From 3038adcfcf9d2d2ecf62f49d30d0f00e6a063028 Mon Sep 17 00:00:00 2001 From: James Antill Date: Mon, 8 Aug 2022 12:27:44 -0400 Subject: [PATCH] Import rpm: e337f39e4ebd7c425f983cd4d98fbfaf382ba14d --- .gitignore | 1 + gating.yaml | 6 + rpminspect.yaml | 9 + sources | 1 + tests/roles/bats_installed/tasks/main.yml | 12 ++ tests/roles/nonroot_user/tasks/main.yml | 7 + .../run_bats_tests/files/run_bats_tests.sh | 72 +++++++ tests/roles/run_bats_tests/tasks/main.yml | 37 ++++ .../run_bats_tests/tasks/run_one_test.yml | 52 ++++++ tests/roles/set_image/files/toolbox.conf | 17 ++ tests/roles/set_image/tasks/main.yml | 8 + tests/tests.yml | 17 ++ ...ation-paths-for-coreos-toolbox-users.patch | 101 ++++++++++ ...flags-match-RHEL-s-gobuild-for-PPC64.patch | 40 ++++ ...the-build-flags-match-RHEL-s-gobuild.patch | 40 ++++ ...-a-way-forward-if-coreos-toolbox-was.patch | 44 +++++ ...report-work-by-setting-the-HOST-envi.patch | 26 +++ toolbox.conf | 17 ++ toolbox.spec | 176 ++++++++++++++++++ 19 files changed, 683 insertions(+) create mode 100644 .gitignore create mode 100644 gating.yaml create mode 100644 rpminspect.yaml create mode 100644 sources create mode 100644 tests/roles/bats_installed/tasks/main.yml create mode 100644 tests/roles/nonroot_user/tasks/main.yml create mode 100755 tests/roles/run_bats_tests/files/run_bats_tests.sh create mode 100644 tests/roles/run_bats_tests/tasks/main.yml create mode 100644 tests/roles/run_bats_tests/tasks/run_one_test.yml create mode 100644 tests/roles/set_image/files/toolbox.conf create mode 100644 tests/roles/set_image/tasks/main.yml create mode 100644 tests/tests.yml create mode 100644 toolbox-Add-migration-paths-for-coreos-toolbox-users.patch create mode 100644 toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch create mode 100644 toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch create mode 100644 toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch create mode 100644 toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch create mode 100644 toolbox.conf create mode 100644 toolbox.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d744aa9 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/toolbox-0.0.99.3-vendored.tar.xz diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..4124226 --- /dev/null +++ b/gating.yaml @@ -0,0 +1,6 @@ +--- !Policy +product_versions: + - rhel-9 +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional} diff --git a/rpminspect.yaml b/rpminspect.yaml new file mode 100644 index 0000000..7187c9a --- /dev/null +++ b/rpminspect.yaml @@ -0,0 +1,9 @@ +# https://one.redhat.com/rhel-developer-guide/#_modifying_a_per_package_rpminspect_yaml_file +# https://github.com/rpminspect/rpminspect/blob/master/data/generic.yaml + +annocheck: + - hardened: --ignore-unknown --verbose --skip-run-path + +runpath: + allowed_paths: + - /run/host/usr/lib64 diff --git a/sources b/sources new file mode 100644 index 0000000..72e97e9 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA1 (toolbox-0.0.99.3-vendored.tar.xz) = 925877d2e970cfbf315174de4ceaa921581abed6 diff --git a/tests/roles/bats_installed/tasks/main.yml b/tests/roles/bats_installed/tasks/main.yml new file mode 100644 index 0000000..3fa1798 --- /dev/null +++ b/tests/roles/bats_installed/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# Sigh; RHEL8 doesn't have BATS +- name: bats | fetch and unpack tarball + unarchive: + src: https://github.com/bats-core/bats-core/archive/v1.4.1.tar.gz + dest: /root + remote_src: true + +- name: bats | install + command: ./install.sh /usr/local + args: + chdir: /root/bats-core-1.4.1 diff --git a/tests/roles/nonroot_user/tasks/main.yml b/tests/roles/nonroot_user/tasks/main.yml new file mode 100644 index 0000000..51bf44a --- /dev/null +++ b/tests/roles/nonroot_user/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: create nonroot user + user: + name: testuser + shell: /bin/bash +- name: enable linger + command: loginctl enable-linger testuser diff --git a/tests/roles/run_bats_tests/files/run_bats_tests.sh b/tests/roles/run_bats_tests/files/run_bats_tests.sh new file mode 100755 index 0000000..e9f5f5f --- /dev/null +++ b/tests/roles/run_bats_tests/files/run_bats_tests.sh @@ -0,0 +1,72 @@ +#!/bin/bash +# +# Run bats tests for a given $TEST_PACKAGE, e.g. buildah, podman +# +# This is invoked by the 'run_bats_tests' role; we assume that +# the package foo has a foo-tests subpackage which provides the +# directory /usr/share/foo/test/system, containing one or more .bats +# test files. +# + +export PATH=/usr/local/bin:/usr/sbin:/usr/bin + +FULL_LOG=/tmp/test.debug.log +BATS_LOG=/tmp/test.bats.log +rm -f $FULL_LOG $BATS_LOG +touch $FULL_LOG $BATS_LOG + +exec &> $FULL_LOG + +# Log program versions +echo "Packages:" +rpm -q ${TEST_PACKAGE} ${TEST_PACKAGE}-tests + +echo "------------------------------" +printenv | sort + +testdir=/usr/share/${TEST_PACKAGE}/test/system + +if ! cd $testdir; then + echo "FAIL ${TEST_NAME} : cd $testdir" >> /tmp/test.log + exit 0 +fi + +if [ -e /tmp/helper.sh ]; then + echo "------------------------------" + echo ". /tmp/helper.sh" + . /tmp/helper.sh +fi + +if [ "$(type -t setup)" = "function" ]; then + echo "------------------------------" + echo "\$ setup" + setup + if [ $? -ne 0 ]; then + echo "FAIL ${TEST_NAME} : setup" >> /tmp/test.log + exit 0 + fi +fi + +echo "------------------------------" +echo "\$ bats ." +bats . &> $BATS_LOG +rc=$? + +echo "------------------------------" +echo "bats completed with status $rc" + +status=PASS +if [ $rc -ne 0 ]; then + status=FAIL +fi + +echo "${status} ${TEST_NAME}" >> /tmp/test.log + +if [ "$(type -t teardown)" = "function" ]; then + echo "------------------------------" + echo "\$ teardown" + teardown +fi + +# FIXME: for CI purposes, always exit 0. This allows subsequent tests. +exit 0 diff --git a/tests/roles/run_bats_tests/tasks/main.yml b/tests/roles/run_bats_tests/tasks/main.yml new file mode 100644 index 0000000..da79a4c --- /dev/null +++ b/tests/roles/run_bats_tests/tasks/main.yml @@ -0,0 +1,37 @@ +--- +# Create empty results file, world-writable +- name: initialize test.log file + copy: dest=/tmp/test.log content='' force=yes mode=0666 + +- name: execute tests + include: run_one_test.yml + with_items: "{{ tests }}" + loop_control: + loop_var: test + +- name: pull test.log results + fetch: + src: "/tmp/test.log" + dest: "{{ artifacts }}/test.log" + flat: yes + +# Copied from standard-test-basic +- name: check results + shell: grep "^FAIL" /tmp/test.log + register: test_fails + # Never fail at this step. Just store result of tests. + failed_when: False + +- name: preserve results + set_fact: + role_result_failed: "{{ (test_fails.stdout|d|length > 0) or (test_fails.stderr|d|length > 0) }}" + role_result_msg: "{{ test_fails.stdout|d('tests failed.') }}" + +- name: display results + vars: + msg: | + Tests failed: {{ role_result_failed|d('Undefined') }} + Tests msg: {{ role_result_msg|d('None') }} + debug: + msg: "{{ msg.split('\n') }}" + failed_when: "role_result_failed|bool" diff --git a/tests/roles/run_bats_tests/tasks/run_one_test.yml b/tests/roles/run_bats_tests/tasks/run_one_test.yml new file mode 100644 index 0000000..b44ed42 --- /dev/null +++ b/tests/roles/run_bats_tests/tasks/run_one_test.yml @@ -0,0 +1,52 @@ +--- +- name: "{{ test.name }} | install test packages" + dnf: name="{{ test.package }}-tests" state=installed + +- name: "{{ test.name }} | define helper variables" + set_fact: + test_name_oneword: "{{ test.name | replace(' ','-') }}" + +# UGH. This is necessary because our caller sets some environment variables +# and we need to set a few more based on other caller variables; then we +# need to combine the two dicts when running the test. This seems to be +# the only way to do it in ansible. +- name: "{{ test.name }} | define local environment" + set_fact: + local_environment: + TEST_NAME: "{{ test.name }}" + TEST_PACKAGE: "{{ test.package }}" + TEST_ENV: "{{ test.environment }}" + +- name: "{{ test.name }} | setup/teardown helper | see if exists" + local_action: stat path={{ role_path }}/files/helper.{{ test_name_oneword }}.sh + register: helper + +- name: "{{ test.name }} | setup/teardown helper | install" + copy: src=helper.{{ test_name_oneword }}.sh dest=/tmp/helper.sh + when: helper.stat.exists + +- name: "{{ test.name }} | run test" + script: ./run_bats_tests.sh + args: + chdir: /usr/share/{{ test.package }}/test/system + become: "{{ true if test.become is defined else false }}" + become_user: testuser + environment: "{{ local_environment | combine(test.environment) }}" + +- name: "{{ test.name }} | pull logs" + fetch: + src: "/tmp/test.{{ item }}.log" + dest: "{{ artifacts }}/test.{{ test_name_oneword }}.{{ item }}.log" + flat: yes + with_items: + - bats + - debug + +- name: "{{ test.name }} | remove remote logs and helpers" + file: + dest=/tmp/{{ item }} + state=absent + with_items: + - test.bats.log + - test.debug.log + - helper.sh diff --git a/tests/roles/set_image/files/toolbox.conf b/tests/roles/set_image/files/toolbox.conf new file mode 100644 index 0000000..73b52c4 --- /dev/null +++ b/tests/roles/set_image/files/toolbox.conf @@ -0,0 +1,17 @@ +[general] +# Create a toolbox container for a different operating system distro than the +# host. Cannot be used with 'image'. +## distro = "fedora" + +# Create a toolbox container for a different operating system release than the +# host. Cannot be used with 'image'. +## release = "33" + +# Change the name of the image used to create the toolbox container. This is +# useful for creating containers from custom-built images. Cannot be used with +# 'distro' or 'release'. +# +# If the name does not contain a registry, the local image storage will be +# consulted, and if it's not present there then it will be pulled from a +# suitable remote registry. +image = "registry-proxy.engineering.redhat.com/rh-osbs/toolbox-container:8.5" diff --git a/tests/roles/set_image/tasks/main.yml b/tests/roles/set_image/tasks/main.yml new file mode 100644 index 0000000..0857d13 --- /dev/null +++ b/tests/roles/set_image/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# Copy the toolbox.conf file to /etc/containers/ +- name: Check containers directory exists + file: + path: /etc/containers + state: directory +- name: Copy toolbox.conf file to set default image + copy: src={{ role_path }}/files/toolbox.conf dest=/etc/containers/toolbox.conf force=yes mode=0644 diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..635319b --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,17 @@ +--- +- hosts: localhost + tags: classic + vars: + - artifacts: ./artifacts + roles: + - role: bats_installed + - role: set_image + - role: nonroot_user + - role: run_bats_tests + tests: + - name: toolbox + package: toolbox + environment: + PODMAN: /usr/bin/podman + TOOLBOX_TEST_DEFAULT_CONTAINER_NAME: toolbox-container-8.5 + become: true diff --git a/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch b/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch new file mode 100644 index 0000000..db06e9b --- /dev/null +++ b/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch @@ -0,0 +1,101 @@ +From 565947a7df6f4d18cb2f2d3a172b79391880288a Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Wed, 18 Aug 2021 17:55:21 +0200 +Subject: [PATCH 1/2] cmd/run: Make sosreport work by setting the HOST + environment variable + +https://bugzilla.redhat.com/show_bug.cgi?id=1940037 +--- + src/cmd/run.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/cmd/run.go b/src/cmd/run.go +index 5954eac55fad..ca363815d4c9 100644 +--- a/src/cmd/run.go ++++ b/src/cmd/run.go +@@ -441,6 +441,7 @@ func constructExecArgs(container string, + execArgs = append(execArgs, detachKeys...) + + execArgs = append(execArgs, []string{ ++ "--env", "HOST=/run/host", + "--interactive", + "--tty", + "--user", currentUser.Username, +-- +2.31.1 + + +From fecbda4c3ea823eb04ebe392a6e1422e8ce8dd41 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Fri, 10 Dec 2021 13:42:15 +0100 +Subject: [PATCH 2/2] test/system: Update to test the migration path for + coreos/toolbox users + +This reverts the changes to the tests made in commit +411147988b730dabf8b9e761a5426e12d648f008 by restoring commit +ca899c8a561f357ae32c6ba6813520fd8b682abb and the parts of commit +3aeb7cf288319e35eb9c5e26ea18d97452462c1e that were removed. +--- + test/system/002-help.bats | 11 ----------- + test/system/100-root.bats | 27 +++++++++++++++++++++++++++ + 2 files changed, 27 insertions(+), 11 deletions(-) + create mode 100644 test/system/100-root.bats + +diff --git a/test/system/002-help.bats b/test/system/002-help.bats +index 689f95e472a1..525d44431ee5 100644 +--- a/test/system/002-help.bats ++++ b/test/system/002-help.bats +@@ -8,17 +8,6 @@ setup() { + _setup_environment + } + +-@test "help: Try to run toolbox with no command" { +- run $TOOLBOX +- +- assert_failure +- assert_line --index 0 "Error: missing command" +- assert_line --index 1 "create Create a new toolbox container" +- assert_line --index 2 "enter Enter an existing toolbox container" +- assert_line --index 3 "list List all existing toolbox containers and images" +- assert_line --index 4 "Run 'toolbox --help' for usage." +-} +- + @test "help: Run command 'help'" { + if ! command -v man 2>/dev/null; then + skip "Test works only if man is in PATH" +diff --git a/test/system/100-root.bats b/test/system/100-root.bats +new file mode 100644 +index 000000000000..32d87904213e +--- /dev/null ++++ b/test/system/100-root.bats +@@ -0,0 +1,27 @@ ++#!/usr/bin/env bats ++ ++load 'libs/bats-support/load' ++load 'libs/bats-assert/load' ++load 'libs/helpers' ++ ++setup() { ++ _setup_environment ++ cleanup_containers ++} ++ ++teardown() { ++ cleanup_containers ++} ++ ++@test "root: Try to enter the default container with no containers created" { ++ run $TOOLBOX <<< "n" ++ ++ assert_success ++ assert_line --index 0 "No toolbox containers found. Create now? [y/N] A container can be created later with the 'create' command." ++ assert_line --index 1 "Run 'toolbox --help' for usage." ++} ++ ++# TODO: Write the test ++@test "root: Enter the default container when 1 non-default container is present" { ++ skip "Testing of entering toolboxes is not implemented" ++} +-- +2.31.1 + diff --git a/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch b/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch new file mode 100644 index 0000000..19544b1 --- /dev/null +++ b/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch @@ -0,0 +1,40 @@ +From a245af969792bafcfa86090c856a06cb23061816 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild} for PPC64 + +The Go toolchain doesn't play well with passing compiler and linker +flags via environment variables. The linker flags require a second +level of quoting, which leaves the build system without a quote level +to assign the flags to an environment variable like GOFLAGS. + +This is one reason why RHEL doesn't have a RPM macro with only the +flags. The %{gobuild} RPM macro includes the entire 'go build ...' +invocation. + +The Go toolchain also doesn't like the LDFLAGS environment variable as +exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't +like the compressed DWARF data generated by the Go toolchain. + +Note that these flags are only meant for the "ppc64" CPU architecture, +and should be kept updated to match RHEL's Go guidelines. Use +'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro. +--- + src/go-build-wrapper | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index 0d27120da052..ef1a03af750a 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -27,5 +27,6 @@ if ! cd "$1"; then + exit 1 + fi + +-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox" ++unset LDFLAGS ++go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox" + exit "$?" +-- +2.31.1 + diff --git a/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch b/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch new file mode 100644 index 0000000..10db68e --- /dev/null +++ b/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch @@ -0,0 +1,40 @@ +From 05722d2861c23554b9741c059e853da9ab38282e Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild} + +The Go toolchain doesn't play well with passing compiler and linker +flags via environment variables. The linker flags require a second +level of quoting, which leaves the build system without a quote level +to assign the flags to an environment variable like GOFLAGS. + +This is one reason why RHEL doesn't have a RPM macro with only the +flags. The %{gobuild} RPM macro includes the entire 'go build ...' +invocation. + +The Go toolchain also doesn't like the LDFLAGS environment variable as +exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't +like the compressed DWARF data generated by the Go toolchain. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL's Go guidelines. Use +'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro. +--- + src/go-build-wrapper | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index 0d27120da052..f08f3218560a 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -27,5 +27,6 @@ if ! cd "$1"; then + exit 1 + fi + +-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox" ++unset LDFLAGS ++go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox" + exit "$?" +-- +2.31.1 + diff --git a/toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch b/toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch new file mode 100644 index 0000000..258226c --- /dev/null +++ b/toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch @@ -0,0 +1,44 @@ +From 6b47ff61936d2b602d29b229b079bda00dadad7e Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Thu, 2 Sep 2021 14:57:37 +0200 +Subject: [PATCH] cmd/root: Suggest a way forward if coreos/toolbox was used + +github.com/coreos/toolbox bind mounts the entire /run from the host +operating system into the toolbox container. Due to this, when run +rootful, the /run/.containerenv created by Podman inside the container +is also seen on the host. This confuses Toolbox into thinking that it's +running inside a container, even when it's running on the host. + +This is an attempt to differentiate between a toolbox container and +the host by looking at the 'container' environment variable, so that +the user can be presented with a more helpful error message. + +https://bugzilla.redhat.com/show_bug.cgi?id=1998191 +--- + src/cmd/root.go | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/cmd/root.go b/src/cmd/root.go +index 5e6f5874a469..139609592218 100644 +--- a/src/cmd/root.go ++++ b/src/cmd/root.go +@@ -130,6 +130,16 @@ func preRun(cmd *cobra.Command, args []string) error { + + if toolboxPath == "" { + if utils.IsInsideContainer() { ++ if containerType := os.Getenv("container"); containerType == "" { ++ var builder strings.Builder ++ fmt.Fprintf(&builder, "/run/.containerenv found on what looks like the host\n") ++ fmt.Fprintf(&builder, "If this is the host, then remove /run/.containerenv and try again.\n") ++ fmt.Fprintf(&builder, "Otherwise, contact your system administrator or file a bug.") ++ ++ errMsg := builder.String() ++ return errors.New(errMsg) ++ } ++ + return errors.New("TOOLBOX_PATH not set") + } + +-- +2.31.1 + diff --git a/toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch b/toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch new file mode 100644 index 0000000..84ae242 --- /dev/null +++ b/toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch @@ -0,0 +1,26 @@ +From 786c5065c73703ef46e13905a4672f1b4918310a Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Wed, 18 Aug 2021 17:55:21 +0200 +Subject: [PATCH] cmd/run: Make sosreport work by setting the HOST environment + variable + +https://bugzilla.redhat.com/show_bug.cgi?id=1940037 +--- + src/cmd/run.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/cmd/run.go b/src/cmd/run.go +index e8e96932415e..188f0f2394df 100644 +--- a/src/cmd/run.go ++++ b/src/cmd/run.go +@@ -443,6 +443,7 @@ func constructExecArgs(container string, + execArgs = append(execArgs, detachKeys...) + + execArgs = append(execArgs, []string{ ++ "--env", "HOST=/run/host", + "--interactive", + "--tty", + "--user", currentUser.Username, +-- +2.31.1 + diff --git a/toolbox.conf b/toolbox.conf new file mode 100644 index 0000000..f934f2b --- /dev/null +++ b/toolbox.conf @@ -0,0 +1,17 @@ +[general] +# Create a toolbox container for a different operating system distro than the +# host. Cannot be used with 'image'. +## distro = "fedora" + +# Create a toolbox container for a different operating system release than the +# host. Cannot be used with 'image'. +## release = "33" + +# Change the name of the image used to create the toolbox container. This is +# useful for creating containers from custom-built images. Cannot be used with +# 'distro' or 'release'. +# +# If the name does not contain a registry, the local image storage will be +# consulted, and if it's not present there then it will be pulled from a +# suitable remote registry. +image = "registry.access.redhat.com/ubi8/toolbox:latest" diff --git a/toolbox.spec b/toolbox.spec new file mode 100644 index 0000000..429072a --- /dev/null +++ b/toolbox.spec @@ -0,0 +1,176 @@ +# RHEL's RPM toolchain doesn't like the compressed DWARF data generated by the +# Go toolchain. +%global _dwz_low_mem_die_limit 0 +%global _find_debuginfo_dwz_opts %{nil} + +Name: toolbox +Version: 0.0.99.3 + +%global goipath github.com/containers/%{name} +%gometa + +Release: 0.4%{?dist} +Summary: Unprivileged development environment + +License: ASL 2.0 +URL: https://github.com/containers/%{name} + +# https://github.com/containers/%%{name}/releases/download/%%{version}/%%{name}-%%{version}.tar.xz +# A vendored tarball was created from the upstream tarball: +# $ cd src +# $ go mod vendor +Source0: %{name}-%{version}-vendored.tar.xz +Source1: %{name}.conf + +# RHEL specific +Patch100: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch +Patch101: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch +Patch102: toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch +Patch103: toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=1905383 +ExcludeArch: %{ix86} + +BuildRequires: golang >= 1.13 +BuildRequires: go-md2man +BuildRequires: meson +BuildRequires: pkgconfig(bash-completion) +BuildRequires: systemd + +Requires: containers-common +Requires: podman >= 1.4.0 + + +%description +Toolbox is a tool for Linux operating systems, which allows the use of +containerized command line environments. It is built on top of Podman and +other standard container technologies from OCI. + + +%package tests +Summary: Tests for %{name} + +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description tests +The %{name}-tests package contains system tests for %{name}. + + +%prep +%setup -q + +%ifnarch ppc64 +%patch100 -p1 +%else +%patch101 -p1 +%endif + +%patch102 -p1 +%patch103 -p1 + +# %%gomkdir is absent from RHEL 8. +GOBUILDDIR="$(pwd)/_build" +GOSOURCEDIR="$(pwd)" +if [[ ! -e "$GOBUILDDIR/bin" ]] ; then + install -m 0755 -vd "$GOBUILDDIR/bin" +fi +if [[ ! -e "$GOBUILDDIR/src/%{goipath}" ]] ; then + install -m 0755 -vd "$(dirname $GOBUILDDIR/src/%{goipath})" + ln -fs "$GOSOURCEDIR" "$GOBUILDDIR/src/%{goipath}" +fi +cd "$GOBUILDDIR/src/%{goipath}" + + +%build +export GO111MODULE=off +GOBUILDDIR="$(pwd)/_build" +export GOPATH="$GOBUILDDIR:%{gopath}" +export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" +ln -s src/cmd cmd +ln -s src/pkg pkg +ln -s src/vendor vendor +%meson --buildtype=plain -Dprofile_dir=%{_sysconfdir}/profile.d +%meson_build + + +%install +%meson_install +install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf + + +%files +%doc CODE-OF-CONDUCT.md NEWS README.md SECURITY.md +%license COPYING +%{_bindir}/%{name} +%{_datadir}/bash-completion +%{_mandir}/man1/%{name}.1* +%{_mandir}/man1/%{name}-*.1* +%config(noreplace) %{_sysconfdir}/containers/%{name}.conf +%{_sysconfdir}/profile.d/%{name}.sh +%{_tmpfilesdir}/%{name}.conf + +%files tests +%{_datadir}/%{name} + + +%changelog +* Mon Sep 20 2021 Jindrich Novy - 0.0.99.3-0.4 +- Switch to using the Toolbox-specific UBI image by default +- Related: #2001445 + +* Thu Sep 02 2021 Debarshi Ray - 0.0.99.3-0.3 +- Suggest a way forward if coreos/toolbox was used +Resolves: #1998191, #2000914 + +* Thu Aug 26 2021 Jindrich Novy - 0.0.99.3-0.2 +- Make sosreport work by setting the HOST environment variable +- Related: #1934415 + +* Wed Aug 11 2021 Jindrich Novy - 0.0.99.3-0.1 +- change release to 0.x so it is obvious it is devel version +- Related: #1934415 + +* Thu Aug 05 2021 Jindrich Novy - 0.0.99.3-1 +- Fix the build on CentOS Stream +- Related: #1934415 + +* Wed Jul 28 2021 Jindrich Novy - 0.0.99.2^1.git660b6970e998-1 +- Add support for configuration files +Resolves: #1940082 +- Related: #1934415 + +* Mon Jul 26 2021 Jindrich Novy - 0.0.99.2-4 +- Instead of offering to log into a registry, just mention 'podman login' +- Related: #1934415 + +* Sat Jul 10 2021 Jindrich Novy - 0.0.99.2-3 +- Expose the host's entire / in the container at /run/host +- Related: #1934415 + +* Mon Jul 05 2021 Jindrich Novy - 0.0.99.2-2 +- Actually apply the patch to make 'toolbox' create or fall back to a + container if possible +- Support logging into a registry if necessary +- Related: #1934415 + +* Fri Jul 02 2021 Jindrich Novy - 0.0.99.2-1 +- Update to 0.0.99.2 +- Make 'toolbox' create or fall back to a container if possible +Resolves: #1914687 +- Related: #1934415 + +* Tue Jan 12 2021 Jindrich Novy - 0.0.99-1 +- Update to 0.0.99 +- Related: #1883490 + +* Tue Jan 12 2021 Jindrich Novy - 0.0.98.1-3 +- remove bats as it's not present in RHEL +- Related: #1883490 + +* Mon Jan 11 2021 Jindrich Novy - 0.0.98.1-2 +- harden the toolbox binary +- minor fixes +- Related: #1883490 + +* Fri Jan 08 2021 Debarshi Ray - 0.0.98.1-1 +- Rebase to github.com/containers/toolbox