import toolbox-0.0.99.3-0.4.module+el8.6.0+14130+31267433

This commit is contained in:
CentOS Sources 2022-03-29 09:32:11 -04:00 committed by Stepan Oksanichenko
commit a6ab431864
8 changed files with 345 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/toolbox-0.0.99.3-vendored.tar.xz

1
.toolbox.metadata Normal file
View File

@ -0,0 +1 @@
925877d2e970cfbf315174de4ceaa921581abed6 SOURCES/toolbox-0.0.99.3-vendored.tar.xz

View File

@ -0,0 +1,40 @@
From a245af969792bafcfa86090c856a06cb23061816 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Mon, 29 Jun 2020 17:57:47 +0200
Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild} for PPC64
The Go toolchain doesn't play well with passing compiler and linker
flags via environment variables. The linker flags require a second
level of quoting, which leaves the build system without a quote level
to assign the flags to an environment variable like GOFLAGS.
This is one reason why RHEL doesn't have a RPM macro with only the
flags. The %{gobuild} RPM macro includes the entire 'go build ...'
invocation.
The Go toolchain also doesn't like the LDFLAGS environment variable as
exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't
like the compressed DWARF data generated by the Go toolchain.
Note that these flags are only meant for the "ppc64" CPU architecture,
and should be kept updated to match RHEL's Go guidelines. Use
'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro.
---
src/go-build-wrapper | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/go-build-wrapper b/src/go-build-wrapper
index 0d27120da052..ef1a03af750a 100755
--- a/src/go-build-wrapper
+++ b/src/go-build-wrapper
@@ -27,5 +27,6 @@ if ! cd "$1"; then
exit 1
fi
-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox"
+unset LDFLAGS
+go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox"
exit "$?"
--
2.31.1

View File

@ -0,0 +1,40 @@
From 05722d2861c23554b9741c059e853da9ab38282e Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Mon, 29 Jun 2020 17:57:47 +0200
Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild}
The Go toolchain doesn't play well with passing compiler and linker
flags via environment variables. The linker flags require a second
level of quoting, which leaves the build system without a quote level
to assign the flags to an environment variable like GOFLAGS.
This is one reason why RHEL doesn't have a RPM macro with only the
flags. The %{gobuild} RPM macro includes the entire 'go build ...'
invocation.
The Go toolchain also doesn't like the LDFLAGS environment variable as
exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't
like the compressed DWARF data generated by the Go toolchain.
Note that these flags are meant for every CPU architecture other than
PPC64, and should be kept updated to match RHEL's Go guidelines. Use
'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro.
---
src/go-build-wrapper | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/go-build-wrapper b/src/go-build-wrapper
index 0d27120da052..f08f3218560a 100755
--- a/src/go-build-wrapper
+++ b/src/go-build-wrapper
@@ -27,5 +27,6 @@ if ! cd "$1"; then
exit 1
fi
-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox"
+unset LDFLAGS
+go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox"
exit "$?"
--
2.31.1

View File

@ -0,0 +1,44 @@
From 6b47ff61936d2b602d29b229b079bda00dadad7e Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Thu, 2 Sep 2021 14:57:37 +0200
Subject: [PATCH] cmd/root: Suggest a way forward if coreos/toolbox was used
github.com/coreos/toolbox bind mounts the entire /run from the host
operating system into the toolbox container. Due to this, when run
rootful, the /run/.containerenv created by Podman inside the container
is also seen on the host. This confuses Toolbox into thinking that it's
running inside a container, even when it's running on the host.
This is an attempt to differentiate between a toolbox container and
the host by looking at the 'container' environment variable, so that
the user can be presented with a more helpful error message.
https://bugzilla.redhat.com/show_bug.cgi?id=1998191
---
src/cmd/root.go | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 5e6f5874a469..139609592218 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -130,6 +130,16 @@ func preRun(cmd *cobra.Command, args []string) error {
if toolboxPath == "" {
if utils.IsInsideContainer() {
+ if containerType := os.Getenv("container"); containerType == "" {
+ var builder strings.Builder
+ fmt.Fprintf(&builder, "/run/.containerenv found on what looks like the host\n")
+ fmt.Fprintf(&builder, "If this is the host, then remove /run/.containerenv and try again.\n")
+ fmt.Fprintf(&builder, "Otherwise, contact your system administrator or file a bug.")
+
+ errMsg := builder.String()
+ return errors.New(errMsg)
+ }
+
return errors.New("TOOLBOX_PATH not set")
}
--
2.31.1

View File

@ -0,0 +1,26 @@
From 786c5065c73703ef46e13905a4672f1b4918310a Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Wed, 18 Aug 2021 17:55:21 +0200
Subject: [PATCH] cmd/run: Make sosreport work by setting the HOST environment
variable
https://bugzilla.redhat.com/show_bug.cgi?id=1940037
---
src/cmd/run.go | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/cmd/run.go b/src/cmd/run.go
index e8e96932415e..188f0f2394df 100644
--- a/src/cmd/run.go
+++ b/src/cmd/run.go
@@ -443,6 +443,7 @@ func constructExecArgs(container string,
execArgs = append(execArgs, detachKeys...)
execArgs = append(execArgs, []string{
+ "--env", "HOST=/run/host",
"--interactive",
"--tty",
"--user", currentUser.Username,
--
2.31.1

17
SOURCES/toolbox.conf Normal file
View File

@ -0,0 +1,17 @@
[general]
# Create a toolbox container for a different operating system distro than the
# host. Cannot be used with 'image'.
## distro = "fedora"
# Create a toolbox container for a different operating system release than the
# host. Cannot be used with 'image'.
## release = "33"
# Change the name of the image used to create the toolbox container. This is
# useful for creating containers from custom-built images. Cannot be used with
# 'distro' or 'release'.
#
# If the name does not contain a registry, the local image storage will be
# consulted, and if it's not present there then it will be pulled from a
# suitable remote registry.
image = "registry.access.redhat.com/ubi8/toolbox:latest"

176
SPECS/toolbox.spec Normal file
View File

@ -0,0 +1,176 @@
# RHEL's RPM toolchain doesn't like the compressed DWARF data generated by the
# Go toolchain.
%global _dwz_low_mem_die_limit 0
%global _find_debuginfo_dwz_opts %{nil}
Name: toolbox
Version: 0.0.99.3
%global goipath github.com/containers/%{name}
%gometa
Release: 0.4%{?dist}
Summary: Unprivileged development environment
License: ASL 2.0
URL: https://github.com/containers/%{name}
# https://github.com/containers/%%{name}/releases/download/%%{version}/%%{name}-%%{version}.tar.xz
# A vendored tarball was created from the upstream tarball:
# $ cd src
# $ go mod vendor
Source0: %{name}-%{version}-vendored.tar.xz
Source1: %{name}.conf
# RHEL specific
Patch100: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch
Patch101: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch
Patch102: toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch
Patch103: toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1905383
ExcludeArch: %{ix86}
BuildRequires: golang >= 1.13
BuildRequires: go-md2man
BuildRequires: meson
BuildRequires: pkgconfig(bash-completion)
BuildRequires: systemd
Requires: containers-common
Requires: podman >= 1.4.0
%description
Toolbox is a tool for Linux operating systems, which allows the use of
containerized command line environments. It is built on top of Podman and
other standard container technologies from OCI.
%package tests
Summary: Tests for %{name}
Requires: %{name}%{?_isa} = %{version}-%{release}
%description tests
The %{name}-tests package contains system tests for %{name}.
%prep
%setup -q
%ifnarch ppc64
%patch100 -p1
%else
%patch101 -p1
%endif
%patch102 -p1
%patch103 -p1
# %%gomkdir is absent from RHEL 8.
GOBUILDDIR="$(pwd)/_build"
GOSOURCEDIR="$(pwd)"
if [[ ! -e "$GOBUILDDIR/bin" ]] ; then
install -m 0755 -vd "$GOBUILDDIR/bin"
fi
if [[ ! -e "$GOBUILDDIR/src/%{goipath}" ]] ; then
install -m 0755 -vd "$(dirname $GOBUILDDIR/src/%{goipath})"
ln -fs "$GOSOURCEDIR" "$GOBUILDDIR/src/%{goipath}"
fi
cd "$GOBUILDDIR/src/%{goipath}"
%build
export GO111MODULE=off
GOBUILDDIR="$(pwd)/_build"
export GOPATH="$GOBUILDDIR:%{gopath}"
export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
ln -s src/cmd cmd
ln -s src/pkg pkg
ln -s src/vendor vendor
%meson --buildtype=plain -Dprofile_dir=%{_sysconfdir}/profile.d
%meson_build
%install
%meson_install
install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf
%files
%doc CODE-OF-CONDUCT.md NEWS README.md SECURITY.md
%license COPYING
%{_bindir}/%{name}
%{_datadir}/bash-completion
%{_mandir}/man1/%{name}.1*
%{_mandir}/man1/%{name}-*.1*
%config(noreplace) %{_sysconfdir}/containers/%{name}.conf
%{_sysconfdir}/profile.d/%{name}.sh
%{_tmpfilesdir}/%{name}.conf
%files tests
%{_datadir}/%{name}
%changelog
* Mon Sep 20 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-0.4
- Switch to using the Toolbox-specific UBI image by default
- Related: #2001445
* Thu Sep 02 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-0.3
- Suggest a way forward if coreos/toolbox was used
Resolves: #1998191, #2000914
* Thu Aug 26 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-0.2
- Make sosreport work by setting the HOST environment variable
- Related: #1934415
* Wed Aug 11 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-0.1
- change release to 0.x so it is obvious it is devel version
- Related: #1934415
* Thu Aug 05 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-1
- Fix the build on CentOS Stream
- Related: #1934415
* Wed Jul 28 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2^1.git660b6970e998-1
- Add support for configuration files
Resolves: #1940082
- Related: #1934415
* Mon Jul 26 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2-4
- Instead of offering to log into a registry, just mention 'podman login'
- Related: #1934415
* Sat Jul 10 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2-3
- Expose the host's entire / in the container at /run/host
- Related: #1934415
* Mon Jul 05 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2-2
- Actually apply the patch to make 'toolbox' create or fall back to a
container if possible
- Support logging into a registry if necessary
- Related: #1934415
* Fri Jul 02 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2-1
- Update to 0.0.99.2
- Make 'toolbox' create or fall back to a container if possible
Resolves: #1914687
- Related: #1934415
* Tue Jan 12 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99-1
- Update to 0.0.99
- Related: #1883490
* Tue Jan 12 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.98.1-3
- remove bats as it's not present in RHEL
- Related: #1883490
* Mon Jan 11 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.98.1-2
- harden the toolbox binary
- minor fixes
- Related: #1883490
* Fri Jan 08 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.98.1-1
- Rebase to github.com/containers/toolbox