diff --git a/rpm-4.17.0.tar.bz2 b/rpm-4.17.0.tar.bz2 new file mode 100644 index 0000000000000000000000000000000000000000..0aecf44db7f8691a253e8d2e05023c24d99bf304 Binary files /dev/null and b/rpm-4.17.0.tar.bz2 differ diff --git a/rpm-4.17.x-rpm_dbpath.patch b/rpm-4.17.x-rpm_dbpath.patch new file mode 100644 index 0000000000000000000000000000000000000000..b1dff4d49f8ef7f5aea1e18dbf90e2663cc89330 --- /dev/null +++ b/rpm-4.17.x-rpm_dbpath.patch @@ -0,0 +1,12 @@ +diff '--color=auto' -rup rpm-4.17.0-orig/macros.in rpm-4.17.0/macros.in +--- rpm-4.17.0-orig/macros.in 2021-08-20 04:44:56.264259007 -0400 ++++ rpm-4.17.0/macros.in 2022-01-26 20:11:26.864195884 -0500 +@@ -140,7 +140,7 @@ + %_buildshell /bin/sh + + # The location of the rpm database file(s). +-%_dbpath %{_var}/lib/rpm ++%_dbpath %{_usr}/lib/sysimage/rpm + + # The location of the rpm database file(s) after "rpm --rebuilddb". + %_dbpath_rebuild %{_dbpath} diff --git a/rpm.spec b/rpm.spec new file mode 100644 index 0000000000000000000000000000000000000000..0cccf1efd2eae9a4693182b8c3d9f4fa481547b5 --- /dev/null +++ b/rpm.spec @@ -0,0 +1,584 @@ +%define anolis_release 1 +# run internal testsuite? +# fakechroot is severely broken, disable it +%bcond_with check + +# build against xz? +%bcond_without xz +# build with plugins? +%bcond_without plugins +# build with libarchive? (needed for rpm2archive) +%bcond_without libarchive +# build with libimaevm.so +%bcond_without libimaevm +# build with fsverity support? +%bcond_without fsverity +# build with zstd support? +%bcond_without zstd +# build with ndb backend? +%bcond_without ndb +# build with sqlite support? +%bcond_without sqlite +# build with bdb_ro support? +%bcond_without bdb_ro + +%define rpmhome /usr/lib/rpm + +%global rpmver 4.17.0 +%global sover 9 + +%global srcver %{rpmver} +%global srcdir rpm-%(echo %{rpmver} | cut -d'.' -f1-2).x + +Summary: The RPM package management system +Name: rpm +Version: %{rpmver} +Release: %{anolis_release}%{?dist} +Url: http://www.rpm.org/ +Source0: http://ftp.rpm.org/releases/%{srcdir}/rpm-%{srcver}.tar.bz2 + +Source10: rpmdb-rebuild.service + +Source20: rpmdb-migrate.service +Source21: rpmdb_migrate + +Patch0: rpm-4.17.x-rpm_dbpath.patch + +# Partially GPL/LGPL dual-licensed and some bits with BSD +# SourceLicense: (GPLv2+ and LGPLv2+ with exceptions) and BSD +License: GPLv2+ + +Requires: coreutils +Requires: popt%{_isa} >= 1.10.2.1 +Requires: curl +Obsoletes: python2-rpm < %{version}-%{release} + +%if %{with check} +BuildRequires: fakechroot gnupg2 +BuildRequires: debugedit >= 0.3 +%endif + +# XXX generally assumed to be installed but make it explicit as rpm +# is a bit special... +BuildRequires: system-rpm-config +BuildRequires: systemd-rpm-macros +BuildRequires: gcc make +BuildRequires: gawk +BuildRequires: elfutils-devel >= 0.112 +BuildRequires: elfutils-libelf-devel +BuildRequires: readline-devel zlib-devel +BuildRequires: openssl-devel +# The popt version here just documents an older known-good version +BuildRequires: popt-devel >= 1.10.2 +BuildRequires: file-devel +BuildRequires: gettext-devel +BuildRequires: ncurses-devel +BuildRequires: bzip2-devel >= 0.9.0c-2 +BuildRequires: lua-devel >= 5.1 +BuildRequires: libcap-devel +BuildRequires: libacl-devel +%if %{with xz} +BuildRequires: xz-devel >= 4.999.8 +%endif +%if %{with libarchive} +BuildRequires: libarchive-devel +%endif +%if %{with zstd} +BuildRequires: libzstd-devel +%endif +%if %{with sqlite} +BuildRequires: sqlite-devel +%endif +# Couple of patches change makefiles so, require for now... +BuildRequires: automake libtool + +# Temporary! Work around bugs in beta1 makefiles +BuildRequires: pandoc + +%if %{with plugins} +BuildRequires: libselinux-devel +BuildRequires: dbus-devel +BuildRequires: audit-libs-devel +%endif + +%if %{with libimaevm} +BuildRequires: ima-evm-utils-devel >= 1.0 +%endif + +%if %{with fsverity} +BuildRequires: fsverity-utils-devel +%endif + +# For the rpmdb migration scriptlet (#2055033) +Requires(pre): coreutils +Requires(pre): findutils +Requires(pre): sed + +%description +The RPM Package Manager (RPM) is a powerful command line driven +package management system capable of installing, uninstalling, +verifying, querying, and updating software packages. Each software +package consists of an archive of files along with information about +the package like its version, a description, etc. + +%package libs +Summary: Libraries for manipulating RPM packages +License: GPLv2+ and LGPLv2+ with exceptions +Requires: %{name} = %{version}-%{release} + +%description libs +This package contains the RPM shared libraries. + +%package build-libs +Summary: Libraries for building RPM packages +License: GPLv2+ and LGPLv2+ with exceptions +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description build-libs +This package contains the RPM shared libraries for building packages. + +%package sign-libs +Summary: Libraries for signing RPM packages +License: GPLv2+ and LGPLv2+ with exceptions +Requires: rpm-libs%{_isa} = %{version}-%{release} +Requires: %{_bindir}/gpg2 + +%description sign-libs +This package contains the RPM shared libraries for signing packages. + +%package devel +Summary: Development files for manipulating RPM packages +License: GPLv2+ and LGPLv2+ with exceptions +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs%{_isa} = %{version}-%{release} +Requires: %{name}-build-libs%{_isa} = %{version}-%{release} +Requires: %{name}-sign-libs%{_isa} = %{version}-%{release} +Requires: popt-devel%{_isa} + +%description devel +This package contains the RPM C library and header files. These +development files will simplify the process of writing programs that +manipulate RPM packages and databases. These files are intended to +simplify the process of creating graphical package managers or any +other tools that need an intimate knowledge of RPM packages in order +to function. + +This package should be installed if you want to develop programs that +will manipulate RPM packages and databases. + +%package build +Summary: Scripts and executable programs used to build packages +Requires: rpm = %{version}-%{release} +Requires: elfutils >= 0.128 binutils +Requires: findutils sed grep gawk diffutils file patch >= 2.5 +Requires: tar unzip gzip bzip2 cpio xz +%if %{with zstd} +Requires: zstd +%endif +Requires: debugedit >= 0.3 +Requires: pkgconfig >= 1:0.24 +Requires: /usr/bin/gdb-add-index +Suggests: gdb-minimal +Requires: system-rpm-config + +%description build +The rpm-build package contains the scripts and executable programs +that are used to build packages using the RPM Package Manager. + +%package sign +Summary: Package signing support +Requires: rpm-sign-libs%{_isa} = %{version}-%{release} + +%description sign +This package contains support for digitally signing RPM packages. + +%package -n python3-%{name} +Summary: Python 3 bindings for apps which will manipulate RPM packages +BuildRequires: python3-devel +%{?python_provide:%python_provide python3-%{name}} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Provides: %{name}-python3 = %{version}-%{release} +Obsoletes: %{name}-python3 < %{version}-%{release} +Obsoletes: platform-python-%{name} < %{version}-%{release} + +%description -n python3-%{name} +The python3-rpm package contains a module that permits applications +written in the Python programming language to use the interface +supplied by RPM Package Manager libraries. + +This package should be installed if you want to develop Python 3 +programs that will manipulate RPM packages and databases. + +%package apidocs +Summary: API documentation for RPM libraries +BuildArch: noarch + +%description apidocs +This package contains API documentation for developing applications +that will manipulate RPM packages and databases. + +%package cron +Summary: Create daily logs of installed packages. +BuildArch: noarch +Requires: crontabs logrotate rpm = %{version}-%{release} + +%description cron +This package contains a cron job which creates daily logs of installed +packages on a system. + +%if %{with plugins} +%package plugin-selinux +Summary: Rpm plugin for SELinux functionality +Requires: rpm-libs%{_isa} = %{version}-%{release} +Requires: selinux-policy-base + +%description plugin-selinux +%{summary}. + +%package plugin-syslog +Summary: Rpm plugin for syslog functionality +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description plugin-syslog +%{summary}. + +%package plugin-systemd-inhibit +Summary: Rpm plugin for systemd inhibit functionality +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description plugin-systemd-inhibit +This plugin blocks systemd from entering idle, sleep or shutdown while an rpm +transaction is running using the systemd-inhibit mechanism. + +%package plugin-ima +Summary: Rpm plugin ima file signatures +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description plugin-ima +%{summary}. + +%package plugin-prioreset +Summary: Rpm plugin for resetting scriptlet priorities for SysV init +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description plugin-prioreset +%{summary}. + +Useful on legacy SysV init systems if you run rpm transactions with +nice/ionice priorities. Should not be used on systemd systems. + +%package plugin-audit +Summary: Rpm plugin for logging audit events on package operations +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description plugin-audit +%{summary}. + +%package plugin-fsverity +Summary: Rpm plugin for fsverity file signatures +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description plugin-fsverity +%{summary}. + +%package plugin-fapolicyd +Summary: Rpm plugin for fapolicyd support +Requires: rpm-libs%{_isa} = %{version}-%{release} +Provides: fapolicyd-plugin = %{version}-%{release} +# fapolicyd-dnf-plugin currently at 1.0.4 +Obsoletes: fapolicyd-dnf-plugin < 1.0.5 + +%description plugin-fapolicyd +%{summary}. + +See https://people.redhat.com/sgrubb/fapolicyd/ for information about +the fapolicyd daemon. + +%package plugin-dbus-announce +Summary: Rpm plugin for announcing transactions on the DBUS +Requires: rpm-libs%{_isa} = %{version}-%{release} + +%description plugin-dbus-announce +The plugin announces basic information about rpm transactions to the +system DBUS - like packages installed or removed. Other programs can +subscribe to the signals to get notified when packages on the system +change. + +# with plugins +%endif + +%prep +%autosetup -n rpm-%{srcver} -p1 + +%build +%set_build_flags + +autoreconf -i -f + +# Hardening hack taken from macro %%configure defined in system-rpm-config +for i in $(find . -name ltmain.sh) ; do + %{__sed} -i.backup -e 's~compiler_flags=$~compiler_flags="%{_hardened_ldflags}"~' $i +done; + +# Using configure macro has some unwanted side-effects on rpm platform +# setup, use the old-fashioned way for now only defining minimal paths. +./configure \ + --prefix=%{_usr} \ + --sysconfdir=%{_sysconfdir} \ + --localstatedir=%{_var} \ + --sharedstatedir=%{_var}/lib \ + --libdir=%{_libdir} \ + --build=%{_target_platform} \ + --host=%{_target_platform} \ + --with-vendor=anolis \ + %{!?with_plugins: --disable-plugins} \ + --with-lua \ + --with-selinux \ + --with-cap \ + --with-acl \ + --with-fapolicyd \ + %{?with_ndb: --enable-ndb} \ + %{?with_libimaevm: --with-imaevm} \ + %{?with_fsverity: --with-fsverity} \ + %{?with_zstd: --enable-zstd} \ + %{?with_sqlite: --enable-sqlite} \ + %{?with_bdb_ro: --enable-bdb-ro} \ + --enable-python \ + --with-crypto=openssl + +%make_build + +pushd python +%py3_build +popd + +%install +%make_install + +# We need to build with --enable-python for the self-test suite, but we +# actually package the bindings built with setup.py (#531543#c26) +pushd python +%py3_install +popd + +mkdir -p $RPM_BUILD_ROOT%{_unitdir} +install -m 644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir} +install -m 644 %{SOURCE20} $RPM_BUILD_ROOT/%{_unitdir} + +mkdir -p $RPM_BUILD_ROOT%{rpmhome} +install -m 755 %{SOURCE21} $RPM_BUILD_ROOT/%{rpmhome} + +# Save list of packages through cron +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily +install -m 755 scripts/rpm.daily ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/rpm + +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d +install -m 644 scripts/rpm.log ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/rpm + +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rpm +mkdir -p $RPM_BUILD_ROOT%{rpmhome}/macros.d +mkdir -p $RPM_BUILD_ROOT/usr/lib/sysimage/rpm + +# init an empty database for %ghost'ing for all supported backends +for be in %{?with_ndb:ndb} %{?with_sqlite:sqlite}; do + ./rpmdb --define "_db_backend ${be}" --dbpath=${PWD}/${be} --initdb + cp -va ${be}/. $RPM_BUILD_ROOT/usr/lib/sysimage/rpm/ +done + +# some packages invoke find-debuginfo directly, preserve compat for now +ln -s ../../bin/find-debuginfo $RPM_BUILD_ROOT/usr/lib/rpm/find-debuginfo.sh + +%find_lang rpm + +find $RPM_BUILD_ROOT -name "*.la"|xargs rm -f + +# These live in perl-generators and python-rpm-generators now +rm -f $RPM_BUILD_ROOT/%{rpmhome}/{perldeps.pl,perl.*,pythond*} +rm -f $RPM_BUILD_ROOT/%{_fileattrsdir}/{perl*,python*} +rm -rf $RPM_BUILD_ROOT/var/tmp + +%if %{with check} +%check +make check TESTSUITEFLAGS=-j%{_smp_build_ncpus} || (cat tests/rpmtests.log; exit 1) +# rpm >= 4.16.0 testsuite leaves a read-only tree behind, clean it up +make clean +%endif + +%pre +# Symlink all rpmdb files to the new location if we're still using /var/lib/rpm +if [ -d /var/lib/rpm ]; then + mkdir -p /usr/lib/sysimage/rpm + rpmdb_files=$(find /var/lib/rpm -maxdepth 1 -type f | sed 's|^/var/lib/rpm/||g' | sort) + for rpmdb_file in ${rpmdb_files[@]}; do + ln -sfr /var/lib/rpm/${rpmdb_file} /usr/lib/sysimage/rpm/${rpmdb_file} + done +fi + +%triggerun -- rpm < 4.17.0-7 +# Handle rpmdb migrate service on erasure of old to avoid ordering issues +if [ -x /usr/bin/systemctl ]; then + systemctl --no-reload preset rpmdb-migrate ||: +fi + +%posttrans +if [ -d /var/lib/rpm ]; then + touch /var/lib/rpm/.migratedb +fi + +%files -f rpm.lang +%license COPYING +%doc CREDITS docs/manual/[a-z]* + +%{_unitdir}/rpmdb-rebuild.service +%{_unitdir}/rpmdb-migrate.service + +%dir %{_sysconfdir}/rpm + +%attr(0755, root, root) %dir /usr/lib/sysimage/rpm +%attr(0644, root, root) %ghost %config(missingok,noreplace) /usr/lib/sysimage/rpm/* +%attr(0644, root, root) %ghost /usr/lib/sysimage/rpm/.*.lock + +%{_bindir}/rpm +%{_bindir}/rpm2archive +%{_bindir}/rpm2cpio +%{_bindir}/rpmdb +%{_bindir}/rpmkeys +%{_bindir}/rpmquery +%{_bindir}/rpmverify + +%{_mandir}/man8/rpm.8* +%{_mandir}/man8/rpmdb.8* +%{_mandir}/man8/rpmkeys.8* +%{_mandir}/man8/rpm2archive.8* +%{_mandir}/man8/rpm2cpio.8* +%{_mandir}/man8/rpm-misc.8* +%{_mandir}/man8/rpm-plugins.8* + +# XXX this places translated manuals to wrong package wrt eg rpmbuild +%lang(fr) %{_mandir}/fr/man[18]/*.[18]* +%lang(ko) %{_mandir}/ko/man[18]/*.[18]* +%lang(ja) %{_mandir}/ja/man[18]/*.[18]* +%lang(pl) %{_mandir}/pl/man[18]/*.[18]* +%lang(ru) %{_mandir}/ru/man[18]/*.[18]* +%lang(sk) %{_mandir}/sk/man[18]/*.[18]* + +%attr(0755, root, root) %dir %{rpmhome} +%{rpmhome}/macros +%{rpmhome}/macros.d +%{rpmhome}/lua +%{rpmhome}/rpmpopt* +%{rpmhome}/rpmrc + +%{rpmhome}/rpmdb_* +%{rpmhome}/rpm.daily +%{rpmhome}/rpm.log +%{rpmhome}/rpm.supp +%{rpmhome}/rpm2cpio.sh +%{rpmhome}/tgpg + +%{rpmhome}/platform + +%dir %{rpmhome}/fileattrs + +%files libs +%{_libdir}/librpmio.so.%{sover} +%{_libdir}/librpm.so.%{sover} +%{_libdir}/librpmio.so.%{sover}.* +%{_libdir}/librpm.so.%{sover}.* +%if %{with plugins} +%dir %{_libdir}/rpm-plugins + +%files plugin-syslog +%{_libdir}/rpm-plugins/syslog.so +%{_mandir}/man8/rpm-plugin-syslog.8* + +%files plugin-selinux +%{_libdir}/rpm-plugins/selinux.so +%{_mandir}/man8/rpm-plugin-selinux.8* + +%files plugin-systemd-inhibit +%{_libdir}/rpm-plugins/systemd_inhibit.so +%{_mandir}/man8/rpm-plugin-systemd-inhibit.8* + +%files plugin-ima +%{_libdir}/rpm-plugins/ima.so +%{_mandir}/man8/rpm-plugin-ima.8* + +%files plugin-fsverity +%{_libdir}/rpm-plugins/fsverity.so + +%files plugin-fapolicyd +%{_libdir}/rpm-plugins/fapolicyd.so +%{_mandir}/man8/rpm-plugin-fapolicyd.8* + +%files plugin-prioreset +%{_libdir}/rpm-plugins/prioreset.so +%{_mandir}/man8/rpm-plugin-prioreset.8* + +%files plugin-audit +%{_libdir}/rpm-plugins/audit.so +%{_mandir}/man8/rpm-plugin-audit.8* +# with plugins + +%files plugin-dbus-announce +%{_libdir}/rpm-plugins/dbus_announce.so +%{_mandir}/man8/rpm-plugin-dbus-announce.8* +%{_sysconfdir}/dbus-1/system.d/org.rpm.conf +%endif + +%files build-libs +%{_libdir}/librpmbuild.so.%{sover} +%{_libdir}/librpmbuild.so.%{sover}.* + +%files sign-libs +%{_libdir}/librpmsign.so.%{sover} +%{_libdir}/librpmsign.so.%{sover}.* + +%files build +%{_bindir}/rpmbuild +%{_bindir}/gendiff +%{_bindir}/rpmspec + +%{_mandir}/man1/gendiff.1* +%{_mandir}/man8/rpmbuild.8* +%{_mandir}/man8/rpmdeps.8* +%{_mandir}/man8/rpmspec.8* + +%{rpmhome}/brp-* +%{rpmhome}/check-* +%{rpmhome}/find-lang.sh +%{rpmhome}/*provides* +%{rpmhome}/*requires* +%{rpmhome}/*deps* +%{rpmhome}/*.prov +%{rpmhome}/*.req +%{rpmhome}/mkinstalldirs +%{rpmhome}/fileattrs/* +%{rpmhome}/find-debuginfo.sh + +%files sign +%{_bindir}/rpmsign +%{_mandir}/man8/rpmsign.8* + +%files -n python3-%{name} +%{python3_sitearch}/rpm/ +%{python3_sitearch}/rpm-%{rpmver}*.egg-info + +%files devel +%{_mandir}/man8/rpmgraph.8* +%{_bindir}/rpmgraph +%{_libdir}/librp*[a-z].so +%{_libdir}/pkgconfig/rpm.pc +%{_includedir}/rpm/ + +%files cron +%{_sysconfdir}/cron.daily/rpm +%config(noreplace) %{_sysconfdir}/logrotate.d/rpm + +%files apidocs +%license COPYING +%doc docs/librpm/html/* + +%changelog +* Mon Feb 28 2022 Chunmei Xu - 4.17.0-1 +- upstream version 4.17.0 and migrate rpmdb to /usr/lib/sysimage/rpm diff --git a/rpmdb-migrate.service b/rpmdb-migrate.service new file mode 100644 index 0000000000000000000000000000000000000000..54a934d3cf9e5c007ec32e1eb70a18245f4db2bd --- /dev/null +++ b/rpmdb-migrate.service @@ -0,0 +1,18 @@ +[Unit] +Description=RPM database migration to /usr +ConditionPathExists=/var/lib/rpm/.migratedb + +# This should run before any daemons that may open the rpmdb +DefaultDependencies=no +After=sysinit.target +Before=basic.target shutdown.target +Conflicts=shutdown.target +# In case /var is remote-mounted +RequiresMountsFor=/var + +[Service] +Type=oneshot +ExecStart=/usr/lib/rpm/rpmdb_migrate + +[Install] +WantedBy=basic.target diff --git a/rpmdb-rebuild.service b/rpmdb-rebuild.service new file mode 100644 index 0000000000000000000000000000000000000000..4cd2f3308b0a4668cfbba57cee970204b1171a9c --- /dev/null +++ b/rpmdb-rebuild.service @@ -0,0 +1,19 @@ +[Unit] +Description=RPM database rebuild +ConditionPathExists=/usr/lib/sysimage/rpm/.rebuilddb + +# This should run before any daemons that may open the rpmdb +DefaultDependencies=no +After=sysinit.target +Before=basic.target shutdown.target +Conflicts=shutdown.target +# In case /usr is remote-mounted +RequiresMountsFor=/usr + +[Service] +Type=oneshot +ExecStart=/usr/bin/rpmdb --rebuilddb +ExecStartPost=rm -f /usr/lib/sysimage/rpm/.rebuilddb + +[Install] +WantedBy=basic.target diff --git a/rpmdb_migrate b/rpmdb_migrate new file mode 100644 index 0000000000000000000000000000000000000000..196744dedd08666e11812d142674bfcc0318f4d9 --- /dev/null +++ b/rpmdb_migrate @@ -0,0 +1,40 @@ +#!/bin/bash +# Script to migrate rpmdb from /var/lib/rpm to new rpmdb path in /usr + +# Copyright (C) 2022 Neal Gompa . +# +# Fedora-License-Identifier: GPLv2+ +# SPDX-2.0-License-Identifier: GPL-2.0+ +# SPDX-3.0-License-Identifier: GPL-2.0-or-later +# +# This program is free software. +# For more information on the license, see COPYING or +# . +# For more information on free software, see +# . + + +set -euo pipefail + +# Script to migrate the rpmdb to /usr +rpmdb_path="$(rpm --eval '%_dbpath')" +rpmdb_path_old="/var/lib/rpm" +rpmdb_path_new="${rpmdb_path}" + + +if [ "${rpmdb_path}" = "${rpmdb_path_old}" ]; then + echo "The rpmdb path is still in /var, exiting!" + exit 0 +fi + +if [ -L "${rpmdb_path_old}" ]; then + echo "The rpmdb has already been migrated, exiting!" + rm -v "${rpmdb_path_old}/.migratedb" + exit 0 +fi + +rpm --verbose --rebuilddb + +rm -rfv ${rpmdb_path_old} + +ln -srv ${rpmdb_path_new} ${rpmdb_path_old}