rpms/rear
5
0
Fork 0
Code Issues Pull Requests Releases Activity

import rear-2.6-8.el9

Browse Source
This commit is contained in:
CentOS Sources 2021-11-02 05:50:39 -04:00 committed by Stepan Oksanichenko
commit 21a8f80b7a
10 changed files with 658 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/rear-2.6.tar.gz

1
.rear.metadata Normal file
View File

@ -0,0 +1 @@
13c23ad59254438ffcd0cde6400fd991cbfe194e SOURCES/rear-2.6.tar.gz

47
SOURCES/0001-skip-kernel-buildin-modules.patch Normal file
View File

@ -0,0 +1,47 @@
From df5e18b8d7c8359b48bc133bfa29734934d18160 Mon Sep 17 00:00:00 2001
From: Johannes Meixner <jsmeix@suse.com>
Date: Mon, 10 Aug 2020 16:20:38 +0200
Subject: [PATCH] Merge pull request #2469 from
rear/skip-kernel-builtin-modules-issue2414
In 400_copy_modules.sh skip copying kernel modules that are builtin modules.
The new behaviour is that when modules are listed in modules.builtin
and are also shown by modinfo then those modules are now skipped.
Before for such modules the modules file(s) would have been included
in the recovery system.
See https://github.com/rear/rear/issues/2414
---
usr/share/rear/build/GNU/Linux/400_copy_modules.sh | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/usr/share/rear/build/GNU/Linux/400_copy_modules.sh b/usr/share/rear/build/GNU/Linux/400_copy_modules.sh
index d8d733d2..641b7f83 100644
--- a/usr/share/rear/build/GNU/Linux/400_copy_modules.sh
+++ b/usr/share/rear/build/GNU/Linux/400_copy_modules.sh
@@ -133,8 +133,13 @@ for dummy in "once" ; do
module=${module#.o}
# Strip trailing ".ko" if there:
module=${module#.ko}
- # Continue with the next module if the current one does not exist:
+ # Continue with the next module if the current one does not exist as a module file:
modinfo $module 1>/dev/null || continue
+ # Continue with the next module if the current one is a kernel builtin module
+ # cf. https://github.com/rear/rear/issues/2414#issuecomment-668632798
+ # Quoting the grep search value is mandatory here ($module might be empty or blank),
+ # cf. "Beware of the emptiness" in https://github.com/rear/rear/wiki/Coding-Style
+ grep -q "$( echo $module | tr '_-' '..' )" /lib/modules/$KERNEL_VERSION/modules.builtin && continue
# Resolve module dependencies:
# Get the module file plus the module files of other needed modules.
# This is currently only a "best effort" attempt because
@@ -166,7 +171,10 @@ done
# Remove those modules that are specified in the EXCLUDE_MODULES array:
for exclude_module in "${EXCLUDE_MODULES[@]}" ; do
- # Continue with the next module if the current one does not exist:
+ # Continue with the next module only if the current one does not exist as a module file
+ # but do not continue with the next module if the current one is a kernel builtin module
+ # so when a module file exists that gets removed regardless if it is also a builtin module
+ # cf. https://github.com/rear/rear/issues/2414#issuecomment-669115481
modinfo $exclude_module 1>/dev/null || continue
# In this case it is ignored when a module exists but 'modinfo -F filename' cannot show its filename
# because then it is assumed that also no module file had been copied above:

15
SOURCES/rear-bz1492177-warning.patch Normal file
View File

@ -0,0 +1,15 @@
diff --git a/usr/share/rear/output/ISO/Linux-i386/249_check_rhel_grub2_efi_package.sh b/usr/share/rear/output/ISO/Linux-i386/249_check_rhel_grub2_efi_package.sh
new file mode 100644
index 00000000..4c4ded08
--- /dev/null
+++ b/usr/share/rear/output/ISO/Linux-i386/249_check_rhel_grub2_efi_package.sh
@@ -0,0 +1,9 @@
+# 249_check_rhel_grub2_efi_package.sh
+
+is_true $USING_UEFI_BOOTLOADER || return # empty or 0 means NO UEFI
+
+(
+ VERBOSE=1
+ test -r /usr/lib/grub/x86_64-efi/moddep.lst
+ PrintIfError "WARNING: /usr/lib/grub/x86_64-efi/moddep.lst not found, grub2-mkimage will likely fail. Please install the grub2-efi-x64-modules package to fix this."
+)

351
SOURCES/rear-bz1832394.patch Normal file
View File

@ -0,0 +1,351 @@
diff --git a/doc/user-guide/06-layout-configuration.adoc b/doc/user-guide/06-layout-configuration.adoc
index f59384db..88ba0420 100644
--- a/doc/user-guide/06-layout-configuration.adoc
+++ b/doc/user-guide/06-layout-configuration.adoc
@@ -630,7 +630,7 @@ lvmvol <volume_group> <name> <size(bytes)> <layout> [key:value ...]
=== LUKS Devices ===
----------------------------------
-crypt /dev/mapper/<name> <device> [cipher=<cipher>] [key_size=<key size>] [hash=<hash function>] [uuid=<uuid>] [keyfile=<keyfile>] [password=<password>]
+crypt /dev/mapper/<name> <device> [type=<type>] [cipher=<cipher>] [key_size=<key size>] [hash=<hash function>] [uuid=<uuid>] [keyfile=<keyfile>] [password=<password>]
----------------------------------
=== DRBD ===
diff --git a/usr/share/rear/layout/prepare/GNU/Linux/160_include_luks_code.sh b/usr/share/rear/layout/prepare/GNU/Linux/160_include_luks_code.sh
index 05279bc8..0c662f67 100644
--- a/usr/share/rear/layout/prepare/GNU/Linux/160_include_luks_code.sh
+++ b/usr/share/rear/layout/prepare/GNU/Linux/160_include_luks_code.sh
@@ -1,35 +1,75 @@
+
# Code to recreate and/or open LUKS volumes.
create_crypt() {
+ # See the create_device() function in lib/layout-functions.sh what "device type" means:
+ local device_type="$1"
+ if ! grep -q "^crypt $device_type " "$LAYOUT_FILE" ; then
+ LogPrintError "Skip recreating LUKS volume $device_type (no 'crypt $device_type' entry in $LAYOUT_FILE)"
+ # FIXME: The return code is ignored in the create_device() function in lib/layout-functions.sh:
+ return 1
+ fi
+
local crypt target_device source_device options
- read crypt target_device source_device options < <(grep "^crypt $1 " "$LAYOUT_FILE")
+ local mapping_name option key value
+ local cryptsetup_options="" keyfile="" password=""
- local target_name=${target_device#/dev/mapper/}
+ read crypt target_device source_device options < <( grep "^crypt $device_type " "$LAYOUT_FILE" )
+
+ # Careful! One cannot 'test -b $source_device' here at the time when this code is run
+ # because the source device is usually a disk partition block device like /dev/sda2
+ # but disk partition block devices usually do not yet exist (in particular not on a new clean disk)
+ # because partitions are actually created later when the diskrestore.sh script is run
+ # but not here when this code is run which only generates the diskrestore.sh script:
+ if ! test $source_device ; then
+ LogPrintError "Skip recreating LUKS volume $device_type: No source device (see the 'crypt $device_type' entry in $LAYOUT_FILE)"
+ # FIXME: The return code is ignored in the create_device() function in lib/layout-functions.sh:
+ return 1
+ fi
+
+ mapping_name=${target_device#/dev/mapper/}
+ if ! test $mapping_name ; then
+ LogPrintError "Skip recreating LUKS volume $device_type on $source_device: No /dev/mapper/... mapping name (see the 'crypt $device_type' entry in $LAYOUT_FILE)"
+ # FIXME: The return code is ignored in the create_device() function in lib/layout-functions.sh:
+ return 1
+ fi
- local cryptsetup_options="" keyfile="" password=""
- local option key value
for option in $options ; do
- key=${option%=*}
+ # $option is of the form keyword=value and
+ # we assume keyword has no '=' character but value could be anything that may have a '=' character
+ # so we split keyword=value at the leftmost '=' character so that
+ # e.g. keyword=foo=bar gets split into key="keyword" and value="foo=bar":
+ key=${option%%=*}
value=${option#*=}
-
+ # The "cryptseup luksFormat" command does not require any of the type, cipher, key-size, hash, uuid option values
+ # because if omitted a cryptseup default value is used so we treat those values as optional.
+ # Using plain test to ensure the value is a single non empty and non blank word
+ # without quoting because test " " would return zero exit code
+ # cf. "Beware of the emptiness" in https://github.com/rear/rear/wiki/Coding-Style
case "$key" in
- cipher)
- cryptsetup_options+=" --cipher $value"
+ (type)
+ test $value && cryptsetup_options+=" --type $value"
+ ;;
+ (cipher)
+ test $value && cryptsetup_options+=" --cipher $value"
+ ;;
+ (key_size)
+ test $value && cryptsetup_options+=" --key-size $value"
;;
- key_size)
- cryptsetup_options+=" --key-size $value"
+ (hash)
+ test $value && cryptsetup_options+=" --hash $value"
;;
- hash)
- cryptsetup_options+=" --hash $value"
+ (uuid)
+ test $value && cryptsetup_options+=" --uuid $value"
;;
- uuid)
- cryptsetup_options+=" --uuid $value"
+ (keyfile)
+ test $value && keyfile=$value
;;
- keyfile)
- keyfile=$value
+ (password)
+ test $value && password=$value
;;
- password)
- password=$value
+ (*)
+ LogPrintError "Skipping unsupported LUKS cryptsetup option '$key' in 'crypt $target_device $source_device' entry in $LAYOUT_FILE"
;;
esac
done
@@ -37,26 +77,25 @@ create_crypt() {
cryptsetup_options+=" $LUKS_CRYPTSETUP_OPTIONS"
(
- echo "Log \"Creating LUKS device $target_name on $source_device\""
+ echo "LogPrint \"Creating LUKS volume $mapping_name on $source_device\""
if [ -n "$keyfile" ] ; then
# Assign a temporary keyfile at this stage so that original keyfiles do not leak onto the rescue medium.
# The original keyfile will be restored from the backup and then re-assigned to the LUKS device in the
# 'finalize' stage.
# The scheme for generating a temporary keyfile path must be the same here and in the 'finalize' stage.
- keyfile="${TMPDIR:-/tmp}/LUKS-keyfile-$target_name"
+ keyfile="$TMP_DIR/LUKS-keyfile-$mapping_name"
dd bs=512 count=4 if=/dev/urandom of="$keyfile"
chmod u=rw,go=- "$keyfile"
-
echo "cryptsetup luksFormat --batch-mode $cryptsetup_options $source_device $keyfile"
- echo "cryptsetup luksOpen --key-file $keyfile $source_device $target_name"
+ echo "cryptsetup luksOpen --key-file $keyfile $source_device $mapping_name"
elif [ -n "$password" ] ; then
echo "echo \"$password\" | cryptsetup luksFormat --batch-mode $cryptsetup_options $source_device"
- echo "echo \"$password\" | cryptsetup luksOpen $source_device $target_name"
+ echo "echo \"$password\" | cryptsetup luksOpen $source_device $mapping_name"
else
- echo "LogPrint \"Please enter the password for LUKS device $target_name ($source_device):\""
+ echo "LogUserOutput \"Set the password for LUKS volume $mapping_name (for 'cryptsetup luksFormat' on $source_device):\""
echo "cryptsetup luksFormat --batch-mode $cryptsetup_options $source_device"
- echo "LogPrint \"Please re-enter the password for LUKS device $target_name ($source_device):\""
- echo "cryptsetup luksOpen $source_device $target_name"
+ echo "LogUserOutput \"Enter the password for LUKS volume $mapping_name (for 'cryptsetup luksOpen' on $source_device):\""
+ echo "cryptsetup luksOpen $source_device $mapping_name"
fi
echo ""
) >> "$LAYOUT_CODE"
@@ -64,38 +103,61 @@ create_crypt() {
# Function open_crypt() is meant to be used by the 'mountonly' workflow
open_crypt() {
+ # See the do_mount_device() function in lib/layout-functions.sh what "device type" means:
+ local device_type="$1"
+ if ! grep -q "^crypt $device_type " "$LAYOUT_FILE" ; then
+ LogPrintError "Skip opening LUKS volume $device_type (no 'crypt $device_type' entry in $LAYOUT_FILE)"
+ # FIXME: The return code is ignored in the do_mount_device() function in lib/layout-functions.sh:
+ return 1
+ fi
+
local crypt target_device source_device options
- read crypt target_device source_device options < <(grep "^crypt $1 " "$LAYOUT_FILE")
+ local mapping_name option key value
+ local cryptsetup_options="" keyfile="" password=""
- local target_name=${target_device#/dev/mapper/}
+ read crypt target_device source_device options < <( grep "^crypt $device_type " "$LAYOUT_FILE" )
+
+ if ! test -b "$source_device" ; then
+ LogPrintError "Skip opening LUKS volume $device_type on device '$source_device' that is no block device (see the 'crypt $device_type' entry in $LAYOUT_FILE)"
+ # FIXME: The return code is ignored in the do_mount_device() function in lib/layout-functions.sh:
+ return 1
+ fi
+
+ mapping_name=${target_device#/dev/mapper/}
+ if ! test $mapping_name ; then
+ LogPrintError "Skip opening LUKS volume $device_type on $source_device: No /dev/mapper/... mapping name (see the 'crypt $device_type' entry in $LAYOUT_FILE)"
+ # FIXME: The return code is ignored in the do_mount_device() function in lib/layout-functions.sh:
+ return 1
+ fi
- local cryptsetup_options="" keyfile="" password=""
- local option key value
for option in $options ; do
- key=${option%=*}
+ # $option is of the form keyword=value and
+ # we assume keyword has no '=' character but value could be anything that may have a '=' character
+ # so we split keyword=value at the leftmost '=' character so that
+ # e.g. keyword=foo=bar gets split into key="keyword" and value="foo=bar":
+ key=${option%%=*}
value=${option#*=}
-
case "$key" in
- keyfile)
- keyfile=$value
+ (keyfile)
+ test $value && keyfile=$value
;;
- password)
- password=$value
+ (password)
+ test $value && password=$value
;;
esac
done
(
- echo "Log \"Opening LUKS device $target_name on $source_device\""
+ echo "LogPrint \"Opening LUKS volume $mapping_name on $source_device\""
if [ -n "$keyfile" ] ; then
# During a 'mountonly' workflow, the original keyfile is supposed to be
# available at this point.
- echo "cryptsetup luksOpen --key-file $keyfile $source_device $target_name"
+ echo "cryptsetup luksOpen --key-file $keyfile $source_device $mapping_name"
elif [ -n "$password" ] ; then
- echo "echo \"$password\" | cryptsetup luksOpen $source_device $target_name"
+ echo "echo \"$password\" | cryptsetup luksOpen $source_device $mapping_name"
else
- echo "LogPrint \"Please enter the password for LUKS device $target_name ($source_device):\""
- echo "cryptsetup luksOpen $source_device $target_name"
+ echo "LogUserOutput \"Enter the password for LUKS volume $mapping_name (for 'cryptsetup luksOpen' on $source_device):\""
+ echo "cryptsetup luksOpen $source_device $mapping_name"
fi
echo ""
) >> "$LAYOUT_CODE"
diff --git a/usr/share/rear/layout/save/GNU/Linux/260_crypt_layout.sh b/usr/share/rear/layout/save/GNU/Linux/260_crypt_layout.sh
index c1e1cfd5..afeabf6a 100644
--- a/usr/share/rear/layout/save/GNU/Linux/260_crypt_layout.sh
+++ b/usr/share/rear/layout/save/GNU/Linux/260_crypt_layout.sh
@@ -9,6 +9,8 @@ Log "Saving Encrypted volumes."
REQUIRED_PROGS+=( cryptsetup dmsetup )
COPY_AS_IS+=( /usr/share/cracklib/\* /etc/security/pwquality.conf )
+local invalid_cryptsetup_option_value="no"
+
while read target_name junk ; do
# find the target device we're mapping
if ! [ -e /dev/mapper/$target_name ] ; then
@@ -30,29 +32,96 @@ while read target_name junk ; do
source_device="$(get_device_name ${slave##*/})"
done
- if ! cryptsetup isLuks $source_device >/dev/null 2>&1; then
+ if ! blkid -p -o export $source_device >$TMP_DIR/blkid.output ; then
+ LogPrintError "Error: Cannot get attributes for $target_name ('blkid -p -o export $source_device' failed)"
continue
fi
- # gather crypt information
- cipher=$(cryptsetup luksDump $source_device | grep "Cipher name" | sed -r 's/^.+:\s*(.+)$/\1/')
- mode=$(cryptsetup luksDump $source_device | grep "Cipher mode" | cut -d: -f2- | awk '{printf("%s",$1)};')
- key_size=$(cryptsetup luksDump $source_device | grep "MK bits" | sed -r 's/^.+:\s*(.+)$/\1/')
- hash=$(cryptsetup luksDump $source_device | grep "Hash spec" | sed -r 's/^.+:\s*(.+)$/\1/')
- uuid=$(cryptsetup luksDump $source_device | grep "UUID" | sed -r 's/^.+:\s*(.+)$/\1/')
- keyfile_option=$([ -f /etc/crypttab ] && awk '$1 == "'"$target_name"'" && $3 != "none" && $3 != "-" && $3 != "" { print "keyfile=" $3; }' /etc/crypttab)
+ if ! grep -q "TYPE=crypto_LUKS" $TMP_DIR/blkid.output ; then
+ Log "Skipping $target_name (no 'TYPE=crypto_LUKS' in 'blkid -p -o export $source_device' output)"
+ continue
+ fi
- # LUKS version 2 is not yet suppported, see https://github.com/rear/rear/issues/2204
- # When LUKS version 2 is used the above code fails at least to determine the hash value
- # so we use an empty hash value as a simple test if gathering crypt information was successful:
- test "$hash" || Error "No hash value for LUKS device '$target_name' at '$source_device' (only LUKS version 1 is supported)"
+ # Detect LUKS version:
+ # Remove all non-digits in particular to avoid leading or trailing spaces in the version string
+ # cf. "Beware of the emptiness" in https://github.com/rear/rear/wiki/Coding-Style
+ # that could happen if the blkid output contains "VERSION = 2" so that 'cut -d= -f2' results " 2".
+ version=$( grep "VERSION" $TMP_DIR/blkid.output | cut -d= -f2 | tr -c -d '[:digit:]' )
+ if ! test "$version" = "1" -o "$version" = "2" ; then
+ LogPrintError "Error: Unsupported LUKS version for $target_name ('blkid -p -o export $source_device' shows 'VERSION=$version')"
+ continue
+ fi
+ luks_type=luks$version
- echo "crypt /dev/mapper/$target_name $source_device cipher=$cipher-$mode key_size=$key_size hash=$hash uuid=$uuid $keyfile_option" >> $DISKLAYOUT_FILE
-done < <( dmsetup ls --target crypt )
+ # Gather crypt information:
+ if ! cryptsetup luksDump $source_device >$TMP_DIR/cryptsetup.luksDump ; then
+ LogPrintError "Error: Cannot get LUKS$version values for $target_name ('cryptsetup luksDump $source_device' failed)"
+ continue
+ fi
+ uuid=$( grep "UUID" $TMP_DIR/cryptsetup.luksDump | sed -r 's/^.+:\s*(.+)$/\1/' )
+ keyfile_option=$( [ -f /etc/crypttab ] && awk '$1 == "'"$target_name"'" && $3 != "none" && $3 != "-" && $3 != "" { print "keyfile=" $3; }' /etc/crypttab )
+ if test $luks_type = "luks1" ; then
+ cipher_name=$( grep "Cipher name" $TMP_DIR/cryptsetup.luksDump | sed -r 's/^.+:\s*(.+)$/\1/' )
+ cipher_mode=$( grep "Cipher mode" $TMP_DIR/cryptsetup.luksDump | cut -d: -f2- | awk '{printf("%s",$1)};' )
+ cipher=$cipher_name-$cipher_mode
+ key_size=$( grep "MK bits" $TMP_DIR/cryptsetup.luksDump | sed -r 's/^.+:\s*(.+)$/\1/' )
+ hash=$( grep "Hash spec" $TMP_DIR/cryptsetup.luksDump | sed -r 's/^.+:\s*(.+)$/\1/' )
+ elif test $luks_type = "luks2" ; then
+ cipher=$( grep "cipher:" $TMP_DIR/cryptsetup.luksDump | sed -r 's/^.+:\s*(.+)$/\1/' )
+ # More than one keyslot may be defined - use key_size from the first slot.
+ # Depending on the version the "cryptsetup luksDump" command outputs the key_size value
+ # as a line like
+ # Key: 512 bits
+ # and/or as a line like
+ # Cipher key: 512 bits
+ # cf. https://github.com/rear/rear/pull/2504#issuecomment-718729198 and subsequent comments
+ # so we grep for both lines but use only the first match from the first slot:
+ key_size=$( egrep -m 1 "Key:|Cipher key:" $TMP_DIR/cryptsetup.luksDump | sed -r 's/^.+:\s*(.+) bits$/\1/' )
+ hash=$( grep "Hash" $TMP_DIR/cryptsetup.luksDump | sed -r 's/^.+:\s*(.+)$/\1/' )
+ fi
-# cryptsetup is required in the recovery system if disklayout.conf contains at least one 'crypt' entry
-# see the create_crypt function in layout/prepare/GNU/Linux/160_include_luks_code.sh
-# what program calls are written to diskrestore.sh
-# cf. https://github.com/rear/rear/issues/1963
-grep -q '^crypt ' $DISKLAYOUT_FILE && REQUIRED_PROGS+=( cryptsetup ) || true
+ # Basic checks that the cipher key_size hash uuid values exist
+ # cf. https://github.com/rear/rear/pull/2504#issuecomment-718729198
+ # because some values are needed during "rear recover"
+ # to set cryptsetup options in layout/prepare/GNU/Linux/160_include_luks_code.sh
+ # and it seems cryptsetup fails when options with empty values are specified
+ # cf. https://github.com/rear/rear/pull/2504#issuecomment-719479724
+ # For example a LUKS1 crypt entry in disklayout.conf looks like
+ # crypt /dev/mapper/luks1test /dev/sda7 type=luks1 cipher=aes-xts-plain64 key_size=256 hash=sha256 uuid=1b4198c9-d9b0-4c57-b9a3-3433e391e706
+ # and a LUKS1 crypt entry in disklayout.conf looks like
+ # crypt /dev/mapper/luks2test /dev/sda8 type=luks2 cipher=aes-xts-plain64 key_size=256 hash=sha256 uuid=3e874a28-7415-4f8c-9757-b3f28a96c4d2
+ # Only the keyfile_option value is optional and the luks_type value is already tested above.
+ # Using plain test to ensure a value is a single non empty and non blank word
+ # without quoting because test " " would return zero exit code
+ # cf. "Beware of the emptiness" in https://github.com/rear/rear/wiki/Coding-Style
+ # Do not error out instantly here but only report errors here so the user can see all messages
+ # and actually error out at the end of this script if there was one actually invalid value:
+ if ! test $cipher ; then
+ LogPrint "No 'cipher' value for LUKS$version volume $target_name in $source_device"
+ fi
+ if test $key_size ; then
+ if ! is_positive_integer $key_size ; then
+ LogPrintError "Error: 'key_size=$key_size' is no positive integer for LUKS$version volume $target_name in $source_device"
+ invalid_cryptsetup_option_value="yes"
+ fi
+ else
+ LogPrint "No 'key_size' value for LUKS$version volume $target_name in $source_device"
+ fi
+ if ! test $hash ; then
+ LogPrint "No 'hash' value for LUKS$version volume $target_name in $source_device"
+ fi
+ if ! test $uuid ; then
+ # Report a missig uuid value as an error to have the user informed
+ # but do not error out here because things can be fixed manually during "rear recover"
+ # cf. https://github.com/rear/rear/pull/2506#issuecomment-721757810
+ # and https://github.com/rear/rear/pull/2506#issuecomment-722315498
+ # and https://github.com/rear/rear/issues/2509
+ LogPrintError "Error: No 'uuid' value for LUKS$version volume $target_name in $source_device (mounting it or booting the recreated system may fail)"
+ fi
+
+ echo "crypt /dev/mapper/$target_name $source_device type=$luks_type cipher=$cipher key_size=$key_size hash=$hash uuid=$uuid $keyfile_option" >> $DISKLAYOUT_FILE
+
+done < <( dmsetup ls --target crypt )
+# Let this script return successfully when invalid_cryptsetup_option_value is not true:
+is_true $invalid_cryptsetup_option_value && Error "Invalid or empty LUKS cryptsetup option value(s) in $DISKLAYOUT_FILE" || true

38
SOURCES/rear-sfdc02772301.patch Normal file
View File

@ -0,0 +1,38 @@
diff --git a/usr/share/rear/conf/default.conf b/usr/share/rear/conf/default.conf
index 9ada92c3..455aa3ce 100644
--- a/usr/share/rear/conf/default.conf
+++ b/usr/share/rear/conf/default.conf
@@ -1813,7 +1813,7 @@ OBDR_BLOCKSIZE=2048
# BACKUP=NBU stuff (Symantec/Veritas NetBackup)
##
#
-COPY_AS_IS_NBU=( /usr/openv/bin/vnetd /usr/openv/bin/vopied /usr/openv/lib /usr/openv/netbackup /usr/openv/var/auth/[mn]*.txt )
+COPY_AS_IS_NBU=( /usr/openv/bin/vnetd /usr/openv/bin/vopied /usr/openv/lib /usr/openv/netbackup /usr/openv/var/auth/[mn]*.txt /opt/VRTSpbx /etc/vx/VxICS /etc/vx/vrtslog.conf )
COPY_AS_IS_EXCLUDE_NBU=( /usr/openv/netbackup/logs "/usr/openv/netbackup/bin/bpjava*" /usr/openv/netbackup/bin/xbp /usr/openv/netbackup/bin/private /usr/openv/lib/java /usr/openv/lib/shared/vddk /usr/openv/netbackup/baremetal )
# See https://github.com/rear/rear/issues/2105 why /usr/openv/netbackup/sec/at/lib/ is needed:
NBU_LD_LIBRARY_PATH="/usr/openv/lib:/usr/openv/netbackup/sec/at/lib/"
diff --git a/usr/share/rear/rescue/NBU/default/450_prepare_netbackup.sh b/usr/share/rear/rescue/NBU/default/450_prepare_netbackup.sh
index cd48b8d9..ae5a3ccc 100644
--- a/usr/share/rear/rescue/NBU/default/450_prepare_netbackup.sh
+++ b/usr/share/rear/rescue/NBU/default/450_prepare_netbackup.sh
@@ -7,6 +7,12 @@
[[ $NBU_version -lt 7 ]] && return # NBU is using xinetd when version <7.x
+if [ -e "/etc/init.d/vxpbx_exchanged" ]; then
+ cp $v /etc/init.d/vxpbx_exchanged $ROOTFS_DIR/etc/scripts/system-setup.d/vxpbx_exchanged.real
+ chmod $v +x $ROOTFS_DIR/etc/scripts/system-setup.d/vxpbx_exchanged.real
+ echo "( /etc/scripts/system-setup.d/vxpbx_exchanged.real start )" > $ROOTFS_DIR/etc/scripts/system-setup.d/89-vxpbx_exchanged.sh
+fi
+
if [ -e "/etc/init.d/netbackup" ]; then
cp $v /etc/init.d/netbackup $ROOTFS_DIR/etc/scripts/system-setup.d/netbackup.real
chmod $v +x $ROOTFS_DIR/etc/scripts/system-setup.d/netbackup.real
diff --git a/usr/share/rear/skel/NBU/usr/openv/tmp/.gitignore b/usr/share/rear/skel/NBU/usr/openv/tmp/.gitignore
new file mode 100644
index 00000000..d6b7ef32
--- /dev/null
+++ b/usr/share/rear/skel/NBU/usr/openv/tmp/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore

4
SOURCES/rear.cron Normal file
View File

@ -0,0 +1,4 @@
# cronjob for ReaR
# periodically check if disk layout has changed and update
# the rescue image
30 1 * * * root test -f /var/lib/rear/layout/disklayout.conf && /usr/sbin/rear checklayout || /usr/sbin/rear mkrescue

6
SOURCES/rear.service Normal file
View File

@ -0,0 +1,6 @@
[Unit]
Description=Update ReaR rescue image
[Service]
Type=oneshot
ExecStart=/usr/sbin/rear checklayout || /usr/sbin/rear mkrescue

10
SOURCES/rear.timer Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Update ReaR rescue image
[Timer]
OnCalendar=daily
RandomizedDelaySec=1h
Persistent=true
[Install]
WantedBy=timers.target

185
SPECS/rear.spec Normal file
View File

@ -0,0 +1,185 @@
# this is purely a shell script, so no debug packages
%global debug_package %{nil}
Name: rear
Version: 2.6
Release: 8%{?dist}
Summary: Relax-and-Recover is a Linux disaster recovery and system migration tool
URL: http://relax-and-recover.org/
License: GPLv3
Source0: https://github.com/rear/rear/archive/%{version}.tar.gz#/rear-%{version}.tar.gz
# Add cronjob and systemd timer as documentation
Source1: rear.cron
Source2: rear.service
Source3: rear.timer
# Skip buildin modules, RHBZ#1831311
Patch0: 0001-skip-kernel-buildin-modules.patch
Patch4: rear-bz1492177-warning.patch
Patch29: rear-bz1832394.patch
Patch30: rear-sfdc02772301.patch
# rear contains only bash scripts plus documentation so that on first glance it could be "BuildArch: noarch"
# but actually it is not "noarch" because it only works on those architectures that are explicitly supported.
# Of course the rear bash scripts can be installed on any architecture just as any binaries can be installed on any architecture.
# But the meaning of architecture dependent packages should be on what architectures they will work.
# Therefore only those architectures that are actually supported are explicitly listed.
# This avoids that rear can be "just installed" on architectures that are actually not supported (e.g. ARM):
ExclusiveArch: %ix86 x86_64 ppc ppc64 ppc64le ia64 s390x
# Furthermore for some architectures it requires architecture dependent packages (like syslinux for x86 and x86_64)
# so that rear must be architecture dependent because ifarch conditions never match in case of "BuildArch: noarch"
# see the GitHub issue https://github.com/rear/rear/issues/629
%ifarch %ix86 x86_64
Requires: syslinux
%endif
# In the end this should tell the user that rear is known to work only on ix86 x86_64 ppc ppc64 ppc64le ia64
# and on ix86 x86_64 syslinux is explicitly required to make the bootable ISO image
# (in addition to the default installed bootloader grub2) while on ppc ppc64 the
# default installed bootloader yaboot is also useed to make the bootable ISO image.
# Required for HTML user guide
BuildRequires: make
BuildRequires: asciidoctor
### Mandatory dependencies:
Requires: binutils
Requires: ethtool
Requires: gzip
Requires: iputils
Requires: parted
Requires: tar
Requires: openssl
Requires: gawk
Requires: attr
Requires: bc
Requires: iproute
Requires: xorriso
Requires: file
Requires: dhcp-client
%if 0%{?rhel}
Requires: util-linux
%endif
%description
Relax-and-Recover is the leading Open Source disaster recovery and system
migration solution. It comprises of a modular
frame-work and ready-to-go workflows for many common situations to produce
a bootable image and restore from backup using this image. As a benefit,
it allows to restore to different hardware and can therefore be used as
a migration tool as well.
Currently Relax-and-Recover supports various boot media (incl. ISO, PXE,
OBDR tape, USB or eSATA storage), a variety of network protocols (incl.
sftp, ftp, http, nfs, cifs) as well as a multitude of backup strategies
(incl. IBM TSM, MircroFocus Data Protector, Symantec NetBackup, EMC NetWorker,
Bacula, Bareos, BORG, Duplicity, rsync).
Relax-and-Recover was designed to be easy to set up, requires no maintenance
and is there to assist when disaster strikes. Its setup-and-forget nature
removes any excuse for not having a disaster recovery solution implemented.
Professional services and support are available.
#-- PREP, BUILD & INSTALL -----------------------------------------------------#
%prep
%autosetup -p1
### Add a specific os.conf so we do not depend on LSB dependencies
%{?fedora:echo -e "OS_VENDOR=Fedora\nOS_VERSION=%{?fedora}" >etc/rear/os.conf}
%{?rhel:echo -e "OS_VENDOR=RedHatEnterpriseServer\nOS_VERSION=%{?rhel}" >etc/rear/os.conf}
# Change /lib to /usr/lib for COPY_AS_IS
sed -E -e "s:([\"' ])/lib:\1/usr/lib:g" \
-i usr/share/rear/prep/GNU/Linux/*include*.sh
# Same for Linux.conf
sed -e 's:/lib/:/usr/lib/:g' \
-e 's:/lib\*/:/usr/lib\*/:g' \
-e 's:/usr/usr/lib:/usr/lib:g' \
-i 'usr/share/rear/conf/GNU/Linux.conf'
%build
# build HTML user guide
# asciidoc writes a timestamp to files it produces, based on the last
# modified date of the source file, but is sensitive to the timezone.
# This makes the results differ according to the timezone of the build machine
# and spurious changes will be seen.
# Set the timezone to UTC as a workaround.
# https://wiki.debian.org/ReproducibleBuilds/TimestampsInDocumentationGeneratedByAsciidoc
TZ=UTC make doc
%install
%{make_install}
install -p -d %{buildroot}%{_docdir}/%{name}/
install -m 0644 %{SOURCE1} %{buildroot}%{_docdir}/%{name}/
install -m 0644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/
install -m 0644 %{SOURCE3} %{buildroot}%{_docdir}/%{name}/
#-- FILES ---------------------------------------------------------------------#
%files
%doc MAINTAINERS COPYING README.adoc doc/*.txt doc/user-guide/*.html
%doc %{_mandir}/man8/rear.8*
%doc %{_docdir}/%{name}/rear.*
%config(noreplace) %{_sysconfdir}/rear/
%{_datadir}/rear/
%{_sharedstatedir}/rear/
%{_sbindir}/rear
#-- CHANGELOG -----------------------------------------------------------------#
%changelog
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.6-8
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jun 30 2021 Pavel Cahyna <pcahyna@redhat.com> - 2.6-7
- Sync spec changes and downstream patches from RHEL 8
- Require xorriso instead of genisoimage
- Add S/390 support and forgotten dependency on the file utility
- Backport upstream code related to LUKS2 support
- Modify the cron command to avoid an e-mail with error message after
ReaR is installed but not properly configured when the cron command
is triggered for the first time
- Changes for NetBackup (NBU) support, upstream PR2544
- Add dependency on dhcp-client, RHBZ #1926451
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6-6
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Fri Feb 26 2021 Christopher Engelhard <ce@lcts.de> - 2.6-5
- Change /lib to /usr/lib in scripts to fix RHBZ #1931112
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Sep 23 2020 Christopher Engelhard <ce@lcts.de> - 2.6-3
- Stop auto-creating a cronjob, but ship example cronjob/
systemd timer units in docdir instead (upstream issue #1829)
- Build & ship HTML user guide
- Remove %pre scriptlet, as it was introduced only to fix a
specific upgrade issue with v1.15 in 2014
* Tue Sep 22 2020 Christopher Engelhard <ce@lcts.de> - 2.6-2
- Backport upstream PR#2469 to fix RHBZ #1831311
* Tue Sep 22 2020 Christopher Engelhard <ce@lcts.de> - 2.6-1
- Update to 2.6
- Streamline & clean up spec file
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jul 30 2015 Johannes Meixner <jsmeix@suse.de>
- For a changelog see the rear-release-notes.txt file.