| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
For whatever historical reasons RPMCONFIGDIR was used in automake
whereas the environment variable is RPM_CONFIGDIR. Just call it that
everywhere.
|
|
|
|
|
|
|
| |
using the new dynamic spec feature. It creates one sub package by
language.
Resolves: #1276
|
| |
|
|
|
|
| |
These don't really add any value over just passing them to install()
|
|
|
|
|
|
|
|
|
|
| |
There are some missing bits and pieces still to be done for cmake build,
but that is so much easier if you don't have to worry about keeping
compatibility with the system you're about to remove that it doesn't
make sense to drag this on any further. The sooner this is over, the
sooner it is over and we can start making use of cmake's advantages
instead of just trying to bend over backwards to maintain compatibility
with the autotools build.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
brp-strip script runs strip command on deliverables paralley and if
deliverables are hard linked inside buildroot, it will create
contention.
One good example for such package is git.
https://github.com/vmware/photon/blob/master/SPECS/git/git.spec
```
Sample output:
$ rpm -ql git | grep libexec | xargs ls -li
668153 -rwxr-xr-x 137 root root 3401056 Aug 2 08:30 /usr/libexec/git-core/git
668153 -rwxr-xr-x 137 root root 3401056 Aug 2 08:30 /usr/libexec/git-core/git-add
787238 -rwxr-xr-x 1 root root 47770 Aug 2 08:30 /usr/libexec/git-core/git-add--interactive
668153 -rwxr-xr-x 137 root root 3401056 Aug 2 08:30 /usr/libexec/git-core/git-am
```
To overcome this, we run strip twice once for all files with no
hardlinks, this is a parallel job, meaning multiple binaries will be
stripped in parallel.
And once for files with hardlinks, in this case we disable parallel
processing and strip binaries in sequential order.
RH bug link:
https://bugzilla.redhat.com/show_bug.cgi?id=1959049
Co-authored-by: Dweep Advani <dadvani@vmware.com>
Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
|
|
|
|
|
| |
As we look at the first 4 bytes anyway there is no reason to read more.
Reading more also hits a bug in bash on aarch64 (rhbz#2115206).
|
|
|
|
|
|
| |
for unknown payload compression format. At this point it is unlikely
this isn't an RPM file as we detected the headers but much more likely
the package is using a newer compression format.
|
|
|
|
|
|
|
|
|
| |
As the shell can't deal with null bytes only read two bytes and check
for proper match. This way we can match for the null byte even if it is
not part of the string.
This also silents the warning from the shell that there is a null byte
being ignored in the magic string for lzma.
|
|
|
|
| |
to avoid warnings
|
|
|
|
|
|
|
|
|
| |
This script converts binary header sizes to decimal numbers. Shell is
not that well suited for this task as it drops newlines at the end of
command substitutions. Add a . character at the end and strip it right
after that to avoid this problem.
Resolves: rhbz#1983015
|
|
|
|
|
| |
This make is much less likely to mistake a file as an RPM and will catch
errors in header size calculation.
|
|
|
|
|
|
|
|
| |
With the SRPMs now containing the expanded spec file they are bound to
have the build root included in the header. Turns out some people
package SRPMs to rebuild them locally e.g. against the local kernel.
Resolves: rhbz#2104150
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an incomplete release-early version, NOT intended or
suitable for production use. It is intended to replace the autotools
based buildsystem in rpm 4.20, until then it'll be developed alongside
it. This causes some extra complications of course, but then we avoid
a huge flag-day, and that matters more.
To those wondering why cmake and not ${myfavorite}: the community around
us effectively made that choice for us. We've made a lot of noise about
bootstrap dependencies. When libsolv, dnf and all the related stack is
powered by cmake build, it'd be just foolish to go with anything else.
This way people working on the rpm stack have only one build system to
learn, there's peer support available nearby and bootstrap dependencies
are reduced, not increased. It also doesn't hurt that cmake is actually
and actively maintained.
|
|
|
|
|
|
|
|
|
| |
Recent binutils can do debug section lookups over the internet, but this
is something we never want during rpmbuild (everything else aside, we're
just building the thing so there wont be anything on the net anyhow).
Disable the lookups by setting DEBUGINFOD_URLS to empty rather than
using the specific option as this is compatible with any old version of
readelf.
|
|
|
|
| |
for find as well this ensures correct file processing.
|
|
|
|
| |
to expand the command correctly (SC2086).
|
|
|
|
|
| |
allows failing on various errors as well
(and ensures proper handling of the output in case it changes again).
|
|
|
|
|
| |
instead of && and ||. Enhances readability and avoids unnecessary
errors in case ||: would be omitted.
|
|
|
|
|
|
| |
Add quotes and check for path writability.
Also process evaluate $tmp as part of trap, not expanding the
the variable into string.
|
|
|
|
|
|
|
|
|
|
|
| |
Since 3.5, grep emits the diagnostic "binary file matches" message
to stderr which causes the result file to be empty and build continuing
despite an obvious error being present.
We're not interested in the match itself, only whether there are files
with matches. Grep has a standard option for this (-l), use it.
Fixes: #1968
|
|
|
|
| |
`find` options all have just one dash. Regression of a regression, sigh.
|
|
|
|
|
|
| |
This commit adds a very simple provides generator for rpm macros as suggested on
the Fedora packaging mailing list:
https://lists.fedoraproject.org/archives/list/packaging@lists.fedoraproject.org/thread/DUFER7QAFYIBYDANJQQ37FBNL5YISZQ2/
|
|
|
|
|
|
|
|
|
|
| |
Since that commit builds would fail with
RPM build errors:
Installed (but unpackaged) file(s) found:
/.gz
Use a similar find -print0 construct as the other loop above.
|
|
|
|
|
| |
Try to minimize accidentally removed .la files that aren't libtool .la
files.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original commit might have seemed like an easy remedy for
third-party modules affected by commit 0ab151a (such as rhbz#1967291),
but it also prevents the modules built from the kernel tree (which
employ a different signing strategy, see below) from being stripped off
of debug and symbol data, so it's not the correct solution after all.
Simply put, *.ko files *are* ELF files, so there's no good reason to
skip them.
Third-party modules should instead adopt the same hack as the in-tree
ones, i.e. overriding the %__spec_post_install macro so that the signing
occurs as a last step, after any kind of stripping has taken place.
Example from kernel.spec:
%define __modsign_install_post \
# Do the signing here
[...]
%define __spec_install_post \
# eu-strip(1) gets called here
%{?__debug_package:%{__debug_install_post}}\
%{__arch_install_post}\
# ... or strip(1) gets called here
%{__os_install_post}\
%{__remove_unwanted_dbginfo_install_post}\
%{__modsign_install_post}
It's still a hack, but it's better than avoiding the strip altogether.
This reverts commit cfdb8300f6e3aed0abc41406a3c4737eb1192067.
|
|
|
|
|
| |
The `$lower` variable is always empty, see https://bugzilla.redhat.com/show_bug.cgi?id=2019804
This also changes the badness 32 message to say "a rpath" or "a runpath" which isn't perfect, but is certainly better than "an runpath".
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OCaml cmxs files are static libraries, which can be loaded at runtime
via the Dynlink module. They apparently do not provide any useful
runtime dependency information to be stored into the packages
Provides/Requires list. Therefore just skip them.
Adjust attr, remove extension and ELF magic
Adjust ocamldeps, do nothing with cmxs files.
Fixes: a6fe37c39b39acbcbd014dd1e6d5653ff84254a1
Signed-off-by: Olaf Hering <olaf@aepfle.de>
|
|
|
|
|
|
| |
Run at least the file classification in parallel
Resolves: #1230
|
|
|
|
|
|
|
|
| |
as strip fails on them (if they are Guile object files).
This adds another layer of protection as *.go files are already filtered
out.
Resolves: #1765
|
|
|
|
|
|
|
|
| |
as those may be Guile object files. Those are ELF files but cannot be
stripped. This may also exclude other files (like Golang sources) but
that should not be an issue.
Resolves: #1765
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise SecureBoot signatures may be stripped too.
We used to exclude shared libraries from this strip as they were
supposed to be covered by another brp script (brp-strip-shared), however
it turned out the latter was never really used, so we removed the
exclusion in commit 0ab151ab138fd4fb6d3176fd0270d9cc6f4623f3.
As it turns out, that was a little too ambitious, since we may now
inadvertently strip SecureBoot signatures from kernel modules too,
provided that they're made during the build, prior to the invocation of
brp-strip.
Note that this regression currently does *not* affect the following two
cases on Fedora/RHEL systems with redhat-rpm-config installed:
- in-tree kernel modules; these are built from kernel.spec which
already contains a hack ensuring that module signing only happens
*after* any stripping (see %__modsign_install_post in kernel.spec)
- out-of-tree kernel modules built with debuginfo enabled; this is
because brp-strip is only called when %debug_package is set to
%{nil}
Any other combinations may be affected, depending on the macros and
.spec files used, so let's fix this by effectively "reverting" said
commit for .ko files only.
Fixes: rhbz#1967291
|
|
|
|
|
|
|
|
|
|
| |
These curly brackets are already treated as literals by the shell, so
let's make that explicit for clarity, and silence a ShellCheck warning
at the same time.
More info: https://github.com/koalaman/shellcheck/wiki/SC1083
Found by ShellCheck.
|
|
|
|
|
|
|
| |
An RPATH or RUNPATH pointing to directories owned by a package in /usr/libexec/*
is a valid case and should be allowed by the check-rpath script.
Related: #1719
|
|
|
|
| |
Calculate $lower from the actual match
|
|
|
|
|
|
| |
by adding -W
Related: #1713
|
|
|
|
|
|
| |
using RPM_BUILD_NCPUS
Related: #1713
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's been an increasing interest in the wider community to use
the debuginfo tooling outside rpm context, and deep ELF format
internals are not rpm's core business anyhow, the reasons for it
being here are entirely historical. So without further ado, remove
the debuginfo tooling from rpm and rely on the external debugedit
project from now on.
Update INSTALL to document the new dependency, and add conditionals
to relevant debuginfo build tests. The lower-level debugedit and
sepdebugcrcfix tools are tested in the external project, no need
to duplicate that here.
|
|
|
|
|
|
|
| |
.la files are libtool files and should generally not be installed. Tons
of spec files contain a 'find' command to remove them. Add a helper
script that automatically removes all .la files from the build root and
let projects that need them opt out of this instead.
|
|
|
|
|
|
|
| |
People mostly only care about removing any .la files present in their
packages, I've yet to see a single use of a desired/used libtool()
dependency during its 14 year existence in rpm. There are enough
provides in the world without creating unused ones just because.
|
|
|
|
|
|
|
|
| |
GCC dropped the entire java works from GCC 7 in 2017 [*] so in recent
times this has been doing exactly nothing at all because gcj doesn't
even exist. Bye bye.
[*] https://gcc.gnu.org/gcc-7/changes.html
|
|
|
|
|
| |
These have never been included in tarballs even, so chances are people
are not going to miss them too much.
|
| |
|
|
|
|
|
|
|
| |
These are far better maintained by the Python community, in a
repository of their own:
https://github.com/rpm-software-management/python-rpm-packaging/
|
|
|
|
|
|
|
|
|
| |
Most language abbreviations are just two characters but some are longer.
Allow an arbiraty number of character instead of exactly two in the names
of .qm files (QT translations). This brings the handling of .qm files in
line with all other file types.
Resolves: #1642
|
|
|
|
|
|
|
|
|
|
|
|
| |
Turns out people are using %check in various "unexpected" ways, some of
which are also tied to our long-standing %exclude semantics. We need
need better %check which doesn't rely on or allow messing with actual
buildroot contents, but there's simply too much plate for a too short
a time-frame to try and do that. Revert to old buggy buildroot checking
to give time to come up with better solutions to the %check issues.
This reverts c1ca2e35025698328edcefa8dedee866d2ea0596 and
1110c280639b66c89da19a0f831af28845591997.
|
|
|
|
|
|
| |
self.name in PathDistribution is a property in Python 3.10+ and thus we
can't redefine it as an instance variable. Instead we explicitly define
it as a property, which works on all supported Python versions.
|
|
|
|
|
|
|
|
|
|
|
| |
DT_RPATH has been deprecated in favour of DT_RUNPATH for some time now
and both have similar functionality. RUNPATH is less infectious,
i.e. it does not affect search paths for dependency resolution of
dependencies, but that only limits the issues insecure paths may cause
and does not eliminate them.
It is therefore necessary to check both RPATH and RUNPATH for the same
issues.
|