IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Instead of requiring unsuspecting kernel maintainers to add
`%add_findprov_skiplist /usr/lib/debug/.build-id/*` to workaround
symlink "problem" we created ourselves.
Fixes: b881ebe36 ("debuginfo: Do not save uncompressed modules into debuginfo package")
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
A single script that reports with `shellcheck --severity=error`:
"SC2066 (error): Since you double quoted this, it will not word split,
and the loop will only run once."
I bet this is intentional.
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Save some space.
`.ko.debug` is enough. crash(8) (mod -s) and gdb (lx-symbols or file)
only need .ko.debug to load the symbols, for an _already_ loaded modules.
We won't be able to load the module directly into gdb (with `file x.ko`)
but we can load `x.ko.debug` in that case, or just uncompress it for
rare remaining cases.
Fedora and OpenSUSE also do not keep uncompressed files in -debuginfo
package, having non-.debug `.build-id` symlinks pointing to the air at
would-be-uncompressed `.ko` filename. Are there better ideas?
For 6.12 this install 4908 broken symlinks for zstd compressed kmodules.
Thus, messages flood the build log:
find-provides: broken symbolic link /usr/src/tmp/kernel-image-6.12-buildroot/usr/lib/debug/.build-id/00/00ab26023bd664d7d14e851448aafdc50c21e9 -> ../../../../../lib/modules/6.12.0-6.12-alt0.rc4/kernel/drivers/usb/usbip/usbip-core.ko is not going to provide anything
This helps:
%add_findprov_skiplist /usr/lib/debug/.build-id/*
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Various routines in this project have special treatment for PAM modules.
Let's look for PAM modules at %_libdir/security in addition to
/%_lib/security.
Link: https://altlinux.org/Usrmerge
While we have changed the default PATH to list /usr/bin before /bin,
etc., we forgot to fix the various custom PATHs in this package. After
this package was rebuilt in filesystem 3 environment, the core macros
went awry.
For now, we try to replicate the documented previous ALT behaviour.
As the packaging hacks needed to move files out of /usr are gradually
removed from specs, those paths and the related inter-package
dependencies will likely move to /usr as well, but that is a further
task.
Reported-by: Nikolay A. Fetisov <naf@altlinux.org>
Link: https://bugzilla.altlinux.org/50527
Link: https://altlinux.org/Usrmerge
Even if we come across an environment where `id -u` is not supported,
the required patch would be around 7 lines long centered around
printf("%d\n", geteuid());
, maybe PRIu32 instead of "%d" or however it is spelled.
- vt@:
+ Allowed env shebang with split-string arguments (ALT#50059).
- shaba@:
+ systemd-services.req.files: add /usr/lib/systemd/system for system units,
since that is a valid unit file location on merged-usr systems.
Check for -S/--split-string= options, former could be (out of all
other options) prefixed only with `i`.
For now, this covers only the simplest cases where the first non-blank
word is the command name itself.
NB: /usr/bin/env -v is deliberately not supported.
Link: https://bugzilla.altlinux.org/50059
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
- brp: Added brp-dupe-bin module to help fix ~20 packages for usrmerge (thx
obirvalger@).
- tools: New tool: remappath2.
- Re-implemented CanonPath() using remappath2. This allows to skip following
some symlinks during path component resolution, so find-requires does not
generate dependencies on e. g. /usr/bin/sh.
If e.g. /bin is a symbolic link, it is canonicalized into /usr/bin, so
packages get auto-generated dependencies on paths like /usr/bin/sh and
/usr/sbin/blkid.
Here is an example error message:
The following packages have unmet dependencies:
chrooted: Depends: /usr/bin/sh but it is not installable
PreDepends: /usr/bin/sh but it is not installable
E: Broken packages
hsh-install: Failed to calculate package file list.
hsh-install: Failed to generate package file list.
Try to work around this by replacing the current sorta-canonicalization
written in shell with a small C program which implements an algorithm
akin to realpath. It deviates from `realpath` and `readlink -e` in 3
following ways:
* it allows all path components to be missing, like `readlink -m` and
like the previous CanonPath impl);
* it ignores the last path component even if it is present, like the
previous CanonPath impl;
* it reserves the right to not follow some symlinks as each path
component is traversed: if the component is a symbolic link and is
present in the ignore-list (we set it to /bin and /sbin for now), the
link is not followed.
Here are some observations on a merged-usr system:
bash-5.2# readlink -vm -- /bin/sh
/usr/bin/sh5
bash-5.2# /bin/sh -ec '. /usr/lib/rpm/functions; CanonPath /bin/sh'
/usr/bin/sh
bash-5.2# /usr/lib/rpm/remappath2 '/bin:/sbin' /bin/sh
/bin/sh
bash-5.2# readlink -vm -- /bin/ping
/usr/libexec/ping/ping
bash-5.2# /bin/sh -ec '. /usr/lib/rpm/functions; CanonPath /bin/ping'
/usr/bin/ping
bash-5.2# /usr/lib/rpm/remappath2 '/bin:/sbin' /bin/ping
/bin/ping
bash-5.2# readlink -vm -- /sbin/blkid
/usr/sbin/blkid
bash-5.2# /bin/sh -ec '. /usr/lib/rpm/functions; CanonPath /sbin/blkid'
/usr/sbin/blkid
bash-5.2# /usr/lib/rpm/remappath2 '/bin:/sbin' /sbin/blkid
/sbin/blkid
Also, explicitly add -D_FILE_OFFSET_BITS=64 to the remappath2 tool's
cflags.
Some packages in Sisyphus install files both under %_prefix and outside
it in subdirectories of /, e. g. in both /bin and /usr/bin, or in /sbin
and /usr/sbin. Those packages must be installable into both unmerged and
merged-usr hierarchies and still work correctly. Most of the packages
can be adapted for use on both hierarchies, if they are rebuilt with
rpm-build with this brp module, with no spec changes required.
This brp module ensures that files under %buildroot/bin and %buildroot/usr/bin
are a copy of each other. If one of them is a symbolic link to another,
it is replaced by a copy of its target. If different files of the same
type are found inside the buildroot, it fails the build.
Likewise for %buildroot/sbin.
This approach has the following advantages:
- The resulting package can be installed on a split-usr hierarchy. We
cannot use hard links, since our RPM can not auto-replace them while
installing in an environment where hard link targets are to be on
different storage sources (aka "split-usr").
- Most of packages in the repo should be installed in both hierarchies
as is or after rebuild.
The single worst disadvantage is disk space requirements: we store 2
copies in the cpio of product rpms and 2 copies while installed on an
unmerged-usr hierarchy. We hope that this is not too bad: the copied
files themselves are not that big, the cpio in a package file is
compressed, and the eventual upgrade of filesystem < 3 is much less
likely to hit disk space limits.
As for files in /lib*, it is unlikely for packages in the repository to
depend on their particular location, so there is no need to put links or
copies both outside %_prefix and in %_prefix; all the packages with
file conflicts exclusive to merged-usr setups are fixed already.
This module can be safely disabled or removed when we eventually drop
support for unmerged-usr hierarchies.
Link: https://altlinux.org/Usrmerge
- george@:
+ scripts/brp-fix-perms.in: Fixed systemd units and man/info permissions.
+ scripts/brp-verify-unit.in: Dropped validation of already fixed permissions.
+ scripts/brp-compress.in: Moved permission fix to brp-fix-perms.
- scripts/brp-fix-perms.in: fix systemd units and man/info permissions
- scripts/brp-verify-unit.in: drop validation of already fixed permissions
- scripts/brp-compress.in: move permission fix to brp-fix-perms
Provide a section in brp-fix-perms for cleaning out x, s and t bits from
files not supposed to have them, particularly, systemd unit files, info
and man pages (actually, all files from /**/man/** are processed, presumably
they do not need those bits). Remove permission validation from
brp-verify-unit, considering having those bits on unit files is not an
error. Move permission fix from brp-compress (it appears that no files
in %_compress_skiplist have been fixed, which is slightly wrong), to
the corresponding place in brp-fix-perms.
It is not that easy to ship find-package as part of rpm-build.
We have to drop find-package from the filelist of rpm as well. For this
change to enter Sisyphus, both rpm-build and rpm have to be changed and
rebuilt in their own base build chroots.
If rpm-build is built to include find-package first, rpm is
uninstallable in the base chroot due to a misconflict, so it cannot be
rebuilt.
If rpm is built to exclude find-package first, it disappears from the
base chroot altogether, making rpm-build break, so no
package can be built as well.
In an environment created by `hsh --initroot-only`:
$ for i in /usr/lib/rpm/*; do rpm -qf --qf='%{name}: '"$i"'\n' "$i"; done | grep '^rpm:'
rpm: /usr/lib/rpm/0ldconfig.filetrigger
rpm: /usr/lib/rpm/GROUPS
rpm: /usr/lib/rpm/find-package
rpm: /usr/lib/rpm/functions
rpm: /usr/lib/rpm/macros.d
rpm: /usr/lib/rpm/pdeath_execute
rpm: /usr/lib/rpm/platform
rpm: /usr/lib/rpm/posttrans-filetriggers
rpm: /usr/lib/rpm/postupdate
rpm: /usr/lib/rpm/rpmd
rpm: /usr/lib/rpm/rpmdb_loadcvt
rpm: /usr/lib/rpm/rpme
rpm: /usr/lib/rpm/rpmi
rpm: /usr/lib/rpm/rpmk
rpm: /usr/lib/rpm/rpmpopt-4.13.0.1
rpm: /usr/lib/rpm/rpmq
rpm: /usr/lib/rpm/rpmu
rpm: /usr/lib/rpm/rpmv
The `scripts/find-package` file is installed from the rpm project. We
replace our copy with that one, so the installed file does not change
but is installed as part of rpm-build.
In an environment created by `hsh --initroot-only`:
$ for i in /usr/lib/rpm/*; do rpm -qf --qf='%{name}: '"$i"'\n' "$i"; done | grep '^rpm:'
rpm: /usr/lib/rpm/0ldconfig.filetrigger
rpm: /usr/lib/rpm/GROUPS
rpm: /usr/lib/rpm/find-package
rpm: /usr/lib/rpm/functions
rpm: /usr/lib/rpm/macros.d
rpm: /usr/lib/rpm/pdeath_execute
rpm: /usr/lib/rpm/platform
rpm: /usr/lib/rpm/posttrans-filetriggers
rpm: /usr/lib/rpm/postupdate
rpm: /usr/lib/rpm/rpmd
rpm: /usr/lib/rpm/rpmdb_loadcvt
rpm: /usr/lib/rpm/rpme
rpm: /usr/lib/rpm/rpmi
rpm: /usr/lib/rpm/rpmk
rpm: /usr/lib/rpm/rpmpopt-4.13.0.1
rpm: /usr/lib/rpm/rpmq
rpm: /usr/lib/rpm/rpmu
rpm: /usr/lib/rpm/rpmv
The `scripts/functions` file is provided from the rpm project in real
installations. Let's ensure scripts in this package use the functions
file from this package.
- debuginfo: Changed compression format (--lzma2=dict=2MiB ->
--check=crc32 --lzma2=dict=1MiB) of xz-compressed modules for compatibility
with kmod >= 31 (thx asheplyakov@).
- Introduced brp-verify-unit to check sanity of systemd units included
in built packages.
It is intended to check the sanity of systemd units installed in the
buildroot. As of today, it errors out on executable unit files and units
passing nobody as User=, Group= or in SupplementaryGroups=.
Linux kernel supports the direct loading of compressed modules
(via finit_module system call) since version 5.15. However
decompression options are less flexible (and are set at
the compile time). In particular kernel can read lzma archives
only with a dictionary size exactly 1 MiB, and crc32 checksum.
kmod started to make use of direct module loading since version
31. However kmod does not fall back to decompressing in the userspace
if the kernel compressed modules, which causes serious troubles
(boot failures, some devices not working, etc).
To avoid the problem teach process-debuginfo.in to re-compress
kernel modules correctly (crc32 checksum, 1 MiB dictionary)
so the kernel can load them directly.
Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fbf5892df21a8ccfcb2fda0fd65bc3169c89ed28
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
crash is unable to handle vmlinux split into vmlinux.debug because it
cannot find `.symtab`[1]. This is not expected to be fixed soon.
Really, there is not point to split it because both halves are in
the same -debuginfo package and this is only complicates things.
This also undoes approach taken in 894f4140c ("process-debuginfo: Add
.gnu_debuglink symlink for vmlinux").
Link: https://github.com/crash-utility/crash/issues/160
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
`eu-strip --strip-all` started to strip .symtab for un-def kernel
triggering different code path in crash(8) thus making it follow
value of `.gnu_debuglink` section and miss vmlinux.debug.
Also, this seems to be more portable overall - we can find vmlinux by
prepending `/usr/lib/debug` or by appending `.debug`.
With educated guess we assume eu-strip will put "BASENAME.debug" in
`.gnu_debuglink`.
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Original commit message:
- This allows much nicer handling some common scenarios such as
upstream pre-releases where the pre-release version would normally
appear newer than final release, eg 1.0-rc1 vs 1.0. Previously this
required mapping the pre-release tag into the release tag to achieve
desired sorting, with tilde this becomes simply 1.0~rc1 < 1.0.
- Add a rpmlib() tracking dependency to prevent older rpm versions
from getting confused with packages relying on the new behavior.
Picked: db28221a4a ("Add support for dpkg-style sorting of tilde in version/release")
Authored-by: Michael Schroeder <mls@suse.de>
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Picked: 8002b3f985 ("Spelling fixes.")
Authored-by: Ville Skyttä <ville.skytta@iki.fi>
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Link: https://bugzilla.altlinux.org/46585
[ vt: Change to parseRCPOT is not applied because no rpmCharCheck call.
Unsupported RPM tags (ORDERVERSION, SUGGESTSVERSION, ENHANCESVERSION)
are removed. haveTildeDep is reworked because we don't have headerGet
API. ]
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
- Added the new %_runstatedir macro as an alias to %_runtimedir (ALT#46988).
- Modified the behavior of the %configure macro (ALT#46988):
+ to pass the --runstatedir option when it is supported by the configure
script;
+ to disable detection and passing of the --runstatedir if the
%_configure_use_runstatedir macro is undefined.
During %configure, the --runstatedir option will be automatically passed
to the configure script if it is supported. However, in certain
scenarios where the package contains multiple configure scripts that
invoke each other, the detection of --runstatedir support may fail.
This can happen when only some of the scripts support the --runstatedir
option. To address this issue and prevent the automatic passing of
--runstatedir, you can use the following in the spec file of the package
specfile:
%undefine _configure_use_runstatedir
This change is inspired by Fedora's redhat-rpm-config package,
specifically from the following commits:
* c0d2923: Added the "runstatedir" option to configure macros (authored
by Frederic Berat).
* f857d65: Introduced %_configure_use_runstatedir to disable the usage
of --runstatedir during configuration (authored by Florian Weimer).
The key distinction in this implementation is that it will issue a
warning in case the configure script doesn't support the --runstatedir
argument.
- rpm-build: provided_symbols: switched to eu-readelf to fix missing provides
for symbols with peculiar bits that affect the output format of readelf from
the binutils package (ALT#46447).
This script is designed to ignore lines that don't follow the expected
format, but it is widely known that the output format of readelf utility
from the binutils project can be quite unreliable. The output format
may vary on certain architectures and ELFs created with certain build
tools may contain symbols with peculiar bits that affect the output.
Here is a couple of examples illustrating these issues:
* On PowerPC, ELF symbols frequently include the localentry bit.
For instance:
$ readelf --wide --dyn-syms /lib64/libcrypto.so.1.1 | grep ASN1_VISIBLESTRING_new
157: 00000000000938c0 60 FUNC GLOBAL DEFAULT [<localentry>: 8] 11 ASN1_VISIBLESTRING_new@@OPENSSL_1_1_0
* On x86_64, a proprietary blob /usr/lib64/libjcPKCS11ds.so (distributed
as an ELF) and on armh /usr/lib/libLLVM-16.so, contain symbols with
OS-specific bits:
$ readelf --wide --dyn-syms /usr/lib64/libjcPKCS11ds.so | grep _ZNSt7collateIwE2idE
2572: 00000000002df9c8 8 OBJECT <OS specific>: 10 DEFAULT 26 _ZNSt7collateIwE2idE
$ readelf --wide --dyn-syms /usr/lib/libLLVM-16.so | grep _ZN4llvm13AllAnalysesOnINS_6ModuleEE6SetKeyE
45060: 05af0478 8 OBJECT <OS specific>: 10 DEFAULT 26 _ZN4llvm13AllAnalysesOnINS_6ModuleEE6SetKeyE@@LLVM_16
The issue related to PowerPC localentry bits was resolved in the commit
4f4a1d146 ("lib.prov, lib.req: enhance ProvidedSymbols") a long time
ago. The issue related to OS-specific bits was discovered recently [1].
Instead of attempting to resolve the output issues of binutils' readelf
utility concerning OS-specific bits, it is more convenient to use
readelf from elfutils. It has more reliable output (including the
handling of the cases described earlier) and is extensively utilized
within the project anyway.
[1] https://bugzilla.altlinux.org/46447
Reported-by: Konstantin A. Lepikhov <lakostis@altlinux.ru>
Reported-by: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
Fixes: https://bugzilla.altlinux.org/46447