5 changed files with 29 additions and 381 deletions
--- a/SOURCES/0050-repo-Don-t-try-to-perform-labeling-if-SELinux-is-dis.patch
+++ b/SOURCES/0050-repo-Don-t-try-to-perform-labeling-if-SELinux-is-dis.patch
@ -1,93 +0,0 @@
 From 8eac75556d0f53f3ba6cd12d2545bc8dbebb11f4 Mon Sep 17 00:00:00 2001
 From: Colin Walters <walters@verbum.org>
 Date: Tue, 4 Jun 2024 06:57:19 -0400
 Subject: [PATCH] repo: Don't try to perform labeling if SELinux is disabled
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 The default for container execution is that `/sys/fs/selinux`
 is not mounted, and the libselinux library function `is_selinux_enabled`
 should be used to dynamically check if the system should attempt to perform SELinux labeling.
 This is how it's done by rpm, ostree, and systemd for example.
 But this code unconditionally tries to label if it finds a policy,
 which breaks in an obscure corner case
 when executed inside a container that includes policy files (e.g.
 fedora/rhel-bootc) but when we're not using overlayfs for the backend
 (with BUILDAH_BACKEND=vfs).
 Signed-off-by: Petr Písař <ppisar@redhat.com>
 ---
 libdnf/repo/Repo.cpp | 50 +++++++++++++++++++++++---------------------
 1 file changed, 26 insertions(+), 24 deletions(-)
 diff --git a/libdnf/repo/Repo.cpp b/libdnf/repo/Repo.cpp
 index 68b82ccc..4f646f8c 100644
 --- a/libdnf/repo/Repo.cpp
 +++ b/libdnf/repo/Repo.cpp
@@ -676,34 +676,36 @@ static int create_temporary_directory(char *name_template) {
     int old_default_context_was_retrieved= 0;
     struct selabel_handle *labeling_handle = NULL;
 -    /* A purpose of this piece of code is to deal with applications whose
 -     * security policy overrides a file context for temporary files but don't
 -     * know that libdnf executes GnuPG which expects a default file context. */
 -    if (0 == getfscreatecon(&old_default_context)) {
 -        old_default_context_was_retrieved = 1;
 -    } else {
 -        logger->debug(tfm::format("Failed to retrieve a default SELinux context"));
 -    }
 +    if (is_selinux_enabled()) {
 +        /* A purpose of this piece of code is to deal with applications whose
 +         * security policy overrides a file context for temporary files but don't
 +         * know that libdnf executes GnuPG which expects a default file context. */
 +        if (0 == getfscreatecon(&old_default_context)) {
 +            old_default_context_was_retrieved = 1;
 +        } else {
 +            logger->debug(tfm::format("Failed to retrieve a default SELinux context"));
 +        }
 -    labeling_handle = selabel_open(SELABEL_CTX_FILE, NULL, 0);
 -    if (NULL == labeling_handle) {
 -        logger->debug(tfm::format("Failed to open a SELinux labeling handle: %s",
 -                    strerror(errno)));
 -    } else {
 -        if (selabel_lookup(labeling_handle, &new_default_context, name_template, 0700)) {
 -            /* Here we could hard-code "system_u:object_r:user_tmp_t:s0", but
 -             * that value should be really defined in default file context
 -             * SELinux policy. Only log that the policy is incpomplete. */
 -            logger->debug(tfm::format("Failed to look up a default SELinux label for \"%s\"",
 -                        name_template));
 +        labeling_handle = selabel_open(SELABEL_CTX_FILE, NULL, 0);
 +        if (NULL == labeling_handle) {
 +            logger->debug(tfm::format("Failed to open a SELinux labeling handle: %s",
 +                        strerror(errno)));
         } else {
 -            if (setfscreatecon(new_default_context)) {
 -                logger->debug(tfm::format("Failed to set default SELinux context to \"%s\"",
 -                            new_default_context));
 +            if (selabel_lookup(labeling_handle, &new_default_context, name_template, 0700)) {
 +                /* Here we could hard-code "system_u:object_r:user_tmp_t:s0", but
 +                 * that value should be really defined in default file context
 +                 * SELinux policy. Only log that the policy is incpomplete. */
 +                logger->debug(tfm::format("Failed to look up a default SELinux label for \"%s\"",
 +                            name_template));
 +            } else {
 +                if (setfscreatecon(new_default_context)) {
 +                    logger->debug(tfm::format("Failed to set default SELinux context to \"%s\"",
 +                                new_default_context));
 +                }
 +                freecon(new_default_context);
             }
 -            freecon(new_default_context);
 +            selabel_close(labeling_handle);
         }
 -        selabel_close(labeling_handle);
     }
 #endif
 -- 
 2.45.2
--- a/SOURCES/0051-MergedTransaction-Calculate-RPM-difference-between-t.patch
+++ b/SOURCES/0051-MergedTransaction-Calculate-RPM-difference-between-t.patch
@ -1,180 +0,0 @@
 From 3dec8ebc9d1abc735de67cd5fd95677cfbfebc7d Mon Sep 17 00:00:00 2001
 From: Jan Kolarik <jkolarik@redhat.com>
 Date: Mon, 26 Feb 2024 09:58:33 +0000
 Subject: [PATCH 51/52] MergedTransaction: Calculate RPM difference between two
 same versions as no-op
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Upstream commit: 54823d82a1369c25ba1a68c18ea2a67c41f4fbe7
 If a package of a particular version is installed and would still be installed after a list of transactions, it's more user friendly to treat the whole situation as "do nothing".
 Resolves: https://issues.redhat.com/browse/RHEL-68770
 Signed-off-by: Petr Písař <ppisar@redhat.com>
 ---
 libdnf/transaction/MergedTransaction.cpp      | 38 ++++++++++++-------
 libdnf/transaction/MergedTransaction.hpp      |  6 +--
 .../transaction/MergedTransactionTest.cpp     |  7 +---
 3 files changed, 28 insertions(+), 23 deletions(-)
 diff --git a/libdnf/transaction/MergedTransaction.cpp b/libdnf/transaction/MergedTransaction.cpp
 index a8d878cb..8f26882f 100644
 --- a/libdnf/transaction/MergedTransaction.cpp
 +++ b/libdnf/transaction/MergedTransaction.cpp
@@ -192,7 +192,7 @@ static bool transaction_item_sort_function(const std::shared_ptr<TransactionItem
  * Actions are merged using following rules:
  * (old action) -> (new action) = (merged action)
  *
 - * Erase/Obsolete -> Install/Obsoleting = Reinstall/Downgrade/Upgrade
 + * Erase/Obsolete -> Install/Obsoleting = Downgrade/Upgrade
  *
  * Reinstall/Reason change -> (new action) = (new action)
  *
@@ -210,6 +210,9 @@ static bool transaction_item_sort_function(const std::shared_ptr<TransactionItem
  *
  *      With complete transaction pair we need to get a new Upgrade/Downgrade package and
  *      compare versions with original package from pair.
 + *
 + * Additionally, if a package is installed both before and after the list of transactions
 + * with the same version, no action will be taken.
  */
 std::vector< TransactionItemBasePtr >
 MergedTransaction::getItems()
@@ -261,13 +264,16 @@ getItemIdentifier(ItemPtr item)
 /**
  * Resolve the difference between RPMs in the first and second transaction item
 - *  and create a ItemPair of Upgrade, Downgrade or reinstall.
 + *  and create a ItemPair of Upgrade, Downgrade or drop the item from the merged
 + *  transaction set in case of both packages are of the same version.
  * Method is called when original package is being removed and than installed again.
 + * \param itemPairMap merged transaction set
  * \param previousItemPair original item pair
  * \param mTransItem new transaction item
  */
 void
 -MergedTransaction::resolveRPMDifference(ItemPair &previousItemPair,
 +MergedTransaction::resolveRPMDifference(ItemPairMap &itemPairMap,
 +                                        ItemPair &previousItemPair,
                                         TransactionItemBasePtr mTransItem)
 {
     auto firstItem = previousItemPair.first->getItem();
@@ -277,11 +283,10 @@ MergedTransaction::resolveRPMDifference(ItemPair &previousItemPair,
     auto secondRPM = std::dynamic_pointer_cast< RPMItem >(secondItem);
     if (firstRPM->getVersion() == secondRPM->getVersion() &&
 -        firstRPM->getEpoch() == secondRPM->getEpoch()) {
 -        // reinstall
 -        mTransItem->setAction(TransactionItemAction::REINSTALL);
 -        previousItemPair.first = mTransItem;
 -        previousItemPair.second = nullptr;
 +        firstRPM->getEpoch() == secondRPM->getEpoch() &&
 +        firstRPM->getRelease() == secondRPM->getRelease()) {
 +        // Drop the item from merged transaction
 +        itemPairMap.erase(getItemIdentifier(firstItem));
         return;
     } else if ((*firstRPM) < (*secondRPM)) {
         // Upgrade to secondRPM
@@ -296,7 +301,9 @@ MergedTransaction::resolveRPMDifference(ItemPair &previousItemPair,
 }
 void
 -MergedTransaction::resolveErase(ItemPair &previousItemPair, TransactionItemBasePtr mTransItem)
 +MergedTransaction::resolveErase(ItemPairMap &itemPairMap,
 +                                ItemPair &previousItemPair,
 +                                TransactionItemBasePtr mTransItem)
 {
     /*
      * The original item has been removed - it has to be installed now unless the rpmdb
@@ -306,7 +313,7 @@ MergedTransaction::resolveErase(ItemPair &previousItemPair, TransactionItemBaseP
     if (mTransItem->getAction() == TransactionItemAction::INSTALL) {
         if (mTransItem->getItem()->getItemType() == ItemType::RPM) {
             // resolve the difference between RPM packages
 -            resolveRPMDifference(previousItemPair, mTransItem);
 +            resolveRPMDifference(itemPairMap, previousItemPair, mTransItem);
         } else {
             // difference between comps can't be resolved
             mTransItem->setAction(TransactionItemAction::REINSTALL);
@@ -323,11 +330,14 @@ MergedTransaction::resolveErase(ItemPair &previousItemPair, TransactionItemBaseP
  * transaction - new package is used to complete the pair. Items are stored in pairs (Upgrade,
  * Upgrade) or (Downgraded, Downgrade). With complete transaction pair we need to get the new
  * Upgrade/Downgrade item and compare its version with the original item from the pair.
 + * \param itemPairMap merged transaction set
  * \param previousItemPair original item pair
  * \param mTransItem new transaction item
  */
 void
 -MergedTransaction::resolveAltered(ItemPair &previousItemPair, TransactionItemBasePtr mTransItem)
 +MergedTransaction::resolveAltered(ItemPairMap &itemPairMap,
 +                                  ItemPair &previousItemPair,
 +                                  TransactionItemBasePtr mTransItem)
 {
     auto newState = mTransItem->getAction();
     auto firstState = previousItemPair.first->getAction();
@@ -369,7 +379,7 @@ MergedTransaction::resolveAltered(ItemPair &previousItemPair, TransactionItemBas
         } else {
             if (mTransItem->getItem()->getItemType() == ItemType::RPM) {
                 // resolve the difference between RPM packages
 -                resolveRPMDifference(previousItemPair, mTransItem);
 +                resolveRPMDifference(itemPairMap, previousItemPair, mTransItem);
             } else {
                 // difference between comps can't be resolved
                 previousItemPair.second->setAction(TransactionItemAction::REINSTALL);
@@ -405,7 +415,7 @@ MergedTransaction::mergeItem(ItemPairMap &itemPairMap, TransactionItemBasePtr mT
     switch (firstState) {
         case TransactionItemAction::REMOVE:
         case TransactionItemAction::OBSOLETED:
 -            resolveErase(previousItemPair, mTransItem);
 +            resolveErase(itemPairMap, previousItemPair, mTransItem);
             break;
         case TransactionItemAction::INSTALL:
             // the original package has been installed -> it may be either Removed, or altered
@@ -432,7 +442,7 @@ MergedTransaction::mergeItem(ItemPairMap &itemPairMap, TransactionItemBasePtr mT
         case TransactionItemAction::UPGRADE:
         case TransactionItemAction::UPGRADED:
         case TransactionItemAction::OBSOLETE:
 -            resolveAltered(previousItemPair, mTransItem);
 +            resolveAltered(itemPairMap, previousItemPair, mTransItem);
             break;
         case TransactionItemAction::REINSTALLED:
             break;
 diff --git a/libdnf/transaction/MergedTransaction.hpp b/libdnf/transaction/MergedTransaction.hpp
 index dbb8af11..f85b133a 100644
 --- a/libdnf/transaction/MergedTransaction.hpp
 +++ b/libdnf/transaction/MergedTransaction.hpp
@@ -76,9 +76,9 @@ protected:
     typedef std::map< std::string, ItemPair > ItemPairMap;
     void mergeItem(ItemPairMap &itemPairMap, TransactionItemBasePtr transItem);
 -    void resolveRPMDifference(ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 -    void resolveErase(ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 -    void resolveAltered(ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 +    void resolveRPMDifference(ItemPairMap &itemPairMap, ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 +    void resolveErase(ItemPairMap &itemPairMap, ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 +    void resolveAltered(ItemPairMap &itemPairMap, ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 };
 } // namespace libdnf
 diff --git a/tests/libdnf/transaction/MergedTransactionTest.cpp b/tests/libdnf/transaction/MergedTransactionTest.cpp
 index 52507700..35fb4250 100644
 --- a/tests/libdnf/transaction/MergedTransactionTest.cpp
 +++ b/tests/libdnf/transaction/MergedTransactionTest.cpp
@@ -822,12 +822,7 @@ MergedTransactionTest::test_downgrade_upgrade_remove()
     // test merging trans1, trans2
     merged.merge(trans2);
     auto items2 = merged.getItems();
 -    CPPUNIT_ASSERT_EQUAL(1, (int)items2.size());
 -    auto item2 = items2.at(0);
 -    CPPUNIT_ASSERT_EQUAL(std::string("tour-4.8-1.noarch"), item2->getItem()->toStr());
 -    CPPUNIT_ASSERT_EQUAL(std::string("repo1"), item2->getRepoid());
 -    CPPUNIT_ASSERT_EQUAL(TransactionItemAction::REINSTALL, item2->getAction());
 -    CPPUNIT_ASSERT_EQUAL(TransactionItemReason::USER, item2->getReason());
 +    CPPUNIT_ASSERT_EQUAL(0, (int)items2.size());
     // test merging trans1, trans2, trans3
     merged.merge(trans3);
 -- 
 2.47.1
--- a/SOURCES/0052-MergedTransaction-Fix-invalid-memory-access-when-dro.patch
+++ b/SOURCES/0052-MergedTransaction-Fix-invalid-memory-access-when-dro.patch
@ -1,94 +0,0 @@
 From d3aed9b31495a4e10424a460f930f0678fb3688e Mon Sep 17 00:00:00 2001
 From: Jan Kolarik <jkolarik@redhat.com>
 Date: Tue, 23 Apr 2024 14:11:19 +0000
 Subject: [PATCH 52/52] MergedTransaction: Fix invalid memory access when
 dropping items
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Upstream commit: 90d2ffad964a91a7a798b81e15c16eb1e840f257
 When an item is dropped from the merged transaction, the `ItemPair` reference becomes invalid and should no longer be used.
 Resolves: https://issues.redhat.com/browse/RHEL-68770
 Signed-off-by: Petr Písař <ppisar@redhat.com>
 ---
 libdnf/transaction/MergedTransaction.cpp | 18 +++++++++++-------
 libdnf/transaction/MergedTransaction.hpp |  2 +-
 2 files changed, 12 insertions(+), 8 deletions(-)
 diff --git a/libdnf/transaction/MergedTransaction.cpp b/libdnf/transaction/MergedTransaction.cpp
 index 8f26882f..75d2c1e7 100644
 --- a/libdnf/transaction/MergedTransaction.cpp
 +++ b/libdnf/transaction/MergedTransaction.cpp
@@ -264,14 +264,15 @@ getItemIdentifier(ItemPtr item)
 /**
  * Resolve the difference between RPMs in the first and second transaction item
 - *  and create a ItemPair of Upgrade, Downgrade or drop the item from the merged
 - *  transaction set in case of both packages are of the same version.
 - * Method is called when original package is being removed and than installed again.
 + *  and create a ItemPair of Upgrade, Downgrade or remove the item from the merged
 + *  transaction set in case of both packages are the same.
 + * Method is called when original package is being removed and then installed again.
  * \param itemPairMap merged transaction set
  * \param previousItemPair original item pair
  * \param mTransItem new transaction item
 + * \return true if the original and new transaction item differ
  */
 -void
 +bool
 MergedTransaction::resolveRPMDifference(ItemPairMap &itemPairMap,
                                         ItemPair &previousItemPair,
                                         TransactionItemBasePtr mTransItem)
@@ -287,7 +288,7 @@ MergedTransaction::resolveRPMDifference(ItemPairMap &itemPairMap,
         firstRPM->getRelease() == secondRPM->getRelease()) {
         // Drop the item from merged transaction
         itemPairMap.erase(getItemIdentifier(firstItem));
 -        return;
 +        return false;
     } else if ((*firstRPM) < (*secondRPM)) {
         // Upgrade to secondRPM
         previousItemPair.first->setAction(TransactionItemAction::UPGRADED);
@@ -298,6 +299,7 @@ MergedTransaction::resolveRPMDifference(ItemPairMap &itemPairMap,
         mTransItem->setAction(TransactionItemAction::DOWNGRADE);
     }
     previousItemPair.second = mTransItem;
 +    return true;
 }
 void
@@ -308,12 +310,14 @@ MergedTransaction::resolveErase(ItemPairMap &itemPairMap,
     /*
      * The original item has been removed - it has to be installed now unless the rpmdb
      *  has changed. Resolve the difference between packages and mark it as Upgrade,
 -     *  Reinstall or Downgrade
 +     *  Downgrade or remove it from the transaction
      */
     if (mTransItem->getAction() == TransactionItemAction::INSTALL) {
         if (mTransItem->getItem()->getItemType() == ItemType::RPM) {
             // resolve the difference between RPM packages
 -            resolveRPMDifference(itemPairMap, previousItemPair, mTransItem);
 +            if (!resolveRPMDifference(itemPairMap, previousItemPair, mTransItem)) {
 +                return;
 +            }
         } else {
             // difference between comps can't be resolved
             mTransItem->setAction(TransactionItemAction::REINSTALL);
 diff --git a/libdnf/transaction/MergedTransaction.hpp b/libdnf/transaction/MergedTransaction.hpp
 index f85b133a..50212159 100644
 --- a/libdnf/transaction/MergedTransaction.hpp
 +++ b/libdnf/transaction/MergedTransaction.hpp
@@ -76,7 +76,7 @@ protected:
     typedef std::map< std::string, ItemPair > ItemPairMap;
     void mergeItem(ItemPairMap &itemPairMap, TransactionItemBasePtr transItem);
 -    void resolveRPMDifference(ItemPairMap &itemPairMap, ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 +    bool resolveRPMDifference(ItemPairMap &itemPairMap, ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
     void resolveErase(ItemPairMap &itemPairMap, ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
     void resolveAltered(ItemPairMap &itemPairMap, ItemPair &previousItemPair, TransactionItemBasePtr mTransItem);
 };
 -- 
 2.47.1
--- a/SOURCES/almalinux_bugtracker.patch
+++ b/SOURCES/almalinux_bugtracker.patch
@ -0,0 +1,23 @@
 diff -aruN libdnf-0.63.0/docs/hawkey/conf.py libdnf-0.63.0_alma/docs/hawkey/conf.py
 --- libdnf-0.63.0/docs/hawkey/conf.py	2021-05-18 17:07:23.000000000 +0300
 +++ libdnf-0.63.0_alma/docs/hawkey/conf.py	2021-12-30 11:03:39.179244600 +0300
@@ -260,6 +260,6 @@
 rst_prolog = """
 .. default-domain:: py
 .. _libsolv: https://github.com/openSUSE/libsolv
 -.. _bugzilla: https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=hawkey
 +.. _bugzilla: https://bugs.almalinux.org/
 """
 diff -aruN libdnf-0.63.0/libdnf/conf/Const.hpp libdnf-0.63.0_alma/libdnf/conf/Const.hpp
 --- libdnf-0.63.0/libdnf/conf/Const.hpp	2021-05-18 17:07:23.000000000 +0300
 +++ libdnf-0.63.0_alma/libdnf/conf/Const.hpp	2021-12-30 11:03:47.004789800 +0300
@@ -41,7 +41,7 @@
                  "installonlypkg(vm)",
                  "multiversion(kernel)"};
 -constexpr const char * BUGTRACKER="https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=dnf";
 +constexpr const char * BUGTRACKER="https://bugs.almalinux.org/";
 }
--- a/SPECS/libdnf.spec
+++ b/SPECS/libdnf.spec
@ -58,7 +58,7 @@
 Name:           libdnf
 Version:        %{libdnf_major_version}.%{libdnf_minor_version}.%{libdnf_micro_version}
-Release:        21%{?dist}
+Release:        19%{?dist}.alma
 Summary:        Library providing simplified C and Python API to libsolv
 License:        LGPLv2+
 URL:            https://github.com/rpm-software-management/libdnf
@ -112,9 +112,9 @@ Patch46:        0046-Update-translations-RHEL-8.9.patch
 Patch47:        0047-filterAdvisory-installed_solvables-sort-RhBug2212838.patch
 Patch48:        0048-Avoid-reinstal-installonly-packages-marked-for-ERASE.patch
 Patch49:        0049-PGP-Set-a-default-creation-SELinux-labels-on-GnuPG-d.patch
-Patch50:        0050-repo-Don-t-try-to-perform-labeling-if-SELinux-is-dis.patch
+
-Patch51:        0051-MergedTransaction-Calculate-RPM-difference-between-t.patch
+# Almalinux patches
-Patch52:        0052-MergedTransaction-Fix-invalid-memory-access-when-dro.patch
+Patch10001:     almalinux_bugtracker.patch
 BuildRequires:  cmake
@ -365,24 +365,17 @@ popd
 %endif
 %changelog
-* Fri Dec 06 2024 Petr Pisar <ppisar@redhat.com> - 0.63.0-21
+* Wed Mar 27 2024 Eduard Abdullin <eabdullin@almalinux.org> - 0.63.0-19.alma
- Fix calculating a difference between two same-version RPM transactions
+- AlmaLinux changes
  (RHEL-68770)
 * Mon Jun 24 2024 Petr Pisar <ppisar@redhat.com> - 0.63.0-20
 - Do not set a default SELinux creation context if SELinux appears to be
  disabled (RHEL-43231)
 * Wed Oct 18 2023 Petr Pisar <ppisar@redhat.com> - 0.63.0-19
 - Set default SELinux labels on GnuPG directories (RHEL-6421)
 * Fri Oct 13 2023 Jaroslav Rohel <jrohel@redhat.com> - 0.63.0-18
 - filterAdvisory: match installed_solvables sort with lower_bound (RhBug:2212838, RHEL-1244)
 - Avoid reinstalling installonly packages marked for ERASE (RhBug:2163474, RHEL-1253)
 * Fri Sep 08 2023 Marek Blaha <mblaha@redhat.com> - 0.63.0-17
 - Update translations
 * Wed May 31 2023 Nicola Sella <nsella@redhat.com> - 0.63-0-16
 - Support "proxy=_none_" in main config (RhBug:2155713)
@ -394,7 +387,6 @@ popd
 * Wed Oct 26 2022 Nicola Sella <nsella@redhat.com> - 0.63.0-13
 - Allow change of arch during security updates with noarch (RhBug:2124483)
 * Tue Sep 13 2022 Lukas Hrazky <lhrazky@redhat.com> - 0.63.0-12
 - Fix listing a repository without cpeid (RhBug:2066334)