Commit Graph

28 Commits

Author SHA1 Message Date
Panu Matilainen b5e3e1efee Eliminate built-in selinux support. RIP.
- We hereby unceremoniously declare that from now on, SELinux and
  other similar mechanisms are to live in plugins, rpm doesn't need
  to know about every possible security etc mechanism there might be.
  Its a big commit but as its really just removals...
- We need to disable sepolicy collection plugin for now as it relies on
  built-in support for selinux, this not only makes no sense but
  wont work now that there is no built-in support. The sepolicy
  plugin needs to be merged into the selinux base plugin now.
- Another "breakage" is that --rebuilddb no longer relabels the database,
  this needs plugins to called in a place where they currently cannot
  be called. This needs to be resolved before next actual release.
2013-03-21 13:56:33 +02:00
Elena Reshetova e86bae3550 Improving scriptlet related rpm plugin hooks.
Three new hooks added:
PLUGINHOOK_SCRIPTLET_PRE_FUNC
Called before scriptlet execution
PLUGINHOOK_SCRIPTLET_FORK_POST_FUNC
Called after fork() but before scriptlet execution
PLUGINHOOK_SCRIPTLET_POST_FUNC
Called after scriptlet execution

Currently pre and post hooks are called for externals and internal lua scripts.
post hook is called even if scriptlet execution has failed and
the return code is given as an argument.

fork_post hook is only called for external scriptlets,
because for internal scriptlets no fork() is currently performed.

Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
2012-11-29 17:00:04 +02:00
Panu Matilainen 5d21b942fa Revert "Improving script related rpm plugin hooks."
- This version of the patch was not intended to be pushed, a stupid
  Monday accident...

This reverts commit d1d050a073.
2012-11-26 13:54:03 +02:00
Elena Reshetova d1d050a073 Improving script related rpm plugin hooks.
Two new hooks added:
PLUGINHOOK_SCRIPT_PRE_FUNC
Called before script execution
PLUGINHOOK_SCRIPT_POST_FUNC
Called after script execution

Both hooks are called for externals and internal lua scripts.
POST hook is called even if script execution has failed and
the return code is given as an argument.

Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
2012-11-23 07:36:24 +02:00
Elena Reshetova 551603470f Extending rpm plugin interface, part 1
This change adds a new type of the rpm plugin, called transaction plugin
and a set of initial hooks for this plugin. The hooks are:

PLUGINHOOK_TSM_PRE
    Pre-transaction hook that is called before an rpm transaction begins
PLUGINHOOK_TSM_POST
    Post-transaction hook that is called after an rpm transaction ends
PLUGINHOOK_PSM_PRE
    Pre-transaction-element hook that is called before an rpm
    transaction-element is processed
PLUGINHOOK_PSM_POST
    Post-transaction-element hook that is called after an rpm
    transaction-element is processed
PLUGINHOOK_SCRIPT_SETUP
    Per-script hook that is called once for each rpm mainainers script
    that is present in the package

Each hook is called for every plugin that have this hook registered.
The avaliable transaction plugins can be specified in macros.in via
transaction_plugins element.

Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
2012-11-08 12:09:03 +02:00
Panu Matilainen 60745080a3 Actually remember scriptlet flags in the rpmScript struct
- Currently doesn't make any difference but since we actually
  have a flags member in the struct, might as well use it. Also
  we'll shortly be needing these during the actual execution too.
2011-09-12 13:02:13 +03:00
Panu Matilainen 5b9681afee Rename scriptlet flags from RPMSCRIPT_FOO to RPMSCRIPT_FLAG_FOO
- No functional changes (and this is still internal-only API),
  just making more obvious what they are and clearing the
  RPMSCRIPT_FOO namespace for possible future use for the scriptlet
  types themselves.
2011-09-12 12:57:23 +03:00
Panu Matilainen 0b57571990 Make rpmScript opaque
- Add accessor for fetching the script tag, the final piece that
  psm needs (and will continue to do so) from script internals.
  This allows the script type to become opaque for real.
2011-09-02 12:56:55 +03:00
Panu Matilainen ecaf972db0 Add an API for creating real rpmScript items out of triggers, use it
- Bury rpmScriptNew() into being internal helper in rpmscript -
  triggers and other scripts differ quite a bit in how their data
  is laid out in the header, especially args need "special attention".
- Besides cleaning up things in the psm side, this technically makes
  trigger scripts runnable without having a header at hand. Of course
  currently trigger scripts are currently created and destroyed
  on the spot from headers so this is of academic interest...
2011-09-02 12:51:04 +03:00
Panu Matilainen 49089b2649 First step towards unifying triggers into rpmScript API
- Add a lower level script creation function to deal with the
  body expansions and such, use it for triggers as well.
- This is still fairly ugly but its something that can be reasonably
  backported to 4.9.x which needs this too, as currently triggers
  are forgetting to set script->descr, causing "(null) failure" messages
  on glibc and on others, in would just crash on trigger failure
  and/or in debug verbosity level.
2011-09-02 10:57:17 +03:00
Panu Matilainen 2a60e63cf0 Fix a logic error leading to unlink(NULL) call, oops.
- If writing the scriptlet to a file fails, its possible to
  end up with non-NULL script but with NULL fn and kaboom in unlink()
2011-05-30 15:54:16 +03:00
Panu Matilainen ecd49023ba Eliminate dead NULL-assignment on lua scriptlet execution
- alloc the luavar on entry, free on exit to remove any abuse
  possibilities
2011-05-30 11:22:30 +03:00
Panu Matilainen 9f72c7f2cd Eliminate dead NULL-assignments at scope-end in librpm, part III
- Remove NULL-assignments of local variables at the end of scope
  from the low-level helper machinery: fsm, psm, rpmscript and rpmrc
2011-05-28 22:26:39 +03:00
Panu Matilainen 5c97ff7d90 Use good ol' fork() + waitpid() for running scriptlets
- We have no need for anything fancier, this makes 80% of the
  overly complex & subtle semi-threaded and in places just broken
  code in rpmsq.[ch] unused and unnecessary.
2011-05-03 10:54:42 +03:00
Panu Matilainen 7ea4fcd87f Give at least some indication of error from fchdir() failures
- Failure to return to current dir is likely to be lethal, at least
  log an error and return a different code for it.
2011-04-19 13:21:36 +03:00
Panu Matilainen b2abe49578 Use rpmsqFork() return code instead of semi-private struct member for pid
- rpmsqFork() behaves like regular fork() in this regard so this
  just makes the code more obvious and eliminates an set-but-unused
  warning while at it.
2011-04-19 13:09:53 +03:00
Panu Matilainen 6e731e2832 Fclose() and unlink() errors aren't fatal here, just ignore 2011-04-19 13:04:28 +03:00
Panu Matilainen 6f75f9e764 Catch write errors when generating scriptlet temporary files
- If the write fails scripts are likely to fail anyway, but executing
  partial scriptlets (unlikely as that might be) could have funny
  side-effects besides just failing.
- Also cleans up runExtScript() a little bit by moving the
  tmp file creation to a separate function.
2011-04-19 13:02:51 +03:00
Panu Matilainen fbdfe8e5bf Add an error message + comments on open(".") behavior (RhBug:672576)
- Bail out early and complain if current directory can't be open()'ed,
  as we'll need it for reliable cwd restoration after running Lua
  scripts.
- Technically we'd only need open(".") succeeding for chroot operations
  and running Lua-scripts, but there's no easy way to determine whether
  a transaction will run Lua-scripts. They could be in-db triggers
  which will only be evaluated in the middle of transaction, better
  to fail early for consistent behavior.
2011-01-28 13:19:53 +02:00
Panu Matilainen b270b38a70 Only force default umask during transaction (RhBug:494440)
- For rpm itself forging global umask on init is kinda convenient, but can
  be troublesome for API users. This is especially bad in python bindings
  where just importing the rpm module silently changes process umask with
  no good reason.
- Instead of global setting on init, only change the umask to 022 default
  for the duration of rpmtsRun() where it's necessary for consistent
  transaction results on implicitly created directories and files created
  by scriptlets. This way we dont affect callers and provide better
  "protection" for ourselves too - we don't know if API users change
  umask again behind our back if we just set it on initialization.
- To make matters more fun, Lua scripts can change our umask. Save
  and restore umask when running Lua scriptlets.
2010-11-18 12:50:55 +02:00
Panu Matilainen 4171b24699 Switch psm and rpmscript to use rpmTagVal where appropriate
- There are a few true rpmTag uses though, leaving them as they are...
2010-10-22 11:39:53 +03:00
Panu Matilainen bcdb82d60e Eliminate silly cast 2010-10-22 09:36:29 +03:00
Panu Matilainen 614c52090b Eliminate rpmts from the scriptlet machinery
- pass scriptFd and selinux enabled status as arguments from psm level
- selinux status could be queried directly with is_selinux_enabled()
  but that's a fairly expensive call which does all sorts of funny
  things and probably doesn't work at all in the average chroot
- Lua-scripts dont currently honor scriptFd and have no use for selinux
  but pass the info there too as an early step towards supporting
  scriptFd with Lua
- makes rpmScriptRun() even more of an argument monster, some of this
  should probably go into rpmScript struct...
2010-05-26 11:36:43 +03:00
Panu Matilainen c9f74ddd0a Simplify chroot handling wrt scriptlets
- switch root if necessary on entry and exit to psm already, nothing
  inside the psm needs access to outside chroot
- eliminate chroot handling from scriptlet machinery, dealing with
  chroot is a job for higher levels
- Lua scriptlets can change our cwd, always ensure we return to previous
  cwd after executing by saving and restoring the cwd
2010-05-26 10:15:06 +03:00
Panu Matilainen 2c54c6abbf Move scriptlet statistics collection (back) inside psm
- removes one rpmts dependency from scriptlets
2010-05-25 15:38:15 +03:00
Panu Matilainen b5118bad05 Not all scriptlets have bodies (eg -p /sbin/ldconfig), dont expand NULLs 2010-03-11 13:39:13 +02:00
Panu Matilainen d370816ba5 Support run-time macro and queryformat expansion on scriptlets
- Add per-scriptlet type flag tags to control special behavior.
- Add rpmlib dependency on scriptlet expansion - if a package relies
  on scriptlet expansion it cannot be correctly installed with
  a version of rpm that doesn't support it.
- Expansion is always an opt-in behavior, enabled with -q and/or -e argument
  in spec. We can't just blindly expand even macros as there's no telling
  %{} constructs might mean in whatever language is used for the script.
- Queryformat expansion requires great care with strange and ugly escapes
  when writing scriptlets, but OTOH it permits access arbitrary header
  data at runtime, which has previously been completely impossible.
- The handling of these expansions needs unifying for all scriptlet types,
  the trigger scriptlet handling is uuugly. Macro expansion could be
  transparently done from rpmScriptRun(), but because of their similar
  syntax, macro expansion needs to happen before query format expansion,
  and we dont have the header available in rpmScriptrun()
2010-03-11 12:06:49 +02:00
Panu Matilainen 98fcb7566d First rough-cut version of scriptlet abstraction
- Split the low-level scriptlet machinery out of psm
- New struct to hold the necessary information about scriptlets so
  we can execute them without having a header at hand.
- Trigger handling is hackish and needs more love...
2010-02-25 10:58:51 +02:00