Compare commits
10 Commits
c759e509c5
...
ecb2c1511c
Author | SHA1 | Date |
---|---|---|
Jan Friesse | ecb2c1511c | |
Jan Friesse | 490ddeb716 | |
Jan Friesse | 1dadf64b03 | |
Jan Friesse | 21f807019c | |
Mohan Boddu | dce9f30854 | |
Jan Friesse | 8ec84547f5 | |
Jan Friesse | a14b4bc843 | |
Mohan Boddu | 6caac2fdf3 | |
DistroBaker | 23db529e91 | |
DistroBaker | 59eb6930e1 |
|
@ -0,0 +1 @@
|
||||||
|
1fe5851af81995b4187b6c24ffbb9e8edead7060 booth-1.0-283-9d4029a.tar.gz
|
|
@ -9,6 +9,9 @@ addFilter(r'booth-core\.[^:]+: (E|W): non-standard-dir-perm /var/lib/booth/cores
|
||||||
# booth is just metapackage
|
# booth is just metapackage
|
||||||
addFilter(r'booth\.[^:]+: (W|E): no-binary')
|
addFilter(r'booth\.[^:]+: (W|E): no-binary')
|
||||||
|
|
||||||
|
# pc should be in devel but it is not really devel file
|
||||||
|
addFilter(r'booth\.[^:]+: W: devel-file-in-non-devel-package /usr/share/pkgconfig/booth.pc')
|
||||||
|
|
||||||
# booth-(site|test) installs just scripts in /usr/lib
|
# booth-(site|test) installs just scripts in /usr/lib
|
||||||
addFilter(r'booth-(site|test)\.[^:]+: (W|E): only-non-binary-in-usr-lib')
|
addFilter(r'booth-(site|test)\.[^:]+: (W|E): only-non-binary-in-usr-lib')
|
||||||
|
|
||||||
|
|
70
booth.spec
70
booth.spec
|
@ -22,15 +22,16 @@
|
||||||
%bcond_with html_man
|
%bcond_with html_man
|
||||||
%bcond_with glue
|
%bcond_with glue
|
||||||
%bcond_with run_build_tests
|
%bcond_with run_build_tests
|
||||||
|
%bcond_with include_unit_test
|
||||||
|
|
||||||
# set following to the result of `git describe --abbrev=128 $commit`
|
# set following to the result of `git describe --abbrev=128 $commit`
|
||||||
# This will be used to fill booth_ver, booth_numcomm and booth_sha1.
|
# This will be used to fill booth_ver, booth_numcomm and booth_sha1.
|
||||||
# It is important to keep abbrev to get full length sha1! When updating source use
|
# It is important to keep abbrev to get full length sha1! When updating source use
|
||||||
# `spectool -g booth.spec` to download source.
|
# `spectool -g booth.spec` to download source.
|
||||||
%global git_describe_str v1.0-237-gdd88847c8e7c55f18ace774cf70545aa137bd296
|
%global git_describe_str v1.0-283-g9d4029aa14323a7f3b496215d25e40bd14f33632
|
||||||
|
|
||||||
# Set this to 1 when rebasing (changing git_describe_str) and increase otherwise
|
# Set this to 1 when rebasing (changing git_describe_str) and increase otherwise
|
||||||
%global release 2
|
%global release 1
|
||||||
|
|
||||||
# Run shell script to parse git_describe str into version, numcomm and sha1 hash
|
# Run shell script to parse git_describe str into version, numcomm and sha1 hash
|
||||||
%global booth_ver %(s=%{git_describe_str}; vver=${s%%%%-*}; echo ${vver:1})
|
%global booth_ver %(s=%{git_describe_str}; vver=${s%%%%-*}; echo ${vver:1})
|
||||||
|
@ -61,6 +62,7 @@ Summary: Ticket Manager for Multi-site Clusters
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Url: https://github.com/%{github_owner}/%{name}
|
Url: https://github.com/%{github_owner}/%{name}
|
||||||
Source0: https://github.com/%{github_owner}/%{name}/archive/%{booth_short_sha1}/%{booth_archive_name}.tar.gz
|
Source0: https://github.com/%{github_owner}/%{name}/archive/%{booth_short_sha1}/%{booth_archive_name}.tar.gz
|
||||||
|
Patch0: rhel-specific-0001-config-Add-enable-authfile-option.patch
|
||||||
|
|
||||||
# direct build process dependencies
|
# direct build process dependencies
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
|
@ -107,7 +109,9 @@ BuildRequires: perl-interpreter iproute
|
||||||
Requires: %{name}-core%{?_isa}
|
Requires: %{name}-core%{?_isa}
|
||||||
Requires: %{name}-site
|
Requires: %{name}-site
|
||||||
%files
|
%files
|
||||||
# intentionally empty
|
%license COPYING
|
||||||
|
%dir %{_datadir}/pkgconfig
|
||||||
|
%{_datadir}/pkgconfig/booth.pc
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Booth manages tickets which authorize cluster sites located
|
Booth manages tickets which authorize cluster sites located
|
||||||
|
@ -141,13 +145,13 @@ Support for running Booth, ticket manager for multi-site clusters,
|
||||||
as an arbitrator.
|
as an arbitrator.
|
||||||
|
|
||||||
%post arbitrator
|
%post arbitrator
|
||||||
%systemd_post booth@.service booth-arbitrator.service
|
%systemd_post booth-arbitrator.service
|
||||||
|
|
||||||
%preun arbitrator
|
%preun arbitrator
|
||||||
%systemd_preun booth@.service booth-arbitrator.service
|
%systemd_preun booth-arbitrator.service
|
||||||
|
|
||||||
%postun arbitrator
|
%postun arbitrator
|
||||||
%systemd_postun_with_restart booth@.service booth-arbitrator.service
|
%systemd_postun_with_restart booth-arbitrator.service
|
||||||
|
|
||||||
%package site
|
%package site
|
||||||
Summary: Booth support for running as a full-fledged site
|
Summary: Booth support for running as a full-fledged site
|
||||||
|
@ -177,7 +181,9 @@ Requires: %{name}-arbitrator = %{version}-%{release}
|
||||||
Requires: %{name}-site = %{version}-%{release}
|
Requires: %{name}-site = %{version}-%{release}
|
||||||
Requires: gdb
|
Requires: gdb
|
||||||
Requires: %{__python3}
|
Requires: %{__python3}
|
||||||
|
%if 0%{?with_include_unit_test}
|
||||||
Requires: python3-pexpect
|
Requires: python3-pexpect
|
||||||
|
%endif
|
||||||
# runtests.py suite (for perl and ss)
|
# runtests.py suite (for perl and ss)
|
||||||
Requires: perl-interpreter iproute
|
Requires: perl-interpreter iproute
|
||||||
|
|
||||||
|
@ -218,7 +224,11 @@ rm -rf %{buildroot}/%{_pkgdocdir}/COPYING
|
||||||
mkdir -p %{buildroot}/%{test_path}
|
mkdir -p %{buildroot}/%{test_path}
|
||||||
# Copy tests from tarball
|
# Copy tests from tarball
|
||||||
cp -a -t %{buildroot}/%{test_path} \
|
cp -a -t %{buildroot}/%{test_path} \
|
||||||
-- conf test unit-tests script/unit-test.py
|
-- conf test
|
||||||
|
%if 0%{?with_include_unit_test}
|
||||||
|
cp -a -t %{buildroot}/%{test_path} \
|
||||||
|
-- unit-tests script/unit-test.py
|
||||||
|
%endif
|
||||||
chmod +x %{buildroot}/%{test_path}/test/booth_path
|
chmod +x %{buildroot}/%{test_path}/test/booth_path
|
||||||
chmod +x %{buildroot}/%{test_path}/test/live_test.sh
|
chmod +x %{buildroot}/%{test_path}/test/live_test.sh
|
||||||
mkdir -p %{buildroot}/%{test_path}/src
|
mkdir -p %{buildroot}/%{test_path}/src
|
||||||
|
@ -301,6 +311,52 @@ VERBOSE=1 make check
|
||||||
%{_usr}/lib/ocf/resource.d/booth/sharedrsc
|
%{_usr}/lib/ocf/resource.d/booth/sharedrsc
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 21 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-283.1.9d4029a.git
|
||||||
|
- Resolves: rhbz#2135866
|
||||||
|
|
||||||
|
- Update to current snapshot (commit 9d4029a) (rhbz#2135866)
|
||||||
|
|
||||||
|
* Tue Oct 25 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-251.5.bfb2f92.git
|
||||||
|
- Resolves: rhbz#2133833
|
||||||
|
|
||||||
|
- unit file: Remove Alias directive
|
||||||
|
|
||||||
|
* Tue Aug 09 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-251.4.bfb2f92.git
|
||||||
|
- Related: rhbz#2111669
|
||||||
|
|
||||||
|
- Remove template unit from systemd_(post|preun|postun_with_restart) macro
|
||||||
|
|
||||||
|
* Wed Aug 03 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-251.3.bfb2f92.git
|
||||||
|
- Resolves: rhbz#2111669
|
||||||
|
|
||||||
|
- Fix authfile directive handling in booth config file
|
||||||
|
(fixes CVE-2022-2553)
|
||||||
|
- Add enable-authfile option
|
||||||
|
|
||||||
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0-251.2.bfb2f92.git
|
||||||
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
|
Related: rhbz#1991688
|
||||||
|
|
||||||
|
* Thu May 20 2021 Jan Friesse <jfriesse@redhat.com> - 1.0-251.1.bfb2f92.git
|
||||||
|
- Related: rhbz#1961216
|
||||||
|
|
||||||
|
- Rebase to newest upstream snapshot
|
||||||
|
|
||||||
|
* Tue May 18 2021 Jan Friesse <jfriesse@redhat.com> - 1.0-249.1.977726e.git
|
||||||
|
- Resolves: rhbz#1961216
|
||||||
|
|
||||||
|
- Do not include unit-test by default
|
||||||
|
- Rebase to newest upstream snapshot
|
||||||
|
|
||||||
|
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.0-239.3.52ec255.git
|
||||||
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-239.2.52ec255.git
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Nov 23 2020 Jan Friesse <jfriesse@redhat.com> - 1.0-239.1.52ec255.git
|
||||||
|
- Rebase to newest upstream snapshot
|
||||||
|
|
||||||
* Thu Oct 15 2020 Jan Friesse <jfriesse@redhat.com> - 1.0-237.2.dd88847.git
|
* Thu Oct 15 2020 Jan Friesse <jfriesse@redhat.com> - 1.0-237.2.dd88847.git
|
||||||
- Fix dist macro
|
- Fix dist macro
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,106 @@
|
||||||
|
From 87c8545816cca03d19c2f3ef54031940f7e19d50 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jan Friesse <jfriesse@redhat.com>
|
||||||
|
Date: Fri, 18 Nov 2022 11:57:46 +0100
|
||||||
|
Subject: [PATCH] config: Add enable-authfile option
|
||||||
|
|
||||||
|
This option enables (or disables) usage of authfile. Can be 'yes' or 'no'.
|
||||||
|
Default is 'no'.
|
||||||
|
|
||||||
|
Booth usage of authfile was broken for long time (since commit
|
||||||
|
da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c).
|
||||||
|
|
||||||
|
Pcs was adding authfile by default, but it was not used. Once booth bug
|
||||||
|
was fixed problem appears because mixed clusters (with fixed version and
|
||||||
|
without fixed one) stops working.
|
||||||
|
|
||||||
|
This non-upstream option is added and used to allow use of
|
||||||
|
authfile without breaking compatibility for clusters
|
||||||
|
consisting of mixed versions (usually happens before all nodes are
|
||||||
|
updated) of booth (user have to explicitly
|
||||||
|
enable usage of authfile).
|
||||||
|
|
||||||
|
This patch is transitional and will be removed in future major version of
|
||||||
|
distribution.
|
||||||
|
|
||||||
|
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
|
||||||
|
---
|
||||||
|
docs/boothd.8.txt | 7 +++++++
|
||||||
|
src/config.c | 17 +++++++++++++++++
|
||||||
|
src/config.h | 1 +
|
||||||
|
src/main.c | 2 +-
|
||||||
|
4 files changed, 26 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt
|
||||||
|
index 0f3d2c1..c7a8413 100644
|
||||||
|
--- a/docs/boothd.8.txt
|
||||||
|
+++ b/docs/boothd.8.txt
|
||||||
|
@@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports.
|
||||||
|
parameter to a higher value. The time skew test is performed
|
||||||
|
only in concert with authentication.
|
||||||
|
|
||||||
|
+'enable-authfile'::
|
||||||
|
+ Enables (or disables) usage of authfile. Can be 'yes' or 'no'.
|
||||||
|
+ Default is 'no'.
|
||||||
|
+ This is non-upstream option used to allow use of authfile without
|
||||||
|
+ breaking compatibility for clusters consisting of mixed
|
||||||
|
+ versions of booth.
|
||||||
|
+
|
||||||
|
'debug'::
|
||||||
|
Specifies the debug output level. Alternative to
|
||||||
|
command line argument. Effective only for 'daemon'
|
||||||
|
diff --git a/src/config.c b/src/config.c
|
||||||
|
index f0ca4aa..e1f25f0 100644
|
||||||
|
--- a/src/config.c
|
||||||
|
+++ b/src/config.c
|
||||||
|
@@ -732,6 +732,23 @@ no_value:
|
||||||
|
booth_conf->maxtimeskew = atoi(val);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ if (strcmp(key, "enable-authfile") == 0) {
|
||||||
|
+ if (strcasecmp(val, "yes") == 0 ||
|
||||||
|
+ strcasecmp(val, "on") == 0 ||
|
||||||
|
+ strcasecmp(val, "1") == 0) {
|
||||||
|
+ booth_conf->enable_authfile = 1;
|
||||||
|
+ } else if (strcasecmp(val, "no") == 0 ||
|
||||||
|
+ strcasecmp(val, "off") == 0 ||
|
||||||
|
+ strcasecmp(val, "0") == 0) {
|
||||||
|
+ booth_conf->enable_authfile = 0;
|
||||||
|
+ } else {
|
||||||
|
+ error = "Expected yes/no value for enable-authfile";
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (strcmp(key, "site") == 0) {
|
||||||
|
diff --git a/src/config.h b/src/config.h
|
||||||
|
index bca73bc..da1e917 100644
|
||||||
|
--- a/src/config.h
|
||||||
|
+++ b/src/config.h
|
||||||
|
@@ -297,6 +297,7 @@ struct booth_config {
|
||||||
|
struct stat authstat;
|
||||||
|
char authkey[BOOTH_MAX_KEY_LEN];
|
||||||
|
int authkey_len;
|
||||||
|
+ int enable_authfile;
|
||||||
|
/** Maximum time skew between peers allowed */
|
||||||
|
int maxtimeskew;
|
||||||
|
|
||||||
|
diff --git a/src/main.c b/src/main.c
|
||||||
|
index b4a174f..0fdb295 100644
|
||||||
|
--- a/src/main.c
|
||||||
|
+++ b/src/main.c
|
||||||
|
@@ -364,7 +364,7 @@ static int setup_config(int type)
|
||||||
|
if (rv < 0)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
- if (booth_conf->authfile[0] != '\0') {
|
||||||
|
+ if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) {
|
||||||
|
rv = read_authkey();
|
||||||
|
if (rv < 0)
|
||||||
|
goto out;
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
SHA512 (booth-1.0-237-dd88847.tar.gz) = 889e67b3ce0d35800030f289eb9bca6d282ed75ab4def44910e35a1aa7b1bd9b1ccc65347222206542e1f7f49814a84e22e46dc004a0b19634a91954b0f89f88
|
SHA512 (booth-1.0-283-9d4029a.tar.gz) = 628a3e1e128d0fdcd4600d8d4b46220363575bda83c85cd43bfe940a2a29a9176490342261354138f8d4c593b611cf0282653c1e4b3d4b4841d99ef31ba45ada
|
||||||
|
|
Loading…
Reference in New Issue