import CS ostree-2024.7-3.el9_5

2024-11-12 08:42:52 +00:00 · 2024-11-12 08:42:52 +00:00 · 45a603aa41
commit 45a603aa41
parent eb52744b37
5 changed files with 95 additions and 19 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/libostree-2024.6.tar.xz
+SOURCES/libostree-2024.7.tar.xz
--- a/.ostree.metadata
+++ b/.ostree.metadata
@ -1 +1 @@
-8a6d47e77553bab2e9853649182aef0fcdc7550c SOURCES/libostree-2024.6.tar.xz
+7d1cb267442682402152ed4bb5379853e666f06b SOURCES/libostree-2024.7.tar.xz
--- a/SOURCES/0001-repo-NUL-terminate-readlinkat-result.patch
+++ b/SOURCES/0001-repo-NUL-terminate-readlinkat-result.patch
@ -0,0 +1,52 @@
 From 6756841a7d04c3cc651a1ce7de35c55c754578d3 Mon Sep 17 00:00:00 2001
 From: Colin Walters <walters@verbum.org>
 Date: Mon, 29 Jul 2024 15:17:10 -0400
 Subject: [PATCH 1/1] repo: NUL terminate readlinkat result
 Coverity was correctly complaining about this.
 Signed-off-by: Colin Walters <walters@verbum.org>
 ---
 src/libostree/ostree-repo-commit.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)
 diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
 index 4d12d5ec..db83ebf2 100644
 --- a/src/libostree/ostree-repo-commit.c
 +++ b/src/libostree/ostree-repo-commit.c
@@ -794,7 +794,7 @@ _try_clone_from_payload_link (OstreeRepo *self, OstreeRepo *dest_repo, const cha
       glnx_autofd int fdf = -1;
       char loose_path_buf[_OSTREE_LOOSE_PATH_MAX];
       char loose_path_target_buf[_OSTREE_LOOSE_PATH_MAX];
 -      char target_buf[_OSTREE_LOOSE_PATH_MAX + _OSTREE_PAYLOAD_LINK_PREFIX_LEN];
 +      char target_buf[_OSTREE_LOOSE_PATH_MAX + _OSTREE_PAYLOAD_LINK_PREFIX_LEN + 1];
       char target_checksum[OSTREE_SHA256_STRING_LEN + 1];
       int dfd = dfd_searches[i];
       ssize_t size;
@@ -804,16 +804,21 @@ _try_clone_from_payload_link (OstreeRepo *self, OstreeRepo *dest_repo, const cha
       _ostree_loose_path (loose_path_buf, payload_checksum, OSTREE_OBJECT_TYPE_PAYLOAD_LINK,
                           self->mode);
 -      size = TEMP_FAILURE_RETRY (readlinkat (dfd, loose_path_buf, target_buf, sizeof (target_buf)));
 +      size = TEMP_FAILURE_RETRY (
 +          readlinkat (dfd, loose_path_buf, target_buf, sizeof (target_buf) - 1));
       if (size < 0)
         {
           if (errno == ENOENT)
             continue;
           return glnx_throw_errno_prefix (error, "readlinkat");
         }
 +      target_buf[size] = '\0';
 +      const size_t expected_len = OSTREE_SHA256_STRING_LEN + _OSTREE_PAYLOAD_LINK_PREFIX_LEN;
       if (size < OSTREE_SHA256_STRING_LEN + _OSTREE_PAYLOAD_LINK_PREFIX_LEN)
 -        return glnx_throw (error, "invalid data size for %s", loose_path_buf);
 +        return glnx_throw (error, "invalid data size for %s; expected=%llu found=%llu",
 +                           loose_path_buf, (unsigned long long)expected_len,
 +                           (unsigned long long)size);
       snprintf (target_checksum, size, "%.2s%.62s", target_buf + _OSTREE_PAYLOAD_LINK_PREFIX_LEN,
                 target_buf + _OSTREE_PAYLOAD_LINK_PREFIX_LEN + 3);
 -- 
 2.45.2
--- a/SOURCES/ostree-readonly-sysroot-migration
+++ b/SOURCES/ostree-readonly-sysroot-migration
@ -1,26 +1,27 @@
 #!/bin/bash
 # Update an existing system to use a read only sysroot
 # and https://bugzilla.redhat.com/show_bug.cgi?id=2060976
- 
+
 set -euo pipefail
- 
+
 main() {
    # Used to condition execution of this unit at the systemd level
    local -r stamp_file="/var/lib/.ostree-readonly-sysroot"
- 
+
    if [[ -f "${stamp_file}" ]]; then
        exit 0
    fi
- 
+
    local -r ostree_sysroot_readonly="$(ostree config --repo=/sysroot/ostree/repo get "sysroot.readonly" &> /dev/null || echo "false")"
    if [[ "${ostree_sysroot_readonly}" == "true" ]]; then
        # Nothing to do
        touch "${stamp_file}"
        exit 0
    fi
- 
+
    local -r boot_entries="$(ls -A /boot/loader/entries/ | wc -l)"
- 
+
    # Ensure that we can read BLS entries to avoid touching systems where /boot
    # is not mounted
    if [[ "${boot_entries}" -eq 0 ]]; then
@ -29,7 +30,7 @@ main() {
        touch "${stamp_file}"
        exit 0
    fi
- 
+
    # Check if any existing deployment is still missing the rw karg
    local rw_kargs_found=0
    local count=0
@ -39,13 +40,19 @@ main() {
            rw_kargs_found=$((rw_kargs_found + 1))
        fi
    done
- 
+
    # Some deployments are still missing the rw karg. Let's try to update them
    if [[ "${boot_entries}" -ne "${rw_kargs_found}" ]]; then
        # work around https://github.com/ostreedev/ostree/issues/2734#issuecomment-2353739450
        stateroot=$(ls /ostree/deploy | head -n1)
        if ls /boot/loader/entries/ostree-*-$stateroot.conf &>/dev/null; then
            echo "Enabling bootloader naming workaround" 1>&2
            export OSTREE_SYSROOT_OPTS=bootloader-naming-1
        fi
        ostree admin kargs edit-in-place --append-if-missing=rw || \
            echo "Failed to edit kargs in place with ostree" 1>&2
    fi
- 
+
    # Re-check if any existing deployment is still missing the rw karg
    rw_kargs_found=0
    count=0
@ -56,7 +63,7 @@ main() {
        fi
    done
    unset count
- 
+
    # If all deployments are good, then we can set the sysroot.readonly option
    # in the ostree repo config
    if [[ "${boot_entries}" -eq "${rw_kargs_found}" ]]; then
@ -65,10 +72,10 @@ main() {
        touch "${stamp_file}"
        exit 0
    fi
- 
+
    # If anything else before failed, we will retry on next boot
    echo "Will retry next boot" 1>&2
    exit 0
 }
- 
+
 main "${@}"
--- a/SPECS/ostree.spec
+++ b/SPECS/ostree.spec
@ -7,12 +7,14 @@
 Summary: Tool for managing bootable, immutable filesystem trees
 Name: ostree
-Version: 2024.6
+Version: 2024.7
-Release: 1%{?dist}
+Release: 3%{?dist}
 Source0: https://github.com/ostreedev/%{name}/releases/download/v%{version}/libostree-%{version}.tar.xz
 Source1: ostree-readonly-sysroot-migration
 Source2: ostree-readonly-sysroot-migration.service
 Patch0: 0001-repo-NUL-terminate-readlinkat-result.patch
 License: LGPLv2+
 URL: https://ostree.readthedocs.io/en/latest/
@ -179,9 +181,24 @@ find %{buildroot} -name '*.la' -delete
 %endif
 %changelog
-* Fri May 17 2024 Joseph Marrero <jmarrero@redhat.com> - 2024.6-1
+* Thu Sep 12 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.7-3
 - Rebuild to pickup changes to ostree-readonly-sysroot-migration
  Resolves: #RHEL-58437
 * Wed Aug 14 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.7-2
 - Backport https://github.com/ostreedev/ostree/pull/3281
  Resolves: #RHEL-50680
 * Fri Jul 26 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.7-1
 - https://github.com/ostreedev/ostree/releases/tag/v2024.7
  Resolves: #RHEL-50680
 * Fri May 17 2024 Joseph Marrero <jmarrero@fedoraproject.org> - 2024.6-1
 - https://github.com/ostreedev/ostree/releases/tag/v2024.6
-  Resolves: #RHEL-36770
+  Resolves: #RHEL-35886
 * Thu Mar 14 2024 Colin Walters <walters@verbum.org> - 2024.5-2
 - https://github.com/ostreedev/ostree/releases/tag/v2024.5
 * Wed Feb 28 2024 Colin Walters <walters@verbum.org> - 2024.4-3
 - Backport
@ -783,7 +800,7 @@ find %{buildroot} -name '*.la' -delete
 - Move trusted.gpg.d to main runtime package, where it should be
 * Fri Mar 07 2014 Colin Walters <walters@verbum.org> - 2014.2-2
- Depend on gpgv2 
+- Depend on gpgv2
 - Resolves: #1073813
 * Sat Mar 01 2014 Colin Walters <walters@verbum.org> - 2014.2-1
`@ -1 +1 @@`
	`SOURCES/libostree-2024.6.tar.xz`	`SOURCES/libostree-2024.7.tar.xz`
`@ -1 +1 @@`
	`8a6d47e77553bab2e9853649182aef0fcdc7550c SOURCES/libostree-2024.6.tar.xz`	`7d1cb267442682402152ed4bb5379853e666f06b SOURCES/libostree-2024.7.tar.xz`