From 17bcb67bd7d247d62785f9c5d5ee34e40926d649 Mon Sep 17 00:00:00 2001 From: sun_hai_10 Date: Mon, 17 Oct 2022 21:24:57 +0800 Subject: [PATCH] rountinely backport patches from upstream --- anaconda.spec | 12 +- ...rt-Round-the-required-device-size-up.patch | 57 +++++++++ ...on-in-chroot-when-handling-home-dirs.patch | 117 ++++++++++++++++++ 3 files changed, 184 insertions(+), 2 deletions(-) create mode 100644 backport-Round-the-required-device-size-up.patch create mode 100644 backport-Run-restorecon-in-chroot-when-handling-home-dirs.patch diff --git a/anaconda.spec b/anaconda.spec index 408a29e..65c80aa 100644 --- a/anaconda.spec +++ b/anaconda.spec @@ -1,7 +1,7 @@ %define _empty_manifest_terminate_build 0 Name: anaconda Version: 33.19 -Release: 47 +Release: 48 Summary: Graphical system installer License: GPLv2+ and MIT URL: http://fedoraproject.org/wiki/Anaconda @@ -127,6 +127,8 @@ Patch6082: Support-configuration-of-additional-boot-arguments.patch Patch6083: backport-revert-Set-default-entry-to-the-BLS-id-instead-of-th.patch Patch6084: bugfix-Solve-the-problem-that-the-circular-loading-progress-bar-does-not-rotate.patch +Patch6085: backport-Round-the-required-device-size-up.patch +Patch6086: backport-Run-restorecon-in-chroot-when-handling-home-dirs.patch %define dbusver 1.2.3 %define dnfver 3.6.0 @@ -366,13 +368,19 @@ update-desktop-database &> /dev/null || : %{_prefix}/libexec/anaconda/dd_* %changelog +* Mon Oct 17 2022 sunhai - 33.19-48 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:rountinely backport patches from upstream + * Thu Sep 1 2022 sunhai - 33.19-47 - Type:bugfix - CVE:NA - SUG:NA - DESC:solve the problem that the circular loading progress bar does not rotate -* Tue Aug 24 2022 zhangqiumiao - 33.19-46 +* Tue Aug 23 2022 zhangqiumiao - 33.19-46 - Type:bugfix - CVE:NA - SUG:NA diff --git a/backport-Round-the-required-device-size-up.patch b/backport-Round-the-required-device-size-up.patch new file mode 100644 index 0000000..f31589a --- /dev/null +++ b/backport-Round-the-required-device-size-up.patch @@ -0,0 +1,57 @@ +From edc59a5cbd625e87056f6a28095a4d327dc6ef3c Mon Sep 17 00:00:00 2001 +From: Vendula Poncova +Date: Wed, 18 May 2022 15:00:39 +0200 +Subject: [PATCH] Round the required device size up + +The required device size shouldn't be rounded down to zero, +so always round it up to the nearest MiB. +--- + pyanaconda/modules/storage/devicetree/utils.py | 5 ++--- + .../modules/storage/test_module_device_tree.py | 8 ++++++++ + 2 files changed, 10 insertions(+), 3 deletions(-) + +diff --git a/pyanaconda/modules/storage/devicetree/utils.py b/pyanaconda/modules/storage/devicetree/utils.py +index 1a45d2a8fa8..ceb58c4adae 100644 +--- a/pyanaconda/modules/storage/devicetree/utils.py ++++ b/pyanaconda/modules/storage/devicetree/utils.py +@@ -19,11 +19,10 @@ + import requests + + from blivet import udev +-from blivet.size import Size + from blivet.errors import StorageError + from blivet.formats import device_formats, get_format + from blivet.formats.fs import FS +-from bytesize.bytesize import ROUND_HALF_UP ++from bytesize.bytesize import MiB, ROUND_UP + + from pyanaconda.core import util + from pyanaconda.core.i18n import _ +@@ -149,7 +148,7 @@ def get_required_device_size(required_space, format_class=None): + format_class = FS.biggest_overhead_FS() + + device_size = format_class.get_required_size(required_space) +- return device_size.round_to_nearest(Size("1 MiB"), ROUND_HALF_UP) ++ return device_size.round_to_nearest(MiB, ROUND_UP) + + + def find_optical_media(devicetree): +diff --git a/tests/unit_tests/pyanaconda_tests/modules/storage/test_module_device_tree.py b/tests/unit_tests/pyanaconda_tests/modules/storage/test_module_device_tree.py +index 15eef05b2f4..31fc3e25367 100644 +--- a/tests/unit_tests/pyanaconda_tests/modules/storage/test_module_device_tree.py ++++ b/tests/unit_tests/pyanaconda_tests/modules/storage/test_module_device_tree.py +@@ -433,6 +433,14 @@ def test_get_supported_file_systems(self): + + def test_get_required_device_size(self): + """Test GetRequiredDeviceSize.""" ++ assert self.interface.GetRequiredDeviceSize(0) == 0 ++ ++ required_size = self.interface.GetRequiredDeviceSize(Size("10 B").get_bytes()) ++ assert Size("1 MiB").get_bytes() == required_size, Size(required_size) ++ ++ required_size = self.interface.GetRequiredDeviceSize(Size("10 KiB").get_bytes()) ++ assert Size("1 MiB").get_bytes() == required_size, Size(required_size) ++ + required_size = self.interface.GetRequiredDeviceSize(Size("1 GiB").get_bytes()) + assert Size("1280 MiB").get_bytes() == required_size, Size(required_size) + diff --git a/backport-Run-restorecon-in-chroot-when-handling-home-dirs.patch b/backport-Run-restorecon-in-chroot-when-handling-home-dirs.patch new file mode 100644 index 0000000..89d8b71 --- /dev/null +++ b/backport-Run-restorecon-in-chroot-when-handling-home-dirs.patch @@ -0,0 +1,117 @@ +From 65025ad94bb5c11005eda0fba3419563acf8c461 Mon Sep 17 00:00:00 2001 +From: Vladimir Slavik +Date: Wed, 30 Mar 2022 13:52:44 +0200 +Subject: [PATCH] Run restorecon in chroot when handling home dirs + +Running restorecon needs chroot to sysroot so as to have correct absolute +paths. At the point when users are handled, payload has been already +installed, so the SELinux policy is already present. + +Note that some parts of this change require Python 3.9+, so this can't be +ported 1:1 to RHEL 8 where the problem has been originally reported. + +This is achieved by using the restorecon utility function instead of running +restorecon directly with execWithRedirect. + +Related: rhbz#2069305 +--- + pyanaconda/core/users.py | 5 +-- + .../pyanaconda_tests/core/test_user_create.py | 36 ++++++++++++++----- + 2 files changed, 30 insertions(+), 11 deletions(-) + +diff --git a/pyanaconda/core/users.py b/pyanaconda/core/users.py +index c2d14e2c24c..783891d8cba 100644 +--- a/pyanaconda/core/users.py ++++ b/pyanaconda/core/users.py +@@ -327,7 +327,8 @@ def _reown_homedir(root, homedir, username): + from_ids, to_ids, root + homedir]) + + # Restore also SELinux contexts +- util.execWithRedirect("restorecon", ["-r", root + homedir]) ++ util.restorecon([homedir], root=root) ++ + except OSError as e: + log.critical("Unable to change owner of existing home directory: %s", e.strerror) + raise +@@ -561,4 +562,4 @@ def set_user_ssh_key(username, key, root=None): + # Only change ownership if we created it + if not authfile_existed: + os.chown(authfile, int(uid), int(gid)) +- util.execWithRedirect("restorecon", ["-r", sshdir]) ++ util.restorecon([sshdir.removeprefix(root)], root=root) +diff --git a/tests/unit_tests/pyanaconda_tests/core/test_user_create.py b/tests/unit_tests/pyanaconda_tests/core/test_user_create.py +index 8c57e4cbcd5..580e5e79239 100644 +--- a/tests/unit_tests/pyanaconda_tests/core/test_user_create.py ++++ b/tests/unit_tests/pyanaconda_tests/core/test_user_create.py +@@ -18,7 +18,7 @@ + # + + import unittest +-from unittest.mock import patch, call ++from unittest.mock import patch + import tempfile + import shutil + import os +@@ -280,7 +280,13 @@ def test_set_user_ssh_key(self): + keydata = "THIS IS TOTALLY A SSH KEY" + + users.create_user("test_user", homedir="/home/test_user", root=self.tmpdir) +- users.set_user_ssh_key("test_user", keydata, root=self.tmpdir) ++ with patch("pyanaconda.core.users.util.restorecon") as restorecon_mock: ++ users.set_user_ssh_key("test_user", keydata, root=self.tmpdir) ++ ++ restorecon_mock.assert_called_once_with( ++ ["/home/test_user/.ssh"], ++ root=self.tmpdir ++ ) + + keyfile = self.tmpdir + "/home/test_user/.ssh/authorized_keys" + assert os.path.isfile(keyfile) +@@ -322,7 +328,17 @@ def test_create_user_reuse_home(self): + os.makedirs(self.tmpdir + "/home/test_user") + os.chown(self.tmpdir + "/home/test_user", 500, 500) + +- users.create_user("test_user", homedir="/home/test_user", uid=1000, gid=1000, root=self.tmpdir) ++ with patch("pyanaconda.core.util.restorecon") as restorecon_mock: ++ users.create_user( ++ "test_user", ++ homedir="/home/test_user", ++ uid=1000, ++ gid=1000, ++ root=self.tmpdir ++ ) ++ ++ restorecon_mock.assert_called_once_with(["/home/test_user"], root=self.tmpdir) ++ + passwd_fields = self._readFields("/etc/passwd", "test_user") + assert passwd_fields is not None + assert passwd_fields[2] == "1000" +@@ -364,8 +380,9 @@ def _check_path(self, root, name, expected_uid, expected_gid): + assert stats.st_gid == expected_gid + + @patch("pyanaconda.core.users._getpwnam", return_value=["sam", "x", "2022", "2022"]) ++ @patch("pyanaconda.core.util.restorecon") + @patch("pyanaconda.core.util.execWithRedirect") +- def test_reown_homedir(self, exec_mock, getpwnam_mock): ++ def test_reown_homedir(self, exec_mock, restorecon_mock, getpwnam_mock): + """Test re-owning a home directory. + + We have "sam" who was uid/gid 1492 and now will be 2022. +@@ -383,11 +400,12 @@ def test_reown_homedir(self, exec_mock, getpwnam_mock): + + users._reown_homedir(sysroot, "/home/sam", "sam") + +- exec_mock.assert_has_calls([ +- call("chown", ["--recursive", "--no-dereference", "--from=1492:1492", +- "2022:2022", sysroot + "/home/sam"]), +- call("restorecon", ["-r", sysroot + "/home/sam"]), +- ]) ++ exec_mock.assert_called_once_with( ++ "chown", ++ ["--recursive", "--no-dereference", "--from=1492:1492", "2022:2022", ++ sysroot + "/home/sam"] ++ ) ++ restorecon_mock.assert_called_once_with(["/home/sam"], root=sysroot) + + # now also run the same thing as was mocked, to make sure the expectations are met + os.system("chown --recursive --no-dereference --from=1492:1492 2022:2022" -- Gitee