diff --git a/.gitignore b/.gitignore index 1b7c086..d54aaf9 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/0.0.8.tar.gz +SOURCES/toolbox-0.0.99-vendored.tar.xz diff --git a/.toolbox.metadata b/.toolbox.metadata index 8616283..14085f7 100644 --- a/.toolbox.metadata +++ b/.toolbox.metadata @@ -1 +1 @@ -6f386e21fcc201017b4eb0336a15435e72904724 SOURCES/0.0.8.tar.gz +2520d76c13573ab6e543793ab8982026bcaf7882 SOURCES/toolbox-0.0.99-vendored.tar.xz diff --git a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch new file mode 100644 index 0000000..9688a87 --- /dev/null +++ b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch @@ -0,0 +1,40 @@ +From eac80eca4f0e54e38459438ba56d6172fda8cd32 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild} for PPC64 + +The Go toolchain doesn't play well with passing compiler and linker +flags via environment variables. The linker flags require a second +level of quoting, which leaves the build system without a quote level +to assign the flags to an environment variable like GOFLAGS. + +This is one reason why RHEL doesn't have a RPM macro with only the +flags. The %{gobuild} RPM macro includes the entire 'go build ...' +invocation. + +The Go toolchain also doesn't like the LDFLAGS environment variable as +exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't +like the compressed DWARF data generated by the Go toolchain. + +Note that these flags are only meant for the "ppc64" CPU architecture, +and should be kept updated to match RHEL's Go guidelines. Use +'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro. +--- + src/go-build-wrapper | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index 515e1d8a0670..3bd47ce5ae6f 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -27,5 +27,6 @@ if ! cd "$1"; then + exit 1 + fi + +-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox" ++unset LDFLAGS ++go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox" + exit "$?" +-- +2.29.2 + diff --git a/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch new file mode 100644 index 0000000..7d0d717 --- /dev/null +++ b/SOURCES/toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch @@ -0,0 +1,40 @@ +From 856a7f524b63f9033c47a8169fbf8a1cfdf69683 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL's %{gobuild} + +The Go toolchain doesn't play well with passing compiler and linker +flags via environment variables. The linker flags require a second +level of quoting, which leaves the build system without a quote level +to assign the flags to an environment variable like GOFLAGS. + +This is one reason why RHEL doesn't have a RPM macro with only the +flags. The %{gobuild} RPM macro includes the entire 'go build ...' +invocation. + +The Go toolchain also doesn't like the LDFLAGS environment variable as +exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't +like the compressed DWARF data generated by the Go toolchain. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL's Go guidelines. Use +'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro. +--- + src/go-build-wrapper | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index 515e1d8a0670..453b4cfa872b 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -27,5 +27,6 @@ if ! cd "$1"; then + exit 1 + fi + +-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox" ++unset LDFLAGS ++go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox" + exit "$?" +-- +2.29.2 + diff --git a/SPECS/rhcos-toolbox.spec b/SPECS/rhcos-toolbox.spec deleted file mode 100644 index ac865fe..0000000 --- a/SPECS/rhcos-toolbox.spec +++ /dev/null @@ -1,58 +0,0 @@ -Name: toolbox -Version: 0.0.8 -Release: 1%{?dist} -Summary: Script to launch privileged container with podman - -License: ASL 2.0 -URL: https://github.com/coreos/toolbox -Source0: https://github.com/coreos/%{name}/archive/%{version}.tar.gz -Requires: podman -BuildArch: noarch - -%description -toolbox is a small script that launches a container to let -you bring in your favorite debugging or admin tools. - -%define debug_package %{nil} - -%prep -%autosetup - -%build -# No building required - -%install -rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT/%{_bindir} -install -m 755 rhcos-toolbox $RPM_BUILD_ROOT/%{_bindir}/toolbox - -%files -%license LICENSE -%doc README.md NOTICE -%{_bindir}/toolbox - - -%changelog -* Wed Jul 29 2020 Jindrich Novy - 0.0.8-1 -- update to https://github.com/coreos/toolbox/releases/tag/0.0.8 -- Related: #1850230 - -* Tue Mar 24 2020 Jindrich Novy - 0.0.7-1 -- New upstream release 0.0.7 -- Resolves: #1811514 - -* Fri Jun 14 2019 Yu Qi Zhang - 0.0.4-1.el8 -- Update for rhel8.1 container-tools module - -* Tue May 21 2019 Steve Milner - 0.0.4-1.rhaos4.2.el8 -- Add help switch per RHBZ#1684258 -- Spec fixes found by rpmlint - -* Thu May 2 2019 Micah Abbott - 0.0.3-1.rhaos4.1.el8 -- Use rhel8/support-tools - -* Sat Jan 26 2019 Yu Qi Zhang - 0.0.2-1.rhaos4.1.el8 -- Add runlabel options and fix default image - -* Thu Sep 6 2018 Yu Qi Zhang - 0.0.1-1.rhaos4.1.el8 -- Initial Specfile for Red Hat CoreOS Toolbox diff --git a/SPECS/toolbox.spec b/SPECS/toolbox.spec new file mode 100644 index 0000000..ccf4e67 --- /dev/null +++ b/SPECS/toolbox.spec @@ -0,0 +1,122 @@ +# RHEL's RPM toolchain doesn't like the compressed DWARF data generated by the +# Go toolchain. +%global _dwz_low_mem_die_limit 0 +%global _find_debuginfo_dwz_opts %{nil} + +Name: toolbox +Version: 0.0.99 + +%global goipath github.com/containers/%{name} +%gometa + +Release: 1%{?dist} +Summary: Unprivileged development environment + +License: ASL 2.0 +URL: https://github.com/containers/%{name} + +# https://github.com/containers/%%{name}/releases/download/%%{version}/%%{name}-%%{version}.tar.xz +# A vendored tarball was created from the upstream tarball: +# $ cd src +# $ go mod vendor +Source0: %{name}-%{version}-vendored.tar.xz + +# RHEL specific +Patch100: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch +Patch101: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=1905383 +ExcludeArch: %{ix86} + +BuildRequires: golang >= 1.13 +BuildRequires: go-md2man +BuildRequires: meson +BuildRequires: pkgconfig(bash-completion) +BuildRequires: systemd + +Requires: podman >= 1.4.0 + + +%description +Toolbox is a tool for Linux operating systems, which allows the use of +containerized command line environments. It is built on top of Podman and +other standard container technologies from OCI. + + +%package tests +Summary: Tests for %{name} + +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description tests +The %{name}-tests package contains system tests for %{name}. + + +%prep +%setup -q + +%ifnarch ppc64 +%patch100 -p1 +%else +%patch101 -p1 +%endif + +# %%gomkdir is absent from RHEL 8. +GOBUILDDIR="$(pwd)/_build" +GOSOURCEDIR="$(pwd)" +if [[ ! -e "$GOBUILDDIR/bin" ]] ; then + install -m 0755 -vd "$GOBUILDDIR/bin" +fi +if [[ ! -e "$GOBUILDDIR/src/%{goipath}" ]] ; then + install -m 0755 -vd "$(dirname $GOBUILDDIR/src/%{goipath})" + ln -fs "$GOSOURCEDIR" "$GOBUILDDIR/src/%{goipath}" +fi +cd "$GOBUILDDIR/src/%{goipath}" + + +%build +export GO111MODULE=off +GOBUILDDIR="$(pwd)/_build" +export GOPATH="$GOBUILDDIR:%{gopath}" +export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" +ln -s src/cmd cmd +ln -s src/pkg pkg +ln -s src/vendor vendor +%meson --buildtype=plain -Dprofile_dir=%{_sysconfdir}/profile.d +%meson_build + + +%install +%meson_install + + +%files +%doc CODE-OF-CONDUCT.md NEWS README.md SECURITY.md +%license COPYING +%{_bindir}/%{name} +%{_datadir}/bash-completion +%{_mandir}/man1/%{name}.1* +%{_mandir}/man1/%{name}-*.1* +%{_sysconfdir}/profile.d/%{name}.sh +%{_tmpfilesdir}/%{name}.conf + +%files tests +%{_datadir}/%{name} + + +%changelog +* Tue Jan 12 2021 Jindrich Novy - 0.0.99-1 +- Update to 0.0.99 +- Related: #1883490 + +* Tue Jan 12 2021 Jindrich Novy - 0.0.98.1-3 +- remove bats as it's not present in RHEL +- Related: #1883490 + +* Mon Jan 11 2021 Jindrich Novy - 0.0.98.1-2 +- harden the toolbox binary +- minor fixes +- Related: #1883490 + +* Fri Jan 08 2021 Debarshi Ray - 0.0.98.1-1 +- Rebase to github.com/containers/toolbox