rpms/rpm-ostree
7
0
Fork 0
Code Issues Pull Requests Releases Activity

https://github.com/coreos/rpm-ostree/releases/tag/v2023.7

Browse Source
This commit is contained in:
Colin Walters 2023-08-29 17:43:14 -04:00
parent 447abfc4e4
commit 2bc84a8f60
4 changed files with 5 additions and 260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
0001-Eliminate-redundant-and-obsolete-cruft-from-dnf_keyr.patch
View File

@ -1,55 +0,0 @@
From 0d67f44198daa829d947436884e00f2030642136 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Wed, 10 May 2023 10:29:58 +0300
Subject: [PATCH 1/3] Eliminate redundant and obsolete cruft from
dnf_keyring_add_public_key()
These APIs have been obsolete for years and now removed in rpm 4.19.
Luckily the usage here is entirely redundant, rpmKeyringAddKey() checks
for duplicates and that case is even handled in this code.
---
libdnf/dnf-keyring.cpp | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/libdnf/dnf-keyring.cpp b/libdnf/dnf-keyring.cpp
index 550d5ce2..a8fdb993 100644
--- a/libdnf/libdnf/dnf-keyring.cpp
+++ b/libdnf/libdnf/dnf-keyring.cpp
@@ -63,7 +63,6 @@ dnf_keyring_add_public_key(rpmKeyring keyring,
int rc;
gsize len;
pgpArmor armor;
- pgpDig dig = NULL;
rpmPubkey pubkey = NULL;
rpmPubkey *subkeys = NULL;
int nsubkeys = 0;
@@ -116,16 +115,7 @@ dnf_keyring_add_public_key(rpmKeyring keyring,
goto out;
}
- /* does the key exist in the keyring */
- dig = rpmPubkeyDig(pubkey);
- rc = rpmKeyringLookup(keyring, dig);
- if (rc == RPMRC_OK) {
- ret = TRUE;
- g_debug("%s is already present", filename);
- goto out;
- }
-
- /* add to rpmdb automatically, without a prompt */
+ /* add to in-memory keyring */
rc = rpmKeyringAddKey(keyring, pubkey);
if (rc == 1) {
ret = TRUE;
@@ -169,8 +159,6 @@ out:
}
free(subkeys);
}
- if (dig != NULL)
- pgpFreeDig(dig);
return ret;
} CATCH_TO_GERROR(FALSE)
--
2.41.0.rc1

107
0001-daemon-Use-a-socket-in-run-require-non-abstract.patch
View File

@ -1,107 +0,0 @@
From 476afb1d08513cb74cd1d28490c5e028c70f67c2 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Wed, 15 Feb 2023 11:44:18 -0500
Subject: [PATCH] daemon: Use a socket in `/run`, require non-abstract
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=2169622
The new glib changed to use non-abstract sockets by default,
which broke us because we'd slowly grown more isolation, specifically
the daemon has been using `PrivateTmp` for a while and we'd
been relying on abstract sockets to pierce that.
Change to use `/run` which should always be shared by client
and daemon. While we're here, make it a well-known static path
because there can be only one transaction at a time.
We also do need to explicitly make the socket world-accessible
because that was the semantics of the previous abstract socket.
Also, plug leaks here by ensuring we call `g_dbus_server_stop()`.
(But really we should also change this to be crash safe, probably
with a temporary directory, but that's a larger change)
---
src/daemon/rpmostreed-transaction.cxx | 26 ++++++++++++++++++++++----
tests/vmcheck/test-cached-rpm-diffs.sh | 3 ++-
2 files changed, 24 insertions(+), 5 deletions(-)
diff --git a/src/daemon/rpmostreed-transaction.cxx b/src/daemon/rpmostreed-transaction.cxx
index 6d184f9c..f50db494 100644
--- a/src/daemon/rpmostreed-transaction.cxx
+++ b/src/daemon/rpmostreed-transaction.cxx
@@ -31,6 +31,10 @@
#include "rpmostreed-sysroot.h"
#include "rpmostreed-transaction.h"
+// The well-known transaction socket path. This used to be randomly
+// generated, but there's no point because there can be at most one transaction.
+#define CLIENT_TRANSACTION_PATH "/run/rpm-ostree-transaction.sock"
+
struct _RpmostreedTransactionPrivate
{
GDBusMethodInvocation *invocation;
@@ -482,6 +486,10 @@ transaction_dispose (GObject *object)
g_clear_object (&priv->invocation);
g_clear_object (&priv->cancellable);
g_clear_object (&priv->sysroot);
+ if (priv->server)
+ {
+ g_dbus_server_stop (priv->server);
+ }
g_clear_object (&priv->server);
g_clear_pointer (&priv->sysroot_path, g_free);
@@ -578,14 +586,24 @@ transaction_initable_init (GInitable *initable, GCancellable *cancellable, GErro
priv->cancellable = (GCancellable *)g_object_ref (cancellable);
/* Set up a private D-Bus server over which to emit
- * progress and informational messages to the caller. */
-
+ * progress and informational messages to the caller.
+ * The socket needs to be non-abstract (for security reasons so it can't
+ * be accessed outside of our namespace)
+ * and it needs to be in `/run` so that it can be found by the client;
+ * the default daemon sandboxing uses PrivateTmp= implicitly.
+ */
g_autofree char *guid = g_dbus_generate_guid ();
- priv->server = g_dbus_server_new_sync ("unix:tmpdir=/tmp/rpm-ostree", G_DBUS_SERVER_FLAGS_NONE,
- guid, NULL, cancellable, error);
+ if (unlink (CLIENT_TRANSACTION_PATH) < 0 && errno != ENOENT)
+ return glnx_throw_errno_prefix (error, "Failed to unlink %s", CLIENT_TRANSACTION_PATH);
+ g_autofree char *addr = g_strdup_printf ("unix:path=%s", CLIENT_TRANSACTION_PATH);
+ priv->server
+ = g_dbus_server_new_sync (addr, G_DBUS_SERVER_FLAGS_NONE, guid, NULL, cancellable, error);
if (priv->server == NULL)
return FALSE;
+ if (chmod (CLIENT_TRANSACTION_PATH, 0666) < 0)
+ return glnx_throw_errno_prefix (error, "Failed to chmod %s", CLIENT_TRANSACTION_PATH);
+
g_signal_connect_object (priv->server, "new-connection",
G_CALLBACK (transaction_new_connection_cb), self,
static_cast<GConnectFlags> (0));
diff --git a/tests/vmcheck/test-cached-rpm-diffs.sh b/tests/vmcheck/test-cached-rpm-diffs.sh
index 05c0f3f0..55ab2424 100755
--- a/tests/vmcheck/test-cached-rpm-diffs.sh
+++ b/tests/vmcheck/test-cached-rpm-diffs.sh
@@ -68,7 +68,7 @@ run_transaction() {
sig=$1; shift
args=$1; shift
cur=$(vm_get_journal_cursor)
- vm_run_container --privileged -i -v /var/run/dbus:/var/run/dbus --net=host -- \
+ vm_run_container --privileged -i -v /run:/run/host/run -v /var/run/dbus:/var/run/dbus --net=host -- \
/bin/bash << EOF
set -xeuo pipefail
dnf install -y python3-dbus
@@ -77,6 +77,7 @@ import dbus
addr = dbus.SystemBus().call_blocking(
"org.projectatomic.rpmostree1", "$ospath", "org.projectatomic.rpmostree1.OS",
"$method", "$sig", ($args))
+addr = addr.replace("/run/", "/run/host/run/")
t = dbus.connection.Connection(addr)
t.call_blocking(
"org.projectatomic.rpmostree1", "/",
--
2.39.0

96
0002-Remove-redundant-and-obsolete-cruft-in-dnf_keyring_c.patch
View File

@ -1,96 +0,0 @@
From 4572ee7ff49d5ced4c53c5d789571adbdbd119bb Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Wed, 10 May 2023 10:34:22 +0300
Subject: [PATCH 2/3] Remove redundant and obsolete cruft in
dnf_keyring_check_untrusted_file()
These APIs have been obsolete for years and now removed in rpm 4.19.
This was always a rather strange way to go at verifying a package,
but now also wholly redundant because the signature are already verified
by rpmcliVerifySignatures().
---
libdnf/dnf-keyring.cpp | 53 ------------------------------------------
1 file changed, 53 deletions(-)
diff --git a/libdnf/dnf-keyring.cpp b/libdnf/dnf-keyring.cpp
index a8fdb993..5f6c7d7f 100644
--- a/libdnf/libdnf/dnf-keyring.cpp
+++ b/libdnf/libdnf/dnf-keyring.cpp
@@ -238,9 +238,7 @@ dnf_keyring_check_untrusted_file(rpmKeyring keyring,
FD_t fd = NULL;
gboolean ret = FALSE;
Header hdr = NULL;
- pgpDig dig = NULL;
rpmRC rc;
- rpmtd td = NULL;
rpmts ts = NULL;
char *path = g_strdup(filename);
@@ -302,51 +300,6 @@ dnf_keyring_check_untrusted_file(rpmKeyring keyring,
goto out;
}
- /* convert and upscale */
- headerConvert(hdr, HEADERCONV_RETROFIT_V3);
-
- /* get RSA key */
- td = rpmtdNew();
- rc = static_cast<rpmRC>(headerGet(hdr, RPMTAG_RSAHEADER, td, HEADERGET_MINMEM));
- if (rc != RPMRC_NOTFOUND) {
- /* try to read DSA key as a fallback */
- rc = static_cast<rpmRC>(headerGet(hdr, RPMTAG_DSAHEADER, td, HEADERGET_MINMEM));
- }
-
- /* the package has no signing key */
- if (rc != RPMRC_NOTFOUND) {
- g_autofree char *package_filename = g_path_get_basename(filename);
- ret = FALSE;
- g_set_error(error,
- DNF_ERROR,
- DNF_ERROR_GPG_SIGNATURE_INVALID,
- "package not signed: %s", package_filename);
- goto out;
- }
-
- /* make it into a digest */
- dig = pgpNewDig();
- rc = static_cast<rpmRC>(pgpPrtPkts(static_cast<const uint8_t *>(td->data), td->count, dig, 0));
- if (rc != RPMRC_OK) {
- g_set_error(error,
- DNF_ERROR,
- DNF_ERROR_FILE_INVALID,
- "failed to parse digest header for %s",
- filename);
- goto out;
- }
-
- /* does the key exist in the keyring */
- rc = rpmKeyringLookup(keyring, dig);
- if (rc != RPMRC_OK) {
- g_set_error(error,
- DNF_ERROR,
- DNF_ERROR_GPG_SIGNATURE_INVALID,
- "failed to lookup digest in keyring for %s",
- filename);
- goto out;
- }
-
/* the package is signed by a key we trust */
g_debug("%s has been verified as trusted", filename);
ret = TRUE;
@@ -355,12 +308,6 @@ out:
if (path != NULL)
g_free(path);
- if (dig != NULL)
- pgpFreeDig(dig);
- if (td != NULL) {
- rpmtdFreeData(td);
- rpmtdFree(td);
- }
if (ts != NULL)
rpmtsFree(ts);
if (hdr != NULL)
--
2.41.0.rc1

7
rpm-ostree.spec
View File

@ -3,8 +3,8 @@
Summary: Hybrid image/package system
Name: rpm-ostree
Version: 2023.5
Release: 2%{?dist}
Version: 2023.7
Release: 1%{?dist}
License: LGPL-2.0-or-later
URL: https://github.com/coreos/rpm-ostree
# This tarball is generated via "cd packaging && make -f Makefile.dist-packaging dist-snapshot"
@ -241,6 +241,9 @@ $PYTHON autofiles.py > files.devel \
%files devel -f files.devel
%changelog
* Tue Aug 29 2023 Colin Walters <walters@verbum.org> - 2023.6-2
- https://github.com/coreos/rpm-ostree/releases/tag/v2023.7
* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2023.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild