Compare commits
9 Commits
Author | SHA1 | Date |
---|---|---|
Mark Wielaard | 29d9906e6b | |
Mark Wielaard | 4f4eee4ca3 | |
Mark Wielaard | 197c1a46d5 | |
Mark Wielaard | 7ffb94911b | |
Mark Wielaard | 12adbb8900 | |
Mark Wielaard | 00bc2130ca | |
Mark Wielaard | a3096b0722 | |
Mark Wielaard | 98fbdf29b0 | |
Martin Cermak | bd36b901ed |
|
@ -28,5 +28,3 @@
|
||||||
/elfutils-0.185.tar.bz2
|
/elfutils-0.185.tar.bz2
|
||||||
/elfutils-0.186.tar.bz2
|
/elfutils-0.186.tar.bz2
|
||||||
/elfutils-0.187.tar.bz2
|
/elfutils-0.187.tar.bz2
|
||||||
/elfutils-0.188.tar.bz2
|
|
||||||
/elfutils-0.189.tar.bz2
|
|
||||||
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
commit f1252e4dbe781f75d806ce0b990779548eeeb7a9
|
||||||
|
Author: Mark Wielaard <mark@klomp.org>
|
||||||
|
Date: Tue May 3 17:48:55 2022 +0200
|
||||||
|
|
||||||
|
config: Move the 2>/dev/null inside the sh -c '' quotes for profile.csh.
|
||||||
|
|
||||||
|
csh/tcsh would warn about "Ambiguous output redirect" if not done inside
|
||||||
|
the sh -c command.
|
||||||
|
|
||||||
|
Fix-by: наб <nabijaczleweli@nabijaczleweli.xyz>
|
||||||
|
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=2080957
|
||||||
|
|
||||||
|
Signed-off-by: Mark Wielaard <mark@klomp.org>
|
||||||
|
|
||||||
|
diff --git a/config/profile.csh.in b/config/profile.csh.in
|
||||||
|
index 012e243a..74c20c99 100644
|
||||||
|
--- a/config/profile.csh.in
|
||||||
|
+++ b/config/profile.csh.in
|
||||||
|
@@ -6,7 +6,7 @@
|
||||||
|
|
||||||
|
if (! $?DEBUGINFOD_URLS) then
|
||||||
|
set prefix="@prefix@"
|
||||||
|
- set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls; :' "@sysconfdir@/debuginfod" 2>/dev/null | tr '\n' ' '`
|
||||||
|
+ set DEBUGINFOD_URLS=`sh -c 'cat "$0"/*.urls 2>/dev/null; :' "@sysconfdir@/debuginfod" | tr '\n' ' '`
|
||||||
|
if ( "$DEBUGINFOD_URLS" != "" ) then
|
||||||
|
setenv DEBUGINFOD_URLS "$DEBUGINFOD_URLS"
|
||||||
|
else
|
|
@ -0,0 +1,98 @@
|
||||||
|
commit 59158656f3b0b99d8784ddc82c15778813000edc
|
||||||
|
Author: Frank Ch. Eigler <fche@redhat.com>
|
||||||
|
Date: Wed May 4 10:26:42 2022 -0400
|
||||||
|
|
||||||
|
PR29117: fix fd leak in debuginfod client for cache-miss files
|
||||||
|
|
||||||
|
Correct a nasty fd leak and a few less nasty leaks in the debuginfod
|
||||||
|
client code. The nasty one impacts long-lived apps such as debuginfod
|
||||||
|
servers.
|
||||||
|
|
||||||
|
Signed-off-by: Mark Wielaard <mark@klomp.org>
|
||||||
|
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
|
||||||
|
|
||||||
|
diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
|
||||||
|
index ea6e461a..521972e4 100644
|
||||||
|
--- a/debuginfod/debuginfod-client.c
|
||||||
|
+++ b/debuginfod/debuginfod-client.c
|
||||||
|
@@ -243,7 +243,13 @@ debuginfod_config_cache(char *config_path,
|
||||||
|
return -errno;
|
||||||
|
|
||||||
|
if (dprintf(fd, "%ld", cache_config_default_s) < 0)
|
||||||
|
- return -errno;
|
||||||
|
+ {
|
||||||
|
+ int ret = -errno;
|
||||||
|
+ close (fd);
|
||||||
|
+ return ret;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ close (fd);
|
||||||
|
}
|
||||||
|
|
||||||
|
long cache_config;
|
||||||
|
@@ -284,7 +290,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path)
|
||||||
|
return -errno;
|
||||||
|
|
||||||
|
if (dprintf(fd, "%ld", cache_clean_default_interval_s) < 0)
|
||||||
|
- return -errno;
|
||||||
|
+ {
|
||||||
|
+ int ret = -errno;
|
||||||
|
+ close (fd);
|
||||||
|
+ return ret;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ close (fd);
|
||||||
|
|
||||||
|
/* init max age config file. */
|
||||||
|
if (stat(maxage_path, &st) != 0
|
||||||
|
@@ -292,8 +304,13 @@ debuginfod_init_cache (char *cache_path, char *interval_path, char *maxage_path)
|
||||||
|
return -errno;
|
||||||
|
|
||||||
|
if (dprintf(fd, "%ld", cache_default_max_unused_age_s) < 0)
|
||||||
|
- return -errno;
|
||||||
|
+ {
|
||||||
|
+ int ret = -errno;
|
||||||
|
+ close (fd);
|
||||||
|
+ return ret;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
+ close (fd);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -812,18 +829,17 @@ debuginfod_query_server (debuginfod_client *c,
|
||||||
|
has passed since the last attempt. */
|
||||||
|
time_t cache_miss;
|
||||||
|
time_t target_mtime = st.st_mtime;
|
||||||
|
+
|
||||||
|
+ close(fd); /* no need to hold onto the negative-hit file descriptor */
|
||||||
|
+
|
||||||
|
rc = debuginfod_config_cache(cache_miss_path,
|
||||||
|
cache_miss_default_s, &st);
|
||||||
|
if (rc < 0)
|
||||||
|
- {
|
||||||
|
- close(fd);
|
||||||
|
- goto out;
|
||||||
|
- }
|
||||||
|
+ goto out;
|
||||||
|
|
||||||
|
cache_miss = (time_t)rc;
|
||||||
|
if (time(NULL) - target_mtime <= cache_miss)
|
||||||
|
{
|
||||||
|
- close(fd);
|
||||||
|
rc = -ENOENT;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
diff --git a/debuginfod/debuginfod-find.c b/debuginfod/debuginfod-find.c
|
||||||
|
index 3e8ab203..f60b5463 100644
|
||||||
|
--- a/debuginfod/debuginfod-find.c
|
||||||
|
+++ b/debuginfod/debuginfod-find.c
|
||||||
|
@@ -231,6 +231,8 @@ main(int argc, char** argv)
|
||||||
|
fprintf(stderr, "Server query failed: %s\n", strerror(-rc));
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
+ else
|
||||||
|
+ close (rc);
|
||||||
|
|
||||||
|
printf("%s\n", cache_name);
|
||||||
|
free (cache_name);
|
|
@ -0,0 +1,51 @@
|
||||||
|
commit 28f9d86ea89f88b24f1d12c8e9d5ddc3f77da194
|
||||||
|
Author: Mark Wielaard <mark@klomp.org>
|
||||||
|
Date: Fri May 6 00:29:28 2022 +0200
|
||||||
|
|
||||||
|
debuginfod: Use MHD_USE_EPOLL for libmicrohttpd version 0.9.51 or higher
|
||||||
|
|
||||||
|
Also disable MHD_USE_THREAD_PER_CONNECTION when using MHD_USE_EPOLL.
|
||||||
|
|
||||||
|
https://sourceware.org/bugzilla/show_bug.cgi?id=29123
|
||||||
|
|
||||||
|
Signed-off-by: Mark Wielaard <mark@klomp.org>
|
||||||
|
|
||||||
|
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
|
||||||
|
index c02540f1..d4f47bf7 100644
|
||||||
|
--- a/debuginfod/debuginfod.cxx
|
||||||
|
+++ b/debuginfod/debuginfod.cxx
|
||||||
|
@@ -1,6 +1,6 @@
|
||||||
|
/* Debuginfo-over-http server.
|
||||||
|
Copyright (C) 2019-2021 Red Hat, Inc.
|
||||||
|
- Copyright (C) 2021 Mark J. Wielaard <mark@klomp.org>
|
||||||
|
+ Copyright (C) 2021, 2022 Mark J. Wielaard <mark@klomp.org>
|
||||||
|
This file is part of elfutils.
|
||||||
|
|
||||||
|
This file is free software; you can redistribute it and/or modify
|
||||||
|
@@ -3899,7 +3899,14 @@ main (int argc, char *argv[])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- unsigned int mhd_flags = ((connection_pool
|
||||||
|
+ /* Note that MHD_USE_EPOLL and MHD_USE_THREAD_PER_CONNECTION don't
|
||||||
|
+ work together. */
|
||||||
|
+ unsigned int use_epoll = 0;
|
||||||
|
+#if MHD_VERSION >= 0x00095100
|
||||||
|
+ use_epoll = MHD_USE_EPOLL;
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+ unsigned int mhd_flags = ((connection_pool || use_epoll
|
||||||
|
? 0 : MHD_USE_THREAD_PER_CONNECTION)
|
||||||
|
#if MHD_VERSION >= 0x00095300
|
||||||
|
| MHD_USE_INTERNAL_POLLING_THREAD
|
||||||
|
@@ -3907,9 +3914,7 @@ main (int argc, char *argv[])
|
||||||
|
| MHD_USE_SELECT_INTERNALLY
|
||||||
|
#endif
|
||||||
|
| MHD_USE_DUAL_STACK
|
||||||
|
-#ifdef MHD_USE_EPOLL
|
||||||
|
- | MHD_USE_EPOLL
|
||||||
|
-#endif
|
||||||
|
+ | use_epoll
|
||||||
|
#if MHD_VERSION >= 0x00095200
|
||||||
|
| MHD_USE_ITC
|
||||||
|
#endif
|
|
@ -0,0 +1,118 @@
|
||||||
|
commit ba675ed25a26fd425ffd19b02cf18babf4291b4f
|
||||||
|
Author: Mark Wielaard <mark@klomp.org>
|
||||||
|
Date: Thu May 5 23:59:57 2022 +0200
|
||||||
|
|
||||||
|
debuginfod: Try without MHD_USE_DUAL_STACK if MHD_start_daemon fails
|
||||||
|
|
||||||
|
On a systems that have ipv6 disabled debuginfod doesn't start up
|
||||||
|
anymore because libhttpd MHD_USE_DUAL_STACK only works if it can
|
||||||
|
open an ipv6 socket. If MHD_start_daemon with MHD_USE_DUAL_STACK
|
||||||
|
fails try again without that flag set.
|
||||||
|
|
||||||
|
https://sourceware.org/bugzilla/show_bug.cgi?id=29122
|
||||||
|
|
||||||
|
Signed-off-by: Mark Wielaard <mark@klomp.org>
|
||||||
|
|
||||||
|
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
|
||||||
|
index 4aaf41c0..c02540f1 100644
|
||||||
|
--- a/debuginfod/debuginfod.cxx
|
||||||
|
+++ b/debuginfod/debuginfod.cxx
|
||||||
|
@@ -3899,40 +3899,67 @@ main (int argc, char *argv[])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- // Start httpd server threads. Use a single dual-homed pool.
|
||||||
|
- MHD_Daemon *d46 = MHD_start_daemon ((connection_pool ? 0 : MHD_USE_THREAD_PER_CONNECTION)
|
||||||
|
+ unsigned int mhd_flags = ((connection_pool
|
||||||
|
+ ? 0 : MHD_USE_THREAD_PER_CONNECTION)
|
||||||
|
#if MHD_VERSION >= 0x00095300
|
||||||
|
- | MHD_USE_INTERNAL_POLLING_THREAD
|
||||||
|
+ | MHD_USE_INTERNAL_POLLING_THREAD
|
||||||
|
#else
|
||||||
|
- | MHD_USE_SELECT_INTERNALLY
|
||||||
|
+ | MHD_USE_SELECT_INTERNALLY
|
||||||
|
#endif
|
||||||
|
+ | MHD_USE_DUAL_STACK
|
||||||
|
#ifdef MHD_USE_EPOLL
|
||||||
|
- | MHD_USE_EPOLL
|
||||||
|
+ | MHD_USE_EPOLL
|
||||||
|
#endif
|
||||||
|
- | MHD_USE_DUAL_STACK
|
||||||
|
#if MHD_VERSION >= 0x00095200
|
||||||
|
- | MHD_USE_ITC
|
||||||
|
+ | MHD_USE_ITC
|
||||||
|
#endif
|
||||||
|
- | MHD_USE_DEBUG, /* report errors to stderr */
|
||||||
|
- http_port,
|
||||||
|
- NULL, NULL, /* default accept policy */
|
||||||
|
- handler_cb, NULL, /* handler callback */
|
||||||
|
- MHD_OPTION_EXTERNAL_LOGGER, error_cb, NULL,
|
||||||
|
- (connection_pool ? MHD_OPTION_THREAD_POOL_SIZE : MHD_OPTION_END),
|
||||||
|
- (connection_pool ? (int)connection_pool : MHD_OPTION_END),
|
||||||
|
- MHD_OPTION_END);
|
||||||
|
+ | MHD_USE_DEBUG); /* report errors to stderr */
|
||||||
|
|
||||||
|
+ // Start httpd server threads. Use a single dual-homed pool.
|
||||||
|
+ MHD_Daemon *d46 = MHD_start_daemon (mhd_flags, http_port,
|
||||||
|
+ NULL, NULL, /* default accept policy */
|
||||||
|
+ handler_cb, NULL, /* handler callback */
|
||||||
|
+ MHD_OPTION_EXTERNAL_LOGGER,
|
||||||
|
+ error_cb, NULL,
|
||||||
|
+ (connection_pool
|
||||||
|
+ ? MHD_OPTION_THREAD_POOL_SIZE
|
||||||
|
+ : MHD_OPTION_END),
|
||||||
|
+ (connection_pool
|
||||||
|
+ ? (int)connection_pool
|
||||||
|
+ : MHD_OPTION_END),
|
||||||
|
+ MHD_OPTION_END);
|
||||||
|
+
|
||||||
|
+ MHD_Daemon *d4 = NULL;
|
||||||
|
if (d46 == NULL)
|
||||||
|
{
|
||||||
|
- sqlite3 *database = db;
|
||||||
|
- sqlite3 *databaseq = dbq;
|
||||||
|
- db = dbq = 0; // for signal_handler not to freak
|
||||||
|
- sqlite3_close (databaseq);
|
||||||
|
- sqlite3_close (database);
|
||||||
|
- error (EXIT_FAILURE, 0, "cannot start http server at port %d", http_port);
|
||||||
|
- }
|
||||||
|
+ // Cannot use dual_stack, use ipv4 only
|
||||||
|
+ mhd_flags &= ~(MHD_USE_DUAL_STACK);
|
||||||
|
+ d4 = MHD_start_daemon (mhd_flags, http_port,
|
||||||
|
+ NULL, NULL, /* default accept policy */
|
||||||
|
+ handler_cb, NULL, /* handler callback */
|
||||||
|
+ MHD_OPTION_EXTERNAL_LOGGER,
|
||||||
|
+ error_cb, NULL,
|
||||||
|
+ (connection_pool
|
||||||
|
+ ? MHD_OPTION_THREAD_POOL_SIZE
|
||||||
|
+ : MHD_OPTION_END),
|
||||||
|
+ (connection_pool
|
||||||
|
+ ? (int)connection_pool
|
||||||
|
+ : MHD_OPTION_END),
|
||||||
|
+ MHD_OPTION_END);
|
||||||
|
+ if (d4 == NULL)
|
||||||
|
+ {
|
||||||
|
+ sqlite3 *database = db;
|
||||||
|
+ sqlite3 *databaseq = dbq;
|
||||||
|
+ db = dbq = 0; // for signal_handler not to freak
|
||||||
|
+ sqlite3_close (databaseq);
|
||||||
|
+ sqlite3_close (database);
|
||||||
|
+ error (EXIT_FAILURE, 0, "cannot start http server at port %d",
|
||||||
|
+ http_port);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- obatched(clog) << "started http server on IPv4 IPv6 "
|
||||||
|
+ }
|
||||||
|
+ obatched(clog) << "started http server on"
|
||||||
|
+ << (d4 != NULL ? " IPv4 " : " IPv4 IPv6 ")
|
||||||
|
<< "port=" << http_port << endl;
|
||||||
|
|
||||||
|
// add maxigroom sql if -G given
|
||||||
|
@@ -4053,6 +4080,7 @@ main (int argc, char *argv[])
|
||||||
|
|
||||||
|
/* Stop all the web service threads. */
|
||||||
|
if (d46) MHD_stop_daemon (d46);
|
||||||
|
+ if (d4) MHD_stop_daemon (d4);
|
||||||
|
|
||||||
|
if (! passive_p)
|
||||||
|
{
|
|
@ -1 +0,0 @@
|
||||||
u debuginfod - "elfutils debuginfo server" /var/cache/debuginfod -
|
|
|
@ -1,12 +1,11 @@
|
||||||
Name: elfutils
|
Name: elfutils
|
||||||
Version: 0.189
|
Version: 0.187
|
||||||
%global baserelease 1
|
%global baserelease 4
|
||||||
Release: %{baserelease}%{?dist}
|
Release: %{baserelease}%{?dist}
|
||||||
URL: http://elfutils.org/
|
URL: http://elfutils.org/
|
||||||
%global source_url ftp://sourceware.org/pub/elfutils/%{version}/
|
%global source_url ftp://sourceware.org/pub/elfutils/%{version}/
|
||||||
License: GPLv3+ and (GPLv2+ or LGPLv3+) and GFDL
|
License: GPLv3+ and (GPLv2+ or LGPLv3+) and GFDL
|
||||||
Source: %{?source_url}%{name}-%{version}.tar.bz2
|
Source: %{?source_url}%{name}-%{version}.tar.bz2
|
||||||
Source1: elfutils-debuginfod.sysusers
|
|
||||||
Summary: A collection of utilities and DSOs to handle ELF files and DWARF data
|
Summary: A collection of utilities and DSOs to handle ELF files and DWARF data
|
||||||
|
|
||||||
# Needed for isa specific Provides and Requires.
|
# Needed for isa specific Provides and Requires.
|
||||||
|
@ -48,8 +47,6 @@ BuildRequires: iproute
|
||||||
BuildRequires: procps
|
BuildRequires: procps
|
||||||
BuildRequires: bsdtar
|
BuildRequires: bsdtar
|
||||||
BuildRequires: curl
|
BuildRequires: curl
|
||||||
# For run-debuginfod-response-headers.sh test case
|
|
||||||
BuildRequires: socat
|
|
||||||
|
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
|
@ -58,22 +55,24 @@ BuildRequires: gettext-devel
|
||||||
%global _gnu %{nil}
|
%global _gnu %{nil}
|
||||||
%global _program_prefix eu-
|
%global _program_prefix eu-
|
||||||
|
|
||||||
%global provide_yama_scope 0
|
%global provide_yama_scope 0
|
||||||
|
|
||||||
%if 0%{?fedora} >= 22 || 0%{?rhel} >= 7
|
%if 0%{?fedora} >= 22 || 0%{?rhel} >= 7
|
||||||
%global provide_yama_scope 1
|
%global provide_yama_scope 1
|
||||||
%endif
|
|
||||||
|
|
||||||
%global with_sysusers 0
|
|
||||||
|
|
||||||
%if 0%{?fedora} >= 32 || 0%{?rhel} >= 9
|
|
||||||
%global with_sysusers 1
|
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
# Patches
|
# Patches
|
||||||
|
|
||||||
# For s390x... FDO package notes are bogus.
|
# For s390x... FDO package notes are bogus.
|
||||||
Patch1: elfutils-0.186-fdo-swap.patch
|
Patch1: elfutils-0.186-fdo-swap.patch
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2080957
|
||||||
|
Patch2: elfutils-0.187-csh-profile.patch
|
||||||
|
# https://sourceware.org/bugzilla/show_bug.cgi?id=29117
|
||||||
|
Patch3: elfutils-0.187-debuginfod-client-fd-leak.patch
|
||||||
|
# https://sourceware.org/bugzilla/show_bug.cgi?id=29122
|
||||||
|
Patch4: elfutils-0.187-mhd_no_dual_stack.patch
|
||||||
|
# https://sourceware.org/bugzilla/show_bug.cgi?id=29123
|
||||||
|
Patch5: elfutils-0.187-mhd_epoll.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Elfutils is a collection of utilities, including stack (to show
|
Elfutils is a collection of utilities, including stack (to show
|
||||||
|
@ -217,18 +216,11 @@ Requires: elfutils-libs%{depsuffix} = %{version}-%{release}
|
||||||
Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
|
Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
|
||||||
Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
|
Requires: elfutils-debuginfod-client%{depsuffix} = %{version}-%{release}
|
||||||
BuildRequires: systemd
|
BuildRequires: systemd
|
||||||
%if %{with_sysusers}
|
|
||||||
BuildRequires: systemd-rpm-macros
|
|
||||||
%endif
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
Requires(post): systemd
|
Requires(post): systemd
|
||||||
Requires(preun): systemd
|
Requires(preun): systemd
|
||||||
Requires(postun): systemd
|
Requires(postun): systemd
|
||||||
%if %{with_sysusers}
|
|
||||||
%{?sysusers_requires_compat}
|
|
||||||
%else
|
|
||||||
Requires(pre): shadow-utils
|
Requires(pre): shadow-utils
|
||||||
%endif
|
|
||||||
# To extract .deb files with a bsdtar (= libarchive) subshell
|
# To extract .deb files with a bsdtar (= libarchive) subshell
|
||||||
Requires: bsdtar
|
Requires: bsdtar
|
||||||
|
|
||||||
|
@ -269,14 +261,7 @@ RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat"
|
||||||
|
|
||||||
|
|
||||||
trap 'cat config.log' EXIT
|
trap 'cat config.log' EXIT
|
||||||
# dist_debuginfod_url is defined in macros.dist. Fedora and CentOS have
|
%configure CFLAGS="$RPM_OPT_FLAGS" --enable-debuginfod-urls=https://debuginfod.fedoraproject.org/
|
||||||
# URLs pointing to their respective servers. RHEL and Amazon Linux do
|
|
||||||
# not configure a default server.
|
|
||||||
%if "%{?dist_debuginfod_url}"
|
|
||||||
%configure CFLAGS="$RPM_OPT_FLAGS" --enable-debuginfod-urls=%{dist_debuginfod_url}
|
|
||||||
%else
|
|
||||||
%configure CFLAGS="$RPM_OPT_FLAGS"
|
|
||||||
%endif
|
|
||||||
trap '' EXIT
|
trap '' EXIT
|
||||||
%make_build
|
%make_build
|
||||||
|
|
||||||
|
@ -298,10 +283,6 @@ install -Dm0644 config/debuginfod.sysconfig ${RPM_BUILD_ROOT}%{_sysconfdir}/sysc
|
||||||
mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod
|
mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod
|
||||||
touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
touch ${RPM_BUILD_ROOT}%{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
||||||
|
|
||||||
%if %{with_sysusers}
|
|
||||||
install -Dm0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/elfutils-debuginfod.conf
|
|
||||||
%endif
|
|
||||||
|
|
||||||
%check
|
%check
|
||||||
# Record some build root versions in build.log
|
# Record some build root versions in build.log
|
||||||
uname -r; rpm -q binutils gcc glibc || true
|
uname -r; rpm -q binutils gcc glibc || true
|
||||||
|
@ -400,9 +381,7 @@ fi
|
||||||
%{_mandir}/man1/debuginfod-find.1*
|
%{_mandir}/man1/debuginfod-find.1*
|
||||||
%{_mandir}/man7/debuginfod*.7*
|
%{_mandir}/man7/debuginfod*.7*
|
||||||
%config(noreplace) %{_sysconfdir}/profile.d/*
|
%config(noreplace) %{_sysconfdir}/profile.d/*
|
||||||
%if "%{?dist_debuginfod_url}"
|
|
||||||
%config(noreplace) %{_sysconfdir}/debuginfod/*
|
%config(noreplace) %{_sysconfdir}/debuginfod/*
|
||||||
%endif
|
|
||||||
|
|
||||||
%files debuginfod-client-devel
|
%files debuginfod-client-devel
|
||||||
%{_libdir}/pkgconfig/libdebuginfod.pc
|
%{_libdir}/pkgconfig/libdebuginfod.pc
|
||||||
|
@ -414,26 +393,18 @@ fi
|
||||||
%{_bindir}/debuginfod
|
%{_bindir}/debuginfod
|
||||||
%config(noreplace) %{_sysconfdir}/sysconfig/debuginfod
|
%config(noreplace) %{_sysconfdir}/sysconfig/debuginfod
|
||||||
%{_unitdir}/debuginfod.service
|
%{_unitdir}/debuginfod.service
|
||||||
%if %{with_sysusers}
|
%{_sysconfdir}/sysconfig/debuginfod
|
||||||
%{_sysusersdir}/elfutils-debuginfod.conf
|
%{_mandir}/man8/debuginfod.8*
|
||||||
%endif
|
|
||||||
%{_mandir}/man8/debuginfod*.8*
|
|
||||||
%{_mandir}/man7/debuginfod*.7*
|
|
||||||
|
|
||||||
|
|
||||||
%dir %attr(0700,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod
|
%dir %attr(0700,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod
|
||||||
%ghost %attr(0600,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
%ghost %attr(0600,debuginfod,debuginfod) %{_localstatedir}/cache/debuginfod/debuginfod.sqlite
|
||||||
|
|
||||||
%pre debuginfod
|
%pre debuginfod
|
||||||
%if %{with_sysusers}
|
|
||||||
%sysusers_create_compat %{SOURCE1}
|
|
||||||
%else
|
|
||||||
getent group debuginfod >/dev/null || groupadd -r debuginfod
|
getent group debuginfod >/dev/null || groupadd -r debuginfod
|
||||||
getent passwd debuginfod >/dev/null || \
|
getent passwd debuginfod >/dev/null || \
|
||||||
useradd -r -g debuginfod -d /var/cache/debuginfod -s /sbin/nologin \
|
useradd -r -g debuginfod -d /var/cache/debuginfod -s /sbin/nologin \
|
||||||
-c "elfutils debuginfo server" debuginfod
|
-c "elfutils debuginfo server" debuginfod
|
||||||
exit 0
|
exit 0
|
||||||
%endif
|
|
||||||
|
|
||||||
%post debuginfod
|
%post debuginfod
|
||||||
%systemd_post debuginfod.service
|
%systemd_post debuginfod.service
|
||||||
|
@ -442,42 +413,6 @@ exit 0
|
||||||
%systemd_postun_with_restart debuginfod.service
|
%systemd_postun_with_restart debuginfod.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Fri Mar 3 2023 Mark Wielaard <mjw@fedoraproject.org> - 0.189-1
|
|
||||||
- Upgrade to upsteam elfutils 0.189.
|
|
||||||
|
|
||||||
* Fri Jan 27 2023 Mark Wielaard <mjw@fedoraproject.org> - 0.188-5
|
|
||||||
- Add elfutils-0.188-deprecated-CURLINFO.patch,
|
|
||||||
elfutils-0.188-CURL_AT_LEAST_VERSION.patch and
|
|
||||||
elfutils-0.188-CURLOPT_PROTOCOLS_STR.patch
|
|
||||||
|
|
||||||
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.188-4
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
|
||||||
|
|
||||||
* Mon Nov 7 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.188-3
|
|
||||||
- Add elfutils-0.188-compile-warnings.patch
|
|
||||||
- Add elfutils-0.188-debuginfod-client-lifetime.patch
|
|
||||||
|
|
||||||
* Wed Nov 2 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.188-2
|
|
||||||
- Add elfutils-0.188-static-extract_section.patch.
|
|
||||||
|
|
||||||
* Wed Nov 2 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.188-1
|
|
||||||
- Upgrade to upsteam elfutils 0.188.
|
|
||||||
|
|
||||||
* Wed Oct 5 2022 Amit Shah <amitshah@fedoraproject.org> - 0.187-9
|
|
||||||
- Auto-configure debuginfod_url based on macros.dist
|
|
||||||
|
|
||||||
* Wed Aug 24 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.187-8
|
|
||||||
- Use %%sysusers_requires_compat to match %%sysusers_create_compat
|
|
||||||
|
|
||||||
* Wed Jul 27 2022 Amit Shah <amitshah@fedoraproject.org> - 0.187-7
|
|
||||||
- Allow building without default debuginfod URL
|
|
||||||
|
|
||||||
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.187-6
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
|
||||||
|
|
||||||
* Tue Jun 14 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-5
|
|
||||||
- Add sysuser support for creating the debuginfod user
|
|
||||||
|
|
||||||
* Fri May 6 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-4
|
* Fri May 6 2022 Mark Wielaard <mjw@fedoraproject.org> - 0.187-4
|
||||||
- Add elfutils-0.187-mhd_no_dual_stack.patch
|
- Add elfutils-0.187-mhd_no_dual_stack.patch
|
||||||
- Add elfutils-0.187-mhd_epoll.patch
|
- Add elfutils-0.187-mhd_epoll.patch
|
||||||
|
@ -518,9 +453,6 @@ exit 0
|
||||||
- Add elfutils-0.186-fdo-swap.patch
|
- Add elfutils-0.186-fdo-swap.patch
|
||||||
- Add elfutils-0.186-ppc64le-error-return-workaround.patch
|
- Add elfutils-0.186-ppc64le-error-return-workaround.patch
|
||||||
|
|
||||||
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.186-2
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
|
||||||
|
|
||||||
* Wed Nov 10 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.186-1
|
* Wed Nov 10 2021 Mark Wielaard <mjw@fedoraproject.org> - 0.186-1
|
||||||
- Upgrade to upstream 0.186
|
- Upgrade to upstream 0.186
|
||||||
- debuginfod-client: Default $DEBUGINFOD_URLS is computed from
|
- debuginfod-client: Default $DEBUGINFOD_URLS is computed from
|
||||||
|
|
|
@ -5,7 +5,6 @@ decision_context: bodhi_update_push_stable
|
||||||
subject_type: koji_build
|
subject_type: koji_build
|
||||||
rules:
|
rules:
|
||||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.rpminspect.static-analysis}
|
|
||||||
--- !Policy
|
--- !Policy
|
||||||
product_versions:
|
product_versions:
|
||||||
- rhel-9
|
- rhel-9
|
||||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
SHA512 (elfutils-0.189.tar.bz2) = 93a877e34db93e5498581d0ab2d702b08c0d87e4cafd9cec9d6636dfa85a168095c305c11583a5b0fb79374dd93bc8d0e9ce6016e6c172764bcea12861605b71
|
SHA512 (elfutils-0.187.tar.bz2) = a9b9e32b503b8b50a62d4e4001097ed2721d3475232a6380e6b9853bd1647aec016440c0ca7ceb950daf1144f8db9814ab43cf33cc0ebef7fc91e9e775c9e874
|
||||||
|
|
|
@ -54,7 +54,7 @@ $(METADATA): Makefile
|
||||||
@echo "TestTime: 48h" >> $(METADATA)
|
@echo "TestTime: 48h" >> $(METADATA)
|
||||||
@echo "RunFor: elfutils" >> $(METADATA)
|
@echo "RunFor: elfutils" >> $(METADATA)
|
||||||
@echo "Requires: elfutils" >> $(METADATA)
|
@echo "Requires: elfutils" >> $(METADATA)
|
||||||
@echo "Requires: bash bash-debuginfo" >> $(METADATA)
|
@echo "Requires: bash" >> $(METADATA)
|
||||||
@echo "Priority: Normal" >> $(METADATA)
|
@echo "Priority: Normal" >> $(METADATA)
|
||||||
@echo "License: GPLv2+" >> $(METADATA)
|
@echo "License: GPLv2+" >> $(METADATA)
|
||||||
@echo "Confidential: no" >> $(METADATA)
|
@echo "Confidential: no" >> $(METADATA)
|
||||||
|
|
|
@ -2,15 +2,15 @@ summary: GNU-Attribute-notes-not-recognized
|
||||||
description: |
|
description: |
|
||||||
Bug summary: elfutils doesn't recognize GNU Attribute notes
|
Bug summary: elfutils doesn't recognize GNU Attribute notes
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1650125
|
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1650125
|
||||||
contact: Martin Cermak <mcermak@redhat.com>
|
contact:
|
||||||
|
- Martin Cermak <mcermak@redhat.com>
|
||||||
component:
|
component:
|
||||||
- elfutils
|
- elfutils
|
||||||
test: ./runtest.sh
|
test: ./runtest.sh
|
||||||
framework: beakerlib
|
framework: beakerlib
|
||||||
recommend:
|
recommend:
|
||||||
- elfutils
|
- elfutils
|
||||||
- bash
|
- bash
|
||||||
- bash-debuginfo
|
|
||||||
duration: 48h
|
duration: 48h
|
||||||
extra-summary: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
extra-summary: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
||||||
extra-task: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
extra-task: /tools/elfutils/Regression/GNU-Attribute-notes-not-recognized
|
||||||
|
|
|
@ -32,35 +32,12 @@ PACKAGE="elfutils"
|
||||||
|
|
||||||
rlJournalStart
|
rlJournalStart
|
||||||
rlPhaseStartTest
|
rlPhaseStartTest
|
||||||
# Rely on that /bin/bash is annobin-annotated per
|
# Rely on that /bin/bash is annobin-annotated per
|
||||||
# - https://fedoraproject.org/wiki/Toolchain/Watermark
|
# - https://fedoraproject.org/wiki/Toolchain/Watermark
|
||||||
# - https://fedoraproject.org/wiki/Changes/Annobin
|
# - https://fedoraproject.org/wiki/Changes/Annobin
|
||||||
# Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8.
|
# Seems to work fine with bash-4.4.19-6.el8 and elfutils-0.174-5.el8.
|
||||||
f="/bin/bash"
|
set -o pipefail
|
||||||
|
rlRun "eu-readelf -n /bin/bash | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50"
|
||||||
# Annobin notes originally used to reside in the binary itself.
|
|
||||||
# Later on they moved to debuginfo.
|
|
||||||
# Let's see if we can chase down needed debuginfo somewhere...
|
|
||||||
|
|
||||||
# Attempt getting the needed file using debuginfod
|
|
||||||
export DEBUGINFOD_URLS=https://debuginfod.fedoraproject.org/
|
|
||||||
rlRun "f=\"$f $(debuginfod-find debuginfo /bin/bash)\""
|
|
||||||
|
|
||||||
# Attempt getting the needed file by traditional means
|
|
||||||
rlRun "debuginfo-install -y bash"
|
|
||||||
rlRun "buildid=$(eu-readelf -n /bin/bash | awk '/Build ID:/ {print $NF}')"
|
|
||||||
for i in $(rpm -ql bash-debuginfo); do
|
|
||||||
test -f $i || continue
|
|
||||||
if eu-readelf -n $i | fgrep $buildid; then
|
|
||||||
rlRun "f=\"$f $i\""
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
set -o pipefail
|
|
||||||
export f
|
|
||||||
# Check if eu-readelf can read the notes from at least one of files
|
|
||||||
# that can possibly contain it...
|
|
||||||
rlRun "(for i in $f; do eu-readelf -n $i; done ) | grep -2 '^ GA' | fgrep 'GNU Build Attribute' | tail -50"
|
|
||||||
rlPhaseEnd
|
rlPhaseEnd
|
||||||
rlJournalPrintText
|
rlJournalPrintText
|
||||||
rlJournalEnd
|
rlJournalEnd
|
||||||
|
|
|
@ -1,81 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -xeo pipefail
|
|
||||||
|
|
||||||
|
|
||||||
export DEBUGINFOD_VERBOSE=1
|
|
||||||
export DEBUGINFOD_CACHE_PATH=$HOME/.debuginfod_client_cache/
|
|
||||||
|
|
||||||
# Initial cleanup
|
|
||||||
systemctl stop debuginfod
|
|
||||||
rm -rf ~/.cache/debuginfod_client
|
|
||||||
rm -rf /usr/src/my_extra_rpms $DEBUGINFOD_CACHE_PATH
|
|
||||||
mkdir $DEBUGINFOD_CACHE_PATH
|
|
||||||
journalctl -g debuginfod -f &
|
|
||||||
logger=$!
|
|
||||||
|
|
||||||
# Set up a delay. A delay of 3 worked for me reliably for manual testing.
|
|
||||||
DELAY=120
|
|
||||||
|
|
||||||
# Clean up after possible previous failed (=> unfinished) run of this testcase
|
|
||||||
rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache
|
|
||||||
|
|
||||||
# Check the config file is there
|
|
||||||
cat /etc/sysconfig/debuginfod
|
|
||||||
|
|
||||||
# Make sure the config file doesn't contain unwanted relicts
|
|
||||||
# from possible previous failed run of this testcase
|
|
||||||
fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | (! fgrep /usr/src/my_extra_rpms)
|
|
||||||
|
|
||||||
# Add some directory to the DEBUGINFOD_PATH and configure it
|
|
||||||
# within /etc/sysconfig/debuginfod
|
|
||||||
mkdir -p /usr/src/my_extra_rpms
|
|
||||||
sed -i 's/DEBUGINFOD_PATHS="[^"]*/\0\ \/usr\/src\/my_extra_rpms/' /etc/sysconfig/debuginfod
|
|
||||||
fgrep DEBUGINFOD_PATHS /etc/sysconfig/debuginfod | fgrep /usr/src/my_extra_rpms
|
|
||||||
|
|
||||||
# Note the DEBUGINFOD_PORT in the sysconfig file
|
|
||||||
# and use it to export the server URL for the client to use
|
|
||||||
source /etc/sysconfig/debuginfod
|
|
||||||
export DEBUGINFOD_URLS="localhost:$DEBUGINFOD_PORT"
|
|
||||||
|
|
||||||
# Get the build-id from some installed binary and make sure
|
|
||||||
# it isn't found
|
|
||||||
buildid=$(eu-unstrip -n -e /usr/bin/true | cut -f2 -d\ | cut -f1 -d@)
|
|
||||||
! debuginfod-find executable $buildid
|
|
||||||
|
|
||||||
# Start the service
|
|
||||||
systemctl start debuginfod
|
|
||||||
|
|
||||||
# Give it some time to index
|
|
||||||
sleep $DELAY
|
|
||||||
|
|
||||||
# Now the binary should be found
|
|
||||||
debuginfod-find executable $buildid
|
|
||||||
|
|
||||||
# Take a small debuginfo rpm and make sure you know the buildid of
|
|
||||||
# some .debug file in to the directory you created and added to
|
|
||||||
# the DEBUGINFO_PATH in the config file.
|
|
||||||
cp sshpass-debuginfo-1.09-2.fc35.x86_64.rpm /usr/src/my_extra_rpms
|
|
||||||
|
|
||||||
# Make sure the denuginfo can't be found yet
|
|
||||||
# Related:
|
|
||||||
# - https://bugzilla.redhat.com/show_bug.cgi?id=2023454
|
|
||||||
# - https://sourceware.org/bugzilla/show_bug.cgi?id=28240
|
|
||||||
! debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c
|
|
||||||
echo 0 > $DEBUGINFOD_CACHE_PATH/cache_miss_s
|
|
||||||
|
|
||||||
# Tell debuginfod to start indexing immediately
|
|
||||||
debuginfod_pid=$(systemctl status debuginfod | fgrep PID | grep -Po '\d+')
|
|
||||||
kill -SIGUSR1 $debuginfod_pid
|
|
||||||
|
|
||||||
# Give it some time to index
|
|
||||||
sleep $DELAY
|
|
||||||
|
|
||||||
# Try to find the debug file with the known buildid
|
|
||||||
debuginfod-find debuginfo 73952ed43c6edc82cc92186a581ec27f009c529c
|
|
||||||
|
|
||||||
# Clean up
|
|
||||||
rm -rf /usr/src/my_extra_rpms $HOME/.debuginfod_client_cache
|
|
||||||
|
|
||||||
# Kill the logger
|
|
||||||
kill $logger
|
|
|
@ -1,14 +0,0 @@
|
||||||
summary: elfutils-debuginfod
|
|
||||||
description: ''
|
|
||||||
contact: Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
- elfutils-debuginfod
|
|
||||||
- elfutils-debuginfod-client
|
|
||||||
duration: 48h
|
|
||||||
extra-summary: /tools/elfutils/Sanity/elfutils-debuginfod
|
|
||||||
extra-task: /tools/elfutils/Sanity/elfutils-debuginfod
|
|
|
@ -1,54 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Sanity/elfutils-debuginfod
|
|
||||||
# Description: elfutils-debuginfod
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2019 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartSetup
|
|
||||||
for p in elfutils-debuginfod elfutils-debuginfod-client; do
|
|
||||||
rlAssertRpm $p
|
|
||||||
done
|
|
||||||
rlRun "TMPD=$(mktemp -d)"
|
|
||||||
rlRun "cp body.sh sshpass-debuginfo-1.09-2.fc35.x86_64.rpm $TMPD"
|
|
||||||
rlRun "pushd $TMPD"
|
|
||||||
rlFileBackup /etc/sysconfig/debuginfod
|
|
||||||
rlPhaseEnd
|
|
||||||
|
|
||||||
rlPhaseStartTest
|
|
||||||
rlRun "./body.sh"
|
|
||||||
rlPhaseEnd
|
|
||||||
|
|
||||||
rlPhaseStartCleanup
|
|
||||||
rlFileRestore
|
|
||||||
rlRun "popd"
|
|
||||||
rlRun "rm -r $TMPD"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
Binary file not shown.
|
@ -1,16 +0,0 @@
|
||||||
summary: yama-scope
|
|
||||||
description: |
|
|
||||||
Bug summary: Enable provide_yama_scope for rhel >= 7.4
|
|
||||||
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1455514
|
|
||||||
contact: Martin Cermak <mcermak@redhat.com>
|
|
||||||
component:
|
|
||||||
- elfutils
|
|
||||||
test: ./runtest.sh
|
|
||||||
framework: beakerlib
|
|
||||||
recommend:
|
|
||||||
- elfutils
|
|
||||||
duration: 48h
|
|
||||||
link:
|
|
||||||
- relates: https://bugzilla.redhat.com/show_bug.cgi?id=1455514
|
|
||||||
extra-summary: /tools/elfutils/Sanity/yama-scope
|
|
||||||
extra-task: /tools/elfutils/Sanity/yama-scope
|
|
|
@ -1,8 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
RETVAL=0
|
|
||||||
OUT=$(mktemp)
|
|
||||||
eu-stack -p $$ |& tee $OUT
|
|
||||||
grep -i 'operation not permitted' $OUT && RETVAL=1
|
|
||||||
rm $OUT
|
|
||||||
exit $RETVAL
|
|
|
@ -1,108 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# runtest.sh of /tools/elfutils/Sanity/yama-scope
|
|
||||||
# Description: yama-scope
|
|
||||||
# Author: Martin Cermak <mcermak@redhat.com>
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
#
|
|
||||||
# Copyright (c) 2017 Red Hat, Inc.
|
|
||||||
#
|
|
||||||
# This program is free software: you can redistribute it and/or
|
|
||||||
# modify it under the terms of the GNU General Public License as
|
|
||||||
# published by the Free Software Foundation, either version 2 of
|
|
||||||
# the License, or (at your option) any later version.
|
|
||||||
#
|
|
||||||
# This program is distributed in the hope that it will be
|
|
||||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
||||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
||||||
# PURPOSE. See the GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
||||||
#
|
|
||||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
||||||
|
|
||||||
# Include Beaker environment
|
|
||||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
||||||
|
|
||||||
PACKAGE="elfutils"
|
|
||||||
MY_USER="ptrace_scope_testuser"
|
|
||||||
TESTCASE="/tmp/ptrace-scope-test.sh"
|
|
||||||
PROCFILE='/proc/sys/kernel/yama/ptrace_scope'
|
|
||||||
|
|
||||||
test_root()
|
|
||||||
{
|
|
||||||
$TESTCASE
|
|
||||||
}
|
|
||||||
|
|
||||||
test_user()
|
|
||||||
{
|
|
||||||
su - $MY_USER -c $TESTCASE
|
|
||||||
}
|
|
||||||
|
|
||||||
rlJournalStart
|
|
||||||
rlPhaseStartTest
|
|
||||||
|
|
||||||
# This can easily be tested with strace. Just cycle through the settings:
|
|
||||||
|
|
||||||
# 0 - Default attach security permissions.
|
|
||||||
# 1 - Restricted attach. Only child processes plus normal permissions.
|
|
||||||
# 2 - Admin-only attach. Only executables with CAP_SYS_PTRACE.
|
|
||||||
# 3 - No attach. No process may call ptrace at all. Irrevocable.
|
|
||||||
|
|
||||||
# echo 0 > /proc/sys/kernel/yama/ptrace_scope
|
|
||||||
|
|
||||||
# With 0, strace works against any process with your uid. For example, strace -p 2190.
|
|
||||||
# With 1, strace errors when doing the same as in 0: strace: attach: ptrace(PTRACE_SEIZE, 3180): Operation not permitted. However, you can strace any program you run from strace, "strace /bin/ls" or example.
|
|
||||||
# With 2, you can only strace from the root account. You can no longer strace commands run from strace.
|
|
||||||
# With 3, even root cannot strace.
|
|
||||||
|
|
||||||
# ---
|
|
||||||
|
|
||||||
# possible related AVCs tracked as https://bugzilla.redhat.com/show_bug.cgi?id=1458999
|
|
||||||
|
|
||||||
# ---
|
|
||||||
|
|
||||||
rlRun "useradd $MY_USER" 0,9
|
|
||||||
|
|
||||||
rlRun "cp ptrace-scope-test.sh /tmp/"
|
|
||||||
rlRun "chmod a+rx /tmp/ptrace-scope-test.sh"
|
|
||||||
|
|
||||||
rlRun "ORIGVAL=$( cat $PROCFILE )"
|
|
||||||
|
|
||||||
# First, test the default behaviour, which is "no restriction"
|
|
||||||
# from the ptrace perspective. Here we assume that
|
|
||||||
# elfutils-default-yama-scope.rpm is installed and so the default
|
|
||||||
# yama policy is set to 0 instead of 1 which would otherwise be set
|
|
||||||
# as a kernel default (security/yama/yama_lsm.c ---> YAMA_SCOPE_RELATIONAL)
|
|
||||||
rlRun test_root
|
|
||||||
rlRun test_user
|
|
||||||
|
|
||||||
rlRun "echo 0 > $PROCFILE"
|
|
||||||
rlRun test_root
|
|
||||||
rlRun test_user
|
|
||||||
rlRun "echo 1 > $PROCFILE"
|
|
||||||
rlRun test_root
|
|
||||||
rlRun test_user 1
|
|
||||||
rlRun "echo 2 > $PROCFILE"
|
|
||||||
rlRun test_root
|
|
||||||
rlRun test_user 1
|
|
||||||
# Following subtest would be irrevertible (till next reboot)
|
|
||||||
# rlRun "echo 3 > $PROCFILE"
|
|
||||||
# rlRun test_root 1
|
|
||||||
# rlRun test_user 1
|
|
||||||
|
|
||||||
rlRun "userdel -f $MY_USER"
|
|
||||||
|
|
||||||
# This testcase could be more complex - using child and non-child processes and
|
|
||||||
# performing reboots. But let's keep this simple, since we are not testing the
|
|
||||||
# kernel facility, but merely an elfutils "plugin" for it, whose purpose is to
|
|
||||||
# set the default yama policy as such.
|
|
||||||
|
|
||||||
rlRun "echo $ORIGVAL > $PROCFILE"
|
|
||||||
rlPhaseEnd
|
|
||||||
rlJournalPrintText
|
|
||||||
rlJournalEnd
|
|
Loading…
Reference in New Issue