import toolbox-0.0.99.3-4.module+el8.8.0+17272+e09ebca6

2023-01-31 01:16:01 +00:00 · 2023-01-31 01:16:01 +00:00 · c4f8ea8859
parent 3ca6b0b8d5
commit c4f8ea8859
7 changed files with 200 additions and 96 deletions
--- a/.toolbox.metadata
+++ b/.toolbox.metadata
@ -1 +1 @@
-925877d2e970cfbf315174de4ceaa921581abed6 SOURCES/toolbox-0.0.99.3-vendored.tar.xz
+ae6e6ac18c0d350eeabe9392a37ddc70cd60b52f SOURCES/toolbox-0.0.99.3-vendored.tar.xz
--- a/SOURCES/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch
+++ b/SOURCES/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch
@ -0,0 +1,101 @@
 From 565947a7df6f4d18cb2f2d3a172b79391880288a Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <rishi@fedoraproject.org>
 Date: Wed, 18 Aug 2021 17:55:21 +0200
 Subject: [PATCH 1/2] cmd/run: Make sosreport work by setting the HOST
 environment variable
 https://bugzilla.redhat.com/show_bug.cgi?id=1940037
 ---
 src/cmd/run.go | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/src/cmd/run.go b/src/cmd/run.go
 index 5954eac55fad..ca363815d4c9 100644
 --- a/src/cmd/run.go
 +++ b/src/cmd/run.go
@@ -441,6 +441,7 @@ func constructExecArgs(container string,
 	execArgs = append(execArgs, detachKeys...)
 	execArgs = append(execArgs, []string{
 +		"--env", "HOST=/run/host",
 		"--interactive",
 		"--tty",
 		"--user", currentUser.Username,
 -- 
 2.31.1
 From fecbda4c3ea823eb04ebe392a6e1422e8ce8dd41 Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <rishi@fedoraproject.org>
 Date: Fri, 10 Dec 2021 13:42:15 +0100
 Subject: [PATCH 2/2] test/system: Update to test the migration path for
 coreos/toolbox users
 This reverts the changes to the tests made in commit
 411147988b730dabf8b9e761a5426e12d648f008 by restoring commit
 ca899c8a561f357ae32c6ba6813520fd8b682abb and the parts of commit
 3aeb7cf288319e35eb9c5e26ea18d97452462c1e that were removed.
 ---
 test/system/002-help.bats | 11 -----------
 test/system/100-root.bats | 27 +++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 11 deletions(-)
 create mode 100644 test/system/100-root.bats
 diff --git a/test/system/002-help.bats b/test/system/002-help.bats
 index 689f95e472a1..525d44431ee5 100644
 --- a/test/system/002-help.bats
 +++ b/test/system/002-help.bats
@@ -8,17 +8,6 @@ setup() {
   _setup_environment
 }
 -@test "help: Try to run toolbox with no command" {
 -  run $TOOLBOX
 -
 -  assert_failure
 -  assert_line --index 0 "Error: missing command"
 -  assert_line --index 1 "create    Create a new toolbox container"
 -  assert_line --index 2 "enter     Enter an existing toolbox container"
 -  assert_line --index 3 "list      List all existing toolbox containers and images"
 -  assert_line --index 4 "Run 'toolbox --help' for usage."
 -}
 -
 @test "help: Run command 'help'" {
   if ! command -v man 2>/dev/null; then
     skip "Test works only if man is in PATH"
 diff --git a/test/system/100-root.bats b/test/system/100-root.bats
 new file mode 100644
 index 000000000000..32d87904213e
 --- /dev/null
 +++ b/test/system/100-root.bats
@@ -0,0 +1,27 @@
 +#!/usr/bin/env bats
 +
 +load 'libs/bats-support/load'
 +load 'libs/bats-assert/load'
 +load 'libs/helpers'
 +
 +setup() {
 +  _setup_environment
 +  cleanup_containers
 +}
 +
 +teardown() {
 +  cleanup_containers
 +}
 +
 +@test "root: Try to enter the default container with no containers created" {
 +  run $TOOLBOX <<< "n"
 +
 +  assert_success
 +  assert_line --index 0 "No toolbox containers found. Create now? [y/N] A container can be created later with the 'create' command."
 +  assert_line --index 1 "Run 'toolbox --help' for usage."
 +}
 +
 +# TODO: Write the test
 +@test "root: Enter the default container when 1 non-default container is present" {
 +  skip "Testing of entering toolboxes is not implemented"
 +}
 -- 
 2.31.1
--- a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch
+++ b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch
@ -1,4 +1,4 @@
-From a245af969792bafcfa86090c856a06cb23061816 Mon Sep 17 00:00:00 2001
+From 024cf19e52544814cdee80693a6dc12b5a92943c Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <rishi@fedoraproject.org>
 Date: Mon, 29 Jun 2020 17:57:47 +0200
 Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild} for PPC64
@ -20,20 +20,43 @@ Note that these flags are only meant for the "ppc64" CPU architecture,
 and should be kept updated to match RHEL's Go guidelines. Use
 'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro.
 ---
- src/go-build-wrapper | 3 ++-
+ src/go-build-wrapper | 13 +++++++++----
- 1 file changed, 2 insertions(+), 1 deletion(-)
+ 1 file changed, 9 insertions(+), 4 deletions(-)
 diff --git a/src/go-build-wrapper b/src/go-build-wrapper
-index 0d27120da052..ef1a03af750a 100755
+index ef4aafc8b024..00d7e9fca0e0 100755
 --- a/src/go-build-wrapper
 +++ b/src/go-build-wrapper
-@@ -27,5 +27,6 @@ if ! cd "$1"; then
+@@ -32,9 +32,9 @@ if ! cd "$1"; then
     exit 1
 fi
-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox"
+-tags=""
 +tags="-tags rpm_crashtraceback,${BUILDTAGS:-}"
 if $6; then
 -    tags="-tags migration_path_for_coreos_toolbox"
 +    tags="$tags,migration_path_for_coreos_toolbox"
 fi
 if ! libc_dir=$("$4" --print-file-name=libc.so); then
@@ -69,11 +69,16 @@ fi
 dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename"
 +unset LDFLAGS
-+go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox"
+
 # shellcheck disable=SC2086
 go build \
 +        -compiler gc \
         $tags \
 -        -trimpath \
 -        -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" \
 +        -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" \
 +        -a \
 +        -v \
 +        -x \
         -o "$2/toolbox"
 exit "$?"
 -- 
 2.31.1
--- a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch
+++ b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch
@ -1,4 +1,4 @@
-From 05722d2861c23554b9741c059e853da9ab38282e Mon Sep 17 00:00:00 2001
+From 89129bd096c8bfac4ff84fc19726898cc901c1fc Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <rishi@fedoraproject.org>
 Date: Mon, 29 Jun 2020 17:57:47 +0200
 Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild}
@ -20,20 +20,44 @@ Note that these flags are meant for every CPU architecture other than
 PPC64, and should be kept updated to match RHEL's Go guidelines. Use
 'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro.
 ---
- src/go-build-wrapper | 3 ++-
+ src/go-build-wrapper | 14 ++++++++++----
- 1 file changed, 2 insertions(+), 1 deletion(-)
+ 1 file changed, 10 insertions(+), 4 deletions(-)
 diff --git a/src/go-build-wrapper b/src/go-build-wrapper
-index 0d27120da052..f08f3218560a 100755
+index ef4aafc8b024..e82e42ca8151 100755
 --- a/src/go-build-wrapper
 +++ b/src/go-build-wrapper
-@@ -27,5 +27,6 @@ if ! cd "$1"; then
+@@ -32,9 +32,9 @@ if ! cd "$1"; then
     exit 1
 fi
-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox"
+-tags=""
 +tags="-tags rpm_crashtraceback,${BUILDTAGS:-}"
 if $6; then
 -    tags="-tags migration_path_for_coreos_toolbox"
 +    tags="$tags,migration_path_for_coreos_toolbox"
 fi
 if ! libc_dir=$("$4" --print-file-name=libc.so); then
@@ -69,11 +69,17 @@ fi
 dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename"
 +unset LDFLAGS
-+go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox"
+
 # shellcheck disable=SC2086
 go build \
 +        -buildmode pie \
 +        -compiler gc \
         $tags \
 -        -trimpath \
 -        -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" \
 +        -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" \
 +        -a \
 +        -v \
 +        -x \
         -o "$2/toolbox"
 exit "$?"
 -- 
 2.31.1
--- a/SOURCES/toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch
+++ b/SOURCES/toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch
@ -1,44 +0,0 @@
 From 6b47ff61936d2b602d29b229b079bda00dadad7e Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <rishi@fedoraproject.org>
 Date: Thu, 2 Sep 2021 14:57:37 +0200
 Subject: [PATCH] cmd/root: Suggest a way forward if coreos/toolbox was used
 github.com/coreos/toolbox bind mounts the entire /run from the host
 operating system into the toolbox container. Due to this, when run
 rootful, the /run/.containerenv created by Podman inside the container
 is also seen on the host. This confuses Toolbox into thinking that it's
 running inside a container, even when it's running on the host.
 This is an attempt to differentiate between a toolbox container and
 the host by looking at the 'container' environment variable, so that
 the user can be presented with a more helpful error message.
 https://bugzilla.redhat.com/show_bug.cgi?id=1998191
 ---
 src/cmd/root.go | 10 ++++++++++
 1 file changed, 10 insertions(+)
 diff --git a/src/cmd/root.go b/src/cmd/root.go
 index 5e6f5874a469..139609592218 100644
 --- a/src/cmd/root.go
 +++ b/src/cmd/root.go
@@ -130,6 +130,16 @@ func preRun(cmd *cobra.Command, args []string) error {
 	if toolboxPath == "" {
 		if utils.IsInsideContainer() {
 +			if containerType := os.Getenv("container"); containerType == "" {
 +				var builder strings.Builder
 +				fmt.Fprintf(&builder, "/run/.containerenv found on what looks like the host\n")
 +				fmt.Fprintf(&builder, "If this is the host, then remove /run/.containerenv and try again.\n")
 +				fmt.Fprintf(&builder, "Otherwise, contact your system administrator or file a bug.")
 +
 +				errMsg := builder.String()
 +				return errors.New(errMsg)
 +			}
 +
 			return errors.New("TOOLBOX_PATH not set")
 		}
 -- 
 2.31.1
--- a/SOURCES/toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch
+++ b/SOURCES/toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch
@ -1,26 +0,0 @@
 From 786c5065c73703ef46e13905a4672f1b4918310a Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <rishi@fedoraproject.org>
 Date: Wed, 18 Aug 2021 17:55:21 +0200
 Subject: [PATCH] cmd/run: Make sosreport work by setting the HOST environment
 variable
 https://bugzilla.redhat.com/show_bug.cgi?id=1940037
 ---
 src/cmd/run.go | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/src/cmd/run.go b/src/cmd/run.go
 index e8e96932415e..188f0f2394df 100644
 --- a/src/cmd/run.go
 +++ b/src/cmd/run.go
@@ -443,6 +443,7 @@ func constructExecArgs(container string,
 	execArgs = append(execArgs, detachKeys...)
 	execArgs = append(execArgs, []string{
 +		"--env", "HOST=/run/host",
 		"--interactive",
 		"--tty",
 		"--user", currentUser.Username,
 -- 
 2.31.1
--- a/SPECS/toolbox.spec
+++ b/SPECS/toolbox.spec
@ -1,3 +1,5 @@
 %global __brp_check_rpaths %{nil}
 # RHEL's RPM toolchain doesn't like the compressed DWARF data generated by the
 # Go toolchain.
 %global _dwz_low_mem_die_limit 0
@ -9,11 +11,11 @@ Version:       0.0.99.3
 %global goipath github.com/containers/%{name}
 %gometa
-Release:       0.5%{?dist}
+Release:       4%{?dist}
-Summary:       Unprivileged development environment
+Summary:       Tool for containerized command line environments on Linux
 License:       ASL 2.0
-URL:           https://github.com/containers/%{name}
+URL:           https://containertoolbx.org/
 # https://github.com/containers/%%{name}/releases/download/%%{version}/%%{name}-%%{version}.tar.xz
 # A vendored tarball was created from the upstream tarball:
@ -25,17 +27,16 @@ Source1:       %{name}.conf
 # RHEL specific
 Patch100:      toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch
 Patch101:      toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch
-Patch102:      toolbox-cmd-run-Make-sosreport-work-by-setting-the-HOST-envi.patch
+Patch102:      toolbox-Add-migration-paths-for-coreos-toolbox-users.patch
 Patch103:      toolbox-cmd-root-Suggest-a-way-forward-if-coreos-toolbox-was.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1905383
 ExcludeArch:   %{ix86}
-BuildRequires: golang >= 1.17.7
+BuildRequires: golang >= 1.19.1
-BuildRequires: go-md2man
+BuildRequires: /usr/bin/go-md2man
-BuildRequires: meson
+BuildRequires: meson >= 0.58.0
 BuildRequires: pkgconfig(bash-completion)
-BuildRequires: systemd
+BuildRequires: systemd-rpm-macros
 Requires:      containers-common
 Requires:      podman >= 1.4.0
@ -51,6 +52,10 @@ other standard container technologies from OCI.
 Summary:       Tests for %{name}
 Requires:      %{name}%{?_isa} = %{version}-%{release}
 Requires:      coreutils
 Requires:      gawk
 Requires:      grep
 Requires:      skopeo
 %description   tests
 The %{name}-tests package contains system tests for %{name}.
@ -66,7 +71,6 @@ The %{name}-tests package contains system tests for %{name}.
 %endif
 %patch102 -p1
 %patch103 -p1
 # %%gomkdir is absent from RHEL 8.
 GOBUILDDIR="$(pwd)/_build"
@ -89,7 +93,13 @@ export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_
 ln -s src/cmd cmd
 ln -s src/pkg pkg
 ln -s src/vendor vendor
-%meson --buildtype=plain -Dprofile_dir=%{_sysconfdir}/profile.d
+
 %meson \
    --buildtype=plain \
    -Dmigration_path_for_coreos_toolbox=true \
    -Dprofile_dir=%{_sysconfdir}/profile.d \
    -Dtmpfiles_dir=%{_tmpfilesdir}
 %meson_build
@ -114,6 +124,22 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf
 %changelog
 * Mon Nov 07 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-4
 - Rebuild for CVE-2022-27664 and CVE-2022-32189
 Resolves: #2116761, #2126749
 * Mon Nov 07 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-3
 - Rebuild for CVE-2022-1705, CVE-2022-30630, CVE-2022-30631 and CVE-2022-30632
 Resolves: #2111827
 * Mon Nov 07 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-2
 - Update to 0.0.99.3
 - BuildRequire only systemd-rpm-macros as recommended by the Fedora packaging
  guidelines
 - Update the Summary to match upstream
 - Update the URL to point to the website
 Resolves: #2115089
 * Fri Apr 08 2022 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-0.5
 - bump golang BR to 1.17.7
 - Related: #2061390
`@ -1 +1 @@`
	`925877d2e970cfbf315174de4ceaa921581abed6 SOURCES/toolbox-0.0.99.3-vendored.tar.xz`	`ae6e6ac18c0d350eeabe9392a37ddc70cd60b52f SOURCES/toolbox-0.0.99.3-vendored.tar.xz`