diff --git a/0001-libcgroup-0.37-chmod.patch b/0001-libcgroup-0.37-chmod.patch new file mode 100644 index 0000000000000000000000000000000000000000..a180dea5b8d14547ee724e9088e439acdb8d5545 --- /dev/null +++ b/0001-libcgroup-0.37-chmod.patch @@ -0,0 +1,32 @@ +diff --git a/src/api.c b/src/api.c +index f8c5acd..3f7d831 100644 +--- a/src/api.c ++++ b/src/api.c +@@ -52,6 +52,10 @@ const struct cgroup_library_version library_version = { + .release = CGROUP_VER_RELEASE, + }; + ++int cg_chmod_file(FTS *fts, FTSENT *ent, mode_t dir_mode, ++ int dirm_change, mode_t file_mode, int filem_change, ++ int owner_is_umask); ++ + /* + * The errno which happend the last time (have to be thread specific) + */ +@@ -184,6 +188,8 @@ static int cg_chown_recursive(char **path, uid_t owner, gid_t group) + { + int ret = 0; + FTS *fts; ++ /* mode 664 */ ++ mode_t mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH; + + cgroup_dbg("chown: path is %s\n", *path); + fts = fts_open(path, FTS_PHYSICAL | FTS_NOCHDIR | FTS_NOSTAT, NULL); +@@ -201,6 +207,7 @@ static int cg_chown_recursive(char **path, uid_t owner, gid_t group) + cgroup_warn("fts_read failed\n"); + break; + } ++ cg_chmod_file(fts, ent, mode, 0, mode, 1, 1); + ret = cg_chown_file(fts, ent, owner, group); + } + fts_close(fts); diff --git a/0002-libcgroup-0.40.rc1-coverity.patch b/0002-libcgroup-0.40.rc1-coverity.patch new file mode 100644 index 0000000000000000000000000000000000000000..b4e8f646d09684c8d54febc0cd3d11259e1653c6 --- /dev/null +++ b/0002-libcgroup-0.40.rc1-coverity.patch @@ -0,0 +1,13 @@ +diff --git a/src/daemon/cgrulesengd.c b/src/daemon/cgrulesengd.c +index 7c51412..d95f6a5 100644 +--- a/src/daemon/cgrulesengd.c ++++ b/src/daemon/cgrulesengd.c +@@ -652,7 +652,7 @@ close: + + static int cgre_create_netlink_socket_process_msg(void) + { +- int sk_nl = 0, sk_unix = 0, sk_max; ++ int sk_nl = -1, sk_unix = -1, sk_max; + enum proc_cn_mcast_op *mcop_msg; + struct sockaddr_nl my_nla; + struct sockaddr_un saddr; diff --git a/0003-libcgroup-0.40.rc1-fread.patch b/0003-libcgroup-0.40.rc1-fread.patch new file mode 100644 index 0000000000000000000000000000000000000000..b4931a639c3c68818b47bb3fd5e8865e94267318 --- /dev/null +++ b/0003-libcgroup-0.40.rc1-fread.patch @@ -0,0 +1,47 @@ +diff --git a/src/api.c b/src/api.c +index 3f7d831..1e4f021 100644 +--- a/src/api.c ++++ b/src/api.c +@@ -3227,26 +3227,26 @@ int cgroup_delete_cgroup_ext(struct cgroup *cgroup, int flags) + static int cg_rd_ctrl_file(const char *subsys, const char *cgroup, const char *file, char **value) + { + char path[FILENAME_MAX]; +- FILE *ctrl_file = NULL; +- int ret; ++ int ctrl_file = -1; ++ ssize_t ret; + + if (!cg_build_path_locked(cgroup, path, subsys)) + return ECGFAIL; + + strncat(path, file, sizeof(path) - strlen(path)); +- ctrl_file = fopen(path, "re"); +- if (!ctrl_file) ++ ctrl_file = open(path, O_RDONLY | O_CLOEXEC); ++ if (ctrl_file < 0) + return ECGROUPVALUENOTEXIST; + + *value = calloc(CG_CONTROL_VALUE_MAX, 1); + if (!*value) { +- fclose(ctrl_file); ++ close(ctrl_file); + last_errno = errno; + return ECGOTHER; + } + +- /* Using %as crashes when we try to read from files like memory.stat */ +- ret = fread(*value, 1, CG_CONTROL_VALUE_MAX-1, ctrl_file); ++ /* Using %as or fread crashes when we try to read from files like memory.stat */ ++ ret = read(ctrl_file, *value, CG_CONTROL_VALUE_MAX-1); + if (ret < 0) { + free(*value); + *value = NULL; +@@ -3256,7 +3256,7 @@ static int cg_rd_ctrl_file(const char *subsys, const char *cgroup, const char *f + (*value)[ret-1] = '\0'; + } + +- fclose(ctrl_file); ++ close(ctrl_file); + + return 0; + } diff --git a/0004-libcgroup-0.40.rc1-templates-fix.patch b/0004-libcgroup-0.40.rc1-templates-fix.patch new file mode 100644 index 0000000000000000000000000000000000000000..1b785a8461d0d249ee9b02e891215d440364e0fc --- /dev/null +++ b/0004-libcgroup-0.40.rc1-templates-fix.patch @@ -0,0 +1,16 @@ +diff --git a/src/api.c b/src/api.c +index 1e4f021..33e99b6 100644 +--- a/src/api.c ++++ b/src/api.c +@@ -4177,9 +4177,9 @@ int cgroup_change_cgroup_flags(uid_t uid, gid_t gid, const char *procname, pid_t + written = snprintf(newdest + j, available, "%d", pid); + break; + case 'p': +- if (procname) { ++ if(procname && strlen(basename(procname))) { + written = snprintf(newdest + j, available, "%s", +- procname); ++ basename(procname)); + } else { + written = snprintf(newdest + j, available, "%d", + pid); diff --git a/1001-libcgroup-tests-unbundle-gtest.patch b/1001-libcgroup-tests-unbundle-gtest.patch new file mode 100644 index 0000000000000000000000000000000000000000..826a6e6b7930f9e9898309706342ded28f96f0bc --- /dev/null +++ b/1001-libcgroup-tests-unbundle-gtest.patch @@ -0,0 +1,35 @@ +diff --git a/tests/gunit/Makefile.am b/tests/gunit/Makefile.am +index ba91039..e2b88e3 100644 +--- a/tests/gunit/Makefile.am ++++ b/tests/gunit/Makefile.am +@@ -9,8 +9,6 @@ + AM_CPPFLAGS = -I$(top_srcdir)/include \ + -I$(top_srcdir)/src \ + -I$(top_srcdir)/src/tools \ +- -I$(top_srcdir)/googletest/googletest/include \ +- -I$(top_srcdir)/googletest/googletest \ + -std=c++11 \ + -Wno-write-strings \ + -DSTATIC= \ +@@ -18,10 +16,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ + LDADD = $(top_builddir)/src/.libs/libcgroupfortesting.la \ + $(top_builddir)/src/tools/.libs/libcgset.la + +-EXTRA_DIST = $(top_srcdir)/googletest/googletest/libgtest.so \ +- $(top_srcdir)/googletest/googletest/libgtest_main.so \ +- $(top_srcdir)/googletest/googletest/include \ +- libcgroup_unittest.map ++EXTRA_DIST = libcgroup_unittest.map + + check_PROGRAMS = gtest + TESTS = gtest +@@ -43,8 +38,7 @@ gtest_SOURCES = gtest.cpp \ + 014-cgroupv2_get_subtree_control.cpp \ + 015-cgroupv2_controller_enabled.cpp \ + 016-cgset_parse_r_flag.cpp +-gtest_LDFLAGS = -L$(top_srcdir)/googletest/googletest -l:libgtest.so \ +- -rpath $(abs_top_srcdir)/googletest/googletest ++gtest_LDFLAGS = -l:libgtest.so + + clean-local: + ${RM} test-procpidcgroup diff --git a/libcgroup-2.0.tar.bz2 b/libcgroup-2.0.tar.bz2 deleted file mode 100644 index ba2ed8065f7d5b2102e7da21a08ab98e15c702f3..0000000000000000000000000000000000000000 Binary files a/libcgroup-2.0.tar.bz2 and /dev/null differ diff --git a/libcgroup-3.0.0.tar.gz b/libcgroup-3.0.0.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bbcca5b3bfe677a731005c5195cad41bdea3741d Binary files /dev/null and b/libcgroup-3.0.0.tar.gz differ diff --git a/libcgroup.spec b/libcgroup.spec index fb4aa564f8851f1379df924c2d6967f882037887..ca284898fb113794fcee1d5410c76bd68fc6532a 100644 --- a/libcgroup.spec +++ b/libcgroup.spec @@ -1,14 +1,24 @@ +%define anolis_release 1 +%bcond_with tests + Name: libcgroup -Version: 2.0 -Release: 1%{?dist} +Version: 3.0.0 +Release: %{anolis_release}%{?dist} Summary: iLibrary to control and monitor control groups - License: LGPLv2+ URL: http://libcg.sourceforge.net/ -Source0: https://github.com/%{name}/%{name}/archive/v%{version}/%{name}-%{version}.tar.bz2 +Source0: https://github.com/%{name}/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz Source1: cgconfig.service -BuildRequires: autoconf automake libtool gcc gcc-c++ make byacc coreutils flex pam-devel systemd-units +Patch0001: 0001-libcgroup-0.37-chmod.patch +Patch0002: 0002-libcgroup-0.40.rc1-coverity.patch +Patch0003: 0003-libcgroup-0.40.rc1-fread.patch +Patch0004: 0004-libcgroup-0.40.rc1-templates-fix.patch +PATCH1001: 1001-libcgroup-tests-unbundle-gtest.patch + +BuildRequires: make gcc-c++ gcc libtool automake autoconf gcc +BuildRequires: gtest-devel pam-devel +BuildRequires: systemd-units byacc coreutils flex Requires(pre): shadow-utils Requires(post): systemd Requires(preun): systemd @@ -18,10 +28,19 @@ Requires(postun): systemd Control groups infrastructure. The library helps manipulate, control, administrate and monitor control groups and the associated controllers. +%package devel +Summary: Development libraries to develop applications that utilize control groups +Requires: %{name} = %{version}-%{release} + +%description devel +It provides API to create/delete and modify cgroup nodes. It will also in the +future allow creation of persistent configuration for control groups and +provide scripts to manage that configuration. + %package tools Summary: Command-line utility programs, services and daemons for libcgroup -Requires: %{name}%{?_isa} = %{version}-%{release} -Requires: systemd +Requires: %{name} = %{version}-%{release} +Requires: systemd >= 217-0.2 %description tools This package contains command-line programs, services and a daemon for @@ -29,53 +48,55 @@ manipulating control groups using the libcgroup library. %package pam Summary: A Pluggable Authentication Module for libcgroup -Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name} = %{version}-%{release} %description pam Linux-PAM module, which allows administrators to classify the user's login processes to pre-configured control group. -%package devel -Summary: Development libraries to develop applications that utilize control groups -Requires: %{name}%{?_isa} = %{version}-%{release} - -%description devel -It provides API to create/delete and modify cgroup nodes. It will also in the -future allow creation of persistent configuration for control groups and -provide scripts to manage that configuration. +%package doc +Summary: Documentation files for %{name} +Requires: %{name} = %{version}-%{release} +BuildArch: noarch +%description doc +The %{name}-doc package contains documentation files for %{name}. %prep -%autosetup - +%autosetup -p1 -n %{name}-%{version} %build autoreconf -vif %configure --enable-pam-module-dir=%{_libdir}/security \ --enable-opaque-hierarchy="name=systemd" \ --disable-daemon - %make_build %install -rm -rf $RPM_BUILD_ROOT %make_install -install -d ${RPM_BUILD_ROOT}%{_sysconfdir} -install -m 644 samples/cgconfig.conf $RPM_BUILD_ROOT/%{_sysconfdir}/cgconfig.conf -install -m 644 samples/cgsnapshot_blacklist.conf $RPM_BUILD_ROOT/%{_sysconfdir}/cgsnapshot_blacklist.conf +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir} +install -m 0644 -p samples/config/cgsnapshot_blacklist.conf $RPM_BUILD_ROOT/%{_sysconfdir}/cgsnapshot_blacklist.conf +install -m 0644 -p samples/config/cgconfig.conf $RPM_BUILD_ROOT/%{_sysconfdir}/cgconfig.conf -mv -f $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.so.*.*.* $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.so -rm -f $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.{,l}a $RPM_BUILD_ROOT/%{_libdir}/security/pam_cgroup.so.* -rm -f $RPM_BUILD_ROOT/%{_libdir}/*.{,l}a +rm -f $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.{,l}a rm -f $RPM_BUILD_ROOT/%{_libdir}/libcgroupfortesting.* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man5/cgred.conf.5* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man5/cgrules.conf.5* +rm -f $RPM_BUILD_ROOT/%{_libdir}/*.{,l}a + rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/cgrulesengd.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man5/cgrules.conf.5* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man5/cgred.conf.5* -install -d ${RPM_BUILD_ROOT}%{_unitdir} -install -m 644 %SOURCE1 ${RPM_BUILD_ROOT}%{_unitdir}/ -install -d ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig +mkdir -p ${RPM_BUILD_ROOT}%{_unitdir} +install -m 0644 -p %SOURCE1 ${RPM_BUILD_ROOT}%{_unitdir}/ + +%generate_compatibility_deps + +%check +%if %{with tests} +make -C tests/gunit check +%endif %post tools %systemd_post cgconfig.service @@ -93,42 +114,67 @@ install -d ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig /bin/systemctl try-restart cgconfig.service >/dev/null 2>&1 || : %files +%dir %{abidir} %{!?_licensedir:%global license %%doc} %license COPYING -%doc README -%{_libdir}/libcgroup.so.1* -%{_libdir}/libcgset.so.0* +%{_libdir}/libcgroup.so.3* +%{abidir}/libcgroup.dump %files tools %{!?_licensedir:%global license %%doc} %license COPYING -%doc README README_systemd -%config(noreplace) %{_sysconfdir}/cgconfig.conf %config(noreplace) %{_sysconfdir}/cgsnapshot_blacklist.conf -%{_bindir}/* -%{_sbindir}/* +%config(noreplace) %{_sysconfdir}/cgconfig.conf +%{_bindir}/cgcreate +%{abidir}/cgcreate-option.list +%{_bindir}/cgset +%{abidir}/cgset-option.list +%{_bindir}/cgget +%{abidir}/cgget-option.list +%{_bindir}/cgxset +%{abidir}/cgxset-option.list +%{_bindir}/cgxget +%{abidir}/cgxget-option.list +%{_bindir}/cgdelete +%{abidir}/cgdelete-option.list +%{_bindir}/lssubsys +%{abidir}/lssubsys-option.list +%{_bindir}/lscgroup +%{abidir}/lscgroup-option.list +%{_bindir}/cgsnapshot +%{abidir}/cgsnapshot-option.list +%{_sbindir}/cgconfigparser +%{abidir}/cgconfigparser-option.list +%{_bindir}/cgclassify +%{abidir}/cgclassify-option.list %attr(0755, root, root) %{_bindir}/cgexec -%attr(0644, root, root) %{_mandir}/man1/* -%attr(0644, root, root) %{_mandir}/man5/* -%attr(0644, root, root) %{_mandir}/man8/* +%{abidir}/cgexec-option.list %{_unitdir}/cgconfig.service +%attr(0644, root, root) %{_mandir}/man8/* +%attr(0644, root, root) %{_mandir}/man5/* +%attr(0644, root, root) %{_mandir}/man1/* %files pam %{!?_licensedir:%global license %%doc} %license COPYING -%doc README %attr(0755,root,root) %{_libdir}/security/pam_cgroup.so +%{abidir}/pam_cgroup.dump %files devel %{!?_licensedir:%global license %%doc} %license COPYING -%doc README -%{_includedir}/libcgroup.h -%{_includedir}/libcgroup/*.h -%{_libdir}/libcgroup.so -%{_libdir}/libcgset.so %{_libdir}/pkgconfig/libcgroup.pc +%{_libdir}/libcgroup.so + +%{_includedir}/libcgroup/*.h +%{_includedir}/libcgroup.h + +%files doc +%doc README README_systemd %changelog +* Wed Apr 12 2023 Guyu Wang - 3.0.0-1 +- Update to 3.0.0 + * Tue Mar 8 2022 forrest_ly - 2.0-1 - Init for Anolis OS 23