Merge remote-tracking branch 'starlingx/master' into f/centos8

Change-Id: I30c64c29079a3478555cf1e5d19c9eb92ceec093
Signed-off-by: Saul Wold <sgw@linux.intel.com>
This commit is contained in:
Saul Wold 2020-02-06 11:59:20 -08:00
commit a3267c2016
77 changed files with 354 additions and 4704 deletions

View File

@ -1,5 +0,0 @@
TAR_NAME=cgcs-users
VERSION=1.0
COPY_LIST="${CGCS_BASE}/downloads/ibsh-0.3e.tar.gz \
${PKG_BASE}/${TAR_NAME}-${VERSION}/*"
TIS_PATCH_VER=2

View File

@ -1,86 +0,0 @@
%define _bindir /bin
Summary: ibsh Iron Bar Shell
Name: cgcs-users
Version: 1.0
Release: 0%{?_tis_dist}.%{tis_patch_ver}
License: GPLv2+
Packager: Wind River <info@windriver.com>
Source0: ibsh-0.3e.tar.gz
Source1: admin.cmds
Source2: admin.xtns
Source3: operator.cmds
Source4: operator.xtns
Source5: secadmin.cmds
Source6: secadmin.xtns
Source7: LICENSE
Patch1: ibsh-0.3e.patch
Patch2: ibsh-0.3e-cgcs.patch
Patch3: ibsh-0.3e-cgcs-copyright.patch
%description
CGCS add default users types
%package -n cgcs-users-devel
Summary: ibsh Iron Bar Shell - Development files
Group: devel
%description -n cgcs-users-devel
This package contains symbolic links, header files, and related items
necessary for software development.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%build
make %{?_smp_mflags} ibsh
%install
rm -rf ${RPM_BUILD_ROOT}
mkdir -p ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/cmds
mkdir -p ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/xtns
cp globals.cmds ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/
cp globals.xtns ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/
cp ${RPM_SOURCE_DIR}/admin.cmds ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/cmds/
cp ${RPM_SOURCE_DIR}/admin.xtns ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/xtns/
cp ${RPM_SOURCE_DIR}/operator.cmds ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/cmds/
cp ${RPM_SOURCE_DIR}/operator.xtns ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/xtns/
cp ${RPM_SOURCE_DIR}/secadmin.cmds ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/cmds/
cp ${RPM_SOURCE_DIR}/secadmin.xtns ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/xtns/
install -d 755 ${RPM_BUILD_ROOT}%{_bindir}
install -m 755 ibsh ${RPM_BUILD_ROOT}%{_bindir}/ibsh
%clean
rm -rf ${RPM_SOURCE_DIR}
%post
chown root ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh
chgrp root ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh
chown root:root ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/globals.*
chown root:root ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/cmds/admin.cmds
chown root:root ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/cmds/operator.cmds
chown root:root ${RPM_BUILD_ROOT}/%{_sysconfdir}/ibsh/cmds/secadmin.cmds
%files
%defattr(-,root,root,-)
%dir %{_sysconfdir}/ibsh
%dir %{_sysconfdir}/ibsh/cmds
%dir %{_sysconfdir}/ibsh/xtns
%{_sysconfdir}/ibsh/globals.cmds
%{_sysconfdir}/ibsh/globals.xtns
%{_sysconfdir}/ibsh/cmds/secadmin.cmds
%{_sysconfdir}/ibsh/cmds/operator.cmds
%{_sysconfdir}/ibsh/cmds/admin.cmds
%{_sysconfdir}/ibsh/xtns/operator.xtns
%{_sysconfdir}/ibsh/xtns/admin.xtns
%{_sysconfdir}/ibsh/xtns/secadmin.xtns
%{_bindir}/ibsh
%files -n cgcs-users-devel
%defattr(-,root,root,-)

View File

@ -1,346 +0,0 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License;
they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims;
this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system;
it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation;
we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty;
and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions;
type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Library General
Public License instead of this License.

View File

@ -1,11 +0,0 @@
# Add any commands the user may execute. Even shell commands.
# You have to allow logout and/or exit, so the user can logout!
# cd and pwd should also be allowed. Note: other shell builtin
# commands are not yet implemented!
nova
system
neutron
cinder
glance
ceilometer
heat

View File

@ -1,6 +0,0 @@
# Add any extension the user may use.
.doc
.txt
.tgz
.tar

View File

@ -1,26 +0,0 @@
diff --git a/config.c b/config.c
index c1087a5..add7c53 100644
--- a/config.c
+++ b/config.c
@@ -6,6 +6,8 @@
This file is part of IBSH (Iron Bars Shell) , a restricted Unix shell
Copyright (C) 2005 Attila Nagyidai
+ Copyright(c) 2013-2017 Wind River Systems, Inc. All rights reserved.
+
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
diff --git a/main.c b/main.c
index cf3ae9e..6cda04e 100644
--- a/main.c
+++ b/main.c
@@ -6,6 +6,8 @@
This file is part of IBSH (Iron Bars Shell) , a restricted Unix shell
Copyright (C) 2005 Attila Nagyidai
+ Copyright(c) 2013-2017 Wind River Systems, Inc. All rights reserved.
+
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2

View File

@ -1,84 +0,0 @@
Index: cgcs-users-1.0-r0/main.c
===================================================================
--- cgcs-users-1.0-r0.orig/main.c
+++ cgcs-users-1.0-r0/main.c
@@ -37,6 +37,7 @@
/* Header files */
#include "ibsh.h"
+#include "stdlib.h"
/* Main: */
/* Handle arguments, read config files, start command processing. */
@@ -57,13 +58,28 @@
/* use our builtin code, otherwise use execve. After execve, check if the user didnt */
/* use the last command to create some illegal content. If yes, erase that. Give the */
/* notice only afterwards. */
+
+void ALRMhandler(int sig) {
+ OPENLOG;
+ syslog(LOG_INFO, "CLI timeout, user %s has logged out.", loggedin.uname);
+ CLOSELOG;
+ exit(0);
+}
+
int main(int argc, char **argv)
{
char temp[STRING_SIZE], *buf;
struct stat info;
uid_t ruid, euid;
gid_t rgid, egid;
+ unsigned int tout_cli = 0;
+ const char* tout = getenv("TMOUT");
+ if (tout)
+ tout_cli = atoi(tout);
+ else
+ //default to 5 mins
+ tout_cli = 300;
/* setuid protection */
ruid = getuid();
@@ -107,6 +123,7 @@ int main(int argc, char **argv)
signal( SIGQUIT, SIG_IGN );
signal( SIGTERM, SIG_IGN );
signal( SIGTSTP, SIG_IGN );
+ signal( SIGALRM, ALRMhandler );
LoadConfig();
/* Command mode */
@@ -144,6 +161,7 @@ int main(int argc, char **argv)
/* will be allowed to run, unless it is mentioned in the */
/* config files. Files that are created with an extension */
/* that is listed in the other config file, must be deleted! */
+ alarm(tout_cli);
for ( ; ; ) {
/* Where is he ? */
getcwd(real_path, STRING_SIZE);
@@ -153,12 +171,12 @@ int main(int argc, char **argv)
}
/* We don't want the user to know where he actually is. */
/* This is the prompt! */
- printf("[%s]%% ", jail_path);
+ printf("[%s]%% ", loggedin.uname);
/* scanf("%s", user_command); */
myscanf(user_command, real_path);
+ alarm(tout_cli);
/* Command interpretation and execution. */
if ( (CommandOK(user_command, loggedin.udir, jail_path, filtered_command)) == 0 ) {
- printf("Sorry, can't let you do that!\n");
log_attempt(loggedin.uname); /* v0.2a */
continue;
}
Index: cgcs-users-1.0-r0/config.c
===================================================================
--- cgcs-users-1.0-r0.orig/config.c
+++ cgcs-users-1.0-r0/config.c
@@ -166,7 +166,6 @@ int LoadConfig( void )
// Delete '\n'
tmp2[i][strlen(tmp2[i]) - 1] = '\0';
strncpy(extensions[i],tmp2[i],strlen(tmp2[i]));
- printf("EXTENSIONS %s\n",extensions[i]);
i++;
}
}

View File

@ -1,860 +0,0 @@
Index: cgcs-users-1.0-r0/AUTHORS.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/AUTHORS.orig
@@ -0,0 +1,15 @@
+AUTHORS OF PROJECT IBSH
+
+Attila Nagyidai <attila at ibsh.net>
+ * Original program author, project admin, developer.
+
+Shy <shy at ibsh.net>
+ * Developer, debugger, tester, and many more.
+
+Witzy <witzy at ibsh.net>
+ * Developer, debugger, tester, and many more.
+
+http://www.ibsh.net
+irc:
+irc.freenode.net #ibsh
+irc.geek-power.org #ibsh
Index: cgcs-users-1.0-r0/BUGS.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/BUGS.orig
@@ -0,0 +1,19 @@
+** Open BUGS **
+None, so far.
+
+** Fixed BUGS **
+- Input length checking on all inputs, string copies, etc. is fixed.
+- The myscanf function will no longer accept more then 80 chars at once,
+so ibsh hopefully wont crash on a too long input.
+- Added signal.h in the header file, the lack of it caused compilation
+problems on some systems.
+- Fixed the infinite loop in DelBadFiles. This function is temporarily
+taken out of the project
+- Removed the involvment of /bin/sh from system. Added path checking.
+- In jail root, not only ../ is not allowed, but .. too.
+- Fixed a bug, that happened on bsd, when the user pressed ^D.
+- Fixed a bug with opendir
+- Fixed a format string vulnerability in logprintbadfile(). Thanks to
+Kim Streich for the report.
+
+2005.05.23
Index: cgcs-users-1.0-r0/ChangeLog.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/ChangeLog.orig
@@ -0,0 +1,34 @@
+0.3e - a buffer overflow and a string bug, both found by RazoR (Nikolay Alexandrov), fixed.
+0.3d - a format string vulnerability, found by Kim Streich, is fixed.
+0.3b-0.3c - bugfixes.
+0.3a - The admin has the opportunity, to create separate cmds file for each user.
+ This way the sysadmin has complete control over sensitive applications, which
+ should only be allowed to a selected few.
+ - The admin has the opportunity, to create separate xtns file for each user.
+ - The extensions policy has been changed. Now both globals.xtns and the user
+ extension files will list the extensions, that are _allowed_ ! In earlier versions,
+ the forbidden extensions were listed, that is allow everything, except to deny a few.
+ From this version on, it's deny everything, except allow the ones, listed in these files.
+ - While the code for the search of illegal/dangerous material stored in user space is
+ back, it will not erase any files any more. Instead, it will remove all
+ rights from that file, so it can not be executed, or read. Files, with the +x bit set,
+ will be chmodded to -x. This is another "defense line" to stop the user to execute
+ programs, stored in user space.
+ - The access to all linux binaries, and source code files, stored in user space, if any,
+ will be blocked.
+ - Absolute path for restricted users can not be longer then 255 characters. All files,
+ that are longer (with full path), will be renamed.
+ - Minor bug fixes.
+
+0.2a - Major bug fixes.
+ - User activities are logged with syslog.
+ - hhsytem revised, hardened. /bin/sh isnt involved anymore into program starting.
+ If the home directory is in the PATH, it's ignored.
+ - erasing illegal content is temporarily suspended and removed.
+
+0.1b - Major bug fixes.
+ - The config files are accidentally missing from this release!
+
+0.1a - The first version of the program.
+
+2005.05.23.
Index: cgcs-users-1.0-r0/CONTRIBUTORS.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/CONTRIBUTORS.orig
@@ -0,0 +1,7 @@
+CONTRIBUTORS TO PROJECT IBSH
+
+Kim Streich <kstreich at gmail.com>
+ * bug finder, debugger, tester.
+
+RazoR (Nikolay Alexandrov) <Nikolay@Alexandrov.ws>
+ * bug finder, debugger, tester.
Index: cgcs-users-1.0-r0/COPYING.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/COPYING.orig
@@ -0,0 +1,340 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+ 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it. (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.) You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must show them these terms so they know their
+rights.
+
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary. To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ GNU GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License. The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language. (Hereinafter, translation is included without limitation in
+the term "modification".) Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+ 1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+ 2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) You must cause the modified files to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ b) You must cause any work that you distribute or publish, that in
+ whole or in part contains or is derived from the Program or any
+ part thereof, to be licensed as a whole at no charge to all third
+ parties under the terms of this License.
+
+ c) If the modified program normally reads commands interactively
+ when run, you must cause it, when started running for such
+ interactive use in the most ordinary way, to print or display an
+ announcement including an appropriate copyright notice and a
+ notice that there is no warranty (or else, saying that you provide
+ a warranty) and that users may redistribute the program under
+ these conditions, and telling the user how to view a copy of this
+ License. (Exception: if the Program itself is interactive but
+ does not normally print such an announcement, your work based on
+ the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+ a) Accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of Sections
+ 1 and 2 above on a medium customarily used for software interchange; or,
+
+ b) Accompany it with a written offer, valid for at least three
+ years, to give any third party, for a charge no more than your
+ cost of physically performing source distribution, a complete
+ machine-readable copy of the corresponding source code, to be
+ distributed under the terms of Sections 1 and 2 above on a medium
+ customarily used for software interchange; or,
+
+ c) Accompany it with the information you received as to the offer
+ to distribute corresponding source code. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form with such
+ an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it. For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable. However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License. Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+ 5. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Program or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+ 6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+ 7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all. For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded. In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+ 9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+ 10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+ NO WARRANTY
+
+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+ Gnomovision version 69, Copyright (C) year name of author
+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+ <signature of Ty Coon>, 1 April 1989
+ Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs. If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library. If this is what you want to do, use the GNU Library General
+Public License instead of this License.
Index: cgcs-users-1.0-r0/COPYRIGHT.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/COPYRIGHT.orig
@@ -0,0 +1,17 @@
+This file is part of IBSH (Iron Bars Shell) , a restricted Unix shell
+Copyright (C) 2005 Attila Nagyidai
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
Index: cgcs-users-1.0-r0/INSTALL.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/INSTALL.orig
@@ -0,0 +1,23 @@
+Installing ibsh is really easy, so no need for the usual sections
+in this document. There is no configure script either, so if
+something wrong, make will fail.
+
+# make ibsh
+# make ibsh_install
+
+Optionally:
+
+# make clean
+
+
+To uninstall ibsh:
+
+# make ibsh_uninstall
+
+
+Of course you will have to enable this shell by:
+# echo /bin/ibsh >> /etc/shells
+or however you like it.
+And make sure the permissions read 0755 !
+
+2005.03.24.
Index: cgcs-users-1.0-r0/main.c.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/main.c.orig
@@ -0,0 +1,233 @@
+/*
+ Created: 03.19.05 11:34:57 by Attila Nagyidai
+
+ $Id: C\040Console.c,v 1.1.2.1 2003/08/13 00:38:46 neum Exp $
+
+ This file is part of IBSH (Iron Bars Shell) , a restricted Unix shell
+ Copyright (C) 2005 Attila Nagyidai
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+ Author: Attila Nagyidai
+ Email: na@ent.hu
+
+ Co-Author: Shy
+ Email: shy@cpan.org
+
+ Co-Author: Witzy
+ Email: stazzz@altern.org
+
+ URL: http://ibsh.sourceforge.net
+ IRC: irc.freenode.net #ibsh
+ RSS, Statistics, etc: http://sourceforge.net/projects/ibsh/
+
+*/
+
+/* Header files */
+#include "ibsh.h"
+
+/* Main: */
+/* Handle arguments, read config files, start command processing. */
+/* IBSH doesnt use any command line arguments, but my text editor */
+/* uses this code in all new c files to create. And i didnt have the */
+/* heart to remove it. ;p */
+/* Technical Description: */
+/* Get the passwd entry for the user. The uid is easily aquired, since */
+/* it is the real user id. After that, grab the passwd file entry upon */
+/* the id, and copy the information to the loggedin struct. */
+/* Add some signal handlers too. */
+/* The infinite loop: */
+/* Get the current directory, the full path. Compute the jailpath from that, */
+/* that is the directories below the users homedir, which is the jail root. */
+/* The jail ceiling if you like. Print some prompt to the user with the jailpath, */
+/* and read stdin for incoming commands. Filter out the bad commands, typos, the */
+/* not allowed commands. It the command is ok, execute it. If it is a shell builtin, */
+/* use our builtin code, otherwise use execve. After execve, check if the user didnt */
+/* use the last command to create some illegal content. If yes, erase that. Give the */
+/* notice only afterwards. */
+int main(int argc, char **argv)
+{
+ char temp[STRING_SIZE], *buf;
+ struct stat info;
+ uid_t ruid, euid;
+ gid_t rgid, egid;
+
+
+ /* setuid protection */
+ ruid = getuid();
+ euid = geteuid();
+ rgid = getgid();
+ egid = getegid();
+ if ( (ruid!=euid) || (ruid==0) || (euid==0) || (rgid!=egid) || (rgid==0) || (egid==0) ) {
+ OPENLOG;
+ syslog(LOG_ERR, "setuid/setgid violation!");
+ CLOSELOG;
+ printf("ibsh: setuid/setgid violation!! exiting...\n");
+#ifdef DEBUG
+ printf("ruid: %d;euid: %d;rgid: %d;egid: %d\n", ruid,euid,rgid,egid);
+#endif
+ exit(0);
+ }
+
+ /* To Do: The code of your application goes here */
+ /* First part: */
+ /* Get essential information about the user who got this shell: */
+ /* first the username, then the user id. Upon this, retrieve the */
+ /* user's record in the passwd file. */
+ bzero(&loggedin, sizeof(loggedin));
+ loggedin.uid = getuid();
+ loggedin.record = getpwuid(loggedin.uid);
+ if ( loggedin.record == NULL ) {
+ loggedin.record = getpwnam(loggedin.uname);
+ if ( loggedin.record == NULL ) {
+ openlog(loggedin.uname, LOG_PID, LOG_AUTH);
+ syslog(LOG_ERR, "Can not obtain user information");
+ printf("Can not obtain user information\n");
+ closelog();
+ exit(0);
+ }
+ }
+ strncpy(loggedin.uname, loggedin.record->pw_name, PAM_SIZE);
+ strncpy(loggedin.udir, loggedin.record->pw_dir, STRING_SIZE);
+
+ /* Second part: */
+ /* Handle some signal catching. Read the configuration files. */
+ signal( SIGINT, SIG_IGN );
+ signal( SIGQUIT, SIG_IGN );
+ signal( SIGTERM, SIG_IGN );
+ signal( SIGTSTP, SIG_IGN );
+ LoadConfig();
+
+ /* Command mode */
+ if(argc == 3) {
+ if ( argv[1][1] == 'c' ) {
+ if ( CommandOK(argv[2], loggedin.udir, "/", filtered_command) == 1) {
+ exitcode = hhsystem(filtered_command);
+ OPENLOG;
+ syslog(LOG_INFO, "command %s ordered, command %s has been executed.",
+ argv[2], filtered_command);
+ printf("command %s ordered, command %s has been executed.\n",
+ argv[2], filtered_command);
+ CLOSELOG;
+ exit(exitcode);
+ }
+ printf("CommandOK failed (%s/%s)\n", loggedin.udir, filtered_command);
+ exit(0);
+ }
+ else {
+ printf("Invalid are (%s)\n", argv[1]);
+ exit(0);
+ }
+ }
+
+ OPENLOG;
+ syslog(LOG_INFO, "user %s has logged in.", loggedin.uname);
+ CLOSELOG;
+
+
+#ifdef INCLUDE_DELETE_BAD_FILES
+ DelBadFiles(loggedin.udir);
+#endif
+ if ( chdir (loggedin.udir) < 0 )
+ return -1;
+
+
+ /* Third part: */
+ /* Start reading and processing the user issued commands. */
+ /* Split the command by the spaces, filter out anything, */
+ /* that would allow the user to access files outside the */
+ /* jail. Filter out multiples and pipes as well. No program */
+ /* will be allowed to run, unless it is mentioned in the */
+ /* config files. Files that are created with an extension */
+ /* that is listed in the other config file, must be deleted! */
+ for ( ; ; ) {
+ /* Where is he ? */
+ if ( getcwd(real_path, STRING_SIZE) == NULL )
+ return -1;
+ GetPositionInJail(real_path, loggedin.udir, jail_path);
+ if ( (strlen(jail_path)) == 0 ) {
+ strncpy(jail_path, "/", 2);
+ }
+ /* We don't want the user to know where he actually is. */
+ /* This is the prompt! */
+ printf("[%s]%% ", jail_path);
+ /* scanf("%s", user_command); */
+ myscanf(user_command, real_path);
+ /* Command interpretation and execution. */
+ if ( (CommandOK(user_command, loggedin.udir, jail_path, filtered_command)) == 0 ) {
+ printf("Sorry, can't let you do that!\n");
+ log_attempt(loggedin.uname); /* v0.2a */
+ continue;
+ }
+ /* If the user issued command starts with a shell builtin. */
+ bzero(temp, strlen(temp));
+ if ( (buf = strstr(filtered_command, "cd")) != NULL ) {
+ if ( (strcmp(buf, filtered_command)) == 0 ) {
+ LTrim3(filtered_command, temp);
+ if ( (strcmp(temp, real_path)) != 0 ) {
+ if ( (strcmp(temp, "..")) == 0 ) {
+ PathMinusOne(jail_path, temp, 1,sizeof(temp));
+ }
+ if ( (strcmp(temp, "/")) == 0 ) {
+ strncpy(temp, loggedin.udir, LINE_SIZE);
+ }
+ exitcode = chdir(temp);
+ if ( exitcode == -1 ) {
+ printf("ibsh: cd: %s: No such file or directory\n", temp);
+ }
+ }
+ continue;
+ }
+ }
+ else if ( (buf = strstr(filtered_command, "pwd")) != NULL ) {
+ if ( (strcmp(buf, filtered_command)) == 0 ) {
+ printf("%s\n", jail_path);
+ continue;
+ }
+ }
+ else if ( (buf = strstr(filtered_command, "logout")) != NULL ) {
+ if ( (strcmp(buf, filtered_command)) == 0 ) {
+ OPENLOG;
+ syslog(LOG_INFO, "user %s has logged out.", loggedin.uname);
+ CLOSELOG;
+ break;
+ }
+ }
+ else if ( (buf = strstr(filtered_command, "exit")) != NULL ) {
+ if ( (strcmp(buf, filtered_command)) == 0 ) {
+ OPENLOG;
+ syslog(LOG_INFO, "user %s has logged out.", loggedin.uname);
+ printf("user %s has logged out\n", loggedin.uname);
+ CLOSELOG;
+ break;
+ }
+ }
+ else {
+ exitcode = hhsystem(filtered_command);
+ if ( exitcode < 0 ) {
+ printf("%s\n", strerror(errno));
+ }
+ }
+ if ( getcwd(real_path, STRING_SIZE) == NULL )
+ return -1;
+#ifdef INCLUDE_BAD_FILES
+ DelBadFiles(loggedin.udir);
+#endif
+ if ( chdir (real_path) < 0 )
+ return 1;
+ }
+ return 0;
+}
+
Index: cgcs-users-1.0-r0/Makefile.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/Makefile.orig
@@ -0,0 +1,56 @@
+# This is the makefile for ibsh 0.3e
+CC = gcc -g -O3
+OBJECTS = main.o command.o jail.o execute.o config.o misc.o antixploit.o delbadfiles.o
+
+all ibsh: ${OBJECTS} ibsh.h
+ ${CC} -o ibsh ${OBJECTS}
+
+main.o: main.c ibsh.h
+ ${CC} -c main.c
+
+command.o: command.c ibsh.h
+ ${CC} -c command.c
+
+jail.o: jail.c ibsh.h
+ ${CC} -c jail.c
+
+execute.o: execute.c ibsh.h
+ ${CC} -c execute.c
+
+config.o: config.c ibsh.h
+ ${CC} -c config.c
+
+misc.o: misc.c ibsh.h
+ ${CC} -c misc.c
+
+antixploit.o: antixploit.c ibsh.h
+ ${CC} -c antixploit.c
+
+delbadfiles.o: delbadfiles.c ibsh.h
+ ${CC} -c delbadfiles.c
+
+ibsh_install:
+ cp ./ibsh /bin/
+ mkdir /etc/ibsh
+ mkdir /etc/ibsh/cmds
+ mkdir /etc/ibsh/xtns
+ cp ./globals.cmds /etc/ibsh/
+ cp ./globals.xtns /etc/ibsh/
+
+ibsh_uninstall:
+ rm -rf /etc/ibsh/globals.cmds
+ rm -rf /etc/ibsh/globals.xtns
+ rm -rf /etc/ibsh/cmds/*.*
+ rm -rf /etc/ibsh/xtns/*.*
+ rmdir /etc/ibsh/cmds
+ rmdir /etc/ibsh/xtns
+ rmdir /etc/ibsh
+ rm -rf /bin/ibsh
+
+clean:
+ rm -rf ibsh
+ rm -rf *.o
+
+
+# 13:49 2005.04.06.
+
Index: cgcs-users-1.0-r0/README.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/README.orig
@@ -0,0 +1,29 @@
+ Iron Bars SHell - a restricted interactive shell.
+
+Overview
+
+ For long i have been in the search of a decent restricted shell, but in vain.
+ The few i found, were really easy to hack, and there were quite a few docs
+ around on the web about hacking restricted shells with a menu interface.
+ For my definitions, a restricted shell must not only prevent the user to
+ escape her jail, but also not to access any files outside the jail.
+ The system administrator must have total control over the restricted shell.
+ These are the major features incorporated and realized by ibsh.
+
+
+Features
+
+ Please read the changelog.
+
+
+Installation
+
+ Read the INSTALL file.
+
+
+Contact
+ See Authors file.
+
+
+Attila Nagyidai
+2005.05.23.
Index: cgcs-users-1.0-r0/Release.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/Release.orig
@@ -0,0 +1,17 @@
+This release introduces minor bugfixes, and important new and renewed features.
+Erasing evil files in the home directory of the user is incorporated again, with
+many improvements. First of all: no file will be erased! Only the access to them
+will be blocked. The extension policy has changed, now ibsh blocks those extensions,
+that are NOT listed. This goes in sync with the usual method of operation of ibsh.
+The execute permission of files in the user space, will be removed.
+New customizing features were added: each user now can have her own commands and
+extensions file, created and maintained by the system administrator. Some users
+(employees) may require access to special programs. User configuration files allow
+this access only those, who need it, not for everybody.
+Ibsh now scans not only the extensions of files, but the content too! Whatever the permission
+for a certain file exists, if that contains source code, or is a linux binary, access
+will be blocked.
+The absolute path for the users is now limited to 255 characters. Longer, already
+existing filenames will be renamed.
+
+06/04/2005
Index: cgcs-users-1.0-r0/TODO.orig
===================================================================
--- /dev/null
+++ cgcs-users-1.0-r0/TODO.orig
@@ -0,0 +1,10 @@
+TODO
+
+ - tab completion.
+ - shell variables.
+ - some changes to the prompt, maybe variable prompt.
+ - history
+ - to be able to use corporate, or other large/complicated programs in a safe
+ working environment, yet be able to share files/work with others.
+
+2005.05.23.

View File

@ -1,7 +0,0 @@
# Add any commands the user may execute. Even shell commands.
# You have to allow logout and/or exit, so the user can logout!
# cd and pwd should also be allowed. Note: other shell builtin
# commands are not yet implemented!
touch
vi

View File

@ -1,4 +0,0 @@
# Add any extension the user may use.
.doc
.txt

View File

@ -1,12 +0,0 @@
# Add any commands the user may execute. Even shell commands.
# You have to allow logout and/or exit, so the user can logout!
# cd and pwd should also be allowed. Note: other shell builtin
# commands are not yet implemented!
#
touch
tar
scp
sftp
ssh
vi

View File

@ -1,6 +0,0 @@
# Add any extension the user may use.
.doc
.txt
.tgz
.tar

View File

@ -30,9 +30,6 @@ libvirt-client
#python2-ryu
#python-ryu-common
# python-smartpm
#python-smartpm
# lldpd
lldpd
@ -118,9 +115,6 @@ kmod-drbd
# dpkg
dpkg
# cgcs-users
cgcs-users
# ldapscripts
ldapscripts
@ -229,6 +223,7 @@ memcached
#kubernetes-node
#kubernetes-kubeadm
#kubernetes-client
#containerd
# resource-agents
#resource-agents

View File

@ -9,7 +9,6 @@ virt/libvirt
virt/libvirt-python
base/lighttpd
#networking/python-ryu
#python/python-smartpm
#python/python-voluptuous
networking/lldpd
#logging/logrotate
@ -49,8 +48,6 @@ config/puppet-modules/puppet-puppi
#config/puppet-modules/openstack/puppet-keystone-11.3.0
#config/puppet-modules/openstack/puppet-openstacklib-11.3.0
#config/puppet-modules/openstack/puppet-oslo-11.3.0
#python/python-eventlet
python/python-requests
base/systemd
#storage-drivers/python-3parclient
#storage-drivers/python-lefthandclient
@ -59,6 +56,7 @@ security/tboot
#kernel/kernel-modules/mlnx-ofa_kernel
#networking/mellanox/rdma-core
#docker/python-docker
#kubernetes/containerd
kubernetes/kubernetes
#kubernetes/docker-distribution
kubernetes/etcd
@ -75,7 +73,6 @@ kernel/kernel-modules/qat17
kernel/kernel-modules/drbd
#kernel/kernel-modules/intel-opae-fpga
base/dpkg
base/cgcs-users
base/cluster-resource-agents
base/libfdt
base/haproxy

View File

@ -7,7 +7,7 @@ grub2-2.02-0.76.el7.centos.src.rpm
grubby-8.28-25.el7.src.rpm
haproxy-1.5.18-8.el7.src.rpm
initscripts-9.49.46-1.el7.src.rpm
kernel-3.10.0-957.21.3.el7.src.rpm
kernel-3.10.0-1062.1.2.el7.src.rpm
libevent-2.0.21-4.el7.src.rpm
# libibverbs-41mlnx1-OFED.4.5.0.1.0.45101.src.rpm
lighttpd-1.4.54-1.el7.src.rpm
@ -30,10 +30,8 @@ puppet-rabbitmq-5.6.0-4.5ac45degit.el7.src.rpm
puppet-staging-1.0.4-1.b466d93git.el7.src.rpm
puppet-stdlib-4.18.0-2.el7.src.rpm
python-docker-3.3.0-1.el7.src.rpm
python-eventlet-0.18.4-2.el7.src.rpm
python-keyring-5.7.1-1.el7.src.rpm
python-psycopg2-2.5.1-3.el7.src.rpm
python-requests-2.21.0-2.el7.src.rpm
python-voluptuous-0.8.9-1.el7.src.rpm
# rdma-core-45mlnx1-1.45101.src.rpm
resource-agents-4.1.1-12.el7_6.7.src.rpm

View File

@ -1 +1 @@
kernel-rt-3.10.0-957.21.3.rt56.935.el7.src.rpm
kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm

View File

@ -3,6 +3,8 @@ boost_1_67_0.tar.bz2#boost_1_67_0#https://dl.bintray.com/boostorg/release/1.67.0
ceph-erasure-code-corpus-2d7d78b9cc52e8a9529d8cc2d2954c7d375d5dd7.tar.gz#ceph-erasure-code-corpus#https://api.github.com/repos/ceph/ceph-erasure-code-corpus/tarball/2d7d78b9cc52e8a9529d8cc2d2954c7d375d5dd7#https##
ceph-object-corpus-e32bf8ca3dc6151ebe7f205ba187815bc18e1cef.tar.gz#ceph-object-corpus#https://api.github.com/repos/ceph/ceph-object-corpus/tarball/e32bf8ca3dc6151ebe7f205ba187815bc18e1cef#https##
civetweb-ff2881e2cd5869a71ca91083bad5d12cccd22136.tar.gz#civetweb#https://api.github.com/repos/ceph/civetweb/tarball/ff2881e2cd5869a71ca91083bad5d12cccd22136#https##
containerd-v1.3.0.tar.gz#containerd#https://github.com/containerd/containerd/archive/v1.3.0.tar.gz#https##
crictl-v1.16.0-linux-amd64.tar.gz#crictl#https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.16.0/crictl-v1.16.0-linux-amd64.tar.gz#https##
# docker-distribution-48294d928ced5dd9b378f7fd7c6f5da3ff3f2c89.tar.gz#docker-distribution#github.com/docker/distribution/archive/48294d928ced5dd9b378f7fd7c6f5da3ff3f2c89.tar.gz#http##
# docker-libtrust-fa567046d9b14f6aa788882a950d69651d230b21.tar.gz#docker-libtrust#https://github.com/docker/libtrust/archive/fa567046d9b14f6aa788882a950d69651d230b21.tar.gz#http##
dpdk-18.11.tar.xz#dpdk-18.11#http://fast.dpdk.org/rel/dpdk-18.11.tar.xz#http##
@ -25,7 +27,6 @@ googletest-fdb850479284e2aae047b87df6beae84236d0135.tar.gz#googletest#https://ap
helm-v2.13.1-linux-amd64.tar.gz#linux-amd64#https://storage.googleapis.com/kubernetes-helm/helm-v2.13.1-linux-amd64.tar.gz#http##
i40e-2.10.19.30.tar.gz#i40e-2.10.19.30#https://sourceforge.net/projects/e1000/files/i40e%20stable/2.10.19.30/i40e-2.10.19.30.tar.gz/download#http##
iavf-3.7.61.20.tar.gz#iavf-3.7.61.20#https://sourceforge.net/projects/e1000/files/iavf%20stable/3.7.61.20/iavf-3.7.61.20.tar.gz/download#http##
ibsh-0.3e.tar.gz#cgcs-users-1.0#https://sourceforge.net/projects/ibsh/files/ibsh/ibsh-0.3e/ibsh-0.3e.tar.gz/download#http##
!integrity-kmod-e6aef069.tar.gz#integrity#http://git.infradead.org/users/jjs/linux-tpmdd.git/snapshot/e6aef069b6e97790cb127d5eeb86ae9ff0b7b0e3.tar.gz#http_script##post-dl-script/integrity-kmod.sh
isa-l-7e1a337433a340bc0974ed0f04301bdaca374af6.tar.gz#isa-l#https://api.github.com/repos/ceph/isa-l/tarball/7e1a337433a340bc0974ed0f04301bdaca374af6#https##
isa-l_crypto-603529a4e06ac8a1662c13d6b31f122e21830352.tar.gz#isa-l_crypto#https://api.github.com/repos/01org/isa-l_crypto/tarball/603529a4e06ac8a1662c13d6b31f122e21830352#https##
@ -57,12 +58,12 @@ puppet-nslcd-b8c19b1ada89865f2e50758e054583798ad8011a.tar.gz#packstack/puppet/mo
puppi-c1c47f4edfd761d1bbde32a75da0c3fa7cc93a81.tar.gz#puppi-master#https://github.com/example42/puppi/tarball/c1c47f4edfd761d1bbde32a75da0c3fa7cc93a81#http##
# python-cephclient-v0.1.0.5.tar.gz#python-cephclient-0.1.0.5#https://github.com/dmsimard/python-cephclient/archive/v0.1.0.5.tar.gz#http##
python-setuptools-v38.5.1.tar.gz#setuptools-38.5.1#https://github.com/pypa/setuptools/archive/v38.5.1.tar.gz#http##
python-smartpm-1.4.1.tar.gz#smart-1.4.1#http://launchpad.net/smart/trunk/1.4.1/+download/smart-1.4.1.tar.bz2#http##
!qat1.7.l.4.5.0-00034.tar.gz#quickassist#https://01.org/sites/default/files/downloads/qat1.7.l.4.5.0-00034.tar.gz#http_script##post-dl-script/qat1.7.sh
rapidjson-f54b0e47a08782a6131cc3d60f94d038fa6e0a51.tar.gz#rapidjson#https://api.github.com/repos/ceph/rapidjson/tarball/f54b0e47a08782a6131cc3d60f94d038fa6e0a51#https##
Redfishtool-1.1.0.tar.gz#Redfishtool-1.1.0#https://github.com/DMTF/Redfishtool/archive/1.1.0.tar.gz#http##
requests-toolbelt-0.9.1.tar.gz#requests-toolbelt-0.9.1#https://github.com/requests/toolbelt/archive/0.9.1.tar.gz#http##
rocksdb-f4a857da0b720691effc524469f6db895ad00d8e.tar.gz#rocksdb#https://api.github.com/repos/ceph/rocksdb/tarball/f4a857da0b720691effc524469f6db895ad00d8e#https##
runc-1.0.0-rc8.tar.gz#runc#https://github.com/opencontainers/runc/archive/v1.0.0-rc8.tar.gz#https##
# Sirupsen-logrus-55eb11d21d2a31a3cc93838241d04800f52e823d.tar.gz#Sirupsen-logrus#github.com/Sirupsen/logrus/archive/55eb11d21d2a31a3cc93838241d04800f52e823d.tar.gz#http##
spdk-f474ce6930f0a44360e1cc4ecd606d2348481c4c.tar.gz#spdk#https://api.github.com/repos/ceph/spdk/tarball/f474ce6930f0a44360e1cc4ecd606d2348481c4c#https##
spectre-meltdown-checker-0.37+-5cc77741.tar.gz#spectre-meltdown-checker#https://github.com/speed47/spectre-meltdown-checker/tarball/5cc77741af1d2f52140aa9f89339f56b6c4b6783#http##

View File

@ -1,3 +1,3 @@
COPY_LIST="$PKG_BASE/files/modules-load.conf"
TIS_PATCH_VER=1
TIS_PATCH_VER=2
BUILD_IS_SLOW=3

View File

@ -1,23 +1,24 @@
From 88ea759637bfe3359375e86dd698a1efbf274784 Mon Sep 17 00:00:00 2001
Message-Id: <88ea759637bfe3359375e86dd698a1efbf274784.1527782348.git.Jim.Somerville@windriver.com>
From: eric zhang <eric.zhang@windriver.com>
Date: Wed, 14 Mar 2018 15:52:15 -0400
From 6152dc85e1b94ec93a3378f4f77b3b33907aac35 Mon Sep 17 00:00:00 2001
Message-Id: <6152dc85e1b94ec93a3378f4f77b3b33907aac35.1579886617.git.Jim.Somerville@windriver.com>
From: Jim Somerville <Jim.Somerville@windriver.com>
Date: Mon, 20 Jan 2020 11:40:06 -0500
Subject: [PATCH 1/1] Support TiS system
This patch added the following to support TiS system:
1. Support package versioning for TiS format
2. Add rt support
3. Compile fix in dcbnl.h
4. Fix compile for some ks stuff
5. Fix compile neuter some stats output
6. Load all kernel modules
7. Sign kernel module
- Support package versioning for TiS format
- Add rt support
- Compile fix in dcbnl.h
- Fix compile for some ks stuff
- Fix compile to neuter some stats output
- Disable use of kernel page pool functionality
- Load all kernel modules
- Sign kernel module
Signed-off-by: Allain Legacy <allain.legacy@windriver.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Kam Nasim <kam.nasim@windriver.com>
Signed-off-by: eric zhang <eric.zhang@windriver.com>
Signed-off-by: Zhang Zhiguo <zhangzhg@neusoft.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
SPECS/mlnx-ofa_kernel.spec | 47 +++++++++++++++++++++++++++++++-------------
@ -83,6 +84,7 @@ index 22564a5..b8adb35 100644
+Patch01: 0001-neuter-HAVE_IEEE_GETQCN.patch
+Patch02: 0001-neuter-a-bunch-of-ks-stuff.patch
+Patch03: 0001-neuter-some-stats-output.patch
+Patch04: Disable-use-of-page-pool.patch
+
BuildRoot: %{?build_root:%{build_root}}%{!?build_root:/var/tmp/OFED}
Vendor: Mellanox Technologies
@ -144,6 +146,7 @@ index 22564a5..b8adb35 100644
+%patch01 -p1
+%patch02 -p1
+%patch03 -p1
+%patch04 -p1
+
%build
export EXTRA_CFLAGS='-DVERSION=\"%version\"'

View File

@ -0,0 +1,77 @@
From 470e37909b707b2209ae3ed1a9d82758b114691c Mon Sep 17 00:00:00 2001
Message-Id: <470e37909b707b2209ae3ed1a9d82758b114691c.1579638263.git.Jim.Somerville@windriver.com>
From: Jim Somerville <Jim.Somerville@windriver.com>
Date: Tue, 21 Jan 2020 14:42:03 -0500
Subject: [PATCH 1/1] Disable use of page pool
Don't use it until they are configured on by default
in the kernel, else you may get undefined symbols and
some of the mlx5 related modules fail to load.
The header file is there in CentOS 7.7, but the
CONFIG_PAGE_POOL option isn't enabled. So the simplistic
configure test passes here but the kernel doesn't have the
required procedures.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
source/compat/aclocal.m4 | 4 +---
source/compat/config/rdma.m4 | 4 +---
source/compat/configure | 4 ++--
3 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/source/compat/aclocal.m4 b/source/compat/aclocal.m4
index 192f6a0..31520d4 100644
--- a/source/compat/aclocal.m4
+++ b/source/compat/aclocal.m4
@@ -12330,9 +12330,7 @@ AC_DEFUN([LINUX_CONFIG_COMPAT],
],[
return 0;
],[
- AC_MSG_RESULT(yes)
- MLNX_AC_DEFINE(HAVE_NET_PAGE_POOL_H, 1,
- [net/page_pool.h is defined])
+ AC_MSG_RESULT(no)
],[
AC_MSG_RESULT(no)
])
diff --git a/source/compat/config/rdma.m4 b/source/compat/config/rdma.m4
index 5fbe4f7..e502f8d 100644
--- a/source/compat/config/rdma.m4
+++ b/source/compat/config/rdma.m4
@@ -10226,9 +10226,7 @@ AC_DEFUN([LINUX_CONFIG_COMPAT],
],[
return 0;
],[
- AC_MSG_RESULT(yes)
- MLNX_AC_DEFINE(HAVE_NET_PAGE_POOL_H, 1,
- [net/page_pool.h is defined])
+ AC_MSG_RESULT(no)
],[
AC_MSG_RESULT(no)
])
diff --git a/source/compat/configure b/source/compat/configure
index 68ceff5..2e955b3 100755
--- a/source/compat/configure
+++ b/source/compat/configure
@@ -102487,7 +102487,7 @@ if { ac_try='env $CROSS_VARS $MAKE -d modules ${LD:+"LD=$CROSS_COMPILE$LD"} CC="
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
cat >>CONFDEFS_H_DIR/confdefs.h.${CONFDEFS_H_INDEX} <<\_ACEOF
-#define HAVE_NET_PAGE_POOL_H 1
+/* Intentionally removed #define HAVE_NET_PAGE_POOL_H 1 */
_ACEOF
@@ -102546,7 +102546,7 @@ if { ac_try='env $CROSS_VARS $MAKE -d modules ${LD:+"LD=$CROSS_COMPILE$LD"} CC="
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
cat >>CONFDEFS_H_DIR/confdefs.h.${CONFDEFS_H_INDEX} <<\_ACEOF
-#define HAVE_NET_PAGE_POOL_H 1
+/* Intentionally removed #define HAVE_NET_PAGE_POOL_H 1 */
_ACEOF
--
1.8.3.1

View File

@ -4,9 +4,10 @@ Date: Mon, 23 Apr 2018 15:18:45 -0400
Subject: [PATCH] Build logic and sources for TiC
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Robin Lu <bin1.lu@intel.com>
---
SPECS/kernel-rt.spec | 279 +++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 272 insertions(+), 7 deletions(-)
SPECS/kernel-rt.spec | 279 ++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 273 insertions(+), 6 deletions(-)
diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec
index a922773..adffde2 100644
@ -86,7 +87,7 @@ index a922773..adffde2 100644
%if %{with_sparse}
BuildRequires: sparse >= 0.4.1
%endif
@@ -340,12 +359,26 @@ Source25: merge.pl
@@ -340,6 +359,13 @@ Source25: merge.pl
Source27: sanity_check.py
Source29: extrakeys.pub
@ -100,8 +101,9 @@ index a922773..adffde2 100644
### Configuration files
Source50: kernel-%{version}-x86_64-rt.config
Source51: kernel-%{version}-x86_64-rt-trace.config
Source52: kernel-%{version}-x86_64-rt-debug.config
@@ -352,6 +378,14 @@ Source81: find-debuginfo.sh
# Sources for kernel modprobe config files
Source1000: modprobe-dccp-blacklist.conf
+# Sources for kernel-rt-tools
+Source2000: cpupower.service
@ -110,10 +112,11 @@ index a922773..adffde2 100644
+Source30000: kernel-3.10.0-x86_64-rt.config.tis_extra
+Source30001: kernel-3.10.0-x86_64-rt-debug.config.tis_extra
+Source30002: kernel-3.10.0-x86_64-rt-trace.config.tis_extra
### Started using a unified SRPM
+
# Empty final patch file to facilitate testing of kernel patches
Patch999999: linux-kernel-test.patch
# Sources for kernel modprobe config files
@@ -373,6 +406,7 @@ This kernel has been compiled with the RT patch applied and is intended
@@ -374,6 +408,7 @@ This kernel has been compiled with the RT patch applied and is intended
for use in deterministic response-time situations
@ -121,23 +124,23 @@ index a922773..adffde2 100644
%package doc
Summary: Various documentation bits found in the kernel source
Group: Documentation
@@ -384,13 +418,14 @@ device drivers shipped with it are documented in these files.
@@ -386,6 +421,7 @@ device drivers shipped with it are documented in these files.
You will want to install this package if you need a reference to the
options that can be passed to Linux kernel modules at load time.
-
+%endif
%package headers
Summary: Header files for the Linux kernel for use by glibc
Group: Development/System
@@ -393,6 +429,7 @@ Group: Development/System
Obsoletes: glibc-kernheaders < 3.0-46
Provides: glibc-kernheaders = 3.0-46
Provides: kernel-rt-extras = %{version}-%{release}
+Provides: kernel-headers
%description headers
Kernel-headers includes the C header files that specify the interface
between the Linux kernel and userspace libraries and programs. The
@@ -438,6 +473,7 @@ AutoReq: no\
@@ -442,6 +479,7 @@ AutoReq: no\
This package provides KVM modules for package %{name}%{?1:-%{1}}.\
%{nil}
@ -145,7 +148,7 @@ index a922773..adffde2 100644
#
# This macro creates a kernel-rt-<subpackage>-kvm-debuginfo package.
# %%kernel_kvm_debuginfo_package <subpackage>
@@ -453,7 +489,9 @@ This package provides debug information for package %{name}%{?1:-%{1}}.\
@@ -458,7 +496,9 @@ This package provides debug information for package %{name}%{?1:-%{1}}.\
This is required to use SystemTap with %{name}%{?1:-%{1}}-%{KVERREL}.\
%{expand:%%global debuginfo_args %{?debuginfo_args} -p '/.*/%%{KVERREL}%{?1:\.%{1}}/.*|/.*%%{KVERREL}%{?1:\.%{1}}(\.debug)?' -o debuginfo%{?1}-kvm.list}\
%{nil}
@ -155,7 +158,7 @@ index a922773..adffde2 100644
#
# This macro creates a kernel-<subpackage>-debuginfo package.
# %%kernel_debuginfo_package <subpackage>
@@ -470,6 +508,7 @@ This package provides debug information for package %{name}%{?1:-%{1}}.\
@@ -476,6 +516,7 @@ This package provides debug information for package %{name}%{?1:-%{1}}.\
This is required to use SystemTap with %{name}%{?1:-%{1}}-%{KVERREL}.\
%{expand:%%global debuginfo_args %{?debuginfo_args} -p '/.*/%%{KVERREL}%{?1:\.%{1}}/.*|/.*%%{KVERREL}%{?1:\.%{1}}(\.debug)?' -o debuginfo%{?1}.list}\
%{nil}
@ -163,7 +166,7 @@ index a922773..adffde2 100644
#
# This macro creates a kernel-<subpackage>-devel package.
@@ -483,6 +522,7 @@ Provides: installonlypkg(kernel-rt-devel) = %{version}-%{release}%{?1:.%{1}}\
@@ -490,6 +531,7 @@ Provides: kernel-rt-devel = %{version}-%{release}%{?1:.%{1}}\
Provides: kernel-rt%{?1:-%{1}}-devel-%{_target_cpu} = %{version}-%{release}\
Provides: kernel-rt-devel-%{_target_cpu} = %{version}-%{release}%{?1:.%{1}}\
Provides: kernel-rt-devel-uname-r = %{KVERREL}%{?1:.%{1}}\
@ -171,7 +174,7 @@ index a922773..adffde2 100644
AutoReqProv: no\
Requires(pre): /usr/bin/find\
%description -n kernel-rt%{?variant}%{?1:-%{1}}-devel\
@@ -495,6 +535,7 @@ against the %{?2:%{2} }kernel package.\
@@ -502,6 +544,7 @@ against the %{?2:%{2} }kernel package.\
# %%define variant_summary The Linux kernel compiled for <configuration>
# %%kernel_variant_package [-n <pretty-name>] <subpackage>
#
@ -179,7 +182,7 @@ index a922773..adffde2 100644
%define kernel_variant_package(n:) \
%package %1\
Summary: %{variant_summary}\
@@ -505,15 +546,29 @@ Group: System Environment/Kernel\
@@ -512,15 +555,29 @@ Group: System Environment/Kernel\
%{expand:%%kernel_kvm_package %1}\
%{expand:%%kernel_kvm_debuginfo_package %1}\
%{nil}
@ -209,7 +212,7 @@ index a922773..adffde2 100644
# Now, each variant package.
@@ -563,6 +618,54 @@ It should only be installed when trying to gather additional information
@@ -570,6 +627,54 @@ It should only be installed when trying to gather additional information
on kernel bugs.
%endif
@ -264,7 +267,7 @@ index a922773..adffde2 100644
%prep
## ApplyPatch routine
patch_command='patch -p1 -F1 -s'
@@ -607,6 +710,12 @@ cp -rl vanilla-%{kversion} linux-%{kversion}.%{_target_cpu}
@@ -614,6 +719,12 @@ cp -rl vanilla-%{kversion} linux-%{kversion}.%{_target_cpu}
cd linux-%{kversion}.%{_target_cpu}
@ -277,7 +280,7 @@ index a922773..adffde2 100644
## Apply Patches here
ApplyPatch linux-kernel-test.patch
@@ -630,6 +739,15 @@ for i in *.config
@@ -637,6 +748,15 @@ for i in *.config
do
mv $i .config
Arch=`head -1 .config | cut -b 3-`
@ -293,7 +296,7 @@ index a922773..adffde2 100644
make %{?cross_opts} ARCH=$Arch listnewconfig | grep -E '^CONFIG_' >.newoptions || true
%if %{listnewconfig_fail}
if [ -s .newoptions ]; then
@@ -764,10 +882,14 @@ BuildKernel() {
@@ -771,9 +891,13 @@ BuildKernel() {
cp arch/$Arch/boot/zImage.stub $RPM_BUILD_ROOT/%{image_install_path}/zImage.stub-$KernelVer || :
fi
# EFI SecureBoot signing, x86_64-only
@ -304,12 +307,11 @@ index a922773..adffde2 100644
- %pesign -s -i $KernelImage -o $KernelImage.signed -a %{SOURCE13} -c %{SOURCE14} -n %{pesign_name}
+ %pesign -s -i $KernelImage -o $KernelImage.signed -a %{SOURCE37} -c %{SOURCE37} -n %{pesign_name}
mv $KernelImage.signed $KernelImage
%endif
+%endif
%endif
$CopyKernel $KernelImage $RPM_BUILD_ROOT/%{image_install_path}/$InstallName-$KernelVer
chmod 755 $RPM_BUILD_ROOT/%{image_install_path}/$InstallName-$KernelVer
@@ -910,6 +1032,12 @@ BuildKernel() {
@@ -919,6 +1043,12 @@ BuildKernel() {
cp signing_key.priv signing_key.priv.sign${Flavour:+.${Flavour}}
cp signing_key.x509 signing_key.x509.sign${Flavour:+.${Flavour}}
@ -322,7 +324,7 @@ index a922773..adffde2 100644
# remove files that will be auto generated by depmod at rpm -i time
for i in alias alias.bin builtin.bin ccwmap dep dep.bin ieee1394map inputmap isapnpmap ofmap pcimap seriomap symbols symbols.bin usbmap softdep devname
do
@@ -925,6 +1053,15 @@ BuildKernel() {
@@ -934,6 +1064,15 @@ BuildKernel() {
install -Dm644 %{SOURCE1000} $RPM_BUILD_ROOT%{_sysconfdir}/modprobe.d/dccp-blacklist.conf
@ -338,7 +340,7 @@ index a922773..adffde2 100644
# prune junk from kernel-devel
find $RPM_BUILD_ROOT/usr/src/kernels -name ".*.cmd" -exec rm -f {} \;
}
@@ -972,6 +1109,31 @@ BuildKernel %make_target %kernel_image vanilla
@@ -981,6 +1120,31 @@ BuildKernel %make_target %kernel_image vanilla
BuildKernel %make_target %kernel_image
%endif
@ -370,7 +372,7 @@ index a922773..adffde2 100644
%if %{builddoc}
# Make the HTML and man pages.
make -j1 htmldocs mandocs || %{doc_build_fail}
@@ -1004,6 +1166,7 @@ popd
@@ -1013,6 +1177,7 @@ popd
# if it isn't.
%ifnarch noarch
@ -378,7 +380,7 @@ index a922773..adffde2 100644
%define __modsign_install_post \
if [ "%{with_rt}" -ne "0" ]; then \
Arch=`head -1 configs/kernel-%{version}-%{_target_cpu}-rt.config | cut -b 3-` \
@@ -1022,6 +1185,24 @@ popd
@@ -1031,6 +1196,24 @@ popd
%{modsign_cmd} $RPM_BUILD_ROOT/lib/modules/%{KVERREL}.${AAA} || exit 1 \
done \
%{nil}
@ -403,7 +405,7 @@ index a922773..adffde2 100644
%endif
###
@@ -1111,6 +1292,39 @@ mkdir -p $RPM_BUILD_ROOT%{_datadir}/doc/perf
@@ -1120,6 +1303,39 @@ mkdir -p $RPM_BUILD_ROOT%{_datadir}/doc/perf
%endif # buildperf
%endif
@ -443,7 +445,7 @@ index a922773..adffde2 100644
%if %{buildheaders}
# Install kernel headers
make ARCH=%{hdrarch} INSTALL_HDR_PATH=$RPM_BUILD_ROOT/usr headers_install
@@ -1165,6 +1379,14 @@ rm -rf $RPM_BUILD_ROOT
@@ -1174,6 +1390,14 @@ rm -rf $RPM_BUILD_ROOT
### scripts
###
@ -458,7 +460,7 @@ index a922773..adffde2 100644
#
# This macro defines a %%post script for a kernel*-devel package.
# %%kernel_devel_post [<subpackage>]
@@ -1328,6 +1550,43 @@ fi
@@ -1337,6 +1561,43 @@ fi
%endif
%endif
@ -502,15 +504,15 @@ index a922773..adffde2 100644
# This is %{image_install_path} on an arch where that includes ELF files,
# or empty otherwise.
%global elf_image_install_path %{?kernel_image_elf:%{image_install_path}}
@@ -1344,6 +1603,7 @@ fi
@@ -1353,6 +1614,7 @@ fi
/%{image_install_path}/%{?-k:%{-k*}}%{!?-k:vmlinuz}-%{KVERREL}%{?2:.%{2}}\
/%{image_install_path}/.vmlinuz-%{KVERREL}%{?2:.%{2}}.hmac\
/boot/System.map-%{KVERREL}%{?2:.%{2}}\
+/boot/symvers-%{KVERREL}%{?2:.%{2}}.gz\
/boot/config-%{KVERREL}%{?2:.%{2}}\
/boot/symvers*\
%exclude /lib/modules/%{KVERREL}%{?2:.%{2}}/kernel/arch/x86/kvm\
%exclude /lib/modules/%{KVERREL}%{?2:.%{2}}/kernel/drivers/gpu/drm/i915/gvt\
@@ -1422,6 +1682,11 @@ fi
@@ -1432,6 +1694,11 @@ fi
%kernel_variant_files %{buildvanilla} vanilla
%endif
@ -520,8 +522,8 @@ index a922773..adffde2 100644
+%endif # do_sign
+
%changelog
* Fri Jun 14 2019 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [3.10.0-957.21.3.rt56.935.el7]
- [rt] Update source tree to match RHEL 7.6.z tree [1689417 1642619]
* Mon Sep 16 2019 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [3.10.0-1062.1.2.rt56.1025.el7]
- [rt] Update source tree to match RHEL rhel-7.7.z tree [1740918 1708718]
--
1.8.3.1

View File

@ -16,7 +16,7 @@ diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec
index f7aad95..29d3878 100644
--- a/SPECS/kernel-rt.spec
+++ b/SPECS/kernel-rt.spec
@@ -424,6 +424,11 @@ Patch1031: epoll-fix-use-after-free-in-eventpoll_release_file.patch
@@ -425,6 +425,11 @@ Patch1031: epoll-fix-use-after-free-in-eventpoll_release_file.patch
Patch1032: ipvs-fix-memory-leak-in-ip_vs_ctl.c.patch
Patch1033: rh-ext4-release-leaked-posix-acl-in-ext4_acl_chmod.patch
Patch1034: rh-ext4-release-leaked-posix-acl-in-ext4_xattr_set_a.patch
@ -28,7 +28,7 @@ index f7aad95..29d3878 100644
BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -791,6 +796,9 @@ ApplyPatch epoll-fix-use-after-free-in-eventpoll_release_file.patch
@@ -798,6 +803,9 @@ ApplyPatch epoll-fix-use-after-free-in-eventpoll_release_file.patch
ApplyPatch ipvs-fix-memory-leak-in-ip_vs_ctl.c.patch
ApplyPatch rh-ext4-release-leaked-posix-acl-in-ext4_acl_chmod.patch
ApplyPatch rh-ext4-release-leaked-posix-acl-in-ext4_xattr_set_a.patch

View File

@ -6,15 +6,16 @@ Subject: [PATCH 1/2] Kernel source patches for TiC
Signed-off-by: Bin Yang <bin.yang@intel.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Robin Lu <bin1.lu@intel.com>
---
SPECS/kernel-rt.spec | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 73 insertions(+)
SPECS/kernel-rt.spec | 71 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 71 insertions(+)
diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec
index adffde2..f7aad95 100644
--- a/SPECS/kernel-rt.spec
+++ b/SPECS/kernel-rt.spec
@@ -386,6 +386,44 @@ Source1000: modprobe-dccp-blacklist.conf
@@ -388,6 +388,43 @@ Source30002: kernel-3.10.0-x86_64-rt-trace.config.tis_extra
# Empty final patch file to facilitate testing of kernel patches
Patch999999: linux-kernel-test.patch
@ -35,7 +36,6 @@ index adffde2..f7aad95 100644
+Patch1014: Enable-building-mpt2sas-and-mpt3sas-as-builtin-for-C.patch
+Patch1015: Enable-building-kernel-with-CONFIG_BLK_DEV_NBD.patch
+Patch1016: x86-make-dma_alloc_coherent-return-zeroed-memory-if-.patch
+Patch1017: rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch
+Patch1018: Porting-Cacheinfo-from-Kernel-4.10.17.patch
+Patch1019: Fix-cacheinfo-compilation-issues-for-3.10.patch
+Patch1020: cpuidle-menu-stop-seeking-deeper-idle-if-current-sta.patch
@ -59,7 +59,7 @@ index adffde2..f7aad95 100644
BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -718,6 +756,41 @@ cp %{SOURCE38} .
@@ -727,6 +764,40 @@ cp %{SOURCE38} .
## Apply Patches here
ApplyPatch linux-kernel-test.patch
@ -80,7 +80,6 @@ index adffde2..f7aad95 100644
+ApplyPatch Enable-building-mpt2sas-and-mpt3sas-as-builtin-for-C.patch
+ApplyPatch Enable-building-kernel-with-CONFIG_BLK_DEV_NBD.patch
+ApplyPatch x86-make-dma_alloc_coherent-return-zeroed-memory-if-.patch
+ApplyPatch rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch
+ApplyPatch Porting-Cacheinfo-from-Kernel-4.10.17.patch
+ApplyPatch Fix-cacheinfo-compilation-issues-for-3.10.patch
+ApplyPatch cpuidle-menu-stop-seeking-deeper-idle-if-current-sta.patch

View File

@ -1258,8 +1258,8 @@ index 53c3fe1..527d291 100644
driver.o class.o platform.o \
cpu.o firmware.o init.o map.o devres.o \
attribute_container.o transport_class.o \
- topology.o container.o property.o
+ topology.o container.o property.o cacheinfo.o
- topology.o container.o property.o devcon.o
+ topology.o container.o property.o devcon.o cacheinfo.o
obj-$(CONFIG_DEVTMPFS) += devtmpfs.o
obj-$(CONFIG_DMA_CMA) += dma-contiguous.o
obj-y += power/

View File

@ -17,6 +17,7 @@ definitions on module deinit
- modification to ima_file_check to pass in file OPEN status
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Robin Lu <bin1.lu@intel.com>
---
fs/namei.c | 2 +-
fs/nfsd/vfs.c | 2 +-
@ -31,7 +32,7 @@ diff --git a/fs/namei.c b/fs/namei.c
index 9f90b63..bf91ea0 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -3225,7 +3225,7 @@ opened:
@@ -3243,7 +3243,7 @@ opened:
error = open_check_o_direct(file);
if (error)
goto exit_fput;
@ -57,7 +58,7 @@ diff --git a/fs/xattr.c b/fs/xattr.c
index e540aca..cc307ec 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -207,6 +207,7 @@ vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
@@ -208,6 +208,7 @@ vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
*xattr_value = value;
return error;
}
@ -69,18 +70,18 @@ diff --git a/include/linux/fs.h b/include/linux/fs.h
index eb6f994..2dbaf80 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -677,9 +677,8 @@ struct inode {
@@ -681,9 +681,8 @@ struct inode {
struct fsnotify_mark_connector __rcu *i_fsnotify_marks)
#endif
-#ifdef CONFIG_IMA
-#if defined(CONFIG_IMA) && defined(CONFIG_X86_64)
atomic_t i_readcount; /* struct files open RO */
-#endif
+
void *i_private; /* fs or device private pointer */
};
@@ -2830,7 +2829,6 @@ static inline bool inode_is_open_for_write(const struct inode *inode)
@@ -2852,7 +2851,6 @@ static inline bool inode_is_open_for_write(const struct inode *inode)
return atomic_read(&inode->i_writecount) > 0;
}
@ -88,7 +89,7 @@ index eb6f994..2dbaf80 100644
static inline void i_readcount_dec(struct inode *inode)
{
BUG_ON(!atomic_read(&inode->i_readcount));
@@ -2840,16 +2838,7 @@ static inline void i_readcount_inc(struct inode *inode)
@@ -2862,16 +2860,7 @@ static inline void i_readcount_inc(struct inode *inode)
{
atomic_inc(&inode->i_readcount);
}
@ -340,7 +341,7 @@ index f069482..646a0e3 100644
int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
{
#ifdef CONFIG_SECURITY_YAMA_STACKED
@@ -720,8 +824,11 @@ EXPORT_SYMBOL(security_inode_listsecurity);
@@ -718,8 +822,11 @@ EXPORT_SYMBOL(security_inode_listsecurity);
void security_inode_getsecid(struct inode *inode, u32 *secid)
{
@ -353,7 +354,7 @@ index f069482..646a0e3 100644
int security_inode_copy_up(struct dentry *src, struct cred **new)
{
@@ -1530,6 +1637,7 @@ int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
@@ -1528,6 +1635,7 @@ int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
{
return security_ops->audit_rule_init(field, op, rulestr, lsmrule);
}
@ -361,7 +362,7 @@ index f069482..646a0e3 100644
int security_audit_rule_known(struct audit_krule *krule)
{
@@ -1546,6 +1654,7 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
@@ -1544,6 +1652,7 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
{
return security_ops->audit_rule_match(secid, field, op, lsmrule, actx);
}

View File

@ -12,17 +12,17 @@ diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index da97e2c..68fd46b 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -3010,6 +3010,8 @@ static void __mem_cgroup_commit_charge(struct mem_cgroup *memcg,
@@ -2998,6 +2998,8 @@ static void __mem_cgroup_commit_charge(struct mem_cgroup *memcg,
memcg_check_events(memcg, page);
}
+static DEFINE_MUTEX(memcg_limit_mutex);
+
#ifdef CONFIG_MEMCG_KMEM
static inline bool memcg_can_account_kmem(struct mem_cgroup *memcg)
{
@@ -3510,8 +3512,6 @@ out:
return new_cachep;
/*
* The memcg_slab_mutex is held whenever a per memcg kmem cache is created or
@@ -3378,8 +3380,6 @@ static inline void memcg_resume_kmem_account(void)
current->memcg_kmem_skip_account--;
}
-static DEFINE_MUTEX(memcg_limit_mutex);

View File

@ -13,9 +13,9 @@ diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index f27ca00..9eca4ac 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -931,7 +931,7 @@ static void rh_check_supported(void)
@@ -964,7 +964,7 @@ static void rh_check_supported(void)
if (((boot_cpu_data.x86_max_cores * smp_num_siblings) == 1) &&
!x86_hyper && !cpu_has_hypervisor && !is_kdump_kernel()) {
!guest && !is_kdump_kernel()) {
pr_crit("Detected single cpu native boot.\n");
- pr_crit("Important: In Red Hat Enterprise Linux 7, single threaded, single CPU 64-bit physical systems are unsupported by Red Hat. Please contact your Red Hat support representative for a list of certified and supported systems.");
+ pr_crit("Important: In CentOS 7, single threaded, single CPU 64-bit physical systems are unsupported. Please see http://wiki.centos.org/FAQ for more information");

View File

@ -14,8 +14,8 @@ defined
Signed-off-by: Martin, Chen <haochuan.z.chen@intel.com>
---
drivers/block/drbd/drbd_req.c | 8 ++++----
include/linux/filter.h | 4 ++++
2 files changed, 8 insertions(+), 4 deletions(-)
include/linux/filter.h | 3 +++
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/drivers/block/drbd/drbd_req.c b/drivers/block/drbd/drbd_req.c
index a6f13f7..cbd0a49 100644
@ -51,17 +51,16 @@ diff --git a/include/linux/filter.h b/include/linux/filter.h
index cddbb31..15ce55f 100644
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@@ -665,6 +665,10 @@ static inline bool bpf_jit_blinding_enabled(struct bpf_prog *prog)
return true;
}
#else
@@ -763,6 +763,9 @@ void bpf_prog_kallsyms_add(struct bpf_prog *fp);
void bpf_prog_kallsyms_del(struct bpf_prog *fp);
#else /* CONFIG_BPF_JIT */
+struct bpf_prog * __weak trace_bpf_int_jit_compile(struct bpf_prog *prog);
+void __weak trace_bpf_jit_compile(struct bpf_prog *prog);
+void __weak trace_bpf_jit_free(struct bpf_prog *fp);
+
static inline bool ebpf_jit_enabled(void)
static inline bool bpf_prog_ebpf_jited(const struct bpf_prog *fp)
{
return false;
--
1.8.3.1

View File

@ -1,47 +0,0 @@
From b48c1062db1a4529f9ebecbffb5a80542da9f4f5 Mon Sep 17 00:00:00 2001
Message-Id: <b48c1062db1a4529f9ebecbffb5a80542da9f4f5.1528226387.git.Jim.Somerville@windriver.com>
In-Reply-To: <c8270e79f6b7008fde44b8d5aa6314d8cf89d3ed.1528226387.git.Jim.Somerville@windriver.com>
References: <c8270e79f6b7008fde44b8d5aa6314d8cf89d3ed.1528226387.git.Jim.Somerville@windriver.com>
From: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Date: Thu, 15 Dec 2016 15:37:47 -0800
Subject: [PATCH 18/32] rcu: Don't wake rcuc/X kthreads on NOCB CPUs
[ upstream 630c7ed9ca0608912fa7c8591d05dfc8742dc9e6 in tip repo ]
Chris Friesen notice that rcuc/X kthreads were consuming CPU even on
NOCB CPUs. This makes no sense because the only purpose or these
kthreads is to invoke normal (non-offloaded) callbacks, of which there
will never be any on NOCB CPUs. This problem was due to a bug in
cpu_has_callbacks_ready_to_invoke(), which should have been checking
->nxttail[RCU_NEXT_TAIL] for NULL, but which was instead (incorrectly)
checking ->nxttail[RCU_DONE_TAIL]. Because ->nxttail[RCU_DONE_TAIL] is
never NULL, the only effect is to cause the rcuc/X kthread to execute
when it should not do so.
This commit therefore checks ->nxttail[RCU_NEXT_TAIL], which is NULL
for NOCB CPUs.
Reported-by: Chris Friesen <chris.friesen@windriver.com>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
kernel/rcutree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/rcutree.c b/kernel/rcutree.c
index 9648918..fb7b2a8 100644
--- a/kernel/rcutree.c
+++ b/kernel/rcutree.c
@@ -367,7 +367,7 @@ static int
cpu_has_callbacks_ready_to_invoke(struct rcu_data *rdp)
{
return &rdp->nxtlist != rdp->nxttail[RCU_DONE_TAIL] &&
- rdp->nxttail[RCU_DONE_TAIL] != NULL;
+ rdp->nxttail[RCU_NEXT_TAIL] != NULL;
}
/*
--
1.8.3.1

View File

@ -35,7 +35,7 @@ diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index d3d746b..e9a8d95 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -3488,13 +3488,14 @@ static u64 distribute_cfs_runtime(struct cfs_bandwidth *cfs_b,
@@ -3490,13 +3490,14 @@ static u64 distribute_cfs_runtime(struct cfs_bandwidth *cfs_b,
struct cfs_rq *cfs_rq;
u64 runtime;
u64 starting_runtime = remaining;
@ -51,7 +51,7 @@ index d3d746b..e9a8d95 100644
if (!cfs_rq_throttled(cfs_rq))
goto next;
@@ -3511,7 +3512,7 @@ static u64 distribute_cfs_runtime(struct cfs_bandwidth *cfs_b,
@@ -3513,7 +3514,7 @@ static u64 distribute_cfs_runtime(struct cfs_bandwidth *cfs_b,
unthrottle_cfs_rq(cfs_rq);
next:
@ -60,7 +60,7 @@ index d3d746b..e9a8d95 100644
if (!remaining)
break;
@@ -3527,7 +3528,7 @@ next:
@@ -3529,7 +3530,7 @@ next:
* period the timer is deactivated until scheduling resumes; cfs_b->idle is
* used to track this state.
*/
@ -69,7 +69,7 @@ index d3d746b..e9a8d95 100644
{
u64 runtime, runtime_expires;
int throttled;
@@ -3576,11 +3577,11 @@ static int do_sched_cfs_period_timer(struct cfs_bandwidth *cfs_b, int overrun)
@@ -3578,11 +3579,11 @@ static int do_sched_cfs_period_timer(struct cfs_bandwidth *cfs_b, int overrun)
while (throttled && cfs_b->runtime > 0 && !cfs_b->distribute_running) {
runtime = cfs_b->runtime;
cfs_b->distribute_running = 1;
@ -83,7 +83,7 @@ index d3d746b..e9a8d95 100644
cfs_b->distribute_running = 0;
throttled = !list_empty(&cfs_b->throttled_cfs_rq);
@@ -3689,17 +3690,18 @@ static __always_inline void return_cfs_rq_runtime(struct cfs_rq *cfs_rq)
@@ -3691,17 +3692,18 @@ static __always_inline void return_cfs_rq_runtime(struct cfs_rq *cfs_rq)
static void do_sched_cfs_slack_timer(struct cfs_bandwidth *cfs_b)
{
u64 runtime = 0, slice = sched_cfs_bandwidth_slice();
@ -105,7 +105,7 @@ index d3d746b..e9a8d95 100644
return;
}
@@ -3710,18 +3712,18 @@ static void do_sched_cfs_slack_timer(struct cfs_bandwidth *cfs_b)
@@ -3712,18 +3714,18 @@ static void do_sched_cfs_slack_timer(struct cfs_bandwidth *cfs_b)
if (runtime)
cfs_b->distribute_running = 1;
@ -127,7 +127,7 @@ index d3d746b..e9a8d95 100644
}
/*
@@ -3785,7 +3787,7 @@ static void check_cfs_rq_runtime(struct cfs_rq *cfs_rq)
@@ -3787,7 +3789,7 @@ static void check_cfs_rq_runtime(struct cfs_rq *cfs_rq)
}
static inline u64 default_cfs_period(void);
@ -136,22 +136,23 @@ index d3d746b..e9a8d95 100644
static void do_sched_cfs_slack_timer(struct cfs_bandwidth *cfs_b);
static enum hrtimer_restart sched_cfs_slack_timer(struct hrtimer *timer)
@@ -3802,10 +3804,11 @@ static enum hrtimer_restart sched_cfs_period_timer(struct hrtimer *timer)
@@ -3806,11 +3808,12 @@ static enum hrtimer_restart sched_cfs_period_timer(struct hrtimer *timer)
struct cfs_bandwidth *cfs_b =
container_of(timer, struct cfs_bandwidth, period_timer);
ktime_t now;
+ unsigned long flags;
int overrun;
int idle = 0;
int count = 0;
- raw_spin_lock(&cfs_b->lock);
+ raw_spin_lock_irqsave(&cfs_b->lock, flags);
for (;;) {
now = hrtimer_cb_get_time(timer);
overrun = hrtimer_forward(timer, now, cfs_b->period);
@@ -3813,9 +3816,9 @@ static enum hrtimer_restart sched_cfs_period_timer(struct hrtimer *timer)
if (!overrun)
break;
@@ -3840,9 +3843,9 @@ static enum hrtimer_restart sched_cfs_period_timer(struct hrtimer *timer)
count = 0;
}
- idle = do_sched_cfs_period_timer(cfs_b, overrun);
+ idle = do_sched_cfs_period_timer(cfs_b, overrun, flags);

View File

@ -1 +1 @@
mirror:Source/kernel-rt-3.10.0-957.21.3.rt56.935.el7.src.rpm
mirror:Source/kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm

View File

@ -6,6 +6,7 @@ Subject: [PATCH] Build logic and sources for TiC
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: zhao.shuai <zhaos@neusoft.com>
Signed-off-by: Zhang Zhiguo <zhangzhg@neusoft.com>
Signed-off-by: Robin Lu <bin1.lu@intel.com>
---
SPECS/kernel.spec | 78 ++++++++++++++++++++++++++++++++++++++---------

View File

@ -6,6 +6,7 @@ Subject: [PATCH 1/2] Kernel-source-patches-for-TiC
Signed-off-by: zhao.shuai <zhaos@neusoft.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Robin Lu <bin1.lu@intel.com>
Signed-off-by: Zhang Zhiguo <zhangzhg@neusoft.com>
---

View File

@ -17,6 +17,7 @@ definitions on module deinit
- modification to ima_file_check to pass in file OPEN status
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Robin Lu <bin1.lu@intel.com>
Signed-off-by: Zhang Zhiguo <zhangzhg@neusoft.com>
---

View File

@ -1,2 +1 @@
mirror:Source/kernel-4.18.0-80.11.2.el8_0.src.rpm

View File

@ -0,0 +1,6 @@
COPY_LIST="${STX_BASE}/downloads/containerd-v1.3.0.tar.gz
${STX_BASE}/downloads/runc-1.0.0-rc8.tar.gz
${STX_BASE}/downloads/crictl-v1.16.0-linux-amd64.tar.gz
${FILES_BASE}/*"
TIS_PATCH_VER=1

View File

@ -0,0 +1,100 @@
# SPDX-License-Identifier: Apache-2.0
#
# Copyright (C) 2019 Intel Corporation
#
Name: containerd
Version: 1.3.0
Release: %{tis_patch_ver}%{?_tis_dist}
Summary: Open and reliable container runtime
Group: Kubernetes
License: ASL 2.0
Source0: containerd-v%{version}.tar.gz
Source1: runc-1.0.0-rc8.tar.gz
Source2: crictl-v1.16.0-linux-amd64.tar.gz
Source3: crictl.yaml
Source4: containerd.service
Patch5: 0001-customize-containerd-for-StarlingX.patch
URL: https://www.starlingx.io
Vendor: StarlingX
Packager: StarlingX
BuildRequires: pkgconfig(systemd)
BuildRequires: pkgconfig(libseccomp)
BuildRequires: pkgconfig(libsystemd-journal)
BuildRequires: golang >= 1.10.0
BuildRequires: systemd
BuildRequires: rsync
BuildRequires: go-md2man
BuildRequires: go-bindata
BuildRequires: rpm-devel >= 4.14.0
BuildRequires: rpm-libs >= 4.14.0
# required packages on install
Requires: /bin/sh
Requires: systemd
Provides: containerd
Provides: runc
Provides: containerd.io
%global _missing_build_ids_terminate_build 0
%define CONTAINERD_DIR ${HOME}/go/src/github.com/containerd/containerd
%define RUNC_DIR ${HOME}/go/src/github.com/opencontainers/runc
%description
Containerd is an industry-standard container runtime with an emphasis on
simplicity, robustness and portability. It is available as a daemon for Linux
and Windows, which can manage the complete container lifecycle of its host
system: image transfer and storage, container execution and supervision,
low-level storage and network attachments, etc.
%prep
%setup -q -c -n src -a 1
%setup -q -c -T -D -n src -a 2
%patch5 -p1
%build
# build containerd
mkdir -p %{CONTAINERD_DIR}
mv %{_builddir}/src/containerd/* %{CONTAINERD_DIR}/
pushd %{CONTAINERD_DIR}
make
popd
# build runc
mkdir -p %{RUNC_DIR}
mv %{_builddir}/src/runc/* %{RUNC_DIR}/
pushd %{RUNC_DIR}
make
popd
%install
# install containerd
install -d %{buildroot}%{_bindir}
install -p -m 755 %{CONTAINERD_DIR}/bin/containerd %{buildroot}%{_bindir}/containerd
install -p -m 755 %{CONTAINERD_DIR}/bin/containerd-shim %{buildroot}%{_bindir}/containerd-shim
install -p -m 755 %{CONTAINERD_DIR}/bin/containerd-shim-runc-v1 %{buildroot}%{_bindir}/containerd-shim-runc-v1
install -p -m 755 %{CONTAINERD_DIR}/bin/containerd-shim-runc-v2 %{buildroot}%{_bindir}/containerd-shim-runc-v2
install -p -m 755 %{CONTAINERD_DIR}/bin/containerd-stress %{buildroot}%{_bindir}/containerd-stress
install -p -m 755 %{CONTAINERD_DIR}/bin/ctr %{buildroot}%{_bindir}/ctr
install -p -m 755 %{RUNC_DIR}/runc %{buildroot}%{_bindir}/runc
install -p -m 755 %{_builddir}/src/crictl %{buildroot}%{_bindir}/crictl
install -d %{buildroot}%{_sysconfdir}
install -m 644 %{_sourcedir}/crictl.yaml %{buildroot}%{_sysconfdir}/crictl.yaml
install -d %{buildroot}%{_unitdir}
install -p -m 644 %{_sourcedir}/containerd.service %{buildroot}%{_unitdir}/containerd.service
# list files owned by the package here
%files
%{_bindir}/containerd
%{_bindir}/containerd-shim
%{_bindir}/containerd-shim-runc-v1
%{_bindir}/containerd-shim-runc-v2
%{_bindir}/containerd-stress
%{_bindir}/ctr
%{_bindir}/runc
%{_bindir}/crictl
%{_sysconfdir}/crictl.yaml
%{_unitdir}/containerd.service

View File

@ -0,0 +1,37 @@
From fb2f78f1a3f1ec51a12f1404c21651dc0144663e Mon Sep 17 00:00:00 2001
From: Shuicheng Lin <shuicheng.lin@intel.com>
Date: Wed, 25 Sep 2019 20:02:34 +0800
Subject: [PATCH] customize containerd for StarlingX
1. disable btrfs to pass build.
3. hardcode version info due to miss git info in tarball.
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
---
containerd/Makefile | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/containerd/Makefile b/containerd/Makefile
index 6758161..49dd612 100644
--- a/containerd/Makefile
+++ b/containerd/Makefile
@@ -20,7 +20,7 @@ ROOTDIR=$(dir $(abspath $(lastword $(MAKEFILE_LIST))))
DESTDIR ?= /usr/local
# Used to populate variables in version package.
-VERSION=$(shell git describe --match 'v[0-9]*' --dirty='.m' --always)
+VERSION="v1.3.0"
REVISION=$(shell git rev-parse HEAD)$(shell if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi)
PACKAGE=github.com/containerd/containerd
@@ -90,6 +90,7 @@ endif
# Build tags seccomp and apparmor are needed by CRI plugin.
GO_BUILDTAGS ?= seccomp apparmor
GO_BUILDTAGS += ${DEBUG_TAGS}
+GO_BUILDTAGS += no_btrfs
GO_TAGS=$(if $(GO_BUILDTAGS),-tags "$(GO_BUILDTAGS)",)
GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) $(EXTRA_LDFLAGS)'
SHIM_GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) -extldflags "-static" $(EXTRA_LDFLAGS)'
--
2.7.4

View File

@ -0,0 +1,19 @@
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd
KillMode=process
Delegate=yes
LimitNOFILE=1048576
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,3 @@
runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
debug: false

View File

@ -1 +0,0 @@
TIS_PATCH_VER=2

View File

@ -1,27 +0,0 @@
From 2ae1604b483c4aeb97c96cba2b6fd2d7c7bb0fce Mon Sep 17 00:00:00 2001
From: Scott Little <scott.little@windriver.com>
Date: Tue, 24 Jan 2017 12:31:27 -0500
Subject: [PATCH 2/2] WRS: 0001-Update-package-versioning-for-TIS-format.patch
Conflicts:
SPECS/python-eventlet.spec
---
SPECS/python-eventlet.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SPECS/python-eventlet.spec b/SPECS/python-eventlet.spec
index d85d6c1..151fa56 100644
--- a/SPECS/python-eventlet.spec
+++ b/SPECS/python-eventlet.spec
@@ -12,7 +12,7 @@
Name: python-%{pypi_name}
Version: 0.18.4
-Release: 2%{?dist}
+Release: 2.el7%{?_tis_dist}.%{tis_patch_ver}
Summary: Highly concurrent networking library
License: MIT
URL: http://eventlet.net
--
1.8.3.1

View File

@ -1,2 +0,0 @@
spec-include-TiS-paches.patch
0001-Update-package-versioning-for-TIS-format.patch

View File

@ -1,34 +0,0 @@
From 869679b3dc8fb689e52cf51f2577aceb52fb8538 Mon Sep 17 00:00:00 2001
From: Scott Little <scott.little@windriver.com>
Date: Tue, 24 Jan 2017 12:31:27 -0500
Subject: [PATCH 1/2] WRS: spec-include-TiS-paches.patch
---
SPECS/python-eventlet.spec | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/SPECS/python-eventlet.spec b/SPECS/python-eventlet.spec
index b33e617..d85d6c1 100644
--- a/SPECS/python-eventlet.spec
+++ b/SPECS/python-eventlet.spec
@@ -25,6 +25,9 @@ BuildRequires: python-setuptools
Requires: python-greenlet
+# WRS patches
+Patch0: 0001-CGTS-2869-close-connection-on-HTTP-413-Request-Entit.patch
+
%description
Eventlet is a networking library written in Python. It achieves high
scalability by using non-blocking io while at the same time retaining
@@ -94,6 +97,7 @@ Documentation for the python-eventlet package.
%prep
%setup -q -n %{pypi_name}-%{version}
+%patch0 -p1
rm -rf *.egg-info
# generate html docs
--
1.8.3.1

View File

@ -1,28 +0,0 @@
From bdbcd8615e1720b4098296752a2f4273a0947a8d Mon Sep 17 00:00:00 2001
From: Daniel Badea <daniel.badea@windriver.com>
Date: Tue, 6 Sep 2016 15:09:39 +0000
Subject: [PATCH] CGTS-2869 close connection on HTTP 413 Request Entity Too
Large
Discard request body in case it's too large: close connection
wile request is in progress.
---
eventlet/wsgi.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/eventlet/wsgi.py b/eventlet/wsgi.py
index 6af2b99..8eac966 100644
--- a/eventlet/wsgi.py
+++ b/eventlet/wsgi.py
@@ -525,6 +525,8 @@ class HttpProtocol(BaseHTTPServer.BaseHTTPRequestHandler):
finally:
if hasattr(result, 'close'):
result.close()
+ if str(status_code[0]) == '413':
+ self.close_connection = 1
request_input = self.environ['eventlet.input']
if (request_input.chunked_input or
request_input.position < (request_input.content_length or 0)):
--
1.8.3.1

View File

@ -1 +0,0 @@
mirror:Source/python-eventlet-0.18.4-2.el7.src.rpm

View File

@ -1 +0,0 @@
TIS_PATCH_VER=1

View File

@ -1,26 +0,0 @@
From 9e05fbda393fe0ed6cb581c33ba19a14ab07abb6 Mon Sep 17 00:00:00 2001
From: jmckenna <jason.mckenna@windriver.com>
Date: Wed, 13 Dec 2017 09:02:08 -0500
Subject: [PATCH 1/2] Update package versioning for TIS format
Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
---
SPECS/python-requests.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SPECS/python-requests.spec b/SPECS/python-requests.spec
index efe0966..111bab7 100644
--- a/SPECS/python-requests.spec
+++ b/SPECS/python-requests.spec
@@ -10,7 +10,7 @@
Name: python-requests
Version: 2.20.0
-Release: 1%{?dist}
+Release: 1.el8%{?_tis_dist}.%{tis_patch_ver}
Summary: HTTP library, written in Python, for human beings
License: ASL 2.0
--
1.8.3.1

View File

@ -1,26 +0,0 @@
From b99292ef32fdde60d2ec4181ee5963b93a97cdf2 Mon Sep 17 00:00:00 2001
From: jmckenna <jason.mckenna@windriver.com>
Date: Wed, 13 Dec 2017 09:02:40 -0500
Subject: [PATCH 2/2] include patch for error handling
Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
---
SPECS/python-requests.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/python-requests.spec b/SPECS/python-requests.spec
index 111bab7..8aab964 100644
--- a/SPECS/python-requests.spec
+++ b/SPECS/python-requests.spec
@@ -38,6 +38,8 @@ Patch4: Don-t-inject-pyopenssl-into-urllib3.patch
# build-time package tests
Patch5: Skip-all-tests-needing-httpbin.patch
+Patch6: 0001-close-connection-on-HTTP-413-Request-Entit.patch
+
BuildArch: noarch
%description
--
1.8.3.1

View File

@ -1,2 +0,0 @@
0001-Update-package-versioning-for-TIS-format.patch
0002-include-patch-for-error-handling.patch

View File

@ -1,47 +0,0 @@
From 268a1f179e554027637bd2951b24ad44ecb4a1ee Mon Sep 17 00:00:00 2001
From: Daniel Badea <daniel.badea@windriver.com>
Date: Wed, 7 Sep 2016 09:10:10 +0000
Subject: [PATCH] close connection on HTTP 413 Request Entity Too
Large
Allow low_conn to retrieve/handle unread response data buffers
in case ProtocolError or socket.error are raised while sending
request data.
Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
---
requests/adapters.py | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/requests/adapters.py b/requests/adapters.py
index fd46325..087258a 100644
--- a/requests/adapters.py
+++ b/requests/adapters.py
@@ -466,12 +466,18 @@ class HTTPAdapter(BaseAdapter):
low_conn.endheaders()
- for i in request.body:
- low_conn.send(hex(len(i))[2:].encode('utf-8'))
- low_conn.send(b'\r\n')
- low_conn.send(i)
- low_conn.send(b'\r\n')
- low_conn.send(b'0\r\n\r\n')
+ try:
+ for i in request.body:
+ low_conn.send(hex(len(i))[2:].encode('utf-8'))
+ low_conn.send(b'\r\n')
+ low_conn.send(i)
+ low_conn.send(b'\r\n')
+ low_conn.send(b'0\r\n\r\n')
+ except (ProtocolError, socket.error) as err:
+ # allow low_conn to retrieve/handle unread response
+ # data buffers in case ProtocolError or socket.error
+ # are raised while sending request data
+ pass
# Receive the response from the server
try:
--
1.8.3.1

View File

@ -1 +0,0 @@
mirror:Source/python-requests-2.20.0-1.el8.src.rpm

View File

@ -1,6 +0,0 @@
CLIENT_NAME=python-smartpm
VERSION=1.4.1
COPY_LIST="$CGCS_BASE/downloads/$CLIENT_NAME-$VERSION.tar.gz $PKG_BASE/files/* $PKG_BASE/centos/patches/*"
TIS_PATCH_VER=2

View File

@ -1,6 +0,0 @@
https://github.com/smartpm/smart/releases/tag/1.4.1
Additional 20 patches from os-core/meta/recipes-devtools/python-smartpm

View File

@ -1,13 +0,0 @@
--- a/smart/backends/rpm/pm.py 2014-02-14 14:14:18.877737747 +0800
+++ b/smart/backends/rpm/pm.py 2014-02-14 14:17:17.394560608 +0800
@@ -232,6 +232,10 @@
if sysconf.get("rpm-order"):
ts.order()
probfilter = rpm.RPMPROB_FILTER_OLDPACKAGE
+ if sysconf.get("rpm-ignoresize", False):
+ probfilter |= rpm.RPMPROB_FILTER_DISKNODES
+ probfilter |= rpm.RPMPROB_FILTER_DISKSPACE
+
if force or reinstall:
probfilter |= rpm.RPMPROB_FILTER_REPLACEPKG
probfilter |= rpm.RPMPROB_FILTER_REPLACEOLDFILES

View File

@ -1,223 +0,0 @@
From b105e7fe812da3ccaf7155c0fe14c8728b0d39a5 Mon Sep 17 00:00:00 2001
From: Mark Hatle <mark.hatle@windriver.com>
Date: Mon, 20 Jan 2014 14:30:52 +0000
Subject: [PATCH] Add mechanism to attempt install without failing
In OpenEmbedded, for complementary and 'attemptonly' package processing,
we need a way to instruct smart to try to install, but ignore any
failures (usually conflicts).
This option only works for the install operation.
If a complementary install fails, an actual error occurred, one that
we can't ignore without losing the entire attempted transaction. Keep
this as an error so that we can catch these cases in the futre.
Upstream-Status: Pending
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
smart.py | 5 +++-
smart/commands/install.py | 5 ++++
smart/transaction.py | 65 +++++++++++++++++++++++++++++++++++------------
3 files changed, 58 insertions(+), 17 deletions(-)
Index: smart-1.4.1/smart/commands/install.py
===================================================================
--- smart-1.4.1.orig/smart/commands/install.py
+++ smart-1.4.1/smart/commands/install.py
@@ -50,6 +50,8 @@ def option_parser():
parser = OptionParser(usage=USAGE,
description=DESCRIPTION,
examples=EXAMPLES)
+ parser.add_option("--attempt", action="store_true",
+ help=_("attempt to install packages, ignore failures"))
parser.add_option("--stepped", action="store_true",
help=_("split operation in steps"))
parser.add_option("--urls", action="store_true",
@@ -80,6 +82,9 @@ def main(ctrl, opts):
if not opts.args:
raise Error, _("no package(s) given")
+ if opts.attempt:
+ sysconf.set("attempt-install", True, soft=True)
+
if opts.explain:
sysconf.set("explain-changesets", True, soft=True)
Index: smart-1.4.1/smart/transaction.py
===================================================================
--- smart-1.4.1.orig/smart/transaction.py
+++ smart-1.4.1/smart/transaction.py
@@ -555,6 +555,8 @@ class Transaction(object):
changeset.set(pkg, INSTALL)
isinst = changeset.installed
+ attempt = sysconf.has("attempt-install", soft=True)
+
# Remove packages conflicted by this one.
for cnf in pkg.conflicts:
for prv in cnf.providedby:
@@ -564,11 +566,16 @@ class Transaction(object):
if not isinst(prvpkg):
locked[prvpkg] = (LOCKED_CONFLICT_BY, pkg)
continue
- if prvpkg in locked:
- raise Failed, _("Can't install %s: conflicted package "
- "%s is locked") % (pkg, prvpkg)
- self._remove(prvpkg, changeset, locked, pending, depth)
- pending.append((PENDING_UPDOWN, prvpkg))
+ if attempt:
+ del changeset[pkg]
+ raise Failed, _("Can't install %s: it conflicts with package "
+ "%s") % (pkg, prvpkg)
+ else:
+ if prvpkg in locked:
+ raise Failed, _("Can't install %s: conflicted package "
+ "%s is locked") % (pkg, prvpkg)
+ self._remove(prvpkg, changeset, locked, pending, depth)
+ pending.append((PENDING_UPDOWN, prvpkg))
# Remove packages conflicting with this one.
for prv in pkg.provides:
@@ -579,12 +586,18 @@ class Transaction(object):
if not isinst(cnfpkg):
locked[cnfpkg] = (LOCKED_CONFLICT, pkg)
continue
- if cnfpkg in locked:
+ if attempt:
+ del changeset[pkg]
raise Failed, _("Can't install %s: it's conflicted by "
- "the locked package %s") \
- % (pkg, cnfpkg)
- self._remove(cnfpkg, changeset, locked, pending, depth)
- pending.append((PENDING_UPDOWN, cnfpkg))
+ "the package %s") \
+ % (pkg, cnfpkg)
+ else:
+ if cnfpkg in locked:
+ raise Failed, _("Can't install %s: it's conflicted by "
+ "the locked package %s") \
+ % (pkg, cnfpkg)
+ self._remove(cnfpkg, changeset, locked, pending, depth)
+ pending.append((PENDING_UPDOWN, cnfpkg))
# Remove packages with the same name that can't
# coexist with this one.
@@ -594,10 +607,15 @@ class Transaction(object):
if not isinst(namepkg):
locked[namepkg] = (LOCKED_NO_COEXIST, pkg)
continue
- if namepkg in locked:
+ if attempt:
+ del changeset[pkg]
raise Failed, _("Can't install %s: it can't coexist "
"with %s") % (pkg, namepkg)
- self._remove(namepkg, changeset, locked, pending, depth)
+ else:
+ if namepkg in locked:
+ raise Failed, _("Can't install %s: it can't coexist "
+ "with %s") % (pkg, namepkg)
+ self._remove(namepkg, changeset, locked, pending, depth)
# Install packages required by this one.
for req in pkg.requires + pkg.recommends:
@@ -1176,6 +1194,8 @@ class Transaction(object):
self._policy.runStarting()
+ attempt = sysconf.has("attempt-install", soft=True)
+
try:
changeset = self._changeset.copy()
isinst = changeset.installed
@@ -1190,7 +1210,11 @@ class Transaction(object):
locked[pkg] = (LOCKED_KEEP, None)
elif op is INSTALL:
if not isinst(pkg) and pkg in locked:
- raise Failed, _("Can't install %s: it's locked") % pkg
+ if attempt:
+ iface.warning(_("Can't install %s: it's locked") % pkg)
+ del changeset[pkg]
+ else:
+ raise Failed, _("Can't install %s: it's locked") % pkg
changeset.set(pkg, INSTALL)
locked[pkg] = (LOCKED_INSTALL, None)
elif op is REMOVE:
@@ -1216,9 +1240,18 @@ class Transaction(object):
else:
op = REMOVE
if op is INSTALL or op is REINSTALL:
- self._install(pkg, changeset, locked, pending)
- if pkg in changeset:
- changeset.setRequested(pkg, True)
+ try:
+ self._install(pkg, changeset, locked, pending)
+ if pkg in changeset:
+ changeset.setRequested(pkg, True)
+ except Failed, e:
+ if attempt:
+ iface.warning(_("Can't install %s: %s") % (pkg, e))
+ if pkg in changeset:
+ del changeset[pkg]
+ continue
+ else:
+ raise Failed, e
elif op is REMOVE:
self._remove(pkg, changeset, locked, pending)
elif op is UPGRADE:
Index: smart-1.4.1/smart/backends/rpm/pm.py
===================================================================
--- smart-1.4.1.orig/smart/backends/rpm/pm.py
+++ smart-1.4.1/smart/backends/rpm/pm.py
@@ -243,15 +253,48 @@ class RPMPackageManager(PackageManager):
cb = RPMCallback(prog, upgradednames)
cb.grabOutput(True)
probs = None
+ retry = 0
try:
probs = ts.run(cb, None)
finally:
del getTS.ts
cb.grabOutput(False)
+ if probs and sysconf.has("attempt-install", soft=True):
+ def remove_conflict(pkgNEVR):
+ for key in changeset.keys():
+ if pkgNEVR == str(key):
+ del changeset[key]
+ del pkgpaths[key]
+ iface.warning("Removing %s due to file %s conflicting with %s" % (pkgNEVR, fname, altNEVR))
+ break
+
+ retry = 1
+ for prob in probs:
+ if prob[1][0] == rpm.RPMPROB_NEW_FILE_CONFLICT:
+ msg = prob[0].split()
+ fname = msg[1]
+ pkgNEVR = msg[7]
+ altNEVR = msg[9]
+ pkgNEVR = pkgNEVR.rsplit('.', 1)[0] + '@' + pkgNEVR.rsplit('.', 1)[1]
+ altNEVR = altNEVR.rsplit('.', 1)[0] + '@' + altNEVR.rsplit('.', 1)[1]
+ remove_conflict(pkgNEVR)
+ elif prob[1][0] == rpm.RPMPROB_FILE_CONFLICT:
+ msg = prob[0].split()
+ fname = msg[1]
+ pkgNEVR = msg[5]
+ altNEVR = msg[11]
+ pkgNEVR = pkgNEVR.rsplit('.', 1)[0] + '@' + pkgNEVR.rsplit('.', 1)[1]
+ altNEVR = altNEVR.rsplit('.', 1)[0] + '@' + altNEVR.rsplit('.', 1)[1]
+ remove_conflict(pkgNEVR)
+ else:
+ retry = 0
+
prog.setDone()
- if probs:
+ if probs and (not retry):
raise Error, "\n".join([x[0] for x in probs])
prog.stop()
+ if retry and len(changeset):
+ self.commit(changeset, pkgpaths)
class RPMCallback:
def __init__(self, prog, upgradednames):

View File

@ -1,24 +0,0 @@
Make CHANNELSDIR in smart empty, since this causes host contamination issues
on some RPM-based hosts on which smart is already installed.
[YOCTO #3881]
Upstream-Status: Inappropriate [embedded specific]
diff --git a/smart/plugins/channelsync.py b/smart/plugins/channelsync.py
index 3ba95ff..646d696 100644
--- a/smart/plugins/channelsync.py
+++ b/smart/plugins/channelsync.py
@@ -23,7 +23,11 @@ from smart.channel import *
from smart import *
import os
-CHANNELSDIR = "/etc/smart/channels/"
+# For now, we leave the definition of CHANNELSDIR empty. This prevents smart
+# from erroneously consider the build host's channels while setting up its
+# channels [YOCTO #3881]. If this feature will be used in the future, CHANNELSDIR
+# should be set to a proper value.
+CHANNELSDIR = ""
def syncChannels(channelsdir, force=None):

View File

@ -1,24 +0,0 @@
Add a simple method to disable the install of recommended packages
Upstream-Status: Pending
Usage:
smart config --set ignore-all-recommends=1
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Index: smart-1.4.1/smart/transaction.py
===================================================================
--- smart-1.4.1.orig/smart/transaction.py
+++ smart-1.4.1/smart/transaction.py
@@ -611,7 +611,9 @@ class Transaction(object):
for prv in req.providedby:
for prvpkg in prv.packages:
if not reqrequired:
- if pkgconf.testFlag("ignore-recommends", prvpkg):
+ if sysconf.get("ignore-all-recommends", 0) == 1:
+ continue
+ elif pkgconf.testFlag("ignore-recommends", prvpkg):
continue
if isinst(prvpkg):
found = True

View File

@ -1,196 +0,0 @@
Report a reason when a dependency could not be installed because it is locked
If a requirement of a package is conflicted, depending on how the
solution is reached, the transaction code may eliminate all providers
of the requirement and then error out because nothing provides them. To
work around this, store a reason in the locked dict and report that back
if we need to, so for example instead of:
error: Can't install packagegroup-core-ssh-dropbear-1.0-r1@all: no package provides dropbear
we now get:
error: Can't install packagegroup-core-ssh-dropbear-1.0-r1@all: unable to install provider for dropbear:
error: dropbear-2013.58-r1.0@armv5te is conflicted by openssh-sshd-6.2p2-r0@armv5te
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
smart/const.py | 7 +++++++
smart/transaction.py | 58 +++++++++++++++++++++++++++++++++++++++++-----------
2 files changed, 53 insertions(+), 12 deletions(-)
diff --git a/smart/const.py b/smart/const.py
index 4d8e5cb..67c1ac5 100644
--- a/smart/const.py
+++ b/smart/const.py
@@ -70,4 +70,11 @@ DATADIR = "/var/lib/smart/"
USERDATADIR = "~/.smart/"
CONFFILE = "config"
+LOCKED_INSTALL = Enum('LOCKED_INSTALL')
+LOCKED_REMOVE = Enum('LOCKED_REMOVE')
+LOCKED_CONFLICT = Enum('LOCKED_CONFLICT')
+LOCKED_CONFLICT_BY = Enum('LOCKED_CONFLICT_BY')
+LOCKED_NO_COEXIST = Enum('LOCKED_NO_COEXIST')
+LOCKED_SYSCONF = Enum('LOCKED_SYSCONF')
+
# vim:ts=4:sw=4:et
diff --git a/smart/transaction.py b/smart/transaction.py
index 300b9cc..dd9aa38 100644
--- a/smart/transaction.py
+++ b/smart/transaction.py
@@ -19,10 +19,31 @@
# along with Smart Package Manager; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-from smart.const import INSTALL, REMOVE, UPGRADE, FIX, REINSTALL, KEEP
+from smart.const import INSTALL, REMOVE, UPGRADE, FIX, REINSTALL, KEEP, LOCKED_INSTALL, LOCKED_CONFLICT, LOCKED_CONFLICT_BY, LOCKED_NO_COEXIST, LOCKED_SYSCONF, LOCKED_REMOVE
from smart.cache import PreRequires, Package
from smart import *
+def lock_reason(pkg, lockvalue):
+ try:
+ (reason, otherpkg) = lockvalue
+ except TypeError:
+ reason = None
+ lockvalue = None
+ if reason == LOCKED_INSTALL:
+ return _("%s is to be installed") % pkg
+ elif reason == LOCKED_CONFLICT:
+ return _("%s conflicts with %s") % (pkg, otherpkg)
+ elif reason == LOCKED_CONFLICT_BY:
+ return _("%s is conflicted by %s") % (pkg, otherpkg)
+ elif reason == LOCKED_NO_COEXIST:
+ return _("%s cannot coexist with %s") % (pkg, otherpkg)
+ elif reason == LOCKED_SYSCONF:
+ return _("%s is locked in system configuration") % pkg
+ elif reason == LOCKED_REMOVE:
+ return _("%s is to be removed") % pkg
+ else:
+ return _("%s is locked (unknown reason)") % pkg
+
class ChangeSet(dict):
def __init__(self, cache, state=None, requested=None):
@@ -187,7 +208,7 @@ class Policy(object):
for pkg in pkgconf.filterByFlag("lock", cache.getPackages()):
if pkg not in self._locked:
self._sysconflocked.append(pkg)
- self._locked[pkg] = True
+ self._locked[pkg] = (LOCKED_SYSCONF, None)
def runFinished(self):
self._priorities.clear()
@@ -524,7 +545,7 @@ class Transaction(object):
if ownpending:
pending = []
- locked[pkg] = True
+ locked[pkg] = (LOCKED_INSTALL, None)
changeset.set(pkg, INSTALL)
isinst = changeset.installed
@@ -535,7 +556,7 @@ class Transaction(object):
if prvpkg is pkg:
continue
if not isinst(prvpkg):
- locked[prvpkg] = True
+ locked[prvpkg] = (LOCKED_CONFLICT_BY, pkg)
continue
if prvpkg in locked:
raise Failed, _("Can't install %s: conflicted package "
@@ -550,7 +571,7 @@ class Transaction(object):
if cnfpkg is pkg:
continue
if not isinst(cnfpkg):
- locked[cnfpkg] = True
+ locked[cnfpkg] = (LOCKED_CONFLICT, pkg)
continue
if cnfpkg in locked:
raise Failed, _("Can't install %s: it's conflicted by "
@@ -565,7 +586,7 @@ class Transaction(object):
for namepkg in namepkgs:
if namepkg is not pkg and not pkg.coexists(namepkg):
if not isinst(namepkg):
- locked[namepkg] = True
+ locked[namepkg] = (LOCKED_NO_COEXIST, pkg)
continue
if namepkg in locked:
raise Failed, _("Can't install %s: it can't coexist "
@@ -577,6 +598,7 @@ class Transaction(object):
# Check if someone is already providing it.
prvpkgs = {}
+ lockedpkgs = {}
found = False
for prv in req.providedby:
for prvpkg in prv.packages:
@@ -585,6 +607,8 @@ class Transaction(object):
break
if prvpkg not in locked:
prvpkgs[prvpkg] = True
+ else:
+ lockedpkgs[prvpkg] = locked[prvpkg]
else:
continue
break
@@ -597,7 +621,17 @@ class Transaction(object):
if not prvpkgs:
# No packages provide it at all. Give up.
if req in pkg.requires:
- raise Failed, _("Can't install %s: no package provides %s") % \
+ reasons = []
+ for prv in req.providedby:
+ for prvpkg in prv.packages:
+ lockedres = lockedpkgs.get(prvpkg, None)
+ if lockedres:
+ reasons.append(lock_reason(prvpkg, lockedres))
+ if reasons:
+ raise Failed, _("Can't install %s: unable to install provider for %s:\n %s") % \
+ (pkg, req, '\n '.join(reasons))
+ else:
+ raise Failed, _("Can't install %s: no package provides %s") % \
(pkg, req)
else:
# It's only a recommend, skip
@@ -627,7 +661,7 @@ class Transaction(object):
if ownpending:
pending = []
- locked[pkg] = True
+ locked[pkg] = (LOCKED_REMOVE, None)
changeset.set(pkg, REMOVE)
isinst = changeset.installed
@@ -1140,22 +1174,22 @@ class Transaction(object):
if op is KEEP:
if pkg in changeset:
del changeset[pkg]
- locked[pkg] = True
+ locked[pkg] = (LOCKED_KEEP, None)
elif op is INSTALL:
if not isinst(pkg) and pkg in locked:
raise Failed, _("Can't install %s: it's locked") % pkg
changeset.set(pkg, INSTALL)
- locked[pkg] = True
+ locked[pkg] = (LOCKED_INSTALL, None)
elif op is REMOVE:
if isinst(pkg) and pkg in locked:
raise Failed, _("Can't remove %s: it's locked") % pkg
changeset.set(pkg, REMOVE)
- locked[pkg] = True
+ locked[pkg] = (LOCKED_REMOVE, None)
elif op is REINSTALL:
if pkg in locked:
raise Failed, _("Can't reinstall %s: it's locked")%pkg
changeset.set(pkg, INSTALL, force=True)
- locked[pkg] = True
+ locked[pkg] = (LOCKED_INSTALL, None)
elif op is UPGRADE:
pass
--
1.8.1.2

View File

@ -1,40 +0,0 @@
backends/rpm: add support for setting dependency flags
This is useful for OpenEmbedded so that we can do the equivalent of
the --nolinktos and --noparentdirs rpm command line options.
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
diff --git a/smart/backends/rpm/pm.py b/smart/backends/rpm/pm.py
index 707a146..aec82e7 100644
--- a/smart/backends/rpm/pm.py
+++ b/smart/backends/rpm/pm.py
@@ -106,6 +106,23 @@ class RPMPackageManager(PackageManager):
flags |= rpm.RPMTRANS_FLAG_TEST
ts.setFlags(flags)
+ dflags = ts.setDFlags(0)
+ if sysconf.get("rpm-noupgrade", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOUPGRADE
+ if sysconf.get("rpm-norequires", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOREQUIRES
+ if sysconf.get("rpm-noconflicts", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOCONFLICTS
+ if sysconf.get("rpm-noobsoletes", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOOBSOLETES
+ if sysconf.get("rpm-noparentdirs", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOPARENTDIRS
+ if sysconf.get("rpm-nolinktos", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOLINKTOS
+ if sysconf.get("rpm-nosuggest", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOSUGGEST
+ ts.setDFlags(dflags)
+
# Set rpm verbosity level.
levelname = sysconf.get('rpm-log-level')
level = {
--
1.7.9.5

View File

@ -1,35 +0,0 @@
From a17998b6be3319ae476a64f366737bc267a53a8a Mon Sep 17 00:00:00 2001
From: Robert Yang <liezhi.yang@windriver.com>
Date: Mon, 16 Sep 2013 05:54:13 -0400
Subject: [PATCH] fetcher.py: truncate the filename to meet NAME_MAX
The function getLocalPath() converts the filepath into the filename,
there would be a "File name too long" error when len(filename) >
NAME_MAX, truncate it to meet NAME_MAX will fix the problem.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
---
smart/fetcher.py | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/smart/fetcher.py b/smart/fetcher.py
--- a/smart/fetcher.py
+++ b/smart/fetcher.py
@@ -139,6 +139,14 @@ class Fetcher(object):
filename = os.path.basename(path)
if self._localpathprefix:
filename = self._localpathprefix+filename
+ # pathconf requires the path existed
+ if not os.path.exists(self._localdir):
+ os.makedirs(self._localdir)
+ name_max = os.pathconf(self._localdir, 'PC_NAME_MAX')
+ # The length of the filename should be less than NAME_MAX
+ if len(filename) > name_max:
+ iface.debug(_("Truncate %s to %s") % (filename, filename[-name_max:]))
+ filename = filename[-name_max:]
return os.path.join(self._localdir, filename)
def setForceCopy(self, value):
--
1.7.10.4

View File

@ -1,70 +0,0 @@
Add exclude-packages flag support
Allow configuring specific packages to be excluded. This will allow
users to specify things NOT to install, and if they are attempted an
error will be generated.
Upstream-Status: Pending
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Index: smart-1.4.1/smart/const.py
===================================================================
--- smart-1.4.1.orig/smart/const.py
+++ smart-1.4.1/smart/const.py
@@ -70,6 +70,7 @@ DATADIR = "/var/lib/smart/"
USERDATADIR = "~/.smart/"
CONFFILE = "config"
+LOCKED_EXCLUDE = Enum('LOCKED_EXCLUDE')
LOCKED_INSTALL = Enum('LOCKED_INSTALL')
LOCKED_REMOVE = Enum('LOCKED_REMOVE')
LOCKED_CONFLICT = Enum('LOCKED_CONFLICT')
Index: smart-1.4.1/smart/transaction.py
===================================================================
--- smart-1.4.1.orig/smart/transaction.py
+++ smart-1.4.1/smart/transaction.py
@@ -19,7 +19,7 @@
# along with Smart Package Manager; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-from smart.const import INSTALL, REMOVE, UPGRADE, FIX, REINSTALL, KEEP, LOCKED_INSTALL, LOCKED_CONFLICT, LOCKED_CONFLICT_BY, LOCKED_NO_COEXIST, LOCKED_SYSCONF, LOCKED_REMOVE
+from smart.const import INSTALL, REMOVE, UPGRADE, FIX, REINSTALL, KEEP, LOCKED_EXCLUDE, LOCKED_INSTALL, LOCKED_CONFLICT, LOCKED_CONFLICT_BY, LOCKED_NO_COEXIST, LOCKED_SYSCONF, LOCKED_REMOVE
from smart.cache import PreRequires, Package
from smart import *
@@ -29,7 +29,9 @@ def lock_reason(pkg, lockvalue):
except TypeError:
reason = None
lockvalue = None
- if reason == LOCKED_INSTALL:
+ if reason == LOCKED_EXCLUDE:
+ return _("%s is to be excluded") % pkg
+ elif reason == LOCKED_INSTALL:
return _("%s is to be installed") % pkg
elif reason == LOCKED_CONFLICT:
return _("%s conflicts with %s") % (pkg, otherpkg)
@@ -210,6 +212,10 @@ class Policy(object):
self._sysconflocked.append(pkg)
self._locked[pkg] = (LOCKED_SYSCONF, None)
+ for pkg in pkgconf.filterByFlag("exclude-packages", cache.getPackages()):
+ if pkg not in self._locked:
+ self._locked[pkg] = (LOCKED_EXCLUDE, None)
+
def runFinished(self):
self._priorities.clear()
for pkg in self._sysconflocked:
Index: smart-1.4.1/smart/commands/flag.py
===================================================================
--- smart-1.4.1.orig/smart/commands/flag.py
+++ smart-1.4.1/smart/commands/flag.py
@@ -47,6 +47,8 @@ Currently known flags are:
multi-version - Flagged packages may have more than one version
installed in the system at the same time
(backend dependent).
+ exclude-packages - Flagged packages will be excluded, if they are
+ required, an error will be generated.
ignore-recommends - Flagged packages will not be installed, if
they are only recommended by a package to be
installed rather than required.

View File

@ -1,60 +0,0 @@
Add ignore-recommends flag support
Allow configuring recommends on specific packages to be ignored.
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
smart/commands/flag.py | 3 +++
smart/transaction.py | 7 ++++++-
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/smart/commands/flag.py b/smart/commands/flag.py
index 8b90496..191bb11 100644
--- a/smart/commands/flag.py
+++ b/smart/commands/flag.py
@@ -47,6 +47,9 @@ Currently known flags are:
multi-version - Flagged packages may have more than one version
installed in the system at the same time
(backend dependent).
+ ignore-recommends - Flagged packages will not be installed, if
+ they are only recommended by a package to be
+ installed rather than required.
security - Flagged packages are updates for security errata.
bugfix - Flagged packages are updates for bugfix errata.
diff --git a/smart/transaction.py b/smart/transaction.py
index dd9aa38..38eabae 100644
--- a/smart/transaction.py
+++ b/smart/transaction.py
@@ -596,12 +596,17 @@ class Transaction(object):
# Install packages required by this one.
for req in pkg.requires + pkg.recommends:
+ reqrequired = req in pkg.requires
+
# Check if someone is already providing it.
prvpkgs = {}
lockedpkgs = {}
found = False
for prv in req.providedby:
for prvpkg in prv.packages:
+ if not reqrequired:
+ if pkgconf.testFlag("ignore-recommends", prvpkg):
+ continue
if isinst(prvpkg):
found = True
break
@@ -620,7 +625,7 @@ class Transaction(object):
if not prvpkgs:
# No packages provide it at all. Give up.
- if req in pkg.requires:
+ if reqrequired:
reasons = []
for prv in req.providedby:
for prvpkg in prv.packages:
--
1.8.1.2

View File

@ -1,253 +0,0 @@
Improve error reporting in smart
Add code to check proper command line arguments for various
smart commands. Exit with error if erroneous/additional arguments
are given in the command line.
Upstream-Status: Pending
Signed-off-by: Bogdan Marinescu <bogdan.a.marinescu@intel.com>
diff --git a/smart/commands/channel.py b/smart/commands/channel.py
index aa76f91..63fbb35 100644
--- a/smart/commands/channel.py
+++ b/smart/commands/channel.py
@@ -157,7 +157,17 @@ def main(ctrl, opts):
opts.show is None and opts.yaml is None):
iface.warning(_("Can't edit channels information."))
raise Error, _("Configuration is in readonly mode.")
-
+
+ # Argument check
+ opts.check_args_of_option("set", -1)
+ opts.check_args_of_option("remove", -1)
+ opts.check_args_of_option("edit", 0)
+ opts.check_args_of_option("enable", -1)
+ opts.check_args_of_option("disable", -1)
+ opts.ensure_action("channel", ["add", "set", "remove", "remove_all",
+ "list", "show", "yaml", "enable", "disable"])
+ opts.check_remaining_args()
+
if opts.add is not None:
if not opts.add and opts.args == ["-"]:
newchannels = []
diff --git a/smart/commands/check.py b/smart/commands/check.py
index b08608a..506e852 100644
--- a/smart/commands/check.py
+++ b/smart/commands/check.py
@@ -72,6 +72,9 @@ def parse_options(argv):
def main(ctrl, opts, reloadchannels=True):
+ # Argument check
+ opts.check_args_of_option("channels", 1)
+
if sysconf.get("auto-update"):
from smart.commands import update
updateopts = update.parse_options([])
diff --git a/smart/commands/config.py b/smart/commands/config.py
index dd50dee..4fe4366 100644
--- a/smart/commands/config.py
+++ b/smart/commands/config.py
@@ -80,6 +80,12 @@ def main(ctrl, opts):
globals["false"] = False
globals["no"] = False
+ # Check arguments
+ opts.check_args_of_option("set", -1)
+ opts.check_args_of_option("remove", -1)
+ opts.ensure_action("config", ["set", "show", "yaml", "remove"])
+ opts.check_remaining_args()
+
if opts.set:
for opt in opts.set:
m = SETRE.match(opt)
diff --git a/smart/commands/download.py b/smart/commands/download.py
index 6837993..b853c61 100644
--- a/smart/commands/download.py
+++ b/smart/commands/download.py
@@ -81,6 +81,14 @@ def parse_options(argv):
def main(ctrl, opts):
+ # Argument check
+ opts.check_args_of_option("target", 1)
+ opts.check_args_of_option("output", 1)
+ opts.check_args_of_option("from_urls", -1)
+ opts.check_args_of_option("from_metalink", -1)
+ if not opts.args and not opts.from_metalink and not opts.from_urls:
+ raise Error, _("no package(s) given")
+
packages = []
if opts.args:
if sysconf.get("auto-update"):
diff --git a/smart/commands/info.py b/smart/commands/info.py
index 12f74f0..59fbe98 100644
--- a/smart/commands/info.py
+++ b/smart/commands/info.py
@@ -58,6 +58,10 @@ def parse_options(argv):
def main(ctrl, opts, reloadchannels=True):
+ # Argument check
+ if not opts.args:
+ raise Error, _("No package(s) given")
+
if sysconf.get("auto-update"):
from smart.commands import update
updateopts = update.parse_options([])
diff --git a/smart/commands/install.py b/smart/commands/install.py
index 8a45954..590222c 100644
--- a/smart/commands/install.py
+++ b/smart/commands/install.py
@@ -76,6 +76,10 @@ def parse_options(argv):
def main(ctrl, opts):
+ # Argument check
+ if not opts.args:
+ raise Error, _("no package(s) given")
+
if opts.explain:
sysconf.set("explain-changesets", True, soft=True)
diff --git a/smart/commands/reinstall.py b/smart/commands/reinstall.py
index e59d896..32da3e6 100644
--- a/smart/commands/reinstall.py
+++ b/smart/commands/reinstall.py
@@ -68,7 +68,11 @@ def parse_options(argv):
return opts
def main(ctrl, opts):
-
+
+ # Argument check
+ if not opts.args:
+ raise Error, _("no package(s) given")
+
if opts.explain:
sysconf.set("explain-changesets", True, soft=True)
diff --git a/smart/commands/remove.py b/smart/commands/remove.py
index b4823a6..acd3bbd 100644
--- a/smart/commands/remove.py
+++ b/smart/commands/remove.py
@@ -74,6 +74,10 @@ def parse_options(argv):
def main(ctrl, opts):
+ # Argument check
+ if not opts.args:
+ raise Error, _("no package(s) given")
+
if opts.explain:
sysconf.set("explain-changesets", True, soft=True)
diff --git a/smart/commands/search.py b/smart/commands/search.py
index 0d0b573..44806b8 100644
--- a/smart/commands/search.py
+++ b/smart/commands/search.py
@@ -44,6 +44,8 @@ def option_parser():
def parse_options(argv):
opts = query.parse_options(argv, usage=USAGE, \
description=DESCRIPTION, examples=EXAMPLES)
+ if not argv:
+ raise Error, _("Search expression not specified")
opts.name = opts.args
opts.summary = opts.args
opts.description = opts.args
diff --git a/smart/commands/upgrade.py b/smart/commands/upgrade.py
index ec86290..7e290d8 100644
--- a/smart/commands/upgrade.py
+++ b/smart/commands/upgrade.py
@@ -91,6 +91,9 @@ def parse_options(argv):
def main(ctrl, opts):
+ # Argument check
+ opts.check_args_of_option("flag", 1)
+
if opts.explain:
sysconf.set("explain-changesets", True, soft=True)
diff --git a/smart/util/optparse.py b/smart/util/optparse.py
index 4a3d3a8..279b0bf 100644
--- a/smart/util/optparse.py
+++ b/smart/util/optparse.py
@@ -70,6 +70,8 @@ import sys, os
import types
import textwrap
from gettext import gettext as _
+from smart import Error
+import re
def _repr(self):
return "<%s at 0x%x: %s>" % (self.__class__.__name__, id(self), self)
@@ -708,6 +710,12 @@ class Option:
self.action, self.dest, opt, value, values, parser)
def take_action(self, action, dest, opt, value, values, parser):
+ # Keep all the options in the command line in the '_given_opts' array
+ # This will be used later to validate the command line
+ given_opts = getattr(parser.values, "_given_opts", [])
+ user_opt = re.sub(r"^\-*", "", opt).replace("-", "_")
+ given_opts.append(user_opt)
+ setattr(parser.values, "_given_opts", given_opts)
if action == "store":
setattr(values, dest, value)
elif action == "store_const":
@@ -819,6 +827,54 @@ class Values:
setattr(self, attr, value)
return getattr(self, attr)
+ # Check if the given option has the specified number of arguments
+ # Raise an error if the option has an invalid number of arguments
+ # A negative number for 'nargs' means "at least |nargs| arguments are needed"
+ def check_args_of_option(self, opt, nargs, err=None):
+ given_opts = getattr(self, "_given_opts", [])
+ if not opt in given_opts:
+ return
+ values = getattr(self, opt, [])
+ if type(values) != type([]):
+ return
+ if nargs < 0:
+ nargs = -nargs
+ if len(values) >= nargs:
+ return
+ if not err:
+ if nargs == 1:
+ err = _("Option '%s' requires at least one argument") % opt
+ else:
+ err = _("Option '%s' requires at least %d arguments") % (opt, nargs)
+ raise Error, err
+ elif nargs == 0:
+ if len( values ) == 0:
+ return
+ raise Error, err
+ else:
+ if len(values) == nargs:
+ return
+ if not err:
+ if nargs == 1:
+ err = _("Option '%s' requires one argument") % opt
+ else:
+ err = _("Option '%s' requires %d arguments") % (opt, nargs)
+ raise Error, err
+
+ # Check that at least one of the options in 'actlist' was given as an argument
+ # to the command 'cmdname'
+ def ensure_action(self, cmdname, actlist):
+ given_opts = getattr(self, "_given_opts", [])
+ for action in actlist:
+ if action in given_opts:
+ return
+ raise Error, _("No action specified for command '%s'") % cmdname
+
+ # Check if there are any other arguments left after parsing the command line and
+ # raise an error if such arguments are found
+ def check_remaining_args(self):
+ if self.args:
+ raise Error, _("Invalid argument(s) '%s'" % str(self.args))
class OptionContainer:

View File

@ -1,28 +0,0 @@
smart - backends/rmp/metadata.py: Fix incorrect call to the match function
The match function should take three parameters, name, comparison, version...
The original code was passing it a reference to the object holding the data
instead, which caused the comparison in match to always fail.
Upstream-Status: Pending
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
--- a/smart/backends/rpm/metadata.py
+++ b/smart/backends/rpm/metadata.py
@@ -332,13 +332,13 @@
reqargs = [x for x in reqdict
if not ((x[2] is None or "=" in x[2]) and
(RPMProvides, x[1], x[3]) in prvdict or
- system_provides.match(*x[:3]))]
+ system_provides.match(x[1], x[2], x[3]))]
reqargs = collapse_libc_requires(reqargs)
recargs = [x for x in recdict
if not ((x[2] is None or "=" in x[2]) and
(RPMProvides, x[1], x[3]) in prvdict or
- system_provides.match(*x[:3]))]
+ system_provides.match(x[1], x[2], x[3]))]
prvargs = prvdict.keys()
cnfargs = cnfdict.keys()

View File

@ -1,22 +0,0 @@
To fix some multilib issues, change the way the RPM backend decides
if two packages can coexist: if they have a different architecture,
automatically assume that they can coexist (which is fundamental for
multilib).
Upstream-Status: Pending
Signed-off-by: Bogdan Marinescu <bogdan.a.marinescu@intel.com>
diff --git a/smart/backends/rpm/base.py b/smart/backends/rpm/base.py
index 6e83d40..7140c1b 100644
--- a/smart/backends/rpm/base.py
+++ b/smart/backends/rpm/base.py
@@ -228,6 +228,8 @@ class RPMPackage(Package):
return False
selfver, selfarch = splitarch(self.version)
otherver, otherarch = splitarch(other.version)
+ if selfarch != otherarch:
+ return True
selfcolor = getArchColor(selfarch)
othercolor = getArchColor(otherarch)
if (selfcolor and othercolor and selfcolor != othercolor and

File diff suppressed because it is too large Load Diff

View File

@ -1,27 +0,0 @@
backends/rpm: implement rpm-extra-macros option
Allow defining extra macros in the smart configuration to be passed
to rpm before opening the database.
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
diff --git a/smart/backends/rpm/base.py b/smart/backends/rpm/base.py
index b9e9cb2..234c844 100644
--- a/smart/backends/rpm/base.py
+++ b/smart/backends/rpm/base.py
@@ -53,6 +53,10 @@ def rpm_join_dbpath(root, dbpath):
return os.path.join(root, dbpath)
def getTS(new=False):
+ if sysconf.get("rpm-extra-macros"):
+ for key, value in sysconf.get("rpm-extra-macros").items():
+ rpm.addMacro(key, str(value))
+
rpm_root = os.path.abspath(sysconf.get("rpm-root", "/"))
if not hasattr(getTS, "ts") or getTS.root != rpm_root:
getTS.root = rpm_root
--
1.7.9.5

View File

@ -1,26 +0,0 @@
backends/rpm: fix parsing of rpm-md metadata
If assertions are disabled then the queue.pop() wasn't being executed,
leading to requires, recommends etc. not being read properly.
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
diff --git a/smart/backends/rpm/metadata.py b/smart/backends/rpm/metadata.py
index 2c54f39..dc9df22 100644
--- a/smart/backends/rpm/metadata.py
+++ b/smart/backends/rpm/metadata.py
@@ -188,7 +188,8 @@ class RPMMetaDataLoader(Loader):
elif event == "end":
- assert queue.pop() is elem
+ popped = queue.pop()
+ assert popped is elem
if skip:
if tag == skip:
--
1.7.9.5

View File

@ -1,80 +0,0 @@
Fix smart RPM backend to handle rpm-dbpath/rpm-root properly
Don't assume that if the dbpath starts with / that it is an absolute
path. This matches the behaviour of rpm itself. (If the root path is
specified and does not start with /, rpm will prepend the root path
twice and fail).
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
diff --git a/smart/backends/rpm/base.py b/smart/backends/rpm/base.py
index 7092332..0489e11 100644
--- a/smart/backends/rpm/base.py
+++ b/smart/backends/rpm/base.py
@@ -46,6 +46,12 @@ __all__ = ["RPMPackage", "RPMProvides", "RPMNameProvides", "RPMPreRequires",
"rpm", "getTS", "getArchScore", "getArchColor", "system_provides",
"collapse_libc_requires"]
+def rpm_join_dbpath(root, dbpath):
+ if dbpath.startswith('/') and root:
+ return os.path.join(root, dbpath[1:])
+ else:
+ return os.path.join(root, dbpath)
+
def getTS(new=False):
rpm_root = os.path.abspath(sysconf.get("rpm-root", "/"))
if not hasattr(getTS, "ts") or getTS.root != rpm_root:
@@ -56,7 +62,7 @@ def getTS(new=False):
if not sysconf.get("rpm-check-signatures", False):
getTS.ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
rpm_dbpath = sysconf.get("rpm-dbpath", "var/lib/rpm")
- dbdir = os.path.join(getTS.root, rpm_dbpath)
+ dbdir = rpm_join_dbpath(getTS.root, rpm_dbpath)
if not os.path.isdir(dbdir):
try:
os.makedirs(dbdir)
diff --git a/smart/channels/rpm_sys.py b/smart/channels/rpm_sys.py
index efcb10e..b9fda27 100644
--- a/smart/channels/rpm_sys.py
+++ b/smart/channels/rpm_sys.py
@@ -20,7 +20,7 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
from smart.backends.rpm.header import RPMDBLoader
-from smart.backends.rpm.base import getTS
+from smart.backends.rpm.base import getTS, rpm_join_dbpath
from smart.channel import PackageChannel
from smart import *
import os
@@ -32,9 +32,9 @@ class RPMSysChannel(PackageChannel):
def fetch(self, fetcher, progress):
getTS() # Make sure the db exists.
- path = os.path.join(sysconf.get("rpm-root", "/"),
- sysconf.get("rpm-dbpath", "var/lib/rpm"),
- "Packages")
+ dbdir = rpm_join_dbpath(sysconf.get("rpm-root", "/"),
+ sysconf.get("rpm-dbpath", "var/lib/rpm"))
+ path = os.path.join(dbdir, "Packages")
digest = os.path.getmtime(path)
if digest == self._digest:
return True
diff --git a/smart/plugins/detectsys.py b/smart/plugins/detectsys.py
index 2cd49ad..3959d07 100644
--- a/smart/plugins/detectsys.py
+++ b/smart/plugins/detectsys.py
@@ -20,10 +20,11 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
from smart import *
+from smart.backends.rpm.base import rpm_join_dbpath
import os
def detectRPMSystem():
- dir = os.path.join(sysconf.get("rpm-root", "/"),
+ dir = rpm_join_dbpath(sysconf.get("rpm-root", "/"),
sysconf.get("rpm-dbpath", "var/lib/rpm"))
file = os.path.join(dir, "Packages")
if os.path.exists(file):

View File

@ -1,20 +0,0 @@
Set NOPROGRESS for pycurl just as same as default operation in pycurl module itself.
If set NOPROGRESS with 0 for pycurl, it causes dead lock issue of Python GIL when
call smart library by python gui just like pygtk.
Upstream-Status: Pending
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
diff -u smart-1.4.1/smart.orig/fetcher.py smart-1.4.1/smart/fetcher.py
--- smart-1.4.1/smart.orig/fetcher.py 2014-07-15 16:42:19.240437080 +0800
+++ smart-1.4.1/smart/fetcher.py 2014-07-15 17:02:37.812470289 +0800
@@ -1720,7 +1720,7 @@
handle.setopt(pycurl.OPT_FILETIME, 1)
handle.setopt(pycurl.LOW_SPEED_LIMIT, 1)
handle.setopt(pycurl.LOW_SPEED_TIME, SOCKETTIMEOUT)
- handle.setopt(pycurl.NOPROGRESS, 0)
+ handle.setopt(pycurl.NOPROGRESS, 1)
handle.setopt(pycurl.PROGRESSFUNCTION, progress)
handle.setopt(pycurl.WRITEDATA, local)
handle.setopt(pycurl.FOLLOWLOCATION, 1)

View File

@ -1,96 +0,0 @@
From f6a853cf8138c7e01b6e093b783f97639b033420 Mon Sep 17 00:00:00 2001
From: Don Penney <don.penney@windriver.com>
Date: Thu, 2 Jun 2016 15:57:42 -0400
Subject: [PATCH 1/1] Support rpm4
Cloned from http://lists.openembedded.org/pipermail/openembedded-core/2014-September/097610.html
---
smart/backends/rpm/base.py | 12 ++++++++----
smart/backends/rpm/pm.py | 40 ++++++++++++++++++++++++----------------
2 files changed, 32 insertions(+), 20 deletions(-)
diff --git a/smart/backends/rpm/base.py b/smart/backends/rpm/base.py
index 7140c1b..d720617 100644
--- a/smart/backends/rpm/base.py
+++ b/smart/backends/rpm/base.py
@@ -338,10 +338,14 @@ class RPMObsoletes(Depends):
_SCOREMAP = {}
def getArchScore(arch, _sm=_SCOREMAP):
- if arch not in _sm:
- score = rpm.archscore(arch)
- _sm[arch] = score
- return _sm.get(arch, 0)
+ try:
+ rpm.platformscore(arch)
+ if arch not in _sm:
+ score = rpm.archscore(arch)
+ _sm[arch] = score
+ return _sm.get(arch, 0)
+ except AttributeError:
+ return 1
# TODO: Embed color into nameprovides and obsoletes relations.
_COLORMAP = {"noarch": 0, "x86_64": 2, "ppc64": 2, "s390x": 2, "sparc64": 2}
diff --git a/smart/backends/rpm/pm.py b/smart/backends/rpm/pm.py
index 2e5b2c3..cc75dcc 100644
--- a/smart/backends/rpm/pm.py
+++ b/smart/backends/rpm/pm.py
@@ -106,22 +106,25 @@ class RPMPackageManager(PackageManager):
flags |= rpm.RPMTRANS_FLAG_TEST
ts.setFlags(flags)
- dflags = ts.setDFlags(0)
- if sysconf.get("rpm-noupgrade", False):
- dflags |= rpm.RPMDEPS_FLAG_NOUPGRADE
- if sysconf.get("rpm-norequires", False):
- dflags |= rpm.RPMDEPS_FLAG_NOREQUIRES
- if sysconf.get("rpm-noconflicts", False):
- dflags |= rpm.RPMDEPS_FLAG_NOCONFLICTS
- if sysconf.get("rpm-noobsoletes", False):
- dflags |= rpm.RPMDEPS_FLAG_NOOBSOLETES
- if sysconf.get("rpm-noparentdirs", False):
- dflags |= rpm.RPMDEPS_FLAG_NOPARENTDIRS
- if sysconf.get("rpm-nolinktos", False):
- dflags |= rpm.RPMDEPS_FLAG_NOLINKTOS
- if sysconf.get("rpm-nosuggest", False):
- dflags |= rpm.RPMDEPS_FLAG_NOSUGGEST
- ts.setDFlags(dflags)
+ try:
+ dflags = ts.setDFlags(0)
+ if sysconf.get("rpm-noupgrade", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOUPGRADE
+ if sysconf.get("rpm-norequires", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOREQUIRES
+ if sysconf.get("rpm-noconflicts", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOCONFLICTS
+ if sysconf.get("rpm-noobsoletes", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOOBSOLETES
+ if sysconf.get("rpm-noparentdirs", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOPARENTDIRS
+ if sysconf.get("rpm-nolinktos", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOLINKTOS
+ if sysconf.get("rpm-nosuggest", False):
+ dflags |= rpm.RPMDEPS_FLAG_NOSUGGEST
+ ts.setDFlags(dflags)
+ except AttributeError, ae:
+ pass
# Set rpm verbosity level.
levelname = sysconf.get('rpm-log-level')
@@ -235,6 +238,11 @@ class RPMPackageManager(PackageManager):
if sysconf.get("rpm-ignoresize", False):
probfilter |= rpm.RPMPROB_FILTER_DISKNODES
probfilter |= rpm.RPMPROB_FILTER_DISKSPACE
+ try:
+ # Test for RPM5 function
+ rpm.platformscore("")
+ except AttributeError:
+ probfilter |= rpm.RPMPROB_FILTER_IGNOREARCH
if force or reinstall:
probfilter |= rpm.RPMPROB_FILTER_REPLACEPKG
--
1.8.3.1

View File

@ -1,30 +0,0 @@
backends/rpm: remove creation of /var/tmp
This doesn't appear to be needed, and breaks installation of base-files
in OpenEmbedded (since that is a symlink installed as part of the
package).
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
diff --git a/smart/backends/rpm/base.py b/smart/backends/rpm/base.py
index 234c844..127354d 100644
--- a/smart/backends/rpm/base.py
+++ b/smart/backends/rpm/base.py
@@ -82,12 +82,6 @@ def getTS(new=False):
else:
iface.warning(_("Initialized new rpm database at %s")
% getTS.root)
- tmpdir = os.path.join(getTS.root, "var/tmp")
- if not os.path.isdir(tmpdir):
- try:
- os.makedirs(tmpdir)
- except OSError:
- pass
if new:
if sysconf.get("rpm-dbpath"):
rpm.addMacro('_dbpath', "/" + sysconf.get("rpm-dbpath"))
--
1.7.9.5

View File

@ -1,86 +0,0 @@
Print a more friendly error if YAML output is requested without PyYAML
Upstream-Status: Pending
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
diff --git a/smart/commands/channel.py b/smart/commands/channel.py
index 63fbb35..108f3f1 100644
--- a/smart/commands/channel.py
+++ b/smart/commands/channel.py
@@ -339,7 +339,10 @@ def main(ctrl, opts):
print
if opts.yaml is not None:
- import yaml
+ try:
+ import yaml
+ except ImportError:
+ raise Error, _("Please install PyYAML in order to use this function")
yamlchannels = {}
for alias in (opts.yaml or sysconf.get("channels", ())):
channel = sysconf.get(("channels", alias))
diff --git a/smart/commands/config.py b/smart/commands/config.py
index 4fe4366..aa1db78 100644
--- a/smart/commands/config.py
+++ b/smart/commands/config.py
@@ -137,7 +137,10 @@ def main(ctrl, opts):
pprint.pprint(sysconf.get((), hard=True))
if opts.yaml is not None:
- import yaml
+ try:
+ import yaml
+ except ImportError:
+ raise Error, _("Please install PyYAML in order to use this function")
if opts.yaml:
marker = object()
for opt in opts.yaml:
diff --git a/smart/commands/flag.py b/smart/commands/flag.py
index ed18999..8b90496 100644
--- a/smart/commands/flag.py
+++ b/smart/commands/flag.py
@@ -138,7 +138,10 @@ def main(ctrl, opts):
print
if opts.yaml is not None:
- import yaml
+ try:
+ import yaml
+ except ImportError:
+ raise Error, _("Please install PyYAML in order to use this function")
yamlflags = {}
for flag in opts.yaml or pkgconf.getFlagNames():
flag = flag.strip()
diff --git a/smart/commands/mirror.py b/smart/commands/mirror.py
index ca50a95..f7b019d 100644
--- a/smart/commands/mirror.py
+++ b/smart/commands/mirror.py
@@ -218,7 +218,10 @@ def main(ctrl, opts):
print
if opts.yaml:
- import yaml
+ try:
+ import yaml
+ except ImportError:
+ raise Error, _("Please install PyYAML in order to use this function")
yamlmirrors = {}
mirrors = sysconf.get("mirrors", ())
for origin in mirrors:
diff --git a/smart/commands/priority.py b/smart/commands/priority.py
index d850d29..441ea32 100644
--- a/smart/commands/priority.py
+++ b/smart/commands/priority.py
@@ -117,7 +117,10 @@ def main(ctrl, opts):
print
elif opts.yaml:
- import yaml
+ try:
+ import yaml
+ except ImportError:
+ raise Error, _("Please install PyYAML in order to use this function")
yamlpriorities = {}
priorities = sysconf.get("package-priorities", {})
for name in opts.args or priorities:

View File

@ -1,46 +0,0 @@
RPM5 has removed support for RPMVSF_NOSIGNATURES
Patch smart to no longer use this flag
Upstream-Status: Pending
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
diff -ur smart-1.4.1.orig/smart/backends/rpm/base.py smart-1.4.1/smart/backends/rpm/base.py
--- smart-1.4.1.orig/smart/backends/rpm/base.py 2012-10-04 11:22:11.229351164 -0500
+++ smart-1.4.1/smart/backends/rpm/base.py 2012-10-04 11:22:44.820170786 -0500
@@ -53,8 +53,8 @@
if sysconf.get("rpm-dbpath"):
rpm.addMacro('_dbpath', "/" + sysconf.get("rpm-dbpath"))
getTS.ts = rpm.ts(getTS.root)
- if not sysconf.get("rpm-check-signatures", False):
- getTS.ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
+ #if not sysconf.get("rpm-check-signatures", False):
+ # getTS.ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
rpm_dbpath = sysconf.get("rpm-dbpath", "var/lib/rpm")
dbdir = os.path.join(getTS.root, rpm_dbpath)
if not os.path.isdir(dbdir):
@@ -82,8 +82,8 @@
if sysconf.get("rpm-dbpath"):
rpm.addMacro('_dbpath', "/" + sysconf.get("rpm-dbpath"))
ts = rpm.ts(getTS.root)
- if not sysconf.get("rpm-check-signatures", False):
- ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
+ #if not sysconf.get("rpm-check-signatures", False):
+ # ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
return ts
else:
return getTS.ts
diff -ur smart-1.4.1.orig/smart/plugins/yumchannelsync.py smart-1.4.1/smart/plugins/yumchannelsync.py
--- smart-1.4.1.orig/smart/plugins/yumchannelsync.py 2010-12-06 03:11:05.000000000 -0600
+++ smart-1.4.1/smart/plugins/yumchannelsync.py 2012-10-04 11:23:09.799350924 -0500
@@ -56,7 +56,8 @@
rpmroot = sysconf.get("rpm-root", "/")
ts = rpmUtils.transaction.initReadOnlyTransaction(root=rpmroot)
- ts.pushVSFlags(~(rpm._RPMVSF_NOSIGNATURES|rpm._RPMVSF_NODIGESTS))
+ #ts.pushVSFlags(~(rpm._RPMVSF_NOSIGNATURES|rpm._RPMVSF_NODIGESTS))
+ ts.pushVSFlags(~(rpm._RPMVSF_NODIGESTS))
releasever = None
# HACK: we're hard-coding the most used distros, will add more if needed
idx = ts.dbMatch('provides', 'fedora-release')

View File

@ -1,82 +0,0 @@
Summary: The Smart Package Manager
Name: python-smartpm
Version: 1.4.1
Release: 0%{?_tis_dist}.%{tis_patch_ver}
License: GPLv2
Group: devel/python
Packager: Wind River <info@windriver.com>
URL: http://labix.org/smart/
Source0: %{name}-%{version}.tar.gz
#OVP Patches
#Patch00: smartpm-rpm5-nodig.patch
Patch01: smart-rpm-root.patch
Patch02: smart-recommends.patch
Patch03: smart-rpm-extra-macros.patch
Patch04: smart-dflags.patch
Patch05: smart-rpm-md-parse.patch
Patch06: smart-tmpdir.patch
Patch07: smart-metadata-match.patch
Patch08: smart-improve-error-reporting.patch
Patch09: smart-multilib-fixes.patch
Patch10: smart-yaml-error.patch
Patch11: smart-channelsdir.patch
Patch12: smart-conflict-provider.patch
Patch13: smart-flag-ignore-recommends.patch
Patch14: smart-flag-exclude-packages.patch
Patch15: smart-config-ignore-all-recommends.patch
Patch16: smart-attempt.patch
Patch17: smart-filename-NAME_MAX.patch
Patch18: smart-add-for-rpm-ignoresize-check.patch
Patch19: smart-set-noprogress-for-pycurl.patch
#WRS Patches
Patch20: commit_transaction_error_handling.patch
Patch21: smart-support-rpm4.patch
BuildArch: x86_64
BuildRequires: python
BuildRequires: python-devel
BuildRequires: gettext
BuildRequires: rpm
Requires: python
Requires: python-devel
# Note: centos has RPM 4.11.3 WR was using 5.4.9
Requires: rpm
Requires: rpm-python
%description
The Smart Package Manager project has the ambitious objective of creating
smart and portable algorithms for solving adequately the problem of
managing software upgrades and installation.
%prep
%autosetup -p 1 -n smart-%{version}
# Remove bundled egg-info
rm -rf %{name}.egg-info
%build
%{__python2} setup.py build
%install
%{__python2} setup.py install --skip-build --root %{buildroot}
# WRS Note:
# python2_sitelib is not correct for this package.
# This SPEC looks under /usr/lib but needs to look under /usr/lib64
# The files section is hardcoded to handle this
%files
%license LICENSE
%{_bindir}/smart
#%{python2_sitelib}/smart
/usr/lib64/python2.7/site-packages/smart
#%{python2_sitelib}/*.egg-info
/usr/lib64/python2.7/site-packages/*.egg-info
/usr/share/locale
/usr/share/man

View File

@ -1,37 +0,0 @@
---
smart/backends/rpm/pm.py | 10 ++++++++++
1 file changed, 10 insertions(+)
--- a/smart/backends/rpm/pm.py
+++ b/smart/backends/rpm/pm.py
@@ -283,6 +283,8 @@ class RPMPackageManager(PackageManager):
prog.setDone()
if probs and (not retry):
raise Error, "\n".join([x[0] for x in probs])
+ if cb.errors > 0:
+ raise Error, "One or more errors occurred during transaction"
prog.stop()
if retry and len(changeset):
self.commit(changeset, pkgpaths)
@@ -297,6 +299,7 @@ class RPMCallback:
self.rpmoutbuffer = ""
self.lasttopic = None
self.topic = None
+ self.errors = 0
def grabOutput(self, flag):
if flag:
@@ -415,6 +418,13 @@ class RPMCallback:
self.prog.setSubDone(subkey)
self.prog.show()
+ elif what == rpm.RPMCALLBACK_SCRIPT_ERROR:
+ self.errors += 1
+ elif what == rpm.RPMCALLBACK_UNPACK_ERROR:
+ self.errors += 1
+ elif what == rpm.RPMCALLBACK_CPIO_ERROR:
+ self.errors += 1
+
from smart.backends.rpm.base import rpm, getTS
# vim:ts=4:sw=4:et