rpms/toolbox
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Consolidate the post-release upstream patches for fixing the build

Browse Source 
There's no need to do a build just for this.

Resolves: RHEL-1834
This commit is contained in:
Debarshi Ray 2023-10-02 11:46:03 +02:00
parent 2ab5b81b7a
commit 20744449c4
3 changed files with 108 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

121
toolbox-Don-t-validate-subordinate-IDs-when-generat.patch → toolbox-Build-fixes.patch
View File

@ -1,7 +1,98 @@
From 52de8d4a933ab6a4b1b6ef1c02c7e9f1f834c4a5 Mon Sep 17 00:00:00 2001
From 424cc42fba3cb182a360dcdda68caf20d9141ae6 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Tue, 28 Feb 2023 17:12:04 +0100
Subject: [PATCH 1/4] cmd/root: Don't use podman(1) when generating the
completions
Ever since commit bafbbe81c9220cb3, the shell completions are generated
while building Toolbx using the 'completion' command. This involves
running toolbox(1) itself, and hence invoking 'podman version' to decide
if 'podman system migrate' is needed or not.
Unfortunately, some build environments, like Fedora's, are set up inside
a chroot(2) or systemd-nspawn(1) or similar, where 'podman version' may
not work because it does various things with namespaces(7) and clone(2)
that can, under certain circumstances, encounter an EPERM.
Therefore, it's better to avoid using podman(1) when generating the
shell completions, especially, since they are generated by Cobra itself
and podman(1) is not involved at all.
Note that podman(1) is needed when the generated shell completions are
actually used in interactive command line environments. The shell
completions invoke the hidden '__complete' command to get the results
that are presented to the user, and, if needed, 'podman system migrate'
will continue to be run as part of that.
This partially reverts commit f3e005d0142d7ec76d5ac8f0a2f331a52fd46011
because podman(1) is now only an optional runtime dependency for the
system tests.
https://github.com/containers/podman/issues/17657
---
meson.build | 2 +-
src/cmd/root.go | 9 +++++++--
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/meson.build b/meson.build
index 6f044bb204e3..653a3d3ac588 100644
--- a/meson.build
+++ b/meson.build
@@ -18,12 +18,12 @@ subid_dep = cc.find_library('subid', has_headers: ['shadow/subid.h'])
go = find_program('go')
go_md2man = find_program('go-md2man')
-podman = find_program('podman')
bats = find_program('bats', required: false)
codespell = find_program('codespell', required: false)
htpasswd = find_program('htpasswd', required: false)
openssl = find_program('openssl', required: false)
+podman = find_program('podman', required: false)
shellcheck = find_program('shellcheck', required: false)
skopeo = find_program('skopeo', required: false)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 304b03dcd889..9975ccc7a4c8 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -166,7 +166,7 @@ func preRun(cmd *cobra.Command, args []string) error {
logrus.Debugf("TOOLBOX_PATH is %s", toolboxPath)
- if err := migrate(); err != nil {
+ if err := migrate(cmd, args); err != nil {
return err
}
@@ -211,13 +211,18 @@ func rootRun(cmd *cobra.Command, args []string) error {
return rootRunImpl(cmd, args)
}
-func migrate() error {
+func migrate(cmd *cobra.Command, args []string) error {
logrus.Debug("Migrating to newer Podman")
if utils.IsInsideContainer() {
return nil
}
+ if cmdName, completionCmdName := cmd.Name(), completionCmd.Name(); cmdName == completionCmdName {
+ logrus.Debugf("Migration not needed: command %s doesn't need it", cmdName)
+ return nil
+ }
+
configDir, err := os.UserConfigDir()
if err != nil {
logrus.Debugf("Migrating to newer Podman: failed to get the user config directory: %s", err)
--
2.41.0
From 0723706168a1bde708bc9acc203c5e9870bc94d5 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Wed, 1 Mar 2023 19:41:56 +0100
Subject: [PATCH 1/3] cmd/root: Sprinkle a debug log
Subject: [PATCH 2/4] cmd/root: Sprinkle a debug log
https://github.com/containers/toolbox/pull/1251
---
@ -9,10 +100,10 @@ https://github.com/containers/toolbox/pull/1251
1 file changed, 1 insertion(+)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 304b03dcd889..82fbfd651c33 100644
index 9975ccc7a4c8..2e7428a20b24 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -215,6 +215,7 @@ func migrate() error {
@@ -215,6 +215,7 @@ func migrate(cmd *cobra.Command, args []string) error {
logrus.Debug("Migrating to newer Podman")
if utils.IsInsideContainer() {
@ -21,13 +112,13 @@ index 304b03dcd889..82fbfd651c33 100644
}
--
2.39.2
2.41.0
From 0beab62c935cd1166d6b03f58c519bbc7b040221 Mon Sep 17 00:00:00 2001
From 0736db58456bb635854493e28a0c36bda49988ce Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Wed, 1 Mar 2023 19:46:11 +0100
Subject: [PATCH 2/3] cmd/root: Shuffle some code around and sprinkle some
Subject: [PATCH 3/4] cmd/root: Shuffle some code around and sprinkle some
debug logs
Having a separate convenience function reduces the indentation levels by
@ -42,7 +133,7 @@ https://github.com/containers/toolbox/issues/1246
1 file changed, 24 insertions(+), 8 deletions(-)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 82fbfd651c33..4c740ec60d38 100644
index 2e7428a20b24..9aafe3e0d3be 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -1,5 +1,5 @@
@ -68,7 +159,7 @@ index 82fbfd651c33..4c740ec60d38 100644
}
}
@@ -387,3 +382,24 @@ func setUpLoggers() error {
@@ -392,3 +387,24 @@ func setUpLoggers() error {
return nil
}
@ -94,13 +185,13 @@ index 82fbfd651c33..4c740ec60d38 100644
+ return true, nil
+}
--
2.39.2
2.41.0
From d09c9cd1de41b6e85a6953902c9982778a423f3c Mon Sep 17 00:00:00 2001
From 02537eac420f49e96110663794ef5f2511eb6860 Mon Sep 17 00:00:00 2001
From: Jan Zerebecki <jan.suse@zerebecki.de>
Date: Wed, 1 Mar 2023 19:52:28 +0100
Subject: [PATCH 3/3] cmd/root: Don't validate subordinate IDs when generating
Subject: [PATCH 4/4] cmd/root: Don't validate subordinate IDs when generating
the completions
Ever since commit bafbbe81c9220cb3, the shell completions are generated
@ -129,10 +220,10 @@ https://github.com/containers/toolbox/pull/1249
1 file changed, 5 insertions(+)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 4c740ec60d38..efee8ce9990b 100644
index 9aafe3e0d3be..aee9fe026ac3 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -396,6 +396,11 @@ func validateSubIDRanges(cmd *cobra.Command, args []string, user *user.User) (bo
@@ -401,6 +401,11 @@ func validateSubIDRanges(cmd *cobra.Command, args []string, user *user.User) (bo
return true, nil
}
@ -145,5 +236,5 @@ index 4c740ec60d38..efee8ce9990b 100644
logrus.Debugf("Looking for sub-GID and sub-UID ranges: %s", err)
return false, newSubIDError()
--
2.39.2
2.41.0

89
toolbox-Don-t-use-podman-1-when-generating-the-comp.patch
View File

@ -1,89 +0,0 @@
From fc5f568c5d82f4a16982268fa67092e52be91fbe Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Tue, 28 Feb 2023 17:12:04 +0100
Subject: [PATCH] cmd/root: Don't use podman(1) when generating the completions
Ever since commit bafbbe81c9220cb3, the shell completions are generated
while building Toolbx using the 'completion' command. This involves
running toolbox(1) itself, and hence invoking 'podman version' to decide
if 'podman system migrate' is needed or not.
Unfortunately, some build environments, like Fedora's, are set up inside
a chroot(2) or systemd-nspawn(1) or similar, where 'podman version' may
not work because it does various things with namespaces(7) and clone(2)
that can, under certain circumstances, encounter an EPERM.
Therefore, it's better to avoid using podman(1) when generating the
shell completions, especially, since they are generated by Cobra itself
and podman(1) is not involved at all.
Note that podman(1) is needed when the generated shell completions are
actually used in interactive command line environments. The shell
completions invoke the hidden '__complete' command to get the results
that are presented to the user, and, if needed, 'podman system migrate'
will continue to be run as part of that.
This partially reverts commit f3e005d0142d7ec76d5ac8f0a2f331a52fd46011
because podman(1) is now only an optional runtime dependency for the
system tests.
https://github.com/containers/podman/issues/17657
---
meson.build | 2 +-
src/cmd/root.go | 9 +++++++--
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/meson.build b/meson.build
index 6f044bb204e3..653a3d3ac588 100644
--- a/meson.build
+++ b/meson.build
@@ -18,12 +18,12 @@ subid_dep = cc.find_library('subid', has_headers: ['shadow/subid.h'])
go = find_program('go')
go_md2man = find_program('go-md2man')
-podman = find_program('podman')
bats = find_program('bats', required: false)
codespell = find_program('codespell', required: false)
htpasswd = find_program('htpasswd', required: false)
openssl = find_program('openssl', required: false)
+podman = find_program('podman', required: false)
shellcheck = find_program('shellcheck', required: false)
skopeo = find_program('skopeo', required: false)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 304b03dcd889..9975ccc7a4c8 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -166,7 +166,7 @@ func preRun(cmd *cobra.Command, args []string) error {
logrus.Debugf("TOOLBOX_PATH is %s", toolboxPath)
- if err := migrate(); err != nil {
+ if err := migrate(cmd, args); err != nil {
return err
}
@@ -211,13 +211,18 @@ func rootRun(cmd *cobra.Command, args []string) error {
return rootRunImpl(cmd, args)
}
-func migrate() error {
+func migrate(cmd *cobra.Command, args []string) error {
logrus.Debug("Migrating to newer Podman")
if utils.IsInsideContainer() {
return nil
}
+ if cmdName, completionCmdName := cmd.Name(), completionCmd.Name(); cmdName == completionCmdName {
+ logrus.Debugf("Migration not needed: command %s doesn't need it", cmdName)
+ return nil
+ }
+
configDir, err := os.UserConfigDir()
if err != nil {
logrus.Debugf("Migrating to newer Podman: failed to get the user config directory: %s", err)
--
2.39.1

6
toolbox.spec
View File

@ -22,9 +22,8 @@ Source0: https://github.com/containers/%{name}/releases/download/%{version
Source1: %{name}.conf
# Upstream
Patch0: toolbox-Don-t-use-podman-1-when-generating-the-comp.patch
Patch1: toolbox-Don-t-validate-subordinate-IDs-when-generat.patch
Patch2: toolbox-cmd-initContainer-Be-aware-of-security-hardened-moun.patch
Patch0: toolbox-Build-fixes.patch
Patch1: toolbox-cmd-initContainer-Be-aware-of-security-hardened-moun.patch
# Fedora specific
Patch100: toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch
@ -95,7 +94,6 @@ The %{name}-tests package contains system tests for %{name}.
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%if 0%{?fedora}
%ifnarch ppc64