From 30295f503fc31d64736bc220fce96a7e971080b5 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Fri, 30 Oct 2020 02:58:47 +0100 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/pacemaker.git#739244b77b91a37a1c52828cfbac4d6930f95cd9 --- pacemaker.spec | 197 ++++++++++++++++++++++++++----------------------- sources | 2 +- 2 files changed, 105 insertions(+), 94 deletions(-) diff --git a/pacemaker.spec b/pacemaker.spec index 7b56863..256e4c7 100644 --- a/pacemaker.spec +++ b/pacemaker.spec @@ -13,20 +13,51 @@ ## Upstream pacemaker version, and its package version (specversion ## can be incremented to build packages reliably considered "newer" ## than previously built packages with the same pcmkversion) -%global pcmkversion 2.0.4 -%global specversion 1 +%global pcmkversion 2.0.5 +%global specversion 2 ## Upstream commit (or git tag, such as "Pacemaker-" plus the ## {pcmkversion} macro for an official release) to use for this package -%global commit Pacemaker-2.0.4 +%global commit Pacemaker-2.0.5-rc2 ## Since git v2.11, the extent of abbreviation is autoscaled by default ## (used to be constant of 7), so we need to convey it for non-tags, too. %global commit_abbrev 9 +# Define conditionals so that "rpmbuild --with " and +# "rpmbuild --without " can enable and disable specific features + +## NOTE: skip --with stonithd + +## Add option to enable support for storing sensitive information outside CIB +%bcond_with cibsecrets + +## Add option to create binaries suitable for use with profiling tools +%bcond_with profiling + +## Add option to create binaries with coverage analysis +%bcond_with coverage + +## Add option to skip generating documentation +## (the build tools aren't available everywhere) +%bcond_with doc + +## Add option to prefix package version with "0." +## (so later "official" packages will be considered updates) +%bcond_without pre_release + +## NOTE: skip --with upstart_job + +## Add option to turn off hardening of libraries and daemon executables +%bcond_without hardening + +## Add option to disable links for legacy daemon names +%bcond_without legacy_links + + ## Nagios source control identifiers %global nagios_name nagios-agents-metadata %global nagios_hash 105ab8a7b2c16b9a29cf1c1596b80136eeef332b - +%global nagios_archive_github_url %{nagios_hash}#/%{nagios_name}-%{nagios_hash}.tar.gz # Define globals for convenient use later @@ -34,18 +65,26 @@ %global lparen ( %global rparen ) -## Short version of git commit -%define shortcommit %(c=%{commit}; case ${c} in - Pacemaker-*%{rparen} echo ${c:10};; - *%{rparen} echo ${c:0:%{commit_abbrev}};; esac) +## Whether this is a tagged release (final or release candidate) +%define tag_release %(c=%{commit}; case ${c} in Pacemaker-*%{rparen} echo 1 ;; + *%{rparen} echo 0 ;; esac) -## Whether this is a tagged release -%define tag_release %([ %{commit} != Pacemaker-%{shortcommit} ]; echo $?) - -## Whether this is a release candidate (in case of a tagged release) -%define pre_release %([ "%{tag_release}" -eq 0 ] || { - case "%{shortcommit}" in *-rc[[:digit:]]*%{rparen} false;; - esac; }; echo $?) +## Portion of export/dist tarball name after "pacemaker-", and release version +%if 0%{tag_release} +%define archive_version %{commit} +%define archive_github_url %{commit}#/%{name}-%{archive_version}.tar.gz +%define pcmk_release %(c=%{commit}; case $c in *-rc[[:digit:]]*%{rparen} + echo 0.%{specversion}.${c: -3} ;; + *%{rparen} echo %{specversion} ;; esac) +%else +%define archive_version %(c=%{commit}; echo ${c:0:%{commit_abbrev}}) +%define archive_github_url %{archive_version}#/%{name}-%{archive_version}.tar.gz +%if %{with pre_release} +%define pcmk_release 0.%{specversion}.%{archive_version}.git +%else +%define pcmk_release %{specversion}.%{archive_version}.git +%endif +%endif ## Heuristic used to infer bleeding-edge deployments that are ## less likely to have working versions of the documentation tools @@ -71,40 +110,12 @@ %endif ## Values that differ by Python major version -%global python_path /usr/bin/python%{?python3_pkgversion}%{!?python3_pkgversion:3} -%global python_pkg python3 +%global python_name python3 +%global python_path %{?__python3}%{!?__python3:/usr/bin/python%{?python3_pkgversion}%{!?python3_pkgversion:3}} +%define python_site %{?python3_sitelib}%{!?python3_sitelib:%( + %{python_path} -c 'from distutils.sysconfig import get_python_lib as gpl; print(gpl(1))' 2>/dev/null)} %global python_min 3.2 -%define py_site %{?python3_sitelib}%{!?python3_sitelib:%( - python3 -c 'from distutils.sysconfig import get_python_lib as gpl; print(gpl(1))' 2>/dev/null)} - - -# Define conditionals so that "rpmbuild --with " and -# "rpmbuild --without " can enable and disable specific features - -## NOTE: skip --with stonith - -## Add option to create binaries suitable for use with profiling tools -%bcond_with profiling - -## Add option to create binaries with coverage analysis -%bcond_with coverage - -## Add option to skip generating documentation -## (the build tools aren't available everywhere) -%bcond_without doc - -## Add option to prefix package version with "0." -## (so later "official" packages will be considered updates) -%bcond_with pre_release - -## NOTE: skip --with upstart_job - -## Add option to turn off hardening of libraries and daemon executables -%bcond_without hardening - -## Add option to disable links for legacy daemon names -%bcond_without legacy_links - +# python_min still required? # Keep sane profiling data if requested %if %{with profiling} @@ -115,33 +126,16 @@ %endif -# Define the release version -# (do not look at externally enforced pre-release flag for tagged releases -# as only -rc tags, captured with the second condition, implies that then) -%if (!%{tag_release} && %{with pre_release}) || 0%{pre_release} -%if 0%{pre_release} -%define pcmk_release 0.%{specversion}.%(s=%{shortcommit}; echo ${s: -3}) -%else -%define pcmk_release 0.%{specversion}.%{shortcommit}.git -%endif -%else -%if 0%{tag_release} -%define pcmk_release %{specversion} -%else -%define pcmk_release %{specversion}.%{shortcommit}.git -%endif -%endif - Name: pacemaker Summary: Scalable High-Availability cluster resource manager Version: %{pcmkversion} -Release: %{pcmk_release}%{?dist}.1 +Release: %{pcmk_release}%{?dist} License: GPLv2+ and LGPLv2+ -Url: http://www.clusterlabs.org +Url: https://www.clusterlabs.org # Hint: use "spectool -s 0 pacemaker.spec" (rpmdevtools) to check the final URL -Source0: https://github.com/%{github_owner}/%{name}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz -Source1: https://github.com/%{github_owner}/%{nagios_name}/archive/%{nagios_hash}/%{nagios_name}-%{nagios_hash}.tar.gz +Source0: https://codeload.github.com/%{github_owner}/%{name}/tar.gz/%{archive_github_url} +Source1: https://codeload.github.com/%{github_owner}/%{nagios_name}/tar.gz/%{nagios_archive_github_url} # --- Requires: resource-agents @@ -151,8 +145,8 @@ Requires: %{name}-cli = %{version}-%{release} %{?systemd_requires} # Pacemaker requires a minimum Python functionality -Requires: %{python_pkg} >= %{python_min} -BuildRequires: %{python_pkg}-devel >= %{python_min} +Requires: %{python_name} >= %{python_min} +BuildRequires: %{python_name}-devel >= %{python_min} # Pacemaker requires a minimum libqb functionality Requires: libqb >= 0.13.0 @@ -174,7 +168,7 @@ BuildRequires: help2man gnutls-devel pam-devel pkgconfig(dbus-1) BuildRequires: pkgconfig(systemd) Requires: corosync >= 2.0.0 -BuildRequires: corosynclib-devel >= 2.0.0 +BuildRequires: corosync-devel >= 2.0.0 #XXX #BuildRequires: pkgconfig(libcpg) #BuildRequires: pkgconfig(libcfg) @@ -207,15 +201,16 @@ when related resources fail and can be configured to periodically check resource health. Available rpmbuild rebuild options: - --with(out) : coverage doc hardening pre_release profiling + --with(out) : cibsecrets coverage doc hardening pre_release profiling %package cli License: GPLv2+ and LGPLv2+ Summary: Command line tools for controlling Pacemaker clusters Requires: %{name}-libs%{?_isa} = %{version}-%{release} -%if 0%{?fedora} > 22 || 0%{?rhel} > 7 Recommends: pcmk-cluster-manager = %{version}-%{release} -%endif +# For crm_report +Recommends: tar +Recommends: bzip2 Requires: perl-TimeDate Requires: procps-ng Requires: psmisc @@ -284,7 +279,7 @@ Requires: libtool-ltdl-devel%{?_isa} libuuid-devel%{?_isa} Requires: libxml2-devel%{?_isa} libxslt-devel%{?_isa} Requires: bzip2-devel%{?_isa} glib2-devel%{?_isa} Requires: libqb-devel%{?_isa} -Requires: corosynclib-devel%{?_isa} >= 2.0.0 +Requires: corosync-devel%{?_isa} >= 2.0.0 %description libs-devel Pacemaker is an advanced, scalable High-Availability cluster resource @@ -296,19 +291,20 @@ for developing tools for Pacemaker. %package cts License: GPLv2+ and LGPLv2+ Summary: Test framework for cluster-related technologies like Pacemaker -Requires: %{python_pkg} >= %{python_min} +Requires: %{python_path} +Requires: %{python_name} >= %{python_min} Requires: %{name}-libs = %{version}-%{release} Requires: procps-ng Requires: psmisc BuildArch: noarch -Requires: %{python_pkg}-systemd +Requires: %{python_name}-systemd %description cts Test framework for cluster-related technologies like Pacemaker %package doc -License: CC-BY-SA +License: CC-BY-SA-4.0 Summary: Documentation for Pacemaker BuildArch: noarch @@ -334,11 +330,11 @@ License: GPLv3 Summary: Pacemaker Nagios Metadata BuildArch: noarch # NOTE below are the plugins this metadata uses. -Requires: nagios-plugins-http -Requires: nagios-plugins-ldap -Requires: nagios-plugins-mysql -Requires: nagios-plugins-pgsql -Requires: nagios-plugins-tcp +# Requires: nagios-plugins-http +# Requires: nagios-plugins-ldap +# Requires: nagios-plugins-mysql +# Requires: nagios-plugins-pgsql +# Requires: nagios-plugins-tcp Requires: pcmk-cluster-manager %description nagios-plugins-metadata @@ -346,16 +342,10 @@ The metadata files required for Pacemaker to execute the nagios plugin monitor resources. %prep -%setup -q -a 1 -n %{name}-%{commit} -#global __scm git_am -#__scm_setup_git -#autopatch -p1 +%setup -q -a 1 -n %{name}-%{archive_version} %build -# Early versions of autotools (e.g. RHEL <= 5) do not support --docdir -export docdir=%{pcmk_docdir} - export systemdsystemunitdir=%{?_unitdir}%{!?_unitdir:no} %if %{with hardening} @@ -381,6 +371,7 @@ export CPPFLAGS="-UPCMK_TIME_EMERGENCY_CGT $CPPFLAGS" %{!?with_legacy_links: --disable-legacy-links} \ %{?with_profiling: --with-profiling} \ %{?with_coverage: --with-coverage} \ + %{?with_cibsecrets: --with-cibsecrets} \ %{!?with_doc: --with-brand=} \ %{?gnutls_priorities: --with-gnutls-priorities="%{gnutls_priorities}"} \ --disable-static \ @@ -396,6 +387,7 @@ export CPPFLAGS="-UPCMK_TIME_EMERGENCY_CGT $CPPFLAGS" make %{_smp_mflags} V=1 %check +make %{_smp_mflags} check { cts/cts-scheduler --run load-stopped-loop \ && cts/cts-cli \ && touch .CHECKED @@ -448,7 +440,7 @@ rm -f %{buildroot}/%{_initrddir}/pacemaker_remote %if %{defined py_byte_compile} && %{defined python_path} %{py_byte_compile %{python_path} %{buildroot}%{_datadir}/pacemaker/tests} %if !%{defined _python_bytecompile_extra} -%{py_byte_compile %{python_path} %{buildroot}%{py_site}/cts} +%{py_byte_compile %{python_path} %{buildroot}%{python_site}/cts} %endif %endif @@ -582,6 +574,9 @@ exit 0 %{_sbindir}/attrd_updater %{_sbindir}/cibadmin +%if %{with cibsecrets} +%{_sbindir}/cibsecret +%endif %{_sbindir}/crm_diff %{_sbindir}/crm_error %{_sbindir}/crm_failcount @@ -677,7 +672,7 @@ exit 0 %license licenses/CC-BY-SA-4.0 %files cts -%{py_site}/cts +%{python_site}/cts %{_datadir}/pacemaker/tests %{_libexecdir}/pacemaker/cts-log-watcher @@ -713,6 +708,22 @@ exit 0 %license %{nagios_name}-%{nagios_hash}/COPYING %changelog +* Wed Oct 28 2020 Klaus Wenninger - 2.0.5-0.2.rc2 +- Update for new upstream tarball for release candidate: Pacemaker-2.0.5-rc2, + includes fix for CVE-2020-25654 + for full details, see included ChangeLog file or + https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.0.5-rc2 + +* Thu Oct 22 2020 Klaus Wenninger - 2.0.5-0.1.rc1 +- Update for new upstream tarball for release candidate: Pacemaker-2.0.5-rc1, + for full details, see included ChangeLog file or + https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.0.5-rc1 +- Disable building of documentation - as not to pull in publican +- Remove dependencies to nagios-plugins from metadata-package +- some sync with structure of upstream spec-file +- removed some legacy conditionals +- added with-cibsecrets + * Tue Jul 28 2020 Fedora Release Engineering - 2.0.4-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild diff --git a/sources b/sources index f0f399b..19d2b5b 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ SHA512 (nagios-agents-metadata-105ab8a7b2c16b9a29cf1c1596b80136eeef332b.tar.gz) = 11ddeb48a4929e7642b6dfa9c7962aa1d7a1af1c569830f55ed6cd6773abac13377317327bc1db8411c8077884f83f81cc54d746c834b63a99fa6dc219b5caad -SHA512 (pacemaker-2.0.4.tar.gz) = fbff3b5ab05ad52d469304d5bc7fca518df2f491a1176a24735cd1a9b46f7ff90dc5aeae65e5e29feb86e8a210e69e528261138847d6f8773933fb557e71133d +SHA512 (pacemaker-Pacemaker-2.0.5-rc2.tar.gz) = 67fe1ca539f4a690c8b9860c9b82679d77a77294ee9278c384b68099f788ba4db4d2c35bf34d1340daa6d3bac7aae550ef06527046da601a7bde30b78ee110a7