From 1d119ea67b3232d1a35824f97b8f3d4c4415c80d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 19 Jan 2023 00:31:29 +0000 Subject: [PATCH 01/16] Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- corosync.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index f7e783e..43b0a20 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,7 +18,7 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.7 -Release: 1%{?gitver}%{?dist} +Release: 2%{?gitver}%{?dist} License: BSD URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Thu Jan 19 2023 Fedora Release Engineering - 3.1.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Tue Nov 15 2022 Jan Friesse - 3.1.7-1 - New upstream release From 5f9286ab9f329e1b4b5da763d04a061ff7098e4b Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Tue, 6 Jun 2023 11:39:03 +0200 Subject: [PATCH 02/16] Migrated to SPDX license Signed-off-by: Jan Friesse --- corosync.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/corosync.spec b/corosync.spec index 43b0a20..2855445 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,8 +18,8 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.7 -Release: 2%{?gitver}%{?dist} -License: BSD +Release: 3%{?gitver}%{?dist} +License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Tue Jun 06 2023 Jan Friesse - 3.1.7-3 +- migrated to SPDX license + * Thu Jan 19 2023 Fedora Release Engineering - 3.1.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild From e0bfdb2bb991ac15880517db945e0b2ea2adf1f8 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 19 Jul 2023 16:24:33 +0000 Subject: [PATCH 03/16] Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- corosync.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index 2855445..e48b3b8 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,7 +18,7 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.7 -Release: 3%{?gitver}%{?dist} +Release: 4%{?gitver}%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Wed Jul 19 2023 Fedora Release Engineering - 3.1.7-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + * Tue Jun 06 2023 Jan Friesse - 3.1.7-3 - migrated to SPDX license From a39be7a0603803f428c67af9f39bb93fd83ebe65 Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Wed, 15 Nov 2023 18:07:22 +0100 Subject: [PATCH 04/16] New upstream release Signed-off-by: Jan Friesse --- .gitignore | 1 + corosync.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 58e7955..63f502d 100644 --- a/.gitignore +++ b/.gitignore @@ -49,3 +49,4 @@ corosync-1.2.7.tar.gz /corosync-3.1.5.tar.gz /corosync-3.1.6.tar.gz /corosync-3.1.7.tar.gz +/corosync-3.1.8.tar.gz diff --git a/corosync.spec b/corosync.spec index e48b3b8..614a28d 100644 --- a/corosync.spec +++ b/corosync.spec @@ -17,8 +17,8 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces -Version: 3.1.7 -Release: 4%{?gitver}%{?dist} +Version: 3.1.8 +Release: 1%{?gitver}%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Wed Nov 15 2023 Jan Friesse - 3.1.8-1 +- New upstream release + * Wed Jul 19 2023 Fedora Release Engineering - 3.1.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild diff --git a/sources b/sources index 5abef83..fd916ac 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (corosync-3.1.7.tar.gz) = a4d00f18a6dda07f36e77fc48f5bddff77e12a3e6ee40d9450734e281d20479b90cd0c653e255cfc46e0e42e4a0177291a3daba671e751d027e4317e601f0cd2 +SHA512 (corosync-3.1.8.tar.gz) = 6325ae39bada33dbc0c85eb07d137af78235a1c0f8a4d1f90a20088e011bff65263903e5688956256ddfb58daec45f6d96c04624ff320be0c00ec36aa5d568f8 From b333a9fbaeb5ce3a0cb71f5aba39ae05961d7181 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 19 Jan 2024 16:12:20 +0000 Subject: [PATCH 05/16] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- corosync.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index 614a28d..d622fec 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,7 +18,7 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.8 -Release: 1%{?gitver}%{?dist} +Release: 2%{?gitver}%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Fri Jan 19 2024 Fedora Release Engineering - 3.1.8-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Wed Nov 15 2023 Jan Friesse - 3.1.8-1 - New upstream release From 88be69d4432a370699f692b6d2e751c870d55ce5 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 24 Jan 2024 08:07:39 +0000 Subject: [PATCH 06/16] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- corosync.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index d622fec..1494717 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,7 +18,7 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.8 -Release: 2%{?gitver}%{?dist} +Release: 3%{?gitver}%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Wed Jan 24 2024 Fedora Release Engineering - 3.1.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Fri Jan 19 2024 Fedora Release Engineering - 3.1.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 2bba86553f6f25d79ca8ef0ce9f0681bf7221f5c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 17 Jul 2024 20:01:05 +0000 Subject: [PATCH 07/16] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- corosync.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index 1494717..0430a0b 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,7 +18,7 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.8 -Release: 3%{?gitver}%{?dist} +Release: 4%{?gitver}%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Wed Jul 17 2024 Fedora Release Engineering - 3.1.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Wed Jan 24 2024 Fedora Release Engineering - 3.1.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 8abfa3b0c91092c447e003bafcb3c60dda1c4096 Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Fri, 15 Nov 2024 11:03:23 +0100 Subject: [PATCH 08/16] New upstream release Signed-off-by: Jan Friesse --- .gitignore | 1 + corosync.spec | 11 +++++++---- sources | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 63f502d..836dba5 100644 --- a/.gitignore +++ b/.gitignore @@ -50,3 +50,4 @@ corosync-1.2.7.tar.gz /corosync-3.1.6.tar.gz /corosync-3.1.7.tar.gz /corosync-3.1.8.tar.gz +/corosync-3.1.9.tar.gz diff --git a/corosync.spec b/corosync.spec index 0430a0b..1e545f0 100644 --- a/corosync.spec +++ b/corosync.spec @@ -17,8 +17,8 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces -Version: 3.1.8 -Release: 4%{?gitver}%{?dist} +Version: 3.1.9 +Release: 1%{?gitver}%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -116,7 +116,7 @@ BuildRequires: make %if %{with dbus} mkdir -p -m 0700 %{buildroot}/%{_sysconfdir}/dbus-1/system.d -install -m 644 %{_builddir}/%{name}-%{version}%{?gittarver}/conf/corosync-signals.conf %{buildroot}/%{_sysconfdir}/dbus-1/system.d/corosync-signals.conf +install -m 644 %{_builddir}/%{name}-%{version}%{?gittarver}/conf/corosync-signals.conf %{buildroot}/%{_datadir}/dbus-1/system.d/corosync-signals.conf %endif ## tree fixup @@ -185,7 +185,7 @@ fi %config(noreplace) %{_sysconfdir}/sysconfig/corosync %config(noreplace) %{_sysconfdir}/logrotate.d/corosync %if %{with dbus} -%{_sysconfdir}/dbus-1/system.d/corosync-signals.conf +%{_datadir}/dbus-1/system.d/corosync-signals.conf %endif %if %{with snmp} %{_datadir}/snmp/mibs/COROSYNC-MIB.txt @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Fri Nov 15 2024 Jan Friesse - 3.1.9-1 +- New upstream release + * Wed Jul 17 2024 Fedora Release Engineering - 3.1.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild diff --git a/sources b/sources index fd916ac..d3e0db1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (corosync-3.1.8.tar.gz) = 6325ae39bada33dbc0c85eb07d137af78235a1c0f8a4d1f90a20088e011bff65263903e5688956256ddfb58daec45f6d96c04624ff320be0c00ec36aa5d568f8 +SHA512 (corosync-3.1.9.tar.gz) = d5332c65535dd40e3bee48912ebf2e71c55380b3dba93c36ff8b74090edf3ec44b69685cd11fda3732e4b0dab0b2954f08be94d772fcff6aaf9a4a846ef2e4cc From a1ab73206a26a800959cff958d267d18b6dad352 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 16 Jan 2025 14:33:06 +0000 Subject: [PATCH 09/16] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- corosync.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index 1e545f0..a4022f1 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,7 +18,7 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.9 -Release: 1%{?gitver}%{?dist} +Release: 2%{?gitver}%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz @@ -289,6 +289,9 @@ network splits) %endif %changelog +* Thu Jan 16 2025 Fedora Release Engineering - 3.1.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Fri Nov 15 2024 Jan Friesse - 3.1.9-1 - New upstream release From c97695360d63da3cc1143591780c7c869c85c6d4 Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Tue, 25 Mar 2025 11:40:52 +0100 Subject: [PATCH 10/16] Use autosetup - Add git build dependency required for autosetup git_am - Remove unused gitver and gittarver Signed-off-by: Jan Friesse --- corosync.spec | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/corosync.spec b/corosync.spec index a4022f1..67ff94d 100644 --- a/corosync.spec +++ b/corosync.spec @@ -12,16 +12,13 @@ %bcond_without runautogen %bcond_without userflags -%global gitver %{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}} -%global gittarver %{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}} - Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.9 -Release: 2%{?gitver}%{?dist} +Release: 2%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ -Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz +Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}.tar.gz # Runtime bits # The automatic dependency overridden in favor of explicit version lock @@ -68,9 +65,10 @@ Requires: libxslt BuildRequires: readline-devel %endif BuildRequires: make +BuildRequires: git %prep -%setup -q -n %{name}-%{version}%{?gittarver} +%autosetup -S git_am %build %if %{with runautogen} @@ -116,7 +114,7 @@ BuildRequires: make %if %{with dbus} mkdir -p -m 0700 %{buildroot}/%{_sysconfdir}/dbus-1/system.d -install -m 644 %{_builddir}/%{name}-%{version}%{?gittarver}/conf/corosync-signals.conf %{buildroot}/%{_datadir}/dbus-1/system.d/corosync-signals.conf +install -m 644 %{_builddir}/%{name}-%{version}/conf/corosync-signals.conf %{buildroot}/%{_datadir}/dbus-1/system.d/corosync-signals.conf %endif ## tree fixup From 10cd9580c6f290706c1ab4dd5f34385a67cd269c Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Wed, 26 Mar 2025 10:27:31 +0100 Subject: [PATCH 11/16] Fix CVE-2025-30472 - totemsrp: Check size of orf_token msg (fixes CVE-2025-30472) Signed-off-by: Jan Friesse --- corosync.spec | 8 ++- totemsrp-Check-size-of-orf_token-msg.patch | 68 ++++++++++++++++++++++ 2 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 totemsrp-Check-size-of-orf_token-msg.patch diff --git a/corosync.spec b/corosync.spec index 67ff94d..e433376 100644 --- a/corosync.spec +++ b/corosync.spec @@ -15,11 +15,13 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.9 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}.tar.gz +Patch0: totemsrp-Check-size-of-orf_token-msg.patch + # Runtime bits # The automatic dependency overridden in favor of explicit version lock Requires: corosynclib%{?_isa} = %{version}-%{release} @@ -287,6 +289,10 @@ network splits) %endif %changelog +* Wed Mar 26 2025 Jan Friesse - 3.1.9-3 +- totemsrp: Check size of orf_token msg + (fixes CVE-2025-30472) + * Thu Jan 16 2025 Fedora Release Engineering - 3.1.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild diff --git a/totemsrp-Check-size-of-orf_token-msg.patch b/totemsrp-Check-size-of-orf_token-msg.patch new file mode 100644 index 0000000..17b4c3e --- /dev/null +++ b/totemsrp-Check-size-of-orf_token-msg.patch @@ -0,0 +1,68 @@ +From 7839990f9cdf34e55435ed90109e82709032466a Mon Sep 17 00:00:00 2001 +From: Jan Friesse +Date: Mon, 24 Mar 2025 12:05:08 +0100 +Subject: [PATCH] totemsrp: Check size of orf_token msg + +orf_token message is stored into preallocated array on endian convert +so carefully crafted malicious message can lead to crash of corosync. + +Solution is to check message size beforehand. + +Signed-off-by: Jan Friesse +Reviewed-by: Christine Caulfield +--- + exec/totemsrp.c | 18 +++++++++++++++++- + 1 file changed, 17 insertions(+), 1 deletion(-) + +diff --git a/exec/totemsrp.c b/exec/totemsrp.c +index 962d0e2a..364528ce 100644 +--- a/exec/totemsrp.c ++++ b/exec/totemsrp.c +@@ -3679,12 +3679,20 @@ static int check_orf_token_sanity( + const struct totemsrp_instance *instance, + const void *msg, + size_t msg_len, ++ size_t max_msg_len, + int endian_conversion_needed) + { + int rtr_entries; + const struct orf_token *token = (const struct orf_token *)msg; + size_t required_len; + ++ if (msg_len > max_msg_len) { ++ log_printf (instance->totemsrp_log_level_security, ++ "Received orf_token message is too long... ignoring."); ++ ++ return (-1); ++ } ++ + if (msg_len < sizeof(struct orf_token)) { + log_printf (instance->totemsrp_log_level_security, + "Received orf_token message is too short... ignoring."); +@@ -3698,6 +3706,13 @@ static int check_orf_token_sanity( + rtr_entries = token->rtr_list_entries; + } + ++ if (rtr_entries > RETRANSMIT_ENTRIES_MAX) { ++ log_printf (instance->totemsrp_log_level_security, ++ "Received orf_token message rtr_entries is corrupted... ignoring."); ++ ++ return (-1); ++ } ++ + required_len = sizeof(struct orf_token) + rtr_entries * sizeof(struct rtr_item); + if (msg_len < required_len) { + log_printf (instance->totemsrp_log_level_security, +@@ -3868,7 +3883,8 @@ static int message_handler_orf_token ( + "Time since last token %0.4f ms", tv_diff / (float)QB_TIME_NS_IN_MSEC); + #endif + +- if (check_orf_token_sanity(instance, msg, msg_len, endian_conversion_needed) == -1) { ++ if (check_orf_token_sanity(instance, msg, msg_len, sizeof(token_storage), ++ endian_conversion_needed) == -1) { + return (0); + } + +-- +2.47.0 + From ea77d15fb73753ce9d5253957b5ea9c4f8b81408 Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Mon, 16 Jun 2025 15:35:55 +0200 Subject: [PATCH 12/16] Fix bootc container lint warnings Signed-off-by: Jan Friesse --- corosync.spec | 10 +- ...-Add-support-for-env-STATE_DIRECTORY.patch | 113 ++++++++++++++++++ ...e-LogsDirectory-in-systemd-unit-file.patch | 50 ++++++++ 3 files changed, 172 insertions(+), 1 deletion(-) create mode 100644 exec-Add-support-for-env-STATE_DIRECTORY.patch create mode 100644 init-Use-LogsDirectory-in-systemd-unit-file.patch diff --git a/corosync.spec b/corosync.spec index e433376..c568fd2 100644 --- a/corosync.spec +++ b/corosync.spec @@ -15,12 +15,14 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.9 -Release: 3%{?dist} +Release: 4%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}.tar.gz Patch0: totemsrp-Check-size-of-orf_token-msg.patch +Patch1: exec-Add-support-for-env-STATE_DIRECTORY.patch +Patch2: init-Use-LogsDirectory-in-systemd-unit-file.patch # Runtime bits # The automatic dependency overridden in favor of explicit version lock @@ -197,8 +199,10 @@ fi %{_initrddir}/corosync %{_initrddir}/corosync-notifyd %endif +%if %{without systemd} %dir %{_localstatedir}/lib/corosync %dir %{_localstatedir}/log/cluster +%endif %{_mandir}/man7/corosync_overview.7* %{_mandir}/man8/corosync.8* %{_mandir}/man8/corosync-blackbox.8* @@ -289,6 +293,10 @@ network splits) %endif %changelog +* Mon Jun 16 2025 Jan Friesse - 3.1.9-4 +- exec: Add support for env STATE_DIRECTORY +- init: Use LogsDirectory in systemd unit file + * Wed Mar 26 2025 Jan Friesse - 3.1.9-3 - totemsrp: Check size of orf_token msg (fixes CVE-2025-30472) diff --git a/exec-Add-support-for-env-STATE_DIRECTORY.patch b/exec-Add-support-for-env-STATE_DIRECTORY.patch new file mode 100644 index 0000000..461a668 --- /dev/null +++ b/exec-Add-support-for-env-STATE_DIRECTORY.patch @@ -0,0 +1,113 @@ +From: Jan Friesse +Date: Wed, 11 Jun 2025 17:26:41 +0200 +Subject: [PATCH 1/2] exec: Add support for env STATE_DIRECTORY + +Image mode recommendation is to not ship /var/lib subdirectories if +possible and bootc lint produces warning if not. This was the case +also for Corosync. + +Simplest possible solution seems to implement support for systemd +unit StateDirectory functionality and not ship /var/lib/corosync +in rpm. + +So patch: +1. Adds support for reading the environment variable STATE_DIRECTORY + which is set by systemd and use it as a default value for + system.state_dir configuration option. This is generally useful + feature even for non-systemd builds. +2. Set StateDirectory in service file +3. Drop /var/lib/corosync directory from RPM for systemd builds + +Signed-off-by: Jan Friesse +Reviewed-by: Christine Caulfield +--- + corosync.spec.in | 2 ++ + exec/util.c | 19 +++++++++++++++---- + init/corosync.service.in | 1 + + man/corosync.conf.5 | 4 ++-- + 4 files changed, 20 insertions(+), 6 deletions(-) + +diff --git a/corosync.spec.in b/corosync.spec.in +index 80040a46..049c585a 100644 +--- a/corosync.spec.in ++++ b/corosync.spec.in +@@ -207,7 +207,9 @@ fi + %{_initrddir}/corosync + %{_initrddir}/corosync-notifyd + %endif ++%if %{without systemd} + %dir %{_localstatedir}/lib/corosync ++%endif + %dir %{_localstatedir}/log/cluster + %{_mandir}/man7/corosync_overview.7* + %{_mandir}/man8/corosync.8* +diff --git a/exec/util.c b/exec/util.c +index 8988ab29..795ea5c5 100644 +--- a/exec/util.c ++++ b/exec/util.c +@@ -174,13 +174,24 @@ int cs_name_tisEqual (cs_name_t *str1, char *str2) { + const char *get_state_dir(void) + { + static char path[PATH_MAX] = {'\0'}; +- char *cmap_state_dir; ++ char *state_dir; + int res; + + if (path[0] == '\0') { +- if (icmap_get_string("system.state_dir", &cmap_state_dir) == CS_OK) { +- res = snprintf(path, PATH_MAX, "%s", cmap_state_dir); +- free(cmap_state_dir); ++ if (icmap_get_string("system.state_dir", &state_dir) == CS_OK) { ++ res = snprintf(path, PATH_MAX, "%s", state_dir); ++ free(state_dir); ++ } else if ((state_dir = getenv("STATE_DIRECTORY")) != NULL) { ++ /* ++ * systemd allows multiple directory names that are ++ * passed to env variable separated by colon. Support for this feature ++ * is deliberately not implemented because corosync always ++ * uses just one state directory and it is unclear what behavior should ++ * be taken for multiple ones. If reasonable need for ++ * supporting multiple directories appear, it must be implemented also ++ * for cmap. ++ */ ++ res = snprintf(path, PATH_MAX, "%s", state_dir); + } else { + res = snprintf(path, PATH_MAX, "%s/%s", LOCALSTATEDIR, "lib/corosync"); + } +diff --git a/init/corosync.service.in b/init/corosync.service.in +index bd2a48a9..3e3efef8 100644 +--- a/init/corosync.service.in ++++ b/init/corosync.service.in +@@ -9,6 +9,7 @@ After=network-online.target + EnvironmentFile=-@INITCONFIGDIR@/corosync + ExecStart=@SBINDIR@/corosync -f $COROSYNC_OPTIONS + ExecStop=@SBINDIR@/corosync-cfgtool -H --force ++StateDirectory=corosync + Type=notify + + # In typical systemd deployments, both standard outputs are forwarded to +diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 +index 3510ab6b..3bcda7c7 100644 +--- a/man/corosync.conf.5 ++++ b/man/corosync.conf.5 +@@ -32,7 +32,7 @@ + .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + .\" * THE POSSIBILITY OF SUCH DAMAGE. + .\" */ +-.TH COROSYNC_CONF 5 2024-07-22 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" ++.TH COROSYNC_CONF 5 2025-06-12 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" + .SH NAME + corosync.conf - corosync executive configuration file + +@@ -900,7 +900,7 @@ state_dir + Existing directory where corosync should chdir into. Corosync stores + important state files and blackboxes there. + +-The default is /var/lib/corosync. ++The default is the value of the environment variable STATE_DIRECTORY or /var/lib/corosync. + + .PP + Within the +-- +2.47.0 + diff --git a/init-Use-LogsDirectory-in-systemd-unit-file.patch b/init-Use-LogsDirectory-in-systemd-unit-file.patch new file mode 100644 index 0000000..eb38f6f --- /dev/null +++ b/init-Use-LogsDirectory-in-systemd-unit-file.patch @@ -0,0 +1,50 @@ +From 050933cf334ef4ac6a6b4a3988508ca181da34b0 Mon Sep 17 00:00:00 2001 +From: Jan Friesse +Date: Thu, 12 Jun 2025 09:40:45 +0200 +Subject: [PATCH 2/2] init: Use LogsDirectory in systemd unit file + +Similarly as StateDirectory, this is mainly for image mode. +/var/log/cluster shouldn't be included in rpm package, so +use LogsDirectory to make systemd create /var/log/cluster during +corosync startup. + +No code change is needed, because logging to log file is fully +configured by user in config file so there is no default to read from +environment variable. + +Signed-off-by: Jan Friesse +Reviewed-by: Christine Caulfield +--- + corosync.spec.in | 2 +- + init/corosync.service.in | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/corosync.spec.in b/corosync.spec.in +index 049c585a..7cb70114 100644 +--- a/corosync.spec.in ++++ b/corosync.spec.in +@@ -209,8 +209,8 @@ fi + %endif + %if %{without systemd} + %dir %{_localstatedir}/lib/corosync +-%endif + %dir %{_localstatedir}/log/cluster ++%endif + %{_mandir}/man7/corosync_overview.7* + %{_mandir}/man8/corosync.8* + %{_mandir}/man8/corosync-blackbox.8* +diff --git a/init/corosync.service.in b/init/corosync.service.in +index 3e3efef8..89d67b5e 100644 +--- a/init/corosync.service.in ++++ b/init/corosync.service.in +@@ -10,6 +10,7 @@ EnvironmentFile=-@INITCONFIGDIR@/corosync + ExecStart=@SBINDIR@/corosync -f $COROSYNC_OPTIONS + ExecStop=@SBINDIR@/corosync-cfgtool -H --force + StateDirectory=corosync ++LogsDirectory=cluster + Type=notify + + # In typical systemd deployments, both standard outputs are forwarded to +-- +2.47.0 + From a2c975b92de91e7e600828e1e8c3f2557a7c1551 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 23 Jul 2025 18:40:51 +0000 Subject: [PATCH 13/16] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- corosync.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index c568fd2..4989c5a 100644 --- a/corosync.spec +++ b/corosync.spec @@ -15,7 +15,7 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: 3.1.9 -Release: 4%{?dist} +Release: 5%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}.tar.gz @@ -293,6 +293,9 @@ network splits) %endif %changelog +* Wed Jul 23 2025 Fedora Release Engineering - 3.1.9-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Mon Jun 16 2025 Jan Friesse - 3.1.9-4 - exec: Add support for env STATE_DIRECTORY - init: Use LogsDirectory in systemd unit file From 290649b778a9c526f3843b6bec9b0c47f211524e Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Thu, 24 Jul 2025 10:47:31 +0200 Subject: [PATCH 14/16] Migrate tests from STI to TMT format Signed-off-by: Jan Friesse --- .fmf/version | 1 + tests/.gitignore | 3 --- tests/plan.fmf | 12 ++++++++++++ tests/smoke/main.fmf | 2 ++ tests/smoke/runtest.sh | 0 tests/tests.yml | 12 ------------ 6 files changed, 15 insertions(+), 15 deletions(-) create mode 100644 .fmf/version delete mode 100644 tests/.gitignore create mode 100644 tests/plan.fmf create mode 100644 tests/smoke/main.fmf mode change 100644 => 100755 tests/smoke/runtest.sh delete mode 100644 tests/tests.yml diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/tests/.gitignore b/tests/.gitignore deleted file mode 100644 index e6c79fd..0000000 --- a/tests/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -# Ignore tests runs/artefacts. -artifacts/** -**/*.retry diff --git a/tests/plan.fmf b/tests/plan.fmf new file mode 100644 index 0000000..1c97683 --- /dev/null +++ b/tests/plan.fmf @@ -0,0 +1,12 @@ +summary: Run all smoke tests +discover: + how: fmf +execute: + how: tmt +prepare: + how: install + package: + - gcc + - iproute + - corosync + - corosync-devel diff --git a/tests/smoke/main.fmf b/tests/smoke/main.fmf new file mode 100644 index 0000000..c431594 --- /dev/null +++ b/tests/smoke/main.fmf @@ -0,0 +1,2 @@ +summary: Basic smoke test +test: ./runtest.sh diff --git a/tests/smoke/runtest.sh b/tests/smoke/runtest.sh old mode 100644 new mode 100755 diff --git a/tests/tests.yml b/tests/tests.yml deleted file mode 100644 index 39b6209..0000000 --- a/tests/tests.yml +++ /dev/null @@ -1,12 +0,0 @@ -- hosts: localhost - roles: - - role: standard-test-basic - tags: - - classic - tests: - - smoke - required_packages: - - gcc - - iproute - - corosync - - corosync-devel From 2de47be2d1227827c642eeb38faf1938e11064d3 Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Sat, 15 Nov 2025 16:44:01 +0100 Subject: [PATCH 15/16] New upstream release Signed-off-by: Jan Friesse --- .gitignore | 1 + corosync.spec | 13 +- ...-Add-support-for-env-STATE_DIRECTORY.patch | 113 ------------------ ...e-LogsDirectory-in-systemd-unit-file.patch | 50 -------- sources | 2 +- totemsrp-Check-size-of-orf_token-msg.patch | 68 ----------- 6 files changed, 8 insertions(+), 239 deletions(-) delete mode 100644 exec-Add-support-for-env-STATE_DIRECTORY.patch delete mode 100644 init-Use-LogsDirectory-in-systemd-unit-file.patch delete mode 100644 totemsrp-Check-size-of-orf_token-msg.patch diff --git a/.gitignore b/.gitignore index 836dba5..be468d1 100644 --- a/.gitignore +++ b/.gitignore @@ -51,3 +51,4 @@ corosync-1.2.7.tar.gz /corosync-3.1.7.tar.gz /corosync-3.1.8.tar.gz /corosync-3.1.9.tar.gz +/corosync-3.1.10.tar.gz diff --git a/corosync.spec b/corosync.spec index 4989c5a..3cb7648 100644 --- a/corosync.spec +++ b/corosync.spec @@ -14,15 +14,11 @@ Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces -Version: 3.1.9 -Release: 5%{?dist} +Version: 3.1.10 +Release: 1%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ -Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}.tar.gz - -Patch0: totemsrp-Check-size-of-orf_token-msg.patch -Patch1: exec-Add-support-for-env-STATE_DIRECTORY.patch -Patch2: init-Use-LogsDirectory-in-systemd-unit-file.patch +Source0: https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}%{?gittarver}.tar.gz # Runtime bits # The automatic dependency overridden in favor of explicit version lock @@ -293,6 +289,9 @@ network splits) %endif %changelog +* Sat Nov 15 2025 Jan Friesse - 3.1.10-1 +- New upstream release + * Wed Jul 23 2025 Fedora Release Engineering - 3.1.9-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild diff --git a/exec-Add-support-for-env-STATE_DIRECTORY.patch b/exec-Add-support-for-env-STATE_DIRECTORY.patch deleted file mode 100644 index 461a668..0000000 --- a/exec-Add-support-for-env-STATE_DIRECTORY.patch +++ /dev/null @@ -1,113 +0,0 @@ -From: Jan Friesse -Date: Wed, 11 Jun 2025 17:26:41 +0200 -Subject: [PATCH 1/2] exec: Add support for env STATE_DIRECTORY - -Image mode recommendation is to not ship /var/lib subdirectories if -possible and bootc lint produces warning if not. This was the case -also for Corosync. - -Simplest possible solution seems to implement support for systemd -unit StateDirectory functionality and not ship /var/lib/corosync -in rpm. - -So patch: -1. Adds support for reading the environment variable STATE_DIRECTORY - which is set by systemd and use it as a default value for - system.state_dir configuration option. This is generally useful - feature even for non-systemd builds. -2. Set StateDirectory in service file -3. Drop /var/lib/corosync directory from RPM for systemd builds - -Signed-off-by: Jan Friesse -Reviewed-by: Christine Caulfield ---- - corosync.spec.in | 2 ++ - exec/util.c | 19 +++++++++++++++---- - init/corosync.service.in | 1 + - man/corosync.conf.5 | 4 ++-- - 4 files changed, 20 insertions(+), 6 deletions(-) - -diff --git a/corosync.spec.in b/corosync.spec.in -index 80040a46..049c585a 100644 ---- a/corosync.spec.in -+++ b/corosync.spec.in -@@ -207,7 +207,9 @@ fi - %{_initrddir}/corosync - %{_initrddir}/corosync-notifyd - %endif -+%if %{without systemd} - %dir %{_localstatedir}/lib/corosync -+%endif - %dir %{_localstatedir}/log/cluster - %{_mandir}/man7/corosync_overview.7* - %{_mandir}/man8/corosync.8* -diff --git a/exec/util.c b/exec/util.c -index 8988ab29..795ea5c5 100644 ---- a/exec/util.c -+++ b/exec/util.c -@@ -174,13 +174,24 @@ int cs_name_tisEqual (cs_name_t *str1, char *str2) { - const char *get_state_dir(void) - { - static char path[PATH_MAX] = {'\0'}; -- char *cmap_state_dir; -+ char *state_dir; - int res; - - if (path[0] == '\0') { -- if (icmap_get_string("system.state_dir", &cmap_state_dir) == CS_OK) { -- res = snprintf(path, PATH_MAX, "%s", cmap_state_dir); -- free(cmap_state_dir); -+ if (icmap_get_string("system.state_dir", &state_dir) == CS_OK) { -+ res = snprintf(path, PATH_MAX, "%s", state_dir); -+ free(state_dir); -+ } else if ((state_dir = getenv("STATE_DIRECTORY")) != NULL) { -+ /* -+ * systemd allows multiple directory names that are -+ * passed to env variable separated by colon. Support for this feature -+ * is deliberately not implemented because corosync always -+ * uses just one state directory and it is unclear what behavior should -+ * be taken for multiple ones. If reasonable need for -+ * supporting multiple directories appear, it must be implemented also -+ * for cmap. -+ */ -+ res = snprintf(path, PATH_MAX, "%s", state_dir); - } else { - res = snprintf(path, PATH_MAX, "%s/%s", LOCALSTATEDIR, "lib/corosync"); - } -diff --git a/init/corosync.service.in b/init/corosync.service.in -index bd2a48a9..3e3efef8 100644 ---- a/init/corosync.service.in -+++ b/init/corosync.service.in -@@ -9,6 +9,7 @@ After=network-online.target - EnvironmentFile=-@INITCONFIGDIR@/corosync - ExecStart=@SBINDIR@/corosync -f $COROSYNC_OPTIONS - ExecStop=@SBINDIR@/corosync-cfgtool -H --force -+StateDirectory=corosync - Type=notify - - # In typical systemd deployments, both standard outputs are forwarded to -diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 -index 3510ab6b..3bcda7c7 100644 ---- a/man/corosync.conf.5 -+++ b/man/corosync.conf.5 -@@ -32,7 +32,7 @@ - .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF - .\" * THE POSSIBILITY OF SUCH DAMAGE. - .\" */ --.TH COROSYNC_CONF 5 2024-07-22 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" -+.TH COROSYNC_CONF 5 2025-06-12 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" - .SH NAME - corosync.conf - corosync executive configuration file - -@@ -900,7 +900,7 @@ state_dir - Existing directory where corosync should chdir into. Corosync stores - important state files and blackboxes there. - --The default is /var/lib/corosync. -+The default is the value of the environment variable STATE_DIRECTORY or /var/lib/corosync. - - .PP - Within the --- -2.47.0 - diff --git a/init-Use-LogsDirectory-in-systemd-unit-file.patch b/init-Use-LogsDirectory-in-systemd-unit-file.patch deleted file mode 100644 index eb38f6f..0000000 --- a/init-Use-LogsDirectory-in-systemd-unit-file.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 050933cf334ef4ac6a6b4a3988508ca181da34b0 Mon Sep 17 00:00:00 2001 -From: Jan Friesse -Date: Thu, 12 Jun 2025 09:40:45 +0200 -Subject: [PATCH 2/2] init: Use LogsDirectory in systemd unit file - -Similarly as StateDirectory, this is mainly for image mode. -/var/log/cluster shouldn't be included in rpm package, so -use LogsDirectory to make systemd create /var/log/cluster during -corosync startup. - -No code change is needed, because logging to log file is fully -configured by user in config file so there is no default to read from -environment variable. - -Signed-off-by: Jan Friesse -Reviewed-by: Christine Caulfield ---- - corosync.spec.in | 2 +- - init/corosync.service.in | 1 + - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/corosync.spec.in b/corosync.spec.in -index 049c585a..7cb70114 100644 ---- a/corosync.spec.in -+++ b/corosync.spec.in -@@ -209,8 +209,8 @@ fi - %endif - %if %{without systemd} - %dir %{_localstatedir}/lib/corosync --%endif - %dir %{_localstatedir}/log/cluster -+%endif - %{_mandir}/man7/corosync_overview.7* - %{_mandir}/man8/corosync.8* - %{_mandir}/man8/corosync-blackbox.8* -diff --git a/init/corosync.service.in b/init/corosync.service.in -index 3e3efef8..89d67b5e 100644 ---- a/init/corosync.service.in -+++ b/init/corosync.service.in -@@ -10,6 +10,7 @@ EnvironmentFile=-@INITCONFIGDIR@/corosync - ExecStart=@SBINDIR@/corosync -f $COROSYNC_OPTIONS - ExecStop=@SBINDIR@/corosync-cfgtool -H --force - StateDirectory=corosync -+LogsDirectory=cluster - Type=notify - - # In typical systemd deployments, both standard outputs are forwarded to --- -2.47.0 - diff --git a/sources b/sources index d3e0db1..9c626fd 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (corosync-3.1.9.tar.gz) = d5332c65535dd40e3bee48912ebf2e71c55380b3dba93c36ff8b74090edf3ec44b69685cd11fda3732e4b0dab0b2954f08be94d772fcff6aaf9a4a846ef2e4cc +SHA512 (corosync-3.1.10.tar.gz) = cf2014d15fdbd3495cfe64629255f7855a79651a595938dac7bc7ec67338d843079ae40cf1c15de23b50d85cb39b2c2e3e3448a9cc33759ad8988b8c85ce59d3 diff --git a/totemsrp-Check-size-of-orf_token-msg.patch b/totemsrp-Check-size-of-orf_token-msg.patch deleted file mode 100644 index 17b4c3e..0000000 --- a/totemsrp-Check-size-of-orf_token-msg.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 7839990f9cdf34e55435ed90109e82709032466a Mon Sep 17 00:00:00 2001 -From: Jan Friesse -Date: Mon, 24 Mar 2025 12:05:08 +0100 -Subject: [PATCH] totemsrp: Check size of orf_token msg - -orf_token message is stored into preallocated array on endian convert -so carefully crafted malicious message can lead to crash of corosync. - -Solution is to check message size beforehand. - -Signed-off-by: Jan Friesse -Reviewed-by: Christine Caulfield ---- - exec/totemsrp.c | 18 +++++++++++++++++- - 1 file changed, 17 insertions(+), 1 deletion(-) - -diff --git a/exec/totemsrp.c b/exec/totemsrp.c -index 962d0e2a..364528ce 100644 ---- a/exec/totemsrp.c -+++ b/exec/totemsrp.c -@@ -3679,12 +3679,20 @@ static int check_orf_token_sanity( - const struct totemsrp_instance *instance, - const void *msg, - size_t msg_len, -+ size_t max_msg_len, - int endian_conversion_needed) - { - int rtr_entries; - const struct orf_token *token = (const struct orf_token *)msg; - size_t required_len; - -+ if (msg_len > max_msg_len) { -+ log_printf (instance->totemsrp_log_level_security, -+ "Received orf_token message is too long... ignoring."); -+ -+ return (-1); -+ } -+ - if (msg_len < sizeof(struct orf_token)) { - log_printf (instance->totemsrp_log_level_security, - "Received orf_token message is too short... ignoring."); -@@ -3698,6 +3706,13 @@ static int check_orf_token_sanity( - rtr_entries = token->rtr_list_entries; - } - -+ if (rtr_entries > RETRANSMIT_ENTRIES_MAX) { -+ log_printf (instance->totemsrp_log_level_security, -+ "Received orf_token message rtr_entries is corrupted... ignoring."); -+ -+ return (-1); -+ } -+ - required_len = sizeof(struct orf_token) + rtr_entries * sizeof(struct rtr_item); - if (msg_len < required_len) { - log_printf (instance->totemsrp_log_level_security, -@@ -3868,7 +3883,8 @@ static int message_handler_orf_token ( - "Time since last token %0.4f ms", tv_diff / (float)QB_TIME_NS_IN_MSEC); - #endif - -- if (check_orf_token_sanity(instance, msg, msg_len, endian_conversion_needed) == -1) { -+ if (check_orf_token_sanity(instance, msg, msg_len, sizeof(token_storage), -+ endian_conversion_needed) == -1) { - return (0); - } - --- -2.47.0 - From 46f6d72cf7e780b4aaee985a882f75ded1c697cd Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Mon, 24 Nov 2025 15:55:35 +0100 Subject: [PATCH 16/16] Remove unused gittarver from source URL Signed-off-by: Jan Friesse --- corosync.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/corosync.spec b/corosync.spec index 3cb7648..6e04bf1 100644 --- a/corosync.spec +++ b/corosync.spec @@ -18,7 +18,7 @@ Version: 3.1.10 Release: 1%{?dist} License: BSD-3-Clause URL: http://corosync.github.io/corosync/ -Source0: https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}%{?gittarver}.tar.gz +Source0: https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz # Runtime bits # The automatic dependency overridden in favor of explicit version lock