Compare commits
2 Commits
imports/c8
...
c8
Author | SHA1 | Date |
---|---|---|
eabdullin | bd2abd9099 | |
eabdullin | 79a532a9b3 |
|
@ -1 +0,0 @@
|
|||
f9c31cf46094c4bbf021e1872a9eb72d8a3f2136 SOURCES/dnf-4.7.0.tar.gz
|
|
@ -0,0 +1,85 @@
|
|||
From 29f4df4bf7bf7cb9099dbc7c834441ce4e75b623 Mon Sep 17 00:00:00 2001
|
||||
From: Miro Hrončok <miro@hroncok.cz>
|
||||
Date: Wed, 23 Feb 2022 13:25:12 +0100
|
||||
Subject: [PATCH] RHEL-1245: Remove /usr/bin from sys.path to avoid accidentally importing garbage
|
||||
|
||||
See https://bugzilla.redhat.com/show_bug.cgi?id=2057340
|
||||
and https://github.com/benjaminp/six/issues/359
|
||||
|
||||
dnf should never import Python modules from /usr/bin but users can
|
||||
have files in there that look like Python modules and Python will
|
||||
try to import them and fail.
|
||||
|
||||
Consider a tool that is *not* written in Python and is called "copy.pyc".
|
||||
Naturally, it resides in /usr/bin/copy.pyc and dnf fails:
|
||||
|
||||
Traceback (most recent call last):
|
||||
File "/usr/bin/dnf", line 57, in <module>
|
||||
from dnf.cli import main
|
||||
File "/usr/lib/python3.10/site-packages/dnf/__init__.py", line 30, in <module>
|
||||
import dnf.base
|
||||
File "/usr/lib/python3.10/site-packages/dnf/base.py", line 31, in <module>
|
||||
from copy import deepcopy
|
||||
ImportError: bad magic number in 'copy': b'...'
|
||||
|
||||
Similarly, a tool actually written in Python, called "copy.py"
|
||||
might as well own /usr/bin/copy.py and dnf fails as well:
|
||||
|
||||
Traceback (most recent call last):
|
||||
File "/usr/bin/dnf", line 57, in <module>
|
||||
from dnf.cli import main
|
||||
File "/usr/lib/python3.10/site-packages/dnf/__init__.py", line 30, in <module>
|
||||
import dnf.base
|
||||
File "/usr/lib/python3.10/site-packages/dnf/base.py", line 31, in <module>
|
||||
from copy import deepcopy
|
||||
ImportError: cannot import name 'deepcopy' from 'copy' (/usr/bin/copy.py)
|
||||
|
||||
Either problem can happen for a variety of names.
|
||||
We better not let that happen.
|
||||
|
||||
A more general solution that would prevent Python doing this entirely
|
||||
does not exists yet, see https://discuss.python.org/t/4235
|
||||
|
||||
Hence, proposing this to dnf, which is a critical piece of the system.
|
||||
---
|
||||
bin/dnf-automatic.in | 6 +++++-
|
||||
bin/dnf.in | 6 +++++-
|
||||
2 files changed, 10 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/bin/dnf-automatic.in b/bin/dnf-automatic.in
|
||||
index 5b06aa2..17e35a0 100755
|
||||
--- a/bin/dnf-automatic.in
|
||||
+++ b/bin/dnf-automatic.in
|
||||
@@ -23,7 +23,11 @@ import os
|
||||
import sys
|
||||
|
||||
here = sys.path[0]
|
||||
-if here != '/usr/bin':
|
||||
+if here == '/usr/bin':
|
||||
+ # we never import Python modules from /usr/bin
|
||||
+ # removing this lowers the risk of accidental imports of weird files
|
||||
+ del sys.path[0]
|
||||
+else:
|
||||
# git checkout
|
||||
dnf_toplevel = os.path.dirname(here)
|
||||
sys.path[0] = dnf_toplevel
|
||||
diff --git a/bin/dnf.in b/bin/dnf.in
|
||||
index 645d0f0..55ceb3f 100755
|
||||
--- a/bin/dnf.in
|
||||
+++ b/bin/dnf.in
|
||||
@@ -48,7 +48,11 @@ if __name__ != "__main__":
|
||||
sys.exit(1)
|
||||
|
||||
here = sys.path[0]
|
||||
-if here != '/usr/bin':
|
||||
+if here == '/usr/bin':
|
||||
+ # we never import Python modules from /usr/bin
|
||||
+ # removing this lowers the risk of accidental imports of weird files
|
||||
+ del sys.path[0]
|
||||
+else:
|
||||
# git checkout
|
||||
import os
|
||||
dnf_toplevel = os.path.dirname(here)
|
||||
--
|
||||
libgit2 1.6.4
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,53 @@
|
|||
From 8bc3b7a217de41c0a9bc52cd9cac50cde9e9ee65 Mon Sep 17 00:00:00 2001
|
||||
From: Anish Bhatt <anish.bhatt@salesforce.com>
|
||||
Date: Mon, 10 Jul 2023 10:09:17 -0700
|
||||
Subject: [PATCH] When parsing over a KVP list, do not return till the whole
|
||||
list is parsed
|
||||
|
||||
---
|
||||
dnf/repodict.py | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/dnf/repodict.py b/dnf/repodict.py
|
||||
index ffa0f8ed..82c05ac0 100644
|
||||
--- a/dnf/repodict.py
|
||||
+++ b/dnf/repodict.py
|
||||
@@ -79,8 +79,8 @@ class RepoDict(dict):
|
||||
if isinstance(value, str):
|
||||
substituted.append(
|
||||
libdnf.conf.ConfigParser.substitute(value, conf.substitutions))
|
||||
- if substituted:
|
||||
- return substituted
|
||||
+ if substituted:
|
||||
+ return substituted
|
||||
return values
|
||||
|
||||
repo = dnf.repo.Repo(repoid, conf)
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
||||
From 89c6f3633f55acd31d44a487ce76dd89c12d795c Mon Sep 17 00:00:00 2001
|
||||
From: Anish Bhatt <anish.bhatt@salesforce.com>
|
||||
Date: Mon, 10 Jul 2023 10:10:30 -0700
|
||||
Subject: [PATCH] Add to authors
|
||||
|
||||
---
|
||||
AUTHORS | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/AUTHORS b/AUTHORS
|
||||
index 0077c7ea..eb1e0121 100644
|
||||
--- a/AUTHORS
|
||||
+++ b/AUTHORS
|
||||
@@ -63,6 +63,7 @@ DNF CONTRIBUTORS
|
||||
Adam Williamson <awilliam@redhat.com>
|
||||
Albert Uchytil <auchytil@redhat.com>
|
||||
Alberto Ruiz <aruiz@redhat.com>
|
||||
+ Anish Bhatt <anish.bhatt@salesforce.com>
|
||||
Baurzhan Muftakhidinov <baurthefirst@gmail.com>
|
||||
Christopher Meng <cickumqt@gmail.com>
|
||||
Daniel Mach <dmach@redhat.com>
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
diff -aruN dnf-4.7.0/dnf/const.py.in dnf-4.7.0_alma/dnf/const.py.in
|
||||
--- dnf-4.7.0/dnf/const.py.in 2021-04-12 18:26:33.000000000 +0300
|
||||
+++ dnf-4.7.0_alma/dnf/const.py.in 2021-12-30 10:30:33.806575400 +0300
|
||||
@@ -55,4 +55,4 @@
|
||||
USER_AGENT = "dnf/%s" % VERSION
|
||||
|
||||
BUGTRACKER_COMPONENT=NAME.lower()
|
||||
-BUGTRACKER='https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=%s' % BUGTRACKER_COMPONENT
|
||||
+BUGTRACKER='https://bugs.almalinux.org/'
|
||||
diff -aruN dnf-4.7.0/doc/conf.py.in dnf-4.7.0_alma/doc/conf.py.in
|
||||
--- dnf-4.7.0/doc/conf.py.in 2021-04-12 18:26:33.000000000 +0300
|
||||
+++ dnf-4.7.0_alma/doc/conf.py.in 2021-12-30 10:34:07.810855800 +0300
|
||||
@@ -267,5 +267,5 @@
|
||||
.. _DNF: https://github.com/rpm-software-management/dnf/
|
||||
.. _hawkey: http://rpm-software-management.github.io/hawkey/
|
||||
.. _YUM: http://yum.baseurl.org/
|
||||
-.. _bugzilla: https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=dnf
|
||||
+.. _bugzilla: https://bugs.almalinux.org/
|
||||
"""
|
||||
diff -aruN dnf-4.7.0/tests/test_config.py dnf-4.7.0_alma/tests/test_config.py
|
||||
--- dnf-4.7.0/tests/test_config.py 2021-04-12 18:26:33.000000000 +0300
|
||||
+++ dnf-4.7.0_alma/tests/test_config.py 2021-12-30 10:33:24.147815500 +0300
|
||||
@@ -55,8 +55,7 @@
|
||||
def test_bugtracker(self):
|
||||
conf = Conf()
|
||||
self.assertEqual(conf.bugtracker_url,
|
||||
- "https://bugzilla.redhat.com/enter_bug.cgi" +
|
||||
- "?product=Fedora&component=dnf")
|
||||
+ "https://bugs.almalinux.org/")
|
||||
|
||||
def test_conf_from_file(self):
|
||||
conf = Conf()
|
|
@ -66,7 +66,7 @@ It supports RPMs, modules and comps groups & environments.
|
|||
|
||||
Name: dnf
|
||||
Version: 4.7.0
|
||||
Release: 19%{?dist}
|
||||
Release: 20%{?dist}.alma
|
||||
Summary: %{pkg_summary}
|
||||
# For a breakdown of the licensing, see PACKAGE-LICENSING
|
||||
License: GPLv2+
|
||||
|
@ -120,8 +120,14 @@ Patch0041: 0041-Omit-src-RPMs-from-check-update-RhBug-2151910.patch
|
|||
Patch0042: 0042-Backport-automatic-Fix-onl-detect-proxy-RhBz2022440.patch
|
||||
Patch0043: 0043-automatic-Return-an-error-when-transaction-fails-RhB.patch
|
||||
Patch0044: 0044-Document-symbols-in-dnf-history-list-output.patch
|
||||
Patch0045: 0045-RHEL-1245-Remove-usrbin-from-syspath-noimpor-garbage.patch
|
||||
Patch0046: 0046-RHEL-6393-Fix-japanese-translations.patch
|
||||
Patch0047: 0047-RHEL-11786-Fix-substitution-in-kvp-in-add_new_repo.patch
|
||||
|
||||
|
||||
#Almalinux patches
|
||||
Patch10000: almalinux_bugtracker.patch
|
||||
|
||||
BuildArch: noarch
|
||||
BuildRequires: cmake
|
||||
BuildRequires: gettext
|
||||
|
@ -420,9 +426,15 @@ popd
|
|||
%{python3_sitelib}/%{name}/automatic/
|
||||
|
||||
%changelog
|
||||
* Wed Mar 27 2024 Eduard Abdullin <eabdullin@almalinux.org> - 4.7.0-20.alma
|
||||
- AlmaLinux changes
|
||||
|
||||
* Mon Oct 16 2023 Jaroslav Rohel <jrohel@redhat.com> - 4.7.0-20
|
||||
- Remove /usr/bin from sys.path to avoid accidentally importing garbage (RHEL-1245)
|
||||
- Fix japanese translations (RHEL-6393)
|
||||
- Fix substitution in kay-value-pair list in add_new_repo (RHEL-11786)
|
||||
* Wed Jun 28 2023 Jaroslav Rohel <jrohel@redhat.com> - 4.7.0-19
|
||||
- Document symbols in `dnf history list` output (RhBug:2172067)
|
||||
|
||||
* Wed May 31 2023 Nicola Sella <nsella@redhat.com> - 4.7.0-18
|
||||
- Return an error when transaction fails (RhBug:2170093)
|
||||
|
||||
|
@ -436,7 +448,6 @@ popd
|
|||
* Thu Jan 05 2023 Nicola Sella <nsella@redhat.com> - 4.7.0-15
|
||||
- Ignore processing variable files with unsupported encoding (RhBug:2141215)
|
||||
- Better explain traceback of rpm.error with dnf
|
||||
|
||||
* Wed Nov 30 2022 Nicola Sella <nsella@redhat.com> - 4.7.0-14
|
||||
- Document changes to offline-upgrade command (RhBug:1939975,2139324)
|
||||
|
||||
|
|
Loading…
Reference in New Issue