From 062bda256766de6d0d7428fd8f4ea33e945af767 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 2 Sep 2024 13:09:58 +0100 Subject: [PATCH] Rebase to Fedora Rawhide Remove patches which are upstream resolves: RHEL-56802 --- ...y-add-new-directives-and-options-745.patch | 109 ------- ...-Allow-comma-after-the-last-option-8.patch | 7 +- ...ump-parse-auto_reset_crashkernel-754.patch | 276 ------------------ ...manage-Fix-parsing-of-ignoredirs-758.patch | 148 ---------- ...or-letter-types-allow-as-prefix-for-.patch | 164 ----------- ...tespace-at-the-end-of-kernel-commnd-.patch | 44 --- augeas.spec | 70 +++-- sources | 2 +- 8 files changed, 45 insertions(+), 775 deletions(-) delete mode 100644 0001-Chrony-add-new-directives-and-options-745.patch rename 0006-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch => 0001-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch (92%) delete mode 100644 0002-Kdump-parse-auto_reset_crashkernel-754.patch delete mode 100644 0003-semanage-Fix-parsing-of-ignoredirs-758.patch delete mode 100644 0004-Tmpfiles-allow-for-letter-types-allow-as-prefix-for-.patch delete mode 100644 0005-lenses-Allow-whitespace-at-the-end-of-kernel-commnd-.patch diff --git a/0001-Chrony-add-new-directives-and-options-745.patch b/0001-Chrony-add-new-directives-and-options-745.patch deleted file mode 100644 index f8baff4..0000000 --- a/0001-Chrony-add-new-directives-and-options-745.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 1a68d8afa2b23b3133a605d5fdf994139e60682f Mon Sep 17 00:00:00 2001 -From: Miroslav Lichvar -Date: Wed, 2 Mar 2022 14:54:39 +0100 -Subject: [PATCH 1/6] Chrony: add new directives and options (#745) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Support new configuration added in chrony 4.1 and 4.2. - -Co-authored-by: Raphaƫl Pinson -(cherry picked from commit 5f3a566511626c35f69961598f1f332db01ed7a1) ---- - lenses/chrony.aug | 11 ++++++++--- - lenses/tests/test_chrony.aug | 9 +++++++-- - 2 files changed, 15 insertions(+), 5 deletions(-) - -diff --git a/lenses/chrony.aug b/lenses/chrony.aug -index 91c8ed51..d1c29531 100644 ---- a/lenses/chrony.aug -+++ b/lenses/chrony.aug -@@ -57,8 +57,11 @@ module Chrony = - (************************************************************************ - * Group: Create required expressions - ************************************************************************) -+ (* Variable: hex *) -+ let hex = /[0-9a-fA-F]+/ -+ - (* Variable: number *) -- let number = integer | decimal | decimal . /[eE]/ . integer -+ let number = integer | decimal | decimal . /[eE]/ . integer | hex - - (* Variable: address_re *) - let address_re = Rx.ip | Rx.hostname -@@ -79,6 +82,8 @@ module Chrony = - Server/Peer/Pool options with values - *) - let cmd_options = "asymmetry" -+ | "certset" -+ | "extfield" - | "filter" - | "key" - | /maxdelay((dev)?ratio)?/ -@@ -96,7 +101,7 @@ module Chrony = - Server/Peer/Pool options without values - *) - let cmd_flags = "auto_offline"|"iburst"|"noselect"|"offline"|"prefer" -- |"require"|"trust"|"xleave"|"burst"|"nts" -+ |"copy"|"require"|"trust"|"xleave"|"burst"|"nts" - - (* Variable: ntp_source - Server/Peer/Pool key names -@@ -183,7 +188,7 @@ module Chrony = - | "nocerttimecheck" | "ntsdumpdir" | "ntsntpserver" - | "ntsport" | "ntsprocesses" | "ntsrefresh" | "ntsrotate" - | "ntsservercert" | "ntsserverkey" | "ntstrustedcerts" -- | "ntpsigndsocket" | "pidfile" -+ | "ntpsigndsocket" | "pidfile" | "ptpport" - | "port" | "reselectdist" | "rtcautotrim" | "rtcdevice" - | "rtcfile" | "sched_priority" | "stratumweight" | "user" - -diff --git a/lenses/tests/test_chrony.aug b/lenses/tests/test_chrony.aug -index 0c86cde7..691e63f7 100644 ---- a/lenses/tests/test_chrony.aug -+++ b/lenses/tests/test_chrony.aug -@@ -17,8 +17,8 @@ module Test_Chrony = - server ntp1.example.com - server ntp2.example.com iburst - server ntp3.example.com presend 2 --server ntp4.example.com offline polltarget 4 --server ntp5.example.com maxdelay 2 offline -+server ntp4.example.com offline polltarget 4 extfield F323 copy -+server ntp5.example.com maxdelay 2 offline certset 1 - server ntp6.example.com maxdelay 2 iburst presend 2 xleave offset 1e-4 - server ntp7.example.com iburst presend 2 offline prefer trust require - server ntp8.example.com minsamples 8 maxsamples 16 version 3 -@@ -88,6 +88,7 @@ ntsport 123 - ntsprocesses 2 - ntsrefresh 86400 - ntsrotate 86400 -+ptpport 319 - " - - test Chrony.lns get exampleconf = -@@ -110,10 +111,13 @@ ntsrotate 86400 - { "server" = "ntp4.example.com" - { "offline" } - { "polltarget" = "4" } -+ { "extfield" = "F323" } -+ { "copy" } - } - { "server" = "ntp5.example.com" - { "maxdelay" = "2" } - { "offline" } -+ { "certset" = "1" } - } - { "server" = "ntp6.example.com" - { "maxdelay" = "2" } -@@ -312,6 +316,7 @@ ntsrotate 86400 - { "ntsprocesses" = "2" } - { "ntsrefresh" = "86400" } - { "ntsrotate" = "86400" } -+ { "ptpport" = "319" } - - - (* Local Variables: *) --- -2.45.2 - diff --git a/0006-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch b/0001-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch similarity index 92% rename from 0006-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch rename to 0001-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch index 3a727f1..51a1031 100644 --- a/0006-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch +++ b/0001-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch @@ -1,8 +1,7 @@ -From ac6c3962d38c14d887fe7486330c19d477ab034d Mon Sep 17 00:00:00 2001 +From 1cba85ead1ecf582666568e2abde06b3d7830a2f Mon Sep 17 00:00:00 2001 From: Cosmin Tupangiu Date: Thu, 18 Jul 2024 13:02:20 +0200 -Subject: [PATCH 6/6] lenses/fstab.aug: Allow comma after the last option - (#838) +Subject: [PATCH] lenses/fstab.aug: Allow comma after the last option (#838) This PR adds a new lens that allows a comma after the last option: @@ -61,5 +60,5 @@ index 438f619a..4a912e59 100644 (* mode: caml *) (* End: *) -- -2.45.2 +2.43.0 diff --git a/0002-Kdump-parse-auto_reset_crashkernel-754.patch b/0002-Kdump-parse-auto_reset_crashkernel-754.patch deleted file mode 100644 index b4966fe..0000000 --- a/0002-Kdump-parse-auto_reset_crashkernel-754.patch +++ /dev/null @@ -1,276 +0,0 @@ -From 5cc865803bd62df17e732c360787fbc263a9942a Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 20 Apr 2022 10:13:06 +0200 -Subject: [PATCH 2/6] Kdump: parse "auto_reset_crashkernel" (#754) - -The "auto_reset_crashkernel" keyword was introduced in the following -kexec-tools patch set: - - [PATCH v5 00/13] crashkernel=auto: support fadump and remove - crashkernel.default - https://lists.fedoraproject.org/archives/list/kexec@lists.fedoraproject.org/thread/V5WPTRAPJR65QXSTNW6W6E7ZBAUCQNUH/#V5WPTRAPJR65QXSTNW6W6E7ZBAUCQNUH - -Related upstream commit: - - https://src.fedoraproject.org/rpms/kexec-tools/c/73ced7f451a72 - -Recognize "auto_reset_crashkernel" in "kdump.aug". Update the test case. -Also copy "kdump.conf" from kexec-tools @ 73ced7f451a72 to -"tests/root/etc/kdump.conf". - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2042772 -Signed-off-by: Laszlo Ersek -(cherry picked from commit 288a028da531a5f58d9ee89bc29fd73e7483bf24) ---- - lenses/kdump.aug | 4 + - lenses/tests/test_kdump.aug | 2 + - tests/root/etc/kdump.conf | 192 ++++++++++++++++++++++++++++++++++++ - 3 files changed, 198 insertions(+) - create mode 100644 tests/root/etc/kdump.conf - -diff --git a/lenses/kdump.aug b/lenses/kdump.aug -index ddf50ede..e50486c3 100644 ---- a/lenses/kdump.aug -+++ b/lenses/kdump.aug -@@ -25,6 +25,7 @@ let empty = Util.empty - let comment = Util.comment - let value_to_eol = store /[^ \t\n#][^\n#]*[^ \t\n#]|[^ \t\n#]/ - let int_to_eol = store Rx.integer -+let yn_to_eol = store ("yes" | "no") - let delimiter = Util.del_ws_spc - let eol = Util.eol - let value_to_spc = store Rx.neg1 -@@ -64,9 +65,12 @@ let simple_kws = "raw" | "net" | "path" | "core_collector" | "kdump_post" - let int_kws = "force_rebuild" | "override_resettable" | "debug_mem_level" - | "link_delay" | "disk_timeout" - -+let yn_kws = "auto_reset_crashkernel" -+ - let option = Build.key_value_line_comment ( simple_kws | fs_types ) - delimiter value_to_eol comment - | Build.key_value_line_comment int_kws delimiter int_to_eol comment -+ | Build.key_value_line_comment yn_kws delimiter yn_to_eol comment - | list "extra_bins" - | list "extra_modules" - | list "blacklist" -diff --git a/lenses/tests/test_kdump.aug b/lenses/tests/test_kdump.aug -index 51c79a38..ff82af05 100644 ---- a/lenses/tests/test_kdump.aug -+++ b/lenses/tests/test_kdump.aug -@@ -11,6 +11,7 @@ module Test_Kdump = - #comment after empty line - # - #comment after empty comment -+auto_reset_crashkernel yes - path /var/crash #comment after entry - core_collector makedumpfile -c - default poweroff -@@ -49,6 +50,7 @@ blacklist gfs2 - { "#comment" = "comment after empty line" } - { } - { "#comment" = "comment after empty comment" } -+ { "auto_reset_crashkernel" = "yes" } - { "path" = "/var/crash" - { "#comment" = "comment after entry" } } - { "core_collector" = "makedumpfile -c" } -diff --git a/tests/root/etc/kdump.conf b/tests/root/etc/kdump.conf -new file mode 100644 -index 00000000..d4fc78b0 ---- /dev/null -+++ b/tests/root/etc/kdump.conf -@@ -0,0 +1,192 @@ -+# This file contains a series of commands to perform (in order) in the kdump -+# kernel after a kernel crash in the crash kernel(1st kernel) has happened. -+# -+# Directives in this file are only applicable to the kdump initramfs, and have -+# no effect once the root filesystem is mounted and the normal init scripts are -+# processed. -+# -+# Currently, only one dump target and path can be specified. If the dumping to -+# the configured target fails, the failure action which can be configured via -+# the "failure_action" directive will be performed. -+# -+# Supported options: -+# -+# auto_reset_crashkernel -+# - whether to reset kernel crashkernel to new default value -+# or not when kexec-tools updates the default crashkernel value and -+# existing kernels using the old default kernel crashkernel value. -+# The default value is yes. -+# -+# raw -+# - Will dd /proc/vmcore into . -+# Use persistent device names for partition devices, -+# such as /dev/vg/. -+# -+# nfs -+# - Will mount nfs to , and copy /proc/vmcore to -+# //%HOST-%DATE/, supports DNS. -+# -+# ssh -+# - Will save /proc/vmcore to :/%HOST-%DATE/, -+# supports DNS. -+# NOTE: make sure the user has write permissions on the server. -+# -+# sshkey -+# - Will use the sshkey to do ssh dump. -+# Specify the path of the ssh key to use when dumping -+# via ssh. The default value is /root/.ssh/kdump_id_rsa. -+# -+# -+# - Will mount -t , and copy -+# /proc/vmcore to //%HOST_IP-%DATE/. -+# NOTE: can be a device node, label or uuid. -+# It's recommended to use persistent device names -+# such as /dev/vg/. -+# Otherwise it's suggested to use label or uuid. -+# -+# path -+# - "path" represents the file system path in which vmcore -+# will be saved. If a dump target is specified in -+# kdump.conf, then "path" is relative to the specified -+# dump target. -+# -+# Interpretation of "path" changes a bit if the user didn't -+# specify any dump target explicitly in kdump.conf. In this -+# case, "path" represents the absolute path from root. The -+# dump target and adjusted path are arrived at automatically -+# depending on what's mounted in the current system. -+# -+# Ignored for raw device dumps. If unset, will use the default -+# "/var/crash". -+# -+# core_collector -+# - This allows you to specify the command to copy -+# the vmcore. The default is makedumpfile, which on -+# some architectures can drastically reduce vmcore size. -+# See /sbin/makedumpfile --help for a list of options. -+# Note that the -i and -g options are not needed here, -+# as the initrd will automatically be populated with a -+# config file appropriate for the running kernel. -+# The default core_collector for raw/ssh dump is: -+# "makedumpfile -F -l --message-level 7 -d 31". -+# The default core_collector for other targets is: -+# "makedumpfile -l --message-level 7 -d 31". -+# -+# "makedumpfile -F" will create a flattened vmcore. -+# You need to use "makedumpfile -R" to rearrange the dump data to -+# a normal dumpfile readable with analysis tools. For example: -+# "makedumpfile -R vmcore < vmcore.flat". -+# -+# For core_collector format details, you can refer to -+# kexec-kdump-howto.txt or kdump.conf manpage. -+# -+# kdump_post -+# - This directive allows you to run a executable binary -+# or script after the vmcore dump process terminates. -+# The exit status of the current dump process is fed to -+# the executable binary or script as its first argument. -+# All files under /etc/kdump/post.d are collectively sorted -+# and executed in lexical order, before binary or script -+# specified kdump_post parameter is executed. -+# -+# kdump_pre -+# - Works like the "kdump_post" directive, but instead of running -+# after the dump process, runs immediately before it. -+# Exit status of this binary is interpreted as follows: -+# 0 - continue with dump process as usual -+# non 0 - run the final action (reboot/poweroff/halt) -+# All files under /etc/kdump/pre.d are collectively sorted and -+# executed in lexical order, after binary or script specified -+# kdump_pre parameter is executed. -+# Even if the binary or script in /etc/kdump/pre.d directory -+# returns non 0 exit status, the processing is continued. -+# -+# extra_bins -+# - This directive allows you to specify additional binaries or -+# shell scripts to be included in the kdump initrd. -+# Generally they are useful in conjunction with a kdump_post -+# or kdump_pre binary or script which depends on these extra_bins. -+# -+# extra_modules -+# - This directive allows you to specify extra kernel modules -+# that you want to be loaded in the kdump initrd. -+# Multiple modules can be listed, separated by spaces, and any -+# dependent modules will automatically be included. -+# -+# failure_action -+# - Action to perform in case dumping fails. -+# reboot: Reboot the system. -+# halt: Halt the system. -+# poweroff: Power down the system. -+# shell: Drop to a bash shell. -+# Exiting the shell reboots the system by default, -+# or perform "final_action". -+# dump_to_rootfs: Dump vmcore to rootfs from initramfs context and -+# reboot by default or perform "final_action". -+# Useful when non-root dump target is specified. -+# The default option is "reboot". -+# -+# default -+# - Same as the "failure_action" directive above, but this directive -+# is obsolete and will be removed in the future. -+# -+# final_action -+# - Action to perform in case dumping succeeds. Also performed -+# when "shell" or "dump_to_rootfs" failure action finishes. -+# Each action is same as the "failure_action" directive above. -+# The default is "reboot". -+# -+# force_rebuild <0 | 1> -+# - By default, kdump initrd will only be rebuilt when necessary. -+# Specify 1 to force rebuilding kdump initrd every time when kdump -+# service starts. -+# -+# force_no_rebuild <0 | 1> -+# - By default, kdump initrd will be rebuilt when necessary. -+# Specify 1 to bypass rebuilding of kdump initrd. -+# -+# force_no_rebuild and force_rebuild options are mutually -+# exclusive and they should not be set to 1 simultaneously. -+# -+# override_resettable <0 | 1> -+# - Usually an unresettable block device can't be a dump target. -+# Specifying 1 when you want to dump even though the block -+# target is unresettable -+# By default, it is 0, which will not try dumping destined to fail. -+# -+# dracut_args -+# - Pass extra dracut options when rebuilding kdump initrd. -+# -+# fence_kdump_args -+# - Command line arguments for fence_kdump_send (it can contain -+# all valid arguments except hosts to send notification to). -+# -+# fence_kdump_nodes -+# - List of cluster node(s) except localhost, separated by spaces, -+# to send fence_kdump notifications to. -+# (this option is mandatory to enable fence_kdump). -+# -+ -+#raw /dev/vg/lv_kdump -+#ext4 /dev/vg/lv_kdump -+#ext4 LABEL=/boot -+#ext4 UUID=03138356-5e61-4ab3-b58e-27507ac41937 -+#nfs my.server.com:/export/tmp -+#nfs [2001:db8::1:2:3:4]:/export/tmp -+#ssh user@my.server.com -+#ssh user@2001:db8::1:2:3:4 -+#sshkey /root/.ssh/kdump_id_rsa -+auto_reset_crashkernel yes -+path /var/crash -+core_collector makedumpfile -l --message-level 7 -d 31 -+#core_collector scp -+#kdump_post /var/crash/scripts/kdump-post.sh -+#kdump_pre /var/crash/scripts/kdump-pre.sh -+#extra_bins /usr/bin/lftp -+#extra_modules gfs2 -+#failure_action shell -+#force_rebuild 1 -+#force_no_rebuild 1 -+#dracut_args --omit-drivers "cfg80211 snd" --add-drivers "ext2 ext3" -+#fence_kdump_args -p 7410 -f auto -c 0 -i 10 -+#fence_kdump_nodes node1 node2 --- -2.45.2 - diff --git a/0003-semanage-Fix-parsing-of-ignoredirs-758.patch b/0003-semanage-Fix-parsing-of-ignoredirs-758.patch deleted file mode 100644 index d1a5108..0000000 --- a/0003-semanage-Fix-parsing-of-ignoredirs-758.patch +++ /dev/null @@ -1,148 +0,0 @@ -From 864ca7e256a3cf7236bf4d096e265672baed2fbb Mon Sep 17 00:00:00 2001 -From: rwmjones -Date: Thu, 6 Oct 2022 12:15:56 +0100 -Subject: [PATCH 3/6] semanage: Fix parsing of ignoredirs (#758) - -From /etc/selinux/semanage.conf from a RHEL 9.1 system, this line -caused problems: - - ignoredirs=/root;/bin;/boot;/dev;/etc [...] - -Parse this as a list of modified Rx.fspath, generating a tree like: - - /files/etc/selinux/semanage.conf/ignoredirs/1 = /root - /files/etc/selinux/semanage.conf/ignoredirs/2 = /bin - /files/etc/selinux/semanage.conf/ignoredirs/3 = /dev - /files/etc/selinux/semanage.conf/ignoredirs/4 = /etc - [...] - -Also this adds the RHEL 9 file as another test case and adjusts the -output of the existing test case. - -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2077120 -Signed-off-by: Richard W.M. Jones - -Signed-off-by: Richard W.M. Jones -(cherry picked from commit a3ba6e2d32b95507e2474a219e788ac3d54bc4a1) ---- - lenses/semanage.aug | 7 +++- - lenses/tests/test_semanage.aug | 4 +- - tests/root/etc/selinux/semanage.conf | 60 ++++++++++++++++++++++++++++ - tests/xpath.tests | 1 + - 4 files changed, 70 insertions(+), 2 deletions(-) - create mode 100644 tests/root/etc/selinux/semanage.conf - -diff --git a/lenses/semanage.aug b/lenses/semanage.aug -index 46f93b32..edd97131 100644 ---- a/lenses/semanage.aug -+++ b/lenses/semanage.aug -@@ -23,7 +23,12 @@ let sep = IniFile.sep "=" "=" - let empty = IniFile.empty - let eol = IniFile.eol - --let entry = IniFile.entry IniFile.entry_re sep comment -+let list_keys = "ignoredirs" -+let scl = del ";" ";" -+let fspath = /[^ \t\n;#]+/ (* Rx.fspath without ; or # *) -+ -+let entry = IniFile.entry_list list_keys sep fspath scl comment -+ | IniFile.entry (IniFile.entry_re - list_keys) sep comment - | empty - - let title = IniFile.title_label "@group" (IniFile.record_re - /^end$/) -diff --git a/lenses/tests/test_semanage.aug b/lenses/tests/test_semanage.aug -index a6ceaca0..f76b95f3 100644 ---- a/lenses/tests/test_semanage.aug -+++ b/lenses/tests/test_semanage.aug -@@ -68,7 +68,9 @@ test Semanage.lns get conf = - { "usepasswd" = "False" } - { "bzip-small" = "true" } - { "bzip-blocksize" = "5" } -- { "ignoredirs" = "/root" } -+ { "ignoredirs" -+ { "1" = "/root" } -+ } - { } - { "@group" = "sefcontext_compile" - { "path" = "/usr/sbin/sefcontext_compile" } -diff --git a/tests/root/etc/selinux/semanage.conf b/tests/root/etc/selinux/semanage.conf -new file mode 100644 -index 00000000..406f16f1 ---- /dev/null -+++ b/tests/root/etc/selinux/semanage.conf -@@ -0,0 +1,60 @@ -+# Authors: Jason Tang -+# -+# Copyright (C) 2004-2005 Tresys Technology, LLC -+# -+# This library is free software; you can redistribute it and/or -+# modify it under the terms of the GNU Lesser General Public -+# License as published by the Free Software Foundation; either -+# version 2.1 of the License, or (at your option) any later version. -+# -+# This library is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+# Lesser General Public License for more details. -+# -+# You should have received a copy of the GNU Lesser General Public -+# License along with this library; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -+# -+# Specify how libsemanage will interact with a SELinux policy manager. -+# The four options are: -+# -+# "source" - libsemanage manipulates a source SELinux policy -+# "direct" - libsemanage will write directly to a module store. -+# /foo/bar - Write by way of a policy management server, whose -+# named socket is at /foo/bar. The path must begin -+# with a '/'. -+# foo.com:4242 - Establish a TCP connection to a remote policy -+# management server at foo.com. If there is a colon -+# then the remainder is interpreted as a port number; -+# otherwise default to port 4242. -+module-store = direct -+ -+# When generating the final linked and expanded policy, by default -+# semanage will set the policy version to POLICYDB_VERSION_MAX, as -+# given in . Change this setting if a different -+# version is necessary. -+#policy-version = 19 -+ -+# expand-check check neverallow rules when executing all semanage -+# commands. There might be a penalty in execution time if this -+# option is enabled. -+expand-check=0 -+ -+# usepasswd check tells semanage to scan all pass word records for home directories -+# and setup the labeling correctly. If this is turned off, SELinux will label only /home -+# and home directories of users with SELinux login mappings defined, see -+# semanage login -l for the list of such users. -+# If you want to use a different home directory, you will need to use semanage fcontext command. -+# For example, if you had home dirs in /althome directory you would have to execute -+# semanage fcontext -a -e /home /althome -+usepasswd=False -+bzip-small=true -+bzip-blocksize=5 -+ignoredirs=/root;/bin;/boot;/dev;/etc;/lib;/lib64;/proc;/run;/sbin;/sys;/tmp;/usr;/var -+optimize-policy=true -+ -+[sefcontext_compile] -+path = /usr/sbin/sefcontext_compile -+args = -r $@ -+[end] -diff --git a/tests/xpath.tests b/tests/xpath.tests -index a7db8d83..feab7584 100644 ---- a/tests/xpath.tests -+++ b/tests/xpath.tests -@@ -109,6 +109,7 @@ test descendant-or-self /files/descendant-or-self :: 4 - /files/etc/ssh/ssh_config/Host/SendEnv[1]/4 = LC_TIME - /files/etc/ssh/ssh_config/Host/SendEnv[2]/4 = LC_TELEPHONE - /files/etc/aliases/4 -+ /files/etc/selinux/semanage.conf/ignoredirs/4 = /dev - /files/etc/fstab/4 - /files/etc/pam.d/login/4 - /files/etc/pam.d/newrole/4 --- -2.45.2 - diff --git a/0004-Tmpfiles-allow-for-letter-types-allow-as-prefix-for-.patch b/0004-Tmpfiles-allow-for-letter-types-allow-as-prefix-for-.patch deleted file mode 100644 index de3c5cf..0000000 --- a/0004-Tmpfiles-allow-for-letter-types-allow-as-prefix-for-.patch +++ /dev/null @@ -1,164 +0,0 @@ -From c696b4851f057a0340ce6d445bac22078d333a61 Mon Sep 17 00:00:00 2001 -From: Pino Toscano -Date: Fri, 24 Mar 2023 11:26:46 +0100 -Subject: [PATCH 4/6] Tmpfiles: allow '=', '~', '^' for letter types, allow ":" - as prefix for the mode - -* Tmpfiles: allow '=', '~', '^' for letter types - -Allow an equal sign, a tilde character and/or a caret for the type -specification: -- equal: strict file type enforcing -- tilde: base64-encoded content in the argument -- caret: credential name in the argument - -Fixes: #795 - -* Tmpfiles: allow ":" as prefix for the mode - -Represents a mode to be set only for new inodes. - -(cherry picked from commit 41b2a33ff02687fa53d69a012a1d47141b196a86) ---- - lenses/tests/test_tmpfiles.aug | 78 ++++++++++++++++++++++++++++++++++ - lenses/tmpfiles.aug | 9 ++-- - 2 files changed, 83 insertions(+), 4 deletions(-) - -diff --git a/lenses/tests/test_tmpfiles.aug b/lenses/tests/test_tmpfiles.aug -index 6ced069f..4bbd06a2 100644 ---- a/lenses/tests/test_tmpfiles.aug -+++ b/lenses/tests/test_tmpfiles.aug -@@ -97,6 +97,60 @@ Tree for *) - { "argument" = "-" } - } - -+ (* Variable: equal -+Example with an equal sign in the type *) -+ let equal = "d= /tmp/foo 0755 root root - -\n" -+ -+ (* Variable: equal_tree -+Tree for *) -+ let equal_tree = -+ { -+ "1" -+ { "type" = "d=" } -+ { "path" = "/tmp/foo" } -+ { "mode" = "0755" } -+ { "uid" = "root" } -+ { "gid" = "root" } -+ { "age" = "-" } -+ { "argument" = "-" } -+ } -+ -+ (* Variable: tilde -+Example with a tilde character in the type *) -+ let tilde = "w~ /tmp/foo 0755 root root - dGVzdAo=\n" -+ -+ (* Variable: tilde_tree -+Tree for *) -+ let tilde_tree = -+ { -+ "1" -+ { "type" = "w~" } -+ { "path" = "/tmp/foo" } -+ { "mode" = "0755" } -+ { "uid" = "root" } -+ { "gid" = "root" } -+ { "age" = "-" } -+ { "argument" = "dGVzdAo=" } -+ } -+ -+ (* Variable: caret -+Example with a caret in the type *) -+ let caret = "f^ /etc/motd.d/50-provision.conf - - - - login.motd\n" -+ -+ (* Variable: caret_tree -+Tree for *) -+ let caret_tree = -+ { -+ "1" -+ { "type" = "f^" } -+ { "path" = "/etc/motd.d/50-provision.conf" } -+ { "mode" = "-" } -+ { "uid" = "-" } -+ { "gid" = "-" } -+ { "age" = "-" } -+ { "argument" = "login.motd" } -+ } -+ - (* Variable: short - Example with only type and path *) - let short = "A+ /tmp/foo\n" -@@ -337,6 +391,22 @@ Tree for *) - { "mode" = "755" } - } - -+ (* Variable: mode_colon -+Mode field with colon prefix *) -+ let mode_colon = "d- /root :0700 root :root\n" -+ -+ (* Variable: mode_colon_tree -+Tree for *) -+ let mode_colon_tree = -+ { -+ "1" -+ { "type" = "d-" } -+ { "path" = "/root" } -+ { "mode" = ":0700" } -+ { "uid" = "root" } -+ { "gid" = ":root" } -+ } -+ - (************************************************************************ - * Group: INVALID EXAMPLES - *************************************************************************) -@@ -377,6 +447,12 @@ Invalid example that contain invalid mode (letter) *) - - test Tmpfiles.lns get minus = minus_tree - -+ test Tmpfiles.lns get equal = equal_tree -+ -+ test Tmpfiles.lns get tilde = tilde_tree -+ -+ test Tmpfiles.lns get caret = caret_tree -+ - test Tmpfiles.lns get short = short_tree - - test Tmpfiles.lns get short_mode = short_mode_tree -@@ -405,6 +481,8 @@ Invalid example that contain invalid mode (letter) *) - - test Tmpfiles.lns get mode3 = mode3_tree - -+ test Tmpfiles.lns get mode_colon = mode_colon_tree -+ - - (* failure cases *) - -diff --git a/lenses/tmpfiles.aug b/lenses/tmpfiles.aug -index 01b3003a..1163c84a 100644 ---- a/lenses/tmpfiles.aug -+++ b/lenses/tmpfiles.aug -@@ -50,15 +50,16 @@ Empty lines *) - - (* View: type - One letter. Some of them can have a "+" and all can have an --exclamation mark ("!") and/or minus sign ("-"). -+exclamation mark ("!"), a minus sign ("-"), an equal sign ("="), -+a tilde character ("~") and/or a caret ("^"). - - Not all letters are valid. - *) -- let type = /([fFwdDevqQpLcbCxXrRzZtThHaAm]|[fFwpLcbaA]\+)!?-?/ -+ let type = /([fFwdDevqQpLcbCxXrRzZtThHaAm]|[fFwpLcbaA]\+)[-!=~^]*/ - - (* View: mode --"-", or 3-4 bytes. Optionally starts with a "~". *) -- let mode = /(-|~?[0-7]{3,4})/ -+"-", or 3-4 bytes. Optionally starts with a "~" or a ":". *) -+ let mode = /(-|(~|:)?[0-7]{3,4})/ - - (* View: age - "-", or one of the formats seen in the manpage: 10d, 5seconds, 1y5days. --- -2.45.2 - diff --git a/0005-lenses-Allow-whitespace-at-the-end-of-kernel-commnd-.patch b/0005-lenses-Allow-whitespace-at-the-end-of-kernel-commnd-.patch deleted file mode 100644 index 13c20bf..0000000 --- a/0005-lenses-Allow-whitespace-at-the-end-of-kernel-commnd-.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 61a489a7c9f276be8bb717c4d532beebc2b64fef Mon Sep 17 00:00:00 2001 -From: rwmjones -Date: Sun, 5 Mar 2023 10:30:43 +0000 -Subject: [PATCH 5/6] lenses: Allow whitespace at the end of kernel commnd line - (#798) - -Reported-by: Yongkui Guo -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2159282 - -Signed-off-by: Richard W.M. Jones -(cherry picked from commit 801aa73db3c356378467622a7e02dea21ccf4332) ---- - lenses/cmdline.aug | 2 +- - lenses/tests/test_cmdline.aug | 1 + - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/lenses/cmdline.aug b/lenses/cmdline.aug -index b8b5176d..30e9aac7 100644 ---- a/lenses/cmdline.aug -+++ b/lenses/cmdline.aug -@@ -13,7 +13,7 @@ module Cmdline = - - let entry = [ key Rx.word . Util.del_str "=" . store Rx.no_spaces ] | [ key Rx.word ] - --let lns = (Build.opt_list entry Sep.space)? . del /\n?/ "" -+let lns = (Build.opt_list entry Sep.space)? . del /[ \t]*\n?/ "" - - let filter = incl "/etc/kernel/cmdline" - . incl "/proc/cmdline" -diff --git a/lenses/tests/test_cmdline.aug b/lenses/tests/test_cmdline.aug -index 0624a0b2..77a429d8 100644 ---- a/lenses/tests/test_cmdline.aug -+++ b/lenses/tests/test_cmdline.aug -@@ -4,6 +4,7 @@ let lns = Cmdline.lns - - test lns get "foo\nbar" = * - test lns get "foo\n" = { "foo" } -+test lns get "foo \n" = { "foo" } - test lns get "foo" = { "foo" } - test lns get "foo bar" = { "foo" } { "bar" } - test lns get "foo bar" = { "foo" } { "bar" } --- -2.45.2 - diff --git a/augeas.spec b/augeas.spec index 5254730..27e45db 100644 --- a/augeas.spec +++ b/augeas.spec @@ -1,42 +1,18 @@ Name: augeas -Version: 1.13.0 -Release: 6%{?dist} +Version: 1.14.1 +Release: 2%{?dist} Summary: A library for changing configuration files -License: LGPLv2+ +License: LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND Kazlib AND GPL-2.0-or-later AND BSD-2-Clause AND LicenseRef-Fedora-Public-Domain URL: http://augeas.net/ -# The upstream release tarballs on github don't work, see: -# https://github.com/hercules-team/augeas/pull/744 # The website release tarballs were not created for 1.13: # http://download.augeas.net/ -#Source0: https://github.com/hercules-team/augeas/archive/refs/tags/release-%{version}.tar.gz -# So I had to create a tarball myself using make dist. -Source0: %{name}-%{version}.tar.gz - -# Add new directives and options for chrony. -# Upstream commit 5f3a566511626c35f69961598f1f332db01ed7a1 -Patch1: 0001-Chrony-add-new-directives-and-options-745.patch - -# Parse auto_reset_crashkernel in kdump (RHBZ#2042772). -# Upstream commit 288a028da531a5f58d9ee89bc29fd73e7483bf24 -Patch2: 0002-Kdump-parse-auto_reset_crashkernel-754.patch - -# Fix parsing of /etc/selinux/semanage.conf in RHEL 9 (RHBZ#2077120). -# Upstream commit a3ba6e2d32b95507e2474a219e788ac3d54bc4a1 -Patch3: 0003-semanage-Fix-parsing-of-ignoredirs-758.patch - -# Fix parsing of /usr/lib/tmpfiles.d/provision.conf -# Upstream commit 41b2a33ff02687fa53d69a012a1d47141b196a86 -Patch4: 0004-Tmpfiles-allow-for-letter-types-allow-as-prefix-for-.patch - -# Fix parsing of /etc/kernel/cmdline -# Upstream commit 801aa73db3c356378467622a7e02dea21ccf4332 -Patch5: 0005-lenses-Allow-whitespace-at-the-end-of-kernel-commnd-.patch +Source0: https://github.com/hercules-team/augeas/releases/download/release-%{version}/%{name}-%{version}.tar.gz # Fix parsing of /etc/fstab # Upstream commit 5246ef07381033a9b20426370156dae9f8f97a2c -Patch6: 0006-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch +Patch: 0001-lenses-fstab.aug-Allow-comma-after-the-last-option-8.patch Provides: bundled(gnulib) @@ -45,6 +21,10 @@ BuildRequires: gcc BuildRequires: readline-devel BuildRequires: libselinux-devel BuildRequires: libxml2-devel +BuildRequires: bash-completion +%if !0%{?rhel} +BuildRequires: bash-completion-devel +%endif Requires: %{name}-libs = %{version}-%{release} @@ -88,6 +68,19 @@ The %{name}-static package contains static libraries needed to produce static builds using %{name}. +%package bash-completion +Summary: Bash tab-completion for %{name} +BuildArch: noarch +Requires: bash-completion >= 2.0 +# Don't use _isa here because it's a noarch package. This dependency +# is just to ensure that the subpackage is updated along with augeas. +Requires: %{name} = %{version}-%{release} + + +%description bash-completion +Install this package if you want intelligent bash tab-completion +for %{name}. + %prep %autosetup -p1 @@ -130,6 +123,7 @@ rm -f $RPM_BUILD_ROOT/usr/bin/dump %files %{_bindir}/augmatch %{_bindir}/augparse +%{_bindir}/augprint %{_bindir}/augtool %{_bindir}/fadot %doc %{_mandir}/man1/* @@ -153,7 +147,25 @@ rm -f $RPM_BUILD_ROOT/usr/bin/dump %{_libdir}/libaugeas.a %{_libdir}/libfa.a +%files bash-completion +%if !0%{?rhel} +%dir %{bash_completions_dir} +%{bash_completions_dir}/augmatch +%{bash_completions_dir}/augprint +%{bash_completions_dir}/augtool +%else +%dir %{_datadir}/bash-completion/completions +%{_datadir}/bash-completion/completions/augmatch +%{_datadir}/bash-completion/completions/augprint +%{_datadir}/bash-completion/completions/augtool +%endif + %changelog +* Mon Sep 02 2023 Richard W.M. Jones - 1.14.1-1 +- Rebase to Fedora Rawhide +- Remove patches which are upstream +- resolves: RHEL-56802 + * Fri Jul 19 2024 Cosmin Tupangiu - 1.13.0-5 - Fix parsing /etc/fstab by allowing comma after last option resolves: RHEL-35873 diff --git a/sources b/sources index a27eb29..0e75126 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (augeas-1.13.0.tar.gz) = e66327cfbe335fa83a8442ec1bd72f258e8e4d4a42d234ee5077ac60741e2c26bc67db39a6cc920a19e71c27247395bd145ed5288545170cd463d4cf22b2c184 +SHA512 (augeas-1.14.1.tar.gz) = fddb2e243f979e71fc09f9d45d569d6307b35485b2d885bf7bcbc032ba5617fe7ab2071a041422c3efe2dd62eda74aba41016d248c0636e947d4f1c9144375aa