diff --git a/SOURCES/rpm-4.14.3-fix-spurious-transfiletriggerpostun-execution.patch b/SOURCES/rpm-4.14.3-fix-spurious-transfiletriggerpostun-execution.patch new file mode 100644 index 0000000..6b26ec5 --- /dev/null +++ b/SOURCES/rpm-4.14.3-fix-spurious-transfiletriggerpostun-execution.patch @@ -0,0 +1,184 @@ +From f17aa638649fb8de730fecdbc906dc869b626ba5 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Tue, 16 Nov 2021 11:49:18 +0200 +Subject: [PATCH 1/2] Fix spurious %transfiletriggerpostun execution + (RhBug:2023311) + +If a package has multiple %transfiletriggerpostun triggers, any one +of them matching would cause all of them to run, due to disconnect +in the intel gathering stage: we'd gather all the headers with matching +files into a lump, and then add any postun triggers found in them, +but this loses the triggering file information and causes all postuns +to run. + +The triggers need to be added while looping over the file matches, +like runFileTriggers() does. Doing so actually simplifies the code. +These should really be unified to use the same code, but leaving +that exercise to another rainy day. +--- + lib/rpmtriggers.c | 64 +++++++++++++++++++++++------------------------ + 1 file changed, 31 insertions(+), 33 deletions(-) + +diff --git a/lib/rpmtriggers.c b/lib/rpmtriggers.c +index 0827af0c2..dc457f7cc 100644 +--- a/lib/rpmtriggers.c ++++ b/lib/rpmtriggers.c +@@ -97,19 +97,37 @@ static void rpmtriggersSortAndUniq(rpmtriggers trigs) + } + } + ++static void addTriggers(rpmts ts, Header trigH, rpmsenseFlags filter) ++{ ++ int tix = 0; ++ rpmds ds; ++ rpmds triggers = rpmdsNew(trigH, RPMTAG_TRANSFILETRIGGERNAME, 0); ++ ++ while ((ds = rpmdsFilterTi(triggers, tix))) { ++ if ((rpmdsNext(ds) >= 0) && (rpmdsFlags(ds) & filter)) { ++ struct rpmtd_s priorities; ++ ++ if (headerGet(trigH, RPMTAG_TRANSFILETRIGGERPRIORITIES, ++ &priorities, HEADERGET_MINMEM)) { ++ rpmtdSetIndex(&priorities, tix); ++ rpmtriggersAdd(ts->trigs2run, headerGetInstance(trigH), ++ tix, *rpmtdGetUint32(&priorities)); ++ } ++ } ++ rpmdsFree(ds); ++ tix++; ++ } ++ rpmdsFree(triggers); ++} ++ + void rpmtriggersPrepPostUnTransFileTrigs(rpmts ts, rpmte te) + { +- rpmdbMatchIterator mi; + rpmdbIndexIterator ii; +- Header trigH; + const void *key; + size_t keylen; + rpmfiles files; +- rpmds rpmdsTriggers; +- rpmds rpmdsTrigger; + + ii = rpmdbIndexIteratorInit(rpmtsGetRdb(ts), RPMDBI_TRANSFILETRIGGERNAME); +- mi = rpmdbNewIterator(rpmtsGetRdb(ts), RPMDBI_PACKAGES); + files = rpmteFiles(te); + + /* Iterate over file triggers in rpmdb */ +@@ -121,39 +139,19 @@ void rpmtriggersPrepPostUnTransFileTrigs(rpmts ts, rpmte te) + rpmfi fi = rpmfilesFindPrefix(files, pfx); + while (rpmfiNext(fi) >= 0) { + if (RPMFILE_IS_INSTALLED(rpmfiFState(fi))) { +- /* If yes then store it */ +- rpmdbAppendIterator(mi, rpmdbIndexIteratorPkgOffsets(ii), +- rpmdbIndexIteratorNumPkgs(ii)); +- break; ++ unsigned int npkg = rpmdbIndexIteratorNumPkgs(ii); ++ const unsigned int *offs = rpmdbIndexIteratorPkgOffsets(ii); ++ /* Save any matching postun triggers */ ++ for (int i = 0; i < npkg; i++) { ++ Header h = rpmdbGetHeaderAt(rpmtsGetRdb(ts), offs[i]); ++ addTriggers(ts, h, RPMSENSE_TRIGGERPOSTUN); ++ headerFree(h); ++ } + } + } + rpmfiFree(fi); + } + rpmdbIndexIteratorFree(ii); +- +- if (rpmdbGetIteratorCount(mi)) { +- /* Filter triggers and save only trans postun triggers into ts */ +- while ((trigH = rpmdbNextIterator(mi)) != NULL) { +- int tix = 0; +- rpmdsTriggers = rpmdsNew(trigH, RPMTAG_TRANSFILETRIGGERNAME, 0); +- while ((rpmdsTrigger = rpmdsFilterTi(rpmdsTriggers, tix))) { +- if ((rpmdsNext(rpmdsTrigger) >= 0) && +- (rpmdsFlags(rpmdsTrigger) & RPMSENSE_TRIGGERPOSTUN)) { +- struct rpmtd_s priorities; +- +- headerGet(trigH, RPMTAG_TRANSFILETRIGGERPRIORITIES, +- &priorities, HEADERGET_MINMEM); +- rpmtdSetIndex(&priorities, tix); +- rpmtriggersAdd(ts->trigs2run, rpmdbGetIteratorOffset(mi), +- tix, *rpmtdGetUint32(&priorities)); +- } +- rpmdsFree(rpmdsTrigger); +- tix++; +- } +- rpmdsFree(rpmdsTriggers); +- } +- } +- rpmdbFreeIterator(mi); + rpmfilesFree(files); + } + +-- +2.35.1 + +From e617e7c550d3523998707c55f96b37ede2c48c78 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Wed, 2 Feb 2022 13:46:23 +0200 +Subject: [PATCH 2/2] Really fix spurious %transfiletriggerpostun execution + (RhBug:2023311) + +Commit b3d672a5523dfec033160e5cc866432a0e808649 got the base reasoning +in the ballpark but the code all wrong, introducing a severe performance +regression without actually fixing what it claimed to. + +The missing incredient is actually comparing the current prefix with the +triggers in matched package (trying to describe this makes my head +spin): a package may have multiple triggers on multiple prefixes and +we need to make sure we only execute triggers of this type, from this +prefix. + +This stuff really needs more and better testcases. + +Fixes: b3d672a5523dfec033160e5cc866432a0e808649 +--- + lib/rpmtriggers.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/lib/rpmtriggers.c b/lib/rpmtriggers.c +index dc457f7cc..c652981be 100644 +--- a/lib/rpmtriggers.c ++++ b/lib/rpmtriggers.c +@@ -97,14 +97,16 @@ static void rpmtriggersSortAndUniq(rpmtriggers trigs) + } + } + +-static void addTriggers(rpmts ts, Header trigH, rpmsenseFlags filter) ++static void addTriggers(rpmts ts, Header trigH, rpmsenseFlags filter, ++ const char *prefix) + { + int tix = 0; + rpmds ds; + rpmds triggers = rpmdsNew(trigH, RPMTAG_TRANSFILETRIGGERNAME, 0); + + while ((ds = rpmdsFilterTi(triggers, tix))) { +- if ((rpmdsNext(ds) >= 0) && (rpmdsFlags(ds) & filter)) { ++ if ((rpmdsNext(ds) >= 0) && (rpmdsFlags(ds) & filter) && ++ strcmp(prefix, rpmdsN(ds)) == 0) { + struct rpmtd_s priorities; + + if (headerGet(trigH, RPMTAG_TRANSFILETRIGGERPRIORITIES, +@@ -141,12 +143,13 @@ void rpmtriggersPrepPostUnTransFileTrigs(rpmts ts, rpmte te) + if (RPMFILE_IS_INSTALLED(rpmfiFState(fi))) { + unsigned int npkg = rpmdbIndexIteratorNumPkgs(ii); + const unsigned int *offs = rpmdbIndexIteratorPkgOffsets(ii); +- /* Save any matching postun triggers */ ++ /* Save any postun triggers matching this prefix */ + for (int i = 0; i < npkg; i++) { + Header h = rpmdbGetHeaderAt(rpmtsGetRdb(ts), offs[i]); +- addTriggers(ts, h, RPMSENSE_TRIGGERPOSTUN); ++ addTriggers(ts, h, RPMSENSE_TRIGGERPOSTUN, pfx); + headerFree(h); + } ++ break; + } + } + rpmfiFree(fi); +-- +2.35.1 + diff --git a/SOURCES/rpm-4.14.3-skip-recorded-symlinks-in-setperms.patch b/SOURCES/rpm-4.14.3-skip-recorded-symlinks-in-setperms.patch new file mode 100644 index 0000000..ee12010 --- /dev/null +++ b/SOURCES/rpm-4.14.3-skip-recorded-symlinks-in-setperms.patch @@ -0,0 +1,40 @@ +From 2e61e5846f8301f85da9d30281538ea736d96fd0 Mon Sep 17 00:00:00 2001 +From: Michal Domonkos +Date: Tue, 7 Dec 2021 08:08:37 +0100 +Subject: [PATCH] Skip recorded symlinks in --setperms (RhBug:1900662) + +If a package contains a symlink in the buildroot which is declared as a +ghost or config file but is a regular file or directory on the system +where it's installed, a --setperms call will reset its permissions to +those of a symlink (777 on Linux), which almost certainly is not the +correct thing to do. + +To fix that, just skip files that were recorded as symlinks. + +This is a special case of a general issue in --setperms; since file +permission semantics may change depending on the file type, to stay on +the safe side, any (ghost or config) file whose type changes after +installation should probably be skipped. However, symlinks are the most +prominent case here, so let's just focus on that now and avoid adding +too much cleverness to a popt alias (this got us into trouble not too +long ago, see commits 38c2f6e and 0d83637). We may revisit this in the +eventual C implementation. +--- + rpmpopt.in | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/rpmpopt.in b/rpmpopt.in +index 67fcabfb1..e130a5d05 100644 +--- a/rpmpopt.in ++++ b/rpmpopt.in +@@ -44,6 +44,7 @@ rpm alias --scripts --qf '\ + --POPTdesc=$"list install/erase scriptlets from package(s)" + + rpm alias --setperms -q --qf '[\[ -L %{FILENAMES:shescape} \] || \ ++ \[ -n %{FILELINKTOS:shescape} \] || \ + ( \[ $((%{FILEFLAGS} & 2#1001000)) != 0 \] && \[ ! -e %{FILENAMES:shescape} \] ) || \ + chmod %7{FILEMODES:octal} %{FILENAMES:shescape}\n]' \ + --pipe "grep -v \(none\) | grep '^. -L ' | sed 's/chmod .../chmod /' | sh" \ +-- +2.35.1 + diff --git a/SPECS/rpm.spec b/SPECS/rpm.spec index c1ae824..7515542 100644 --- a/SPECS/rpm.spec +++ b/SPECS/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.14.3 #global snapver rc2 -%global rel 21 +%global rel 22 %global srcver %{version}%{?snapver:-%{snapver}} %global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x} @@ -112,6 +112,8 @@ Patch158: rpm-4.14.3-imp-covscan-fixes.patch Patch159: rpm-4.14.3-add-path-query-option.patch Patch160: rpm-4.14.3-macroize-find-debuginfo-script-location.patch Patch161: rpm-4.14.3-validate-and-require-subkey-binding-sigs.patch +Patch162: rpm-4.14.3-fix-spurious-transfiletriggerpostun-execution.patch +Patch163: rpm-4.14.3-skip-recorded-symlinks-in-setperms.patch # Python 3 string API sanity Patch500: 0001-In-Python-3-return-all-our-string-data-as-surrogate-.patch @@ -692,6 +694,10 @@ make check || cat tests/rpmtests.log %doc doc/librpm/html/* %changelog +* Tue Feb 15 2022 Michal Domonkos - 4.14.3-22 +- Fix spurious %transfiletriggerpostun execution (#2023693) +- Skip recorded symlinks in --setperms (#1900662) + * Mon Jan 10 2022 Michal Domonkos - 4.14.3-21 - Address covscan issues in binding sigs validation patch (#1958480)