diff --git a/.gitignore b/.gitignore index 383b690..0664170 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/rpm-ostree-2015.3.tar.xz +SOURCES/rpm-ostree-2015.5.tar.xz diff --git a/.rpm-ostree.metadata b/.rpm-ostree.metadata index ddb3f58..44e995a 100644 --- a/.rpm-ostree.metadata +++ b/.rpm-ostree.metadata @@ -1 +1 @@ -9358feb4809cb92d0ac9ec528f6b2f02612179fa SOURCES/rpm-ostree-2015.3.tar.xz +7cf8869f6d574a9d4602ad7266de7b43b74a37e3 SOURCES/rpm-ostree-2015.5.tar.xz diff --git a/SOURCES/0001-postprocess-Handle-Fedora-rawhide-kernel-installatio.patch b/SOURCES/0001-postprocess-Handle-Fedora-rawhide-kernel-installatio.patch new file mode 100644 index 0000000..57294f6 --- /dev/null +++ b/SOURCES/0001-postprocess-Handle-Fedora-rawhide-kernel-installatio.patch @@ -0,0 +1,156 @@ +From 1c3a549ef9ebaecf9a0eab7515adddc594c78779 Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Tue, 12 May 2015 12:26:38 -0400 +Subject: [PATCH] postprocess: Handle Fedora rawhide kernel installation + +The vmlinuz binary has moved to /usr/lib/modules, which is a change +mostly for the better, but we need to adapt. + +Closes: https://github.com/projectatomic/rpm-ostree/pull/143 +--- + src/libpriv/rpmostree-postprocess.c | 98 +++++++++++++++++++++++++++++++------ + 1 file changed, 84 insertions(+), 14 deletions(-) + +diff --git a/src/libpriv/rpmostree-postprocess.c b/src/libpriv/rpmostree-postprocess.c +index c690fe2..7b390f9 100644 +--- a/src/libpriv/rpmostree-postprocess.c ++++ b/src/libpriv/rpmostree-postprocess.c +@@ -168,7 +168,8 @@ find_kernel_and_initramfs_in_bootdir (GFile *bootdir, + + name = g_file_info_get_name (file_info); + +- if (g_str_has_prefix (name, "vmlinuz-")) ++ /* Current Fedora 23 kernel.spec installs as just vmlinuz */ ++ if (strcmp (name, "vmlinuz") == 0 || g_str_has_prefix (name, "vmlinuz-")) + { + if (ret_kernel) + { +@@ -192,17 +193,57 @@ find_kernel_and_initramfs_in_bootdir (GFile *bootdir, + } + } + +- if (!ret_kernel) ++ ret = TRUE; ++ gs_transfer_out_value (out_kernel, &ret_kernel); ++ gs_transfer_out_value (out_initramfs, &ret_initramfs); ++ out: ++ return ret; ++} ++ ++/* Given a directory @d, find the first child that is a directory, ++ * returning it in @out_subdir. If there are multiple directories, ++ * return an error. ++ */ ++static gboolean ++find_ensure_one_subdirectory (GFile *d, ++ GFile **out_subdir, ++ GCancellable *cancellable, ++ GError **error) ++{ ++ gboolean ret = FALSE; ++ gs_unref_object GFileEnumerator *direnum = NULL; ++ gs_unref_object GFile *ret_subdir = NULL; ++ ++ direnum = g_file_enumerate_children (d, "standard::name,standard::type", 0, ++ cancellable, error); ++ if (!direnum) ++ goto out; ++ ++ while (TRUE) + { +- g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, +- "Unable to find vmlinuz- in %s", +- gs_file_get_path_cached (bootdir)); +- goto out; ++ GFileInfo *file_info; ++ GFile *child; ++ ++ if (!gs_file_enumerator_iterate (direnum, &file_info, &child, ++ cancellable, error)) ++ goto out; ++ if (!file_info) ++ break; ++ ++ if (g_file_info_get_file_type (file_info) == G_FILE_TYPE_DIRECTORY) ++ { ++ if (ret_subdir) ++ { ++ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, ++ "Multiple subdirectories found in: %s", gs_file_get_path_cached (d)); ++ goto out; ++ } ++ ret_subdir = g_object_ref (child); ++ } + } + + ret = TRUE; +- gs_transfer_out_value (out_kernel, &ret_kernel); +- gs_transfer_out_value (out_initramfs, &ret_initramfs); ++ gs_transfer_out_value (out_subdir, &ret_subdir); + out: + return ret; + } +@@ -220,14 +261,38 @@ do_kernel_prep (GFile *yumroot, + gs_unref_object GFile *initramfs_path = NULL; + const char *boot_checksum_str = NULL; + GChecksum *boot_checksum = NULL; +- const char *kname; +- const char *kver; ++ g_autofree char *kver = NULL; + + if (!find_kernel_and_initramfs_in_bootdir (bootdir, &kernel_path, + &initramfs_path, + cancellable, error)) + goto out; + ++ if (kernel_path == NULL) ++ { ++ gs_unref_object GFile *mod_dir = g_file_resolve_relative_path (yumroot, "usr/lib/modules"); ++ gs_unref_object GFile *modversion_dir = NULL; ++ ++ if (!find_ensure_one_subdirectory (mod_dir, &modversion_dir, cancellable, error)) ++ goto out; ++ ++ if (modversion_dir) ++ { ++ kver = g_file_get_basename (modversion_dir); ++ if (!find_kernel_and_initramfs_in_bootdir (modversion_dir, &kernel_path, ++ &initramfs_path, ++ cancellable, error)) ++ goto out; ++ } ++ } ++ ++ if (kernel_path == NULL) ++ { ++ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, ++ "Unable to find kernel (vmlinuz) in /boot or /usr/lib/modules"); ++ goto out; ++ } ++ + if (initramfs_path) + { + g_print ("Removing RPM-generated '%s'\n", +@@ -236,10 +301,15 @@ do_kernel_prep (GFile *yumroot, + goto out; + } + +- kname = gs_file_get_basename_cached (kernel_path); +- kver = strchr (kname, '-'); +- g_assert (kver); +- kver += 1; ++ if (!kver) ++ { ++ const char *kname = gs_file_get_basename_cached (kernel_path); ++ const char *kver_p; ++ ++ kver_p = strchr (kname, '-'); ++ g_assert (kver_p); ++ kver = g_strdup (kver_p + 1); ++ } + + /* OSTree needs to own this */ + { +-- +1.8.3.1 + diff --git a/SOURCES/0001-upgrade-Print-any-GPG-signatures-while-upgrading.patch b/SOURCES/0001-upgrade-Print-any-GPG-signatures-while-upgrading.patch deleted file mode 100644 index ad4eb7a..0000000 --- a/SOURCES/0001-upgrade-Print-any-GPG-signatures-while-upgrading.patch +++ /dev/null @@ -1,115 +0,0 @@ -From 750a8889f08c4d3ed90f185cf4a0df379271f2bb Mon Sep 17 00:00:00 2001 -From: Matthew Barnes -Date: Mon, 6 Apr 2015 13:09:37 -0400 -Subject: [PATCH 1/2] upgrade: Print any GPG signatures while upgrading - ---- - main.c | 25 +++++++++++++++++++++++++ - rpmostree-builtin-upgrade.c | 22 ++++++++++++++++++++++ - rpmostree-builtins.h | 2 ++ - 3 files changed, 49 insertions(+) - -diff --git a/src/app/main.c b/src/app/main.c -index a093b52..9ee2d6e 100644 ---- a/src/main.c -+++ b/src/main.c -@@ -99,6 +99,31 @@ rpmostree_option_context_parse (GOptionContext *context, - return TRUE; - } - -+void -+rpmostree_print_gpg_verify_result (OstreeGpgVerifyResult *result) -+{ -+ GString *buffer; -+ guint n_sigs, ii; -+ -+ n_sigs = ostree_gpg_verify_result_count_all (result); -+ -+ /* XXX If we ever add internationalization, use ngettext() here. */ -+ g_print ("GPG: Verification enabled, found %u signature%s:\n", -+ n_sigs, n_sigs == 1 ? "" : "s"); -+ -+ buffer = g_string_sized_new (256); -+ -+ for (ii = 0; ii < n_sigs; ii++) -+ { -+ g_string_append_c (buffer, '\n'); -+ ostree_gpg_verify_result_describe (result, ii, buffer, " ", -+ OSTREE_GPG_SIGNATURE_FORMAT_DEFAULT); -+ } -+ -+ g_print ("%s\n", buffer->str); -+ g_string_free (buffer, TRUE); -+} -+ - int - main (int argc, - char **argv) -diff --git a/src/rpmostree-builtin-upgrade.c b/src/rpmostree-builtin-upgrade.c -index e67f9f0..432eac8 100644 ---- a/src/rpmostree-builtin-upgrade.c -+++ b/src/rpmostree-builtin-upgrade.c -@@ -45,6 +45,20 @@ static GOptionEntry option_entries[] = { - { NULL } - }; - -+static void -+gpg_verify_result_cb (OstreeRepo *repo, -+ const char *checksum, -+ OstreeGpgVerifyResult *result, -+ GSConsole *console) -+{ -+ /* Temporarily place the GSConsole stream (which is just stdout) -+ * back in normal mode before printing GPG verification results. */ -+ gs_console_end_status_line (console, NULL, NULL); -+ -+ g_print ("\n"); -+ rpmostree_print_gpg_verify_result (result); -+} -+ - gboolean - rpmostree_builtin_upgrade (int argc, - char **argv, -@@ -63,6 +77,7 @@ rpmostree_builtin_upgrade (int argc, - - gs_free char *origin_description = NULL; - gs_unref_object OstreeRepo *repo = NULL; -+ gulong signal_handler_id = 0; - - if (!rpmostree_option_context_parse (context, option_entries, &argc, &argv, error)) - goto out; -@@ -89,6 +104,10 @@ rpmostree_builtin_upgrade (int argc, - { - gs_console_begin_status_line (console, "", NULL, NULL); - progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, console); -+ signal_handler_id = g_signal_connect (repo, "gpg-verify-result", -+ G_CALLBACK (gpg_verify_result_cb), -+ console); -+ - } - - if (opt_allow_downgrade) -@@ -185,5 +204,8 @@ rpmostree_builtin_upgrade (int argc, - if (console) - (void) gs_console_end_status_line (console, NULL, NULL); - -+ if (signal_handler_id > 0) -+ g_signal_handler_disconnect (repo, signal_handler_id); -+ - return ret; - } -diff --git a/src/rpmostree-builtins.h b/src/rpmostree-builtins.h -index 8e1c5d1..480d06c 100644 ---- a/src/rpmostree-builtins.h -+++ b/src/rpmostree-builtins.h -@@ -46,5 +46,7 @@ gboolean rpmostree_option_context_parse (GOptionContext *context, - char ***argv, - GError **error); - -+void rpmostree_print_gpg_verify_result (OstreeGpgVerifyResult *result); -+ - G_END_DECLS - --- -1.8.3.1 - diff --git a/SOURCES/0002-status-Print-any-GPG-signatures-for-deployments.patch b/SOURCES/0002-status-Print-any-GPG-signatures-for-deployments.patch deleted file mode 100644 index a815f7a..0000000 --- a/SOURCES/0002-status-Print-any-GPG-signatures-for-deployments.patch +++ /dev/null @@ -1,239 +0,0 @@ -From 347a5003e0f0fd0e921d20094b871dc39d5f8324 Mon Sep 17 00:00:00 2001 -From: Matthew Barnes -Date: Tue, 7 Apr 2015 13:49:21 -0400 -Subject: [PATCH 2/2] status: Print any GPG signatures for deployments - -In pretty mode (--pretty), print signatures for each listed deployment. - -Otherwise, just print signatures for the booted deployment at the end to -preserve the tabular formatting of the deployment list. ---- - src/app/rpmostree-builtin-status.c | 136 +++++++++++++++++++++++++++++++++++-- - 1 file changed, 129 insertions(+), 7 deletions(-) - -diff --git a/src/rpmostree-builtin-status.c b/src/rpmostree-builtin-status.c -index 5cd8dde..ed492a8 100644 ---- a/src/rpmostree-builtin-status.c -+++ b/src/rpmostree-builtin-status.c -@@ -76,6 +76,37 @@ version_of_commit (OstreeRepo *repo, const char *checksum) - return NULL; - } - -+static gboolean -+deployment_get_gpg_verify (OstreeDeployment *deployment, -+ OstreeRepo *repo) -+{ -+ /* XXX Something like this could be added to the OstreeDeployment -+ * API in libostree if the OstreeRepo parameter is acceptable. */ -+ -+ GKeyFile *origin; -+ gs_free char *refspec = NULL; -+ gs_free char *remote = NULL; -+ gboolean gpg_verify = FALSE; -+ -+ origin = ostree_deployment_get_origin (deployment); -+ -+ if (origin == NULL) -+ goto out; -+ -+ refspec = g_key_file_get_string (origin, "origin", "refspec", NULL); -+ -+ if (refspec == NULL) -+ goto out; -+ -+ if (!ostree_parse_refspec (refspec, &remote, NULL, NULL)) -+ goto out; -+ -+ (void) ostree_repo_remote_get_gpg_verify (repo, remote, &gpg_verify, NULL); -+ -+out: -+ return gpg_verify; -+} -+ - gboolean - rpmostree_builtin_status (int argc, - char **argv, -@@ -85,6 +116,7 @@ rpmostree_builtin_status (int argc, - gboolean ret = FALSE; - gs_unref_object GFile *sysroot_path = NULL; - gs_unref_object OstreeSysroot *sysroot = NULL; -+ gs_unref_object OstreeRepo *repo = NULL; - gs_unref_ptrarray GPtrArray *deployments = NULL; // list of all depoyments - OstreeDeployment *booted_deployment = NULL; // current booted deployment - GOptionContext *context = g_option_context_new ("- Get the version of the booted system"); -@@ -96,6 +128,7 @@ rpmostree_builtin_status (int argc, - guint max_refspec_len = 0; // maximum length of refspec - determined in code - guint max_version_len = 0; // maximum length of version - determined in code - guint buffer = 5; // minimum space between end of one entry and new column -+ gs_free char *booted_csum = NULL; - - if (!rpmostree_option_context_parse (context, option_entries, &argc, &argv, error)) - goto out; -@@ -105,6 +138,9 @@ rpmostree_builtin_status (int argc, - if (!ostree_sysroot_load (sysroot, cancellable, error)) - goto out; - -+ if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error)) -+ goto out; -+ - booted_deployment = ostree_sysroot_get_booted_deployment (sysroot); - deployments = ostree_sysroot_get_deployments (sysroot); - -@@ -114,7 +150,6 @@ rpmostree_builtin_status (int argc, - /* find max lengths of osname and refspec */ - for (j = 0; j < deployments->len; j++) - { -- gs_unref_object OstreeRepo *repo = NULL; - const char *csum = ostree_deployment_get_csum (deployments->pdata[j]); - GKeyFile *origin; - gs_free char *origin_refspec = NULL; -@@ -134,9 +169,6 @@ rpmostree_builtin_status (int argc, - } - max_refspec_len = MAX (max_refspec_len, strlen (origin_refspec)); - -- if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error)) -- goto out; -- - version_string = version_of_commit (repo, csum); - if (version_string) - max_version_len = MAX (max_version_len, strlen (version_string)); -@@ -158,7 +190,6 @@ rpmostree_builtin_status (int argc, - for (i=0; ilen; i++) - { - gs_unref_variant GVariant *commit = NULL; -- gs_unref_object OstreeRepo *repo = NULL; - const char *csum = ostree_deployment_get_csum (deployments->pdata[i]); - OstreeDeployment *deployment = deployments->pdata[i]; - GKeyFile *origin; -@@ -169,8 +200,6 @@ rpmostree_builtin_status (int argc, - gs_free char *version_string = NULL; - - /* get commit for timestamp */ -- if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error)) -- goto out; - if (!ostree_repo_load_variant (repo, - OSTREE_OBJECT_TYPE_COMMIT, - csum, -@@ -202,6 +231,13 @@ rpmostree_builtin_status (int argc, - /* print deployment info column */ - if (!opt_pretty) - { -+ if (deployment == booted_deployment) -+ { -+ /* Stash this for printing signatures later. */ -+ if (deployment_get_gpg_verify (deployment, repo)) -+ booted_csum = g_strdup (csum); -+ } -+ - g_print ("%c %-*s", - deployment == booted_deployment ? '*' : ' ', - max_timestamp_len+buffer, timestamp_string); -@@ -218,8 +254,11 @@ rpmostree_builtin_status (int argc, - /* print "pretty" row info */ - else - { -+ gs_unref_object OstreeGpgVerifyResult *result = NULL; - guint tab = 11; - char *title = NULL; -+ GError *local_error = NULL; -+ - if (i==0) - title = "DEFAULT ON BOOT"; - else if (deployment == booted_deployment || -@@ -239,10 +278,93 @@ rpmostree_builtin_status (int argc, - tab, "id", tab, csum, ostree_deployment_get_deployserial (deployment), - tab, "osname", tab, ostree_deployment_get_osname (deployment), - tab, "refspec", tab, origin_refspec); -+ -+ if (deployment_get_gpg_verify (deployment, repo)) -+ { -+ result = ostree_repo_verify_commit_ext (repo, csum, NULL, NULL, -+ cancellable, &local_error); -+ -+ /* NOT_FOUND just means the commit is not signed. */ -+ if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND)) -+ { -+ g_clear_error (&local_error); -+ } -+ else if (local_error != NULL) -+ { -+ g_propagate_error (error, local_error); -+ goto out; -+ } -+ else -+ { -+ GString *sigs_buffer; -+ guint n_sigs, ii; -+ -+ n_sigs = ostree_gpg_verify_result_count_all (result); -+ -+ sigs_buffer = g_string_sized_new (256); -+ -+ for (ii = 0; ii < n_sigs; ii++) -+ { -+ g_string_append_c (sigs_buffer, '\n'); -+ ostree_gpg_verify_result_describe (result, ii, sigs_buffer, " GPG: ", -+ OSTREE_GPG_SIGNATURE_FORMAT_DEFAULT); -+ } -+ -+ g_print ("%s", sigs_buffer->str); -+ g_string_free (sigs_buffer, TRUE); -+ } -+ } -+ - printchar ("=", 60); - } - } - -+ /* Print any signatures for the booted deployment, but only in NON-pretty -+ * mode. We save this for the end to preserve the tabular formatting for -+ * deployments. */ -+ if (booted_csum != NULL) -+ { -+ gs_unref_object OstreeGpgVerifyResult *result = NULL; -+ GError *local_error = NULL; -+ -+ result = ostree_repo_verify_commit_ext (repo, booted_csum, NULL, NULL, -+ cancellable, &local_error); -+ -+ /* NOT_FOUND just means the commit is not signed. */ -+ if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND)) -+ { -+ g_clear_error (&local_error); -+ } -+ else if (local_error != NULL) -+ { -+ g_propagate_error (error, local_error); -+ goto out; -+ } -+ else -+ { -+ GString *sigs_buffer; -+ guint n_sigs, ii; -+ -+ n_sigs = ostree_gpg_verify_result_count_all (result); -+ -+ /* XXX If we ever add internationalization, use ngettext() here. */ -+ g_print ("\nGPG: Found %u signature%s on the booted deployment (*):\n", -+ n_sigs, n_sigs == 1 ? "" : "s"); -+ -+ sigs_buffer = g_string_sized_new (256); -+ -+ for (ii = 0; ii < n_sigs; ii++) -+ { -+ g_string_append_c (sigs_buffer, '\n'); -+ ostree_gpg_verify_result_describe (result, ii, sigs_buffer, " ", -+ OSTREE_GPG_SIGNATURE_FORMAT_DEFAULT); -+ } -+ -+ g_print ("%s", sigs_buffer->str); -+ g_string_free (sigs_buffer, TRUE); -+ } -+ } -+ - ret = TRUE; - out: - return ret; --- -1.8.3.1 - diff --git a/SPECS/rpm-ostree.spec b/SPECS/rpm-ostree.spec index 5d7666f..588fba4 100644 --- a/SPECS/rpm-ostree.spec +++ b/SPECS/rpm-ostree.spec @@ -1,12 +1,11 @@ Summary: Client side upgrade program and server side compose tool Name: rpm-ostree -Version: 2015.3 -Release: 3.atomic%{?dist} +Version: 2015.5 +Release: 2.atomic%{?dist} #VCS: https://github.com/cgwalters/rpm-ostree # This tarball is generated via "make -f Makefile.dist-packaging dist-snapshot" Source0: rpm-ostree-%{version}.tar.xz -Patch0: 0001-upgrade-Print-any-GPG-signatures-while-upgrading.patch -Patch1: 0002-status-Print-any-GPG-signatures-for-deployments.patch +Patch0: 0001-postprocess-Handle-Fedora-rawhide-kernel-installatio.patch License: LGPLv2+ URL: https://github.com/cgwalters/rpm-ostree BuildRequires: git @@ -19,6 +18,7 @@ BuildRequires: pkgconfig(ostree-1) >= 2015.1 BuildRequires: pkgconfig(libgsystem) BuildRequires: pkgconfig(json-glib-1.0) BuildRequires: pkgconfig(hawkey) >= 0.5.0 +BuildRequires: pkgconfig(libhif) BuildRequires: pkgconfig(rpm) BuildRequires: libcap-devel @@ -31,25 +31,53 @@ This tool binds together the world of RPM packages with the OSTree model of bootable filesystem trees. It provides commands usable both on client systems as well as server-side composes. +%package devel +Summary: Development headers for %{name} +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description devel +The %{name}-devel package includes the header files for the %{name} library. + %prep %autosetup -Sgit -n %{name}-%{version} %build env NOCONFIGURE=1 ./autogen.sh -%configure --disable-silent-rules --enable-patched-hawkey-and-libsolv --enable-usrbinatomic +%configure --disable-silent-rules --enable-gtk-doc make %{?_smp_mflags} %install make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p -c" +find $RPM_BUILD_ROOT -name '*.la' -delete %files %doc COPYING README.md -%{_bindir}/atomic %{_bindir}/rpm-ostree %{_libdir}/%{name}/ %{_mandir}/man1/*.gz +%{_libdir}/*.so.1* +%{_libdir}/girepository-1.0/*.typelib + +%files devel +%{_libdir}/lib*.so +%{_includedir}/* +%{_libdir}/pkgconfig/* +%dir %{_datadir}/gtk-doc/html/* +%{_datadir}/gtk-doc/html/* +%{_datadir}/gir-1.0/*-1.0.gir %changelog +* Mon May 18 2015 Colin Walters - 2015.5-2.atomic +- Rebuild against latest libhif + +* Fri May 15 2015 Colin Walters - 2015.5-1.atomic +- Rebase to Fedora rawhide + +* Wed May 13 2015 Colin Walters - 2015.3-4.atomic +- Drop /usr/bin/atomic like we did for -client; this fixes installing + with the new atomic package. + * Fri Apr 17 2015 Colin Walters - 2015.3-3.atomic - Backport client side GPG verification status patches