Sync from SUSE:SLFO:Main libpulp revision 094bc15210169175d602c39ce0fc806c

This commit is contained in:
Adrian Schröter 2024-12-11 15:11:23 +01:00
parent 1931f603d7
commit 21e78f7276
6 changed files with 141 additions and 12 deletions

BIN
libpulp-0.3.7.tar.gz (Stored with Git LFS)

Binary file not shown.

View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Sat Dec 7 00:59:13 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com>
- Add timestamps on each message.
-------------------------------------------------------------------
Wed Dec 4 18:58:38 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com>
- Update rpm-helper script for SLE Micro (bsc#1228879).
- Update macros.userspace-livepatch for SLE Micro (bsc#1228879).
- Guard macros behind sle_version >= 1600.
-------------------------------------------------------------------
Thu Nov 14 01:15:15 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com>
- Add SELinux policy for /var/livepatches (bsc#1228879).
- Update rpm-helper script for SLE Micro.
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Oct 18 19:24:22 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com> Fri Oct 18 19:24:22 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com>

View File

@ -26,6 +26,7 @@ URL: https://github.com/suse/libpulp
Source0: %{name}-%{version}.tar.gz Source0: %{name}-%{version}.tar.gz
Source1: rpm-helper Source1: rpm-helper
Source2: macros.userspace-livepatch Source2: macros.userspace-livepatch
Source3: selinux-ulp.conf
Source99: libpulp.rpmlintrc Source99: libpulp.rpmlintrc
# Required to hardlink identical files. # Required to hardlink identical files.
BuildRequires: fdupes BuildRequires: fdupes
@ -83,6 +84,10 @@ This package contains the tools to apply user-space live patches.
%make_install %make_install
install -D -m0755 %{SOURCE1} %{buildroot}%{_prefix}/lib/userspace-livepatch/rpm-helper install -D -m0755 %{SOURCE1} %{buildroot}%{_prefix}/lib/userspace-livepatch/rpm-helper
install -D -m0644 %{SOURCE2} %{buildroot}%{_prefix}/lib/rpm/macros.d/macros.userspace-livepatch install -D -m0644 %{SOURCE2} %{buildroot}%{_prefix}/lib/rpm/macros.d/macros.userspace-livepatch
install -D -m0644 %{SOURCE3} %{buildroot}%{_prefix}/etc/tukit.conf.d/selinux-ulp.conf
# Create /var/livepatches
mkdir -p %{buildroot}/var/livepatches/
# Convert identical files into hardlinks. # Convert identical files into hardlinks.
%fdupes %{buildroot}/%{_prefix} %fdupes %{buildroot}/%{_prefix}
@ -92,6 +97,24 @@ install -D -m0644 %{SOURCE2} %{buildroot}%{_prefix}/lib/rpm/macros.d/macros.user
find %{buildroot}/%{_prefix} -name libpulp.la -delete find %{buildroot}/%{_prefix} -name libpulp.la -delete
find %{buildroot}/%{_prefix} -name libpulp.so -delete find %{buildroot}/%{_prefix} -name libpulp.so -delete
%post -n libpulp-tools
%define ld_so_conf /etc/ld.so.conf
%define addline include /var/livepatches/ld.so.conf
# There are special logic needed in sle-micro onwards.
%if 0%{?suse_version} >= 1600
# Add instance of /var/livepatches if it doesn't already exist.
grep -qxF '%{addline}' %{ld_so_conf} || echo '%{addline}' >> %{ld_so_conf}
%postun -n libpulp-tools
if [ "$1" == "0" ]; then
# Delete all instances of libpulp in the ld_so_conf.
sed -i '\#%{addline}#d' %{ld_so_conf}
fi
%endif
%post -n libpulp0 -p /sbin/ldconfig %post -n libpulp0 -p /sbin/ldconfig
%postun -n libpulp0 -p /sbin/ldconfig %postun -n libpulp0 -p /sbin/ldconfig
@ -106,6 +129,10 @@ find %{buildroot}/%{_prefix} -name libpulp.so -delete
%dir %{_prefix}/lib/userspace-livepatch %dir %{_prefix}/lib/userspace-livepatch
%{_prefix}/lib/userspace-livepatch/* %{_prefix}/lib/userspace-livepatch/*
%{_prefix}/lib/rpm/* %{_prefix}/lib/rpm/*
%{_prefix}/etc/tukit.conf.d/selinux-ulp.conf
%{_prefix}/etc/tukit.conf.d
%{_prefix}/etc
/var/livepatches
%license LICENSE %license LICENSE
%changelog %changelog

View File

@ -7,3 +7,27 @@ echo "Executing ulp_post_hook(). About to execute rpm-helper..." \
/bin/bash /usr/lib/userspace-livepatch/rpm-helper install "%1" "%2" "%3" $1 \ /bin/bash /usr/lib/userspace-livepatch/rpm-helper install "%1" "%2" "%3" $1 \
echo "Done executing rpm-helper." \ echo "Done executing rpm-helper." \
%{nil} %{nil}
# Hook for %post used by livepatch packages move the system libraries to the
# current snapshot for sle-micro.
#
# The parameters are <package_name> <livepatch_version> <files_to_copy1> ...
%ulp_post_move_libs() \
%if 0%{?suse_version} >= 1600 \
echo "Executing ulp_post_move_libs()" \
/bin/bash /usr/lib/userspace-livepatch/rpm-helper movelibs "%1" "%2" "%3" $1 \
echo "Done executing ulp_post_move_libs()" \
%endif \
%{nil}
# Hook for %postun used by livepatch packages to remove the moved system
# libraries
#
# The parameters are <package_name> <livepatch_version>
%ulp_post_remove_libs() \
%if 0%{?suse_version} >= 1600 \
echo "Executing ulp_post_remove_libs()" \
/bin/bash /usr/lib/userspace-livepatch/rpm-helper removelibs "%1" "%2" "%3" $1 \
echo "Done executing ulp_post_remove_libs()" \
%endif \
%{nil}

View File

@ -45,14 +45,26 @@ do_install()
check_livepatching_env || return 0 check_livepatching_env || return 0
# Check if we are running a transactional update. If yes, set the root INSTALL_DIR="/usr/lib64/$PACKAGE/$VER"
# accordingly. TRIGGER_PATH="$INSTALL_DIR"
# Check if we are running a transactional update. If yes, then we need to
# move the livepatches to a better location.
if [ "$TRANSACTIONAL_UPDATE" = "true" ] && [ "x$TRANSACTIONAL_UPDATE_ROOT" != "x" ]; then if [ "$TRANSACTIONAL_UPDATE" = "true" ] && [ "x$TRANSACTIONAL_UPDATE_ROOT" != "x" ]; then
ROOT="-R $TRANSACTIONAL_UPDATE_ROOT" TRIGGER_PATH="/var/livepatches/$PACKAGE/$VER/lp"
# Create path if it doesn't already exist.
mkdir -p "$TRIGGER_PATH"
# Clean the path
rm -rf "$TRIGGER_PATH"
# Copy the patches to the location we have permission.
cp -rZ "$INSTALL_DIR" "$TRIGGER_PATH"
fi fi
ulp trigger $ROOT --recursive -r 100 --timeout 200 --revert-all=target \ ulp trigger --recursive -r 100 --timeout 200 --revert-all=target \
"/usr/lib64/$PACKAGE/$VER/*.so" "$TRIGGER_PATH/*.so"
echo "ulp trigger executed." echo "ulp trigger executed."
} }
@ -62,10 +74,56 @@ do_remove()
: # reserved for future use : # reserved for future use
} }
if test $# -ne 5; then # Execute this on sle-micro to move the new libraries to the current snapshot.
echo 'WARNING: Unexpected number of parameters. Are the live patch RPM scripts compatible with this rpm-helper?' >&2 do_movelibs()
fi {
if test -e /.buildenv; then
echo "Skipping move libs in buildroot"
return 0
fi
local ld_so_conf="/var/livepatches/ld.so.conf"
local addline="/var/livepatches/$PACKAGE/$VER/libs"
local line_pattern="/var/livepatches/$PACKAGE/.*/libs"
[[ -e $ld_so_conf ]] && sed -i "\#$line_pattern#d" $ld_so_conf
echo "$addline" >> $ld_so_conf
mkdir -p $addline
for i in $(seq 1 3); do
shift
done
for file in "$@"; do
[[ -e $file ]] && install -D -Z $file "$addline/$(basename $file)"
done
/sbin/ldconfig
}
# Execute this on sle-micro to move the new libraries to the current snapshot.
do_removelibs()
{
if test -e /.buildenv; then
echo "Skipping move libs in buildroot"
return 0
fi
local ld_so_conf="/var/livepatches/ld.so.conf"
local addline="/var/livepatches/$PACKAGE/$VER/libs"
local line_pattern="/var/livepatches/$PACKAGE/.*/libs"
# Remove the line of ld.so.conf
[[ -e $ld_so_conf ]] && sed -i "\#$line_pattern#d" $ld_so_conf
# Update ldconfig cache.
/sbin/ldconfig
# Delete copied libs.
rm -rf $addline
}
# Parse first argument (install or remove). # Parse first argument (install or remove).
cmd=$1 cmd=$1
@ -73,9 +131,10 @@ PACKAGE=$2
VER=$3 VER=$3
TARGET_LIB=$4 TARGET_LIB=$4
NUM_PACKAGES=${5-0} NUM_PACKAGES=${5-0}
case "$cmd" in case "$cmd" in
install|remove) install|remove|movelibs|removelibs)
do_$cmd do_$cmd "$@"
exit exit
;; ;;
*) *)

1
selinux-ulp.conf Normal file
View File

@ -0,0 +1 @@
BINDDIRS[ulp]=/var/livepatches