diff --git a/.gitignore b/.gitignore index 1d8d3e8..e94c287 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/rpm-ostree-2019.6.tar.xz +SOURCES/rpm-ostree-2020.2.tar.xz diff --git a/.rpm-ostree.metadata b/.rpm-ostree.metadata index bb08118..208b5d4 100644 --- a/.rpm-ostree.metadata +++ b/.rpm-ostree.metadata @@ -1 +1 @@ -4394f32b43403577dd738675cbf8e28efbf8866f SOURCES/rpm-ostree-2019.6.tar.xz +c78822f97ac201db308cd39c8fc7d65b296e570c SOURCES/rpm-ostree-2020.2.tar.xz diff --git a/SOURCES/0001-app-status-Fix-printf-format-string-for-32-bit.patch b/SOURCES/0001-app-status-Fix-printf-format-string-for-32-bit.patch deleted file mode 100644 index a48c3ed..0000000 --- a/SOURCES/0001-app-status-Fix-printf-format-string-for-32-bit.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 08c98eda94381f0147af5783960121574043fa5a Mon Sep 17 00:00:00 2001 -From: Jonathan Lebon -Date: Wed, 25 Sep 2019 12:42:59 -0400 -Subject: [PATCH] app/status: Fix printf format string for 32-bit - -Hit this when compiling in Koji. ---- - src/app/rpmostree-builtin-status.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/app/rpmostree-builtin-status.c b/src/app/rpmostree-builtin-status.c -index 2bc2c4b5..8b38fc83 100644 ---- a/src/app/rpmostree-builtin-status.c -+++ b/src/app/rpmostree-builtin-status.c -@@ -1119,7 +1119,7 @@ fetch_history_deployment_gvariant (RORHistoryEntry *entry, - GError **error) - { - g_autofree char *fn = -- g_strdup_printf ("%s/%lu", RPMOSTREE_HISTORY_DIR, entry->deploy_timestamp); -+ g_strdup_printf ("%s/%" PRIu64, RPMOSTREE_HISTORY_DIR, entry->deploy_timestamp); - - *out_deployment = NULL; - -@@ -1165,7 +1165,7 @@ print_history_entry (RORHistoryEntry *entry, - print_timestamp_and_relative ("BootTimestamp", entry->last_boot_timestamp); - if (entry->boot_count > 1) - { -- g_print ("%s BootCount: %lu; first booted on ", -+ g_print ("%s BootCount: %" PRIu64 "; first booted on ", - libsd_special_glyph (TREE_RIGHT), entry->boot_count); - print_timestamp_and_relative (NULL, entry->first_boot_timestamp); - } --- -2.21.0 - diff --git a/SOURCES/0001-build-sys-Disable-zchunk-for-libdnf-if-we-don-t-have.patch b/SOURCES/0001-build-sys-Disable-zchunk-for-libdnf-if-we-don-t-have.patch new file mode 100644 index 0000000..61b4994 --- /dev/null +++ b/SOURCES/0001-build-sys-Disable-zchunk-for-libdnf-if-we-don-t-have.patch @@ -0,0 +1,41 @@ +From 0bfd20c900e75d8c4a42d80d7e2c3405141dd90b Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Thu, 14 May 2020 00:38:48 +0000 +Subject: [PATCH] build-sys: Disable zchunk for libdnf if we don't have it + +Going to update rpm-ostree for RHEL 8.3, we did a huge bump +in libdnf which now defaults to enabling zchunk in its build +system. We added the infrastructure before to detect things, +so propagate that to libdnf. +--- + configure.ac | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 684f202b..57d9ae24 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -131,8 +131,9 @@ AS_IF([pkg-config --atleast-version=4.14.2 rpm], [], [AC_MSG_ERROR([librpm 4.14. + + dnl We don't *actually* use this ourself, but librepo does, and libdnf gets confused + dnl if librepo doesn't support it. ++have_zchunk=no + AS_IF([pkg-config --exists zck], +- [AC_DEFINE([HAVE_ZCHUNK], 1, [Define if we have zchunk])]) ++ [have_zchunk=yes; AC_DEFINE([HAVE_ZCHUNK], 1, [Define if we have zchunk])]) + + AC_PATH_PROG([XSLTPROC], [xsltproc]) + +@@ -259,6 +260,9 @@ cmake_args=-DCMAKE_BUILD_TYPE=RelWithDebugInfo + if test ${debug_release} = debug; then + cmake_args="-DCMAKE_BUILD_TYPE=Debug" + fi ++if test x${have_zchunk} = xno; then ++ cmake_args="${cmake_args} -DWITH_ZCHUNK:BOOL=0" ++fi + export cmake_args + + dnl I picked /usr/libexec/rpm-ostree just because we need an +-- +2.18.4 + diff --git a/SOURCES/0001-libpriv-kernel-Use-g_build_filename-instead-of-g_str.patch b/SOURCES/0001-libpriv-kernel-Use-g_build_filename-instead-of-g_str.patch deleted file mode 100644 index 6965c4b..0000000 --- a/SOURCES/0001-libpriv-kernel-Use-g_build_filename-instead-of-g_str.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 6aa496e3128321f911dae10bf1a0f32c5e9a11fd Mon Sep 17 00:00:00 2001 -From: Jonathan Lebon -Date: Tue, 29 Oct 2019 16:38:56 -0400 -Subject: [PATCH 1/2] libpriv/kernel: Use g_build_filename instead of - g_strconcat - -It's much easier to mess up with the latter than the former when -building filenames. There's a bunch more all over the codebase; just did -this bit to be consistent with the next commit which also uses it. ---- - src/libpriv/rpmostree-kernel.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/libpriv/rpmostree-kernel.c b/src/libpriv/rpmostree-kernel.c -index 9eb052bd..2266f9c7 100644 ---- a/src/libpriv/rpmostree-kernel.c -+++ b/src/libpriv/rpmostree-kernel.c -@@ -353,7 +353,7 @@ rpmostree_finalize_kernel (int rootfs_dfd, - GError **error) - { - const char slash_bootdir[] = "boot"; -- g_autofree char *modules_bootdir = g_strconcat ("usr/lib/modules/", kver, NULL); -+ g_autofree char *modules_bootdir = g_build_filename ("usr/lib/modules", kver, NULL); - - /* Calculate the sha256sum of the kernel+initramfs (called the "boot - * checksum"). We checksum the initramfs from the tmpfile fd (via mmap()) to -@@ -371,7 +371,7 @@ rpmostree_finalize_kernel (int rootfs_dfd, - } - const char *boot_checksum_str = g_checksum_get_string (boot_checksum); - -- g_autofree char *kernel_modules_path = g_strconcat (modules_bootdir, "/vmlinuz", NULL);; -+ g_autofree char *kernel_modules_path = g_build_filename (modules_bootdir, "vmlinuz", NULL); - /* It's possible the bootdir is already the modules directory; in that case, - * we don't need to rename. - */ -@@ -394,7 +394,7 @@ rpmostree_finalize_kernel (int rootfs_dfd, - } - - /* Replace the initramfs */ -- g_autofree char *initramfs_modules_path = g_strconcat (modules_bootdir, "/initramfs.img", NULL); -+ g_autofree char *initramfs_modules_path = g_build_filename (modules_bootdir, "initramfs.img", NULL); - if (unlinkat (rootfs_dfd, initramfs_modules_path, 0) < 0) - { - if (errno != ENOENT) --- -2.21.0 - diff --git a/SOURCES/0001-libpriv-kernel-add-cap_mknod-to-dracut-run.patch b/SOURCES/0001-libpriv-kernel-add-cap_mknod-to-dracut-run.patch deleted file mode 100644 index bbe19f6..0000000 --- a/SOURCES/0001-libpriv-kernel-add-cap_mknod-to-dracut-run.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 3b8a1ec6c400a4e5af0f7f5889b360d2ed16f572 Mon Sep 17 00:00:00 2001 -From: Jonathan Lebon -Date: Tue, 3 Dec 2019 21:36:40 -0500 -Subject: [PATCH] libpriv/kernel: add cap_mknod to dracut run - -A lot of history with this. But essentially, dracut tries to `mknod` a -few character devices like `/dev/random` and `/dev/urandom` and fails. - -We originally blocked `cap_mknod` because, well, `%post` scripts don't -really need to do that, and it would get wiped anyway. But there is a -use case for dracut's CPIO: we want `/dev/*random` to be available in -early boot *before* systemd even mounts `devtmpfs` because libgcrypt as -part of its constructor-time selftests in FIPS mode wants to read from -there. - -For more fun, see: -https://bugzilla.redhat.com/show_bug.cgi?id=1778940 -https://bugzilla.redhat.com/show_bug.cgi?id=1401444 -https://bugzilla.redhat.com/show_bug.cgi?id=1380866 ---- - src/libpriv/rpmostree-kernel.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/libpriv/rpmostree-kernel.c b/src/libpriv/rpmostree-kernel.c -index 2bea504c..a7fffcb6 100644 ---- a/src/libpriv/rpmostree-kernel.c -+++ b/src/libpriv/rpmostree-kernel.c -@@ -564,6 +564,12 @@ rpmostree_run_dracut (int rootfs_dfd, - rpmostree_bwrap_bind_read (bwrap, "usr", "/usr"); - } - -+ /* Need to let dracut create devices like /dev/urandom: -+ * https://bugzilla.redhat.com/show_bug.cgi?id=1778940 -+ * https://bugzilla.redhat.com/show_bug.cgi?id=1401444 -+ * https://bugzilla.redhat.com/show_bug.cgi?id=1380866 */ -+ rpmostree_bwrap_append_bwrap_argv (bwrap, "--cap-add", "cap_mknod", NULL); -+ - if (dracut_host_tmpdir) - rpmostree_bwrap_bind_readwrite (bwrap, dracut_host_tmpdir->path, "/tmp/dracut"); - --- -2.23.0 - diff --git a/SOURCES/0001-unpacker-Build-with-older-libarchive-without-zstd.patch b/SOURCES/0001-unpacker-Build-with-older-libarchive-without-zstd.patch deleted file mode 100644 index 0e993bb..0000000 --- a/SOURCES/0001-unpacker-Build-with-older-libarchive-without-zstd.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 11ee20c1cdcc7a76d9e1047e8063b8349a6c6da6 Mon Sep 17 00:00:00 2001 -From: Colin Walters -Date: Tue, 15 Oct 2019 15:16:06 +0000 -Subject: [PATCH] unpacker: Build with older libarchive without zstd - -It's not in RHEL8.1, and I'm trying to rebase rpm-ostree. ---- - configure.ac | 4 ++++ - src/libpriv/rpmostree-unpacker-core.c | 2 ++ - 2 files changed, 6 insertions(+) - -diff --git a/configure.ac b/configure.ac -index 873dc6b9..a0c5cce4 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -122,6 +122,10 @@ dnl bundled libdnf - PKGDEP_RPMOSTREE_CFLAGS="-I $(pwd)/libdnf -I $(pwd)/libdnf-build $PKGDEP_RPMOSTREE_CFLAGS" - PKGDEP_RPMOSTREE_LIBS="-L$(pwd)/libdnf-build/libdnf -ldnf $PKGDEP_RPMOSTREE_LIBS" - -+dnl RHEL8.1 has old libarchive -+AS_IF([pkg-config --atleast-version=3.3.3 libarchive], -+ [AC_DEFINE([HAVE_LIBARCHIVE_ZSTD], 1, [Define if we have libarchive with zstd])]) -+ - dnl This is the current version in Fedora 25. - AS_IF([pkg-config --atleast-version=4.14.2 rpm], [], [AC_MSG_ERROR([librpm 4.14.2 required])]) - -diff --git a/src/libpriv/rpmostree-unpacker-core.c b/src/libpriv/rpmostree-unpacker-core.c -index 3bd574a4..2d741b1e 100644 ---- a/src/libpriv/rpmostree-unpacker-core.c -+++ b/src/libpriv/rpmostree-unpacker-core.c -@@ -74,7 +74,9 @@ rpmostree_unpack_rpm2cpio (int fd, GError **error) - archive_read_support_filter_gzip, - archive_read_support_filter_xz, - archive_read_support_filter_bzip2, -+#ifdef HAVE_LIBARCHIVE_ZSTD - archive_read_support_filter_zstd, -+#endif - archive_read_support_format_cpio }; - - for (i = 0; i < G_N_ELEMENTS (archive_setup_funcs); i++) --- -2.21.0 - diff --git a/SOURCES/0002-libpriv-kernel-Hack-around-vmlinuz-path-in-HMAC-file.patch b/SOURCES/0002-libpriv-kernel-Hack-around-vmlinuz-path-in-HMAC-file.patch deleted file mode 100644 index c797777..0000000 --- a/SOURCES/0002-libpriv-kernel-Hack-around-vmlinuz-path-in-HMAC-file.patch +++ /dev/null @@ -1,66 +0,0 @@ -From fec61ce5778910bac7779191ee8deeb0a24593c8 Mon Sep 17 00:00:00 2001 -From: Jonathan Lebon -Date: Tue, 29 Oct 2019 16:40:39 -0400 -Subject: [PATCH 2/2] libpriv/kernel: Hack around vmlinuz path in HMAC file - -As mentioned in the comment block: - -``` -If there's an HMAC file, fix the path to the kernel in it to be -relative. Right now, the kernel spec encodes `/boot/vmlinux-$kver`, -which of course not going to work for us. We should work towards making -this change directly into the kernel spec. -``` - -For background, see this comment and following: -https://github.com/ostreedev/ostree/pull/1962#issuecomment-547488164 ---- - src/libpriv/rpmostree-kernel.c | 32 ++++++++++++++++++++++++++++++++ - 1 file changed, 32 insertions(+) - -diff --git a/src/libpriv/rpmostree-kernel.c b/src/libpriv/rpmostree-kernel.c -index 2266f9c7..2bea504c 100644 ---- a/src/libpriv/rpmostree-kernel.c -+++ b/src/libpriv/rpmostree-kernel.c -@@ -393,6 +393,38 @@ rpmostree_finalize_kernel (int rootfs_dfd, - return glnx_throw_errno_prefix (error, "linkat(%s)", kernel_modules_path); - } - -+ /* If there's an HMAC file, fix the path to the kernel in it to be relative. Right now, -+ * the kernel spec encodes `/boot/vmlinux-$kver`, which of course not going to work for -+ * us. We should work towards making this change directly into the kernel spec. */ -+ g_autofree char *hmac_path = g_build_filename (modules_bootdir, ".vmlinuz.hmac", NULL); -+ if (!glnx_fstatat_allow_noent (rootfs_dfd, hmac_path, NULL, 0, error)) -+ return FALSE; -+ if (errno == 0) -+ { -+ g_autofree char *contents = glnx_file_get_contents_utf8_at (rootfs_dfd, hmac_path, -+ NULL, cancellable, error); -+ if (contents == NULL) -+ return FALSE; -+ -+ /* rather than trying to parse and understand the *sum format, just hackily replace */ -+ g_autofree char *old_path = g_strconcat (" /boot/vmlinuz-", kver, NULL); -+ g_autofree char *new_path = g_strconcat (" vmlinuz-", kver, NULL); -+ g_autofree char *new_contents = -+ rpmostree_str_replace (contents, old_path, new_path, error); -+ if (!new_contents) -+ return FALSE; -+ -+ /* sanity check there are no '/' in there; that way too we just error out if the path -+ * or format changes (but really, this should be a temporary hack...) */ -+ if (strchr (new_contents, '/') != 0) -+ return glnx_throw (error, "Unexpected / in .vmlinuz.hmac: %s", new_contents); -+ -+ if (!glnx_file_replace_contents_at (rootfs_dfd, hmac_path, -+ (guint8*)new_contents, -1, 0, -+ cancellable, error)) -+ return FALSE; -+ } -+ - /* Replace the initramfs */ - g_autofree char *initramfs_modules_path = g_build_filename (modules_bootdir, "initramfs.img", NULL); - if (unlinkat (rootfs_dfd, initramfs_modules_path, 0) < 0) --- -2.21.0 - diff --git a/SPECS/rpm-ostree.spec b/SPECS/rpm-ostree.spec index 684a92d..6c85498 100644 --- a/SPECS/rpm-ostree.spec +++ b/SPECS/rpm-ostree.spec @@ -3,8 +3,8 @@ Summary: Hybrid image/package system Name: rpm-ostree -Version: 2019.6 -Release: 6%{?dist} +Version: 2020.2 +Release: 2%{?dist} #VCS: https://github.com/cgwalters/rpm-ostree # This tarball is generated via "cd packaging && make -f Makefile.dist-packaging dist-snapshot" # in the upstream git. If rust is enabled, it contains vendored sources. @@ -12,12 +12,6 @@ Source0: rpm-ostree-%{version}.tar.xz License: LGPLv2+ URL: https://github.com/projectatomic/rpm-ostree -Patch0: 0001-app-status-Fix-printf-format-string-for-32-bit.patch -Patch1: 0001-unpacker-Build-with-older-libarchive-without-zstd.patch -Patch2: 0001-libpriv-kernel-Use-g_build_filename-instead-of-g_str.patch -Patch3: 0002-libpriv-kernel-Hack-around-vmlinuz-path-in-HMAC-file.patch -Patch4: 0001-libpriv-kernel-add-cap_mknod-to-dracut-run.patch - %if !%{defined rust_arches} # It's not defined yet in the base CentOS7 root %define rust_arches x86_64 i686 armv7hl aarch64 ppc64 ppc64le s390x @@ -25,6 +19,8 @@ Patch4: 0001-libpriv-kernel-add-cap_mknod-to-dracut-run.patch ExclusiveArch: %{rust_arches} +Patch0: 0001-build-sys-Disable-zchunk-for-libdnf-if-we-don-t-have.patch + %if 0%{?fedora} BuildRequires: cargo BuildRequires: rust @@ -78,16 +74,15 @@ BuildRequires: gcc-c++ # more libdnf build deps (see libdnf's spec for versions) %global swig_version 3.0.12 -%global libmodulemd_version 1.6.1 BuildRequires: swig >= %{swig_version} -BuildRequires: pkgconfig(modulemd) >= %{libmodulemd_version} +BuildRequires: pkgconfig(modulemd-2.0) BuildRequires: pkgconfig(json-c) BuildRequires: pkgconfig(cppunit) BuildRequires: pkgconfig(sqlite3) BuildRequires: pkgconfig(smartcols) BuildRequires: gpgme-devel -Requires: libmodulemd1%{?_isa} >= %{libmodulemd_version} +Requires: libmodulemd1%{?_isa} # For now...see https://github.com/projectatomic/rpm-ostree/pull/637 # and https://github.com/fedora-infra/fedmsg-atomic-composer/pull/17 @@ -190,6 +185,18 @@ $PYTHON autofiles.py > files.devel \ %files devel -f files.devel %changelog +* Fri May 15 2020 Colin Walters - 2020.2-2 +- https://github.com/coreos/rpm-ostree/releases/tag/v2020.2 + Resolves: #1827712 + +* Tue Mar 03 2020 Colin Walters - 2019.6-8 +- Backport patches for initramfs /etc + Resolves: #1808459 + +* Thu Feb 27 2020 Colin Walters - 2019.6-7 +- Backport f295f543064f1a0b5833fefccd6bb203b3527623 + Resolves: #1807487 + * Thu Dec 05 2019 Jonathan Lebon - 2019.6-6 - Backport dracut mknod patch for FIPS: https://github.com/coreos/rpm-ostree/pull/1946