import rpm-4.16.1.3-22.el9

This commit is contained in:
CentOS Sources 2023-05-09 05:39:08 +00:00 committed by Stepan Oksanichenko
parent 58ce613616
commit bbd8c1d9c6
10 changed files with 698 additions and 1 deletions

View File

@ -0,0 +1,29 @@
From fe274b8f965582fdf97e6c46f90b9e7c124b0b8b Mon Sep 17 00:00:00 2001
From: Florian Festi <ffesti@redhat.com>
Date: Fri, 16 Dec 2022 15:50:12 +0100
Subject: [PATCH] rpm2archive: Don't print usage on no arguments
given as we want to default to reading from stdin and writing to stdout in
that case.
---
rpm2archive.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/rpm2archive.c b/rpm2archive.c
index 09da8d16b..53f047f58 100644
--- a/rpm2archive.c
+++ b/rpm2archive.c
@@ -241,10 +241,6 @@ int main(int argc, const char *argv[])
exit(EXIT_FAILURE);
}
}
- if (argc < 2 || poptGetNextOpt(optCon) == 0) {
- poptPrintUsage(optCon, stderr, 0);
- exit(EXIT_FAILURE);
- }
rpmts ts = rpmtsCreate();
rpmVSFlags vsflags = 0;
--
2.38.1

View File

@ -0,0 +1,36 @@
From 8f416b275a365426b07c75adfc017e0b18a85450 Mon Sep 17 00:00:00 2001
From: Florian Festi <ffesti@redhat.com>
Date: Fri, 16 Dec 2022 15:45:20 +0100
Subject: [PATCH] rpm2archive: Properly parse popt options
and issue an error message for unknown options. Before unknown options
could mess up the argument parsing leading to reading and writing from
stdin/stdout.
Thanks to Eva Mrakova and the Red Hat QE team for spotting this!
---
rpm2archive.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/rpm2archive.c b/rpm2archive.c
index de1a17d2b..09da8d16b 100644
--- a/rpm2archive.c
+++ b/rpm2archive.c
@@ -233,6 +233,14 @@ int main(int argc, const char *argv[])
optCon = poptGetContext(NULL, argc, argv, optionsTable, 0);
poptSetOtherOptionHelp(optCon, "[OPTIONS]* <FILES>");
+ while ((rc = poptGetNextOpt(optCon)) != -1) {
+ if (rc < 0) {
+ fprintf(stderr, "%s: %s\n",
+ poptBadOption(optCon, POPT_BADOPTION_NOALIAS),
+ poptStrerror(rc));
+ exit(EXIT_FAILURE);
+ }
+ }
if (argc < 2 || poptGetNextOpt(optCon) == 0) {
poptPrintUsage(optCon, stderr, 0);
exit(EXIT_FAILURE);
--
2.38.1

View File

@ -0,0 +1,40 @@
From 35739c2a2298e61caacb45157706bf342ffcd20e Mon Sep 17 00:00:00 2001
From: Florian Festi <ffesti@redhat.com>
Date: Tue, 27 Apr 2021 10:09:41 +0200
Subject: [PATCH] find-lang.sh: Support long languages names for QT
Most language abbreviations are just two characters but some are longer.
Allow an arbiraty number of character instead of exactly two in the names
of .qm files (QT translations). This brings the handling of .qm files in
line with all other file types.
Resolves: #1642
---
scripts/find-lang.sh | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/scripts/find-lang.sh b/scripts/find-lang.sh
index f2aa7d8951..b97210b117 100755
--- a/scripts/find-lang.sh
+++ b/scripts/find-lang.sh
@@ -249,13 +249,13 @@ s:%lang(C) ::
find "$TOP_DIR" -type f -o -type l|sed '
s:'"$TOP_DIR"'::
-'"$NO_ALL_NAME$QT"'s:\(.*/'"$NAME"'_\([a-zA-Z]\{2\}\([_@].*\)\?\)\.qm$\):%lang(\2) \1:
-'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1:
-'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1:
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1:
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1:
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\{2\}[_@].*\)\.qm$\):%lang(\2) \1:
-'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\{2\}\)\.qm$\):%lang(\2) \1:
+'"$NO_ALL_NAME$QT"'s:\(.*/'"$NAME"'_\([a-zA-Z]\+\([_@].*\)\?\)\.qm$\):%lang(\2) \1:
+'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1:
+'"$ALL_NAME$QT"'s:^\([^%].*/\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1:
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1:
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/_]\+_\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1:
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\+[_@].*\)\.qm$\):%lang(\2) \1:
+'"$ALL_NAME$QT"'s:^\([^%].*/[^/]\+_\([a-zA-Z]\+\)\.qm$\):%lang(\2) \1:
s:^[^%].*::
s:%lang(C) ::
/^$/d' >> $MO_NAME

View File

@ -0,0 +1,217 @@
From 7b1fc619a5c828828dad7c1f61f525d957b9e2c5 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Wed, 27 Jan 2021 17:32:51 +0100
Subject: [PATCH] Add %bcond macro for defining build conditionals
Move documentation from comments to reference manual
Fixes: https://github.com/rpm-software-management/rpm/issues/941
(cherry picked from commit a99b6373af0774f4bef62aa89defc84cfcacc078)
---
macros.in | 54 +++++++----------------
tests/Makefile.am | 1 +
tests/data/SPECS/bcondtest.spec | 33 +++++++++++++++
tests/rpmbuild.at | 73 ++++++++++++++++++++++++++++++++
5 files changed, 157 insertions(+), 42 deletions(-)
create mode 100644 tests/data/SPECS/bcondtest.spec
diff --git a/macros.in b/macros.in
index 7c458f5d8a..35462c933c 100644
--- a/macros.in
+++ b/macros.in
@@ -78,47 +78,25 @@
%defined() %{expand:%%{?%{1}:1}%%{!?%{1}:0}}
%undefined() %{expand:%%{?%{1}:0}%%{!?%{1}:1}}
-# Shorthand for %{defined with_...}
+# Handle conditional builds.
+# (see 'conditionalbuilds' in the manual)
+#
+# Internally, the `--with foo` option defines the macro `_with_foo` and the
+# `--without foo` option defines the macro `_without_foo`.
+# Based on those and a default (used when neither is given), bcond macros
+# define the macro `with_foo`, which should later be checked:
+
+%bcond() %[ (%2)\
+ ? "%{expand:%%{!?_without_%{1}:%%global with_%{1} 1}}"\
+ : "%{expand:%%{?_with_%{1}:%%global with_%{1} 1}}"\
+]
+%bcond_with() %bcond %{1} 0
+%bcond_without() %bcond %{1} 1
+
+# Shorthands for %{defined with_...}:
%with() %{expand:%%{?with_%{1}:1}%%{!?with_%{1}:0}}
%without() %{expand:%%{?with_%{1}:0}%%{!?with_%{1}:1}}
-# Handle conditional builds. %bcond_with is for case when feature is
-# default off and needs to be activated with --with ... command line
-# switch. %bcond_without is for the dual case.
-#
-# %bcond_with foo defines symbol with_foo if --with foo was specified on
-# command line.
-# %bcond_without foo defines symbol with_foo if --without foo was *not*
-# specified on command line.
-#
-# For example (spec file):
-#
-# (at the beginning)
-# %bcond_with extra_fonts
-# %bcond_without static
-# (and later)
-# %if %{with extra_fonts}
-# ...
-# %else
-# ...
-# %endif
-# %if ! %{with static}
-# ...
-# %endif
-# %if %{with static}
-# ...
-# %endif
-# %{?with_static: ... }
-# %{!?with_static: ... }
-# %{?with_extra_fonts: ... }
-# %{!?with_extra_fonts: ... }
-
-#
-# The bottom line: never use without_foo, _with_foo nor _without_foo, only
-# with_foo. This way changing default set of bconds for given spec is just
-# a matter of changing single line in it and syntax is more readable.
-%bcond_with() %{expand:%%{?_with_%{1}:%%global with_%{1} 1}}
-%bcond_without() %{expand:%%{!?_without_%{1}:%%global with_%{1} 1}}
#
#==============================================================================
# ---- Required rpmrc macros.
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 66cee3273b..6d41ef93c5 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -40,6 +40,7 @@ EXTRA_DIST += $(TESTSUITE_AT)
## testsuite data
EXTRA_DIST += data/SPECS/attrtest.spec
+EXTRA_DIST += data/SPECS/bcondtest.spec
EXTRA_DIST += data/SPECS/buildrequires.spec
EXTRA_DIST += data/SPECS/docmiss.spec
EXTRA_DIST += data/SPECS/hello.spec
diff --git a/tests/data/SPECS/bcondtest.spec b/tests/data/SPECS/bcondtest.spec
new file mode 100644
index 0000000000..7172a31d29
--- /dev/null
+++ b/tests/data/SPECS/bcondtest.spec
@@ -0,0 +1,33 @@
+Name: bcondtest
+Version: 1.0
+Release: 1
+Group: Testing
+License: CC0
+BuildArch: noarch
+Summary: Test package for the bcond macro
+
+%bcond normally_on 1
+%bcond normally_off 0
+%bcond both_features %[%{with normally_on} && %{with normally_off}]
+
+%if %{with normally_on}
+Provides: has_bcond(normally_on)
+%endif
+%if %{with normally_off}
+Provides: has_bcond(normally_off)
+%endif
+%if %{with both_features}
+Provides: has_bcond(both_features)
+%endif
+
+%description
+%{summary}
+
+%install
+mkdir -p %{buildroot}/opt
+touch %{buildroot}/opt/file
+
+%files
+/opt/file
+
+%changelog
diff --git a/tests/rpmbuild.at b/tests/rpmbuild.at
index 30d8e6895d..f378a4af2a 100644
--- a/tests/rpmbuild.at
+++ b/tests/rpmbuild.at
@@ -1801,3 +1801,76 @@ runroot rpmbuild -ba --quiet \
[],
[])
AT_CLEANUP
+
+AT_SETUP([bcond macro])
+AT_KEYWORDS([bcond build])
+RPMDB_INIT
+
+# basic bcond behavior with --eval
+AT_CHECK([
+runroot rpm \
+ --eval "%bcond normally_on 1" \
+ --eval "%bcond normally_off 0" \
+ --eval "%bcond both_features %[[%{with normally_on} && %{with normally_off}]]" \
+ --eval "%{with normally_on}" \
+ --eval "%{with normally_off}" \
+ --eval "%{with both_features}"
+],
+[0],
+[
+
+
+1
+0
+0
+],
+[])
+
+# bcond behavior, without CLI options
+AT_CHECK([
+runroot rpmbuild -bb --quiet /data/SPECS/bcondtest.spec
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm |
+ grep has_bcond | sort
+],
+[0],
+[has_bcond(normally_on)
+],
+[])
+
+# bcond behavior, --with
+AT_CHECK([
+runroot rpmbuild -bb --quiet --with normally_on --with normally_off \
+ /data/SPECS/bcondtest.spec
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm |
+ grep has_bcond | sort
+],
+[0],
+[has_bcond(both_features)
+has_bcond(normally_off)
+has_bcond(normally_on)
+],
+[])
+
+# bcond behavior, --without
+AT_CHECK([
+runroot rpmbuild -bb --quiet --without normally_on --without normally_off \
+ /data/SPECS/bcondtest.spec
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm |
+ grep has_bcond | sort
+],
+[0],
+[],
+[])
+
+# bcond behavior, CLI overriding a complex defailt
+AT_CHECK([
+runroot rpmbuild -bb --quiet --with both_features /data/SPECS/bcondtest.spec
+runroot rpm -q --provides -p /build/RPMS/noarch/bcondtest-1.0-1.noarch.rpm |
+ grep has_bcond | sort
+],
+[0],
+[has_bcond(both_features)
+has_bcond(normally_on)
+],
+[])
+AT_CLEANUP

View File

@ -0,0 +1,24 @@
From 4420c78beb86cc67392274bf351478a3375626a2 Mon Sep 17 00:00:00 2001
From: yangchenguang <89123114+yangchenguang94@users.noreply.github.com>
Date: Wed, 13 Jul 2022 16:52:07 +0800
Subject: [PATCH] Fix query arguments with ^ not working
when querying packages in the RPM database.
Rersolves: #2104
---
lib/rpmdb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/rpmdb.c b/lib/rpmdb.c
index fa8f3c9b9c..fd2b0671ae 100644
--- a/lib/rpmdb.c
+++ b/lib/rpmdb.c
@@ -1133,6 +1133,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep,
switch (*s) {
case '.':
case '+':
+ case '^':
if (!brackets) *t++ = '\\';
break;
case '*':

View File

@ -0,0 +1,24 @@
From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 6 Sep 2022 13:15:44 +0300
Subject: [PATCH] Fix buffer overrun from commit
4420c78beb86cc67392274bf351478a3375626a2
The newly handled ^ needs to be accounted for when allocating memory.
Found when testing #1936, goes to show what a useful thing that is.
---
lib/rpmdb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/rpmdb.c b/lib/rpmdb.c
index fd2b0671ae..b3c5da62d5 100644
--- a/lib/rpmdb.c
+++ b/lib/rpmdb.c
@@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep,
case '.':
case '+':
case '*':
+ case '^':
if (!brackets) nb++;
break;
case '\\':

View File

@ -0,0 +1,51 @@
From f1634250587479d664b34b6de1a6546b2c2b9de5 Mon Sep 17 00:00:00 2001
From: Florian Festi <ffesti@redhat.com>
Date: Mon, 18 Jan 2021 15:02:34 +0100
Subject: [PATCH] rpm2archive: Add more error handling
Cleanly error out if file can't be written instead of segfaulting
Resolves: #1091
---
rpm2archive.c | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/rpm2archive.c b/rpm2archive.c
index 646f1663d..15c5da016 100644
--- a/rpm2archive.c
+++ b/rpm2archive.c
@@ -119,9 +119,14 @@ static int process_package(rpmts ts, char * filename)
/* create archive */
a = archive_write_new();
- archive_write_add_filter_gzip(a);
- archive_write_set_format_pax_restricted(a);
-
+ if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) {
+ fprintf(stderr, "Error: Could not create gzip output filter\n");
+ exit(EXIT_FAILURE);
+ }
+ if (archive_write_set_format_pax_restricted(a) != ARCHIVE_OK) {
+ fprintf(stderr, "Error: Format pax restricted is not supported\n");
+ exit(EXIT_FAILURE);
+ }
if (!strcmp(filename, "-")) {
if (isatty(STDOUT_FILENO)) {
fprintf(stderr, "Error: refusing to output archive data to a terminal.\n");
@@ -130,9 +135,11 @@ static int process_package(rpmts ts, char * filename)
archive_write_open_fd(a, STDOUT_FILENO);
} else {
char * outname = rstrscat(NULL, filename, ".tgz", NULL);
- archive_write_open_filename(a, outname);
+ if (archive_write_open_filename(a, outname) != ARCHIVE_OK) {
+ fprintf(stderr, "Error: Can't open output file: %s\n", outname);
+ exit(EXIT_FAILURE);
+ }
_free(outname);
- // XXX error handling
}
entry = archive_entry_new();
--
2.38.1

View File

@ -0,0 +1,173 @@
From d8a169164cf40fc1cf6448792c1fa991f19bb375 Mon Sep 17 00:00:00 2001
From: Florian Festi <ffesti@redhat.com>
Date: Thu, 22 Apr 2021 14:50:34 +0200
Subject: [PATCH] Add --nocompression option to rpm2archive
Also use popt for the command line handling. As we are using librpm
anyway there is no reason to keep the dependencies low (as with
rpm2cpio).
Resolves: #1530
---
doc/rpm2archive.8 | 16 ++++++++++---
rpm2archive.c | 60 ++++++++++++++++++++++++++++++++++-------------
2 files changed, 57 insertions(+), 19 deletions(-)
diff --git a/doc/rpm2archive.8 b/doc/rpm2archive.8
index 8bd6d4ed9d..3895d01981 100644
--- a/doc/rpm2archive.8
+++ b/doc/rpm2archive.8
@@ -3,10 +3,10 @@
.SH NAME
rpm2archive \- Create tar archive from RPM Package Manager (RPM) package.
.SH SYNOPSIS
-\fBrpm2archive\fP [filename]
+\fBrpm2archive\fP \fB{-n|--nocompression}\fR \fB\fIFILES\fB\fR
.SH DESCRIPTION
-\fBrpm2archive\fP converts the .rpm files specified as arguments to gz
-compressed tar files with suffix ".tgz".
+\fBrpm2archive\fP converts the .rpm files specified as arguments to
+tar files. By default they are gzip compressed and saved with postfix ".tgz".
If '-' is given as argument, an rpm stream is read from standard in and
written to standard out.
@@ -16,6 +16,16 @@ containing files greater than 4GB which are not supported by cpio. Unless
\fBrpm2cpio\fP \fBrpm2archive\fP needs a working rpm installation which limits
its usefulness for some disaster recovery scenarios.
+.SH "OPTIONS"
+.TP
+\fB\-n, --nocompression\fR
+Generate uncompressed tar archive and use ".tar" as postfix of the
+file name.
+.PP
+
+.SH EXAMPLES
+.PP
+
.br
.I "\fBrpm2archive glint-1.0-1.i386.rpm ; tar -xvz glint-1.0-1.i386.rpm.tgz\fP"
.br
diff --git a/rpm2archive.c b/rpm2archive.c
index d96db006ea..cb39c7a712 100644
--- a/rpm2archive.c
+++ b/rpm2archive.c
@@ -10,6 +10,8 @@
#include <rpm/rpmts.h>
+#include <popt.h>
+
#include <archive.h>
#include <archive_entry.h>
#include <unistd.h>
@@ -18,6 +20,16 @@
#define BUFSIZE (128*1024)
+int compress = 1;
+
+static struct poptOption optionsTable[] = {
+ { "nocompression", 'n', POPT_ARG_VAL, &compress, 0,
+ N_("create uncompressed tar file"),
+ NULL },
+ POPT_AUTOHELP
+ POPT_TABLEEND
+};
+
static void fill_archive_entry(struct archive * a, struct archive_entry * entry, rpmfi fi)
{
archive_entry_clear(entry);
@@ -60,7 +72,7 @@ static void write_file_content(struct archive * a, char * buf, rpmfi fi)
}
}
-static int process_package(rpmts ts, char * filename)
+static int process_package(rpmts ts, const char * filename)
{
FD_t fdi;
FD_t gzdi;
@@ -119,9 +131,11 @@ static int process_package(rpmts ts, char * filename)
/* create archive */
a = archive_write_new();
- if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) {
- fprintf(stderr, "Error: Could not create gzip output filter\n");
- exit(EXIT_FAILURE);
+ if (compress) {
+ if (archive_write_add_filter_gzip(a) != ARCHIVE_OK) {
+ fprintf(stderr, "%s\n", archive_error_string(a));
+ exit(EXIT_FAILURE);
+ }
}
if (archive_write_set_format_pax_restricted(a) != ARCHIVE_OK) {
fprintf(stderr, "Error: Format pax restricted is not supported\n");
@@ -142,7 +156,12 @@ static int process_package(rpmts ts, char * filename)
}
archive_write_open_fd(a, STDOUT_FILENO);
} else {
- char * outname = rstrscat(NULL, filename, ".tgz", NULL);
+ char * outname = rstrscat(NULL, filename, NULL);
+ if (compress) {
+ outname = rstrscat(&outname, ".tgz", NULL);
+ } else {
+ outname = rstrscat(&outname, ".tar", NULL);
+ }
if (archive_write_open_filename(a, outname) != ARCHIVE_OK) {
fprintf(stderr, "Error: Can't open output file: %s\n", outname);
exit(EXIT_FAILURE);
@@ -203,21 +222,22 @@ static int process_package(rpmts ts, char * filename)
return rc;
}
-int main(int argc, char *argv[])
+int main(int argc, const char *argv[])
{
- int rc = 0, i;
+ int rc = 0;
+ poptContext optCon;
+ const char *fn;
xsetprogname(argv[0]); /* Portability call -- see system.h */
rpmReadConfigFiles(NULL, NULL);
- if (argc > 1 && (rstreq(argv[1], "-h") || rstreq(argv[1], "--help"))) {
- fprintf(stderr, "Usage: %s [file.rpm ...]\n", argv[0]);
+ optCon = poptGetContext(NULL, argc, argv, optionsTable, 0);
+ poptSetOtherOptionHelp(optCon, "[OPTIONS]* <FILES>");
+ if (argc < 2 || poptGetNextOpt(optCon) == 0) {
+ poptPrintUsage(optCon, stderr, 0);
exit(EXIT_FAILURE);
}
- if (argc == 1)
- argv[argc++] = "-"; /* abuse NULL pointer at the end of argv */
-
rpmts ts = rpmtsCreate();
rpmVSFlags vsflags = 0;
@@ -227,13 +247,21 @@ int main(int argc, char *argv[])
vsflags |= RPMVSF_NOHDRCHK;
(void) rpmtsSetVSFlags(ts, vsflags);
- for (i = 1; i < argc; i++) {
+ /* if no file name is given use stdin/stdout */
+ if (!poptPeekArg(optCon)) {
+ rc = process_package(ts, "-");
+ if (rc != 0)
+ goto exit;
+ }
- rc = process_package(ts, argv[i]);
+ while ((fn = poptGetArg(optCon)) != NULL) {
+ rc = process_package(ts, fn);
if (rc != 0)
- return rc;
+ goto exit;
}
+ exit:
+ poptFreeContext(optCon);
(void) rpmtsFree(ts);
return rc;
}

View File

@ -0,0 +1,78 @@
From 96888e99c5103d9dea5230c917b946732de2d302 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Thu, 22 Sep 2022 11:54:47 +0300
Subject: [PATCH] Add a handler for libselinux log messages (RhBug:2123719,
RhBug:2050774)
libselinux logs to stderr by default, which up to now has been just fine
with us. However somewhere around libselinux 3.2 it begun issuing
log messages for events discovered in selinux_status_updated().
We only call that to see whether the status *was* updated behind our
back and are not interested in these audit-style messages for our
functionality, but to suppress them while preserving actually relevant
errors and warnings, we need to have a log callback of our own. Might as
well forward them to rpmlog then.
SELINUX_ERROR and SELINUX_WARNING are pretty obvious, of SELINUX_AVC
selinux_set_callback(3) says it should be treated as SELINUX_ERROR if
not audited. The rest we suppress to debug messages, they may be handy
for diagnostics some day.
Note that this intentionally avoids explicit SELINUX_POLICYLOAD and
SELINUX_SETENFORCE cases in the switch: we don't want to introduce
libselinux >= 3.2 dependency just because of this silly thing.
---
plugins/selinux.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/plugins/selinux.c b/plugins/selinux.c
index 747f62d05..0f10331f0 100644
--- a/plugins/selinux.c
+++ b/plugins/selinux.c
@@ -18,6 +18,35 @@ static inline rpmlogLvl loglvl(int iserror)
return iserror ? RPMLOG_ERR : RPMLOG_DEBUG;
}
+static int logcb(int type, const char *fmt, ...)
+{
+ char *buf = NULL;
+ va_list ap;
+ int lvl;
+
+ switch (type) {
+ case SELINUX_ERROR:
+ case SELINUX_AVC:
+ lvl = RPMLOG_ERR;
+ break;
+ case SELINUX_WARNING:
+ lvl = RPMLOG_WARNING;
+ break;
+ default:
+ lvl = RPMLOG_DEBUG;
+ break;
+ }
+
+ va_start(ap, fmt);
+ rvasprintf(&buf, fmt, ap);
+ va_end(ap);
+
+ rpmlog(lvl, "libselinux: type %d: %s", type, buf);
+ free(buf);
+
+ return 0;
+}
+
static void sehandle_fini(int close_status)
{
if (sehandle) {
@@ -44,6 +73,7 @@ static rpmRC sehandle_init(int open_status)
if (selinux_status_open(0) < 0) {
return RPMRC_FAIL;
}
+ selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) &logcb);
} else if (!selinux_status_updated() && sehandle) {
return RPMRC_OK;
}
--
2.38.1

View File

@ -32,7 +32,7 @@
%global rpmver 4.16.1.3
#global snapver rc1
%global rel 19
%global rel 22
%global sover 9
%global srcver %{rpmver}%{?snapver:-%{snapver}}
@ -84,6 +84,15 @@ Patch112: rpm-4.16.1.3-fix-regression-reading-rpm-v3-pkgs.patch
Patch113: rpm-4.16.1.3-fix-spurious-transfiletriggerpostun-execution.patch
Patch114: rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch
Patch115: rpm-4.16.1.3-fapolicyd-make-write-nonblocking.patch
Patch116: rpm-4.16.1.3-bcond-macros.patch
Patch117: rpm-4.16.1.3-caret-query.patch
Patch118: rpm-4.16.1.3-caret-query2.patch
Patch119: rpm-4.18-libselinux-log.patch
Patch120: rpm-4.16.1.3-rpm2archive-error-handling.patch
Patch121: rpm-4.16.1.3-rpm2archive-nocompression.patch
Patch122: rpm-4.16.1.3-Support-long-languages-names-for-QT.patch
Patch123: rpm-4.14.3-rpm2archive-parse-popt-options.patch
Patch124: rpm-4.14.3-rpm2archive-Don-t-print-usage.patch
# These are not yet upstream
Patch906: rpm-4.7.1-geode-i686.patch
@ -439,6 +448,8 @@ find $RPM_BUILD_ROOT -name "*.la"|xargs rm -f
rm -f $RPM_BUILD_ROOT/%{rpmhome}/{perldeps.pl,perl.*,pythond*}
rm -f $RPM_BUILD_ROOT/%{_fileattrsdir}/{perl*,python*}
rm -rf $RPM_BUILD_ROOT/var/tmp
# This is installed by mistake by setup.py
rm -f $RPM_BUILD_ROOT/usr/lib*/python*/site-packages/rpm/_rpm.so
%if %{with check}
%check
@ -615,6 +626,20 @@ fi
%doc doc/librpm/html/*
%changelog
* Mon Dec 19 2022 Florian Festi <ffesti@redhat.com> - 4.16.1.3-22
- Fix option handling in rpm2archive for #2150804
* Fri Nov 18 2022 Yaakov Selkowitz <yselkowi@redhat.com> - 4.16.1.3-21
- Support long language names for QT (#2144005)
* Mon Nov 07 2022 Florian Festi <ffesti@redhat.com> - 4.16.1.3-20
- Add bcond macros (#2129060)
- Fix db queries with carets (#2129468)
- Remove spurious Python rpm module (#2135731)
- Handle SELinux log messages (#2123719)
- Add --nocompression to rpm2archive (#2150804)
* Fri Oct 21 2022 Michal Domonkos <mdomonko@redhat.com> - 4.16.1.3-19
- Bump release for rebuild