Compare commits
No commits in common. "c8" and "c9s-uprev" have entirely different histories.
|
|
@ -0,0 +1 @@
|
||||||
|
46402fb832a7143ab24ff2775d49882bc98781ce fwupd-1.8.3.tar.xz
|
||||||
|
|
@ -1,10 +1,88 @@
|
||||||
SOURCES/DBXUpdate-20100307-x64.cab
|
/fwupd-0.1.0.tar.xz
|
||||||
SOURCES/DBXUpdate-20140413-x64.cab
|
/fwupd-0.1.1.tar.xz
|
||||||
SOURCES/DBXUpdate-20160809-x64.cab
|
/fwupd-0.1.2.tar.xz
|
||||||
SOURCES/DBXUpdate-20200729-aa64.cab
|
/fwupd-0.1.3.tar.xz
|
||||||
SOURCES/DBXUpdate-20200729-ia32.cab
|
/fwupd-0.1.4.tar.xz
|
||||||
SOURCES/DBXUpdate-20200729-x64.cab
|
/fwupd-0.1.5.tar.xz
|
||||||
SOURCES/almalinuxsecurebootca0.cer
|
/fwupd-0.1.6.tar.xz
|
||||||
SOURCES/fwupd-1.7.8.tar.xz
|
/fwupd-0.5.0.tar.xz
|
||||||
SOURCES/fwupd-efi-1.3.tar.xz
|
/fwupd-0.5.1.tar.xz
|
||||||
SOURCES/libjcat-0.1.9.tar.xz
|
/fwupd-0.5.2.tar.xz
|
||||||
|
/fwupd-0.5.3.tar.xz
|
||||||
|
/fwupd-0.5.4.tar.xz
|
||||||
|
/fwupd-0.6.0.tar.xz
|
||||||
|
/fwupd-0.6.1.tar.xz
|
||||||
|
/fwupd-0.6.2.tar.xz
|
||||||
|
/fwupd-0.6.3.tar.xz
|
||||||
|
/fwupd-0.7.0.tar.xz
|
||||||
|
/fwupd-0.7.1.tar.xz
|
||||||
|
/fwupd-0.7.2.tar.xz
|
||||||
|
/fwupd-0.7.3.tar.xz
|
||||||
|
/fwupd-0.7.4.tar.xz
|
||||||
|
/fwupd-0.7.5.tar.xz
|
||||||
|
/fwupd-0.8.0.tar.xz
|
||||||
|
/fwupd-0.8.1.tar.xz
|
||||||
|
/fwupd-0.8.2.tar.xz
|
||||||
|
/fwupd-0.9.2.tar.xz
|
||||||
|
/fwupd-0.9.3.tar.xz
|
||||||
|
/fwupd-0.9.4.tar.xz
|
||||||
|
/fwupd-0.9.5.tar.xz
|
||||||
|
/fwupd-0.9.6.tar.xz
|
||||||
|
/fwupd-0.9.7.tar.xz
|
||||||
|
/fwupd-1.0.0.tar.xz
|
||||||
|
/fwupd-1.0.1.tar.xz
|
||||||
|
/fwupd-1.0.2.tar.xz
|
||||||
|
/fwupd-1.0.3.tar.xz
|
||||||
|
/fwupd-1.0.4.tar.xz
|
||||||
|
/fwupd-1.0.5.tar.xz
|
||||||
|
/fwupd-1.0.6.tar.xz
|
||||||
|
/fwupd-1.0.7.tar.xz
|
||||||
|
/fwupd-1.0.8.tar.xz
|
||||||
|
/fwupd-1.1.0.tar.xz
|
||||||
|
/fwupd-1.1.1.tar.xz
|
||||||
|
/fwupd-1.1.2.tar.xz
|
||||||
|
/fwupd-1.1.3.tar.xz
|
||||||
|
/fwupd-1.2.0.tar.xz
|
||||||
|
/fwupd-1.2.1.tar.xz
|
||||||
|
/fwupd-1.2.2.tar.xz
|
||||||
|
/fwupd-1.2.3.tar.xz
|
||||||
|
/fwupd-1.2.4.tar.xz
|
||||||
|
/fwupd-1.2.5.tar.xz
|
||||||
|
/fwupd-1.2.6.tar.xz
|
||||||
|
/fwupd-1.2.7.tar.xz
|
||||||
|
/fwupd-1.2.8.tar.xz
|
||||||
|
/fwupd-1.2.9.tar.xz
|
||||||
|
/fwupd-1.2.10.tar.xz
|
||||||
|
/fwupd-1.3.2.tar.xz
|
||||||
|
/fwupd-1.3.3.tar.xz
|
||||||
|
/fwupd-1.3.4.tar.xz
|
||||||
|
/fwupd-1.3.5.tar.xz
|
||||||
|
/fwupd-1.3.6.tar.xz
|
||||||
|
/fwupd-1.3.7.tar.xz
|
||||||
|
/fwupd-1.3.8.tar.xz
|
||||||
|
/fwupd-1.3.9.tar.xz
|
||||||
|
/fwupd-1.4.0.tar.xz
|
||||||
|
/fwupd-1.4.1.tar.xz
|
||||||
|
/fwupd-1.4.2.tar.xz
|
||||||
|
/fwupd-1.4.3.tar.xz
|
||||||
|
/fwupd-1.4.4.tar.xz
|
||||||
|
/fwupd-1.4.5.tar.xz
|
||||||
|
/fwupd-1.4.6.tar.xz
|
||||||
|
/fwupd-1.5.0.tar.xz
|
||||||
|
/fwupd-1.5.1.tar.xz
|
||||||
|
/fwupd-1.5.2.tar.xz
|
||||||
|
/fwupd-1.5.3.tar.xz
|
||||||
|
/fwupd-1.5.4.tar.xz
|
||||||
|
/fwupd-1.5.5.tar.xz
|
||||||
|
/fwupd-1.5.9.tar.xz
|
||||||
|
/DBXUpdate-20100307-x64.cab
|
||||||
|
/DBXUpdate-20140413-x64.cab
|
||||||
|
/DBXUpdate-20160809-x64.cab
|
||||||
|
/DBXUpdate-20200729-aa64.cab
|
||||||
|
/DBXUpdate-20200729-ia32.cab
|
||||||
|
/DBXUpdate-20200729-x64.cab
|
||||||
|
/fwupd-1.7.1.tar.xz
|
||||||
|
/fwupd-efi-1.1.tar.xz
|
||||||
|
/fwupd-1.7.4.tar.xz
|
||||||
|
/fwupd-1.8.3.tar.xz
|
||||||
|
/fwupd-efi-1.3.tar.xz
|
||||||
|
|
|
||||||
|
|
@ -1,29 +0,0 @@
|
||||||
From 1fc24adecbb62b3cd77ef965c5daf1b72f6c7aa8 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Richard Hughes <richard@hughsie.com>
|
|
||||||
Date: Tue, 22 Aug 2023 10:05:27 +0100
|
|
||||||
Subject: [PATCH] Use /usr/libexec/platform-python for RHEL
|
|
||||||
|
|
||||||
---
|
|
||||||
meson.build | 6 +-----
|
|
||||||
1 file changed, 1 insertion(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/meson.build b/meson.build
|
|
||||||
index bb406d616..ac90c8ee6 100644
|
|
||||||
--- a/meson.build
|
|
||||||
+++ b/meson.build
|
|
||||||
@@ -261,11 +261,7 @@ if libgcab.type_name() == 'pkgconfig' and cc.has_function('gcab_file_set_bytes',
|
|
||||||
endif
|
|
||||||
|
|
||||||
bashcomp = dependency('bash-completion', required: false)
|
|
||||||
-if host_machine.system() != 'freebsd'
|
|
||||||
- python3 = find_program('python3')
|
|
||||||
-else
|
|
||||||
- python3 = find_program('python3.8', 'python3', 'python3.9')
|
|
||||||
-endif
|
|
||||||
+python3 = find_program('/usr/libexec/platform-python')
|
|
||||||
|
|
||||||
if get_option('gnutls')
|
|
||||||
gnutls = dependency('gnutls', version : '>= 3.6.0')
|
|
||||||
--
|
|
||||||
2.41.0
|
|
||||||
|
|
||||||
|
|
@ -1,28 +0,0 @@
|
||||||
From 442f7f9200fbf6ec509dd0ee40eae2e37b2fb73e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Richard Hughes <richard@hughsie.com>
|
|
||||||
Date: Tue, 20 Sep 2022 08:06:12 +0100
|
|
||||||
Subject: [PATCH 1/3] redfish: Set the permissions of redfish.conf at install
|
|
||||||
time
|
|
||||||
|
|
||||||
Although typically we set the password using fu_plugin_set_secure_config_value()
|
|
||||||
or something like Ansible or Puppet -- the user could just edit the file with
|
|
||||||
vim and we still want the permissions set correctly.
|
|
||||||
---
|
|
||||||
plugins/redfish/meson.build | 1 +
|
|
||||||
1 file changed, 1 insertion(+)
|
|
||||||
|
|
||||||
diff --git a/plugins/redfish/meson.build b/plugins/redfish/meson.build
|
|
||||||
index 34ba4b7f6..7b19574de 100644
|
|
||||||
--- a/plugins/redfish/meson.build
|
|
||||||
+++ b/plugins/redfish/meson.build
|
|
||||||
@@ -48,6 +48,7 @@ shared_module('fu_plugin_redfish',
|
|
||||||
|
|
||||||
install_data(['redfish.conf'],
|
|
||||||
install_dir: join_paths(sysconfdir, 'fwupd'),
|
|
||||||
+ install_mode: 'rw-r-----',
|
|
||||||
)
|
|
||||||
|
|
||||||
if get_option('tests')
|
|
||||||
--
|
|
||||||
2.39.1
|
|
||||||
|
|
||||||
|
|
@ -1,47 +0,0 @@
|
||||||
From 4f39b747a6d860e32a3000451dd2635366c81776 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Richard Hughes <richard@hughsie.com>
|
|
||||||
Date: Tue, 20 Sep 2022 09:13:52 +0100
|
|
||||||
Subject: [PATCH 2/3] redfish: Only create users using IPMI when we know it's
|
|
||||||
going to work
|
|
||||||
|
|
||||||
Make the IPMI auto-account feature allow-listed on specific vendors as some IPMI
|
|
||||||
implementations are not specification compliant and do entirely the wrong thing.
|
|
||||||
---
|
|
||||||
plugins/redfish/fu-plugin-redfish.c | 8 ++++++++
|
|
||||||
plugins/redfish/redfish.quirk | 2 +-
|
|
||||||
2 files changed, 9 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/plugins/redfish/fu-plugin-redfish.c b/plugins/redfish/fu-plugin-redfish.c
|
|
||||||
index deb0fe742..3972d4b4b 100644
|
|
||||||
--- a/plugins/redfish/fu-plugin-redfish.c
|
|
||||||
+++ b/plugins/redfish/fu-plugin-redfish.c
|
|
||||||
@@ -422,6 +422,14 @@ fu_plugin_redfish_startup(FuPlugin *plugin, GError **error)
|
|
||||||
#ifdef HAVE_LINUX_IPMI_H
|
|
||||||
/* we got neither a type 42 entry or config value, lets try IPMI */
|
|
||||||
if (fu_redfish_backend_get_username(data->backend) == NULL) {
|
|
||||||
+ if (!fu_context_has_hwid_flag(fu_plugin_get_context(plugin), "ipmi-create-user")) {
|
|
||||||
+ g_set_error_literal(error,
|
|
||||||
+ FWUPD_ERROR,
|
|
||||||
+ FWUPD_ERROR_NOT_SUPPORTED,
|
|
||||||
+ "no username and password specified, "
|
|
||||||
+ "and no vendor quirk for 'ipmi-create-user'");
|
|
||||||
+ return FALSE;
|
|
||||||
+ }
|
|
||||||
if (!fu_plugin_get_config_value_boolean(plugin, "IpmiDisableCreateUser")) {
|
|
||||||
g_debug("attempting to create user using IPMI");
|
|
||||||
if (!fu_redfish_plugin_ipmi_create_user(plugin, error))
|
|
||||||
diff --git a/plugins/redfish/redfish.quirk b/plugins/redfish/redfish.quirk
|
|
||||||
index b12439926..5e9722fda 100644
|
|
||||||
--- a/plugins/redfish/redfish.quirk
|
|
||||||
+++ b/plugins/redfish/redfish.quirk
|
|
||||||
@@ -1,6 +1,6 @@
|
|
||||||
# Lenovo ThinkSystem
|
|
||||||
[42f00735-c9ab-5374-bd63-a5deee5881e0]
|
|
||||||
-Flags = wildcard-targets,reset-required
|
|
||||||
+Flags = wildcard-targets,reset-required,ipmi-create-user
|
|
||||||
|
|
||||||
[REDFISH\VENDOR_Lenovo&ID_BMC-Backup]
|
|
||||||
ParentGuid = REDFISH\VENDOR_Lenovo&ID_BMC-Primary
|
|
||||||
--
|
|
||||||
2.39.1
|
|
||||||
|
|
||||||
|
|
@ -1,141 +0,0 @@
|
||||||
From 41575afd93ca0e68bced78ca43a4488f124906a1 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Richard Hughes <richard@hughsie.com>
|
|
||||||
Date: Wed, 21 Sep 2022 14:56:10 +0100
|
|
||||||
Subject: [PATCH 3/3] Never save the Redfish passwords to a file readable by
|
|
||||||
users
|
|
||||||
|
|
||||||
When the redfish plugin automatically creates an OPERATOR user account on the
|
|
||||||
BMC we save the autogenerated password to /etc/fwupd/redfish.conf, ensuring it
|
|
||||||
is chmod'ed to 0660 before writing the file with g_key_file_save_to_file().
|
|
||||||
|
|
||||||
Under the covers, g_key_file_save_to_file() calls g_file_set_contents() with
|
|
||||||
the keyfile string data.
|
|
||||||
I was under the impression that G_FILE_CREATE_REPLACE_DESTINATION was being
|
|
||||||
used to copy permissions, but alas not.
|
|
||||||
|
|
||||||
GLib instead calls g_file_set_contents_full() with the mode hardcoded to 0666,
|
|
||||||
which undoes the previous chmod().
|
|
||||||
|
|
||||||
Use g_file_set_contents_full() with the correct mode for newer GLib versions,
|
|
||||||
and provide a fallback with the same semantics for older versions.
|
|
||||||
---
|
|
||||||
contrib/fwupd.spec.in | 3 ++
|
|
||||||
libfwupdplugin/fu-plugin.c | 65 +++++++++++++++++++++++++++++------
|
|
||||||
libfwupdplugin/fu-self-test.c | 57 ++++++++++++++++++++++++++++++
|
|
||||||
3 files changed, 114 insertions(+), 11 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/contrib/fwupd.spec.in b/contrib/fwupd.spec.in
|
|
||||||
index a50e30a9c..0854fcf4f 100644
|
|
||||||
--- a/contrib/fwupd.spec.in
|
|
||||||
+++ b/contrib/fwupd.spec.in
|
|
||||||
@@ -313,6 +313,9 @@ for fn in /etc/fwupd/remotes.d/*.conf; do
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
+# ensure this is private
|
|
||||||
+chmod 0660 /etc/fwupd/redfish.conf
|
|
||||||
+
|
|
||||||
%preun
|
|
||||||
%systemd_preun fwupd.service
|
|
||||||
|
|
||||||
diff --git a/libfwupdplugin/fu-plugin.c b/libfwupdplugin/fu-plugin.c
|
|
||||||
index 18042a028..04951de85 100644
|
|
||||||
--- a/libfwupdplugin/fu-plugin.c
|
|
||||||
+++ b/libfwupdplugin/fu-plugin.c
|
|
||||||
@@ -9,6 +9,7 @@
|
|
||||||
#include "config.h"
|
|
||||||
|
|
||||||
#include <errno.h>
|
|
||||||
+#include <fcntl.h>
|
|
||||||
#include <fwupd.h>
|
|
||||||
#include <glib/gstdio.h>
|
|
||||||
#include <gmodule.h>
|
|
||||||
@@ -2256,6 +2257,46 @@ fu_plugin_set_config_value(FuPlugin *self, const gchar *key, const gchar *value,
|
|
||||||
return g_key_file_save_to_file(keyfile, conf_path, error);
|
|
||||||
}
|
|
||||||
|
|
||||||
+#if !GLIB_CHECK_VERSION(2, 66, 0)
|
|
||||||
+
|
|
||||||
+#define G_FILE_SET_CONTENTS_CONSISTENT 0
|
|
||||||
+typedef guint GFileSetContentsFlags;
|
|
||||||
+static gboolean
|
|
||||||
+g_file_set_contents_full(const gchar *filename,
|
|
||||||
+ const gchar *contents,
|
|
||||||
+ gssize length,
|
|
||||||
+ GFileSetContentsFlags flags,
|
|
||||||
+ int mode,
|
|
||||||
+ GError **error)
|
|
||||||
+{
|
|
||||||
+ gint fd;
|
|
||||||
+ gssize wrote;
|
|
||||||
+
|
|
||||||
+ if (length < 0)
|
|
||||||
+ length = strlen(contents);
|
|
||||||
+ fd = g_open(filename, O_CREAT, mode);
|
|
||||||
+ if (fd <= 0) {
|
|
||||||
+ g_set_error(error,
|
|
||||||
+ G_IO_ERROR,
|
|
||||||
+ G_IO_ERROR_FAILED,
|
|
||||||
+ "could not open %s file",
|
|
||||||
+ filename);
|
|
||||||
+ return FALSE;
|
|
||||||
+ }
|
|
||||||
+ wrote = write(fd, contents, length);
|
|
||||||
+ if (wrote != length) {
|
|
||||||
+ g_set_error(error,
|
|
||||||
+ G_IO_ERROR,
|
|
||||||
+ G_IO_ERROR_FAILED,
|
|
||||||
+ "did not write %s file",
|
|
||||||
+ filename);
|
|
||||||
+ g_close(fd, NULL);
|
|
||||||
+ return FALSE;
|
|
||||||
+ }
|
|
||||||
+ return g_close(fd, error);
|
|
||||||
+}
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
/**
|
|
||||||
* fu_plugin_set_secure_config_value:
|
|
||||||
* @self: a #FuPlugin
|
|
||||||
@@ -2277,7 +2318,8 @@ fu_plugin_set_secure_config_value(FuPlugin *self,
|
|
||||||
GError **error)
|
|
||||||
{
|
|
||||||
g_autofree gchar *conf_path = fu_plugin_get_config_filename(self);
|
|
||||||
- gint ret;
|
|
||||||
+ g_autofree gchar *data = NULL;
|
|
||||||
+ g_autoptr(GKeyFile) keyfile = g_key_file_new();
|
|
||||||
|
|
||||||
g_return_val_if_fail(FU_IS_PLUGIN(self), FALSE);
|
|
||||||
g_return_val_if_fail(error == NULL || *error == NULL, FALSE);
|
|
||||||
@@ -2286,17 +2328,18 @@ fu_plugin_set_secure_config_value(FuPlugin *self,
|
|
||||||
g_set_error(error, FWUPD_ERROR, FWUPD_ERROR_NOT_FOUND, "%s is missing", conf_path);
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
- ret = g_chmod(conf_path, 0660);
|
|
||||||
- if (ret == -1) {
|
|
||||||
- g_set_error(error,
|
|
||||||
- FWUPD_ERROR,
|
|
||||||
- FWUPD_ERROR_INTERNAL,
|
|
||||||
- "failed to set permissions on %s",
|
|
||||||
- conf_path);
|
|
||||||
+ if (!g_key_file_load_from_file(keyfile, conf_path, G_KEY_FILE_KEEP_COMMENTS, error))
|
|
||||||
return FALSE;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- return fu_plugin_set_config_value(self, key, value, error);
|
|
||||||
+ g_key_file_set_string(keyfile, fu_plugin_get_name(self), key, value);
|
|
||||||
+ data = g_key_file_to_data(keyfile, NULL, error);
|
|
||||||
+ if (data == NULL)
|
|
||||||
+ return FALSE;
|
|
||||||
+ return g_file_set_contents_full(conf_path,
|
|
||||||
+ data,
|
|
||||||
+ -1,
|
|
||||||
+ G_FILE_SET_CONTENTS_CONSISTENT,
|
|
||||||
+ 0660,
|
|
||||||
+ error);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
--
|
|
||||||
2.39.1
|
|
||||||
|
|
||||||
File diff suppressed because it is too large
Load Diff
|
|
@ -0,0 +1,6 @@
|
||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- rhel-9
|
||||||
|
decision_context: osci_compose_gate
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: kernel-qe.kernel-ci.hardware-fwupd.tier0.functional}
|
||||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -0,0 +1,8 @@
|
||||||
|
SHA512 (fwupd-1.8.3.tar.xz) = 1044eb59b9dfb0c477b858564cc09f7bbbf59042aac84d133f83fb902342618bc8ffeddf816c706aea3ad473d5a3ca38b194b65e1d396e83764854b1d562d1ae
|
||||||
|
SHA512 (fwupd-efi-1.3.tar.xz) = 582bc0298f773b3017fab317a392b6fe95a9d1698bfe17e56370515f4563c8d45c12f28ae52d304866e4b077043bb0c9d5c1abf4b75ded5f70b6d8ccad495ea5
|
||||||
|
SHA512 (DBXUpdate-20100307-x64.cab) = f8ad56cf015f4cdc5c305856ff1f7a8589c25a2a671708c61883f427f38eb9b6a7abd3f2c8d79ef9d5076222255e42585917f8705a2a4b13f860bad4e02ec409
|
||||||
|
SHA512 (DBXUpdate-20140413-x64.cab) = 75771876a2309fa8ca083c2e76520173d434229b7cacf1e7636bd9b1bc4f871d745c348b9792bfb65fd9f40ef54c25bb427b1431151e817e7050b7829456731a
|
||||||
|
SHA512 (DBXUpdate-20160809-x64.cab) = c27c564999ae84515540f1a598cd0fd9ef3a80cdfaaf439f1c4cb04eaee0e73074548b6d76c21ca3af1ba9c4c0625907e821582998eb5617e33ecd412e6c8a13
|
||||||
|
SHA512 (DBXUpdate-20200729-aa64.cab) = 7a0cea13ed9b645fd9f1d5e3410a451d83643a75f5dc603272b0771b093f2c012f9a19419160403631c250cf64127ad2ce1c8fa2079b04064af73fe85b9add33
|
||||||
|
SHA512 (DBXUpdate-20200729-ia32.cab) = 578ec9cccf2001b8bfa54b66809a1662269677050e74bd3225536fbd2be56a8162c48669bd16ea553723580195df1693a28dc01fc1cf62ff06e36a2c5568f74f
|
||||||
|
SHA512 (DBXUpdate-20200729-x64.cab) = b8b195167d286a3f16aaa7c89149a0d5b4c8f53080e3265758b912f250fa655533c603359b7d1c989ebad6953ce443809b3317ec1d00f750326945ee0537e43b
|
||||||
Loading…
Reference in New Issue