From 2bc84a8f609cef1180a6b99a0b7c9e4968abfb31 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 29 Aug 2023 17:43:14 -0400 Subject: [PATCH] https://github.com/coreos/rpm-ostree/releases/tag/v2023.7 --- ...ant-and-obsolete-cruft-from-dnf_keyr.patch | 55 --------- ...a-socket-in-run-require-non-abstract.patch | 107 ------------------ ...-and-obsolete-cruft-in-dnf_keyring_c.patch | 96 ---------------- rpm-ostree.spec | 7 +- 4 files changed, 5 insertions(+), 260 deletions(-) delete mode 100644 0001-Eliminate-redundant-and-obsolete-cruft-from-dnf_keyr.patch delete mode 100644 0001-daemon-Use-a-socket-in-run-require-non-abstract.patch delete mode 100644 0002-Remove-redundant-and-obsolete-cruft-in-dnf_keyring_c.patch diff --git a/0001-Eliminate-redundant-and-obsolete-cruft-from-dnf_keyr.patch b/0001-Eliminate-redundant-and-obsolete-cruft-from-dnf_keyr.patch deleted file mode 100644 index 85f2f4f..0000000 --- a/0001-Eliminate-redundant-and-obsolete-cruft-from-dnf_keyr.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 0d67f44198daa829d947436884e00f2030642136 Mon Sep 17 00:00:00 2001 -From: Panu Matilainen -Date: Wed, 10 May 2023 10:29:58 +0300 -Subject: [PATCH 1/3] Eliminate redundant and obsolete cruft from - dnf_keyring_add_public_key() - -These APIs have been obsolete for years and now removed in rpm 4.19. -Luckily the usage here is entirely redundant, rpmKeyringAddKey() checks -for duplicates and that case is even handled in this code. ---- - libdnf/dnf-keyring.cpp | 14 +------------- - 1 file changed, 1 insertion(+), 13 deletions(-) - -diff --git a/libdnf/dnf-keyring.cpp b/libdnf/dnf-keyring.cpp -index 550d5ce2..a8fdb993 100644 ---- a/libdnf/libdnf/dnf-keyring.cpp -+++ b/libdnf/libdnf/dnf-keyring.cpp -@@ -63,7 +63,6 @@ dnf_keyring_add_public_key(rpmKeyring keyring, - int rc; - gsize len; - pgpArmor armor; -- pgpDig dig = NULL; - rpmPubkey pubkey = NULL; - rpmPubkey *subkeys = NULL; - int nsubkeys = 0; -@@ -116,16 +115,7 @@ dnf_keyring_add_public_key(rpmKeyring keyring, - goto out; - } - -- /* does the key exist in the keyring */ -- dig = rpmPubkeyDig(pubkey); -- rc = rpmKeyringLookup(keyring, dig); -- if (rc == RPMRC_OK) { -- ret = TRUE; -- g_debug("%s is already present", filename); -- goto out; -- } -- -- /* add to rpmdb automatically, without a prompt */ -+ /* add to in-memory keyring */ - rc = rpmKeyringAddKey(keyring, pubkey); - if (rc == 1) { - ret = TRUE; -@@ -169,8 +159,6 @@ out: - } - free(subkeys); - } -- if (dig != NULL) -- pgpFreeDig(dig); - return ret; - } CATCH_TO_GERROR(FALSE) - --- -2.41.0.rc1 - diff --git a/0001-daemon-Use-a-socket-in-run-require-non-abstract.patch b/0001-daemon-Use-a-socket-in-run-require-non-abstract.patch deleted file mode 100644 index 966be71..0000000 --- a/0001-daemon-Use-a-socket-in-run-require-non-abstract.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 476afb1d08513cb74cd1d28490c5e028c70f67c2 Mon Sep 17 00:00:00 2001 -From: Colin Walters -Date: Wed, 15 Feb 2023 11:44:18 -0500 -Subject: [PATCH] daemon: Use a socket in `/run`, require non-abstract - -This fixes https://bugzilla.redhat.com/show_bug.cgi?id=2169622 - -The new glib changed to use non-abstract sockets by default, -which broke us because we'd slowly grown more isolation, specifically -the daemon has been using `PrivateTmp` for a while and we'd -been relying on abstract sockets to pierce that. - -Change to use `/run` which should always be shared by client -and daemon. While we're here, make it a well-known static path -because there can be only one transaction at a time. - -We also do need to explicitly make the socket world-accessible -because that was the semantics of the previous abstract socket. - -Also, plug leaks here by ensuring we call `g_dbus_server_stop()`. - -(But really we should also change this to be crash safe, probably - with a temporary directory, but that's a larger change) ---- - src/daemon/rpmostreed-transaction.cxx | 26 ++++++++++++++++++++++---- - tests/vmcheck/test-cached-rpm-diffs.sh | 3 ++- - 2 files changed, 24 insertions(+), 5 deletions(-) - -diff --git a/src/daemon/rpmostreed-transaction.cxx b/src/daemon/rpmostreed-transaction.cxx -index 6d184f9c..f50db494 100644 ---- a/src/daemon/rpmostreed-transaction.cxx -+++ b/src/daemon/rpmostreed-transaction.cxx -@@ -31,6 +31,10 @@ - #include "rpmostreed-sysroot.h" - #include "rpmostreed-transaction.h" - -+// The well-known transaction socket path. This used to be randomly -+// generated, but there's no point because there can be at most one transaction. -+#define CLIENT_TRANSACTION_PATH "/run/rpm-ostree-transaction.sock" -+ - struct _RpmostreedTransactionPrivate - { - GDBusMethodInvocation *invocation; -@@ -482,6 +486,10 @@ transaction_dispose (GObject *object) - g_clear_object (&priv->invocation); - g_clear_object (&priv->cancellable); - g_clear_object (&priv->sysroot); -+ if (priv->server) -+ { -+ g_dbus_server_stop (priv->server); -+ } - g_clear_object (&priv->server); - g_clear_pointer (&priv->sysroot_path, g_free); - -@@ -578,14 +586,24 @@ transaction_initable_init (GInitable *initable, GCancellable *cancellable, GErro - priv->cancellable = (GCancellable *)g_object_ref (cancellable); - - /* Set up a private D-Bus server over which to emit -- * progress and informational messages to the caller. */ -- -+ * progress and informational messages to the caller. -+ * The socket needs to be non-abstract (for security reasons so it can't -+ * be accessed outside of our namespace) -+ * and it needs to be in `/run` so that it can be found by the client; -+ * the default daemon sandboxing uses PrivateTmp= implicitly. -+ */ - g_autofree char *guid = g_dbus_generate_guid (); -- priv->server = g_dbus_server_new_sync ("unix:tmpdir=/tmp/rpm-ostree", G_DBUS_SERVER_FLAGS_NONE, -- guid, NULL, cancellable, error); -+ if (unlink (CLIENT_TRANSACTION_PATH) < 0 && errno != ENOENT) -+ return glnx_throw_errno_prefix (error, "Failed to unlink %s", CLIENT_TRANSACTION_PATH); -+ g_autofree char *addr = g_strdup_printf ("unix:path=%s", CLIENT_TRANSACTION_PATH); -+ priv->server -+ = g_dbus_server_new_sync (addr, G_DBUS_SERVER_FLAGS_NONE, guid, NULL, cancellable, error); - if (priv->server == NULL) - return FALSE; - -+ if (chmod (CLIENT_TRANSACTION_PATH, 0666) < 0) -+ return glnx_throw_errno_prefix (error, "Failed to chmod %s", CLIENT_TRANSACTION_PATH); -+ - g_signal_connect_object (priv->server, "new-connection", - G_CALLBACK (transaction_new_connection_cb), self, - static_cast (0)); -diff --git a/tests/vmcheck/test-cached-rpm-diffs.sh b/tests/vmcheck/test-cached-rpm-diffs.sh -index 05c0f3f0..55ab2424 100755 ---- a/tests/vmcheck/test-cached-rpm-diffs.sh -+++ b/tests/vmcheck/test-cached-rpm-diffs.sh -@@ -68,7 +68,7 @@ run_transaction() { - sig=$1; shift - args=$1; shift - cur=$(vm_get_journal_cursor) -- vm_run_container --privileged -i -v /var/run/dbus:/var/run/dbus --net=host -- \ -+ vm_run_container --privileged -i -v /run:/run/host/run -v /var/run/dbus:/var/run/dbus --net=host -- \ - /bin/bash << EOF - set -xeuo pipefail - dnf install -y python3-dbus -@@ -77,6 +77,7 @@ import dbus - addr = dbus.SystemBus().call_blocking( - "org.projectatomic.rpmostree1", "$ospath", "org.projectatomic.rpmostree1.OS", - "$method", "$sig", ($args)) -+addr = addr.replace("/run/", "/run/host/run/") - t = dbus.connection.Connection(addr) - t.call_blocking( - "org.projectatomic.rpmostree1", "/", --- -2.39.0 - diff --git a/0002-Remove-redundant-and-obsolete-cruft-in-dnf_keyring_c.patch b/0002-Remove-redundant-and-obsolete-cruft-in-dnf_keyring_c.patch deleted file mode 100644 index 64114a5..0000000 --- a/0002-Remove-redundant-and-obsolete-cruft-in-dnf_keyring_c.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 4572ee7ff49d5ced4c53c5d789571adbdbd119bb Mon Sep 17 00:00:00 2001 -From: Panu Matilainen -Date: Wed, 10 May 2023 10:34:22 +0300 -Subject: [PATCH 2/3] Remove redundant and obsolete cruft in - dnf_keyring_check_untrusted_file() - -These APIs have been obsolete for years and now removed in rpm 4.19. -This was always a rather strange way to go at verifying a package, -but now also wholly redundant because the signature are already verified -by rpmcliVerifySignatures(). ---- - libdnf/dnf-keyring.cpp | 53 ------------------------------------------ - 1 file changed, 53 deletions(-) - -diff --git a/libdnf/dnf-keyring.cpp b/libdnf/dnf-keyring.cpp -index a8fdb993..5f6c7d7f 100644 ---- a/libdnf/libdnf/dnf-keyring.cpp -+++ b/libdnf/libdnf/dnf-keyring.cpp -@@ -238,9 +238,7 @@ dnf_keyring_check_untrusted_file(rpmKeyring keyring, - FD_t fd = NULL; - gboolean ret = FALSE; - Header hdr = NULL; -- pgpDig dig = NULL; - rpmRC rc; -- rpmtd td = NULL; - rpmts ts = NULL; - - char *path = g_strdup(filename); -@@ -302,51 +300,6 @@ dnf_keyring_check_untrusted_file(rpmKeyring keyring, - goto out; - } - -- /* convert and upscale */ -- headerConvert(hdr, HEADERCONV_RETROFIT_V3); -- -- /* get RSA key */ -- td = rpmtdNew(); -- rc = static_cast(headerGet(hdr, RPMTAG_RSAHEADER, td, HEADERGET_MINMEM)); -- if (rc != RPMRC_NOTFOUND) { -- /* try to read DSA key as a fallback */ -- rc = static_cast(headerGet(hdr, RPMTAG_DSAHEADER, td, HEADERGET_MINMEM)); -- } -- -- /* the package has no signing key */ -- if (rc != RPMRC_NOTFOUND) { -- g_autofree char *package_filename = g_path_get_basename(filename); -- ret = FALSE; -- g_set_error(error, -- DNF_ERROR, -- DNF_ERROR_GPG_SIGNATURE_INVALID, -- "package not signed: %s", package_filename); -- goto out; -- } -- -- /* make it into a digest */ -- dig = pgpNewDig(); -- rc = static_cast(pgpPrtPkts(static_cast(td->data), td->count, dig, 0)); -- if (rc != RPMRC_OK) { -- g_set_error(error, -- DNF_ERROR, -- DNF_ERROR_FILE_INVALID, -- "failed to parse digest header for %s", -- filename); -- goto out; -- } -- -- /* does the key exist in the keyring */ -- rc = rpmKeyringLookup(keyring, dig); -- if (rc != RPMRC_OK) { -- g_set_error(error, -- DNF_ERROR, -- DNF_ERROR_GPG_SIGNATURE_INVALID, -- "failed to lookup digest in keyring for %s", -- filename); -- goto out; -- } -- - /* the package is signed by a key we trust */ - g_debug("%s has been verified as trusted", filename); - ret = TRUE; -@@ -355,12 +308,6 @@ out: - - if (path != NULL) - g_free(path); -- if (dig != NULL) -- pgpFreeDig(dig); -- if (td != NULL) { -- rpmtdFreeData(td); -- rpmtdFree(td); -- } - if (ts != NULL) - rpmtsFree(ts); - if (hdr != NULL) --- -2.41.0.rc1 - diff --git a/rpm-ostree.spec b/rpm-ostree.spec index 8fee224..077b880 100644 --- a/rpm-ostree.spec +++ b/rpm-ostree.spec @@ -3,8 +3,8 @@ Summary: Hybrid image/package system Name: rpm-ostree -Version: 2023.5 -Release: 2%{?dist} +Version: 2023.7 +Release: 1%{?dist} License: LGPL-2.0-or-later URL: https://github.com/coreos/rpm-ostree # This tarball is generated via "cd packaging && make -f Makefile.dist-packaging dist-snapshot" @@ -241,6 +241,9 @@ $PYTHON autofiles.py > files.devel \ %files devel -f files.devel %changelog +* Tue Aug 29 2023 Colin Walters - 2023.6-2 +- https://github.com/coreos/rpm-ostree/releases/tag/v2023.7 + * Fri Jul 21 2023 Fedora Release Engineering - 2023.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild