diff --git a/.gitignore b/.gitignore index 3d03030..a6ca0b4 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/toolbox-0.0.99.5-vendored.tar.xz +SOURCES/toolbox-0.1.1-vendored.tar.xz diff --git a/.toolbox.metadata b/.toolbox.metadata index 4b7410d..0214c95 100644 --- a/.toolbox.metadata +++ b/.toolbox.metadata @@ -1 +1 @@ -9b8595f66d8dd76636c308426919bb81cba5498a SOURCES/toolbox-0.0.99.5-vendored.tar.xz +6eb68dfe5b1cb7e8653a34d9bf38c68c06d4fa8e SOURCES/toolbox-0.1.1-vendored.tar.xz diff --git a/SOURCES/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch b/SOURCES/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch index 1e3e254..9f470cd 100644 --- a/SOURCES/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch +++ b/SOURCES/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch @@ -1,4 +1,4 @@ -From 4587b6e9240bf936b760e901435c4cfdd9c582b6 Mon Sep 17 00:00:00 2001 +From c25ad44b7cb50d470b1533931b7808cc194f0d50 Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Wed, 18 Aug 2021 17:55:21 +0200 Subject: [PATCH 1/2] cmd/run: Make sosreport work by setting the HOST @@ -10,10 +10,10 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1940037 1 file changed, 1 insertion(+) diff --git a/src/cmd/run.go b/src/cmd/run.go -index e2e31d9da4e6..84ad46518bfc 100644 +index 719c0d6abb20..92a097283f38 100644 --- a/src/cmd/run.go +++ b/src/cmd/run.go -@@ -498,6 +498,7 @@ func constructExecArgs(container, preserveFDs string, +@@ -566,6 +566,7 @@ func constructExecArgs(container, preserveFDs string, execArgs = append(execArgs, envOptions...) execArgs = append(execArgs, []string{ @@ -22,10 +22,10 @@ index e2e31d9da4e6..84ad46518bfc 100644 "--preserve-fds", preserveFDs, }...) -- -2.43.0 +2.46.1 -From 892c33ed75443de90a2caa90959387bbc270c564 Mon Sep 17 00:00:00 2001 +From e7877a4d1d38dc35aa6da6c012ec9a23397b7aa4 Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Fri, 10 Dec 2021 13:42:15 +0100 Subject: [PATCH 2/2] test/system: Update to test the migration path for @@ -42,23 +42,23 @@ ca899c8a561f357ae32c6ba6813520fd8b682abb and the parts of commit create mode 100644 test/system/100-root.bats diff --git a/test/system/002-help.bats b/test/system/002-help.bats -index 695c51f92e7e..5fa4c6fe0b4c 100644 +index a8bfbc2c79d2..5dd14025ea0b 100644 --- a/test/system/002-help.bats +++ b/test/system/002-help.bats -@@ -23,20 +23,6 @@ setup() { - _setup_environment +@@ -33,20 +33,6 @@ teardown() { + cleanup_all } -@test "help: Smoke test" { -- run --keep-empty-lines --separate-stderr "$TOOLBOX" +- run --keep-empty-lines --separate-stderr "$TOOLBX" - - assert_failure - assert [ ${#lines[@]} -eq 0 ] - lines=("${stderr_lines[@]}") - assert_line --index 0 "Error: missing command" -- assert_line --index 2 "create Create a new toolbox container" -- assert_line --index 3 "enter Enter an existing toolbox container" -- assert_line --index 4 "list List all existing toolbox containers and images" +- assert_line --index 2 "create Create a new Toolbx container" +- assert_line --index 3 "enter Enter an existing Toolbx container" +- assert_line --index 4 "list List all existing Toolbx containers and images" - assert_line --index 6 "Run 'toolbox --help' for usage." - assert [ ${#stderr_lines[@]} -eq 7 ] -} @@ -68,7 +68,7 @@ index 695c51f92e7e..5fa4c6fe0b4c 100644 skip "not found man(1)" diff --git a/test/system/100-root.bats b/test/system/100-root.bats new file mode 100644 -index 000000000000..32d87904213e +index 000000000000..cf35d60ac25c --- /dev/null +++ b/test/system/100-root.bats @@ -0,0 +1,27 @@ @@ -80,15 +80,15 @@ index 000000000000..32d87904213e + +setup() { + _setup_environment -+ cleanup_containers ++ cleanup_all +} + +teardown() { -+ cleanup_containers ++ cleanup_all +} + +@test "root: Try to enter the default container with no containers created" { -+ run $TOOLBOX <<< "n" ++ run "$TOOLBX" <<< "n" + + assert_success + assert_line --index 0 "No toolbox containers found. Create now? [y/N] A container can be created later with the 'create' command." @@ -100,5 +100,5 @@ index 000000000000..32d87904213e + skip "Testing of entering toolboxes is not implemented" +} -- -2.43.0 +2.46.1 diff --git a/SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch b/SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch deleted file mode 100644 index 35ecc83..0000000 --- a/SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 4f8b443ab925c84d059d894ddcfcf4dcf66a747e Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags} - for PPC64 - -The Go toolchain also doesn't like the LDFLAGS environment variable as -exported by Fedora's %{meson} RPM macro. - -Note that these flags are only meant for the "ppc64" CPU architecture, -and should be kept updated to match Fedora's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..cae2de426a96 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-}" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,16 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.43.0 - diff --git a/SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch b/SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch deleted file mode 100644 index c290d36..0000000 --- a/SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 3175ef2fab1f61f5784361070ac338dabda3c04e Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags} - -The Go toolchain doesn't like the LDFLAGS environment variable as -exported by Fedora's %{meson} RPM macro. - -Note that these flags are meant for every CPU architecture other than -PPC64, and should be kept updated to match Fedora's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..0e6a2efa6853 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-}" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,17 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -buildmode pie \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.43.0 - diff --git a/SOURCES/toolbox-Make-the-build-flags-match-Fedora.patch b/SOURCES/toolbox-Make-the-build-flags-match-Fedora.patch new file mode 100644 index 0000000..27fd99d --- /dev/null +++ b/SOURCES/toolbox-Make-the-build-flags-match-Fedora.patch @@ -0,0 +1,47 @@ +From 7dc70160c8ff531473004e879dd57ec303789d71 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags} + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match Fedora's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..5978422e9aed 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-}" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.46.1 + diff --git a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-10.patch b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-10.patch new file mode 100644 index 0000000..e43e0eb --- /dev/null +++ b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-10.patch @@ -0,0 +1,71 @@ +From f08f64c0d5f2019055381c3c00426fe8545e5e31 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL 10's %{gobuildflags} + +These reflect the defaults for RHEL 10.0 Beta, because RHEL 10.0 is +still early in its development cycle and the defaults may be in a state +of flux. Some exceptions are mentioned below. + +The '-z pack-relative-relocs' linker flag was left out. It's currently +not supported on s390x, so using it would require architecture specific +patches, which is a hassle. Support for aarch64 was recently added [1], +so hopefully s390x will also be supported soon. + +The change to use the RPM's %{name}, %{version}, %{release} and the +SOURCE_DATE_EPOCH environment variable [2], instead of /dev/urandom, to +generate the build ID annotation for the toolbox(1) binary [2] was left +out. It will need more work to propagate the RPM's %{name}, %{version} +and %{release} to Meson. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL 10's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. + +[1] CentOS Stream redhat-rpm-config commit 3c5a6b17540b2a0b + https://gitlab.com/redhat/centos-stream/rpms/redhat-rpm-config/-/commit/3c5a6b17540b2a0b + https://gitlab.com/redhat/centos-stream/rpms/redhat-rpm-config/-/merge_requests/42 + https://issues.redhat.com/browse/RHEL-40379 + +[2] go-rpm-macros commit 1980932bf3a21890 + https://pagure.io/go-rpm-macros/c/1980932bf3a21890 + https://fedoraproject.org/wiki/Changes/ReproduciblePackageBuilds +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..5978422e9aed 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-}" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.46.1 + diff --git a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-9.patch b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-9.patch new file mode 100644 index 0000000..2c15142 --- /dev/null +++ b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-9.patch @@ -0,0 +1,50 @@ +From ff1320fa869f1e4952836436ab2ad928cbba0987 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL 9's %{gobuildflags} + +These reflect the defaults for RHEL 9.5, because RHEL 9.6 is still early +in its development cycle and the defaults may be in a state of flux. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL 9's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..0a2c7526f210 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-},libtrust_openssl" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.46.1 + diff --git a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch deleted file mode 100644 index d458e9e..0000000 --- a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 721c6b8d3bbbb5d451eaac4d332ddecd48f5ca85 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match RHEL's %{gobuildflags} for - PPC64 - -The Go toolchain also doesn't like the LDFLAGS environment variable as -exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't -like the compressed DWARF data generated by the Go toolchain. - -Note that these flags are only meant for the "ppc64" CPU architecture, -and should be kept updated to match RHEL's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..86f174716608 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-},libtrust_openssl" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,16 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.43.0 - diff --git a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch deleted file mode 100644 index d5d47e4..0000000 --- a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 417dc7a7a378dbab6bbaafc21b9e554b60c9402f Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Mon, 29 Jun 2020 17:57:47 +0200 -Subject: [PATCH] build: Make the build flags match RHEL's %{gobuildflags} - -The Go toolchain doesn't like the LDFLAGS environment variable as -exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't -like the compressed DWARF data generated by the Go toolchain. - -Note that these flags are meant for every CPU architecture other than -PPC64, and should be kept updated to match RHEL's Go guidelines. Use -'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. ---- - src/go-build-wrapper | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/src/go-build-wrapper b/src/go-build-wrapper -index c572d6dfb02b..d39764fda0c1 100755 ---- a/src/go-build-wrapper -+++ b/src/go-build-wrapper -@@ -33,9 +33,9 @@ if ! cd "$1"; then - exit 1 - fi - --tags="" -+tags="-tags rpm_crashtraceback,${BUILDTAGS:-},libtrust_openssl" - if $7; then -- tags="-tags migration_path_for_coreos_toolbox" -+ tags="$tags,migration_path_for_coreos_toolbox" - fi - - if ! libc_dir=$("$5" --print-file-name=libc.so); then -@@ -70,11 +70,17 @@ fi - - dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename" - -+unset LDFLAGS -+ - # shellcheck disable=SC2086 - go build \ -+ -buildmode pie \ -+ -compiler gc \ - $tags \ -- -trimpath \ -- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ -+ -a \ -+ -v \ -+ -x \ - -o "$2/$3" - - exit "$?" --- -2.43.0 - diff --git a/SPECS/toolbox.spec b/SPECS/toolbox.spec index 457a800..da28cd5 100644 --- a/SPECS/toolbox.spec +++ b/SPECS/toolbox.spec @@ -1,7 +1,7 @@ %global __brp_check_rpaths %{nil} Name: toolbox -Version: 0.0.99.5 +Version: 0.1.1 %global goipath github.com/containers/%{name} @@ -20,7 +20,7 @@ Version: 0.0.99.5 %global toolbx_go 1.20 %if 0%{?fedora} -%global toolbx_go 1.22 +%global toolbx_go 1.22.7 %endif %if 0%{?rhel} @@ -28,10 +28,12 @@ Version: 0.0.99.5 %global toolbx_go 1.22.5 %elif 0%{?rhel} == 10 %global toolbx_go 1.22.5 +%elif 0%{?rhel} > 10 +%global toolbx_go 1.23.1 %endif %endif -Release: 5%{?dist} +Release: 1%{?dist} Summary: Tool for interactive command line environments on Linux License: ASL 2.0 @@ -42,12 +44,11 @@ Source0: https://github.com/containers/%{name}/releases/download/%{version Source1: %{name}.conf # Fedora specific -Patch100: toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch -Patch101: toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch +Patch100: toolbox-Make-the-build-flags-match-Fedora.patch # RHEL specific -Patch200: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch -Patch201: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch +Patch200: toolbox-Make-the-build-flags-match-RHEL-9.patch +Patch201: toolbox-Make-the-build-flags-match-RHEL-10.patch Patch202: toolbox-Add-migration-paths-for-coreos-toolbox-users.patch BuildRequires: gcc @@ -60,29 +61,38 @@ BuildRequires: systemd BuildRequires: systemd-rpm-macros %if ! 0%{?rhel} BuildRequires: golang(github.com/HarryMichal/go-version) >= 1.0.1 +BuildRequires: golang-ipath(github.com/NVIDIA/go-nvlib) >= 0.6.1 +BuildRequires: golang-ipath(github.com/NVIDIA/go-nvml) >= 0.12.4.0 +BuildRequires: golang-ipath(github.com/NVIDIA/nvidia-container-toolkit) >= 1.16.2 BuildRequires: golang(github.com/acobaugh/osrelease) >= 0.1.0 -BuildRequires: golang(github.com/briandowns/spinner) >= 1.17.0 +BuildRequires: golang(github.com/briandowns/spinner) >= 1.18.0 BuildRequires: golang(github.com/docker/go-units) >= 0.5.0 -BuildRequires: golang(github.com/fsnotify/fsnotify) >= 1.5.1 +BuildRequires: golang(github.com/fsnotify/fsnotify) >= 1.7.0 +BuildRequires: golang(github.com/go-logfmt/logfmt) >= 0.5.0 BuildRequires: golang(github.com/godbus/dbus) >= 5.0.6 -BuildRequires: golang(github.com/sirupsen/logrus) >= 1.8.1 +BuildRequires: golang(github.com/google/renameio/v2) >= 2.0.0 +BuildRequires: golang(github.com/sirupsen/logrus) >= 1.9.3 BuildRequires: golang(github.com/spf13/cobra) >= 1.3.0 BuildRequires: golang(github.com/spf13/viper) >= 1.10.1 -BuildRequires: golang(golang.org/x/sys/unix) >= 0.1.0 +BuildRequires: golang-ipath(golang.org/x/sys) >= 0.24.0 BuildRequires: golang(golang.org/x/text) >= 0.3.8 -BuildRequires: golang(gopkg.in/yaml.v3) >= 3.0.0 +BuildRequires: golang-ipath(gopkg.in/yaml.v3) >= 3.0.1 +BuildRequires: golang-ipath(tags.cncf.io/container-device-interface) >= 0.8.0 BuildRequires: pkgconfig(fish) # for tests # BuildRequires: codespell -# BuildRequires: golang(github.com/stretchr/testify) >= 1.7.0 +# BuildRequires: golang(github.com/stretchr/testify) >= 1.9.0 # BuildRequires: ShellCheck %endif Recommends: skopeo -Recommends: subscription-manager +%if ! 0%{?rhel} +Recommends: fuse-overlayfs +%endif Requires: containers-common Requires: podman >= 1.6.4 +Requires: shadow-utils-subid%{?_isa} %if ! 0%{?rhel} Requires: flatpak-session-helper %endif @@ -90,9 +100,9 @@ Requires: flatpak-session-helper %description Toolbx is a tool for Linux, which allows the use of interactive command line -environments for development and troubleshooting the host operating system, -without having to install software on the host. It is built on top of Podman -and other standard container technologies from OCI. +environments for software development and troubleshooting the host operating +system, without having to install software on the host. It is built on top of +Podman and other standard container technologies from OCI. Toolbx environments have seamless access to the user's home directory, the Wayland and X11 sockets, networking (including Avahi), removable devices (like @@ -105,12 +115,17 @@ Summary: Tests for %{name} Requires: %{name}%{?_isa} = %{version}-%{release} Requires: coreutils +Requires: diffutils +# for gdbus(1) +Requires: glib2 Requires: grep +# for htpasswd(1) Requires: httpd-tools Requires: openssl +Requires: python3 Requires: skopeo %if ! 0%{?rhel} -Requires: bats >= 1.7.0 +Requires: bats >= 1.10.0 %endif @@ -122,22 +137,20 @@ The %{name}-tests package contains system tests for %{name}. %setup -q %if 0%{?fedora} -%ifnarch ppc64 -%patch100 -p1 -%else -%patch101 -p1 -%endif +%patch -P100 -p1 %endif %if 0%{?rhel} -%ifnarch ppc64 -%patch200 -p1 -%else -%patch201 -p1 +%if 0%{?rhel} == 9 +%patch -P200 -p1 +%endif + +%if 0%{?rhel} >= 10 +%patch -P201 -p1 %endif %if 0%{?rhel} <= 9 -%patch202 -p1 +%patch -P202 -p1 %endif %endif @@ -178,7 +191,7 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf %files -%doc CODE-OF-CONDUCT.md NEWS README.md SECURITY.md +%doc CODE-OF-CONDUCT.md CONTRIBUTING.md GOALS.md NEWS README.md SECURITY.md %license COPYING %{?rhel:src/vendor/modules.txt} %{_bindir}/%{name} %{_datadir}/bash-completion @@ -197,6 +210,14 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf %changelog +* Mon Nov 04 2024 Debarshi Ray - 0.1.1-1 +- Update to 0.1.1 +Resolves: RHEL-61907 + +* Sun Oct 06 2024 Debarshi Ray - 0.0.99.6-1 +- Update to 0.0.99.6 +Resolves: RHEL-61578 + * Fri Aug 09 2024 Debarshi Ray - 0.0.99.5-5 - Rebuild for CVE-2024-24791 Resolves: RHEL-47194