import rpm-4.14.3-24.el8_6
This commit is contained in:
parent
56f20294c9
commit
836001d6af
167
SOURCES/rpm-4.14.3-fapolicyd-make-write-nonblocking.patch
Normal file
167
SOURCES/rpm-4.14.3-fapolicyd-make-write-nonblocking.patch
Normal file
@ -0,0 +1,167 @@
|
|||||||
|
From 534fd1f0c84b12ba6080a46e07c57ef913c77cba Mon Sep 17 00:00:00 2001
|
||||||
|
From: Radovan Sroka <rsroka@redhat.com>
|
||||||
|
Date: Thu, 25 Aug 2022 15:38:01 +0200
|
||||||
|
Subject: [PATCH] fapolicyd: Make write() nonblocking
|
||||||
|
|
||||||
|
- switch to read only and non blocking mode for pipe
|
||||||
|
- add 1 minute loop to wait for pipe to reappear
|
||||||
|
|
||||||
|
Sometimes during the system update/upgrade fapolicyd
|
||||||
|
get restarted e.g. when systemd gets updated.
|
||||||
|
That can lead to the situation where fapolicyd pipe
|
||||||
|
has been removed and created again.
|
||||||
|
In such cases rpm-plugin-fapolicyd gets stuck on
|
||||||
|
write() to the pipe which does not exist anymore.
|
||||||
|
After switching to non blocking file descriptor
|
||||||
|
we can try to reopen the pipe if there is an error
|
||||||
|
from write(). Assuming that a new pipe should appear
|
||||||
|
when fapolicyd daemon starts again.
|
||||||
|
If not then after 1 minute of waiting we expect
|
||||||
|
fapolicyd daemon to be not active and we let the
|
||||||
|
transaction continue.
|
||||||
|
|
||||||
|
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
|
||||||
|
---
|
||||||
|
plugins/fapolicyd.c | 74 +++++++++++++++++++++++++++++++++++++++------
|
||||||
|
1 file changed, 65 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/plugins/fapolicyd.c b/plugins/fapolicyd.c
|
||||||
|
index 1ff50c30f..6c6322941 100644
|
||||||
|
--- a/plugins/fapolicyd.c
|
||||||
|
+++ b/plugins/fapolicyd.c
|
||||||
|
@@ -27,7 +27,7 @@ static rpmRC open_fifo(struct fapolicyd_data* state)
|
||||||
|
int fd = -1;
|
||||||
|
struct stat s;
|
||||||
|
|
||||||
|
- fd = open(state->fifo_path, O_RDWR);
|
||||||
|
+ fd = open(state->fifo_path, O_WRONLY|O_NONBLOCK);
|
||||||
|
if (fd == -1) {
|
||||||
|
rpmlog(RPMLOG_DEBUG, "Open: %s -> %s\n", state->fifo_path, strerror(errno));
|
||||||
|
goto bad;
|
||||||
|
@@ -55,15 +55,26 @@ static rpmRC open_fifo(struct fapolicyd_data* state)
|
||||||
|
}
|
||||||
|
|
||||||
|
state->fd = fd;
|
||||||
|
+
|
||||||
|
/* considering success */
|
||||||
|
return RPMRC_OK;
|
||||||
|
|
||||||
|
bad:
|
||||||
|
if (fd >= 0)
|
||||||
|
close(fd);
|
||||||
|
+
|
||||||
|
+ state->fd = -1;
|
||||||
|
return RPMRC_FAIL;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void close_fifo(struct fapolicyd_data* state)
|
||||||
|
+{
|
||||||
|
+ if (state->fd > 0)
|
||||||
|
+ (void) close(state->fd);
|
||||||
|
+
|
||||||
|
+ state->fd = -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static rpmRC write_fifo(struct fapolicyd_data* state, const char * str)
|
||||||
|
{
|
||||||
|
ssize_t len = strlen(str);
|
||||||
|
@@ -86,6 +97,54 @@ static rpmRC write_fifo(struct fapolicyd_data* state, const char * str)
|
||||||
|
return RPMRC_FAIL;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void try_to_write_to_fifo(struct fapolicyd_data* state, const char * str)
|
||||||
|
+{
|
||||||
|
+ int reload = 0;
|
||||||
|
+ int printed = 0;
|
||||||
|
+
|
||||||
|
+ /* 1min/60s */
|
||||||
|
+ const int timeout = 60;
|
||||||
|
+
|
||||||
|
+ /* wait up to X seconds */
|
||||||
|
+ for (int i = 0; i < timeout; i++) {
|
||||||
|
+
|
||||||
|
+ if (reload) {
|
||||||
|
+ if (!printed) {
|
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: waiting for the service connection to resume, it can take up to %d seconds\n", timeout);
|
||||||
|
+ printed = 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ (void) close_fifo(state);
|
||||||
|
+ (void) open_fifo(state);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (state->fd >= 0) {
|
||||||
|
+ if (write_fifo(state, str) == RPMRC_OK) {
|
||||||
|
+
|
||||||
|
+ /* write was successful after few reopens */
|
||||||
|
+ if (reload)
|
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: the service connection has resumed\n");
|
||||||
|
+
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* failed write or reopen */
|
||||||
|
+ reload = 1;
|
||||||
|
+ sleep(1);
|
||||||
|
+
|
||||||
|
+ /* the last iteration */
|
||||||
|
+ /* consider failure */
|
||||||
|
+ if (i == timeout-1) {
|
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: the service connection has not resumed\n");
|
||||||
|
+ rpmlog(RPMLOG_WARNING, "rpm-plugin-fapolicyd: continuing without the service\n");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
static rpmRC fapolicyd_init(rpmPlugin plugin, rpmts ts)
|
||||||
|
{
|
||||||
|
if (rpmtsFlags(ts) & (RPMTRANS_FLAG_TEST|RPMTRANS_FLAG_BUILD_PROBS))
|
||||||
|
@@ -102,10 +161,7 @@ static rpmRC fapolicyd_init(rpmPlugin plugin, rpmts ts)
|
||||||
|
|
||||||
|
static void fapolicyd_cleanup(rpmPlugin plugin)
|
||||||
|
{
|
||||||
|
- if (fapolicyd_state.fd > 0)
|
||||||
|
- (void) close(fapolicyd_state.fd);
|
||||||
|
-
|
||||||
|
- fapolicyd_state.fd = -1;
|
||||||
|
+ (void) close_fifo(&fapolicyd_state);
|
||||||
|
}
|
||||||
|
|
||||||
|
static rpmRC fapolicyd_tsm_post(rpmPlugin plugin, rpmts ts, int res)
|
||||||
|
@@ -116,9 +172,9 @@ static rpmRC fapolicyd_tsm_post(rpmPlugin plugin, rpmts ts, int res)
|
||||||
|
/* we are ready */
|
||||||
|
if (fapolicyd_state.fd > 0) {
|
||||||
|
/* send a signal that transaction is over */
|
||||||
|
- (void) write_fifo(&fapolicyd_state, "1\n");
|
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, "1\n");
|
||||||
|
/* flush cache */
|
||||||
|
- (void) write_fifo(&fapolicyd_state, "2\n");
|
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, "2\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
end:
|
||||||
|
@@ -133,7 +189,7 @@ static rpmRC fapolicyd_scriptlet_pre(rpmPlugin plugin, const char *s_name,
|
||||||
|
|
||||||
|
if (fapolicyd_state.changed_files > 0) {
|
||||||
|
/* send signal to flush cache */
|
||||||
|
- (void) write_fifo(&fapolicyd_state, "2\n");
|
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, "2\n");
|
||||||
|
|
||||||
|
/* optimize flushing */
|
||||||
|
/* flush only when there was an actual change */
|
||||||
|
@@ -176,7 +232,7 @@ static rpmRC fapolicyd_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
|
||||||
|
char * sha = rpmfiFDigestHex(fi, NULL);
|
||||||
|
|
||||||
|
snprintf(buffer, 4096, "%s %lu %64s\n", dest, size, sha);
|
||||||
|
- (void) write_fifo(&fapolicyd_state, buffer);
|
||||||
|
+ (void) try_to_write_to_fifo(&fapolicyd_state, buffer);
|
||||||
|
|
||||||
|
free(sha);
|
||||||
|
|
||||||
|
--
|
||||||
|
2.37.3
|
||||||
|
|
@ -32,7 +32,7 @@
|
|||||||
|
|
||||||
%global rpmver 4.14.3
|
%global rpmver 4.14.3
|
||||||
#global snapver rc2
|
#global snapver rc2
|
||||||
%global rel 23
|
%global rel 24
|
||||||
|
|
||||||
%global srcver %{version}%{?snapver:-%{snapver}}
|
%global srcver %{version}%{?snapver:-%{snapver}}
|
||||||
%global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x}
|
%global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x}
|
||||||
@ -114,6 +114,7 @@ Patch160: rpm-4.14.3-macroize-find-debuginfo-script-location.patch
|
|||||||
Patch161: rpm-4.14.3-validate-and-require-subkey-binding-sigs.patch
|
Patch161: rpm-4.14.3-validate-and-require-subkey-binding-sigs.patch
|
||||||
Patch162: rpm-4.14.3-fix-spurious-transfiletriggerpostun-execution.patch
|
Patch162: rpm-4.14.3-fix-spurious-transfiletriggerpostun-execution.patch
|
||||||
Patch163: rpm-4.14.3-skip-recorded-symlinks-in-setperms.patch
|
Patch163: rpm-4.14.3-skip-recorded-symlinks-in-setperms.patch
|
||||||
|
Patch164: rpm-4.14.3-fapolicyd-make-write-nonblocking.patch
|
||||||
|
|
||||||
# Python 3 string API sanity
|
# Python 3 string API sanity
|
||||||
Patch500: 0001-In-Python-3-return-all-our-string-data-as-surrogate-.patch
|
Patch500: 0001-In-Python-3-return-all-our-string-data-as-surrogate-.patch
|
||||||
@ -694,6 +695,9 @@ make check || cat tests/rpmtests.log
|
|||||||
%doc doc/librpm/html/*
|
%doc doc/librpm/html/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Sep 13 2022 Michal Domonkos <mdomonko@redhat.com> - 4.14.3-24
|
||||||
|
- Make write() nonblocking in fapolicyd plugin (#2110787)
|
||||||
|
|
||||||
* Tue Apr 05 2022 Michal Domonkos <mdomonko@redhat.com> - 4.14.3-23
|
* Tue Apr 05 2022 Michal Domonkos <mdomonko@redhat.com> - 4.14.3-23
|
||||||
- Fix minor ABI regression in rpmcli.h (#1940895)
|
- Fix minor ABI regression in rpmcli.h (#1940895)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user