Re-synced to upstream sources, security fixes, spec file cleanup

- Re-synced to upstream sources
- Security fix for CVE-2016-0720, CVE-2016-0721
- Fixed rubygems issues which prevented pcsd from starting
- Rubygems built with RELRO
- Spec file cleanup
- Fixed multilib .pyc/.pyo issue

.gitignore

@@ -26,3 +26,10 @@
 /pcs-withgems-0.9.140.tar.gz
 /pcs-withgems-0.9.141.tar.gz
 /pcs-withgems-0.9.144.tar.gz
+/pcs-0.9.149.tar.gz
+/monkey-lib-0.5.4.gem
+/orderedhash-0.0.6.gem
+/rpam-ruby19-1.2.1.gem
+/sinatra-contrib-1.4.4.gem
+/sinatra-sugar-0.5.1.gem
+/pcsd-bundle-config-1

fedfix.patch

@@ -1,20 +1,20 @@
-From 7aa4bb635ccde8287a92d15c40b2233105f1b814 Mon Sep 17 00:00:00 2001
+From 16b05cae25afdd208fc9d0d9f77db22d54dbb27a Mon Sep 17 00:00:00 2001
 From: Tomas Jelinek <tojeline@redhat.com>
-Date: Mon, 7 Sep 2015 13:46:47 +0200
-Subject: [PATCH] fedfix patch
+Date: Wed, 17 Feb 2016 13:08:18 +0100
+Subject: [PATCH] fedfix
 
 ---
- pcsd/Gemfile      | 15 +--------------
- pcsd/Gemfile.lock | 24 ------------------------
+ pcsd/Gemfile      | 16 +---------------
+ pcsd/Gemfile.lock | 26 --------------------------
  pcsd/Makefile     |  4 ++--
  pcsd/ssl.rb       |  4 ++--
- 4 files changed, 5 insertions(+), 42 deletions(-)
+ 4 files changed, 5 insertions(+), 45 deletions(-)
 
 diff --git a/pcsd/Gemfile b/pcsd/Gemfile
-index fb97a1a..e412e12 100644
+index fb97a1a..41987d4 100644
 --- a/pcsd/Gemfile
 +++ b/pcsd/Gemfile
-@@ -1,21 +1,8 @@
+@@ -1,21 +1,7 @@
  source 'https://rubygems.org'
  
 -source 'https://tojeline.fedorapeople.org/rubygems/' do
@@ -28,7 +28,7 @@ index fb97a1a..e412e12 100644
 -gem 'tilt'
 -gem 'eventmachine'
 -gem 'rack-test'
- gem 'backports'
+-gem 'backports'
  gem 'sinatra-sugar'
  gem 'monkey-lib'
 -gem 'rpam-ruby19', :platform => [:ruby_19, :ruby_20, :ruby_21, :ruby_22]
@@ -38,15 +38,15 @@ index fb97a1a..e412e12 100644
 +gem 'rpam-ruby19'
  gem 'orderedhash'
 diff --git a/pcsd/Gemfile.lock b/pcsd/Gemfile.lock
-index 3140d6f..4ea6796 100644
+index 3140d6f..723e644 100644
 --- a/pcsd/Gemfile.lock
 +++ b/pcsd/Gemfile.lock
-@@ -1,25 +1,11 @@
+@@ -1,25 +1,10 @@
  GEM
    remote: https://rubygems.org/
 -  remote: https://tojeline.fedorapeople.org/rubygems/
    specs:
-     backports (3.6.4)
+-    backports (3.6.4)
 -    eventmachine (1.0.7)
 -    json (1.8.3)
      monkey-lib (0.5.4)
@@ -67,7 +67,7 @@ index 3140d6f..4ea6796 100644
      sinatra-contrib (1.4.4)
        backports (>= 2.0)
        multi_json
-@@ -30,24 +16,14 @@ GEM
+@@ -30,24 +15,13 @@ GEM
      sinatra-sugar (0.5.1)
        monkey-lib (~> 0.5.0)
        sinatra (~> 1.0)
@@ -77,7 +77,7 @@ index 3140d6f..4ea6796 100644
    ruby
  
  DEPENDENCIES
-   backports
+-  backports
 -  eventmachine
 -  json
    monkey-lib
@@ -93,19 +93,19 @@ index 3140d6f..4ea6796 100644
    sinatra-sugar
 -  tilt
 diff --git a/pcsd/Makefile b/pcsd/Makefile
-index b430069..eb2f4c4 100644
+index e18d2df..60e2e12 100644
 --- a/pcsd/Makefile
 +++ b/pcsd/Makefile
 @@ -1,5 +1,5 @@
 -build_gems: get_gems
 -	bundle install --local --deployment
 +build_gems:
-+	bundle install --local --path vendor/bundle
++	bundle install --verbose --local --path vendor/bundle
  
  # RHEL6 needs special rpam-ruby19 gem to work with 1.8.7
  # also bundler is not available on RHEL6 in rpm
 diff --git a/pcsd/ssl.rb b/pcsd/ssl.rb
-index 97d131e..36c1a73 100644
+index 2858574..68e1024 100644
 --- a/pcsd/ssl.rb
 +++ b/pcsd/ssl.rb
 @@ -48,8 +48,8 @@ end

pcs.spec

@@ -1,24 +1,37 @@
-Name: pcs		
-Version: 0.9.144
-Release: 3%{?dist}
+Name: pcs
+Version: 0.9.149
+Release: 1%{?dist}
 License: GPLv2
 URL: http://github.com/feist/pcs
 Group: System Environment/Base
+
+Summary: Pacemaker Configuration System
+Source0: https://github.com/feist/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Source1: pcsd-bundle-config-1
+Patch0: fedfix.patch
+
+Source2: https://rubygems.org/downloads/monkey-lib-0.5.4.gem
+Source3: https://rubygems.org/downloads/orderedhash-0.0.6.gem
+Source4: https://rubygems.org/downloads/rpam-ruby19-1.2.1.gem
+Source5: https://rubygems.org/downloads/sinatra-contrib-1.4.4.gem
+Source6: https://rubygems.org/downloads/sinatra-sugar-0.5.1.gem
+
 BuildRequires: python2-devel ruby ruby-devel pam-devel python rubygem-bundler
 BuildRequires: rubygem-sinatra rubygem-rack rubygem-rack-protection rubygem-tilt
-BuildRequires: rubygem-eventmachine rubygem-rack-test rubygem-multi_json rubygem-json rubygem-open4
+BuildRequires: rubygem-eventmachine rubygem-rack-test rubygem-multi_json rubygem-json
+BuildRequires: rubygem-open4 rubygem-backports
 # for post, preun and postun macros
 BuildRequires: systemd
-Summary: Pacemaker Configuration System	
-Source0: https://tojeline.fedorapeople.org/pkgs/pcs/pcs-withgems-%{version}.tar.gz
-Patch0: fedfix.patch
-Requires: pacemaker ruby python
-Requires: psmisc initscripts openssl
-Requires: python-clufter
-Requires: rubygem-sinatra rubygem-rack rubygem-rack-protection rubygem-tilt
-Requires: rubygem-eventmachine rubygem-rack-test rubygem-multi_json rubygem-json rubygem-open4
+# for UpdateTimestamps sanitization function
+BuildRequires: diffstat
+
+Requires: pacemaker ruby python
+Requires: psmisc openssl
+Requires: python-clufter => 0.55.0
+Requires: rubygem-sinatra rubygem-rack rubygem-rack-protection rubygem-tilt
+Requires: rubygem-eventmachine rubygem-rack-test rubygem-multi_json rubygem-json
+Requires: rubygem-open4 rubygem-backports
 
-Provides: bundled(rubygem-backports) = 3.6.4
 Provides: bundled(rubygem-monkey-lib) = 0.5.4
 Provides: bundled(rubygem-orderedhash) = 0.0.6
 Provides: bundled(rubygem-rpam-ruby19) = 1.2.1
@@ -32,8 +45,31 @@ easily view, modify and created pacemaker based clusters.
 %prep
 %setup -q
 
+# -- following borrowed from python-simplejon.el5 --
+# Update timestamps on the files touched by a patch, to avoid non-equal
+# .pyc/.pyo files across the multilib peers within a build, where "Level"
+# is the patch prefix option (e.g. -p1)
+UpdateTimestamps() {
+  Level=$1
+  PatchFile=$2
+  # Locate the affected files:
+  for f in $(diffstat $Level -l $PatchFile); do
+    # Set the files to have the same timestamp as that of the patch:
+    touch -r $PatchFile $f
+  done
+}
+
 %patch0 -p1
-cd pcsd ; bundle install --local ; cd ..
+UpdateTimestamps -p1 %{PATCH0}
+
+mkdir -p pcsd/.bundle
+cp -f %SOURCE1 pcsd/.bundle/config
+mkdir -p pcsd/vendor/cache
+cp -f %SOURCE2 pcsd/vendor/cache
+cp -f %SOURCE3 pcsd/vendor/cache
+cp -f %SOURCE4 pcsd/vendor/cache
+cp -f %SOURCE5 pcsd/vendor/cache
+cp -f %SOURCE6 pcsd/vendor/cache
 
 %build
 
@@ -43,9 +79,12 @@ pwd
 make install DESTDIR=$RPM_BUILD_ROOT PYTHON_SITELIB=%{python_sitelib}
 make install_pcsd DESTDIR=$RPM_BUILD_ROOT PYTHON_SITELIB=%{python_sitelib} hdrdir="%{_includedir}" rubyhdrdir="%{_includedir}" includedir="%{_includedir}"
 chmod 755 $RPM_BUILD_ROOT/%{python_sitelib}/pcs/pcs.py
-
-# Temporary fix for ruby-2.0.0 and rpam
-#cp $RPM_BUILD_ROOT/usr/lib/pcsd/gemhome/gems/rpam-ruby19-1.2.1/ext/Rpam/rpam_ext.so $RPM_BUILD_ROOT/usr/lib/pcsd/gemhome/gems/rpam-ruby19-1.2.1/lib
+# quickfix for rubygems issue
+# https://bugzilla.redhat.com/show_bug.cgi?id=1299835
+cd $RPM_BUILD_ROOT/usr/lib/pcsd/vendor/bundle/ruby
+ln -s 2.3.0/gems gems
+ln -s 2.3.0/specifications specifications
+# quickfix end
 
 %post
 %systemd_post pcsd.service
@@ -72,10 +111,20 @@ chmod 755 $RPM_BUILD_ROOT/%{python_sitelib}/pcs/pcs.py
 /etc/sysconfig/pcsd
 %{_mandir}/man8/pcs.*
 %exclude /usr/lib/pcsd/*.debian
+%exclude /usr/lib/pcsd/.gitignore
+%exclude /usr/lib/pcsd/test
 
 %doc COPYING README
 
 %changelog
+* Thu Feb 18 2016 Tomas Jelinek <tojeline@redhat.com> - 0.9.149-1
+- Re-synced to upstream sources
+- Security fix for CVE-2016-0720, CVE-2016-0721
+- Fixed rubygems issues which prevented pcsd from starting
+- Rubygems built with RELRO
+- Spec file cleanup
+- Fixed multilib .pyc/.pyo issue
+
 * Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.144-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
 

sources

@@ -1 +1,7 @@
-d805ad7e949bf4e98d112361939ac96b  pcs-withgems-0.9.144.tar.gz
+9ff7cd69ee65fb7c201924473321a987  pcs-0.9.149.tar.gz
+385ac54687bd3986c3898c5acf62324a  monkey-lib-0.5.4.gem
+1668db3c807839d5ff3f90d0d6c4dadb  orderedhash-0.0.6.gem
+e4538ac4d9f20d3720c9fc73a0c58f6c  rpam-ruby19-1.2.1.gem
+aa1f67aac4d19f000297c91782d0b747  sinatra-contrib-1.4.4.gem
+7852bd3b21c568b548808c13092b8645  sinatra-sugar-0.5.1.gem
+2c8c658b54face6f08f47cbdf848eeae  pcsd-bundle-config-1