If /etc/passwd contains multiple users with UID 0 then user_with_uid0 will
contain a line feed which results in config.h containing:
#define UID_0_USER "root
(i.e. without a closing quote.)
The same problem occurs with /etc/group.
Let's only emit the first match in each case so that there is only ever a
single result.
If syncfs() is available (ie on Linux), only sync modified filesystems.
In order to do this, keep the diskspace information around throughout
the transaction.
Skip the sync entirely on chroot installations for now, but this
too should be configurable (always/auto/never or so).
There's a bit of a chicken-egg problem with post-transaction plugins:
for example systemd_inhibit should only be released after syncing,
but OTOH some other plugins might be performing actions whose results
should be syncing. Leaving it alone for now.
Simplifies things a bit and also makes "PYTHON=python3 ./configure" work,
whereas it previously barfed on figuring the library names like
"libpython3.6m"
v2 (Neal Gompa)
* Switch from RPM_CHECK_LIB to PKG_CHECK_MODULES
* Fix notation of file name in lmdb.c
* Remove MDB_FIXEDMAP flag to prevent portability issues
* Add comment that lmdb is an option for %_db_backend
Closes: #281Fixes: #128
glibc 2.25 introduced (really long and annoying) warnings for each use
of the major/minor macros from the wrong header:
lib/cpio.c: In function ‘rpmcpioHeaderWrite’:
lib/cpio.c:245:13: warning: In the GNU C Library, "major" is defined
by <sys/sysmacros.h>. For historical compatibility, it is
currently defined by <sys/types.h> as well, but we plan to
remove this soon. To use "major", include <sys/sysmacros.h>
directly. If you did not intend to use a system-defined macro
"major", you should undefine it after including <sys/types.h>.
dev = major(st->st_dev); SET_NUM_FIELD(hdr->devMajor, dev, field);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Adjust the configure check to correctly detect the header to include
that doesn't produce those warning producing macros.
Tested against RHEL7 (glibc 2.17) and Fedora 26 (glibc 2.25).
Signed-off-by: Mark Wielaard <mark@klomp.org>
Commit edd709e453 introduced a
dependency on ima-evm-utils >= 1.0, silently breaking build with
older versions that eg Fedora has. Explicitly test for sign_hash()
that takes all the necessary arguments and error out cleanly if
not present/too old.
Older versions of glibc included an fts implementation that didn't have
Large File Support on 32-bit systems. We worked that around by bundling
fts into rpm codebase. Thanks to Mark Wielaard, glibc >= 2.23 has LFS
support in fts.
Unfortunately, we can't drop bundled fts because we have to support
build with other libcs which do not implement fts at all or their
implementations do not provide Large File Support.
Signed-off-by: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
[pmatilai: Added comment to configure.ac as the test is rather subtle,
thanks for Mark Wielaard for the explanation]
debugedit --base to --dest rewriting of debug source file paths only
supported dest paths that were smaller or equal than the base path
(and the size should differ more than 1 character for correct debug lines).
All paths were changed "in place". Which could in theory mess up debug str
sharing.
This rewrite supports base and dest strings of any size (some limitations,
see below). This is done by reconstructing the debug_str and debug_line
tables and updating the references in the debug_info attributes pointing
to these tables. Plus, if necessary (only for ET_REL kernel modules),
updating any relocations for the debug_info and debug_line sections.
This has the nice benefit of merging any duplicate strings in the
debug_str table which might resulting on slightly smaller files.
kernel modules are ET_REL files that often contain a lot of duplicate
strings.
The rewrite uses elfutils (either libebl or libdw) to reconstruct the
debug_str table. Since we are changing some section sizes now we cannot
just use mmap and rawdata to poke the values, but need to read in and
write out the changed sections. This does take a bit more memory because
we now also need to keep track of all string/line references.
There are still some limitations (already in the original debugedit)
not fixed by this rewrite:
- DW_AT_comp_dir in .debug_info using DW_FORM_string can not be made
larger. We only warn about that now instead of failing. The only
producer of DW_FORM_string comp_dirs is binutils gas. It seems simpler
to fix gas than to try to support resizing the debug_info section.
- A DW_AT_name on a DW_TAG_compile_unit is only rewritten for DW_FORM_strp
not for DW_FORM_string. Probably no problem in practice since this
wasn't supported originally either.
- The debug_line program isn't scanned for DW_LNE_define_file which
could in theory define an absolute path that might need rewriting.
Again probably not a problem because this wasn't supported before
and there are no know producers for this construct.
To support the upcoming DWARFv5 in gcc 7 (not on by default), we will
need to add support for the new debug_line format and scan the new
debug_macro section that can have references to the debug_str table.
Signed-off-by: Mark Wielaard <mark@klomp.org>
Autotools: add --with-crypto=openssl
This enables RPM to locate the appropriate flags for compiling
against OpenSSL for digest and hash functions.
This implementation changes the old behavior of
--with[out]-beecrypt toggling between beecrypt and nss. It will
now throw an error if attempting to use --with-beecrypt
indicating that the user should instead use --with-crypto=
See also:
https://github.com/rpm-software-management/rpm/issues/119
Trying to include AM_CFLAGS through a configure generated rpm.am file
doesn't really work because at the time automake runs configure doesn't
exist yet to process rpm.am.in. Just define the AM_CFLAGS substitution
inside the Makefile.am files themselves.
Rename rpm.am.in back to rpm.am.
Signed-off-by: Mark Wielaard <mjw@redhat.com>
CFLAGS is a user variable that software is supposed to honor but not
touch, that's what AM_CFLAGS and friends are for. rpm.am is
included by all our makefiles so that's a handy place to set defaults
centrally, do so by AC_SUBST'ing the rpm cflags into AM_CFLAGS there.
Commit c810a0aca3 changed the gcc flag
test to include a call to alloca() which at least on GCC 6.2 just
causes all the tests to fail with implicit declaration warnings
which are errors since we test with -Werror. Include <alloca.h>
to avoid the warnings and thus make the test functional again.
For a number of years, various Linux distributions (notably Fedora and
RHEL) have been overriding this to set it to use gnupg2, with no ill
effects. Now that most distributions are switching to gnupg2 by default,
we will, too.
If a used toolchain accepts the `-fstack-protector` option but does not
provide a stack smashing protector implementation (ex. libssp), linking
will fail:
.libs/rpmio.o: In function `Fdescr':
rpmio.c:(.text+0x672): undefined reference to `__stack_chk_fail_local'
.libs/rpmio.o: In function `Fdopen':
rpmio.c:(.text+0xce9): undefined reference to `__stack_chk_fail_local'
.libs/rpmio.o: In function `ufdCopy':
rpmio.c:(.text+0x10f7): undefined reference to `__stack_chk_fail_local'
...
This is a result of testing for `-fstack-protector` support using a main
that GCC does not inject guards. GCC's manual notes that stack protector
code is only added when "[functions] that call alloca, and functions
with buffers larger than 8 bytes" [1]. This commit adjusts the stack
protector check to allocate memory on the stack (via `alloca`).
[1]: https://gcc.gnu.org/onlinedocs/gcc-4.4.2/gcc/Optimize-Options.html
Signed-off-by: James Knight <james.knight@rockwellcollins.com>
The logic that tests whether gcc supports or not certain flags uses
AC_COMPILE_IFELSE(). However, when checking for stack smashing
protection support, an AC_LINK_IFELSE() test is needed, since the
build might work but not the link stage if certain libraries are
missing for proper stack smashing protection support.
Therefore, this commit switches to use AC_LINK_IFELSE().
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: James Knight <james.d.knight@live.com>
commit a82119 "configure.ac: use LIBDW always conditionally" contained
a typo that caused WITH_LIBDW_LIB never to be set when you were using
libelf. Fixed by reverting the "!=" to "=" again.
Signed-off-by: Mark Wielaard <mjw@redhat.com>
This patch moves the main ELF file build-id symlinks from the
debuginfo package into the main package. And uses different
base directories for the main ELF file build-id symlink.
For the main build-id use /usr/lib/.build-id and for the debug
build-id use /usr/lib/debug/.build-id.
There are two reasons for doing this. The main package and the
debuginfo package might get out of sync, or the debuginfo package
might not be installed at all. In which case finding the main ELF
file through the build-id symlink becomes impossible. Secondly by
moving the main ELF build-id symlink in its own directory the
/usr/lib/debug directory gets populated with only debuginfo files
which is convenient if the user might want to have that directory
populated through a network mountpoint.
To support the new logic the symlink code has been moved from
find-debuginfo.sh to build/files.c.
This also includes support for a new config %_build_id_links that
defaults to compat. The other settings are none, alldebug (the old
style) and separate. compat is like separate, but adds a compatibility
link under /usr/lib/debug/.build-id for the main build-id symlink.
There are several new testcases added to test the various settings
using the new keyword "buildid".
Signed-off-by: Mark Wielaard <mjw@redhat.com>
configure.ac implies that there is a fall back to the internal db if
no external one is specified or found. But that doesn't work since
with_external_db defaults to no when not --with[out]-external-db isn't
given. Fix that by defaulting to "maybe" and then after the check for an
internal db fails fall back to the external db.h if available.
This keeps the current behavior of defaulting to --without-external-db (no)
if nothing is specified, but falls back to trying with the external one if
there is no in tree internal db. Giving an explicit --with-external-db or
--without-external-db doesn't change and produces an error if no external
or no internal db is found.
This patch adds a config option to build with libimaevm which is needed
for file signing.
Changelog:
- Add AM_CONDITIONAL WITH_IMAEVM
Signed-off-by: Lubos Kardos <lkardos@redhat.com>
This function was factored out from rpm_execcon() upstream to make it
easier to use by its users, by making it not call execve() directly. It
is now also used by dpkg since 1.17.11.
Preserve the ad-hoc code for now so that it can be compiled against old
libselinux versions.
- This adds brutally simple utf-8 validation to spec parse & package
construction: all string-class tags in headers are checked regardless
of other tag semantics.
- Parse-time validation is optional via RPMSPEC_NOUTF8
flag, but package construction time is required as we want to
stomp RPMTAG_ENCODING to all packages that pass. What is always
optional is whether non-valid utf-8 strings fail the build, defaulting
to off (but distros probably want to enable it)
- Note we dont give a damn about the spec itself, only what ends up in
packages: strings can come from numerous other sources than spec
directly, and OTOH who cares if eg spec comments are non-utf?
- We'll need this to access any HWCAP_* bits for platforms that need it,
regardless of whether getauxval() is present or not. On glibc
systems this is likely to be equivalent, on others dunno (Solaris
appears to have sys/auxv.h header as well)
- The basic concept is not without merit but what was implemented here
has been stuck in experimental state in middle of two sorta conflicting
goals for four years now, and world has moved onward in the meanwhile.
The sepolicy part is better handled in the new selinux plugin, and other
action business belongs to packages (in the form of some trigger-like
scripts or such) rather than rpm plugins.
- Deleted here, but the sepolicy plugin functionality still needs
merging into the new selinux plugin...
- RPMTAG_COLLECTIONS left in place but tagged unimplemented as per policy
to never actually remove tags
This is needed as the new payload format for large files is not compatible with
rpm2cpio which basically just dumps the payload which happened to be cpio.
Use configure parameter --without-archive to not build this tool and get rid of the libarchive requirement.
glibc >= 2.16 provides getauxval(): a reliable way to retrieve a value
from the auxiliary vector. It doesn't rely on /proc filesystem.
Let's switch to it and get rid of /proc dependency.
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
- The mergesort() implementation we've carried all this time (even if
not compiled in when glibc is used) is one with the nasty BSD
advertisement clause, ugh. Better remove it late than never,
but let systems having mergesort() in their system libraries
(such as OSX) use it instead of qsort().
Mike Crowe