diff --git a/.fuse-overlayfs.metadata b/.fuse-overlayfs.metadata new file mode 100644 index 0000000..27f2753 --- /dev/null +++ b/.fuse-overlayfs.metadata @@ -0,0 +1 @@ +aae77fbe5e212349100445fd0b63891d7d60f7e6 SOURCES/fuse-overlayfs-8c59873.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d28e987 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/fuse-overlayfs-8c59873.tar.gz diff --git a/SOURCES/fuse-overlayfs-1803492.patch b/SOURCES/fuse-overlayfs-1803492.patch new file mode 100644 index 0000000..c462f07 --- /dev/null +++ b/SOURCES/fuse-overlayfs-1803492.patch @@ -0,0 +1,48 @@ +From bd0246fa31ae596fed3a7f94917523798e2ab3c8 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Sat, 15 Feb 2020 12:33:52 +0100 +Subject: [PATCH] main: force timeout 0 for ovl_link + +There is an issue on RHEL 8.1 where the nlink counter is always +incremented by one, no matter what is specified in e.attr.st_nlink. + +Always set timeout to 0 to force a new stat on the inode. + +Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1802907 +Closes: https://github.com/containers/fuse-overlayfs/issues/183 + +Signed-off-by: Giuseppe Scrivano +--- + main.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/main.c b/main.c +index 80c0f89..0e6dab3 100644 +--- a/main.c ++++ b/main.c +@@ -3714,6 +3714,12 @@ direct_linkat (struct ovl_layer *l, const char *oldpath, const char *newpath, in + static void + ovl_link (fuse_req_t req, fuse_ino_t ino, fuse_ino_t newparent, const char *newname) + { ++ /* ++ There is an issue on RHEL 8.1 where the nlink counter is always ++ incremented by one, no matter what is specified in e.attr.st_nlink. ++ In this function we always set timeout to 0 to force a new stat on the inode. ++ */ ++ + cleanup_lock int l = enter_big_lock (); + struct ovl_data *lo = ovl_data (req); + struct ovl_node *node, *newparentnode, *destnode; +@@ -3809,7 +3815,8 @@ ovl_link (fuse_req_t req, fuse_ino_t ino, fuse_ino_t newparent, const char *newn + + e.ino = node_to_inode (node); + node->ino->lookups++; +- e.attr_timeout = get_timeout (lo); ++ ++ e.attr_timeout = 0; + e.entry_timeout = get_timeout (lo); + fuse_reply_entry (req, &e); + } +-- +2.24.1 + diff --git a/SOURCES/fuse-overlayfs-1804849.patch b/SOURCES/fuse-overlayfs-1804849.patch new file mode 100644 index 0000000..9431d9f --- /dev/null +++ b/SOURCES/fuse-overlayfs-1804849.patch @@ -0,0 +1,189 @@ +From 214d606084453f0d2831317a9048a3cbc554fcc4 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Wed, 15 Jan 2020 00:02:43 +0100 +Subject: [PATCH 1/2] main: check if file is whiteout + +when doing a lookup, make sure the returned file is not a whiteout for +functions that expect the file to exist. + +Close: https://github.com/containers/fuse-overlayfs/issues/169 + +Signed-off-by: Giuseppe Scrivano +--- + main.c | 34 +++++++++++++++++----------------- + 1 file changed, 17 insertions(+), 17 deletions(-) + + +From ce93abae5fcb3be98867bbfd8e13abb2c086d1c2 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Wed, 15 Jan 2020 17:52:13 +0100 +Subject: [PATCH 2/2] main: do not copyup opaque xattr + +when performing the copyup, do not copy the private xattrs. + +Signed-off-by: Giuseppe Scrivano +--- + main.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff -up ./fuse-overlayfs-8c59873b00b3e8ee98be998fec8dbce4cfe984cc/main.c.1804849 ./fuse-overlayfs-8c59873b00b3e8ee98be998fec8dbce4cfe984cc/main.c +--- fuse-overlayfs-8c59873b00b3e8ee98be998fec8dbce4cfe984cc/main.c.1804849 2020-02-20 06:59:31.790277431 +0100 ++++ fuse-overlayfs-8c59873b00b3e8ee98be998fec8dbce4cfe984cc/main.c 2020-02-20 06:59:31.793277470 +0100 +@@ -2265,7 +2265,7 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t + } + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -2334,7 +2334,13 @@ copy_xattr (int sfd, int dfd, char *buf, + for (it = buf; it - buf < xattr_len; it += strlen (it) + 1) + { + cleanup_free char *v = NULL; +- ssize_t s = safe_read_xattr (&v, sfd, it, 256); ++ ssize_t s; ++ ++ if (has_prefix (it, XATTR_PREFIX) ++ || has_prefix (it, PRIVILEGED_XATTR_PREFIX)) ++ continue; ++ ++ s = safe_read_xattr (&v, sfd, it, 256); + if (s < 0) + return -1; + +@@ -2858,7 +2864,7 @@ do_rm (fuse_req_t req, fuse_ino_t parent + struct ovl_node key, *rm; + + node = do_lookup_file (lo, parent, name); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -2904,7 +2910,7 @@ do_rm (fuse_req_t req, fuse_ino_t parent + } + + pnode = do_lookup_file (lo, parent, NULL); +- if (pnode == NULL) ++ if (pnode == NULL || pnode->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3009,7 +3015,7 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t + } + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3069,7 +3075,7 @@ ovl_removexattr (fuse_req_t req, fuse_in + fprintf (stderr, "ovl_removexattr(ino=%" PRIu64 "s, name=%s)\n", ino, name); + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3447,7 +3453,7 @@ ovl_getattr (fuse_req_t req, fuse_ino_t + fprintf (stderr, "ovl_getattr(ino=%" PRIu64 ")\n", ino); + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3481,7 +3487,7 @@ ovl_setattr (fuse_req_t req, fuse_ino_t + fprintf (stderr, "ovl_setattr(ino=%" PRIu64 "s, to_set=%d)\n", ino, to_set); + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3663,7 +3669,7 @@ ovl_link (fuse_req_t req, fuse_ino_t ino + fprintf (stderr, "ovl_link(ino=%" PRIu64 "s, newparent=%" PRIu64 "s, newname=%s)\n", ino, newparent, newname); + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3677,7 +3683,7 @@ ovl_link (fuse_req_t req, fuse_ino_t ino + } + + newparentnode = do_lookup_file (lo, newparent, NULL); +- if (newparentnode == NULL) ++ if (newparentnode == NULL || newparentnode->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3802,7 +3808,7 @@ ovl_symlink (fuse_req_t req, const char + fprintf (stderr, "ovl_symlink(link=%s, ino=%" PRIu64 "s, name=%s)\n", link, parent, name); + + pnode = do_lookup_file (lo, parent, NULL); +- if (pnode == NULL) ++ if (pnode == NULL || pnode->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -3896,7 +3902,7 @@ ovl_rename_exchange (fuse_req_t req, fus + char *tmp; + + node = do_lookup_file (lo, parent, name); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -4255,7 +4261,7 @@ ovl_readlink (fuse_req_t req, fuse_ino_t + fprintf (stderr, "ovl_readlink(ino=%" PRIu64 "s)\n", ino); + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -4661,7 +4667,7 @@ ovl_ioctl (fuse_req_t req, fuse_ino_t in + ino, cmd, arg, fi, flags, in_buf, in_bufsz, out_bufsz); + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -4730,7 +4736,7 @@ ovl_fallocate (fuse_req_t req, fuse_ino_ + ino, mode, offset, length, fi); + + node = do_lookup_file (lo, ino, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; +@@ -4781,14 +4787,14 @@ ovl_copy_file_range (fuse_req_t req, fus + ino_in, off_in, fi_in, ino_out, off_out, fi_out, len, flags); + + node = do_lookup_file (lo, ino_in, NULL); +- if (node == NULL) ++ if (node == NULL || node->whiteout) + { + fuse_reply_err (req, ENOENT); + return; + } + + dnode = do_lookup_file (lo, ino_out, NULL); +- if (dnode == NULL) ++ if (dnode == NULL || dnode->whiteout) + { + fuse_reply_err (req, ENOENT); + return; diff --git a/SOURCES/fuse-overlayfs-1809648.patch b/SOURCES/fuse-overlayfs-1809648.patch new file mode 100644 index 0000000..f51b138 --- /dev/null +++ b/SOURCES/fuse-overlayfs-1809648.patch @@ -0,0 +1,119 @@ +From 2159055ede95b410efe7a0925a499df1d8ee23b2 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Fri, 31 Jan 2020 13:46:07 +0100 +Subject: [PATCH] main: lookup skip ino if there is no origin + +if there is no origin xattr specified, do not overwrite the ino +number. + +Closes: https://github.com/containers/fuse-overlayfs/issues/177 + +Signed-off-by: Giuseppe Scrivano +--- + main.c | 48 ++++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 38 insertions(+), 10 deletions(-) + +diff --git a/main.c b/main.c +index b1bdfa4..ba12faa 100644 +--- a/main.c ++++ b/main.c +@@ -1,7 +1,7 @@ + /* fuse-overlayfs: Overlay Filesystem in Userspace + + Copyright (C) 2018 Giuseppe Scrivano +- Copyright (C) 2018-2019 Red Hat Inc. ++ Copyright (C) 2018-2020 Red Hat Inc. + Copyright (C) 2001-2007 Miklos Szeredi + + This program is free software: you can redistribute it and/or modify +@@ -456,6 +456,22 @@ has_prefix (const char *str, const char *pref) + return false; + } + ++static int ++set_fd_origin (int fd, const char *origin) ++{ ++ cleanup_close int opq_whiteout_fd = -1; ++ size_t len = strlen (origin) + 1; ++ int ret; ++ ++ ret = fsetxattr (fd, ORIGIN_XATTR, origin, len, 0); ++ if (ret < 0) ++ { ++ if (errno == ENOTSUP) ++ return 0; ++ } ++ return ret; ++} ++ + static int + set_fd_opaque (int fd) + { +@@ -1131,6 +1147,7 @@ make_ovl_node (struct ovl_data *lo, const char *path, struct ovl_layer *layer, c + mode_t mode = 0; + char *new_name; + struct ovl_node *ret_xchg; ++ bool has_origin = true; + cleanup_node_init struct ovl_node *ret = NULL; + + ret = calloc (1, sizeof (*ret)); +@@ -1211,10 +1228,13 @@ make_ovl_node (struct ovl_data *lo, const char *path, struct ovl_layer *layer, c + { + if (it->ds->statat (it, npath, &st, AT_SYMLINK_NOFOLLOW, STATX_TYPE|STATX_MODE|STATX_INO) == 0) + { +- ret->tmp_ino = st.st_ino; +- ret->tmp_dev = st.st_dev; +- if (mode == 0) +- mode = st.st_mode; ++ if (has_origin) ++ { ++ ret->tmp_ino = st.st_ino; ++ ret->tmp_dev = st.st_dev; ++ if (mode == 0) ++ mode = st.st_mode; ++ } + ret->last_layer = it; + } + goto no_fd; +@@ -1223,10 +1243,13 @@ make_ovl_node (struct ovl_data *lo, const char *path, struct ovl_layer *layer, c + /* It is an open FD, stat the file and read the origin xattrs. */ + if (it->ds->fstat (it, fd, npath, STATX_TYPE|STATX_MODE|STATX_INO, &st) == 0) + { +- ret->tmp_ino = st.st_ino; +- ret->tmp_dev = st.st_dev; +- if (mode == 0) +- mode = st.st_mode; ++ if (has_origin) ++ { ++ ret->tmp_ino = st.st_ino; ++ ret->tmp_dev = st.st_dev; ++ if (mode == 0) ++ mode = st.st_mode; ++ } + ret->last_layer = it; + } + +@@ -1270,7 +1293,9 @@ make_ovl_node (struct ovl_data *lo, const char *path, struct ovl_layer *layer, c + + /* If an origin is specified, use it for the next layer lookup. */ + s = safe_read_xattr (&origin, fd, ORIGIN_XATTR, PATH_MAX); +- if (s > 0) ++ if (s <= 0) ++ has_origin = false; ++ else + { + free (npath); + npath = origin; +@@ -2656,6 +2681,9 @@ copyup (struct ovl_data *lo, struct ovl_node *node) + if (ret < 0) + goto exit; + ++ if (set_fd_origin (dfd, node->path) < 0) ++ goto exit; ++ + /* Finally, move the file to its destination. */ + ret = renameat (lo->workdir_fd, wd_tmp_file_name, get_upper_layer (lo)->fd, node->path); + if (ret < 0) +-- +2.24.1 + diff --git a/SPECS/fuse-overlayfs.spec b/SPECS/fuse-overlayfs.spec new file mode 100644 index 0000000..b64f59c --- /dev/null +++ b/SPECS/fuse-overlayfs.spec @@ -0,0 +1,134 @@ +%global git0 https://github.com/containers/%{name} +%global commit0 8c59873b00b3e8ee98be998fec8dbce4cfe984cc +%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) + +Name: fuse-overlayfs +Version: 0.7.2 +Release: 6%{?dist} +Summary: FUSE overlay+shiftfs implementation for rootless containers +License: GPLv3+ +URL: %{git0} +ExclusiveArch: aarch64 %{arm} ppc64le s390x x86_64 +Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz +# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1802907 +# backported: https://patch-diff.githubusercontent.com/raw/containers/fuse-overlayfs/pull/184.patch +Patch0: fuse-overlayfs-1803492.patch +# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1804849 +# backported: https://patch-diff.githubusercontent.com/raw/containers/fuse-overlayfs/pull/170.patch +# patch: 0001-main-force-timeout-0-for-ovl_link.patch +Patch1: fuse-overlayfs-1804849.patch +# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1809648 +# backported: https://patch-diff.githubusercontent.com/raw/containers/fuse-overlayfs/pull/178.patch +Patch2: fuse-overlayfs-1809648.patch +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: fuse3-devel +BuildRequires: gcc +BuildRequires: git +BuildRequires: go-md2man +BuildRequires: make +Provides: bundled(gnulib) = cb634d40c7b9bbf33fa5198d2e27fdab4c0bf143 + +%description +%{summary}. + +%package devel +Summary: %{summary} +BuildArch: noarch + +%description devel +%{summary} + +This package contains library source intended for +building other packages which use import path with +%{import_path} prefix. + +%prep +%autosetup -Sgit -n %{name}-%{commit0} + +%build +./autogen.sh +./configure --prefix=%{_usr} --libdir=%{_libdir} +%{__make} generate-man + +%install +make DESTDIR=%{buildroot} install install-man + +%check + +#define license tag if not already defined +%{!?_licensedir:%global license %doc} + +%files +%license COPYING +%doc README.md +%{_bindir}/%{name} +%{_mandir}/man1/%{name}.1.gz + +%changelog +* Thu Mar 05 2020 Jindrich Novy - 0.7.2-6 +- fix "Pushing container image built with rootless podman fails with: "file integrity checksum failed"" +- Resolves: #1810498 + +* Fri Feb 28 2020 Jindrich Novy - 0.7.2-5 +- upstream patch when applied to the 0.7.2 source code is applied to the wrong function, + new patch fixes it +- Resolves: #1805013 + +* Thu Feb 20 2020 Jindrich Novy - 0.7.2-4 +- fix "fuse-overlayfs segfault" +- Resolves: #1805013 + +* Mon Feb 17 2020 Jindrich Novy - 0.7.2-3 +- fix "useradd and groupadd fail under rootless Buildah and podman" +- Resolves: #1803492 + +* Fri Jan 24 2020 Jindrich Novy - 0.7.2-2 +- resurrect s390x arch as kernel there now has the renameat2 syscall (#1773504) + +* Wed Dec 04 2019 Jindrich Novy - 0.7.2-1 +- update to 0.7.2 +- Related: RHELPLAN-26239 + +* Mon Nov 18 2019 Jindrich Novy - 0.4.1-3 +- temporarily remove s390x arch from supported arches due to + missing renameat2 syscall +- Related: #1721151 + +* Tue Oct 29 2019 Jindrich Novy - 0.4.1-2 +- BuildRequire fuse3-devel +- Resolves: #1721151 + +* Sat Jun 15 2019 Lokesh Mandvekar - 0.4.1-1 +- Resolves: #1720654 - rebase to v0.4.1 + +* Wed Jan 16 2019 Frantisek Kluknavsky - 0.3-2 +- rebase +- Resolves:#1666510 + +* Wed Oct 17 2018 Lokesh Mandvekar - 0.1-7.dev.git50c7a50 +- Resolves: #1640232 +- built commit 50c7a50 + +* Fri Aug 10 2018 Lokesh Mandvekar - 0.1-6.dev.git1c72a1a +- Resolves: #1614856 - add manpage +- built commit 1c72a1a +- add BR: go-md2man + +* Fri Aug 10 2018 Lokesh Mandvekar - 0.1-5.dev.gitd40ac75 +- built commit d40ac75 +- remove fedora bz ids +- Exclude ix86 and ppc64 + +* Mon Jul 30 2018 Lokesh Mandvekar - 0.1-4.dev.git79c70fd +- Resolves: #1609598 - initial upload to Fedora +- bundled gnulib + +* Mon Jul 30 2018 Lokesh Mandvekar - 0.1-3.dev.git79c70fd +- correct license field + +* Mon Jul 30 2018 Lokesh Mandvekar - 0.1-2.dev.git79c70fd +- fix license + +* Sun Jul 29 2018 Lokesh Mandvekar - 0.1-1.dev.git13575b6 +- First package for Fedora