From 325deb56b605e419cf8a2e7abfe0df3983928cf6 Mon Sep 17 00:00:00 2001 From: Cockpit Project Date: Thu, 10 Nov 2016 15:43:59 +0000 Subject: [PATCH] Update to 123-1 - Release a second tarball with cached javascript dependencies - Start verifying that Cockpit works on Ubuntu 16.04 - Enable and verify the network functionality on Debian - Integration tests now log core dumps for diagnosis --- .gitignore | 1 + backtrace-gdb.patch | 205 ------------------------------------- backtrace-webservice.patch | 72 ------------- cockpit.spec | 76 ++++++++------ relax-test-fs.patch | 36 ------- sources | 2 +- test-use-after-free.patch | 36 ------- 7 files changed, 48 insertions(+), 380 deletions(-) delete mode 100644 backtrace-gdb.patch delete mode 100644 backtrace-webservice.patch delete mode 100644 relax-test-fs.patch delete mode 100644 test-use-after-free.patch diff --git a/.gitignore b/.gitignore index 21a52c5..38f7f00 100644 --- a/.gitignore +++ b/.gitignore @@ -93,3 +93,4 @@ /cockpit-120.tar.xz /cockpit-121.tar.xz /cockpit-122.tar.xz +/cockpit-123.tar.xz diff --git a/backtrace-gdb.patch b/backtrace-gdb.patch deleted file mode 100644 index d1de0e3..0000000 --- a/backtrace-gdb.patch +++ /dev/null @@ -1,205 +0,0 @@ -From 8eab929c763e3a951794968f1a7d2f99a83c4f9d Mon Sep 17 00:00:00 2001 -From: Stef Walter -Date: Thu, 27 Aug 2015 09:37:10 +0200 -Subject: [PATCH 1/2] common: Produce better backtraces with gdb when possible - -Note that this may require this sysctl to be set on the system: - -/proc/sys/kernel/yama/ptrace_scope = 0 - -https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace%20Protection - -Reviewed-by: Peter ---- - .travis.yml | 2 +- - src/common/cockpittest.c | 155 ++++++++++++++++++++++++++++++++++++++++++++++- - tools/cockpit.spec | 1 + - 3 files changed, 154 insertions(+), 4 deletions(-) - -diff --git a/src/common/cockpittest.c b/src/common/cockpittest.c -index 5501681..bf20b11 100644 ---- a/src/common/cockpittest.c -+++ b/src/common/cockpittest.c -@@ -39,6 +39,10 @@ - #include - #include - -+#include -+#include -+#include -+ - /* - * HACK: We can't yet use g_test_expect_message() and friends. - * They were pretty broken until GLib 2.40 if you have any debug -@@ -466,20 +470,165 @@ _cockpit_assert_bytes_eq_msg (const char *domain, - expect, exp_len); - } - -+/* -+ * This gdb code only works if /proc/sys/kernel/yama/ptrace_scope is set to zero -+ * See: https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace%20Protection -+ */ -+ -+static gboolean stack_trace_done = FALSE; -+ -+static void -+stack_trace_sigchld (int signum) -+{ -+ stack_trace_done = TRUE; -+} -+ -+static void -+stack_trace (char **args) -+{ -+ pid_t pid; -+ int in_fd[2]; -+ int out_fd[2]; -+ fd_set fdset; -+ fd_set readset; -+ struct timeval tv; -+ int sel, idx, state; -+ char buffer[256]; -+ char c; -+ -+ stack_trace_done = FALSE; -+ signal (SIGCHLD, stack_trace_sigchld); -+ -+ if ((pipe (in_fd) == -1) || (pipe (out_fd) == -1)) -+ { -+ perror ("unable to open pipe"); -+ _exit (0); -+ } -+ -+ pid = fork (); -+ if (pid == 0) -+ { -+ /* Save stderr for printing failure below */ -+ int old_err = dup (2); -+ fcntl (old_err, F_SETFD, fcntl (old_err, F_GETFD) | FD_CLOEXEC); -+ -+ close (0); dup (in_fd[0]); /* set the stdin to the in pipe */ -+ close (1); dup (out_fd[1]); /* set the stdout to the out pipe */ -+ -+ execvp (args[0], args); /* exec gdb */ -+ -+ /* Print failure to original stderr */ -+ perror ("exec gdb failed"); -+ _exit (0); -+ } -+ else if (pid == (pid_t) -1) -+ { -+ perror ("unable to fork"); -+ _exit (0); -+ } -+ -+ FD_ZERO (&fdset); -+ FD_SET (out_fd[0], &fdset); -+ -+ write (in_fd[1], "backtrace\n", 10); -+ write (in_fd[1], "quit\n", 5); -+ -+ idx = 0; -+ state = 0; -+ -+ while (1) -+ { -+ readset = fdset; -+ tv.tv_sec = 1; -+ tv.tv_usec = 0; -+ -+ sel = select (FD_SETSIZE, &readset, NULL, NULL, &tv); -+ if (sel == -1) -+ break; -+ -+ if ((sel > 0) && (FD_ISSET (out_fd[0], &readset))) -+ { -+ if (read (out_fd[0], &c, 1)) -+ { -+ switch (state) -+ { -+ case 0: -+ if (c == '#') -+ { -+ state = 1; -+ idx = 0; -+ buffer[idx++] = c; -+ } -+ break; -+ case 1: -+ buffer[idx++] = c; -+ if ((c == '\n') || (c == '\r')) -+ { -+ buffer[idx] = 0; -+ fprintf (stderr, "%s", buffer); -+ state = 0; -+ idx = 0; -+ } -+ break; -+ default: -+ break; -+ } -+ } -+ } -+ else if (stack_trace_done) -+ break; -+ } -+ -+ close (in_fd[0]); -+ close (in_fd[1]); -+ close (out_fd[0]); -+ close (out_fd[1]); -+ _exit (0); -+} -+ -+static void -+gdb_stack_trace (void) -+{ -+ pid_t pid; -+ gchar buf[16]; -+ gchar *args[4] = { "gdb", "-p", buf, NULL }; -+ int status; -+ -+ sprintf (buf, "%u", (guint) getpid ()); -+ -+ pid = fork (); -+ if (pid == 0) -+ { -+ stack_trace (args); -+ _exit (0); -+ } -+ else if (pid == (pid_t) -1) -+ { -+ perror ("unable to fork gdb"); -+ return; -+ } -+ -+ waitpid (pid, &status, 0); -+} -+ - void - cockpit_test_signal_backtrace (int sig) - { - void *array[16]; - size_t size; - -- // get void*'s for all entries on the stack -+ signal (sig, SIG_DFL); -+ -+ /* Try to trace with gdb first */ -+ gdb_stack_trace (); -+ -+ /* In case above didn't work, print raw stack trace */ - size = backtrace (array, G_N_ELEMENTS (array)); - -- // print out all the frames to stderr -+ /* print out all the frames to stderr */ - fprintf (stderr, "Error: signal %s:\n", strsignal (sig)); - backtrace_symbols_fd (array, size, STDERR_FILENO); - -- signal (sig, SIG_DFL); - raise (sig); - } - --- -2.4.3 - diff --git a/backtrace-webservice.patch b/backtrace-webservice.patch deleted file mode 100644 index 7b9f93b..0000000 --- a/backtrace-webservice.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 1d480347c730596c23a8dcb769e6e46895862c68 Mon Sep 17 00:00:00 2001 -From: Stef Walter -Date: Thu, 27 Aug 2015 09:38:55 +0200 -Subject: [PATCH 2/2] ws: Add backtrace handler to test-webservice to debug - issues - -Closes #2633 -Reviewed-by: Peter ---- - src/common/cockpittest.c | 24 +++++++++++++++--------- - src/ws/test-webservice.c | 3 +++ - 2 files changed, 18 insertions(+), 9 deletions(-) - -diff --git a/src/common/cockpittest.c b/src/common/cockpittest.c -index bf20b11..2aeb0ad 100644 ---- a/src/common/cockpittest.c -+++ b/src/common/cockpittest.c -@@ -512,13 +512,15 @@ stack_trace (char **args) - int old_err = dup (2); - fcntl (old_err, F_SETFD, fcntl (old_err, F_GETFD) | FD_CLOEXEC); - -- close (0); dup (in_fd[0]); /* set the stdin to the in pipe */ -- close (1); dup (out_fd[1]); /* set the stdout to the out pipe */ -- -- execvp (args[0], args); /* exec gdb */ -- -- /* Print failure to original stderr */ -- perror ("exec gdb failed"); -+ if (dup2 (in_fd[0], 0) < 0 || dup2 (out_fd[1], 1) < 0) -+ { -+ perror ("dup fds failed"); -+ } -+ else -+ { -+ execvp (args[0], args); -+ perror ("exec gdb failed"); -+ } - _exit (0); - } - else if (pid == (pid_t) -1) -@@ -530,8 +532,12 @@ stack_trace (char **args) - FD_ZERO (&fdset); - FD_SET (out_fd[0], &fdset); - -- write (in_fd[1], "backtrace\n", 10); -- write (in_fd[1], "quit\n", 5); -+ if (write (in_fd[1], "backtrace\n", 10) != 10 || -+ write (in_fd[1], "quit\n", 5) != 5) -+ { -+ perror ("unable to send commands to gdb"); -+ _exit (0); -+ } - - idx = 0; - state = 0; -diff --git a/src/ws/test-webservice.c b/src/ws/test-webservice.c -index 0cb96b2..3a2dca8 100644 ---- a/src/ws/test-webservice.c -+++ b/src/ws/test-webservice.c -@@ -2028,6 +2028,9 @@ main (int argc, - */ - g_timeout_add_seconds (1, on_hack_raise_sigchld, NULL); - -+ /* Try to debug crashing during tests */ -+ signal (SIGSEGV, cockpit_test_signal_backtrace); -+ - /* We don't want to test the ping functionality in these tests */ - cockpit_ws_ping_interval = G_MAXUINT; - --- -2.4.3 - diff --git a/cockpit.spec b/cockpit.spec index 66e35bd..98b0caf 100644 --- a/cockpit.spec +++ b/cockpit.spec @@ -1,5 +1,6 @@ -%define tag 122 -%define rev 1 +# This spec file has been automatically updated +Version: 123 +Release: 1 # # This file is maintained at the following location: # https://github.com/cockpit-project/cockpit/blob/master/tools/cockpit.spec @@ -10,18 +11,16 @@ # Check first cockpit-devel@lists.fedorahosted.org # # Globals that may be defined elsewhere +# * Version 122 # * gitcommit xxxx -# * tag 0.91 # -%define rev 1 - %if %{defined gitcommit} %define extra_flags CFLAGS='-O2 -Wall -Werror -fPIC -g -DWITH_DEBUG' -%define stable_api %{gitcommit} +%define required_base %{gitcommit} %else -# The first version with a stable APIs -%define stable_api 0.114 +# earliest base that the subpackages work on +%define required_base 122 %endif %if 0%{?centos} @@ -37,11 +36,8 @@ Name: cockpit %if %{defined gitcommit} -Version: %{gitcommit} %else -Version: %{tag} %endif -Release: %{rev}%{?dist} Summary: A user interface for Linux servers License: LGPLv2+ @@ -69,6 +65,7 @@ BuildRequires: docbook-style-xsl BuildRequires: keyutils-libs-devel BuildRequires: glib-networking BuildRequires: sed +BuildRequires: git BuildRequires: glib2-devel >= 2.37.4 BuildRequires: systemd-devel @@ -158,6 +155,14 @@ The Cockpit Web Service listens on the network, and authenticates users. %prep %setup -q +# Apply patches using git +git init +git config user.email "unused@example.com" && git config user.name "Unused" +git config core.autocrlf false && git config core.safecrlf false && git config gc.auto 0 +git add -f . && git commit -a -q -m "Base" +echo "" | git am --whitespace=nowarn %{patches} +rm -rf .git + %build exec 2>&1 %configure --disable-silent-rules --with-cockpit-user=cockpit-ws --with-branding=auto --with-selinux-config-type=etc_t %{?rhel:--without-storaged-iscsi-sessions} @@ -386,8 +391,12 @@ This package contains the Cockpit shell UI assets. %package storaged Summary: Cockpit user interface for storage, using Storaged +# Lock bridge dependency due to --with-storaged-iscsi-sessions +# which uses new less stable /manifests.js request path. +%if 0%{?rhel} Requires: %{name}-bridge >= %{version}-%{release} -Requires: %{name}-shell >= %{stable_api} +%endif +Requires: %{name}-shell >= %{required_base} Requires: storaged >= 2.1.1 %if 0%{?fedora} >= 24 || 0%{?rhel} >= 8 Recommends: storaged-lvm2 >= 2.1.1 @@ -407,8 +416,8 @@ The Cockpit component for managing storage. This package uses Storaged. %package ostree Summary: Cockpit user interface for rpm-ostree -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} %if 0%{?fedora} > 0 && 0%{?fedora} < 24 Requires: rpm-ostree >= 2015.10-1 %else @@ -422,8 +431,8 @@ The Cockpit components for managing software updates for ostree based systems. %package machines Summary: Cockpit user interface for virtual machines -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} Requires: libvirt Requires: libvirt-client @@ -438,8 +447,8 @@ The Cockpit components for managing virtual machines. %package sosreport Summary: Cockpit user interface for diagnostic reports -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} Requires: sos BuildArch: noarch @@ -451,8 +460,8 @@ sosreport tool. %package subscriptions Summary: Cockpit subscription user interface package -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} Requires: subscription-manager >= 1.13 BuildArch: noarch @@ -464,8 +473,8 @@ subscription management. %package networkmanager Summary: Cockpit user interface for networking, using NetworkManager -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} Requires: NetworkManager # Optional components (only when soft deps are supported) %if 0%{?fedora} >= 24 || 0%{?rhel} >= 8 @@ -484,8 +493,8 @@ The Cockpit component for managing networking. This package uses NetworkManager %package selinux Summary: Cockpit SELinux package -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} Requires: setroubleshoot-server >= 3.3.3 BuildArch: noarch @@ -501,8 +510,8 @@ utility setroubleshoot to diagnose and resolve SELinux issues. %package docker Summary: Cockpit user interface for Docker containers -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} Requires: docker >= 1.3.0 Requires: python @@ -519,8 +528,8 @@ This package is not yet complete. %package kubernetes Summary: Cockpit user interface for Kubernetes cluster Requires: /usr/bin/kubectl -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} BuildRequires: golang-bin BuildRequires: golang-src @@ -539,8 +548,8 @@ cluster. Installed on the Kubernetes master. This package is not yet complete. %package test-assets Summary: Additional stuff for testing Cockpit -Requires: %{name}-bridge >= %{stable_api} -Requires: %{name}-shell >= %{stable_api} +Requires: %{name}-bridge >= %{required_base} +Requires: %{name}-shell >= %{required_base} Requires: openssh-clients %description test-assets @@ -553,7 +562,14 @@ pulls in some necessary packages via dependencies. %endif +# The changelog is automatically generated and merged %changelog +* Thu Nov 10 2016 Stef Walter <> - 123-1 +- Release a second tarball with cached javascript dependencies +- Start verifying that Cockpit works on Ubuntu 16.04 +- Enable and verify the network functionality on Debian +- Integration tests now log core dumps for diagnosis + * Tue Nov 01 2016 Stef Walter - 122-1 - Works with UDisks in addition to storaged - Allow logging into other systems from login page diff --git a/relax-test-fs.patch b/relax-test-fs.patch deleted file mode 100644 index 163f1bc..0000000 --- a/relax-test-fs.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 969caaa104a7567192c23bb1cd2964e3c2bf686e Mon Sep 17 00:00:00 2001 -From: Stef Walter -Date: Wed, 2 Sep 2015 12:15:40 +0200 -Subject: [PATCH] bridge: Fix test-fs to account for different glib2 behavior - -Different versions of glib2 send the GFileMonitor events in -different order, some see "created" first, others "deleted" first. - -So relax the test a bit to account for this. ---- - src/bridge/test-fs.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/src/bridge/test-fs.c b/src/bridge/test-fs.c -index 32c66c8..fe2b947 100644 ---- a/src/bridge/test-fs.c -+++ b/src/bridge/test-fs.c -@@ -664,6 +664,15 @@ test_watch_simple (TestCase *tc, - tag = cockpit_get_file_tag (tc->test_path); - - event = recv_json (tc); -+ g_assert (event != NULL); -+ -+ /* Account for different behavior by different glib2 versions */ -+ if (g_str_equal (json_object_get_string_member (event, "event"), "deleted")) -+ { -+ json_object_unref (event); -+ event = recv_json (tc); -+ } -+ - g_assert_cmpstr (json_object_get_string_member (event, "event"), ==, "created"); - g_assert_cmpstr (json_object_get_string_member (event, "path"), ==, tc->test_path); - g_assert_cmpstr (json_object_get_string_member (event, "tag"), ==, tag); --- -2.4.3 - diff --git a/sources b/sources index 3dc526a..b4e23ea 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d2b7e9e699fe07894d31c1dd73e1a0d3 cockpit-122.tar.xz +b778c33f5ff150c2a1462d2c8b53954c cockpit-123.tar.xz diff --git a/test-use-after-free.patch b/test-use-after-free.patch deleted file mode 100644 index bfbddee..0000000 --- a/test-use-after-free.patch +++ /dev/null @@ -1,36 +0,0 @@ -From fe2156eda6b42436dbfe82d1402ecfabc1c2ffd4 Mon Sep 17 00:00:00 2001 -From: Stef Walter -Date: Wed, 2 Sep 2015 13:26:16 +0200 -Subject: [PATCH] common: Hold reference during processing of messages - -This prevents use-after-free in tests, where a message triggers -the test completion. ---- - src/common/cockpitpipetransport.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/common/cockpitpipetransport.c b/src/common/cockpitpipetransport.c -index af9a8e6..743ec3f 100644 ---- a/src/common/cockpitpipetransport.c -+++ b/src/common/cockpitpipetransport.c -@@ -81,6 +81,8 @@ on_pipe_read_transport (CockpitPipe *pipe, - guint32 i, size; - gchar *data; - -+ g_object_ref (self); -+ - for (;;) - { - size = 0; -@@ -135,6 +137,8 @@ on_pipe_read_transport (CockpitPipe *pipe, - cockpit_pipe_close (pipe, "internal-error"); - } - } -+ -+ g_object_unref (self); - } - - static void --- -2.4.3 -