Rebase to 1.12.8

RHEL 8's SELinux stack doesn't have the systemd_userdbd_stream_connect() interface, and hence it was dropped. Otherwise, it leads to: flatpak.te:36:ERROR 'syntax error' at token 'systemd_userdbd_stream_connect' on line 4970: systemd_userdbd_stream_connect(flatpak_helper_t) The dependencies specified by the %systemd_requires RPM macro are not required for the %systemd_post, %systemd_postun_with_restart and %systemd_preun macros that are used [1]. Hence, %systemd_requires was dropped. The workaround to cope better with /var/lib/flatpak existing but being empty, by using 'flatpak remote-list --system' in %post, was dropped because the root cause was fixed in 1.12.7 [2]. [1] https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/ [2] https://github.com/flatpak/flatpak/issues/4111 https://github.com/flatpak/flatpak/releases/tag/1.12.7 Resolves: RHEL-4220
2023-11-06 17:50:31 +01:00 · 2023-11-06 17:50:31 +01:00 · b231e9912a
commit b231e9912a
parent c37b0b1b4d
5 changed files with 82 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
 SOURCES/flatpak-1.10.7.tar.xz
 /flatpak-1.10.7.tar.xz
 /flatpak-1.10.8.tar.xz
+/flatpak-1.12.8.tar.xz
--- a/flatpak-Revert-selinux-Permit-using-systemd-userdbd.patch
+++ b/flatpak-Revert-selinux-Permit-using-systemd-userdbd.patch
@ -0,0 +1,28 @@
+From 1c73110795b865246ce3595042dcd2d5e7891359 Mon Sep 17 00:00:00 2001
+From: Debarshi Ray <debarshir@gnome.org>
+Date: Mon, 6 Nov 2023 20:27:16 +0100
+Subject: [PATCH] Revert "selinux: Permit using systemd-userdbd"
+
+This reverts commit 399710ada185c1ee232bc3e6266a71688eb152b7.
+---
+ selinux/flatpak.te | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/selinux/flatpak.te b/selinux/flatpak.te
+index bb3d80e316eb..4cf895c44abe 100644
+--- a/selinux/flatpak.te
+++ b/selinux/flatpak.te
+@@ -33,10 +33,6 @@ optional_policy(`
+    policykit_dbus_chat(flatpak_helper_t)
+ ')
+ 
+-optional_policy(`
+-   systemd_userdbd_stream_connect(flatpak_helper_t)
+-')
+-
+ optional_policy(`                   
+     unconfined_domain(flatpak_helper_t)
+ ')
+-- 
+2.41.0
+
--- a/flatpak-add-fedora-repos.service
+++ b/flatpak-add-fedora-repos.service
@ -0,0 +1,14 @@
+[Unit]
+Description=Add Fedora flatpak repositories
+ConditionPathExists=!/var/lib/flatpak/.fedora-initialized
+Before=flatpak-system-helper.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/bin/flatpak remote-add --system --if-not-exists --title "Fedora Flatpaks" fedora oci+https://registry.fedoraproject.org
+ExecStart=/usr/bin/flatpak remote-add --system --if-not-exists --disable --title "Fedora Flatpaks (testing)" fedora-testing oci+https://registry.fedoraproject.org#testing
+ExecStartPost=/usr/bin/touch /var/lib/flatpak/.fedora-initialized
+
+[Install]
+WantedBy=multi-user.target
--- a/flatpak.spec
+++ b/flatpak.spec
@ -2,14 +2,22 @@
 %global ostree_version 2020.8

 Name:           flatpak
-Version:        1.10.8
-Release:        3%{?dist}
+Version:        1.12.8
+Release:        1%{?dist}
 Summary:        Application deployment framework for desktop apps

 License:        LGPLv2+
 URL:            http://flatpak.org/
 Source0:        https://github.com/flatpak/flatpak/releases/download/%{version}/%{name}-%{version}.tar.xz

+%if 0%{?fedora}
+# Add Fedora flatpak repositories
+Source1:        flatpak-add-fedora-repos.service
+%endif
+
+# https://issues.redhat.com/browse/RHEL-4220
+Patch0:         flatpak-Revert-selinux-Permit-using-systemd-userdbd.patch
+
 BuildRequires:  pkgconfig(appstream-glib)
 BuildRequires:  pkgconfig(dconf)
 BuildRequires:  pkgconfig(fuse)
@ -40,8 +48,6 @@ BuildRequires:  systemd
 BuildRequires:  /usr/bin/xmlto
 BuildRequires:  /usr/bin/xsltproc

-%{?systemd_requires}
-
 Requires:       bubblewrap >= %{bubblewrap_version}
 Requires:       librsvg2%{?_isa}
 Requires:       ostree-libs%{?_isa} >= %{ostree_version}
@ -120,7 +126,7 @@ This package contains installed tests for %{name}.
 %prep
 %autosetup -p1
 # Make sure to use the RHEL-lifetime supported Python and no other
-%py3_shebang_fix scripts/*  variant-schema-compiler/*
+%py3_shebang_fix scripts/* subprojects/variant-schema-compiler/* tests/*


 %build
@ -144,6 +150,11 @@ install -pm 644 NEWS README.md %{buildroot}/%{_pkgdocdir}
 install -d %{buildroot}%{_localstatedir}/lib/flatpak
 install -d %{buildroot}%{_sysconfdir}/flatpak/remotes.d
 rm -f %{buildroot}%{_libdir}/libflatpak.la
+
+%if 0%{?fedora}
+install -D -t %{buildroot}%{_unitdir} %{SOURCE1}
+%endif
+
 %find_lang %{name}

 # Work around selinux denials, see
@ -160,15 +171,28 @@ getent passwd flatpak >/dev/null || \
 exit 0


+%if 0%{?fedora}
 %post
-# Create an (empty) system-wide repo.
-flatpak remote-list --system &> /dev/null || :
+%systemd_post flatpak-add-fedora-repos.service
+%endif


 %post selinux
 %selinux_modules_install %{_datadir}/selinux/packages/flatpak.pp.bz2


+%if 0%{?fedora}
+%preun
+%systemd_preun flatpak-add-fedora-repos.service
+%endif
+
+
+%if 0%{?fedora}
+%postun
+%systemd_postun_with_restart flatpak-add-fedora-repos.service
+%endif
+
+
 %postun selinux
 if [ $1 -eq 0 ]; then
    %selinux_modules_uninstall %{_datadir}/selinux/packages/flatpak.pp.bz2
@ -220,6 +244,10 @@ fi
 %{_userunitdir}/flatpak-portal.service
 %{_systemd_user_env_generator_dir}/60-flatpak

+%if 0%{?fedora}
+%{_unitdir}/flatpak-add-fedora-repos.service
+%endif
+
 %files devel
 %{_datadir}/gir-1.0/Flatpak-1.0.gir
 %{_datadir}/gtk-doc/
@ -249,6 +277,9 @@ fi


 %changelog
+* Mon Nov 06 2023 Debarshi Ray <rishi@fedoraproject.org> - 1.12.8-1
+- Rebase to 1.12.8 (RHEL-4220)
+
 * Mon Nov 06 2023 Debarshi Ray <rishi@fedoraproject.org> - 1.10.8-3
 - Let flatpak own %%{_sysconfdir}/flatpak (RHEL-15822)

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (flatpak-1.10.8.tar.xz) = 0823aa522d5f5b0a6cb967609ef8db18390a1992578c7c15921494973759d83467f31112d81226797c741a4ed3732087ce6b290bd8d3cc103415094e32d0365a
+SHA512 (flatpak-1.12.8.tar.xz) = 5a37d94e12c18a746b222c1ddbd20bddfb22079af1d3a79dc819cdb25f04774c9e4b3a51f9b5ed64f210317e7ec9fb97324ae38ec3430c6a515ba4042805fc57