diff --git a/.gitignore b/.gitignore index 2396b2a..0417d72 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /.build-*.log /augeas-*.tar.gz +/gnulib-*.tar.gz /clog diff --git a/0001-lenses-fstab.aug-Tighten-parsing-of-the-vfstype-fiel.patch b/0001-lenses-fstab.aug-Tighten-parsing-of-the-vfstype-fiel.patch new file mode 100644 index 0000000..34c4eb4 --- /dev/null +++ b/0001-lenses-fstab.aug-Tighten-parsing-of-the-vfstype-fiel.patch @@ -0,0 +1,51 @@ +From 9e26cf6459295908afd002f70bb257eb8136269a Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 4 Feb 2025 11:10:53 +0000 +Subject: [PATCH 1/2] lenses/fstab.aug: Tighten parsing of the vfstype field + +This can be a list, but there's no evidence in the manual that +vfstype=value is permitted, it's just a simple list of strings. + +Signed-off-by: Richard W.M. Jones +--- + lenses/fstab.aug | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/lenses/fstab.aug b/lenses/fstab.aug +index c653c489..69c1b955 100644 +--- a/lenses/fstab.aug ++++ b/lenses/fstab.aug +@@ -14,10 +14,19 @@ module Fstab = + + let file = /[^# \t\n]+/ + +- (* An option label can't contain comma, comment, equals, or space *) +- let optlabel = /[^,#= \n\t]+/ + let spec = /[^,# \n\t][^ \n\t]*/ + ++ (* A vfstype, usually just a short string like "ext3" or "fuse.sshfs", but ++ be generous here *) ++ let vfslabel = /[^,#= \n\t]+/ ++ ++ let vfstype_list (l:string) = ++ let lns = [ label l . store vfslabel ] in ++ Build.opt_list lns comma ++ ++ (* A mount option label can't contain comma, comment, equals, or space *) ++ let optlabel = /[^,#= \n\t]+/ ++ + let comma_sep_list (l:string) = + let value = [ label "value" . Util.del_str "=" . ( store Rx.neg1 )? ] in + let lns = [ label l . store optlabel . value? ] in +@@ -27,7 +36,7 @@ module Fstab = + Util.indent . + [ label "spec" . store spec ] . sep_tab . + [ label "file" . store file ] . sep_tab . +- comma_sep_list "vfstype" . ++ vfstype_list "vfstype" . + (sep_tab . comma_sep_list "opt" . + (sep_comma_tab . [ label "dump" . store /[0-9]+/ ] . + ( sep_spc . [ label "passno" . store /[0-9]+/ ])? )? )? +-- +2.49.0 + diff --git a/0002-lenses-fstab.aug-Allow-individual-mount-options-to-b.patch b/0002-lenses-fstab.aug-Allow-individual-mount-options-to-b.patch new file mode 100644 index 0000000..70b4eb2 --- /dev/null +++ b/0002-lenses-fstab.aug-Allow-individual-mount-options-to-b.patch @@ -0,0 +1,77 @@ +From 80ae0fd68a33541483e21f871b83f9e3d78c9831 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 4 Feb 2025 10:33:31 +0000 +Subject: [PATCH 2/2] lenses/fstab.aug: Allow individual mount options to be + empty + +Mount allows mount-option fields to be empty (I think it ignores +them), but augeas gave an error. Allow this to be parsed. This does +not preserve the empty option on write, but that should not change the +meaning of the entry. + +Example: + /dev/mapper/vg00-vartmp /var/tmp xfs rw,,nodev,nosuid,noexec,relatime 0 0 + +Fixes: https://issues.redhat.com/browse/RHEL-77279 +Fixes: https://github.com/hercules-team/augeas/issues/832 +Signed-off-by: Richard W.M. Jones +--- + lenses/fstab.aug | 10 +++++----- + lenses/tests/test_fstab.aug | 12 ++++++++++++ + 2 files changed, 17 insertions(+), 5 deletions(-) + +diff --git a/lenses/fstab.aug b/lenses/fstab.aug +index 69c1b955..ad2ee106 100644 +--- a/lenses/fstab.aug ++++ b/lenses/fstab.aug +@@ -25,19 +25,19 @@ module Fstab = + Build.opt_list lns comma + + (* A mount option label can't contain comma, comment, equals, or space *) +- let optlabel = /[^,#= \n\t]+/ ++ let mntoptlabel = /[^,#= \n\t]+/ + +- let comma_sep_list (l:string) = ++ let mntopt_list (l:string) = + let value = [ label "value" . Util.del_str "=" . ( store Rx.neg1 )? ] in +- let lns = [ label l . store optlabel . value? ] in +- Build.opt_list lns comma ++ let lns = [ label l . store mntoptlabel . value? ] in ++ Build.opt_list lns comma+ + + let record = [ seq "mntent" . + Util.indent . + [ label "spec" . store spec ] . sep_tab . + [ label "file" . store file ] . sep_tab . + vfstype_list "vfstype" . +- (sep_tab . comma_sep_list "opt" . ++ (sep_tab . mntopt_list "opt" . + (sep_comma_tab . [ label "dump" . store /[0-9]+/ ] . + ( sep_spc . [ label "passno" . store /[0-9]+/ ])? )? )? + . Util.comment_or_eol ] +diff --git a/lenses/tests/test_fstab.aug b/lenses/tests/test_fstab.aug +index 4a912e59..b526c088 100644 +--- a/lenses/tests/test_fstab.aug ++++ b/lenses/tests/test_fstab.aug +@@ -167,6 +167,18 @@ module Test_fstab = + { "passno" = "0" } + } + ++ (* RHEL-77279 - Allow empty option *) ++ test Fstab.lns get "/dev/mapper/foo-bar / xfs rw,,nodev 0 0\n" = ++ { "1" ++ { "spec" = "/dev/mapper/foo-bar" } ++ { "file" = "/" } ++ { "vfstype" = "xfs" } ++ { "opt" = "rw" } ++ { "opt" = "nodev" } ++ { "dump" = "0" } ++ { "passno" = "0" } ++ } ++ + (* Local Variables: *) + (* mode: caml *) + (* End: *) +-- +2.49.0 + diff --git a/augeas.spec b/augeas.spec index 6ff0c4d..3cd8b08 100644 --- a/augeas.spec +++ b/augeas.spec @@ -1,16 +1,43 @@ Name: augeas -Version: 1.5.0 -Release: 1%{?dist} +Version: 1.14.2 Summary: A library for changing configuration files +License: LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND Kazlib AND GPL-2.0-or-later AND BSD-2-Clause AND LicenseRef-Fedora-Public-Domain -Group: System Environment/Libraries -License: LGPLv2+ -URL: http://augeas.net/ -Source0: http://download.augeas.net/%{name}-%{version}.tar.gz +%global forgeurl https://github.com/hercules-team/%%{name} +%global commit af2aa88ab37fc48167d8c5e43b1770a4ba2ff403 +%forgemeta -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Release: 0.7%{?dist} +URL: %{forgeurl} +Source0: %{forgesource} + +# The problem with packaging from the upstream git repo is that we +# need to provide our own gnulib submodule. I created this by doing: +# git archive --format=tar --prefix=.gnulib/ HEAD | gzip -9 > gnulib-2f7479a16a.tar.gz +Source1: gnulib-2f7479a16a.tar.gz + +# Upstream Augeas is missing several important fixes which affect +# Fedora. For this reason I have taken the regrettable but hopefully +# temporary step of forking upstream with some extra patches, here: +# https://github.com/rwmjones/augeas/tree/fedora-43 +Patch: 0001-lenses-fstab.aug-Tighten-parsing-of-the-vfstype-fiel.patch +Patch: 0002-lenses-fstab.aug-Allow-individual-mount-options-to-b.patch + +Provides: bundled(gnulib) + +BuildRequires: autoconf, automake, libtool +BuildRequires: make +BuildRequires: gcc +BuildRequires: flex +BuildRequires: bison +BuildRequires: readline-devel +BuildRequires: libselinux-devel +BuildRequires: libxml2-devel +BuildRequires: bash-completion +%if 0%{?fedora} > 40 || 0%{?rhel} > 10 +BuildRequires: bash-completion-devel +%endif -BuildRequires: readline-devel libselinux-devel libxml2-devel Requires: %{name}-libs = %{version}-%{release} %description @@ -25,7 +52,6 @@ format and the transformation into a tree. %package devel Summary: Development files for %{name} -Group: Development/Libraries Requires: %{name}-libs = %{version}-%{release} Requires: pkgconfig @@ -36,7 +62,6 @@ developing applications that use %{name}. %package libs Summary: Libraries for %{name} -Group: System Environment/Libraries %description libs The libraries for %{name}. @@ -46,18 +71,72 @@ configuration files into a tree structure, which it exposes through its public API. Changes made through the API are written back to the initially read files. +%package static +Summary: Static libraries for %{name} +Requires: %{name}-devel = %{version}-%{release} + +%description static +The %{name}-static package contains static libraries needed to produce +static builds using %{name}. + + +%package bash-completion +Summary: Bash tab-completion for %{name} +BuildArch: noarch +Requires: bash-completion >= 2.0 +# Don't use _isa here because it's a noarch package. This dependency +# is just to ensure that the subpackage is updated along with augeas. +Requires: %{name} = %{version}-%{release} + + +%description bash-completion +Install this package if you want intelligent bash tab-completion +for %{name}. + + %prep -%setup -q +%forgeautosetup -p1 +zcat %{SOURCE1} | tar xf - + +# Copied from upstream ./bootstrap: +modules='argz fnmatch getline getopt-gnu gitlog-to-changelog +canonicalize-lgpl isblank locale mkstemp regex safe-alloc selinux-h +stpcpy stpncpy strchrnul strndup sys_wait vasprintf' +.gnulib/gnulib-tool \ + --lgpl=2 \ + --with-tests \ + --m4-base=gnulib/m4 \ + --source-base=gnulib/lib \ + --tests-base=gnulib/tests \ + --aux-dir=build/ac-aux \ + --libtool \ + --quiet \ + --import $modules + +autoreconf -fiv + %build -%configure --disable-static -make %{?_smp_mflags} +%configure \ +%ifarch riscv64 + --disable-gnulib-tests \ +%endif + --enable-static +# Disable _smp_mflags because parallel tests fail with the git version +# because it tries to run lex and yacc in parallel even though lex +# depends on parser.h from yacc. +# https://github.com/hercules-team/augeas/issues/572 +#make %%{?_smp_mflags} +make + %check # Disable test-preserve.sh SELinux testing. This fails when run under mock due # to differing SELinux labelling. export SKIP_TEST_PRESERVE_SELINUX=1 +# Tests disabled because gnulib tests fail see: +# https://bugzilla.redhat.com/show_bug.cgi?id=1674672 make %{?_smp_mflags} check || { echo '===== tests/test-suite.log =====' cat tests/test-suite.log @@ -73,38 +152,194 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';' # so it shouldn't be packaged. rm -r $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/dist/tests -%clean -rm -rf $RPM_BUILD_ROOT +# In 1.9.0, the example /usr/bin/dump gets installed inadvertently +rm -f $RPM_BUILD_ROOT/usr/bin/dump -%post libs -p /sbin/ldconfig - -%postun libs -p /sbin/ldconfig +%ldconfig_scriptlets libs %files -%defattr(-,root,root,-) -%{_bindir}/augtool +%{_bindir}/augmatch %{_bindir}/augparse +%{_bindir}/augprint +%{_bindir}/augtool %{_bindir}/fadot %doc %{_mandir}/man1/* %{_datadir}/vim/vimfiles/syntax/augeas.vim %{_datadir}/vim/vimfiles/ftdetect/augeas.vim %files libs -%defattr(-,root,root,-) -# %{_datadir}/augeas and %{_datadir}/augeas/lenses are owned +# _datadir/augeas and _datadir/augeas/lenses are owned # by filesystem. %{_datadir}/augeas/lenses/dist %{_libdir}/*.so.* %doc AUTHORS COPYING NEWS %files devel -%defattr(-,root,root,-) %doc %{_includedir}/* %{_libdir}/*.so %{_libdir}/pkgconfig/augeas.pc +%files static +%{_libdir}/libaugeas.a +%{_libdir}/libfa.a + +%files bash-completion +%if 0%{?fedora} > 40 || 0%{?rhel} > 10 +%dir %{bash_completions_dir} +%{bash_completions_dir}/augmatch +%{bash_completions_dir}/augprint +%{bash_completions_dir}/augtool +%else +%dir %{_datadir}/bash-completion/completions +%{_datadir}/bash-completion/completions/augmatch +%{_datadir}/bash-completion/completions/augprint +%{_datadir}/bash-completion/completions/augtool +%endif + %changelog +* Fri Jan 16 2026 Fedora Release Engineering - 1.14.2-0.7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild + +* Wed Jul 23 2025 Fedora Release Engineering - 1.14.2-0.6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Tue Apr 15 2025 Richard W.M. Jones - 1.14.2-0.5 +- Rebase our branch on top of Augeas +- Use patches to make it clearer what we are adding on top of upstream. + +* Mon Mar 24 2025 Alexander Bokovoy - 1.14.2-0.4 +- rhbz#235444: CVE-2025-2588 + +* Mon Feb 24 2025 Richard W.M. Jones - 1.14.2-0.3 +- Move to fork of Augeas which contains a small number of PRs: +- lenses/tmpfiles.aug: Permit '$' character in /usr/lib/tmpfiles.d/*.conf +- lenses/multipath.aug: Support all possible values for find_multipaths +- lenses/systemd.aug: Allow "+"(fullprivileges) command flag + +* Thu Jan 16 2025 Fedora Release Engineering - 1.14.2-0.2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Tue Sep 03 2024 Richard W.M. Jones - 1.14.2-0 +- Move to latest upstream +- Use forge macros +- Run autoreconf unconditionally +- Fix bash-completion-devel test +- Fix chrony.conf option leapseclist unsupported (RHBZ#2309439) + +* Wed Jul 17 2024 Fedora Release Engineering - 1.14.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Jul 04 2024 Richard W.M. Jones - 1.14.1-1 +- New upstream version 1.14.1 +- Use github tarballs again. +- New binary augprint. +- New bash-completions subpackage. + +* Mon Jan 22 2024 Fedora Release Engineering - 1.13.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 1.13.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Wed Jul 19 2023 Fedora Release Engineering - 1.13.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Jan 18 2023 Fedora Release Engineering - 1.13.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Jul 20 2022 Fedora Release Engineering - 1.13.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Jan 19 2022 Fedora Release Engineering - 1.13.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Jan 12 2022 Richard W.M. Jones - 1.13.0-1 +- New upstream version 1.13.0 + +* Wed Jul 21 2021 Fedora Release Engineering - 1.12.1-0.2.git18558bb +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Tue Jul 06 2021 Richard W.M. Jones - 1.12.1-0.1 +- Package up a git pre-release of 1.12.1 or 1.13.0. + +* Thu Apr 15 2021 Richard W.M. Jones - 1.12.0-6 +- Add upstream patch to parse chrony configuration. +- Use %%autosetup. + +* Tue Jan 26 2021 Fedora Release Engineering - 1.12.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 1.12.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jan 28 2020 Fedora Release Engineering - 1.12.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Wed Jul 24 2019 Fedora Release Engineering - 1.12.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Apr 15 2019 Richard W.M. Jones - 1.12.0-1 +- New upstream release 1.12.0. + +* Sun Feb 17 2019 Igor Gnatenko - 1.11.0-4 +- Rebuild for readline 8.0 + +* Thu Jan 31 2019 Fedora Release Engineering - 1.11.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Nov 26 2018 Richard W.M. Jones - 1.11.0-2 +- Augeas uses gnulib, add the correct 'Provides' line. + +* Tue Aug 28 2018 Richard W.M. Jones - 1.11.0-1 +- New upstream version 1.11.0. + +* Thu Jul 12 2018 Fedora Release Engineering - 1.10.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering - 1.10.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Jan 29 2018 David Lutterkort - 1.10.1-1 +- New upstream version 1.10.1 + +* Fri Jan 26 2018 Richard W.M. Jones - 1.10.0-1 +- New upstream version 1.10.0 (RHBZ#1538846). +- Remove upstream patch. +- New tool ‘augmatch’. + +* Tue Nov 21 2017 David Lutterkort - 1.9.0 +- New upstream version 1.9.0 (RHBZ#1482713) +- Add -static subpackage (RHBZ#1405600) + +* Thu Aug 24 2017 Richard W.M. Jones - 1.8.1-1 +- New upstream version 1.8.1. +- Fixes CVE-2017-7555 (RHBZ#1482340). + +* Wed Aug 02 2017 Fedora Release Engineering - 1.8.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 1.8.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Mar 21 2017 Dominic Cleal - 1.8.0-1 +- Update to 1.8.0 + +* Fri Feb 10 2017 Fedora Release Engineering - 1.7.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Jan 12 2017 Igor Gnatenko - 1.7.0-3 +- Rebuild for readline 7.x + +* Sat Nov 12 2016 Richard W.M. Jones - 1.7.0-2 +- riscv64: Disable gnulib tests on riscv64 architecture. + +* Wed Nov 09 2016 Dominic Cleal - 1.7.0-1 +- Update to 1.7.0 + +* Mon Aug 08 2016 Dominic Cleal - 1.6.0-1 +- Update to 1.6.0 + * Thu May 12 2016 Dominic Cleal - 1.5.0-1 - Update to 1.5.0 diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..617c71e --- /dev/null +++ b/gating.yaml @@ -0,0 +1,7 @@ +--- !Policy +product_versions: + - rhel-* +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: xen-ci.brew-build.tier1.functional} diff --git a/sources b/sources index fbf9bcc..c484334 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ -01190e455c513124a2dae29a1182c113 augeas-1.5.0.tar.gz +SHA512 (augeas-af2aa88ab37fc48167d8c5e43b1770a4ba2ff403.tar.gz) = 7c499af33af46ac408583e992b5e7826fe433a48c4fe56858c73560ff50a935b34823a94fd7e801eb375700f57ef78df71b603e2ddb1ab3f86049e23ac26066d +SHA512 (gnulib-2f7479a16a.tar.gz) = 59aa31b534dcf15c816296699c625bf60e90a108091f09709ef9341707821fb407c22167cf489aa44ee5b62cf3f44aa75892cfbaa078056dfbd9728847fe83ee diff --git a/tests/augtool_test.sh b/tests/augtool_test.sh new file mode 100755 index 0000000..31afd88 --- /dev/null +++ b/tests/augtool_test.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +set -eux + +augtool -L > augtool_test.out 2> augtool_test.err < /dev/null + +popd +rm -rf "$tmpdir" diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..da5fd70 --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,36 @@ +--- +- hosts: localhost + roles: + - role: standard-test-source + tags: + - always + required_packages: + - autoconf + - automake + - role: standard-test-basic + tags: + - atomic + - classic + - container + required_packages: + - augeas + - augeas-devel + - libxml2-devel + - gcc + - pkg-config + - chrony # test its configs + - fuse # test its configs + - iscsi-initiator-utils # test its configs + - lvm2 # test its configs + - mdadm # test its configs + - openssh-server # test its configs + - rsync # test its configs + - rsyslog # test its configs + - sudo # test its configs + tests: + - augtool_test: + dir: . + run: ./augtool_test.sh + - devel: + dir: . + run: ./devel.sh