diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2625054 --- /dev/null +++ b/.gitignore @@ -0,0 +1,39 @@ +/toolbox-0.0.6.tar.xz +/toolbox-0.0.7.tar.xz +/toolbox-0.0.8.tar.xz +/toolbox-0.0.9.tar.xz +/toolbox-0.0.10.tar.xz +/toolbox-0.0.11.tar.xz +/toolbox-0.0.12.tar.xz +/toolbox-0.0.13.tar.xz +/toolbox-0.0.14.tar.xz +/toolbox-0.0.15.tar.xz +/toolbox-0.0.16.tar.xz +/toolbox-0.0.17.tar.xz +/toolbox-0.0.18.tar.xz +/toolbox-0.0.91.tar.xz +/toolbox-0.0.92.tar.xz +/toolbox-0.0.93.tar.xz +/toolbox-0.0.94.tar.xz +/toolbox-0.0.95.tar.xz +/toolbox-0.0.96.tar.xz +/toolbox-0.0.97.tar.xz +/toolbox-0.0.98.tar.xz +/toolbox-0.0.98.1.tar.xz +/toolbox-0.0.99.tar.xz +/toolbox-0.0.99.1.tar.xz +/toolbox-0.0.99.2.tar.xz +/toolbox-0.0.99.2-1.git9820550c82bb.tar.xz +/toolbox-0.0.99.2^1.git9820550c82bb.tar.xz +/toolbox-0.0.99.2^2.git40fbd377ed0b.tar.xz +/toolbox-0.0.99.2^3.git075b9a8d2779.tar.xz +/toolbox-0.0.99.3.tar.xz +/toolbox-0.0.99.3-vendor.tar.xz +/toolbox-0.0.99.4-vendored.tar.xz +/toolbox-0.0.99.5-vendored.tar.xz +/toolbox-0.0.99.6-vendored.tar.xz +/toolbox-0.1.0-vendored.tar.xz +/toolbox-0.1.1-vendored.tar.xz +/toolbox-0.1.2-vendored.tar.xz +/toolbox-0.2-vendored.tar.xz +/toolbox-0.3-vendored.tar.xz diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..5ab3627 --- /dev/null +++ b/gating.yaml @@ -0,0 +1,9 @@ +--- !Policy +product_versions: + - fedora-* +decision_contexts: + - bodhi_update_push_stable + - bodhi_update_push_testing +subject_type: koji_build +rules: + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} diff --git a/plans/main.fmf b/plans/main.fmf new file mode 100644 index 0000000..e6427de --- /dev/null +++ b/plans/main.fmf @@ -0,0 +1,4 @@ +discover: + how: fmf +execute: + how: tmt diff --git a/rpminspect.yaml b/rpminspect.yaml new file mode 100644 index 0000000..f0d9c5c --- /dev/null +++ b/rpminspect.yaml @@ -0,0 +1,16 @@ +# https://github.com/rpminspect/rpminspect/blob/master/data/generic.yaml +# https://github.com/rpminspect/rpminspect-data-fedora/blob/main/fedora.yaml + +--- + +annocheck: + extra_opts: + hardened: --skip-run-path --skip-stack-prot + +elf: + exclude_path: /usr/bin/toolbox + +runpath: + allowed_paths: + - /run/host/usr/lib + - /run/host/usr/lib64 diff --git a/sources b/sources new file mode 100644 index 0000000..f30b3d7 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (toolbox-0.3-vendored.tar.xz) = e464aba1c40b37b0ed027a560a0685e5dc8f07684d33d0e2bac5f0ba8c2b2c2a4c585db8847b23bd0753e33d37e3e88c87ab71d3999c3afedf315717f468c0ba diff --git a/tests/main.fmf b/tests/main.fmf new file mode 100644 index 0000000..25a6fe7 --- /dev/null +++ b/tests/main.fmf @@ -0,0 +1,12 @@ +environment: + ROOTLESS_USER: "fedora" + TMPDIR: /var/tmp +require: + - toolbox-tests + +/rootless: + summary: rootless test + test: | + rpm --erase p11-kit-server + bash ./rootless-test.sh + duration: 4h diff --git a/tests/rootless-test.sh b/tests/rootless-test.sh new file mode 100644 index 0000000..16da9fe --- /dev/null +++ b/tests/rootless-test.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +set -exo pipefail + +uname -r + +loginctl enable-linger "$ROOTLESS_USER" + +rpm -q containers-common-extra podman toolbox + +su --whitelist-environment=$(cat ./tmt-envvars | tr '\n' ',') - "$ROOTLESS_USER" -c "whoami && cd /usr/share/toolbox/test/system && bats ." diff --git a/tests/tmt-envvars b/tests/tmt-envvars new file mode 100644 index 0000000..6f3176e --- /dev/null +++ b/tests/tmt-envvars @@ -0,0 +1 @@ +TMPDIR diff --git a/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch b/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch new file mode 100644 index 0000000..aec1779 --- /dev/null +++ b/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch @@ -0,0 +1,104 @@ +From 4649e50c28321185cbaa81a37efbd317b84ae840 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Wed, 18 Aug 2021 17:55:21 +0200 +Subject: [PATCH 1/2] cmd/run: Make sosreport work by setting the HOST + environment variable + +https://bugzilla.redhat.com/show_bug.cgi?id=1940037 +--- + src/cmd/run.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/cmd/run.go b/src/cmd/run.go +index ceb277a3640a..72b673f506b3 100644 +--- a/src/cmd/run.go ++++ b/src/cmd/run.go +@@ -576,6 +576,7 @@ func constructExecArgs(container, preserveFDs string, + execArgs = append(execArgs, envOptions...) + + execArgs = append(execArgs, []string{ ++ "--env", "HOST=/run/host", + "--interactive", + "--preserve-fds", preserveFDs, + }...) +-- +2.51.0 + + +From b2ba8445bee988143d546bc15fa3a8a8c019aa2e Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Fri, 10 Dec 2021 13:42:15 +0100 +Subject: [PATCH 2/2] test/system: Update to test the migration path for + coreos/toolbox users + +This reverts the changes to the tests made in commit +411147988b730dabf8b9e761a5426e12d648f008 by restoring commit +ca899c8a561f357ae32c6ba6813520fd8b682abb and the parts of commit +3aeb7cf288319e35eb9c5e26ea18d97452462c1e that were removed. +--- + test/system/002-help.bats | 14 -------------- + test/system/100-root.bats | 27 +++++++++++++++++++++++++++ + 2 files changed, 27 insertions(+), 14 deletions(-) + create mode 100644 test/system/100-root.bats + +diff --git a/test/system/002-help.bats b/test/system/002-help.bats +index f7cd3f5480ab..7ad5f72e792f 100644 +--- a/test/system/002-help.bats ++++ b/test/system/002-help.bats +@@ -33,20 +33,6 @@ teardown_file() { + cleanup_all + } + +-@test "help: Smoke test" { +- run --keep-empty-lines --separate-stderr "$TOOLBX" +- +- assert_failure +- assert [ ${#lines[@]} -eq 0 ] +- lines=("${stderr_lines[@]}") +- assert_line --index 0 "Error: missing command" +- assert_line --index 2 "create Create a new Toolbx container" +- assert_line --index 3 "enter Enter an existing Toolbx container" +- assert_line --index 4 "list List all existing Toolbx containers and images" +- assert_line --index 6 "Run 'toolbox --help' for usage." +- assert [ ${#stderr_lines[@]} -eq 7 ] +-} +- + @test "help: Command 'help'" { + if ! command -v man 2>/dev/null; then + skip "not found man(1)" +diff --git a/test/system/100-root.bats b/test/system/100-root.bats +new file mode 100644 +index 000000000000..cf35d60ac25c +--- /dev/null ++++ b/test/system/100-root.bats +@@ -0,0 +1,27 @@ ++#!/usr/bin/env bats ++ ++load 'libs/bats-support/load' ++load 'libs/bats-assert/load' ++load 'libs/helpers' ++ ++setup() { ++ _setup_environment ++ cleanup_all ++} ++ ++teardown() { ++ cleanup_all ++} ++ ++@test "root: Try to enter the default container with no containers created" { ++ run "$TOOLBX" <<< "n" ++ ++ assert_success ++ assert_line --index 0 "No toolbox containers found. Create now? [y/N] A container can be created later with the 'create' command." ++ assert_line --index 1 "Run 'toolbox --help' for usage." ++} ++ ++# TODO: Write the test ++@test "root: Enter the default container when 1 non-default container is present" { ++ skip "Testing of entering toolboxes is not implemented" ++} +-- +2.51.0 + diff --git a/toolbox-Make-the-build-flags-match-Fedora.patch b/toolbox-Make-the-build-flags-match-Fedora.patch new file mode 100644 index 0000000..5ee5fd4 --- /dev/null +++ b/toolbox-Make-the-build-flags-match-Fedora.patch @@ -0,0 +1,62 @@ +From a1bb7d53fab70899c991feb9276cf93a12280750 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags} + +These reflect the defaults for Fedora 39, which is the oldest supported +Fedora, barring some exceptions mentioned below. + +The change to use the RPM's %{name}, %{version}, %{release} and the +SOURCE_DATE_EPOCH environment variable [1], instead of /dev/urandom, to +generate the build ID annotation for the toolbox(1) binary [2] was left +out. It will need more work to propagate the RPM's %{name}, %{version} +and %{release} to Meson. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match Fedora's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. + +[1] https://reproducible-builds.org/docs/source-date-epoch/ + +[2] go-rpm-macros commit 1980932bf3a21890 + https://pagure.io/go-rpm-macros/c/1980932bf3a21890 + https://fedoraproject.org/wiki/Changes/ReproduciblePackageBuilds +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..5978422e9aed 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-}" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.51.0 + diff --git a/toolbox-Make-the-build-flags-match-RHEL-10.patch b/toolbox-Make-the-build-flags-match-RHEL-10.patch new file mode 100644 index 0000000..9528088 --- /dev/null +++ b/toolbox-Make-the-build-flags-match-RHEL-10.patch @@ -0,0 +1,71 @@ +From f79f96fb8f3ec528952b9719f356e871837987df Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL 10's %{gobuildflags} + +These reflect the defaults for RHEL 10.0 Beta, because RHEL 10.0 is +still early in its development cycle and the defaults may be in a state +of flux. Some exceptions are mentioned below. + +The '-z pack-relative-relocs' linker flag was left out. It's currently +not supported on s390x, so using it would require architecture specific +patches, which is a hassle. Support for aarch64 was recently added [1], +so hopefully s390x will also be supported soon. + +The change to use the RPM's %{name}, %{version}, %{release} and the +SOURCE_DATE_EPOCH environment variable [2], instead of /dev/urandom, to +generate the build ID annotation for the toolbox(1) binary [2] was left +out. It will need more work to propagate the RPM's %{name}, %{version} +and %{release} to Meson. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL 10's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. + +[1] CentOS Stream redhat-rpm-config commit 3c5a6b17540b2a0b + https://gitlab.com/redhat/centos-stream/rpms/redhat-rpm-config/-/commit/3c5a6b17540b2a0b + https://gitlab.com/redhat/centos-stream/rpms/redhat-rpm-config/-/merge_requests/42 + https://issues.redhat.com/browse/RHEL-40379 + +[2] go-rpm-macros commit 1980932bf3a21890 + https://pagure.io/go-rpm-macros/c/1980932bf3a21890 + https://fedoraproject.org/wiki/Changes/ReproduciblePackageBuilds +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..5978422e9aed 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-}" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.51.0 + diff --git a/toolbox-Make-the-build-flags-match-RHEL-9.patch b/toolbox-Make-the-build-flags-match-RHEL-9.patch new file mode 100644 index 0000000..492268a --- /dev/null +++ b/toolbox-Make-the-build-flags-match-RHEL-9.patch @@ -0,0 +1,50 @@ +From 2d1b4b2492c65abd0d0bf0c71c971f550447412d Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match RHEL 9's %{gobuildflags} + +These reflect the defaults for RHEL 9.5, because RHEL 9.6 is still early +in its development cycle and the defaults may be in a state of flux. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match RHEL 9's Go guidelines. Use +'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro. +--- + src/go-build-wrapper | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index a5a1a6a508fb..0a2c7526f210 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -33,9 +33,9 @@ if ! cd "$1"; then + exit 1 + fi + +-tags="" ++tags="-tags rpm_crashtraceback,${GO_BUILDTAGS:-},libtrust_openssl" + if $7; then +- tags="-tags migration_path_for_coreos_toolbox" ++ tags="$tags,migration_path_for_coreos_toolbox" + fi + + if ! libc_dir=$("$5" --print-file-name=libc.so); then +@@ -114,9 +114,14 @@ dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basen + + # shellcheck disable=SC2086 + go build \ ++ -buildmode pie \ ++ -compiler gc \ + $tags \ + -trimpath \ +- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -ldflags "${GO_LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname -Wl,--export-dynamic -Wl,--unresolved-symbols=ignore-in-object-files' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \ ++ -a \ ++ -v \ ++ -x \ + -o "$2/$3" + + exit "$?" +-- +2.51.0 + diff --git a/toolbox.conf b/toolbox.conf new file mode 100644 index 0000000..f612e2f --- /dev/null +++ b/toolbox.conf @@ -0,0 +1,17 @@ +[general] +# Create a toolbox container for a different operating system distro than the +# host. Cannot be used with 'image'. +## distro = "fedora" + +# Create a toolbox container for a different operating system release than the +# host. Cannot be used with 'image'. +## release = "33" + +# Change the name of the image used to create the toolbox container. This is +# useful for creating containers from custom-built images. Cannot be used with +# 'distro' or 'release'. +# +# If the name does not contain a registry, the local image storage will be +# consulted, and if it's not present there then it will be pulled from a +# suitable remote registry. +image = "registry.access.redhat.com/ubi9/toolbox:latest" diff --git a/toolbox.rpmlintrc b/toolbox.rpmlintrc new file mode 100644 index 0000000..150b710 --- /dev/null +++ b/toolbox.rpmlintrc @@ -0,0 +1 @@ +addFilter(r'no-%check-section') diff --git a/toolbox.spec b/toolbox.spec new file mode 100644 index 0000000..09e3785 --- /dev/null +++ b/toolbox.spec @@ -0,0 +1,525 @@ +%global __brp_check_rpaths %{nil} + +%if 0%{?rhel} +%if 0%{?rhel} <= 9 +%{!?bash_completions_dir: %global bash_completions_dir %{_datadir}/bash-completion/completions} +%{!?fish_completions_dir: %global fish_completions_dir %{_datadir}/fish/vendor_completions.d} +%{!?zsh_completions_dir: %global zsh_completions_dir %{_datadir}/zsh/site-functions} +%endif +%endif + + +Name: toolbox +Version: 0.3 + +%global goipath github.com/containers/%{name} + +%if 0%{?fedora} +%gometa -f +%endif + +%if 0%{?rhel} +%if 0%{?rhel} <= 9 +%gometa +%else +%gometa -f +%endif +%endif + +%global toolbx_go 1.22 + +%if 0%{?fedora} +%global toolbx_go 1.24.7 +%endif + +%if 0%{?rhel} +%if 0%{?rhel} == 9 +%global toolbx_go 1.22.5 +%elif 0%{?rhel} == 10 +%global toolbx_go 1.22.5 +%elif 0%{?rhel} > 10 +%global toolbx_go 1.24.4 +%endif +%endif + +Release: 2%{?dist} +Summary: Tool for interactive command line environments on Linux + +License: Apache-2.0 +URL: https://containertoolbx.org/ +Source0: https://github.com/containers/%{name}/releases/download/%{version}/%{name}-%{version}-vendored.tar.xz + +# RHEL specific +Source1: %{name}.conf + +# Fedora specific +Patch100: toolbox-Make-the-build-flags-match-Fedora.patch + +# RHEL specific +Patch200: toolbox-Make-the-build-flags-match-RHEL-9.patch +Patch201: toolbox-Make-the-build-flags-match-RHEL-10.patch +Patch202: toolbox-Add-migration-paths-for-coreos-toolbox-users.patch + +BuildRequires: gcc +BuildRequires: go-md2man +BuildRequires: golang >= %{toolbx_go} +BuildRequires: meson >= 0.58.0 +BuildRequires: pkgconfig(bash-completion) +BuildRequires: shadow-utils-subid-devel >= 4.16.0 +BuildRequires: systemd +BuildRequires: systemd-rpm-macros +%if ! 0%{?rhel} +BuildRequires: pkgconfig(fish) +# for tests +# BuildRequires: codespell +# BuildRequires: ShellCheck +%endif + +Recommends: p11-kit-server +Recommends: skopeo +%if ! 0%{?rhel} +Recommends: fuse-overlayfs +%endif + +Requires: containers-common +Requires: flatpak-session-helper +Requires: podman >= 1.6.4 +Requires: shadow-utils-subid%{?_isa} >= 4.16.0 + + +%description +Toolbx is a tool for Linux, which allows the use of interactive command line +environments for software development and troubleshooting the host operating +system, without having to install software on the host. It is built on top of +Podman and other standard container technologies from OCI. + +Toolbx environments have seamless access to the user's home directory, the +Wayland and X11 sockets, networking (including Avahi), removable devices (like +USB sticks), systemd journal, SSH agent, D-Bus, ulimits, /dev and the udev +database, etc.. + + +%package tests +Summary: Tests for %{name} + +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: coreutils +Requires: diffutils +# for gdbus(1) +Requires: glib2 +Requires: grep +# for htpasswd(1) +Requires: httpd-tools +Requires: openssl +Requires: python3 +Requires: skopeo +%if ! 0%{?rhel} +Requires: bats >= 1.10.0 +%endif + + +%description tests +The %{name}-tests package contains system tests for %{name}. + + +%prep +%setup -q + +%if 0%{?fedora} +%patch -P100 -p1 +%endif + +%if 0%{?rhel} +%if 0%{?rhel} == 9 +%patch -P200 -p1 +%endif + +%if 0%{?rhel} >= 10 +%patch -P201 -p1 +%endif + +%if 0%{?rhel} <= 9 +%patch -P202 -p1 +%endif +%endif + +%gomkdir -s %{_builddir}/%{extractdir}/src -k + + +%build +export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" + +%meson \ +%if 0%{?rhel} + -Dfish_completions_dir=%{fish_completions_dir} \ +%if 0%{?rhel} <= 9 + -Dmigration_path_for_coreos_toolbox=true \ +%endif +%endif + -Dprofile_dir=%{_sysconfdir}/profile.d \ + -Dtmpfiles_dir=%{_tmpfilesdir} \ + -Dzsh_completions_dir=%{zsh_completions_dir} + +%meson_build + + +# %%check +# %%meson_test + + +%install +%meson_install + +%if 0%{?rhel} +%if 0%{?rhel} <= 9 +install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf +%endif +%endif + + +%files +%doc CODE-OF-CONDUCT.md CONTRIBUTING.md GOALS.md NEWS README.md SECURITY.md +%license COPYING src/vendor/modules.txt +%{_bindir}/%{name} +%{_mandir}/man1/%{name}.1* +%{_mandir}/man1/%{name}-*.1* +%{_mandir}/man5/%{name}.conf.5* +%config(noreplace) %{_sysconfdir}/containers/%{name}.conf +%{_sysconfdir}/profile.d/%{name}.sh +%{_tmpfilesdir}/%{name}.conf +%{bash_completions_dir}/%{name}.bash +%{fish_completions_dir}/%{name}.fish +%{zsh_completions_dir}/_%{name} + + +%files tests +%{_datadir}/%{name} + + +%changelog +* Fri Oct 10 2025 Alejandro Sáez - 0.3-2 +- rebuild + +* Wed Sep 17 2025 Debarshi Ray - 0.3-1 +- Update to 0.3 + +* Fri Aug 15 2025 Maxwell G - 0.2-2 +- Rebuild for golang-1.25.0 + +* Sat Aug 09 2025 Debarshi Ray - 0.2-1 +- Update to 0.2 +- Fix CVE-2025-23266, CVE-2025-23267, and GHSA-fv92-fjc5-jj9h or GO-2025-3787 + +* Fri Jul 25 2025 Fedora Release Engineering - 0.1.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Tue Jun 03 2025 Debarshi Ray - 0.1.2-1 +- Update to 0.1.2 + +* Wed Jan 22 2025 Debarshi Ray - 0.1.1-3 +- Use RPM macros for shell completions and clean up directory ownership + +* Sun Jan 19 2025 Fedora Release Engineering - 0.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Mon Nov 04 2024 Debarshi Ray - 0.1.1-1 +- Update to 0.1.1 + +* Tue Oct 22 2024 Debarshi Ray - 0.1.0-1 +- Update to 0.1.0 + +* Wed Oct 16 2024 Debarshi Ray - 0.0.99.6-6 +- Recommend fuse-overlayfs because old containers created with it need it + +* Mon Oct 07 2024 Debarshi Ray - 0.0.99.6-5 +- Don't use slirp4netns(1) in tests to work around bug in pasta(1) + +* Fri Oct 04 2024 Debarshi Ray - 0.0.99.6-4 +- Use the fedora-toolbox:40 image for Fedora Asahi Remix hosts + +* Thu Oct 03 2024 Debarshi Ray - 0.0.99.6-3 +- Unbreak the downstream Fedora CI + +* Wed Oct 02 2024 Debarshi Ray - 0.0.99.6-2 +- Silence 'rpminspect --tests=elf' + +* Mon Sep 30 2024 Debarshi Ray - 0.0.99.6-1 +- Update to 0.0.99.6 + +* Thu Sep 12 2024 Debarshi Ray - 0.0.99.5-18 +- Rebuild against shadow-utils-subid ABI version 5.0.0 + +* Thu Aug 08 2024 Debarshi Ray - 0.0.99.5-17 +- Ensure slirp4netns(1) is installed + +* Wed Jul 31 2024 Debarshi Ray - 0.0.99.5-16 +- Avoid running out of storage space when running the tests + +* Fri Jul 26 2024 Adam Williamson - 0.0.99.5-15 +- Fix CI test (hopefully) + +* Sat Jul 20 2024 Fedora Release Engineering - 0.0.99.5-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Jul 11 2024 Debarshi Ray - 0.0.99.5-13 +- Silence 'rpminspect --tests=stack-prot' + +* Thu Jul 11 2024 Debarshi Ray - 0.0.99.5-12 +- Silence 'rpminspect --tests=annocheck' (part 2) + +* Tue May 07 2024 Debarshi Ray - 0.0.99.5-11 +- Unbreak the tests with Podman 5.0 + +* Tue Mar 26 2024 Debarshi Ray - 0.0.99.5-10 +- Specify the golang versions for RHEL 9 and 10 + +* Tue Mar 05 2024 Debarshi Ray - 0.0.99.5-9 +- Conditionalize the BuildRequires on golang + +* Tue Feb 27 2024 Debarshi Ray - 0.0.99.5-8 +- Unbreak Podman's downstream Fedora CI (part 2) +- Backport some new upstream tests + +* Tue Feb 13 2024 Debarshi Ray - 0.0.99.5-7 +- Unbreak Podman's downstream Fedora CI +- Update the BuildRequires on golang to reflect reality + +* Sun Feb 11 2024 Maxwell G - 0.0.99.5-6 +- Rebuild for golang 1.22.0 + +* Wed Feb 07 2024 Debarshi Ray - 0.0.99.5-5 +- Migrate to SPDX license + +* Sat Jan 27 2024 Fedora Release Engineering - 0.0.99.5-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jan 11 2024 Debarshi Ray - 0.0.99.5-3 +- Drop 'Recommends: subscription-manager' + +* Tue Dec 19 2023 Debarshi Ray - 0.0.99.5-2 +- Drop the experience and support subpackages + +* Tue Dec 19 2023 Debarshi Ray - 0.0.99.5-1 +- Update to 0.0.99.5 + +* Tue Dec 19 2023 Debarshi Ray - 0.0.99.4-10 +- Require openssl(1) for the system tests in the tests subpackage + +* Wed Dec 06 2023 Adam Williamson - 0.0.99.4-9 +- tests subpackage: require httpd-tools for htpasswd + +* Tue Dec 05 2023 Debarshi Ray - 0.0.99.4-8 +- Fix the conditionals for 'if RHEL <= 9' + +* Thu Nov 30 2023 Debarshi Ray - 0.0.99.4-7 +- Track the active container on Fedora Linux Asahi Remix + +* Thu Nov 09 2023 Debarshi Ray - 0.0.99.4-6 +- Drop the custom /etc/containers/toolbox.conf from RHEL 10 onwards + +* Mon Oct 02 2023 Debarshi Ray - 0.0.99.4-5 +- Drop github.com/coreos/toolbox compatibility from RHEL 10 onwards + +* Mon Oct 02 2023 Debarshi Ray - 0.0.99.4-4 +- Be aware of security hardened mount points +- Simplify removing the user's password + +* Sat Jul 22 2023 Fedora Release Engineering - 0.0.99.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Mar 8 2023 Nieves Montero - 0.0.99.4-2 +- Sprinkle a debug log + +* Wed Feb 22 2023 Debarshi Ray - 0.0.99.4-1 +- Update to 0.0.99.4 + +* Wed Feb 22 2023 Martin Jackson - 0.0.99.3-12 +- Fix the ExclusiveArch + +* Tue Feb 21 2023 Debarshi Ray - 0.0.99.3-11 +- Add ExclusiveArch to match Podman + +* Thu Feb 02 2023 Yaakov Selkowitz - 0.0.99.3-10 +- Sync packaging changes from CentOS Stream + +* Sat Jan 21 2023 Fedora Release Engineering - 0.0.99.3-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Dec 22 2022 Yaakov Selkowitz - 0.0.99.3-8 +- Use vendored dependencies for RHEL/ELN builds + +* Sat Jul 23 2022 Fedora Release Engineering - 0.0.99.3-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue Jul 19 2022 Maxwell G - 0.0.99.3-6 +- Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in + golang + +* Sat Jun 18 2022 Robert-André Mauchin - 0.0.99.3-5 +- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, + CVE-2022-29526, CVE-2022-30629 + +* Sat Jan 22 2022 Fedora Release Engineering - 0.0.99.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Sun Jan 09 2022 Ondřej Míchal - 0.0.99.3-3 +- Add upstream patch fixing doubled error messages + +* Fri Dec 10 2021 Debarshi Ray - 0.0.99.3-2 +- BuildRequire only systemd-rpm-macros as recommended by the Fedora packaging + guidelines + +* Fri Dec 10 2021 Debarshi Ray - 0.0.99.3-1 +- Update to 0.0.99.3 + +* Mon Oct 25 2021 Debarshi Ray - 0.0.99.2^3.git075b9a8d2779-9 +- Restore backwards compatibility with existing containers + +* Fri Oct 22 2021 Debarshi Ray - 0.0.99.2^3.git075b9a8d2779-8 +- Ensure that binaries are run against their build-time ABI + +* Mon Sep 13 2021 Oliver Gutiérrez - 0.0.99.2^3.git075b9a8d2779-7 +- Rebuilt for gating tests + +* Thu Sep 09 2021 Oliver Gutiérrez - 0.0.99.2^3.git075b9a8d2779-6 +- Rebuilt for gating tests + +* Mon Aug 23 2021 Oliver Gutiérrez - 0.0.99.2^3.git075b9a8d2779-5 +- Version bump to build and check fedora gating after fixing ansible playbooks + +* Fri Aug 20 2021 Oliver Gutiérrez - 0.0.99.2^3.git075b9a8d2779-4 +- Version bump to build and check fedora gating + +* Wed Aug 18 2021 Oliver Gutiérrez - 0.0.99.2^3.git075b9a8d2779-3 +- Added Fedora gating + +* Wed Aug 18 2021 Debarshi Ray - 0.0.99.2^3.git075b9a8d2779-2 +- Require containers-common for ownership of %%{_sysconfdir}/containers + +* Mon Aug 09 2021 Oliver Gutiérrez - 0.0.99.2^3.git075b9a8d2779-1 +- Updated to 0.0.99.2^3.git075b9a8d2779 snapshot + +* Thu Jul 29 2021 Oliver Gutiérrez - 0.0.99.2^2.git40fbd377ed0b-1 +- Updated to 0.0.99.2^2.git40fbd377ed0b snapshot + +* Wed Jul 28 2021 Oliver Gutiérrez - 0.0.99.2^1.git9820550c82bb-1 +- Updated to 0.00.99.2^1.git9820550c82bb snapshot + +* Wed Jul 28 2021 Ondřej Míchal - 0.0.99.2-3 +- Update dependencies of -tests subpackage + +* Fri Jul 23 2021 Fedora Release Engineering - 0.0.99.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Sat Jun 26 2021 Debarshi Ray - 0.0.99.2-1 +- Update to 0.0.99.2 + +* Tue Feb 23 2021 Debarshi Ray - 0.0.99.1-1 +- Update to 0.0.99.1 + +* Wed Jan 27 2021 Fedora Release Engineering - 0.0.99-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jan 12 2021 Debarshi Ray - 0.0.99-1 +- Update to 0.0.99 + +* Mon Jan 11 2021 Debarshi Ray - 0.0.98.1-2 +- Harden the binary by using the same CGO_CFLAGS as on RHEL 8 + +* Thu Jan 07 2021 Debarshi Ray - 0.0.98.1-1 +- Update to 0.0.98.1 + +* Tue Jan 05 2021 Debarshi Ray - 0.0.98-1 +- Update to 0.0.98 + +* Wed Nov 25 2020 Ondřej Míchal - 0.0.97-2 +- Move krb5-libs from -support to -experience, and update the list of packages + in -experience + +* Tue Nov 03 2020 Debarshi Ray - 0.0.97-1 +- Update to 0.0.97 + +* Thu Oct 01 2020 Debarshi Ray - 0.0.96-1 +- Update to 0.0.96 + +* Sun Aug 30 2020 Debarshi Ray - 0.0.95-1 +- Update to 0.0.95 + +* Mon Aug 24 2020 Debarshi Ray - 0.0.94-1 +- Update to 0.0.94 + +* Wed Jul 29 2020 Fedora Release Engineering - 0.0.93-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Sat Jul 25 2020 Debarshi Ray - 0.0.93-1 +- Update to 0.0.93 + +* Fri Jul 03 2020 Debarshi Ray - 0.0.92-1 +- Update to 0.0.92 + +* Fri Jul 03 2020 Debarshi Ray - 0.0.91-2 +- Fix the 'toolbox --version' output + +* Tue Jun 30 2020 Harry Míchal - 0.0.91-1 +- Update to 0.0.91 + +* Sat Jun 27 2020 Debarshi Ray - 0.0.18-5 +- Remove ExclusiveArch to match Podman + +* Wed Jun 10 2020 Debarshi Ray - 0.0.18-4 +- Sync the "experience" packages with the current Dockerfile +- Make "experience" Require "support" + +* Fri Apr 03 2020 Debarshi Ray - 0.0.18-3 +- Drop compatibility Obsoletes and Provides for fedora-toolbox + +* Fri Jan 31 2020 Fedora Release Engineering - 0.0.18-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Tue Jan 14 2020 Debarshi Ray - 0.0.18-1 +- Update to 0.0.18 + +* Wed Nov 20 2019 Debarshi Ray - 0.0.17-1 +- Update to 0.0.17 + +* Tue Oct 29 2019 Debarshi Ray - 0.0.16-1 +- Update to 0.0.16 + +* Mon Sep 30 2019 Debarshi Ray - 0.0.15-1 +- Update to 0.0.15 + +* Wed Sep 18 2019 Debarshi Ray - 0.0.14-1 +- Update to 0.0.14 + +* Thu Sep 05 2019 Debarshi Ray - 0.0.13-1 +- Update to 0.0.13 + +* Sat Jul 27 2019 Fedora Release Engineering - 0.0.12-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jul 22 2019 Debarshi Ray - 0.0.12-1 +- Update to 0.0.12 + +* Tue Jun 25 2019 Debarshi Ray - 0.0.11-2 +- Require flatpak-session-helper + +* Fri Jun 21 2019 Debarshi Ray - 0.0.11-1 +- Update to 0.0.11 + +* Tue May 21 2019 Debarshi Ray - 0.0.10-1 +- Update to 0.0.10 + +* Tue Apr 30 2019 Debarshi Ray - 0.0.9-1 +- Update to 0.0.9 + +* Tue Apr 16 2019 Adam Williamson - 0.0.8-2 +- Rebuild with Meson fix for #1699099 + +* Fri Apr 12 2019 Debarshi Ray - 0.0.8-1 +- Update to 0.0.8 + +* Thu Mar 14 2019 Debarshi Ray - 0.0.7-1 +- Update to 0.0.7 + +* Fri Feb 22 2019 Debarshi Ray - 0.0.6-1 +- Initial build after rename from fedora-toolbox