.gitignore

@@ -1 +1,31 @@
-SOURCES/oddjob-0.34.7.tar.gz
+oddjob-0.29.1-1.tar.gz
+oddjob-0.30.tar.gz
+oddjob-0.30.1.tar.gz
+/oddjob-0.31.tar.gz
+/oddjob-0.31.1.tar.gz
+/oddjob-0.31.2.tar.gz
+/oddjob-0.31.2.tar.gz.sig
+/oddjob-0.31.3.tar.gz
+/oddjob-0.31.3.tar.gz.sig
+/oddjob-0.31.4.tar.gz
+/oddjob-0.31.4.tar.gz.sig
+/oddjob-0.31.5.tar.gz
+/oddjob-0.31.5.tar.gz.sig
+/oddjob-0.32.tar.gz
+/oddjob-0.32.tar.gz.sig
+/oddjob-0.33.tar.gz
+/oddjob-0.33.tar.gz.sig
+/oddjob-0.34.tar.gz
+/oddjob-0.34.tar.gz.sig
+/oddjob-0.34.1.tar.gz
+/oddjob-0.34.1.tar.gz.sig
+/oddjob-0.34.2.tar.gz
+/oddjob-0.34.2.tar.gz.sig
+/oddjob-0.34.3.tar.gz
+/oddjob-0.34.3.tar.gz.sig
+/oddjob-0.34.4.tar.gz
+/oddjob-0.34.4.tar.gz.sig
+/oddjob-0.34.6.tar.gz
+/oddjob-0.34.6.tar.gz.sig
+/oddjob-0.34.7.tar.gz
+/oddjob-0.34.7.tar.gz.asc

.oddjob.metadata

@@ -1 +0,0 @@
-c11f0783a66f88dce215772e9ec4fd673654e975 SOURCES/oddjob-0.34.7.tar.gz

SOURCES/oddjob-0.34.7.tar.gz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEhAodHH8+xLL+UwQ1RxniuKu/YhoFAl/XmV4ACgkQRxniuKu/
-Yhr6sQ/+OMveTOdOkByG1g4T7qS91pNBTPNaGrhOrIAMTeYjLU+F8xfChGR2y6z4
-7V1tArCJjjT5f1wFJw+r5p5kH1m5rv5ymwpZSMLiDMdrEBz6uIj7TDhrTsweOIFl
-RiBDJfMzpXa3uZOxNt/CHsaMpLJ+1/FbVLKbNDKyQqGSPGmbyNcJYN2fr5ms4j3U
-GxGUDTUV9KSPmmlA/wVke8G+OXNdSPm/Xe7n8zhspVI33vJeQpQTe3zPjji/ozn2
-N7K8LOwMKn2G6xP0fvR3DaTBnM2NR29Sw2avQGsL0F4t847mFWlo8oC7JTZ6Uv78
-bi+HrGAVNIA7iVTwMh2gODkLKnW7Z+sSMn7Dke4eV+Ra3RfKXIEydq3LJ+vyDrgR
-NpX3egGz2FdnIvmGv4D28YqrpA1LInKSJXXZzAICdZ9+rAZCKINXDBjuAN5AQBZj
-jbrZNYd6tUqnbv0JwU4MxVD6FHkU82XAn7wOX+xr48X5hT9nMc9hdBYxM+imDAjV
-9SzHydiR75HOEly0i5LObNM8OomwSdkjFC2bZy4pMCt/bxrwWy7OpOSGPAteB6t2
-iVcieSyaufbQCu12jS55UUlAfnq3u4O/ouG2CLyVob5f20nwkPvACujiioBnqyX1
-hpAEjQ3WRwY+tsrtPQUC25BzUZ0iKeso/PqkJudukHDsIUK4f5E=
-=VwN3
------END PGP SIGNATURE-----

SOURCES/oddjob-cve-2020-10737-reversal-option.patch

@@ -1,113 +0,0 @@
-From 71b0389fbb31833d827f5f0fec18880c2f602753 Mon Sep 17 00:00:00 2001
-From: Alexander Bokovoy <abokovoy@redhat.com>
-Date: Thu, 19 May 2022 13:52:22 +0300
-Subject: [PATCH] mkhomedir: add support for pre-CVE-2020-10737 behavior
-
-Pre-CVE-2020-10737 behavior was used to allow creating home directories
-on NFS mounts when non-Kerberos authentication method is in use. This is
-exactly the case where a race condition addressed by the CVE-2020-10737
-fix could have happened. However, there are legit use cases where this
-setup is needed.
-
-Add '-f' option to mkhomedir helper to activate previous behavior. In
-order to enable it, a change to oddjobd-mkhomedir.conf configuration
-file is needed by explicitly adding '-f' option to the executable file
-definition.
-
-Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2050079
-
-Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
----
- src/mkhomedir.c                 | 16 +++++++++++++---
- src/oddjobd-mkhomedir.conf.5.in |  9 +++++++++
- 2 files changed, 22 insertions(+), 3 deletions(-)
-
-diff --git a/src/mkhomedir.c b/src/mkhomedir.c
-index be85959..ac813a9 100644
---- a/src/mkhomedir.c
-+++ b/src/mkhomedir.c
-@@ -53,9 +53,11 @@ static const char *skel;
- static const char *skel_dir;
- static struct passwd *pwd;
- static mode_t override_umask;
-+static int owner_mkdir_first = 0;
- 
- #define FLAG_POPULATE	(1 << 0)
- #define FLAG_QUIET	(1 << 1)
-+#define FLAG_OWNER_MKDIR_FIRST (1 << 2)
- 
- /* Given the path of an item somewhere in the skeleton directory, create as
-  * identical as possible a copy in the destination tree. */
-@@ -158,7 +160,7 @@ copy_single_item(const char *source, const struct stat *sb,
- 		 * target user just yet to avoid potential race conditions
- 		 * involving symlink attacks when we copy over the skeleton
- 		 * tree. */
--		if (status->level == 0) {
-+		if (status->level == 0 && !owner_mkdir_first) {
- 			uid = 0;
- 			gid = 0;
- 		}
-@@ -222,6 +224,9 @@ mkhomedir(const char *user, int flags)
- 		       pwd->pw_dir);
- 		return HANDLER_INVALID_INVOCATION;
- 	}
-+	if (flags & FLAG_OWNER_MKDIR_FIRST) {
-+		owner_mkdir_first = 1;
-+	}
- 	if ((lstat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) {
- 		/* Figure out which location we're using as a
- 		 * template. */
-@@ -237,7 +242,7 @@ mkhomedir(const char *user, int flags)
- 				int res = nftw(get_skel_dir(), copy_single_item, 5,
- 					       FTW_PHYS);
- 				/* only now give ownership to the target user */
--				if (res == 0) {
-+				if (res == 0 && !owner_mkdir_first) {
- 					res = chown(pwd->pw_dir, pwd->pw_uid, pwd->pw_gid);
- 				}
- 
-@@ -317,8 +322,11 @@ main(int argc, char **argv)
- 	umask(override_umask);
- 	skel_dir = "/etc/skel";
- 
--	while ((i = getopt(argc, argv, "nqs:u:")) != -1) {
-+	while ((i = getopt(argc, argv, "nqfs:u:")) != -1) {
- 		switch (i) {
-+		case 'f':
-+			flags |= FLAG_OWNER_MKDIR_FIRST;
-+			break;
- 		case 'n':
- 			flags &= ~FLAG_POPULATE;
- 			break;
-@@ -339,6 +347,8 @@ main(int argc, char **argv)
- 			break;
- 		default:
- 			fprintf(stderr, "Valid options:\n"
-+				"-f\tCreate home directory initially owned by user, "
-+				"not root. See man page for security issues.\n"
- 				"-n\tDo not populate home directories, "
- 				"just create them.\n"
- 				"-q\tDo not print messages when creating "
-diff --git a/src/oddjobd-mkhomedir.conf.5.in b/src/oddjobd-mkhomedir.conf.5.in
-index d7a2429..6e35ad5 100644
---- a/src/oddjobd-mkhomedir.conf.5.in
-+++ b/src/oddjobd-mkhomedir.conf.5.in
-@@ -10,6 +10,15 @@ directory.
- 
- The mkhomedir helper itself accepts these options:
- .TP
-+-f
-+Restore behavior before CVE-2020-10737 was fixed: create the home directory
-+with user's ownership directly rather than create it as a root and only after
-+populating it change to the user's ownership. The former behavior is insecure
-+but may be used to allow creation of NFS-mounted home directories when
-+non-Kerberos authentication is in use. It is prone for a race condition that
-+could be exploited in the NFS-mounted home directories use case. To avoid
-+CVE-2020-10737, do not use \fB-f\fR option in production environments.
-+.TP
- -q
- Refrain from outputting the usual "Creating home directory..." message when it
- creates a home directory.
--- 
-2.37.1
-

gating.yaml

@@ -0,0 +1,8 @@
+# recipients: abokovoy, frenaud, kaleem, ftrivino
+--- !Policy
+product_versions:
+  - rhel-10
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
+  - !PassingTestCaseRule {test_case_name: idm-ci.brew-build.tier1.functional}

oddjob-libxml2.patch

@@ -0,0 +1,28 @@
+From 3d30f6fec556f2eb53671832ae47687ace1fc655 Mon Sep 17 00:00:00 2001
+From: Yaakov Selkowitz <yselkowi@redhat.com>
+Date: Wed, 13 Dec 2023 15:12:32 -0500
+Subject: [PATCH] Fix build with libxml2-2.12.0
+
+https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.0
+
+"Several cyclic dependencies in public header files were fixed. As a
+result, certain headers won't include other headers as before."
+---
+ src/oddjobd.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/oddjobd.c b/src/oddjobd.c
+index 44de748..fb63c02 100644
+--- a/src/oddjobd.c
++++ b/src/oddjobd.c
+@@ -47,6 +47,7 @@
+ #include <string.h>
+ #include <unistd.h>
+ #include <dbus/dbus.h>
++#include <libxml/globals.h>
+ #include <libxml/xmlreader.h>
+ #ifdef SELINUX_ACLS
+ #include <selinux/selinux.h>
+-- 
+2.43.0
+

oddjob-override-mask-fix.patch

@@ -1,3 +1,117 @@
+From 71b0389fbb31833d827f5f0fec18880c2f602753 Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <abokovoy@redhat.com>
+Date: Thu, 19 May 2022 13:52:22 +0300
+Subject: [PATCH 1/2] mkhomedir: add support for pre-CVE-2020-10737 behavior
+
+Pre-CVE-2020-10737 behavior was used to allow creating home directories
+on NFS mounts when non-Kerberos authentication method is in use. This is
+exactly the case where a race condition addressed by the CVE-2020-10737
+fix could have happened. However, there are legit use cases where this
+setup is needed.
+
+Add '-f' option to mkhomedir helper to activate previous behavior. In
+order to enable it, a change to oddjobd-mkhomedir.conf configuration
+file is needed by explicitly adding '-f' option to the executable file
+definition.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2050079
+
+Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
+---
+ src/mkhomedir.c                 | 16 +++++++++++++---
+ src/oddjobd-mkhomedir.conf.5.in |  9 +++++++++
+ 2 files changed, 22 insertions(+), 3 deletions(-)
+
+diff --git a/src/mkhomedir.c b/src/mkhomedir.c
+index be85959..ac813a9 100644
+--- a/src/mkhomedir.c
++++ b/src/mkhomedir.c
+@@ -53,9 +53,11 @@ static const char *skel;
+ static const char *skel_dir;
+ static struct passwd *pwd;
+ static mode_t override_umask;
++static int owner_mkdir_first = 0;
+ 
+ #define FLAG_POPULATE	(1 << 0)
+ #define FLAG_QUIET	(1 << 1)
++#define FLAG_OWNER_MKDIR_FIRST (1 << 2)
+ 
+ /* Given the path of an item somewhere in the skeleton directory, create as
+  * identical as possible a copy in the destination tree. */
+@@ -158,7 +160,7 @@ copy_single_item(const char *source, const struct stat *sb,
+ 		 * target user just yet to avoid potential race conditions
+ 		 * involving symlink attacks when we copy over the skeleton
+ 		 * tree. */
+-		if (status->level == 0) {
++		if (status->level == 0 && !owner_mkdir_first) {
+ 			uid = 0;
+ 			gid = 0;
+ 		}
+@@ -222,6 +224,9 @@ mkhomedir(const char *user, int flags)
+ 		       pwd->pw_dir);
+ 		return HANDLER_INVALID_INVOCATION;
+ 	}
++	if (flags & FLAG_OWNER_MKDIR_FIRST) {
++		owner_mkdir_first = 1;
++	}
+ 	if ((lstat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) {
+ 		/* Figure out which location we're using as a
+ 		 * template. */
+@@ -237,7 +242,7 @@ mkhomedir(const char *user, int flags)
+ 				int res = nftw(get_skel_dir(), copy_single_item, 5,
+ 					       FTW_PHYS);
+ 				/* only now give ownership to the target user */
+-				if (res == 0) {
++				if (res == 0 && !owner_mkdir_first) {
+ 					res = chown(pwd->pw_dir, pwd->pw_uid, pwd->pw_gid);
+ 				}
+ 
+@@ -317,8 +322,11 @@ main(int argc, char **argv)
+ 	umask(override_umask);
+ 	skel_dir = "/etc/skel";
+ 
+-	while ((i = getopt(argc, argv, "nqs:u:")) != -1) {
++	while ((i = getopt(argc, argv, "nqfs:u:")) != -1) {
+ 		switch (i) {
++		case 'f':
++			flags |= FLAG_OWNER_MKDIR_FIRST;
++			break;
+ 		case 'n':
+ 			flags &= ~FLAG_POPULATE;
+ 			break;
+@@ -339,6 +347,8 @@ main(int argc, char **argv)
+ 			break;
+ 		default:
+ 			fprintf(stderr, "Valid options:\n"
++				"-f\tCreate home directory initially owned by user, "
++				"not root. See man page for security issues.\n"
+ 				"-n\tDo not populate home directories, "
+ 				"just create them.\n"
+ 				"-q\tDo not print messages when creating "
+diff --git a/src/oddjobd-mkhomedir.conf.5.in b/src/oddjobd-mkhomedir.conf.5.in
+index d7a2429..6e35ad5 100644
+--- a/src/oddjobd-mkhomedir.conf.5.in
++++ b/src/oddjobd-mkhomedir.conf.5.in
+@@ -10,6 +10,15 @@ directory.
+ 
+ The mkhomedir helper itself accepts these options:
+ .TP
++-f
++Restore behavior before CVE-2020-10737 was fixed: create the home directory
++with user's ownership directly rather than create it as a root and only after
++populating it change to the user's ownership. The former behavior is insecure
++but may be used to allow creation of NFS-mounted home directories when
++non-Kerberos authentication is in use. It is prone for a race condition that
++could be exploited in the NFS-mounted home directories use case. To avoid
++CVE-2020-10737, do not use \fB-f\fR option in production environments.
++.TP
+ -q
+ Refrain from outputting the usual "Creating home directory..." message when it
+ creates a home directory.
+-- 
+2.38.1
+
+
 From b800e25258353dbb1a88506123c21ac3298fd2d0 Mon Sep 17 00:00:00 2001
 From: Carlos Santos <casantos@redhat.com>
 Date: Tue, 18 Oct 2022 08:59:16 -0300

oddjob.spec

@@ -22,15 +22,16 @@
 
 Name: oddjob
 Version: 0.34.7
-Release: 3%{?dist}
+Release: 14%{?dist}
 Source0: https://releases.pagure.org/oddjob/oddjob-%{version}.tar.gz
 Source1: https://releases.pagure.org/oddjob/oddjob-%{version}.tar.gz.asc
-Patch0: oddjob-cve-2020-10737-reversal-option.patch
 Patch1: oddjob-override-mask-fix.patch
-
+# Fix build with libxml2-2.12.0
+# https://pagure.io/oddjob/pull-request/24
+Patch2: oddjob-libxml2.patch
 Summary: A D-Bus service which runs odd jobs on behalf of client applications
-License: BSD
-Group: System Environment/Daemons
+License: BSD-3-Clause
+BuildRequires: make
 BuildRequires:  gcc
 BuildRequires: dbus-devel >= 0.22, dbus-x11, libselinux-devel, libxml2-devel
 BuildRequires: pam-devel, pkgconfig
@@ -73,7 +74,6 @@ oddjob is a D-Bus service which performs particular tasks for clients which
 connect to it and issue requests using the system-wide message bus.
 
 %package mkhomedir
-Group: System Environment/Daemons
 Summary: An oddjob helper which creates and populates home directories
 Requires: %{name} = %{version}-%{release}
 Requires(post): %{dbus_send}, grep, sed, psmisc
@@ -84,7 +84,6 @@ pam_oddjob_mkhomedir module to create a home directory for a user
 at login-time.
 
 %package sample
-Group: System Environment/Daemons
 Summary: A sample oddjob service.
 Requires: %{name} = %{version}-%{release}
 
@@ -93,8 +92,8 @@ This package contains a trivial sample oddjob service.
 
 %prep
 %setup -q
-%patch0 -p1
 %patch1 -p1
+%patch -P2 -p1
 
 %build
 sample_flag=
@@ -254,37 +253,71 @@ fi
 exit 0
 
 %changelog
-* Fri Dec 09 2022 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.7-3
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 0.34.7-14
+- Bump release for October 2024 mass rebuild:
+  Resolves: RHEL-64018
+
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 0.34.7-13
+- Bump release for June 2024 mass rebuild
+
+* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Wed Dec 13 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 0.34.7-10
+- Fix build with libxml2-2.12.0
+
+* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Fri Dec 09 2022 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.7-7
+- Provide a switch to restore pre-CVE-2020-10737 behavior
 - Always set the home directory permissions according to HOME_MODE
-- Resolves: rhbz#2135793
 
-* Wed Aug 17 2022 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.7-2
-- Add a non-default option to revert behavior for CVE-2020-10737 fix
-- Resolved: rhbz#2050079
+* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
 
-* Mon Dec 14 18:38:43 EET 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.7-1
-- Upstream release 0.34.7
-- Force LC_ALL=C.UTF-8 in oddjobd systemd service environment
-- Resolves: rhbz#1907481 - oddjob locale issue
-- Resolves: rhbz#1907541 - rebase oddjob to 0.34.7
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
 
-* Thu Oct 08 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.5-4
-- Rebuild against RHEL 8.4.0
-  Resolves: rhbz#1886433
+* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 
-* Thu Oct 08 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.5-3
-- Support HOME_MODE from /etc/login.defs
-  Resolves: rhbz#1886433
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.34.7-3
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
 
-* Fri May 08 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.5-2
-- Add gating tests using idm:DL1 module stream and upstream tests
-  Resolves: rhbz#1682457
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 
-* Fri May 08 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.5-1
-- Upstream release 0.34.5
-- Resolves: rhbz#1833289 - Rebase oddjob to 0.34.5
-- Resolves: rhbz#1833052 - CVE-2020-10737 
-  oddjob: race condition in oddjob_selinux_mkdir function in mkhomedir.c can lead to symlink attack
+* Mon Dec 14 22:09:29 EET 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.34.7-1
+- upstream release 0.34.7
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Thu May  7 2020 Nalin Dahyabhai <nalin@redhat.com> - 0.34.6-1
+- update license on src/buffer.h
+- change /var/run -> /run in systemd service file (Orion Poplawski)
+
+* Thu May  7 2020 Nalin Dahyabhai <nalin@redhat.com> - 0.34.5-1
+- apply patch from Matthias Gerstner of the SUSE security team to fix a
+  possible race condition in the mkhomedir helper (CVE-2020-10737)
+- only process SELinux contexts if SELinux is not disabled (Alexander Bokovoy)
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.4-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.4-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.34.4-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 
 * Tue Dec  4 2018 Nalin Dahyabhai <nalin@redhat.com> - 0.34.4-7
 - Drop Python 2 build-time dependency, which hasn't been used since we turned

sources

@@ -0,0 +1,2 @@
+SHA512 (oddjob-0.34.7.tar.gz) = df98f3d2ce18de5d2db6d638995c01c80aec51f7ad979b879b2e8d8f7d6c2e464cbff3c70ed9b528399337f8fba31744f955ca17fdad1d4e9193fb0f10ea391a
+SHA512 (oddjob-0.34.7.tar.gz.asc) = b1ff3b3c73de4023f49015fa27b1be35d9c04a785aedfc3fca495af52a4820ed4d8d14b19dd36f05512d212c3f4c20e8c56940abd0de8edc5fd851ff1e054cc5

tests/.fmf/version

@@ -0,0 +1 @@
+1

tests/provision.fmf

@@ -0,0 +1,5 @@
+---
+ 
+standard-inventory-qcow2:
+  qemu:
+    m: 2G

tests/tests.yml

@@ -0,0 +1,18 @@
+---
+- hosts: localhost
+  tags: [ always ]
+  tasks:
+  - set_fact:
+      our_required_packages:
+      - wget            # upstream-testsuite-execution-and-rebuild-test needs wget command
+      - yum-utils       # upstream-testsuite-execution-and-rebuild-test needs yum-builddep command
+      - rpm-build       # upstream-testsuite-execution-and-rebuild-test needs rpmbuild command
+
+- hosts: localhost
+  tags:
+  - classic
+  roles:
+  - role: standard-test-beakerlib
+    tests:
+    - upstream-testsuite-execution-and-rebuild-test
+    required_packages: "{{ our_required_packages }}"

tests/upstream-testsuite-execution-and-rebuild-test/Makefile

@@ -0,0 +1,72 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/sudo/Sanity/upstream-testsuite-execution-and-rebuild-test
+#   Description: This test rebuild sudo source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution.
+#   Author: Ales Marecek <amarecek@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+# Based on sudo rebuild test
+
+export TEST=/CoreOS/certmonger/Sanity/upstream-testsuite-execution-and-rebuild-test
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile PURPOSE
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Rob Crittenden <rcritten@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     This test rebuild sudo source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution." >> $(METADATA)
+	@echo "Type:            Sanity" >> $(METADATA)
+	@echo "TestTime:        30m" >> $(METADATA)
+	@echo "RunFor:          sudo" >> $(METADATA)
+	@echo "Requires:        sudo" >> $(METADATA)
+	@echo "Requires:        sed" >> $(METADATA)
+	@echo "Requires:        grep" >> $(METADATA)
+	@echo "Requires:        rpm-build" >> $(METADATA)
+	@echo "Requires:        yum-utils" >> $(METADATA)
+	@echo "Requires:        make" >> $(METADATA)
+	@echo "Requires:        libcap-devel" >> $(METADATA)
+	@echo "Requires:        audit-libs-devel" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+
+	rhts-lint $(METADATA)

tests/upstream-testsuite-execution-and-rebuild-test/PURPOSE

@@ -0,0 +1,4 @@
+PURPOSE of /CoreOS/certmonger/Sanity/upstream-testsuite-execution-and-rebuild-test
+Description: This test rebuild certmonger source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution.
+Author: Rob Crittenden <rcritten@redhat.com>
+

tests/upstream-testsuite-execution-and-rebuild-test/runtest.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/sudo/Sanity/upstream-testsuite-execution-and-rebuild-test
+#   Description: This test rebuild sudo source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution.
+#   Author: Ales Marecek <amarecek@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Based on sudo rebuild test
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="oddjob"
+_SPEC_DIR="$(rpm --eval=%_specdir)"
+_BUILD_DIR="$(rpm --eval=%_builddir)"
+_LOG_REBUILD_F="${PACKAGE}-rebuild.log"
+_LOG_TESTSUITE_F="${PACKAGE}-testsuite.log"
+
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm $PACKAGE
+        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+	# Source package is needed for code inspection
+	rlFetchSrcForInstalled "${PACKAGE}" || yumdownloader --source "${PACKAGE}"
+    rlRun "find . -size 0 -delete" 0 "Remove empty src.rpm-s"
+	rlRun "yum-builddep -y --nogpgcheck ${PACKAGE}-*.src.rpm" 0 "Installing build dependencies"
+	[ -d ${_BUILD_DIR} ] && rlRun "rm -rf ${_BUILD_DIR}/*" 0 "Cleaning build directory"
+	rlRun "rpm -ivh ${PACKAGE}-*.src.rpm" 0 "Installing source rpm"
+    rlPhaseEnd
+
+    rlPhaseStartTest
+	rlRun "QA_RPATHS=0x0002 rpmbuild -ba ${_SPEC_DIR}/${PACKAGE}.spec" 0 "Test: Rebuild of source '${PACKAGE}' package"
+	rlGetPhaseState
+	if [ $? -eq 0 ]; then
+		cd ${_BUILD_DIR}/${PACKAGE}-*
+		rlRun -s "make check" 0 "Test: Upstream testsuite"
+		cd ${TmpDir}
+		while read -r I; do
+		    if [[ "$I" =~ $(echo '([^:]+): .+ tests run, .+ errors, (.*)% success rate') ]]; then
+		        [[ "${BASH_REMATCH[2]}" == "100" ]]
+		        rlAssert0 "Test: Checking tests of '${BASH_REMATCH[1]}'" $?
+		    elif [[ "$I" =~ $(echo "([^:]+): .+ tests passed; (.+)/.+ tests failed") ]]; then
+		        [[ "${BASH_REMATCH[2]}" == "0" ]]
+		        rlAssert0 "Test: Checking tests of '${BASH_REMATCH[1]}'" $?
+		    fi
+		done < $rlRun_LOG
+		rm -f $rlRun_LOG
+	else
+		rlFail "Skipping testsuite part because rebuild part failed."
+	fi
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd