diff --git a/pacemaker.spec b/pacemaker.spec index 7b56863..256e4c7 100644 --- a/pacemaker.spec +++ b/pacemaker.spec @@ -13,20 +13,51 @@ ## Upstream pacemaker version, and its package version (specversion ## can be incremented to build packages reliably considered "newer" ## than previously built packages with the same pcmkversion) -%global pcmkversion 2.0.4 -%global specversion 1 +%global pcmkversion 2.0.5 +%global specversion 2 ## Upstream commit (or git tag, such as "Pacemaker-" plus the ## {pcmkversion} macro for an official release) to use for this package -%global commit Pacemaker-2.0.4 +%global commit Pacemaker-2.0.5-rc2 ## Since git v2.11, the extent of abbreviation is autoscaled by default ## (used to be constant of 7), so we need to convey it for non-tags, too. %global commit_abbrev 9 +# Define conditionals so that "rpmbuild --with " and +# "rpmbuild --without " can enable and disable specific features + +## NOTE: skip --with stonithd + +## Add option to enable support for storing sensitive information outside CIB +%bcond_with cibsecrets + +## Add option to create binaries suitable for use with profiling tools +%bcond_with profiling + +## Add option to create binaries with coverage analysis +%bcond_with coverage + +## Add option to skip generating documentation +## (the build tools aren't available everywhere) +%bcond_with doc + +## Add option to prefix package version with "0." +## (so later "official" packages will be considered updates) +%bcond_without pre_release + +## NOTE: skip --with upstart_job + +## Add option to turn off hardening of libraries and daemon executables +%bcond_without hardening + +## Add option to disable links for legacy daemon names +%bcond_without legacy_links + + ## Nagios source control identifiers %global nagios_name nagios-agents-metadata %global nagios_hash 105ab8a7b2c16b9a29cf1c1596b80136eeef332b - +%global nagios_archive_github_url %{nagios_hash}#/%{nagios_name}-%{nagios_hash}.tar.gz # Define globals for convenient use later @@ -34,18 +65,26 @@ %global lparen ( %global rparen ) -## Short version of git commit -%define shortcommit %(c=%{commit}; case ${c} in - Pacemaker-*%{rparen} echo ${c:10};; - *%{rparen} echo ${c:0:%{commit_abbrev}};; esac) +## Whether this is a tagged release (final or release candidate) +%define tag_release %(c=%{commit}; case ${c} in Pacemaker-*%{rparen} echo 1 ;; + *%{rparen} echo 0 ;; esac) -## Whether this is a tagged release -%define tag_release %([ %{commit} != Pacemaker-%{shortcommit} ]; echo $?) - -## Whether this is a release candidate (in case of a tagged release) -%define pre_release %([ "%{tag_release}" -eq 0 ] || { - case "%{shortcommit}" in *-rc[[:digit:]]*%{rparen} false;; - esac; }; echo $?) +## Portion of export/dist tarball name after "pacemaker-", and release version +%if 0%{tag_release} +%define archive_version %{commit} +%define archive_github_url %{commit}#/%{name}-%{archive_version}.tar.gz +%define pcmk_release %(c=%{commit}; case $c in *-rc[[:digit:]]*%{rparen} + echo 0.%{specversion}.${c: -3} ;; + *%{rparen} echo %{specversion} ;; esac) +%else +%define archive_version %(c=%{commit}; echo ${c:0:%{commit_abbrev}}) +%define archive_github_url %{archive_version}#/%{name}-%{archive_version}.tar.gz +%if %{with pre_release} +%define pcmk_release 0.%{specversion}.%{archive_version}.git +%else +%define pcmk_release %{specversion}.%{archive_version}.git +%endif +%endif ## Heuristic used to infer bleeding-edge deployments that are ## less likely to have working versions of the documentation tools @@ -71,40 +110,12 @@ %endif ## Values that differ by Python major version -%global python_path /usr/bin/python%{?python3_pkgversion}%{!?python3_pkgversion:3} -%global python_pkg python3 +%global python_name python3 +%global python_path %{?__python3}%{!?__python3:/usr/bin/python%{?python3_pkgversion}%{!?python3_pkgversion:3}} +%define python_site %{?python3_sitelib}%{!?python3_sitelib:%( + %{python_path} -c 'from distutils.sysconfig import get_python_lib as gpl; print(gpl(1))' 2>/dev/null)} %global python_min 3.2 -%define py_site %{?python3_sitelib}%{!?python3_sitelib:%( - python3 -c 'from distutils.sysconfig import get_python_lib as gpl; print(gpl(1))' 2>/dev/null)} - - -# Define conditionals so that "rpmbuild --with " and -# "rpmbuild --without " can enable and disable specific features - -## NOTE: skip --with stonith - -## Add option to create binaries suitable for use with profiling tools -%bcond_with profiling - -## Add option to create binaries with coverage analysis -%bcond_with coverage - -## Add option to skip generating documentation -## (the build tools aren't available everywhere) -%bcond_without doc - -## Add option to prefix package version with "0." -## (so later "official" packages will be considered updates) -%bcond_with pre_release - -## NOTE: skip --with upstart_job - -## Add option to turn off hardening of libraries and daemon executables -%bcond_without hardening - -## Add option to disable links for legacy daemon names -%bcond_without legacy_links - +# python_min still required? # Keep sane profiling data if requested %if %{with profiling} @@ -115,33 +126,16 @@ %endif -# Define the release version -# (do not look at externally enforced pre-release flag for tagged releases -# as only -rc tags, captured with the second condition, implies that then) -%if (!%{tag_release} && %{with pre_release}) || 0%{pre_release} -%if 0%{pre_release} -%define pcmk_release 0.%{specversion}.%(s=%{shortcommit}; echo ${s: -3}) -%else -%define pcmk_release 0.%{specversion}.%{shortcommit}.git -%endif -%else -%if 0%{tag_release} -%define pcmk_release %{specversion} -%else -%define pcmk_release %{specversion}.%{shortcommit}.git -%endif -%endif - Name: pacemaker Summary: Scalable High-Availability cluster resource manager Version: %{pcmkversion} -Release: %{pcmk_release}%{?dist}.1 +Release: %{pcmk_release}%{?dist} License: GPLv2+ and LGPLv2+ -Url: http://www.clusterlabs.org +Url: https://www.clusterlabs.org # Hint: use "spectool -s 0 pacemaker.spec" (rpmdevtools) to check the final URL -Source0: https://github.com/%{github_owner}/%{name}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz -Source1: https://github.com/%{github_owner}/%{nagios_name}/archive/%{nagios_hash}/%{nagios_name}-%{nagios_hash}.tar.gz +Source0: https://codeload.github.com/%{github_owner}/%{name}/tar.gz/%{archive_github_url} +Source1: https://codeload.github.com/%{github_owner}/%{nagios_name}/tar.gz/%{nagios_archive_github_url} # --- Requires: resource-agents @@ -151,8 +145,8 @@ Requires: %{name}-cli = %{version}-%{release} %{?systemd_requires} # Pacemaker requires a minimum Python functionality -Requires: %{python_pkg} >= %{python_min} -BuildRequires: %{python_pkg}-devel >= %{python_min} +Requires: %{python_name} >= %{python_min} +BuildRequires: %{python_name}-devel >= %{python_min} # Pacemaker requires a minimum libqb functionality Requires: libqb >= 0.13.0 @@ -174,7 +168,7 @@ BuildRequires: help2man gnutls-devel pam-devel pkgconfig(dbus-1) BuildRequires: pkgconfig(systemd) Requires: corosync >= 2.0.0 -BuildRequires: corosynclib-devel >= 2.0.0 +BuildRequires: corosync-devel >= 2.0.0 #XXX #BuildRequires: pkgconfig(libcpg) #BuildRequires: pkgconfig(libcfg) @@ -207,15 +201,16 @@ when related resources fail and can be configured to periodically check resource health. Available rpmbuild rebuild options: - --with(out) : coverage doc hardening pre_release profiling + --with(out) : cibsecrets coverage doc hardening pre_release profiling %package cli License: GPLv2+ and LGPLv2+ Summary: Command line tools for controlling Pacemaker clusters Requires: %{name}-libs%{?_isa} = %{version}-%{release} -%if 0%{?fedora} > 22 || 0%{?rhel} > 7 Recommends: pcmk-cluster-manager = %{version}-%{release} -%endif +# For crm_report +Recommends: tar +Recommends: bzip2 Requires: perl-TimeDate Requires: procps-ng Requires: psmisc @@ -284,7 +279,7 @@ Requires: libtool-ltdl-devel%{?_isa} libuuid-devel%{?_isa} Requires: libxml2-devel%{?_isa} libxslt-devel%{?_isa} Requires: bzip2-devel%{?_isa} glib2-devel%{?_isa} Requires: libqb-devel%{?_isa} -Requires: corosynclib-devel%{?_isa} >= 2.0.0 +Requires: corosync-devel%{?_isa} >= 2.0.0 %description libs-devel Pacemaker is an advanced, scalable High-Availability cluster resource @@ -296,19 +291,20 @@ for developing tools for Pacemaker. %package cts License: GPLv2+ and LGPLv2+ Summary: Test framework for cluster-related technologies like Pacemaker -Requires: %{python_pkg} >= %{python_min} +Requires: %{python_path} +Requires: %{python_name} >= %{python_min} Requires: %{name}-libs = %{version}-%{release} Requires: procps-ng Requires: psmisc BuildArch: noarch -Requires: %{python_pkg}-systemd +Requires: %{python_name}-systemd %description cts Test framework for cluster-related technologies like Pacemaker %package doc -License: CC-BY-SA +License: CC-BY-SA-4.0 Summary: Documentation for Pacemaker BuildArch: noarch @@ -334,11 +330,11 @@ License: GPLv3 Summary: Pacemaker Nagios Metadata BuildArch: noarch # NOTE below are the plugins this metadata uses. -Requires: nagios-plugins-http -Requires: nagios-plugins-ldap -Requires: nagios-plugins-mysql -Requires: nagios-plugins-pgsql -Requires: nagios-plugins-tcp +# Requires: nagios-plugins-http +# Requires: nagios-plugins-ldap +# Requires: nagios-plugins-mysql +# Requires: nagios-plugins-pgsql +# Requires: nagios-plugins-tcp Requires: pcmk-cluster-manager %description nagios-plugins-metadata @@ -346,16 +342,10 @@ The metadata files required for Pacemaker to execute the nagios plugin monitor resources. %prep -%setup -q -a 1 -n %{name}-%{commit} -#global __scm git_am -#__scm_setup_git -#autopatch -p1 +%setup -q -a 1 -n %{name}-%{archive_version} %build -# Early versions of autotools (e.g. RHEL <= 5) do not support --docdir -export docdir=%{pcmk_docdir} - export systemdsystemunitdir=%{?_unitdir}%{!?_unitdir:no} %if %{with hardening} @@ -381,6 +371,7 @@ export CPPFLAGS="-UPCMK_TIME_EMERGENCY_CGT $CPPFLAGS" %{!?with_legacy_links: --disable-legacy-links} \ %{?with_profiling: --with-profiling} \ %{?with_coverage: --with-coverage} \ + %{?with_cibsecrets: --with-cibsecrets} \ %{!?with_doc: --with-brand=} \ %{?gnutls_priorities: --with-gnutls-priorities="%{gnutls_priorities}"} \ --disable-static \ @@ -396,6 +387,7 @@ export CPPFLAGS="-UPCMK_TIME_EMERGENCY_CGT $CPPFLAGS" make %{_smp_mflags} V=1 %check +make %{_smp_mflags} check { cts/cts-scheduler --run load-stopped-loop \ && cts/cts-cli \ && touch .CHECKED @@ -448,7 +440,7 @@ rm -f %{buildroot}/%{_initrddir}/pacemaker_remote %if %{defined py_byte_compile} && %{defined python_path} %{py_byte_compile %{python_path} %{buildroot}%{_datadir}/pacemaker/tests} %if !%{defined _python_bytecompile_extra} -%{py_byte_compile %{python_path} %{buildroot}%{py_site}/cts} +%{py_byte_compile %{python_path} %{buildroot}%{python_site}/cts} %endif %endif @@ -582,6 +574,9 @@ exit 0 %{_sbindir}/attrd_updater %{_sbindir}/cibadmin +%if %{with cibsecrets} +%{_sbindir}/cibsecret +%endif %{_sbindir}/crm_diff %{_sbindir}/crm_error %{_sbindir}/crm_failcount @@ -677,7 +672,7 @@ exit 0 %license licenses/CC-BY-SA-4.0 %files cts -%{py_site}/cts +%{python_site}/cts %{_datadir}/pacemaker/tests %{_libexecdir}/pacemaker/cts-log-watcher @@ -713,6 +708,22 @@ exit 0 %license %{nagios_name}-%{nagios_hash}/COPYING %changelog +* Wed Oct 28 2020 Klaus Wenninger - 2.0.5-0.2.rc2 +- Update for new upstream tarball for release candidate: Pacemaker-2.0.5-rc2, + includes fix for CVE-2020-25654 + for full details, see included ChangeLog file or + https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.0.5-rc2 + +* Thu Oct 22 2020 Klaus Wenninger - 2.0.5-0.1.rc1 +- Update for new upstream tarball for release candidate: Pacemaker-2.0.5-rc1, + for full details, see included ChangeLog file or + https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.0.5-rc1 +- Disable building of documentation - as not to pull in publican +- Remove dependencies to nagios-plugins from metadata-package +- some sync with structure of upstream spec-file +- removed some legacy conditionals +- added with-cibsecrets + * Tue Jul 28 2020 Fedora Release Engineering - 2.0.4-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild diff --git a/sources b/sources index f0f399b..19d2b5b 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ SHA512 (nagios-agents-metadata-105ab8a7b2c16b9a29cf1c1596b80136eeef332b.tar.gz) = 11ddeb48a4929e7642b6dfa9c7962aa1d7a1af1c569830f55ed6cd6773abac13377317327bc1db8411c8077884f83f81cc54d746c834b63a99fa6dc219b5caad -SHA512 (pacemaker-2.0.4.tar.gz) = fbff3b5ab05ad52d469304d5bc7fca518df2f491a1176a24735cd1a9b46f7ff90dc5aeae65e5e29feb86e8a210e69e528261138847d6f8773933fb557e71133d +SHA512 (pacemaker-Pacemaker-2.0.5-rc2.tar.gz) = 67fe1ca539f4a690c8b9860c9b82679d77a77294ee9278c384b68099f788ba4db4d2c35bf34d1340daa6d3bac7aae550ef06527046da601a7bde30b78ee110a7