rpms/cockpit
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 123-1

Browse Source 
- Release a second tarball with cached javascript dependencies
- Start verifying that Cockpit works on Ubuntu 16.04
- Enable and verify the network functionality on Debian
- Integration tests now log core dumps for diagnosis
This commit is contained in:
Cockpit Project 2016-11-10 15:43:59 +00:00
parent 112695ceb2
commit 325deb56b6
7 changed files with 48 additions and 380 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -93,3 +93,4 @@
/cockpit-120.tar.xz
/cockpit-121.tar.xz
/cockpit-122.tar.xz
/cockpit-123.tar.xz

205
backtrace-gdb.patch
View File

@ -1,205 +0,0 @@
From 8eab929c763e3a951794968f1a7d2f99a83c4f9d Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Thu, 27 Aug 2015 09:37:10 +0200
Subject: [PATCH 1/2] common: Produce better backtraces with gdb when possible
Note that this may require this sysctl to be set on the system:
/proc/sys/kernel/yama/ptrace_scope = 0
https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace%20Protection
Reviewed-by: Peter <petervo@redhat.com>
---
.travis.yml | 2 +-
src/common/cockpittest.c | 155 ++++++++++++++++++++++++++++++++++++++++++++++-
tools/cockpit.spec | 1 +
3 files changed, 154 insertions(+), 4 deletions(-)
diff --git a/src/common/cockpittest.c b/src/common/cockpittest.c
index 5501681..bf20b11 100644
--- a/src/common/cockpittest.c
+++ b/src/common/cockpittest.c
@@ -39,6 +39,10 @@
#include <netinet/ip6.h>
#include <ifaddrs.h>
+#include <sys/select.h>
+#include <fcntl.h>
+#include <sys/wait.h>
+
/*
* HACK: We can't yet use g_test_expect_message() and friends.
* They were pretty broken until GLib 2.40 if you have any debug
@@ -466,20 +470,165 @@ _cockpit_assert_bytes_eq_msg (const char *domain,
expect, exp_len);
}
+/*
+ * This gdb code only works if /proc/sys/kernel/yama/ptrace_scope is set to zero
+ * See: https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace%20Protection
+ */
+
+static gboolean stack_trace_done = FALSE;
+
+static void
+stack_trace_sigchld (int signum)
+{
+ stack_trace_done = TRUE;
+}
+
+static void
+stack_trace (char **args)
+{
+ pid_t pid;
+ int in_fd[2];
+ int out_fd[2];
+ fd_set fdset;
+ fd_set readset;
+ struct timeval tv;
+ int sel, idx, state;
+ char buffer[256];
+ char c;
+
+ stack_trace_done = FALSE;
+ signal (SIGCHLD, stack_trace_sigchld);
+
+ if ((pipe (in_fd) == -1) || (pipe (out_fd) == -1))
+ {
+ perror ("unable to open pipe");
+ _exit (0);
+ }
+
+ pid = fork ();
+ if (pid == 0)
+ {
+ /* Save stderr for printing failure below */
+ int old_err = dup (2);
+ fcntl (old_err, F_SETFD, fcntl (old_err, F_GETFD) | FD_CLOEXEC);
+
+ close (0); dup (in_fd[0]); /* set the stdin to the in pipe */
+ close (1); dup (out_fd[1]); /* set the stdout to the out pipe */
+
+ execvp (args[0], args); /* exec gdb */
+
+ /* Print failure to original stderr */
+ perror ("exec gdb failed");
+ _exit (0);
+ }
+ else if (pid == (pid_t) -1)
+ {
+ perror ("unable to fork");
+ _exit (0);
+ }
+
+ FD_ZERO (&fdset);
+ FD_SET (out_fd[0], &fdset);
+
+ write (in_fd[1], "backtrace\n", 10);
+ write (in_fd[1], "quit\n", 5);
+
+ idx = 0;
+ state = 0;
+
+ while (1)
+ {
+ readset = fdset;
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+
+ sel = select (FD_SETSIZE, &readset, NULL, NULL, &tv);
+ if (sel == -1)
+ break;
+
+ if ((sel > 0) && (FD_ISSET (out_fd[0], &readset)))
+ {
+ if (read (out_fd[0], &c, 1))
+ {
+ switch (state)
+ {
+ case 0:
+ if (c == '#')
+ {
+ state = 1;
+ idx = 0;
+ buffer[idx++] = c;
+ }
+ break;
+ case 1:
+ buffer[idx++] = c;
+ if ((c == '\n') || (c == '\r'))
+ {
+ buffer[idx] = 0;
+ fprintf (stderr, "%s", buffer);
+ state = 0;
+ idx = 0;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+ }
+ else if (stack_trace_done)
+ break;
+ }
+
+ close (in_fd[0]);
+ close (in_fd[1]);
+ close (out_fd[0]);
+ close (out_fd[1]);
+ _exit (0);
+}
+
+static void
+gdb_stack_trace (void)
+{
+ pid_t pid;
+ gchar buf[16];
+ gchar *args[4] = { "gdb", "-p", buf, NULL };
+ int status;
+
+ sprintf (buf, "%u", (guint) getpid ());
+
+ pid = fork ();
+ if (pid == 0)
+ {
+ stack_trace (args);
+ _exit (0);
+ }
+ else if (pid == (pid_t) -1)
+ {
+ perror ("unable to fork gdb");
+ return;
+ }
+
+ waitpid (pid, &status, 0);
+}
+
void
cockpit_test_signal_backtrace (int sig)
{
void *array[16];
size_t size;
- // get void*'s for all entries on the stack
+ signal (sig, SIG_DFL);
+
+ /* Try to trace with gdb first */
+ gdb_stack_trace ();
+
+ /* In case above didn't work, print raw stack trace */
size = backtrace (array, G_N_ELEMENTS (array));
- // print out all the frames to stderr
+ /* print out all the frames to stderr */
fprintf (stderr, "Error: signal %s:\n", strsignal (sig));
backtrace_symbols_fd (array, size, STDERR_FILENO);
- signal (sig, SIG_DFL);
raise (sig);
}
--
2.4.3

72
backtrace-webservice.patch
View File

@ -1,72 +0,0 @@
From 1d480347c730596c23a8dcb769e6e46895862c68 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Thu, 27 Aug 2015 09:38:55 +0200
Subject: [PATCH 2/2] ws: Add backtrace handler to test-webservice to debug
issues
Closes #2633
Reviewed-by: Peter <petervo@redhat.com>
---
src/common/cockpittest.c | 24 +++++++++++++++---------
src/ws/test-webservice.c | 3 +++
2 files changed, 18 insertions(+), 9 deletions(-)
diff --git a/src/common/cockpittest.c b/src/common/cockpittest.c
index bf20b11..2aeb0ad 100644
--- a/src/common/cockpittest.c
+++ b/src/common/cockpittest.c
@@ -512,13 +512,15 @@ stack_trace (char **args)
int old_err = dup (2);
fcntl (old_err, F_SETFD, fcntl (old_err, F_GETFD) | FD_CLOEXEC);
- close (0); dup (in_fd[0]); /* set the stdin to the in pipe */
- close (1); dup (out_fd[1]); /* set the stdout to the out pipe */
-
- execvp (args[0], args); /* exec gdb */
-
- /* Print failure to original stderr */
- perror ("exec gdb failed");
+ if (dup2 (in_fd[0], 0) < 0 || dup2 (out_fd[1], 1) < 0)
+ {
+ perror ("dup fds failed");
+ }
+ else
+ {
+ execvp (args[0], args);
+ perror ("exec gdb failed");
+ }
_exit (0);
}
else if (pid == (pid_t) -1)
@@ -530,8 +532,12 @@ stack_trace (char **args)
FD_ZERO (&fdset);
FD_SET (out_fd[0], &fdset);
- write (in_fd[1], "backtrace\n", 10);
- write (in_fd[1], "quit\n", 5);
+ if (write (in_fd[1], "backtrace\n", 10) != 10 ||
+ write (in_fd[1], "quit\n", 5) != 5)
+ {
+ perror ("unable to send commands to gdb");
+ _exit (0);
+ }
idx = 0;
state = 0;
diff --git a/src/ws/test-webservice.c b/src/ws/test-webservice.c
index 0cb96b2..3a2dca8 100644
--- a/src/ws/test-webservice.c
+++ b/src/ws/test-webservice.c
@@ -2028,6 +2028,9 @@ main (int argc,
*/
g_timeout_add_seconds (1, on_hack_raise_sigchld, NULL);
+ /* Try to debug crashing during tests */
+ signal (SIGSEGV, cockpit_test_signal_backtrace);
+
/* We don't want to test the ping functionality in these tests */
cockpit_ws_ping_interval = G_MAXUINT;
--
2.4.3

76
cockpit.spec
View File

@ -1,5 +1,6 @@
%define tag 122
%define rev 1
# This spec file has been automatically updated
Version: 123
Release: 1
#
# This file is maintained at the following location:
# https://github.com/cockpit-project/cockpit/blob/master/tools/cockpit.spec
@ -10,18 +11,16 @@
# Check first cockpit-devel@lists.fedorahosted.org
#
# Globals that may be defined elsewhere
# * Version 122
# * gitcommit xxxx
# * tag 0.91
#
%define rev 1
%if %{defined gitcommit}
%define extra_flags CFLAGS='-O2 -Wall -Werror -fPIC -g -DWITH_DEBUG'
%define stable_api %{gitcommit}
%define required_base %{gitcommit}
%else
# The first version with a stable APIs
%define stable_api 0.114
# earliest base that the subpackages work on
%define required_base 122
%endif
%if 0%{?centos}
@ -37,11 +36,8 @@
Name: cockpit
%if %{defined gitcommit}
Version: %{gitcommit}
%else
Version: %{tag}
%endif
Release: %{rev}%{?dist}
Summary: A user interface for Linux servers
License: LGPLv2+
@ -69,6 +65,7 @@ BuildRequires: docbook-style-xsl
BuildRequires: keyutils-libs-devel
BuildRequires: glib-networking
BuildRequires: sed
BuildRequires: git
BuildRequires: glib2-devel >= 2.37.4
BuildRequires: systemd-devel
@ -158,6 +155,14 @@ The Cockpit Web Service listens on the network, and authenticates users.
%prep
%setup -q
# Apply patches using git
git init
git config user.email "unused@example.com" && git config user.name "Unused"
git config core.autocrlf false && git config core.safecrlf false && git config gc.auto 0
git add -f . && git commit -a -q -m "Base"
echo "" | git am --whitespace=nowarn %{patches}
rm -rf .git
%build
exec 2>&1
%configure --disable-silent-rules --with-cockpit-user=cockpit-ws --with-branding=auto --with-selinux-config-type=etc_t %{?rhel:--without-storaged-iscsi-sessions}
@ -386,8 +391,12 @@ This package contains the Cockpit shell UI assets.
%package storaged
Summary: Cockpit user interface for storage, using Storaged
# Lock bridge dependency due to --with-storaged-iscsi-sessions
# which uses new less stable /manifests.js request path.
%if 0%{?rhel}
Requires: %{name}-bridge >= %{version}-%{release}
Requires: %{name}-shell >= %{stable_api}
%endif
Requires: %{name}-shell >= %{required_base}
Requires: storaged >= 2.1.1
%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
Recommends: storaged-lvm2 >= 2.1.1
@ -407,8 +416,8 @@ The Cockpit component for managing storage. This package uses Storaged.
%package ostree
Summary: Cockpit user interface for rpm-ostree
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
%if 0%{?fedora} > 0 && 0%{?fedora} < 24
Requires: rpm-ostree >= 2015.10-1
%else
@ -422,8 +431,8 @@ The Cockpit components for managing software updates for ostree based systems.
%package machines
Summary: Cockpit user interface for virtual machines
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
Requires: libvirt
Requires: libvirt-client
@ -438,8 +447,8 @@ The Cockpit components for managing virtual machines.
%package sosreport
Summary: Cockpit user interface for diagnostic reports
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
Requires: sos
BuildArch: noarch
@ -451,8 +460,8 @@ sosreport tool.
%package subscriptions
Summary: Cockpit subscription user interface package
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
Requires: subscription-manager >= 1.13
BuildArch: noarch
@ -464,8 +473,8 @@ subscription management.
%package networkmanager
Summary: Cockpit user interface for networking, using NetworkManager
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
Requires: NetworkManager
# Optional components (only when soft deps are supported)
%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
@ -484,8 +493,8 @@ The Cockpit component for managing networking. This package uses NetworkManager
%package selinux
Summary: Cockpit SELinux package
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
Requires: setroubleshoot-server >= 3.3.3
BuildArch: noarch
@ -501,8 +510,8 @@ utility setroubleshoot to diagnose and resolve SELinux issues.
%package docker
Summary: Cockpit user interface for Docker containers
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
Requires: docker >= 1.3.0
Requires: python
@ -519,8 +528,8 @@ This package is not yet complete.
%package kubernetes
Summary: Cockpit user interface for Kubernetes cluster
Requires: /usr/bin/kubectl
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
BuildRequires: golang-bin
BuildRequires: golang-src
@ -539,8 +548,8 @@ cluster. Installed on the Kubernetes master. This package is not yet complete.
%package test-assets
Summary: Additional stuff for testing Cockpit
Requires: %{name}-bridge >= %{stable_api}
Requires: %{name}-shell >= %{stable_api}
Requires: %{name}-bridge >= %{required_base}
Requires: %{name}-shell >= %{required_base}
Requires: openssh-clients
%description test-assets
@ -553,7 +562,14 @@ pulls in some necessary packages via dependencies.
%endif
# The changelog is automatically generated and merged
%changelog
* Thu Nov 10 2016 Stef Walter <<stefw@redhat.com>> - 123-1
- Release a second tarball with cached javascript dependencies
- Start verifying that Cockpit works on Ubuntu 16.04
- Enable and verify the network functionality on Debian
- Integration tests now log core dumps for diagnosis
* Tue Nov 01 2016 Stef Walter <stefw@redhat.com> - 122-1
- Works with UDisks in addition to storaged
- Allow logging into other systems from login page

36
relax-test-fs.patch
View File

@ -1,36 +0,0 @@
From 969caaa104a7567192c23bb1cd2964e3c2bf686e Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Wed, 2 Sep 2015 12:15:40 +0200
Subject: [PATCH] bridge: Fix test-fs to account for different glib2 behavior
Different versions of glib2 send the GFileMonitor events in
different order, some see "created" first, others "deleted" first.
So relax the test a bit to account for this.
---
src/bridge/test-fs.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/bridge/test-fs.c b/src/bridge/test-fs.c
index 32c66c8..fe2b947 100644
--- a/src/bridge/test-fs.c
+++ b/src/bridge/test-fs.c
@@ -664,6 +664,15 @@ test_watch_simple (TestCase *tc,
tag = cockpit_get_file_tag (tc->test_path);
event = recv_json (tc);
+ g_assert (event != NULL);
+
+ /* Account for different behavior by different glib2 versions */
+ if (g_str_equal (json_object_get_string_member (event, "event"), "deleted"))
+ {
+ json_object_unref (event);
+ event = recv_json (tc);
+ }
+
g_assert_cmpstr (json_object_get_string_member (event, "event"), ==, "created");
g_assert_cmpstr (json_object_get_string_member (event, "path"), ==, tc->test_path);
g_assert_cmpstr (json_object_get_string_member (event, "tag"), ==, tag);
--
2.4.3

2
sources
View File

@ -1 +1 @@
d2b7e9e699fe07894d31c1dd73e1a0d3 cockpit-122.tar.xz
b778c33f5ff150c2a1462d2c8b53954c cockpit-123.tar.xz

36
test-use-after-free.patch
View File

@ -1,36 +0,0 @@
From fe2156eda6b42436dbfe82d1402ecfabc1c2ffd4 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Wed, 2 Sep 2015 13:26:16 +0200
Subject: [PATCH] common: Hold reference during processing of messages
This prevents use-after-free in tests, where a message triggers
the test completion.
---
src/common/cockpitpipetransport.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/common/cockpitpipetransport.c b/src/common/cockpitpipetransport.c
index af9a8e6..743ec3f 100644
--- a/src/common/cockpitpipetransport.c
+++ b/src/common/cockpitpipetransport.c
@@ -81,6 +81,8 @@ on_pipe_read_transport (CockpitPipe *pipe,
guint32 i, size;
gchar *data;
+ g_object_ref (self);
+
for (;;)
{
size = 0;
@@ -135,6 +137,8 @@ on_pipe_read_transport (CockpitPipe *pipe,
cockpit_pipe_close (pipe, "internal-error");
}
}
+
+ g_object_unref (self);
}
static void
--
2.4.3