rpms
/
rear
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Sync with stable

This commit is contained in:
eabdullin 2024-04-10 08:28:45 +03:00
parent f8754e78fc
commit a3fe46d75a
6 changed files with 221 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
SOURCES/rear-device-shrinking-bz2223895.patch Normal file
View File

@ -0,0 +1,32 @@
commit 4f03a10d4866efc9b6920a3878e6397d170742f9
Author: Johannes Meixner <jsmeix@suse.com>
Date: Thu Jul 20 15:11:52 2023 +0200
Merge pull request #3027 from rmetrich/shrinking_file
In build/GNU/Linux/100_copy_as_is.sh
ensure to really get all COPY_AS_IS files copied by using
'tar ... -i' when extracting to avoid a false regular exit of 'tar'
in particular when padding zeroes get added when a file being read shrinks
because for 'tar' (without '-i') two consecutive 512-blocks of zeroes mean EOF,
cf. https://github.com/rear/rear/pull/3027
diff --git a/usr/share/rear/build/GNU/Linux/100_copy_as_is.sh b/usr/share/rear/build/GNU/Linux/100_copy_as_is.sh
index ec55f331..0e402b01 100644
--- a/usr/share/rear/build/GNU/Linux/100_copy_as_is.sh
+++ b/usr/share/rear/build/GNU/Linux/100_copy_as_is.sh
@@ -92,9 +92,13 @@ done >$copy_as_is_exclude_file
# COPY_AS_IS+=( /path/to/directory/* )
# which are used in our scripts and by users in their etc/rear/local.conf
# cf. https://github.com/rear/rear/pull/2405#issuecomment-633512932
+# Using '-i' when extracting is necessary to avoid a false regular exit of 'tar'
+# in particular when padding zeroes get added when a file being read shrinks
+# because for 'tar' (without '-i') two consecutive 512-blocks of zeroes mean EOF,
+# cf. https://github.com/rear/rear/pull/3027
# FIXME: The following code fails if file names contain characters from IFS (e.g. blanks),
# cf. https://github.com/rear/rear/issues/1372
-if ! tar -v -X $copy_as_is_exclude_file -P -C / -c ${COPY_AS_IS[*]} 2>$copy_as_is_filelist_file | tar $v -C $ROOTFS_DIR/ -x 1>/dev/null ; then
+if ! tar -v -X $copy_as_is_exclude_file -P -C / -c ${COPY_AS_IS[*]} 2>$copy_as_is_filelist_file | tar $v -C $ROOTFS_DIR/ -x -i 1>/dev/null ; then
Error "Failed to copy files and directories in COPY_AS_IS minus COPY_AS_IS_EXCLUDE"
fi
Log "Finished copying files and directories in COPY_AS_IS minus COPY_AS_IS_EXCLUDE"

25
SOURCES/rear-luks-key-bz2228779.patch Normal file
View File

@ -0,0 +1,25 @@
commit 2aa7b47354bdf5863071c8b479d29c99aad05ecb
Author: Johannes Meixner <jsmeix@suse.com>
Date: Fri Jul 24 13:02:45 2020 +0200
Update 240_reassign_luks_keyfiles.sh
Use ReaR specific TMP_DIR (not TMPDIR or hardcoded /tmp)
diff --git a/usr/share/rear/finalize/GNU/Linux/240_reassign_luks_keyfiles.sh b/usr/share/rear/finalize/GNU/Linux/240_reassign_luks_keyfiles.sh
index d989c3fb..358f3950 100644
--- a/usr/share/rear/finalize/GNU/Linux/240_reassign_luks_keyfiles.sh
+++ b/usr/share/rear/finalize/GNU/Linux/240_reassign_luks_keyfiles.sh
@@ -24,9 +24,9 @@ awk '
while read target_name source_device original_keyfile; do
Log "Re-assigning keyfile $original_keyfile to LUKS device $target_name ($source_device)"
- # The scheme for generating a temporary keyfile path must be the same here and in the 'layout/prepare' stage.
- temp_keyfile="${TMPDIR:-/tmp}/LUKS-keyfile-$target_name"
- [ -f "$temp_keyfile" ] || BugError "temporary keyfile $temp_keyfile not found"
+ # The scheme for generating a temporary keyfile path must be the same here and in the 'layout/prepare' stage:
+ temp_keyfile="$TMP_DIR/LUKS-keyfile-$target_name"
+ test -f "$temp_keyfile" || BugError "temporary LUKS keyfile $temp_keyfile not found"
target_keyfile="$TARGET_FS_ROOT/$original_keyfile"

82
SOURCES/rear-uefi-usb-secureboot-bz2196445.patch Normal file
View File

@ -0,0 +1,82 @@
commit 4af486794d45adbda7567361d8dcc658599dcd2c
Author: Johannes Meixner <jsmeix@suse.com>
Date: Tue Aug 8 14:44:16 2023 +0200
Merge pull request #3031 from rear/jsmeix-USB-Secure-Boot
Secure Boot support for OUTPUT=USB:
In output/USB/Linux-i386/100_create_efiboot.sh
added SECURE_BOOT_BOOTLOADER related code that is based
on the code in output/ISO/Linux-i386/250_populate_efibootimg.sh
with some adaptions to make it work within the existing USB code.
The basic idea for Secure Boot booting of the ReaR recovery system
is to "just copy" the (signed) EFI binaries of the Linux distribution
(shim*.efi and grub*.efi as first and second stage UEFI bootloaders)
instead of let ReaR make its own EFI binary via build_bootx86_efi()
see https://github.com/rear/rear/pull/3031
diff --git a/usr/share/rear/output/USB/Linux-i386/100_create_efiboot.sh b/usr/share/rear/output/USB/Linux-i386/100_create_efiboot.sh
index f4659306..fd631c44 100644
--- a/usr/share/rear/output/USB/Linux-i386/100_create_efiboot.sh
+++ b/usr/share/rear/output/USB/Linux-i386/100_create_efiboot.sh
@@ -29,6 +29,44 @@ mount $EFI_PART $EFI_MPT || Error "Failed to mount EFI partition '$EFI_PART' at
mkdir -p $EFI_DST || Error "Failed to create directory '$EFI_DST'"
# Copy boot loader
+# The SECURE_BOOT_BOOTLOADER related code below is based on the code in output/ISO/Linux-i386/250_populate_efibootimg.sh
+# because I <jsmeix@suse.de> noticed that Secure Boot works with ISO at least for me, cf.
+# https://github.com/rear/rear/pull/3025#issuecomment-1635876186
+# but not with USB, cf.
+# https://github.com/rear/rear/pull/3025#issuecomment-1643774477
+# so I tried to re-use the ISO Secure Boot code for USB
+# which made Secure Boot "just work" for me with USB
+# but I had to do some (minor) adaptions to make it work
+# within the existing USB code, cf.
+# https://github.com/rear/rear/pull/3031#issuecomment-1653443454
+# Copy UEFI bootloader:
+if test -f "$SECURE_BOOT_BOOTLOADER" ; then
+ # For a technical description of Shim see https://mjg59.dreamwidth.org/19448.html
+ # Shim is a signed EFI binary that is a first stage bootloader
+ # that loads and executes another (signed) EFI binary
+ # which normally is a second stage bootloader
+ # which normally is a GRUB EFI binary
+ # which normally is available as a file named grub*.efi
+ # so when SECURE_BOOT_BOOTLOADER is used as UEFI_BOOTLOADER
+ # (cf. rescue/default/850_save_sysfs_uefi_vars.sh)
+ # then Shim (usually shim.efi) must be copied as EFI/BOOT/BOOTX64.efi
+ # and Shim's second stage bootloader must be also copied where Shim already is.
+ DebugPrint "Using '$SECURE_BOOT_BOOTLOADER' as first stage Secure Boot bootloader BOOTX64.efi"
+ cp -L $v "$SECURE_BOOT_BOOTLOADER" "$EFI_DST/BOOTX64.efi" || Error "Failed to copy SECURE_BOOT_BOOTLOADER '$SECURE_BOOT_BOOTLOADER' to $EFI_DST/BOOTX64.efi"
+ # When Shim is used, its second stage bootloader can be actually anything
+ # named grub*.efi (second stage bootloader is Shim compile time option), see
+ # http://www.rodsbooks.com/efi-bootloaders/secureboot.html#initial_shim
+ local uefi_bootloader_dirname="$( dirname $SECURE_BOOT_BOOTLOADER )"
+ local second_stage_UEFI_bootloader_files="$( echo $uefi_bootloader_dirname/grub*.efi )"
+ # Avoid 'nullglob' pitfall when nothing matches .../grub*.efi which would result
+ # an invalid "cp -v /var/tmp/.../EFI/BOOT/" command that fails
+ # cf. https://github.com/rear/rear/issues/1921
+ test "$second_stage_UEFI_bootloader_files" || Error "Could not find second stage Secure Boot bootloader $uefi_bootloader_dirname/grub*.efi"
+ DebugPrint "Using second stage Secure Boot bootloader files: $second_stage_UEFI_bootloader_files"
+ cp -L $v $second_stage_UEFI_bootloader_files $EFI_DST/ || Error "Failed to copy second stage Secure Boot bootloader files"
+else
+ cp -L $v "$UEFI_BOOTLOADER" "$EFI_DST/BOOTX64.efi" || Error "Failed to copy UEFI_BOOTLOADER '$UEFI_BOOTLOADER' to $EFI_DST/BOOTX64.efi"
+fi
cp $v $UEFI_BOOTLOADER "$EFI_DST/BOOTX64.efi" || Error "Failed to copy UEFI_BOOTLOADER '$UEFI_BOOTLOADER' to $EFI_DST/BOOTX64.efi"
# Copy kernel
@@ -93,7 +131,14 @@ EOF
create_grub2_cfg ${EFI_DIR}/kernel ${EFI_DIR}/$REAR_INITRD_FILENAME > ${EFI_DST}/grub.cfg
# Create bootloader, this overwrite BOOTX64.efi copied in previous step ...
- build_bootx86_efi ${EFI_DST}/BOOTX64.efi ${EFI_DST}/grub.cfg "/boot" "$UEFI_BOOTLOADER"
+ # Create BOOTX86.efi but only if we are NOT secure booting.
+ # We are not able to create signed boot loader
+ # so we need to reuse existing one.
+ # See issue #1374
+ # build_bootx86_efi () can be safely used for other scenarios.
+ if ! test -f "$SECURE_BOOT_BOOTLOADER" ; then
+ build_bootx86_efi ${EFI_DST}/BOOTX64.efi ${EFI_DST}/grub.cfg "/boot" "$UEFI_BOOTLOADER"
+ fi
;;
*)
BugError "Neither grub 0.97 nor 2.0"

41
SOURCES/rear-usb-uefi-part-size-bz2228402.patch Normal file
View File

@ -0,0 +1,41 @@
commit 1cd41052f7a7cd42ea14ea53b7280c73624aba3f
Author: Johannes Meixner <jsmeix@suse.com>
Date: Mon Mar 21 12:14:21 2022 +0100
Merge pull request #2774 from rear/jsmeix-1024-USB_UEFI_PART_SIZE
In default.conf increase USB_UEFI_PART_SIZE to 1024 MiB,
cf. https://github.com/rear/rear/pull/1205
in particular to also make things work by default when additional
third-party kernel modules and firmware (e.g. from Nvidia) are used,
cf. https://github.com/rear/rear/issues/2770#issuecomment-1068935688
diff --git a/usr/share/rear/conf/default.conf b/usr/share/rear/conf/default.conf
index 8faa56aa..17a764cb 100644
--- a/usr/share/rear/conf/default.conf
+++ b/usr/share/rear/conf/default.conf
@@ -872,13 +872,20 @@ USB_PARTITION_ALIGN_BLOCK_SIZE="8"
# in MiB when formatting a medium by the format workflow.
# If USB_UEFI_PART_SIZE is empty or invalid (i.e. not an unsigned integer larger than 0)
# the user must interactively enter a valid value while running the format workflow.
-# The default value of 400 MiB should be sufficiently big and it is in compliance
-# with the 8 MiB partition alignment default value ( 400 = 8 * 50 )
-# and even with a 16 MiB partition alignment value ( 400 = 16 * 25 )
+# The default value of 1024 MiB should be sufficiently big
# cf. https://github.com/rear/rear/pull/1205
+# in particular when third-party kernel modules and firmware (e.g. from Nvidia) are used
+# cf. https://github.com/rear/rear/issues/2770#issuecomment-1068935688
+# and 1024 MiB is in compliance with the 8 MiB partition alignment value ( 1024 = 8 * 128 )
+# and also with higher 2^n MiB partition alignment values.
+# Furthermore the default value of 1024 MiB results that the FAT filesystem of the ESP
+# will be in compliance with that the ESP should officially use a FAT32 filesystem
+# because mkfs.vfat automatically makes a FAT32 filesystem starting at 512 MiB
+# (a FAT16 ESP works in most cases but causes issues with certain UEFI firmware)
+# cf. https://github.com/rear/rear/issues/2575
# The value of USB_UEFI_PART_SIZE will be rounded to the nearest
# USB_PARTITION_ALIGN_BLOCK_SIZE chunk:
-USB_UEFI_PART_SIZE="400"
+USB_UEFI_PART_SIZE="1024"
#
# Default boot option (i.e. what gets booted automatically after some timeout)
# when EXTLINUX boots the USB stick or USB disk or other disk device on BIOS systems.

21
SOURCES/rear-vg-command-not-found-bz2121476.patch Normal file
View File

@ -0,0 +1,21 @@
commit ead05a460d3b219372f47be888ba6011c7fd3318
Author: Pavel Cahyna <pcahyna@redhat.com>
Date: Tue Aug 22 12:32:04 2023 +0200
Fix downstream only bug
\$IsInArray -> IsInArray - it is a shell function, not a variable.
diff --git a/usr/share/rear/layout/prepare/GNU/Linux/110_include_lvm_code.sh b/usr/share/rear/layout/prepare/GNU/Linux/110_include_lvm_code.sh
index d34ab335..a65a9c8e 100644
--- a/usr/share/rear/layout/prepare/GNU/Linux/110_include_lvm_code.sh
+++ b/usr/share/rear/layout/prepare/GNU/Linux/110_include_lvm_code.sh
@@ -246,7 +246,7 @@ create_lvmvol() {
local warnraidline
if [ $is_thin -eq 0 ] ; then
- ifline="if IsInArray $vg \"\${create_logical_volumes[@]}\" && ! \$IsInArray $vg \"\${create_thin_volumes_only[@]}\" ; then"
+ ifline="if IsInArray $vg \"\${create_logical_volumes[@]}\" && ! IsInArray $vg \"\${create_thin_volumes_only[@]}\" ; then"
else
ifline="if IsInArray $vg \"\${create_logical_volumes[@]}\" ; then"
fi

21
SPECS/rear.spec
View File

@ -3,7 +3,7 @@
Summary: Relax-and-Recover is a Linux disaster recovery and system migration tool
Name: rear
Version: 2.6
Release: 9%{?dist}
Release: 10%{?dist}
License: GPLv3
Group: Applications/File
URL: http://relax-and-recover.org/
@ -34,6 +34,11 @@ Patch52: rear-bz2091163.patch
Patch53: rear-bz2130945.patch
Patch54: rear-bz2131946.patch
Patch56: s390-no-clobber-disks.patch
Patch58: rear-device-shrinking-bz2223895.patch
Patch59: rear-usb-uefi-part-size-bz2228402.patch
Patch60: rear-luks-key-bz2228779.patch
Patch61: rear-uefi-usb-secureboot-bz2196445.patch
Patch62: rear-vg-command-not-found-bz2121476.patch
### Dependencies on all distributions
BuildRequires: asciidoc
@ -161,6 +166,11 @@ fi
%patch53 -p1
%patch54 -p1
%patch56 -p1
%patch58 -p1
%patch59 -p1
%patch60 -p1
%patch61 -p1
%patch62 -p1
echo "30 1 * * * root test -f /var/lib/rear/layout/disklayout.conf && /usr/sbin/rear checklayout || /usr/sbin/rear mkrescue" >rear.cron
@ -194,6 +204,15 @@ TZ=UTC %{__make} -C doc
%{_sbindir}/rear
%changelog
* Tue Aug 22 2023 Pavel Cahyna <pcahyna@redhat.com> - 2.6-10
- Apply PR 3027 to ensure correct creation of the rescue environment
when a file is shrinking while being read
- Backport PR 2774 to increase USB_UEFI_PART_SIZE to 1024 MiB
- Apply upstream patch for temp dir usage with LUKS to ensure
that during recovery an encrypted disk can be unlocked using a keyfile
- Backport upstream PR 3031: Secure Boot support for OUTPUT=USB
- Correct a mistake done when backporting PR 2691
* Wed Feb 22 2023 Pavel Cahyna <pcahyna@redhat.com> - 2.6-9
- Backport PR2943 to fix s390x dasd formatting
- Require s390utils-{core,base} on s390x