf(stderr, "Usage: %s [file.rpm ...]\n", argv[0]); |
||||||
|
+ optCon = poptGetContext(NULL, argc, argv, optionsTable, 0); |
||||||
|
+ poptSetOtherOptionHelp(optCon, "[OPTIONS]* <FILES>"); |
||||||
|
+ if (argc < 2 || poptGetNextOpt(optCon) == 0) { |
||||||
|
+ poptPrintUsage(optCon, stderr, 0); |
||||||
|
exit(EXIT_FAILURE); |
||||||
|
} |
||||||
|
|
||||||
|
- if (argc == 1) |
||||||
|
- argv[argc++] = "-"; /* abuse NULL pointer at the end of argv */ |
||||||
|
- |
||||||
|
rpmts ts = rpmtsCreate(); |
||||||
|
rpmVSFlags vsflags = 0; |
||||||
|
|
||||||
|
@@ -227,13 +247,21 @@ int main(int argc, char *argv[]) |
||||||
|
vsflags |= RPMVSF_NOHDRCHK; |
||||||
|
(void) rpmtsSetVSFlags(ts, vsflags); |
||||||
|
|
||||||
|
- for (i = 1; i < argc; i++) { |
||||||
|
+ /* if no file name is given use stdin/stdout */ |
||||||
|
+ if (!poptPeekArg(optCon)) { |
||||||
|
+ rc = process_package(ts, "-"); |
||||||
|
+ if (rc != 0) |
||||||
|
+ goto exit; |
||||||
|
+ } |
||||||
|
|
||||||
|
- rc = process_package(ts, argv[i]); |
||||||
|
+ while ((fn = poptGetArg(optCon)) != NULL) { |
||||||
|
+ rc = process_package(ts, fn); |
||||||
|
if (rc != 0) |
||||||
|
- return rc; |
||||||
|
+ goto exit; |
||||||
|
} |
||||||
|
|
||||||
|
+ exit: |
||||||
|
+ poptFreeContext(optCon); |
||||||
|
(void) rpmtsFree(ts); |
||||||
|
return rc; |
||||||
|
} |
@ -0,0 +1,78 @@ |
|||||||
|
From 96888e99c5103d9dea5230c917b946732de2d302 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Panu Matilainen <pmatilai@redhat.com> |
||||||
|
Date: Thu, 22 Sep 2022 11:54:47 +0300 |
||||||
|
Subject: [PATCH] Add a handler for libselinux log messages (RhBug:2123719, |
||||||
|
RhBug:2050774) |
||||||
|
|
||||||
|
libselinux logs to stderr by default, which up to now has been just fine |
||||||
|
with us. However somewhere around libselinux 3.2 it begun issuing |
||||||
|
log messages for events discovered in selinux_status_updated(). |
||||||
|
We only call that to see whether the status *was* updated behind our |
||||||
|
back and are not interested in these audit-style messages for our |
||||||
|
functionality, but to suppress them while preserving actually relevant |
||||||
|
errors and warnings, we need to have a log callback of our own. Might as |
||||||
|
well forward them to rpmlog then. |
||||||
|
|
||||||
|
SELINUX_ERROR and SELINUX_WARNING are pretty obvious, of SELINUX_AVC |
||||||
|
selinux_set_callback(3) says it should be treated as SELINUX_ERROR if |
||||||
|
not audited. The rest we suppress to debug messages, they may be handy |
||||||
|
for diagnostics some day. |
||||||
|
|
||||||
|
Note that this intentionally avoids explicit SELINUX_POLICYLOAD and |
||||||
|
SELINUX_SETENFORCE cases in the switch: we don't want to introduce |
||||||
|
libselinux >= 3.2 dependency just because of this silly thing. |
||||||
|
--- |
||||||
|
plugins/selinux.c | 30 ++++++++++++++++++++++++++++++ |
||||||
|
1 file changed, 30 insertions(+) |
||||||
|
|
||||||
|
diff --git a/plugins/selinux.c b/plugins/selinux.c |
||||||
|
index 747f62d05..0f10331f0 100644 |
||||||
|
--- a/plugins/selinux.c |
||||||
|
+++ b/plugins/selinux.c |
||||||
|
@@ -18,6 +18,35 @@ static inline rpmlogLvl loglvl(int iserror) |
||||||
|
return iserror ? RPMLOG_ERR : RPMLOG_DEBUG; |
||||||
|
} |
||||||
|
|
||||||
|
+static int logcb(int type, const char *fmt, ...) |
||||||
|
+{ |
||||||
|
+ char *buf = NULL; |
||||||
|
+ va_list ap; |
||||||
|
+ int lvl; |
||||||
|
+ |
||||||
|
+ switch (type) { |
||||||
|
+ case SELINUX_ERROR: |
||||||
|
+ case SELINUX_AVC: |
||||||
|
+ lvl = RPMLOG_ERR; |
||||||
|
+ break; |
||||||
|
+ case SELINUX_WARNING: |
||||||
|
+ lvl = RPMLOG_WARNING; |
||||||
|
+ break; |
||||||
|
+ default: |
||||||
|
+ lvl = RPMLOG_DEBUG; |
||||||
|
+ break; |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ va_start(ap, fmt); |
||||||
|
+ rvasprintf(&buf, fmt, ap); |
||||||
|
+ va_end(ap); |
||||||
|
+ |
||||||
|
+ rpmlog(lvl, "libselinux: type %d: %s", type, buf); |
||||||
|
+ free(buf); |
||||||
|
+ |
||||||
|
+ return 0; |
||||||
|
+} |
||||||
|
+ |
||||||
|
static void sehandle_fini(int close_status) |
||||||
|
{ |
||||||
|
if (sehandle) { |
||||||
|
@@ -44,6 +73,7 @@ static rpmRC sehandle_init(int open_status) |
||||||
|
if (selinux_status_open(0) < 0) { |
||||||
|
return RPMRC_FAIL; |
||||||
|
} |
||||||
|
+ selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) &logcb); |
||||||
|
} else if (!selinux_status_updated() && sehandle) { |
||||||
|
return RPMRC_OK; |
||||||
|
} |
||||||
|
-- |
||||||
|
2.38.1 |
||||||
|
|
Loading…
Reference in new issue