Update to 0.3

... and update the BuildRequires on golang to reflect reality. https://src.fedoraproject.org/rpms/toolbox/pull-request/41
tests: Don't needlessly preserve environment variables in su(1) sessions
2025-09-18 12:31:18 +02:00 · 2025-09-18 02:35:48 +02:00 · 2025-08-10 00:04:02 +02:00 · 2025-06-17 11:00:48 +02:00 · 2025-06-17 00:38:09 +02:00 · 2025-06-17 00:37:46 +02:00
2 changed files with 9 additions and 36 deletions
--- a/tests/main.fmf
+++ b/tests/main.fmf
@ -9,4 +9,4 @@ require:
    test: |
        rpm --erase p11-kit-server
        bash ./rootless-test.sh
-    duration: 4h
+    duration: 3h 30m
--- a/toolbox.spec
+++ b/toolbox.spec
@ -1,14 +1,5 @@
 %global __brp_check_rpaths %{nil}

-%if 0%{?rhel}
-%if 0%{?rhel} <= 9
-%{!?bash_completions_dir: %global bash_completions_dir %{_datadir}/bash-completion/completions}
-%{!?fish_completions_dir: %global fish_completions_dir %{_datadir}/fish/vendor_completions.d}
-%{!?zsh_completions_dir: %global zsh_completions_dir %{_datadir}/zsh/site-functions}
-%endif
-%endif
-
-
 Name:          toolbox
 Version:       0.3

@ -42,7 +33,7 @@ Version:       0.3
 %endif
 %endif

-Release:       2%{?dist}
+Release:       1%{?dist}
 Summary:       Tool for interactive command line environments on Linux

 License:       Apache-2.0
@ -65,7 +56,7 @@ BuildRequires: go-md2man
 BuildRequires: golang >= %{toolbx_go}
 BuildRequires: meson >= 0.58.0
 BuildRequires: pkgconfig(bash-completion)
-BuildRequires: shadow-utils-subid-devel >= 4.16.0
+BuildRequires: shadow-utils-subid-devel
 BuildRequires: systemd
 BuildRequires: systemd-rpm-macros
 %if ! 0%{?rhel}
@ -84,7 +75,7 @@ Recommends:    fuse-overlayfs
 Requires:      containers-common
 Requires:      flatpak-session-helper
 Requires:      podman >= 1.6.4
-Requires:      shadow-utils-subid%{?_isa} >= 4.16.0
+Requires:      shadow-utils-subid%{?_isa}


 %description
@ -151,14 +142,14 @@ export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_

 %meson \
 %if 0%{?rhel}
-    -Dfish_completions_dir=%{fish_completions_dir} \
+    -Dfish_completions_dir=%{_datadir}/fish/vendor_completions.d \
 %if 0%{?rhel} <= 9
    -Dmigration_path_for_coreos_toolbox=true \
 %endif
 %endif
    -Dprofile_dir=%{_sysconfdir}/profile.d \
    -Dtmpfiles_dir=%{_tmpfilesdir} \
-    -Dzsh_completions_dir=%{zsh_completions_dir}
+    -Dzsh_completions_dir=%{_datadir}/zsh/site-functions

 %meson_build

@ -181,15 +172,15 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf
 %doc CODE-OF-CONDUCT.md CONTRIBUTING.md GOALS.md NEWS README.md SECURITY.md
 %license COPYING src/vendor/modules.txt
 %{_bindir}/%{name}
+%{_datadir}/bash-completion
+%{_datadir}/fish
+%{_datadir}/zsh
 %{_mandir}/man1/%{name}.1*
 %{_mandir}/man1/%{name}-*.1*
 %{_mandir}/man5/%{name}.conf.5*
 %config(noreplace) %{_sysconfdir}/containers/%{name}.conf
 %{_sysconfdir}/profile.d/%{name}.sh
 %{_tmpfilesdir}/%{name}.conf
-%{bash_completions_dir}/%{name}.bash
-%{fish_completions_dir}/%{name}.fish
-%{zsh_completions_dir}/_%{name}


 %files tests
@ -197,31 +188,16 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf


 %changelog
-* Fri Oct 10 2025 Alejandro Sáez <asm@redhat.com> - 0.3-2
- rebuild
-
 * Wed Sep 17 2025 Debarshi Ray <rishi@fedoraproject.org> - 0.3-1
 - Update to 0.3

-* Fri Aug 15 2025 Maxwell G <maxwell@gtmx.me> - 0.2-2
- Rebuild for golang-1.25.0
-
 * Sat Aug 09 2025 Debarshi Ray <rishi@fedoraproject.org> - 0.2-1
 - Update to 0.2
 - Fix CVE-2025-23266, CVE-2025-23267, and GHSA-fv92-fjc5-jj9h or GO-2025-3787

-* Fri Jul 25 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
-
 * Tue Jun 03 2025 Debarshi Ray <rishi@fedoraproject.org> - 0.1.2-1
 - Update to 0.1.2

-* Wed Jan 22 2025 Debarshi Ray <rishi@fedoraproject.org> - 0.1.1-3
- Use RPM macros for shell completions and clean up directory ownership
-
-* Sun Jan 19 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
-
 * Mon Nov 04 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.1.1-1
 - Update to 0.1.1

@ -246,9 +222,6 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf
 * Mon Sep 30 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.6-1
 - Update to 0.0.99.6

-* Thu Sep 12 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-18
- Rebuild against shadow-utils-subid ABI version 5.0.0
-
 * Thu Aug 08 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-17
 - Ensure slirp4netns(1) is installed
Author	SHA1	Message	Date
Debarshi Ray	719380ed4d	Update to 0.3 ... and update the BuildRequires on golang to reflect reality. https://src.fedoraproject.org/rpms/toolbox/pull-request/41	2025-09-18 12:31:18 +02:00
Debarshi Ray	3942e81854	tests: Don't needlessly preserve environment variables in su(1) sessions The TMT namespaced environment variables are not referenced anywhere else and were recently removed from Podman too [1]. It's confusing to have a long list of variables, which are either unused or don't need to be explicitly preserved within the child session started by su(1). ROOTLESS_USER is used when invoking su(1) and there's no need for it within the child session started by su(1). [1] Fedora podman commit b972298be7d228f4 https://src.fedoraproject.org/rpms/podman/c/b972298be7d228f4 https://src.fedoraproject.org/rpms/toolbox/pull-request/38	2025-09-18 02:35:48 +02:00
Debarshi Ray	bc7014d3ba	Update to 0.2 ... and fix CVE-2025-23266, CVE-2025-23267, and GHSA-fv92-fjc5-jj9h or GO-2025-3787. The following rpmlint warning was silenced: toolbox.spec: W: no-%check-section The timeout for the CI was increased to prevent it from timing out. The upstream CI runs the test suite in three parallel batches, with each batch having a timeout of 1 hour 45 minutes. The downstream CI doesn't run parallelly, so a timeout of 3 hours 30 minutes was chosen. https://bugzilla.redhat.com/show_bug.cgi?id=2375617 https://bugzilla.redhat.com/show_bug.cgi?id=2382219 https://src.fedoraproject.org/rpms/toolbox/pull-request/35	2025-08-10 00:04:02 +02:00
Lokesh Mandvekar	49cd4a51c0	TMT: Prevent Bats from hanging when tearing down the test suite The CI needs to be run without 'p11-kit server' because the lingering singleton process causes Bats to hang when tearing down the suite of system tests [1]. To terminate the 'p11-kit server' instance run by the system tests, it needs to be distinguishable from the instance run by 'normal' use of Toolbx by the user. One way to do this is to isolate the host operating system's XDG_RUNTIME_DIR from the system tests. Unfortunately, this is easier said than done [2]. So, this workaround has to suffice until the problem is solved. With the recent expansion of the test suite, it's necessary to increase the timeout to prevent the CI from timing out. [1] https://bats-core.readthedocs.io/en/stable/writing-tests.html [2] https://github.com/containers/toolbox/pull/1652 https://src.fedoraproject.org/rpms/toolbox/pull-request/32	2025-06-17 11:00:48 +02:00
Debarshi Ray	387412f9be	Unify the build with RHEL There's no need to do a build just for this.	2025-06-17 00:38:09 +02:00
Debarshi Ray	e8ff5bd60f	Revert "Don't 'Requires: flatpak-session-helper' on RHEL" The org.freedesktop.Flatpak D-Bus service provided by the flatpak-session-helper RPM is not just needed to use containers created by Toolbx < 0.0.97 [1,2]. It's needed on the host when toolbox(1) invocations inside a container are forwarded to the host with 'flatpak-spawn --host ...'. This has been true since Toolbx >= 0.0.6 [3], and, hence, flatpak-session-helper is needed on RHEL. There's no need to do a build just for this. This reverts commit `a8b4975b5c`. [1] Upstream commit 82c32bea742621a3 `82c32bea74` https://github.com/containers/toolbox/pull/591 https://github.com/containers/toolbox/issues/267 [2] Upstream commit 71b5c8c0a235249b `71b5c8c0a2` https://github.com/containers/toolbox/pull/591 https://github.com/containers/toolbox/issues/267 [3] Upstream commit 5b3d234c9e9ef45f `5b3d234c9e` https://github.com/containers/toolbox/pull/54	2025-06-17 00:37:46 +02:00
Debarshi Ray	c440145207	Update the BuildRequires on golang for Fedora and ELN to reflect reality There's no need to do a build just for this.	2025-06-16 16:36:38 +02:00
Debarshi Ray	24ab0153fe	Update the baseline BuildRequires on golang ... to match what Toolbx 0.1.2 actually needs [1]. There's no need to do a build just for this. Fallout from `a3506a3263` [1] Upstream commit 82e85bac9f5e69a5 `82e85bac9f` https://github.com/containers/toolbox/pull/1614	2025-06-16 16:36:38 +02:00
Debarshi Ray	f2bdceea8a	Update to 0.1.2 Switch to vendored dependencies on Fedora because the package for github.com/spf13/viper (ie., golang-github-spf13-viper) currently has broken dependencies because a number of Go packages were recently orphaned and retired. Hopefully, this is aligned with the direction the Go ecosystem in Fedora is taking [1], and won't lead to too many problems. This further unifies Fedora with RHEL, which was already using vendored dependencies. Now that all the Go dependencies are in the src/vendor directory, there's no need to mess around with the GO111MODULE (ie., gomodulesmode) and GOPATH environment variables. Those were probably already not needed on RHEL. [1] https://fedoraproject.org/wiki/Changes/GolangPackagesVendoredByDefault https://bugzilla.redhat.com/show_bug.cgi?id=2370151	2025-06-04 13:10:46 +02:00
Lokesh Mandvekar	f2a3e940b4	TMT: Initial enablement This PR will enable test runs using TMT. These tests can be maintained here for starters and fetched and reused in the podman rpm for toolbox tests on bodhi updates. https://src.fedoraproject.org/rpms/toolbox/pull-request/24 (cherry picked from commit `0cbcff3ba4`)	2025-01-31 18:32:45 +05:30
Debarshi Ray	bfb19be914	Update to 0.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=2323150	2024-11-05 14:46:37 +01:00
Debarshi Ray	2a7e0f301d	Update to 0.1.0 ... and update the BuildRequires on golang to reflect reality.	2024-10-24 00:15:40 +02:00
Debarshi Ray	9a86a1837e	Recommend fuse-overlayfs because old containers created with it need it ... and: * containers-common removed fuse-overlayfs as even a weak dependency [1] * there are still several such containers out there in the wild [2,3] This should be removed once Toolbx can detect the situation and offer users a migration path. [1] Fedora containers-common commit 447945e59a01cb67 https://src.fedoraproject.org/rpms/containers-common/c/447945e59a01cb67 [2] https://discussion.fedoraproject.org/t/rpm-ostree-update-breaks-toolbox-fedora-40 [3] https://github.com/containers/toolbox/issues/1512 https://bugzilla.redhat.com/show_bug.cgi?id=2319121	2024-10-16 12:49:23 +02:00
Yaakov Selkowitz	d08d29ee9d	Fix ELN build Otherwise, it fails with: Processing files: toolbox-debugsource-0.0.99.6-5.eln143.x86_64 RPM build errors: error: Empty %files file /builddir/build/BUILD/toolbox-0.0.99.6-build/toolbox-0.0.99.6/debugsourcefiles.list Empty %files file /builddir/build/BUILD/toolbox-0.0.99.6-build/toolbox-0.0.99.6/debugsourcefiles.list Child return code was: 1 https://src.fedoraproject.org/rpms/toolbox/pull-request/23	2024-10-16 12:49:13 +02:00
Debarshi Ray	b9e12bbe4a	Don't use slirp4netns(1) in tests to work around bug in pasta(1)	2024-10-08 16:45:00 +02:00
Debarshi Ray	188cdfed42	Unify the build with RHEL There's no need to do a build just for this.	2024-10-08 16:44:45 +02:00
Debarshi Ray	241b82ea50	Unify the build with RHEL There's no need to do a build just for this.	2024-10-08 16:44:20 +02:00
Debarshi Ray	1f5bf73a65	Unify the build with RHEL 9 There's no need to do a build just for this.	2024-10-08 16:41:31 +02:00
Debarshi Ray	1bdcd7fe0f	Add 'Requires: shadow-utils-subid%{?_isa}' The runtime dependency on shadow-utils-subid should have already been part of commit `95d6ea8689` to ensure that Toolbx >= 0.0.99.4 would be able to dlopen(3) the library. It only worked in practice because the podman RPM also required it. There's no need to do a build just for this.	2024-10-08 16:37:32 +02:00
Debarshi Ray	3db4613dd3	Use the fedora-toolbox:40 image for Fedora Asahi Remix hosts https://bugzilla.redhat.com/show_bug.cgi?id=2316312	2024-10-08 16:33:02 +02:00
Debarshi Ray	717213db41	Unbreak the downstream Fedora CI Fallout from `201afeb253`	2024-10-08 16:32:21 +02:00
Debarshi Ray	43d1189d6e	Silence 'rpminspect --tests=elf' With Toolbx 0.0.99.6, 'rpminspect --tests=elf', run by the Fedora CI, fails with: /usr/bin/toolbox lost full GNU_RELRO security protection This is because from version 0.0.99.6 onwards, toolbox(1) is only built with the '-z relro' linker flag, but not '-z now' [1]. Fallout from `201afeb253` [1] Upstream commit 83f28c52e47c2d44 `83f28c52e4` https://github.com/containers/toolbox/pull/1548	2024-10-08 16:30:27 +02:00
Debarshi Ray	201afeb253	Update to 0.0.99.6 Start using the golang-ipath(...) virtual Provides for BuildRequires because they use the top-level import paths and are closer to what is listed in the upstream go.mod. The golang(...) virtual Provides mention each individual Go package within a Go module, and bigger modules can have several packages in them. It is noisy and tedious to keep up with the list of packages that are currently in use, by looking at all the Go source files, and then to list them as BuildRequires. Update the compiler and linker flags for Fedora by incorporating some of the changes to the distribution's defaults up to Fedora 39, which is the oldest supported Fedora. Switch to using the GO_BUILDTAGS and GO_LDFLAGS environment variables, because their unprefixed counterparts have been deprecated [1], and start annotating the toolbox(1) binary with an ELF note that identifies the RPM for which it was built [2]. However, the change to use the RPM's %{name}, %{version}, %{release} and the SOURCE_DATE_EPOCH environment variable [3], instead of /dev/urandom, to generate the build ID annotation for the toolbox(1) binary [4] was left out. It will need more work to propagate the RPM's %{name}, %{version} and %{release} to Meson. Stop carrying the downstream patch for the compiler and linker flags for PPC64. The architecture was already discontinued from Fedora 29 [5], even before the patch was added [6]. It was added purely for the sake of completeness, and in the last four years since it was introduced, it hasn't been tested or used. At this point it's becoming too much of a maintenance burden, and removing it silences the %ifarch-applied-patch warning from rpmlint. Fill in some of the missing Requires for the toolbox-tests sub-package. [1] go-rpm-macros commit bc7e5cc55c4709e8 https://pagure.io/go-rpm-macros/c/bc7e5cc55c4709e8 [2] Fedora redhat-rpm-config commit 57edf0cad7b089ed https://src.fedoraproject.org/rpms/redhat-rpm-config/c/57edf0cad7b089ed https://fedoraproject.org/wiki/Changes/Package_information_on_ELF_objects [3] https://reproducible-builds.org/docs/source-date-epoch/ [4] go-rpm-macros commit 1980932bf3a21890 https://pagure.io/go-rpm-macros/c/1980932bf3a21890 https://fedoraproject.org/wiki/Changes/ReproduciblePackageBuilds [5] https://fedoraproject.org/wiki/Changes/DiscontinuePPC64 [6] Commit `ba60453d21` https://src.fedoraproject.org/rpms/toolbox/pull-request/22	2024-09-30 15:56:57 +02:00