diff --git a/.gitignore b/.gitignore index 4cecead..ad230fd 100644 --- a/.gitignore +++ b/.gitignore @@ -11,3 +11,12 @@ /toolbox-0.0.16.tar.xz /toolbox-0.0.17.tar.xz /toolbox-0.0.18.tar.xz +/toolbox-0.0.91.tar.xz +/toolbox-0.0.92.tar.xz +/toolbox-0.0.93.tar.xz +/toolbox-0.0.94.tar.xz +/toolbox-0.0.95.tar.xz +/toolbox-0.0.96.tar.xz +/toolbox-0.0.97.tar.xz +/toolbox-0.0.98.tar.xz +/toolbox-0.0.99.1.tar.xz diff --git a/sources b/sources index 9e3fa70..668e2bc 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (toolbox-0.0.18.tar.xz) = 4b47e950bbe2dcf31d2cb155664df822f01708188615fae3304289986176002bd2ffd8b630ad2453c8cc20b93e92e2c10f38948515dede67f55b44cd4a697e5c +SHA512 (toolbox-0.0.99.1.tar.xz) = 6021653eb7fbfc85ea700a9f52f9cfb552efbd4127eb3332a53bd340c8270c4d7a4e54b4a435202fd9e95ee0d90555a46ae9363a930b37fa35e63f239dffc027 diff --git a/toolbox-Don-t-use-Go-s-semantic-import-versioning.patch b/toolbox-Don-t-use-Go-s-semantic-import-versioning.patch new file mode 100644 index 0000000..a39257b --- /dev/null +++ b/toolbox-Don-t-use-Go-s-semantic-import-versioning.patch @@ -0,0 +1,73 @@ +From 4039c49b0cd2111cd1c505b9a9aef25aeebb6a0e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Harry=20M=C3=ADchal?= +Date: Sat, 27 Jun 2020 16:17:56 +0200 +Subject: [PATCH] Don't use Go's semantic import versioning + +Fedora doesn't support Go modules when building Go programs. This +means that source code using semantic import versioning can't be built. + +https://github.com/containers/toolbox/pull/484 +--- + src/cmd/create.go | 2 +- + src/go.mod | 2 +- + src/go.sum | 4 ++-- + src/pkg/utils/utils.go | 2 +- + 4 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/cmd/create.go b/src/cmd/create.go +index 50938890b22f..29bc0f2c42f7 100644 +--- a/src/cmd/create.go ++++ b/src/cmd/create.go +@@ -28,7 +28,7 @@ import ( + "github.com/containers/toolbox/pkg/podman" + "github.com/containers/toolbox/pkg/shell" + "github.com/containers/toolbox/pkg/utils" +- "github.com/godbus/dbus/v5" ++ "github.com/godbus/dbus" + "github.com/sirupsen/logrus" + "github.com/spf13/cobra" + "golang.org/x/crypto/ssh/terminal" +diff --git a/src/go.mod b/src/go.mod +index 219d3d578992..7e1a6807fd7e 100644 +--- a/src/go.mod ++++ b/src/go.mod +@@ -8,7 +8,7 @@ require ( + github.com/briandowns/spinner v1.10.0 + github.com/docker/go-units v0.4.0 + github.com/fsnotify/fsnotify v1.4.7 +- github.com/godbus/dbus/v5 v5.0.3 ++ github.com/godbus/dbus v4.1.0+incompatible + github.com/mattn/go-isatty v0.0.8 + github.com/sirupsen/logrus v1.4.2 + github.com/spf13/cobra v0.0.5 +diff --git a/src/go.sum b/src/go.sum +index 5a03a6823698..d9ce63604fcf 100644 +--- a/src/go.sum ++++ b/src/go.sum +@@ -18,8 +18,8 @@ github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys= + github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= + github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= + github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +-github.com/godbus/dbus/v5 v5.0.3 h1:ZqHaoEF7TBzh4jzPmqVhE/5A1z9of6orkAe5uHoAeME= +-github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= ++github.com/godbus/dbus v4.1.0+incompatible h1:WqqLRTsQic3apZUK9qC5sGNfXthmPXzUZ7nQPrNITa4= ++github.com/godbus/dbus v4.1.0+incompatible/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= + github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= + github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= + github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +diff --git a/src/pkg/utils/utils.go b/src/pkg/utils/utils.go +index 5455298cbce4..3f7fc26147fc 100644 +--- a/src/pkg/utils/utils.go ++++ b/src/pkg/utils/utils.go +@@ -33,7 +33,7 @@ import ( + "github.com/acobaugh/osrelease" + "github.com/containers/toolbox/pkg/shell" + "github.com/docker/go-units" +- "github.com/godbus/dbus/v5" ++ "github.com/godbus/dbus" + "github.com/sirupsen/logrus" + "golang.org/x/sys/unix" + ) +-- +2.25.4 + diff --git a/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch b/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch new file mode 100644 index 0000000..43df0c9 --- /dev/null +++ b/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch @@ -0,0 +1,40 @@ +From e9bfc40bbbf7af1a20819b6840441cbe52a7d1b7 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match Fedora's %{gobuild} for + PPC64 + +The Go toolchain doesn't play well with passing compiler and linker +flags via environment variables. The linker flags require a second +level of quoting, which leaves the build system without a quote level +to assign the flags to an environment variable like GOFLAGS. + +This is one reason why Fedora doesn't have a RPM macro with only the +flags. The %{gobuild} RPM macro includes the entire 'go build ...' +invocation. + +The Go toolchain also doesn't like the LDFLAGS environment variable as +exported by Fedora's %{meson} RPM macro. + +Note that these flags are only meant for the "ppc64" CPU architecture, +and should be kept updated to match Fedora's Go guidelines. Use +'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro. +--- + src/go-build-wrapper | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index 515e1d8a0670..8baaff53b329 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -27,5 +27,6 @@ if ! cd "$1"; then + exit 1 + fi + +-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox" ++unset LDFLAGS ++go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox" + exit "$?" +-- +2.29.2 + diff --git a/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch b/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch new file mode 100644 index 0000000..16c844d --- /dev/null +++ b/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch @@ -0,0 +1,39 @@ +From d204528ce3b3c70727c12e1911d1c5562b56d474 Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Mon, 29 Jun 2020 17:57:47 +0200 +Subject: [PATCH] build: Make the build flags match Fedora's %{gobuild} + +The Go toolchain doesn't play well with passing compiler and linker +flags via environment variables. The linker flags require a second +level of quoting, which leaves the build system without a quote level +to assign the flags to an environment variable like GOFLAGS. + +This is one reason why Fedora doesn't have a RPM macro with only the +flags. The %{gobuild} RPM macro includes the entire 'go build ...' +invocation. + +The Go toolchain also doesn't like the LDFLAGS environment variable as +exported by Fedora's %{meson} RPM macro. + +Note that these flags are meant for every CPU architecture other than +PPC64, and should be kept updated to match Fedora's Go guidelines. Use +'rpm --eval "%{gobuild}"' to expand the %{gobuild} macro. +--- + src/go-build-wrapper | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/go-build-wrapper b/src/go-build-wrapper +index 515e1d8a0670..013a35e52a1a 100755 +--- a/src/go-build-wrapper ++++ b/src/go-build-wrapper +@@ -27,5 +27,6 @@ if ! cd "$1"; then + exit 1 + fi + +-go build -trimpath -ldflags "-extldflags '-Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2/toolbox" ++unset LDFLAGS ++go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--wrap,pthread_sigmask $4' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$3" -a -v -x -o "$2/toolbox" + exit "$?" +-- +2.29.2 + diff --git a/toolbox-cmd-run-Don-t-notify-the-terminal-when-running-as-ro.patch b/toolbox-cmd-run-Don-t-notify-the-terminal-when-running-as-ro.patch new file mode 100644 index 0000000..8b98a1e --- /dev/null +++ b/toolbox-cmd-run-Don-t-notify-the-terminal-when-running-as-ro.patch @@ -0,0 +1,61 @@ +From bec898b4fcf56a0b94226a4b024057668793c29a Mon Sep 17 00:00:00 2001 +From: Debarshi Ray +Date: Wed, 10 Mar 2021 12:44:13 +0100 +Subject: [PATCH] cmd/run: Don't notify the terminal when running as root + +This is a one-off and a hacky workaround for Fedora 32. + +Toolbox 0.0.98 added support for rootful toolbox containers, and as +part of that it communicates to the terminal emulator whether the +container is rootful or rootless. The idea is that GNOME Terminal +won't preserve rootful toolbox containers. Just like it doesn't +preserve the current working directory for su(1) or sudo(8) sessions. +Otherwise, it would try to spawn a rootful container as rootless +inside a new terminal and fail. + +However, the GNOME Terminal and VTE in Fedora 32 are old and don't +know how to do this. Therefore, to avoid breaking the terminal emulator +when running rootful toolbox containers, Toolbox simply doesn't emit +the notification. + +This an imperfect solution because, strictly speaking, one needs to +detect when Toolbox is running with a different UID than the terminal +emulator, and Toolbox can't know this without any help from the +terminal. Therefore, this solution won't work if the user is running +their entire graphical session as root, or is using su(1) or sudo(8) to +run an interactive shell session as another user that's not root. + +Regardless, this is still better than modifying GNOME Terminal and VTE +so late in the Fedora 32 lifecycle, and it's safe to say that rootful +toolbox containers are still an experimental feature. The cases where +this solution won't work are either unsupported environments (eg., +running the graphical session as root) or simply quite rare. +--- + src/cmd/run.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/cmd/run.go b/src/cmd/run.go +index 61a100b375d4..7d1c3ae11336 100644 +--- a/src/cmd/run.go ++++ b/src/cmd/run.go +@@ -314,7 +314,7 @@ func runCommand(container string, + + execArgs = append(execArgs, command...) + +- if emitEscapeSequence { ++ if emitEscapeSequence && currentUser.Uid != "0" { + fmt.Printf("\033]777;container;push;%s;toolbox;%s\033\\", container, currentUser.Uid) + } + +@@ -326,7 +326,7 @@ func runCommand(container string, + + exitCode, err := shell.RunWithExitCode("podman", os.Stdin, os.Stdout, nil, execArgs...) + +- if emitEscapeSequence { ++ if emitEscapeSequence && currentUser.Uid != "0" { + fmt.Printf("\033]777;container;pop;;;%s\033\\", currentUser.Uid) + } + +-- +2.29.2 + diff --git a/toolbox.spec b/toolbox.spec index b969cfd..9ef11ef 100644 --- a/toolbox.spec +++ b/toolbox.spec @@ -1,18 +1,35 @@ Name: toolbox -Version: 0.0.18 -Release: 2%{?dist} +Version: 0.0.99.1 + +%global goipath github.com/containers/%{name} +%gometa + +Release: 1%{?dist} Summary: Unprivileged development environment License: ASL 2.0 -URL: https://github.com/containers/toolbox +URL: https://github.com/containers/%{name} Source0: https://github.com/containers/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz -BuildArch: noarch -# buildah and podman only work on the following architectures: -ExclusiveArch: aarch64 %{arm} ppc64le s390x x86_64 +# Fedora specific +Patch100: toolbox-Don-t-use-Go-s-semantic-import-versioning.patch +Patch101: toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch +Patch102: toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch +Patch103: toolbox-cmd-run-Don-t-notify-the-terminal-when-running-as-ro.patch BuildRequires: ShellCheck +BuildRequires: golang >= 1.13 BuildRequires: golang-github-cpuguy83-md2man +BuildRequires: golang(github.com/HarryMichal/go-version) +BuildRequires: golang(github.com/acobaugh/osrelease) +BuildRequires: golang(github.com/briandowns/spinner) >= 1.10.0 +BuildRequires: golang(github.com/docker/go-units) >= 0.4.0 +BuildRequires: golang(github.com/fsnotify/fsnotify) >= 1.4.7 +BuildRequires: golang(github.com/godbus/dbus) >= 5.0.3 +BuildRequires: golang(github.com/mattn/go-isatty) >= 0.0.12 +BuildRequires: golang(github.com/sirupsen/logrus) >= 1.4.2 +BuildRequires: golang(github.com/spf13/cobra) >= 0.0.5 +BuildRequires: golang(golang.org/x/sys/unix) BuildRequires: meson BuildRequires: pkgconfig(bash-completion) BuildRequires: systemd @@ -26,23 +43,23 @@ Obsoletes: fedora-toolbox < 0.0.5-2 %description -Toolbox is offers a familiar RPM based environment for developing and -debugging software that runs fully unprivileged using Podman. +Toolbox is a tool for Linux operating systems, which allows the use of +containerized command line environments. It is built on top of Podman and +other standard container technologies from OCI. # The list of requires packages for -support and -experience should be in sync with: -# https://github.com/debarshiray/toolbox/blob/master/images/fedora/f31/extra-packages +# https://github.com/containers/toolbox/blob/master/images/fedora/f32/extra-packages %package support Summary: Required packages for the container image to support %{name} # These are really required to make the image work with toolbox Requires: passwd Requires: shadow-utils -Requires: krb5-libs Requires: vte-profile %description support The %{name}-support package contains all the required packages that are needed -to be installed in the container image to make it work with the %{name}. +to be installed in the OCI image to make it work with %{name}. The %{name}-support package should be typically installed from the Dockerfile if the image isn't based on the fedora-toolbox image. @@ -51,28 +68,31 @@ if the image isn't based on the fedora-toolbox image. %package experience Summary: Set of packages to enhance the %{name} experience +Requires: %{name}-support = %{version}-%{release} Requires: bash-completion Requires: bzip2 Requires: diffutils Requires: dnf-plugins-core Requires: findutils -Requires: flatpak-xdg-utils +Requires: flatpak-spawn Requires: fpaste Requires: git Requires: gnupg Requires: gnupg2-smime +Requires: gvfs-client Requires: hostname Requires: iputils Requires: jwhois Requires: keyutils +Requires: krb5-libs Requires: less Requires: lsof Requires: man-db Requires: man-pages Requires: mlocate Requires: mtr +Requires: nss-mdns Requires: openssh-clients -Requires: PackageKit-command-not-found Requires: pigz Requires: procps-ng Requires: rsync @@ -85,6 +105,7 @@ Requires: unzip Requires: wget Requires: which Requires: words +Requires: xorg-x11-xauth Requires: xz Requires: zip @@ -97,11 +118,36 @@ The %{name}-experience package should be typically installed from the Dockerfile if the image isn't based on the fedora-toolbox image. +%package tests +Summary: Tests for %{name} + +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: bats + +%description tests +The %{name}-tests package contains system tests for %{name}. + + %prep -%autosetup +%setup -q +%patch100 -p1 + +%ifnarch ppc64 +%patch101 -p1 +%else +%patch102 -p1 +%endif + +%patch103 -p1 +%gomkdir %build +export GO111MODULE=off +export GOPATH=%{gobuilddir}:%{gopath} +export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" +ln -s src/cmd cmd +ln -s src/pkg pkg %meson --buildtype=plain -Dprofile_dir=%{_sysconfdir}/profile.d %meson_build @@ -115,21 +161,61 @@ Dockerfile if the image isn't based on the fedora-toolbox image. %files -%doc NEWS README.md +%doc CODE-OF-CONDUCT.md NEWS README.md SECURITY.md %license COPYING %{_bindir}/%{name} %{_datadir}/bash-completion %{_mandir}/man1/%{name}.1* %{_mandir}/man1/%{name}-*.1* -%{_sysconfdir}/profile.d/toolbox.sh +%{_sysconfdir}/profile.d/%{name}.sh %{_tmpfilesdir}/%{name}.conf %files support %files experience +%files tests +%{_datadir}/%{name} + %changelog +* Wed Mar 10 2021 Alejandro Sáez - 0.0.99.1-1 +- Update to 0.0.99.1 + +* Tue Jan 05 2021 Debarshi Ray - 0.0.98-1 +- Update to 0.0.98 + +* Tue Nov 03 2020 Debarshi Ray - 0.0.97-1 +- Update to 0.0.97 + +* Thu Oct 01 2020 Debarshi Ray - 0.0.96-1 +- Update to 0.0.96 + +* Sun Aug 30 2020 Debarshi Ray - 0.0.95-1 +- Update to 0.0.95 + +* Wed Aug 26 2020 Debarshi Ray - 0.0.94-1 +- Update to 0.0.94 + +* Sat Jul 25 2020 Debarshi Ray - 0.0.93-1 +- Update to 0.0.93 + +* Fri Jul 03 2020 Debarshi Ray - 0.0.92-1 +- Update to 0.0.92 + +* Fri Jul 03 2020 Debarshi Ray - 0.0.91-2 +- Fix the 'toolbox --version' output + +* Fri Jul 03 2020 Harry Míchal - 0.0.91-1 +- Update to 0.0.91 + +* Fri Jul 03 2020 Debarshi Ray - 0.0.18-4 +- Remove ExclusiveArch to match Podman + +* Wed Jun 10 2020 Debarshi Ray - 0.0.18-3 +- Sync the "experience" packages with the current Dockerfile +- Make "experience" Require "support" + * Fri Jan 31 2020 Fedora Release Engineering - 0.0.18-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild