Commit Graph

2066 Commits

Author SHA1 Message Date
232c7538e1 brp-check_contents: enable strict error checking
As the test rebuild of all packages in Sisyphus repository has shown
no false positives, it's safe to enable strict error checking.
2017-10-26 14:19:58 +00:00
877b43c83e 4.0.4-alt104
- Introduced brp-check_contents.
2017-10-25 03:16:59 +00:00
7a81369647 Introduce brp-check_contents
Add a brp interface for checking contents of files in buildroot.
The initial revision of brp-check_contents scripts checks
for suspicious path names like /var/lib/run, complementing
the change introduced in sisyphus_check-0.8.43-alt1.
2017-10-25 03:16:59 +00:00
baee9cdb9c 4.0.4-alt103
- When scanning files for deps, debuginfo, fixup, and verify_elf,
  ignore ELF files generated by GNU Guile.
2017-04-18 16:50:48 +00:00
696f192aea scripts: ignore ELF shared objects with "no" machine type
When scanning files for deps, debuginfo, fixup, and verify_elf,
ignore files with type that matches "ELF * shared object, no machine, *"
pattern.

These are ELF files generated by GNU Guile, ignore them for now.
2017-04-18 16:42:41 +00:00
8331557f70 4.0.4-alt102
- verify-elf: fixed passing of LD_PRELOAD in verify_unresolved.
2017-01-14 13:42:53 +00:00
a95f23ef1a verify-elf: fix passing of LD_PRELOAD in verify_unresolved
In verify_unresolved(), do not preload requested objects to $elf_ldd
directly because the latter is not an ELF interpreter but a shell
script.  Instead, pass the list of objects that have to be preloaded
to $elf_ldd script which in turn assigns it to LD_PRELOAD variable
in the ELF interpreter invocation.
2017-01-14 13:42:53 +00:00
e8c780c2b0 Disable build and install of unpackaged files
These are no longer packaged anyway, so no need to bother.
2017-01-14 13:42:53 +00:00
e0e8952034 Disable build of static libraries and executables
These are no longer packaged anyway, so no need to bother.
2017-01-14 13:42:53 +00:00
4ab56b3647 rpmio: fix potential buffer overflow in Fdopen
In file included from /usr/include/string.h:648:0,
                 from ../system.h:76,
                 from rpmio.c:6:
In function 'strncat',
    inlined from 'Fdopen' at rpmio.c:3473:5:
/usr/include/bits/string3.h:158:10: warning: call to __builtin___strncat_chk might overflow destination buffer
   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
2017-01-14 13:42:53 +00:00
Gleb Fotengauer-Malinovskiy
509272d41b 4.0.4-alt101
- verify-elf: made verify_lfs check shared objects too.
- Relaxed check for gcc package name in {cpp,pkgconfiglib}.req generators.
- rpm-build: add R: rpmspec.
2016-12-20 20:29:45 +03:00
Gleb Fotengauer-Malinovskiy
6409cf5038 Relax check for gcc package name in {cpp,pkgconfiglib}.req generators 2016-12-20 17:49:07 +03:00
Gleb Fotengauer-Malinovskiy
cec71f3fbf verify-elf: make verify_lfs check libraries too
Previously, verify_lfs checked if object has valid interpreter, but it
doesn't make sense in case of shared objects.  verify_lfs check is valid
for all ELFs linked with libraries supporting both LFS and non-LFS API
(libc.so and libz.so in our case).
2016-12-20 15:31:10 +03:00
Gleb Fotengauer-Malinovskiy
c90b86d89b 4.0.4-alt100.99
- Fixed non-LFS check in verify-elf.
- Dropped fake provides made for rpm 4.13.0 bootstrap.
2016-12-19 17:07:39 +03:00
Gleb Fotengauer-Malinovskiy
ccc38e9d0a Revert "Add fake provides for librpm{,build}"
Bootstrap of rpm-4.13.0 is now complete, we can drop this fake provides.

This reverts commit 477fe329f3.
2016-12-19 17:03:57 +03:00
Gleb Fotengauer-Malinovskiy
0270311591 Fix generation of verify-elf-non-lfs-funcs.list
If there were both `func' and `func'64, `func' was considered non-LFS.
Unfortunately, that approach missed functions like fts64_* and
readdir64_r.
2016-12-19 16:55:34 +03:00
Gleb Fotengauer-Malinovskiy
ad5193bd04 4.0.4-alt100.98
- Restored rpmpopt file.
2016-12-16 19:44:28 +03:00
Gleb Fotengauer-Malinovskiy
ecd20cdbb6 4.0.4-alt100.97
- fixup-libraries: fixed recognition of PIEs (ldv@).
- verify-elf: treat PIEs as executables in the check for unresolved symbols (ldv@).
- Disabled rpm's installer part.
- Built rpm-build in "compat" mode with rpm-4.13.
2016-12-08 19:24:36 +03:00
Gleb Fotengauer-Malinovskiy
477fe329f3 Add fake provides for librpm{,build}
This change is needed only for rpm-4.13+rpmbuild-4.0.4 bootstrap.
2016-12-08 19:24:36 +03:00
Gleb Fotengauer-Malinovskiy
2781e0f2af Disable sisyphus_check dirlist test for /usr/lib/rpm
This directory now belongs to both librpm and librpm7.
2016-12-08 19:24:36 +03:00
Gleb Fotengauer-Malinovskiy
3691deca51 Rename macros and rpmrc to buildmacros and rpmbuildrc
This change is needed only for rpm-4.13+rpmbuild-4.0.4 bootstrap.
Files in rpm-4.13 can and should be compatible with rpmbuild-4.0.4 and
vice versa.
2016-12-08 19:23:33 +03:00
Gleb Fotengauer-Malinovskiy
7f429ba6da macros.in: change default database configuration to btree 2016-12-08 19:18:21 +03:00
Gleb Fotengauer-Malinovskiy
d32a8374b4 Build only rpm-build, librpm and librpmbuild packages 2016-12-08 19:18:21 +03:00
a4fb4d42e7 verify-elf (verify_unresolved): treat PIEs as executables 2016-12-07 11:30:44 +00:00
8c1f9d589b Move "is this ELF shared object an executable" check to a separate script
* configure.ac (AC_OUTPUT): Add scripts/fixup-libraries.
* rpm-4_0.spec (%files build): Add %_rpmlibdir/is_elf_so_executable.
* scripts/is_elf_so_executable: New file.
* scripts/Makefile.am (EXTRA_DIST, config_SCRIPTS): Add it.
* scripts/fixup-libraries: Rename to scripts/fixup-libraries.in,
use is_elf_so_executable.
2016-12-07 11:30:42 +00:00
a51ea574e9 scripts/fixup-libraries: fix recognition of PIEs 2016-12-07 11:30:25 +00:00
Ivan Zakharyaschev
401d9520ba 4.0.4-alt100.96
- verify-elf: don't confuse the initial verify_rpath() in case
  of two RUNPATH/RPATHs (ALT#32826).
2016-11-30 17:50:04 +03:00
Ivan Zakharyaschev
d362bae600 verify-elf made a bit safer: pipes or command substitutions make it fail
1. set -o pipefail
2. don't use command substitutions inside other complex expressions; just assign to a var -- then it would make the script fail
2016-11-30 17:49:59 +03:00
Ivan Zakharyaschev
00b00565ea verify-elf: don't call verify_rpath() under a pipe because the errors are saved in a var
(A pipe makes a subshell and the var is modified there.)
2016-11-30 17:48:24 +03:00
Ivan Zakharyaschev
c0f11587a5 verify-elf: don't confuse verify_rpath() in case of two RUNPATH/RPATHs (ALT#32826) 2016-11-30 17:30:49 +03:00
Ivan Zakharyaschev
91c923f251 verify-elf: tiny cleanup: unify the awk expression for RPATH extraction
Rewritten equivalently, like in lib.req.
2016-11-30 17:09:09 +03:00
Ivan Zakharyaschev
70369c1a8e verify-elf: tiny cleanup: local var declaration moved to the place of use
The other occurence of "rpath" is in the second part of a pipe and is
local to that subshell anyway.
2016-11-30 17:08:09 +03:00
Ivan Zakharyaschev
00635cb1ac 4.0.4-alt100.95
- verify-elf: honor RUNPATH in addition to RPATH, too (like in lib.req).
- (unnoticeable) shell.req: generalize the shebang regexp w.r.t. other
  hardcoded locations of /usr/bin/env. (No need to be too strict here:
  shebang.req should catch bad locations. It's not our job.)
- %distribution: ALT Linux --> ALT (ALT#32707).
2016-11-29 15:12:34 +03:00
Ivan Zakharyaschev
3172abb8c1 %%distribution: ALT Linux --> ALT (ALT#32707) and some minor corrections of old @altlinux.ru addresses 2016-11-29 15:12:34 +03:00
Ivan Zakharyaschev
66f1a4cb8d verify-elf: RUNPATH overrides RPATH for verify_unresolved
From ld.so's documentation about the search order:

Using the directories specified in the DT_RPATH dynamic section
attribute of the binary if present and DT_RUNPATH attribute does not
exist. Use of DT_RPATH is deprecated.
2016-11-29 15:11:46 +03:00
Ivan Zakharyaschev
65509e2763 verify-elf: honor RUNPATH, too (like in lib.req.in:95 and debuginfo.req.in:76)
in addition to RPATH
2016-11-28 22:37:18 +03:00
Ivan Zakharyaschev
e2810bda5c added me to "Copyright (C)" 2016-11-28 22:37:13 +03:00
Ivan Zakharyaschev
d2e5d7dce7 shell.req: generalize the shebang regexp w.r.t. other locations of env
No need to be too strict here: shebang.req would (or should) catch bad
locations. It's not our work.
2016-05-27 16:02:37 +03:00
Ivan Zakharyaschev
ef66de16d5 shell.req: more idiomatic regexp for reading the shebang (use ?)
Compared with a similar regexp in Emacs sources --
http://git.altlinux.org/gears/e/emacs24.git?p=emacs24.git;a=blob;f=lisp/progmodes/sh-script.el;h=4700324d376db79e27d05e5352fff2f7e841a603;hb=HEAD#l1637
: "#![ \t]?\\([^ \t\n]*/bin/env[ \t]\\)?\\([^ \t\n]+\\)"

Conclusion: mostly identical meaning, with the exception of a more
liberal path of env in Emacs.

But ALT Sisyphus has /usr/bin/env only, so I don't see a good reason
to make the regexp more general. (If a different path is written
there, it won't work in ALT Sisyphus.)
2016-05-27 15:19:10 +03:00
Ivan Zakharyaschev
06f844cd6f 4.0.4-alt100.94
- shell.req: use the version of (ba|)sh from the shebang.
- find-{requires,provides}: run all scripts even for empty lists of files.
2016-05-24 23:08:16 +03:00
Ivan Zakharyaschev
f9bf39c2aa shell.req: use the version of (ba|)sh from the shebang 2016-05-24 23:08:04 +03:00
Ivan Zakharyaschev
d13f11fe4f find-provides: removed optimization for empty lists of files
The same reasons as for find-requires:

1. can be buggy in future;
2. give a chance to the methods to generate some special Provides
2016-04-07 13:58:27 +03:00
Ivan Zakharyaschev
0ebfa8f191 find-requires: removed optimization for empty lists of files
Reasons:

1. code clarity (and more robust w.r.t. to future changes which might
lead to bugs, as before)

2. to give all the special methods a chance to print something in the
case of an empty list, too (when needed)
2016-04-06 17:09:38 +03:00
Ivan Zakharyaschev
edf305d42c 4.0.4-alt100.93
- find-requires fixed for packages consisting completely of symlinks.
2016-04-06 03:30:21 +03:00
Ivan Zakharyaschev
4d23ad4702 percolate: removed loop optimization (for code clarity), result won't change 2016-04-06 03:26:17 +03:00
Ivan Zakharyaschev
95ffed16a6 find-requires: it was wrong to check "$tmpdir"/files for emptiness
Since there appeared a special handling for just some kind of
symlinks, "$tmpdir"/files gave only a part of "$tmpdir"/files+types --
the final list of what to analyze.
2016-04-06 03:22:49 +03:00
Ivan Zakharyaschev
e6e202e522 4.0.4-alt100.92
- find-requires: treat symlinks leading to some real content all way
  through the same package as that content.
- find-{requires,provides}: in case of an error in it, the pipe to it
  will be broken (must not change the visible behavior of rpm-build).
2016-04-05 23:26:03 +03:00
Ivan Zakharyaschev
6b43518d50 find-{requires,provides}: switched to the equivalent use of tmpdir.sh 2016-04-05 23:24:45 +03:00
Ivan Zakharyaschev
816c140ae7 find-{requires,provides}: in case of an error in it, the pipe to it will be broken (must not change the visible behavior of rpm-build)
We move "cat > /dev/null" to the only place where consuming the whole
input is useful for there to be no error.

This is done in preparation for a switch to the usage of tmpdir.sh.
2016-04-05 23:22:24 +03:00
Ivan Zakharyaschev
5630438416 debuginfo.req.files: ignore everything under /usr/lib/debug/.build-id/
The special directory structure there doesn't correspond to the
directory structure where debuginfo.req expects to find and process
*.debug files.
2016-04-05 22:57:42 +03:00