diff --git a/.gitignore b/.gitignore index 6787941..8751077 100644 --- a/.gitignore +++ b/.gitignore @@ -31,3 +31,4 @@ /toolbox-0.0.99.3-vendor.tar.xz /toolbox-0.0.99.4-vendored.tar.xz /toolbox-0.0.99.5-vendored.tar.xz +/toolbox-0.0.99.6-vendored.tar.xz diff --git a/rpminspect.yaml b/rpminspect.yaml index ab3e59b..f0d9c5c 100644 --- a/rpminspect.yaml +++ b/rpminspect.yaml @@ -7,6 +7,9 @@ annocheck: extra_opts: hardened: --skip-run-path --skip-stack-prot +elf: + exclude_path: /usr/bin/toolbox + runpath: allowed_paths: - /run/host/usr/lib diff --git a/sources b/sources index df91c99..a7670e1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (toolbox-0.0.99.5-vendored.tar.xz) = d82666e9abcbac2d01de440dfb8d57801bb97ec0854a9859c64689c47c6a1344b846fb151ffa9371d0a9a2c85c8f61c96cf8f546449ec63c9a44d85ef328b745 +SHA512 (toolbox-0.0.99.6-vendored.tar.xz) = 9ecec200069e8e2536e5ece43d411f9025dba6f60573e7939a0fc26deef29f0297d405a44fd409e978879b0579ab0a79ace97228a199584854c638213fa219d7 diff --git a/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch b/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch deleted file mode 100644 index 35ecc83..0000000 --- a/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 4f8b443ab925c84d059d894ddcfcf4dcf66a747e Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags} - for PPC64 - -The Go toolchain also doesn't like the LDFLAGS environment variable as -exported by Fedora's %{meson} RPM macro. - -Note that these flags are only meant for the "ppc64" CPU architecture, -and should be kept updated to match Fedora's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..cae2de426a96 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-}" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,16 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.43.0 - diff --git a/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch b/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch deleted file mode 100644 index c290d36..0000000 --- a/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 3175ef2fab1f61f5784361070ac338dabda3c04e Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags} - -The Go toolchain doesn't like the LDFLAGS environment variable as -exported by Fedora's %{meson} RPM macro. - -Note that these flags are meant for every CPU architecture other than -PPC64, and should be kept updated to match Fedora's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..0e6a2efa6853 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-}" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,17 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -buildmode pie \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.43.0 - diff --git a/toolbox-Make-the-build-flags-match-Fedora.patch b/toolbox-Make-the-build-flags-match-Fedora.patch new file mode 100644 index 0000000..27fd99d --- /dev/null +++ b/toolbox-Make-the-build-flags-match-Fedora.patch @@ -0,0 +1,47 @@ +From 7dc70160c8ff531473004e879dd57ec303789d71 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags} + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match Fedora's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..5978422e9aed 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-}" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.46.1 + diff --git a/toolbox-Make-the-build-flags-match-RHEL-10.patch b/toolbox-Make-the-build-flags-match-RHEL-10.patch new file mode 100644 index 0000000..e43e0eb --- /dev/null +++ b/toolbox-Make-the-build-flags-match-RHEL-10.patch @@ -0,0 +1,71 @@ +From f08f64c0d5f2019055381c3c00426fe8545e5e31 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL 10's %{gobuildflags} + +These reflect the defaults for RHEL 10.0 Beta, because RHEL 10.0 is +still early in its development cycle and the defaults may be in a state +of flux. Some exceptions are mentioned below. + +The '-z pack-relative-relocs' linker flag was left out. It's currently +not supported on s390x, so using it would require architecture specific +patches, which is a hassle. Support for aarch64 was recently added [1], +so hopefully s390x will also be supported soon. + +The change to use the RPM's %{name}, %{version}, %{release} and the +SOURCE_DATE_EPOCH environment variable [2], instead of /dev/urandom, to +generate the build ID annotation for the toolbox(1) binary [2] was left +out. It will need more work to propagate the RPM's %{name}, %{version} +and %{release} to Meson. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL 10's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. + +[1] CentOS Stream redhat-rpm-config commit 3c5a6b17540b2a0b + https://gitlab.com/redhat/centos-stream/rpms/redhat-rpm-config/-/commit/3c5a6b17540b2a0b + https://gitlab.com/redhat/centos-stream/rpms/redhat-rpm-config/-/merge_requests/42 + https://issues.redhat.com/browse/RHEL-40379 + +[2] go-rpm-macros commit 1980932bf3a21890 + https://pagure.io/go-rpm-macros/c/1980932bf3a21890 + https://fedoraproject.org/wiki/Changes/ReproduciblePackageBuilds +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..5978422e9aed 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-}" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.46.1 + diff --git a/toolbox-Make-the-build-flags-match-RHEL-9.patch b/toolbox-Make-the-build-flags-match-RHEL-9.patch new file mode 100644 index 0000000..2c15142 --- /dev/null +++ b/toolbox-Make-the-build-flags-match-RHEL-9.patch @@ -0,0 +1,50 @@ +From ff1320fa869f1e4952836436ab2ad928cbba0987 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL 9's %{gobuildflags} + +These reflect the defaults for RHEL 9.5, because RHEL 9.6 is still early +in its development cycle and the defaults may be in a state of flux. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL 9's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..0a2c7526f210 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-},libtrust_openssl" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.46.1 + diff --git a/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch b/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch deleted file mode 100644 index 15b52a8..0000000 --- a/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 973600219168f3c4efeb627c103085555327eaa5 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match RHEL's %{gobuildflags} for - PPC64 - -The Go toolchain also doesn't like the LDFLAGS environment variable as -exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't -like the compressed DWARF data generated by the Go toolchain. - -Note that these flags are only meant for the "ppc64" CPU architecture, -and should be kept updated to match RHEL's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..86f174716608 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-},libtrust_openssl" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,16 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.39.2 - diff --git a/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch b/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch deleted file mode 100644 index 1fed4da..0000000 --- a/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch +++ /dev/null @@ -1,55 +0,0 @@ -From aeaa8cd30a8c5ad33ee1fe6b9e84ecbb28f7264c Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match RHEL's %{gobuildflags} - -The Go toolchain doesn't like the LDFLAGS environment variable as -exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't -like the compressed DWARF data generated by the Go toolchain. - -Note that these flags are meant for every CPU architecture other than -PPC64, and should be kept updated to match RHEL's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..d39764fda0c1 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-},libtrust_openssl" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,17 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -buildmode pie \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.39.2 - diff --git a/toolbox-Revert-Work-around-bug-in-past.patch b/toolbox-Revert-Work-around-bug-in-past.patch new file mode 100644 index 0000000..5597a9f --- /dev/null +++ b/toolbox-Revert-Work-around-bug-in-past.patch @@ -0,0 +1,81 @@ +From ed14cd483ae45c5f4cf5596b11c384f4b42bb53b Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Fri, 4 Oct 2024 22:09:03 +0200 +Subject: [PATCH] Revert "playbooks, test/system: Work around bug in pasta(1) + networks" + +The bug in pasta(1) that necessitated this workaround has since been +fixed in passt 2024_05_10.7288448 [1]. Some host operating systems like +CentOS Stream 10 no longer have slirp4netns(1), and it's generally +better to test the defaults. + +This reverts commit b58f9a51088afbfc22edb0b25776cfa2c4d8cc40. + +[1] https://github.com/containers/podman/issues/22575 + https://archives.passt.top/passt-dev/20240508090338.2735208-1-sbrivio@redhat.com/ + https://archives.passt.top/passt-user/20240510225714.6aa8e6c0@elisabeth/ + +https://github.com/containers/toolbox/pull/1562 +--- + playbooks/dependencies-centos-9-stream.yaml | 3 +-- + playbooks/dependencies-fedora.yaml | 3 +-- + test/system/libs/helpers.bash | 1 - + 3 files changed, 2 insertions(+), 5 deletions(-) + +diff --git a/playbooks/dependencies-centos-9-stream.yaml b/playbooks/dependencies-centos-9-stream.yaml +index 5c1194c03583..d058d314b7b3 100644 +--- a/playbooks/dependencies-centos-9-stream.yaml ++++ b/playbooks/dependencies-centos-9-stream.yaml +@@ -13,7 +13,6 @@ + - podman + - shadow-utils-subid-devel + - skopeo +- - slirp4netns + - systemd + - udisks2 + +@@ -55,7 +54,7 @@ + chdir: '{{ zuul.project.src_dir }}' + + - name: Check versions of crucial packages +- command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo slirp4netns ++ command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo + + - name: Show podman versions + command: podman version +diff --git a/playbooks/dependencies-fedora.yaml b/playbooks/dependencies-fedora.yaml +index ea605135a4c2..8007ce958ddb 100644 +--- a/playbooks/dependencies-fedora.yaml ++++ b/playbooks/dependencies-fedora.yaml +@@ -35,7 +35,6 @@ + - podman + - shadow-utils-subid-devel + - skopeo +- - slirp4netns + - systemd + - udisks2 + use: "{{ 'dnf' if zuul.attempts > 1 else 'auto' }}" +@@ -56,7 +55,7 @@ + chdir: '{{ zuul.project.src_dir }}' + + - name: Check versions of crucial packages +- command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo slirp4netns ++ command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo + + - name: Show podman versions + command: podman version +diff --git a/test/system/libs/helpers.bash b/test/system/libs/helpers.bash +index dfd6236c2943..2d05641f5d0a 100644 +--- a/test/system/libs/helpers.bash ++++ b/test/system/libs/helpers.bash +@@ -195,7 +195,6 @@ function _setup_docker_registry() { + --env REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \ + --env REGISTRY_HTTP_TLS_KEY=/certs/domain.key \ + --name "${DOCKER_REG_NAME}" \ +- --network slirp4netns \ + --privileged \ + --publish 50000:5000 \ + --rm \ +-- +2.46.1 + diff --git a/toolbox-Unbreak-downstream-Fedora-CI.patch b/toolbox-Unbreak-downstream-Fedora-CI.patch new file mode 100644 index 0000000..b743f2d --- /dev/null +++ b/toolbox-Unbreak-downstream-Fedora-CI.patch @@ -0,0 +1,104 @@ +From 1e90c721858b3119702b93445f535f9c23af88e6 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Wed, 2 Oct 2024 22:43:37 +0200 +Subject: [PATCH] test/system: Unbreak the downstream Fedora CI + +The working directory from which bats(1) is invoked might not be part of +the Toolbx container. eg., the downstream Fedora CI invokes the tests +as: + $ cd /path/to/toolbox/test/system + $ bats . + +... and it led to: + not ok 8 help: Try unknown command (forwarded to host) + # tags: commands-options + # (from function `assert_line' in file + ./libs/bats-assert/src/assert.bash, line 488, + # in test file ./002-help.bats, line 135) + # `assert_line --index 0 + "Error: unknown command \"foo\" for \"toolbox\""' failed + # + # -- line differs -- + # index : 0 + # expected : Error: unknown command "foo" for "toolbox" + # actual : Error: crun: chdir to `/usr/share/toolbox/test/system`: + No such file or directory: OCI runtime attempted to invoke a + command that was not found + # -- + # + +https://github.com/containers/toolbox/pull/1560 +--- + test/system/002-help.bats | 2 ++ + test/system/501-create.bats | 2 ++ + test/system/504-run.bats | 2 ++ + test/system/505-enter.bats | 2 ++ + 4 files changed, 8 insertions(+) + +diff --git a/test/system/002-help.bats b/test/system/002-help.bats +index 57e918a04d22..a8bfbc2c79d2 100644 +--- a/test/system/002-help.bats ++++ b/test/system/002-help.bats +@@ -25,9 +25,11 @@ setup() { + bats_require_minimum_version 1.10.0 + _setup_environment + cleanup_all ++ pushd "$HOME" || return 1 + } + + teardown() { ++ popd || return 1 + cleanup_all + } + +diff --git a/test/system/501-create.bats b/test/system/501-create.bats +index 3f50f98e6bf3..cfb676b7001b 100644 +--- a/test/system/501-create.bats ++++ b/test/system/501-create.bats +@@ -25,9 +25,11 @@ setup() { + bats_require_minimum_version 1.8.0 + _setup_environment + cleanup_all ++ pushd "$HOME" || return 1 + } + + teardown() { ++ popd || return 1 + cleanup_all + } + +diff --git a/test/system/504-run.bats b/test/system/504-run.bats +index cc5f6fa8bb09..6ee3e86af1ff 100644 +--- a/test/system/504-run.bats ++++ b/test/system/504-run.bats +@@ -25,9 +25,11 @@ setup() { + bats_require_minimum_version 1.8.0 + _setup_environment + cleanup_all ++ pushd "$HOME" || return 1 + } + + teardown() { ++ popd || return 1 + cleanup_all + } + +diff --git a/test/system/505-enter.bats b/test/system/505-enter.bats +index 405d184f145e..57e58651623d 100644 +--- a/test/system/505-enter.bats ++++ b/test/system/505-enter.bats +@@ -25,9 +25,11 @@ setup() { + bats_require_minimum_version 1.8.0 + _setup_environment + cleanup_all ++ pushd "$HOME" || return 1 + } + + teardown() { ++ popd || return 1 + cleanup_all + } + +-- +2.46.1 + diff --git a/toolbox-Update-fallback-release-to-40-for-non-fedo.patch b/toolbox-Update-fallback-release-to-40-for-non-fedo.patch new file mode 100644 index 0000000..7bad62f --- /dev/null +++ b/toolbox-Update-fallback-release-to-40-for-non-fedo.patch @@ -0,0 +1,30 @@ +From b524f4cebd8c65746089f898e14a99c7cfded306 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Thu, 3 Oct 2024 22:08:04 +0200 +Subject: [PATCH] pkg/utils: Update fallback release to 40 for non-fedora hosts + +Fedora 38 reached End of Life on 21st May 2024: +https://docs.fedoraproject.org/en-US/releases/eol/ + +https://bugzilla.redhat.com/show_bug.cgi?id=2316312 +https://github.com/containers/toolbox/pull/1561 +--- + src/pkg/utils/utils.go | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/pkg/utils/utils.go b/src/pkg/utils/utils.go +index eefcd1eeb2cc..37a49fedf772 100644 +--- a/src/pkg/utils/utils.go ++++ b/src/pkg/utils/utils.go +@@ -64,7 +64,7 @@ const ( + containerNamePrefixFallback = "fedora-toolbox" + distroFallback = "fedora" + idTruncLength = 12 +- releaseFallback = "38" ++ releaseFallback = "40" + ) + + const ( +-- +2.46.1 + diff --git a/toolbox-playbooks-test-system-bats-1.11-podman-5.patch b/toolbox-playbooks-test-system-bats-1.11-podman-5.patch deleted file mode 100644 index 7834933..0000000 --- a/toolbox-playbooks-test-system-bats-1.11-podman-5.patch +++ /dev/null @@ -1,161 +0,0 @@ -From 6626b11e1565412e411f585657ebe9615ec58cad Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Wed, 17 Apr 2024 16:58:32 +0200 -Subject: [PATCH 1/2] playbooks: Show the Bats version - -Ansible's built-in 'package' module doesn't show any details when -installing the RPMs. All that can be seen is: - TASK [Install RPM packages] - fedora-rawhide | changed - -Therefore, there's no way to know what version of the packages got -installed. - -In this case, not knowing the Bats version being used by the CI makes it -difficult to know why the tests are generating this spew on Fedora -Rawhide [1]: - TASK [Run system tests] - test/system/libs/helpers.bash: line 7: TEMP_BASE_DIR: readonly variable - test/system/libs/helpers.bash: line 8: TEMP_STORAGE_DIR: readonly variable - test/system/libs/helpers.bash: line 10: IMAGE_CACHE_DIR: readonly variable - test/system/libs/helpers.bash: line 11: ROOTLESS_PODMAN_STORE_DIR: readonly variable - test/system/libs/helpers.bash: line 12: ROOTLESS_PODMAN_RUNROOT_DIR: readonly variable - test/system/libs/helpers.bash: line 13: PODMAN_STORE_CONFIG_FILE: readonly variable - test/system/libs/helpers.bash: line 14: DOCKER_REG_ROOT: readonly variable - test/system/libs/helpers.bash: line 15: DOCKER_REG_CERTS_DIR: readonly variable - test/system/libs/helpers.bash: line 16: DOCKER_REG_AUTH_DIR: readonly variable - test/system/libs/helpers.bash: line 17: DOCKER_REG_URI: readonly variable - test/system/libs/helpers.bash: line 18: DOCKER_REG_NAME: readonly variable - test/system/libs/helpers.bash: line 21: PODMAN: readonly variable - test/system/libs/helpers.bash: line 22: TOOLBX: readonly variable - test/system/libs/helpers.bash: line 23: SKOPEO: readonly variable - ... - fedora-rawhide | 1..340 - -[1] https://github.com/bats-core/bats-core/pull/904 - -https://github.com/containers/toolbox/pull/1482 ---- - playbooks/dependencies-centos-9-stream.yaml | 2 +- - playbooks/dependencies-fedora.yaml | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/playbooks/dependencies-centos-9-stream.yaml b/playbooks/dependencies-centos-9-stream.yaml -index ffbc6d9903cb..d058d314b7b3 100644 ---- a/playbooks/dependencies-centos-9-stream.yaml -+++ b/playbooks/dependencies-centos-9-stream.yaml -@@ -54,7 +54,7 @@ - chdir: '{{ zuul.project.src_dir }}' - - - name: Check versions of crucial packages -- command: rpm -qa ShellCheck codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo -+ command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo - - - name: Show podman versions - command: podman version -diff --git a/playbooks/dependencies-fedora.yaml b/playbooks/dependencies-fedora.yaml -index d493bd0729ea..ade169917cbe 100644 ---- a/playbooks/dependencies-fedora.yaml -+++ b/playbooks/dependencies-fedora.yaml -@@ -54,7 +54,7 @@ - chdir: '{{ zuul.project.src_dir }}' - - - name: Check versions of crucial packages -- command: rpm -qa ShellCheck codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo -+ command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo - - - name: Show podman versions - command: podman version --- -2.44.0 - - -From b58f9a51088afbfc22edb0b25776cfa2c4d8cc40 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 25 Mar 2024 23:04:23 +0100 -Subject: [PATCH 2/2] playbooks, test/system: Work around bug in pasta(1) - networks - -Podman 5.0 switched to using pasta(1), instead of slirp4netns(1), by -default for rootless containers. This change has led to a regression -causing 'skopeo copy' to get stuck uploading an OCI image to the local -temporary Docker registry run by the tests as a Podman container [1], -which breaks the test suite on Fedora 40 onwards. - -Work around this by forcing the use of slirp4netns(1). - -Note that the slirp4nets package needs to be explicitly installed on -Fedora 40 onwards, because the dependency in containers-common-extra -changed from Recommends to Suggests [2]. - -[1] https://github.com/containers/podman/issues/22575 - -[2] Fedora containers-common commit 17934d87b2686ab5 - Fedora containers-common commit 13c232f064113860 - https://src.fedoraproject.org/rpms/containers-common/c/17934d87b2686ab5 - https://src.fedoraproject.org/rpms/containers-common/c/13c232f064113860 - -https://github.com/containers/toolbox/pull/1468 ---- - playbooks/dependencies-centos-9-stream.yaml | 3 ++- - playbooks/dependencies-fedora.yaml | 3 ++- - test/system/libs/helpers.bash | 1 + - 3 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/playbooks/dependencies-centos-9-stream.yaml b/playbooks/dependencies-centos-9-stream.yaml -index d058d314b7b3..5c1194c03583 100644 ---- a/playbooks/dependencies-centos-9-stream.yaml -+++ b/playbooks/dependencies-centos-9-stream.yaml -@@ -13,6 +13,7 @@ - - podman - - shadow-utils-subid-devel - - skopeo -+ - slirp4netns - - systemd - - udisks2 - -@@ -54,7 +55,7 @@ - chdir: '{{ zuul.project.src_dir }}' - - - name: Check versions of crucial packages -- command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo -+ command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo slirp4netns - - - name: Show podman versions - command: podman version -diff --git a/playbooks/dependencies-fedora.yaml b/playbooks/dependencies-fedora.yaml -index ade169917cbe..76ce655bf9d3 100644 ---- a/playbooks/dependencies-fedora.yaml -+++ b/playbooks/dependencies-fedora.yaml -@@ -35,6 +35,7 @@ - - podman - - shadow-utils-subid-devel - - skopeo -+ - slirp4netns - - systemd - - udisks2 - -@@ -54,7 +55,7 @@ - chdir: '{{ zuul.project.src_dir }}' - - - name: Check versions of crucial packages -- command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo -+ command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo slirp4netns - - - name: Show podman versions - command: podman version -diff --git a/test/system/libs/helpers.bash b/test/system/libs/helpers.bash -index 66278888cbe2..c056c601ab94 100644 ---- a/test/system/libs/helpers.bash -+++ b/test/system/libs/helpers.bash -@@ -202,6 +202,7 @@ function _setup_docker_registry() { - -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ - -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \ - -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \ -+ --network slirp4netns \ - -p 50000:443 \ - "${IMAGES[docker-reg]}" - assert_success --- -2.44.0 - diff --git a/toolbox-test-system-Unbreak-Podman-s-downstream-Fedora-CI.patch b/toolbox-test-system-Unbreak-Podman-s-downstream-Fedora-CI.patch deleted file mode 100644 index 1956003..0000000 --- a/toolbox-test-system-Unbreak-Podman-s-downstream-Fedora-CI.patch +++ /dev/null @@ -1,208 +0,0 @@ -From a859f73d075ec0505994d8ce0f371ec28e466983 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Tue, 13 Feb 2024 21:56:06 +0100 -Subject: [PATCH 1/2] test/system: Unbreak Podman's downstream Fedora CI - -The paths to bats-assert and bats-support are broken, if bats(1) is -invoked from any other location than the parent directory of the 'tests' -directory. eg., Podman's downstream Fedora CI invokes the tests as: - $ cd /path/to/toolbox/test/system - $ bats . - -... and it led to [1]: - 1..306 - # test suite: Set up - # Missing dependencies - # Forgot to run 'git submodule init' and 'git submodule update' ? - # test suite: Tear down - not ok 1 setup_suite - # (from function `setup_suite' in test file ./setup_suite.bash, line 33) - # `return 1' failed - # bats warning: Executed 1 instead of expected 306 tests - -Fallout from 2c0960660330dc6be6861502988695f9812c475a - -[1] https://bugzilla.redhat.com/show_bug.cgi?id=2263968 - -https://github.com/containers/toolbox/pull/1448 ---- - test/system/setup_suite.bash | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/test/system/setup_suite.bash b/test/system/setup_suite.bash -index e4edf232bcd8..01985b7f9afc 100644 ---- a/test/system/setup_suite.bash -+++ b/test/system/setup_suite.bash -@@ -17,7 +17,7 @@ - - missing_dependencies=false - --if [ -f test/system/libs/bats-assert/load.bash ] && [ -f test/system/libs/bats-support/load.bash ]; then -+if [ -f "$BATS_TEST_DIRNAME/libs/bats-assert/load.bash" ] && [ -f "$BATS_TEST_DIRNAME/libs/bats-support/load.bash" ]; then - load 'libs/helpers' - else - missing_dependencies=true --- -2.43.0 - - -From a183876eae2bb4ffd84bca4303fc28be6725ebc2 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Fri, 23 Feb 2024 10:38:16 +0100 -Subject: [PATCH 2/2] test/system: Unbreak Podman's downstream Fedora CI (part - 2) - -The working directory from which bats(1) is invoked might not be part of -the Toolbx container. eg., Podman's downstream Fedora CI invokes the -tests as: - $ cd /path/to/toolbox/test/system - $ bats . - -... and it led to [1]: - not ok 110 run: Smoke test with true(1) - # (from function `assert_output' in file - ./libs/bats-assert/src/assert.bash, line 255, - # in test file ./104-run.bats, line 38) - # `assert_output ""' failed - # - # -- output differs -- - # expected (0 lines): - # - # actual (3 lines): - # Error: crun: chdir to `/usr/share/toolbox/test/system`: No such - file or directory: OCI runtime attempted to invoke a command that - was not found - # Error: directory /usr/share/toolbox/test/system not found in - container fedora-toolbox-41 - # Using /home/testuser instead. - # -- - # - -[1] https://bugzilla.redhat.com/show_bug.cgi?id=2263968 - -https://github.com/containers/toolbox/pull/1457 ---- - test/system/104-run.bats | 2 ++ - test/system/201-ipc.bats | 2 ++ - test/system/203-network.bats | 2 ++ - test/system/206-user.bats | 2 ++ - test/system/210-ulimit.bats | 2 ++ - test/system/211-dbus.bats | 2 ++ - test/system/220-environment-variables.bats | 2 ++ - 7 files changed, 14 insertions(+) - -diff --git a/test/system/104-run.bats b/test/system/104-run.bats -index ff11a8477062..a0cb89fdeeca 100644 ---- a/test/system/104-run.bats -+++ b/test/system/104-run.bats -@@ -23,9 +23,11 @@ setup() { - bats_require_minimum_version 1.7.0 - _setup_environment - cleanup_containers -+ pushd "$HOME" || return 1 - } - - teardown() { -+ popd || return 1 - cleanup_containers - } - -diff --git a/test/system/201-ipc.bats b/test/system/201-ipc.bats -index 15c791dec86d..09200b41d06c 100644 ---- a/test/system/201-ipc.bats -+++ b/test/system/201-ipc.bats -@@ -23,9 +23,11 @@ setup() { - bats_require_minimum_version 1.7.0 - _setup_environment - cleanup_containers -+ pushd "$HOME" || return 1 - } - - teardown() { -+ popd || return 1 - cleanup_containers - } - -diff --git a/test/system/203-network.bats b/test/system/203-network.bats -index db1ba561f314..012374e3317f 100644 ---- a/test/system/203-network.bats -+++ b/test/system/203-network.bats -@@ -35,9 +35,11 @@ setup() { - bats_require_minimum_version 1.7.0 - _setup_environment - cleanup_containers -+ pushd "$HOME" || return 1 - } - - teardown() { -+ popd || return 1 - cleanup_containers - } - -diff --git a/test/system/206-user.bats b/test/system/206-user.bats -index 2df7862f259e..473a6b40905a 100644 ---- a/test/system/206-user.bats -+++ b/test/system/206-user.bats -@@ -23,9 +23,11 @@ setup() { - bats_require_minimum_version 1.7.0 - _setup_environment - cleanup_containers -+ pushd "$HOME" || return 1 - } - - teardown() { -+ popd || return 1 - cleanup_containers - } - -diff --git a/test/system/210-ulimit.bats b/test/system/210-ulimit.bats -index ea0c46685df1..ea08feea1513 100644 ---- a/test/system/210-ulimit.bats -+++ b/test/system/210-ulimit.bats -@@ -23,9 +23,11 @@ setup() { - bats_require_minimum_version 1.7.0 - _setup_environment - cleanup_containers -+ pushd "$HOME" || return 1 - } - - teardown() { -+ popd || return 1 - cleanup_containers - } - -diff --git a/test/system/211-dbus.bats b/test/system/211-dbus.bats -index 295bb71b2789..61c543a56005 100644 ---- a/test/system/211-dbus.bats -+++ b/test/system/211-dbus.bats -@@ -23,9 +23,11 @@ setup() { - bats_require_minimum_version 1.7.0 - _setup_environment - cleanup_containers -+ pushd "$HOME" || return 1 - } - - teardown() { -+ popd || return 1 - cleanup_containers - } - -diff --git a/test/system/220-environment-variables.bats b/test/system/220-environment-variables.bats -index 5b51d17dee55..c24e07d146ee 100644 ---- a/test/system/220-environment-variables.bats -+++ b/test/system/220-environment-variables.bats -@@ -23,9 +23,11 @@ setup() { - bats_require_minimum_version 1.7.0 - _setup_environment - cleanup_containers -+ pushd "$HOME" || return 1 - } - - teardown() { -+ popd || return 1 - cleanup_containers - } - --- -2.43.0 - diff --git a/toolbox-test-system-new.patch b/toolbox-test-system-new.patch deleted file mode 100644 index 9800b15..0000000 --- a/toolbox-test-system-new.patch +++ /dev/null @@ -1,894 +0,0 @@ -From f51c4a4cd8ff1c51a68073a10eaddab8f16fdaf6 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Thu, 8 Feb 2024 22:18:33 +0100 -Subject: [PATCH 1/4] test/system: Ensure that the user is part of a group with - the same name - -https://github.com/containers/toolbox/pull/1447 ---- - test/system/206-user.bats | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/test/system/206-user.bats b/test/system/206-user.bats -index c295d8a61f39..cdd38c146024 100644 ---- a/test/system/206-user.bats -+++ b/test/system/206-user.bats -@@ -434,6 +434,7 @@ teardown() { - run --keep-empty-lines --separate-stderr "$TOOLBOX" run cat /etc/group - - assert_success -+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$" - assert_line --regexp "^(sudo|wheel):x:[[:digit:]]+:$USER$" - assert [ ${#lines[@]} -gt 1 ] - -@@ -447,6 +448,7 @@ teardown() { - run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch cat /etc/group - - assert_success -+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$" - assert_line --regexp "^wheel:x:[[:digit:]]+:$USER$" - assert [ ${#lines[@]} -gt 1 ] - -@@ -460,6 +462,7 @@ teardown() { - run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 cat /etc/group - - assert_success -+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$" - assert_line --regexp "^wheel:x:[[:digit:]]+:$USER$" - assert [ ${#lines[@]} -gt 1 ] - -@@ -473,6 +476,7 @@ teardown() { - run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 cat /etc/group - - assert_success -+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$" - assert_line --regexp "^wheel:x:[[:digit:]]+:$USER$" - assert [ ${#lines[@]} -gt 1 ] - -@@ -486,6 +490,7 @@ teardown() { - run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 cat /etc/group - - assert_success -+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$" - assert_line --regexp "^sudo:x:[[:digit:]]+:$USER$" - assert [ ${#lines[@]} -gt 1 ] - -@@ -499,6 +504,7 @@ teardown() { - run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 cat /etc/group - - assert_success -+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$" - assert_line --regexp "^sudo:x:[[:digit:]]+:$USER$" - assert [ ${#lines[@]} -gt 1 ] - -@@ -512,6 +518,7 @@ teardown() { - run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 cat /etc/group - - assert_success -+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$" - assert_line --regexp "^sudo:x:[[:digit:]]+:$USER$" - assert [ ${#lines[@]} -gt 1 ] - --- -2.43.0 - - -From b2d64fad1a23a07919efdb70de9247645e44f973 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Thu, 8 Feb 2024 22:51:43 +0100 -Subject: [PATCH 2/4] test/system: Ensure that process started by 'podman exec' - has all groups -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Commit 15173f8c25c81244 exposed a bug in crun(1) [1] where the process -started directly by 'podman exec --user ...' inside the Toolbx container -would not have the supplementary groups attached to the user by the -entry point. - -This could be observed by differences in id(1): - ⬢$ id - uid=1000(user) gid=1000(user) groups=1000(user) - ⬢$ id user - uid=1000(user) gid=1000(user) groups=1000(user),10(wheel) - -... and could be worked around by starting a new session with sudo(8). - -[1] crun commit 9effaebb429a1aed - https://github.com/containers/crun/commit/9effaebb429a1aed - https://github.com/containers/crun/issues/644 - https://github.com/containers/podman/issues/9986 - -https://github.com/containers/toolbox/issues/608 ---- - test/system/206-user.bats | 231 ++++++++++++++++++++++++++++++++++++++ - 1 file changed, 231 insertions(+) - -diff --git a/test/system/206-user.bats b/test/system/206-user.bats -index cdd38c146024..2df7862f259e 100644 ---- a/test/system/206-user.bats -+++ b/test/system/206-user.bats -@@ -525,3 +525,234 @@ teardown() { - # shellcheck disable=SC2154 - assert [ ${#stderr_lines[@]} -eq 0 ] - } -+ -+@test "user: id(1) for $USER inside the default container" { -+ create_default_container -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run id -+ -+ assert_success -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ local output_id="${lines[0]}" -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run id "$USER" -+ -+ assert_success -+ assert_line --index 0 "$output_id" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "user: id(1) for $USER inside Arch Linux" { -+ create_distro_container arch latest arch-toolbox-latest -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch id -+ -+ assert_success -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ local output_id="${lines[0]}" -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch id "$USER" -+ -+ assert_success -+ assert_line --index 0 "$output_id" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "user: id(1) for $USER inside Fedora 34" { -+ create_distro_container fedora 34 fedora-toolbox-34 -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 id -+ -+ assert_success -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ local output_id="${lines[0]}" -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 id "$USER" -+ -+ assert_success -+ assert_line --index 0 "$output_id" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "user: id(1) for $USER inside RHEL 8.7" { -+ create_distro_container rhel 8.7 rhel-toolbox-8.7 -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 id -+ -+ assert_success -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ local output_id="${lines[0]}" -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 id "$USER" -+ -+ assert_success -+ assert_line --index 0 "$output_id" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "user: id(1) for $USER inside Ubuntu 16.04" { -+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04 -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 id -+ -+ assert_success -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ local output_id="${lines[0]}" -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 id "$USER" -+ -+ assert_success -+ assert_line --index 0 "$output_id" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "user: id(1) for $USER inside Ubuntu 18.04" { -+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04 -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 id -+ -+ assert_success -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ local output_id="${lines[0]}" -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 id "$USER" -+ -+ assert_success -+ assert_line --index 0 "$output_id" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "user: id(1) for $USER inside Ubuntu 20.04" { -+ create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04 -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 id -+ -+ assert_success -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ local output_id="${lines[0]}" -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+ -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 id "$USER" -+ -+ assert_success -+ assert_line --index 0 "$output_id" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ # shellcheck disable=SC2154 -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} --- -2.43.0 - - -From da2555d04f9ff677b3f2033ff36390f75c3a509d Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Thu, 18 Jan 2024 19:53:02 +0100 -Subject: [PATCH 3/4] test/system: Group by higher-level objective, not - distribution - -Fallout from 51ffd2793d882ffab45ace44c03edfdaeb3f138c - -https://github.com/containers/toolbox/pull/1436 ---- - test/system/220-environment-variables.bats | 152 ++++++++++----------- - 1 file changed, 76 insertions(+), 76 deletions(-) - -diff --git a/test/system/220-environment-variables.bats b/test/system/220-environment-variables.bats -index 0e1356654468..dd74b1dc5142 100644 ---- a/test/system/220-environment-variables.bats -+++ b/test/system/220-environment-variables.bats -@@ -1,6 +1,6 @@ - # shellcheck shell=bats - # --# Copyright © 2023 Red Hat, Inc. -+# Copyright © 2023 – 2024 Red Hat, Inc. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. -@@ -57,25 +57,24 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTSIZE inside the default container" { -- skip "https://pagure.io/setup/pull-request/48" -- -- create_default_container -+@test "environment variables: HISTFILESIZE inside Arch Linux" { -+ create_distro_container arch latest arch-toolbox-latest - -- if [ "$HISTSIZE" = "" ]; then -+ # shellcheck disable=SC2031 -+ if [ "$HISTFILESIZE" = "" ]; then - # shellcheck disable=SC2030 -- HISTSIZE=1001 -+ HISTFILESIZE=1001 - else -- ((HISTSIZE++)) -+ ((HISTFILESIZE++)) - fi - -- export HISTSIZE -+ export HISTFILESIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run bash -c 'echo "$HISTSIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTFILESIZE"' - - assert_success -- assert_line --index 0 "$HISTSIZE" -+ assert_line --index 0 "$HISTFILESIZE" - - if check_bats_version 1.10.0; then - assert [ ${#lines[@]} -eq 1 ] -@@ -87,8 +86,8 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTFILESIZE inside Arch Linux" { -- create_distro_container arch latest arch-toolbox-latest -+@test "environment variables: HISTFILESIZE inside Fedora 34" { -+ create_distro_container fedora 34 fedora-toolbox-34 - - # shellcheck disable=SC2031 - if [ "$HISTFILESIZE" = "" ]; then -@@ -101,7 +100,7 @@ teardown() { - export HISTFILESIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTFILESIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTFILESIZE"' - - assert_success - assert_line --index 0 "$HISTFILESIZE" -@@ -116,24 +115,24 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTSIZE inside Arch Linux" { -- create_distro_container arch latest arch-toolbox-latest -+@test "environment variables: HISTFILESIZE inside RHEL 8.7" { -+ create_distro_container rhel 8.7 rhel-toolbox-8.7 - - # shellcheck disable=SC2031 -- if [ "$HISTSIZE" = "" ]; then -+ if [ "$HISTFILESIZE" = "" ]; then - # shellcheck disable=SC2030 -- HISTSIZE=1001 -+ HISTFILESIZE=1001 - else -- ((HISTSIZE++)) -+ ((HISTFILESIZE++)) - fi - -- export HISTSIZE -+ export HISTFILESIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTSIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTFILESIZE"' - - assert_success -- assert_line --index 0 "$HISTSIZE" -+ assert_line --index 0 "$HISTFILESIZE" - - if check_bats_version 1.10.0; then - assert [ ${#lines[@]} -eq 1 ] -@@ -145,8 +144,8 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTFILESIZE inside Fedora 34" { -- create_distro_container fedora 34 fedora-toolbox-34 -+@test "environment variables: HISTFILESIZE inside Ubuntu 16.04" { -+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04 - - # shellcheck disable=SC2031 - if [ "$HISTFILESIZE" = "" ]; then -@@ -159,7 +158,8 @@ teardown() { - export HISTFILESIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTFILESIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 \ -+ bash -c 'echo "$HISTFILESIZE"' - - assert_success - assert_line --index 0 "$HISTFILESIZE" -@@ -174,26 +174,25 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTSIZE inside Fedora 34" { -- skip "https://pagure.io/setup/pull-request/48" -- -- create_distro_container fedora 34 fedora-toolbox-34 -+@test "environment variables: HISTFILESIZE inside Ubuntu 18.04" { -+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04 - - # shellcheck disable=SC2031 -- if [ "$HISTSIZE" = "" ]; then -+ if [ "$HISTFILESIZE" = "" ]; then - # shellcheck disable=SC2030 -- HISTSIZE=1001 -+ HISTFILESIZE=1001 - else -- ((HISTSIZE++)) -+ ((HISTFILESIZE++)) - fi - -- export HISTSIZE -+ export HISTFILESIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTSIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 \ -+ bash -c 'echo "$HISTFILESIZE"' - - assert_success -- assert_line --index 0 "$HISTSIZE" -+ assert_line --index 0 "$HISTFILESIZE" - - if check_bats_version 1.10.0; then - assert [ ${#lines[@]} -eq 1 ] -@@ -205,12 +204,11 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTFILESIZE inside RHEL 8.7" { -- create_distro_container rhel 8.7 rhel-toolbox-8.7 -+@test "environment variables: HISTFILESIZE inside Ubuntu 20.04" { -+ create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04 - - # shellcheck disable=SC2031 - if [ "$HISTFILESIZE" = "" ]; then -- # shellcheck disable=SC2030 - HISTFILESIZE=1001 - else - ((HISTFILESIZE++)) -@@ -219,7 +217,8 @@ teardown() { - export HISTFILESIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTFILESIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 \ -+ bash -c 'echo "$HISTFILESIZE"' - - assert_success - assert_line --index 0 "$HISTFILESIZE" -@@ -234,12 +233,11 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTSIZE inside RHEL 8.7" { -+@test "environment variables: HISTSIZE inside the default container" { - skip "https://pagure.io/setup/pull-request/48" - -- create_distro_container rhel 8.7 rhel-toolbox-8.7 -+ create_default_container - -- # shellcheck disable=SC2031 - if [ "$HISTSIZE" = "" ]; then - # shellcheck disable=SC2030 - HISTSIZE=1001 -@@ -250,7 +248,7 @@ teardown() { - export HISTSIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTSIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run bash -c 'echo "$HISTSIZE"' - - assert_success - assert_line --index 0 "$HISTSIZE" -@@ -265,25 +263,24 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTFILESIZE inside Ubuntu 16.04" { -- create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04 -+@test "environment variables: HISTSIZE inside Arch Linux" { -+ create_distro_container arch latest arch-toolbox-latest - - # shellcheck disable=SC2031 -- if [ "$HISTFILESIZE" = "" ]; then -+ if [ "$HISTSIZE" = "" ]; then - # shellcheck disable=SC2030 -- HISTFILESIZE=1001 -+ HISTSIZE=1001 - else -- ((HISTFILESIZE++)) -+ ((HISTSIZE++)) - fi - -- export HISTFILESIZE -+ export HISTSIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 \ -- bash -c 'echo "$HISTFILESIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTSIZE"' - - assert_success -- assert_line --index 0 "$HISTFILESIZE" -+ assert_line --index 0 "$HISTSIZE" - - if check_bats_version 1.10.0; then - assert [ ${#lines[@]} -eq 1 ] -@@ -295,8 +292,10 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTSIZE inside Ubuntu 16.04" { -- create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04 -+@test "environment variables: HISTSIZE inside Fedora 34" { -+ skip "https://pagure.io/setup/pull-request/48" -+ -+ create_distro_container fedora 34 fedora-toolbox-34 - - # shellcheck disable=SC2031 - if [ "$HISTSIZE" = "" ]; then -@@ -309,7 +308,7 @@ teardown() { - export HISTSIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 bash -c 'echo "$HISTSIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTSIZE"' - - assert_success - assert_line --index 0 "$HISTSIZE" -@@ -324,25 +323,26 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTFILESIZE inside Ubuntu 18.04" { -- create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04 -+@test "environment variables: HISTSIZE inside RHEL 8.7" { -+ skip "https://pagure.io/setup/pull-request/48" -+ -+ create_distro_container rhel 8.7 rhel-toolbox-8.7 - - # shellcheck disable=SC2031 -- if [ "$HISTFILESIZE" = "" ]; then -+ if [ "$HISTSIZE" = "" ]; then - # shellcheck disable=SC2030 -- HISTFILESIZE=1001 -+ HISTSIZE=1001 - else -- ((HISTFILESIZE++)) -+ ((HISTSIZE++)) - fi - -- export HISTFILESIZE -+ export HISTSIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 \ -- bash -c 'echo "$HISTFILESIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTSIZE"' - - assert_success -- assert_line --index 0 "$HISTFILESIZE" -+ assert_line --index 0 "$HISTSIZE" - - if check_bats_version 1.10.0; then - assert [ ${#lines[@]} -eq 1 ] -@@ -354,8 +354,8 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTSIZE inside Ubuntu 18.04" { -- create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04 -+@test "environment variables: HISTSIZE inside Ubuntu 16.04" { -+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04 - - # shellcheck disable=SC2031 - if [ "$HISTSIZE" = "" ]; then -@@ -368,7 +368,7 @@ teardown() { - export HISTSIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 bash -c 'echo "$HISTSIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 bash -c 'echo "$HISTSIZE"' - - assert_success - assert_line --index 0 "$HISTSIZE" -@@ -383,24 +383,24 @@ teardown() { - assert [ ${#stderr_lines[@]} -eq 0 ] - } - --@test "environment variables: HISTFILESIZE inside Ubuntu 20.04" { -- create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04 -+@test "environment variables: HISTSIZE inside Ubuntu 18.04" { -+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04 - - # shellcheck disable=SC2031 -- if [ "$HISTFILESIZE" = "" ]; then -- HISTFILESIZE=1001 -+ if [ "$HISTSIZE" = "" ]; then -+ # shellcheck disable=SC2030 -+ HISTSIZE=1001 - else -- ((HISTFILESIZE++)) -+ ((HISTSIZE++)) - fi - -- export HISTFILESIZE -+ export HISTSIZE - - # shellcheck disable=SC2016 -- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 \ -- bash -c 'echo "$HISTFILESIZE"' -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 bash -c 'echo "$HISTSIZE"' - - assert_success -- assert_line --index 0 "$HISTFILESIZE" -+ assert_line --index 0 "$HISTSIZE" - - if check_bats_version 1.10.0; then - assert [ ${#lines[@]} -eq 1 ] --- -2.43.0 - - -From ee2c92299d5488bab4e54cb04d9a120e0b9ed405 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Thu, 18 Jan 2024 20:17:50 +0100 -Subject: [PATCH 4/4] test/system: Test that the HOSTNAME environment variable - is set - -Bash automatically sets the HOSTNAME environment variable to the name of -the current host [1] as returned by gethostname(2), which is the same as -hostname(1). - -However, on Fedora, from Fedora 33 onwards, /etc/profile sets the -HOSTNAME environment variable to 'hostnamectl --transient' [2], and, -from Fedora 35 onwards, it has a fallback to hostname(1) [3]. These two -approaches return different values when used inside a Toolbx container. -The former picks up the hostname of the host operating system, while the -fallback gets the name that was set when creating the container with -'podman create --hostname toolbox ...'. - -Hence, the value of HOSTNAME inside a Toolbx container for Fedora -depends on whether the corresponding version of the fedora-toolbox image -contained hostnamectl(1) or not. - -[1] https://www.gnu.org/software/bash/manual/html_node/Bash-Variables.html - -[2] setup commit eb9cc4dce89be24f - https://pagure.io/setup/c/eb9cc4dce89be24f - https://bugzilla.redhat.com/show_bug.cgi?id=1745245 - -[3] setup commit ddd74b5d971a734c - https://pagure.io/setup/c/ddd74b5d971a734c - https://pagure.io/setup/pull-request/28 - https://bugzilla.redhat.com/show_bug.cgi?id=1938223 - -https://github.com/containers/toolbox/issues/558 ---- - test/system/220-environment-variables.bats | 126 +++++++++++++++++++++ - 1 file changed, 126 insertions(+) - -diff --git a/test/system/220-environment-variables.bats b/test/system/220-environment-variables.bats -index dd74b1dc5142..5b51d17dee55 100644 ---- a/test/system/220-environment-variables.bats -+++ b/test/system/220-environment-variables.bats -@@ -439,3 +439,129 @@ teardown() { - # shellcheck disable=SC2154 - assert [ ${#stderr_lines[@]} -eq 0 ] - } -+ -+@test "environment variables: HOSTNAME inside the default container" { -+ create_default_container -+ -+ # shellcheck disable=SC2016 -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run bash -c 'echo "$HOSTNAME"' -+ -+ assert_success -+ assert_line --index 0 --regexp "^(toolbox|$HOSTNAME)$" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "environment variables: HOSTNAME inside Arch Linux" { -+ create_distro_container arch latest arch-toolbox-latest -+ -+ # shellcheck disable=SC2016 -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HOSTNAME"' -+ -+ assert_success -+ assert_line --index 0 "toolbox" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "environment variables: HOSTNAME inside Fedora 34" { -+ create_distro_container fedora 34 fedora-toolbox-34 -+ -+ # shellcheck disable=SC2016 -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HOSTNAME"' -+ -+ assert_success -+ assert_line --index 0 "$HOSTNAME" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "environment variables: HOSTNAME inside RHEL 8.7" { -+ create_distro_container rhel 8.7 rhel-toolbox-8.7 -+ -+ # shellcheck disable=SC2016 -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HOSTNAME"' -+ -+ assert_success -+ assert_line --index 0 "toolbox" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "environment variables: HOSTNAME inside Ubuntu 16.04" { -+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04 -+ -+ # shellcheck disable=SC2016 -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 bash -c 'echo "$HOSTNAME"' -+ -+ assert_success -+ assert_line --index 0 "toolbox" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "environment variables: HOSTNAME inside Ubuntu 18.04" { -+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04 -+ -+ # shellcheck disable=SC2016 -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 bash -c 'echo "$HOSTNAME"' -+ -+ assert_success -+ assert_line --index 0 "toolbox" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} -+ -+@test "environment variables: HOSTNAME inside Ubuntu 20.04" { -+ create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04 -+ -+ # shellcheck disable=SC2016 -+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 bash -c 'echo "$HOSTNAME"' -+ -+ assert_success -+ assert_line --index 0 "toolbox" -+ -+ if check_bats_version 1.10.0; then -+ assert [ ${#lines[@]} -eq 1 ] -+ else -+ assert [ ${#lines[@]} -eq 2 ] -+ fi -+ -+ assert [ ${#stderr_lines[@]} -eq 0 ] -+} --- -2.43.0 - diff --git a/toolbox.spec b/toolbox.spec index 8011592..5dea5da 100644 --- a/toolbox.spec +++ b/toolbox.spec @@ -1,7 +1,7 @@ %global __brp_check_rpaths %{nil} Name: toolbox -Version: 0.0.99.5 +Version: 0.0.99.6 %global goipath github.com/containers/%{name} @@ -31,7 +31,7 @@ Version: 0.0.99.5 %endif %endif -Release: 15%{?dist} +Release: 1%{?dist} Summary: Tool for interactive command line environments on Linux License: Apache-2.0 @@ -42,17 +42,16 @@ Source0: https://github.com/containers/%{name}/releases/download/%{version Source1: %{name}.conf # Upstream -Patch0: toolbox-test-system-new.patch -Patch1: toolbox-test-system-Unbreak-Podman-s-downstream-Fedora-CI.patch -Patch2: toolbox-playbooks-test-system-bats-1.11-podman-5.patch +Patch0: toolbox-Unbreak-downstream-Fedora-CI.patch +Patch1: toolbox-Update-fallback-release-to-40-for-non-fedo.patch +Patch2: toolbox-Revert-Work-around-bug-in-past.patch # Fedora specific -Patch100: toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch -Patch101: toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch +Patch100: toolbox-Make-the-build-flags-match-Fedora.patch # RHEL specific -Patch200: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch -Patch201: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch +Patch200: toolbox-Make-the-build-flags-match-RHEL-9.patch +Patch201: toolbox-Make-the-build-flags-match-RHEL-10.patch Patch202: toolbox-Add-migration-paths-for-coreos-toolbox-users.patch BuildRequires: gcc @@ -65,21 +64,27 @@ BuildRequires: systemd BuildRequires: systemd-rpm-macros %if ! 0%{?rhel} BuildRequires: golang(github.com/HarryMichal/go-version) >= 1.0.1 +BuildRequires: golang-ipath(github.com/NVIDIA/go-nvlib) >= 0.6.1 +BuildRequires: golang-ipath(github.com/NVIDIA/go-nvml) >= 0.12.4.0 +BuildRequires: golang-ipath(github.com/NVIDIA/nvidia-container-toolkit) >= 1.16.1 BuildRequires: golang(github.com/acobaugh/osrelease) >= 0.1.0 -BuildRequires: golang(github.com/briandowns/spinner) >= 1.17.0 +BuildRequires: golang(github.com/briandowns/spinner) >= 1.18.0 BuildRequires: golang(github.com/docker/go-units) >= 0.5.0 -BuildRequires: golang(github.com/fsnotify/fsnotify) >= 1.5.1 +BuildRequires: golang(github.com/fsnotify/fsnotify) >= 1.7.0 +BuildRequires: golang(github.com/go-logfmt/logfmt) >= 0.5.0 BuildRequires: golang(github.com/godbus/dbus) >= 5.0.6 -BuildRequires: golang(github.com/sirupsen/logrus) >= 1.8.1 +BuildRequires: golang(github.com/google/renameio/v2) >= 2.0.0 +BuildRequires: golang(github.com/sirupsen/logrus) >= 1.9.3 BuildRequires: golang(github.com/spf13/cobra) >= 1.3.0 BuildRequires: golang(github.com/spf13/viper) >= 1.10.1 -BuildRequires: golang(golang.org/x/sys/unix) >= 0.1.0 +BuildRequires: golang-ipath(golang.org/x/sys) >= 0.22.0 BuildRequires: golang(golang.org/x/text) >= 0.3.8 -BuildRequires: golang(gopkg.in/yaml.v3) >= 3.0.0 +BuildRequires: golang-ipath(gopkg.in/yaml.v3) >= 3.0.1 +BuildRequires: golang-ipath(tags.cncf.io/container-device-interface) >= 0.8.0 BuildRequires: pkgconfig(fish) # for tests # BuildRequires: codespell -# BuildRequires: golang(github.com/stretchr/testify) >= 1.7.0 +# BuildRequires: golang(github.com/stretchr/testify) >= 1.9.0 # BuildRequires: ShellCheck %endif @@ -90,13 +95,14 @@ Requires: podman >= 1.6.4 %if ! 0%{?rhel} Requires: flatpak-session-helper %endif +Requires: shadow-utils-subid%{?_isa} %description Toolbx is a tool for Linux, which allows the use of interactive command line -environments for development and troubleshooting the host operating system, -without having to install software on the host. It is built on top of Podman -and other standard container technologies from OCI. +environments for software development and troubleshooting the host operating +system, without having to install software on the host. It is built on top of +Podman and other standard container technologies from OCI. Toolbx environments have seamless access to the user's home directory, the Wayland and X11 sockets, networking (including Avahi), removable devices (like @@ -109,13 +115,17 @@ Summary: Tests for %{name} Requires: %{name}%{?_isa} = %{version}-%{release} Requires: coreutils +Requires: diffutils +# for gdbus(1) +Requires: glib2 Requires: grep -# for htpasswd +# for htpasswd(1) Requires: httpd-tools Requires: openssl +Requires: python3 Requires: skopeo %if ! 0%{?rhel} -Requires: bats >= 1.7.0 +Requires: bats >= 1.10.0 %endif @@ -125,23 +135,20 @@ The %{name}-tests package contains system tests for %{name}. %prep %setup -q - %patch -P0 -p1 %patch -P1 -p1 %patch -P2 -p1 %if 0%{?fedora} -%ifnarch ppc64 %patch -P100 -p1 -%else -%patch -P101 -p1 -%endif %endif %if 0%{?rhel} -%ifnarch ppc64 +%if 0%{?rhel} == 9 %patch -P200 -p1 -%else +%endif + +%if 0%{?rhel} == 10 %patch -P201 -p1 %endif @@ -187,7 +194,7 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf %files -%doc CODE-OF-CONDUCT.md NEWS README.md SECURITY.md +%doc CODE-OF-CONDUCT.md CONTRIBUTING.md GOALS.md NEWS README.md SECURITY.md %license COPYING %{?rhel:src/vendor/modules.txt} %{_bindir}/%{name} %{_datadir}/bash-completion @@ -206,6 +213,10 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf %changelog +* Fri Oct 04 2024 Debarshi Ray - 0.0.99.6-1 +- Update to 0.0.99.6 +Resolves: RHEL-61579 + * Fri Aug 09 2024 Debarshi Ray - 0.0.99.5-15 - Rebuild for CVE-2024-24791 Resolves: RHEL-47199