libvirt/virt-create-rootfs.patch
James Fehlig 1c1fa4f3a7 Accepting request 966486 from home:jfehlig:branches:Virtualization
- Update to libvirt 8.2.0
  - CVE-2022-0897
  - Many incremental improvements and bug fixes, see
    https://libvirt.org/news.html#v8-2-0-2022-04-01
  - Dropped patches:
    823a62ec-qemu-fix-undefine-crash.patch

OBS-URL: https://build.opensuse.org/request/show/966486
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=927
2022-04-01 22:35:43 +00:00

360 lines
9.3 KiB
Diff

Index: libvirt-8.2.0/tools/virt-create-rootfs
===================================================================
--- /dev/null
+++ libvirt-8.2.0/tools/virt-create-rootfs
@@ -0,0 +1,236 @@
+#!/bin/sh
+set -e
+
+function fail
+{
+ echo $1
+ exit 1
+}
+
+function print_help
+{
+cat << EOF
+virt-create-rootfs --root /path/to/rootfs [ARGS]
+
+Create a new root file system to use for distribution containers.
+
+ARGUMENTS
+
+ -h, --help print this help and exit
+ -r, --root path where to create the root FS
+ -d, --distro distribution to install
+ -a, --arch target architecture
+ -u, --url URL of the registration server
+ -c, --regcode registration code for the product
+ --dry-run don't actually run it
+EOF
+}
+
+ARCH=$(uname -i)
+ROOT=
+DISTRO=
+URL=
+REG_CODE=
+DRY_RUN=
+
+while test $# -gt 0
+do
+ case $1 in
+
+ -h | --help)
+ # usage and help
+ print_help
+ ;;
+
+ -r | --root)
+ if test $# -lt 2; then
+ fail "$1 needs a value"
+ fi
+ ROOT="$2"
+ shift
+ ;;
+
+ -a | --arch)
+ if test $# -lt 2; then
+ fail "$1 needs a value"
+ fi
+ case "$2" in
+ i586 | x86_64)
+ ARCH=$2
+ shift
+ ;;
+ *)
+ fail "$1 valid values are 'i586', 'x86_64'"
+ esac
+ # Sanity checks for the arch
+ HOST_ARCH=$(uname -i)
+ case "$HOST_ARCH" in
+ i?86)
+ if test $ARCH = "x86_64"; then
+ fail "Host won't run x86_64 container"
+ fi
+ ;;
+ esac
+ ;;
+
+ -u | --url)
+ if test $# -lt 2; then
+ fail "$1 needs a value"
+ fi
+ URL="$2"
+ shift
+ ;;
+
+ -d | --distro)
+ if test $# -lt 2; then
+ fail "$1 needs a value"
+ fi
+ case "$2" in
+ SLED-* | SLES-* | openSUSE-*)
+ DISTRO=$2
+ shift
+ ;;
+ *)
+ fail "$1 valid values are 'SLED-*', 'SLES-*', 'openSUSE-*'"
+ esac
+ ;;
+
+ -c | --regcode)
+ if test $# -lt 2; then
+ fail "$1 needs a value"
+ fi
+ REG_CODE=$2
+ shift
+ ;;
+
+ --dry-run)
+ DRY_RUN="yes"
+ ;;
+
+ *)
+ fail "Unknown option: $1"
+ ;;
+ esac
+
+ shift
+done
+
+if test -z "$ROOT"; then
+ fail "--root argument need to be provided"
+fi
+
+RUN=
+if test "$DRY_RUN" = "yes"; then
+ RUN="echo"
+fi
+
+function call_zypper
+{
+ $RUN zypper --root "$ROOT" $*
+}
+
+function install_sle
+{
+ PRODUCT="$1"
+ TARGET_VERSION="$2"
+
+ case "$TARGET_VERSION" in
+ 12.0)
+ # Transform into zypper internal version scheme
+ TARGET_VERSION="12"
+ ;;
+ 15.0)
+ TARGET_VERSION="15"
+ ;;
+ 12.*|15.*)
+ ;;
+ *)
+ fail "Unhandled SLE version: $TARGET_VERSION"
+ ;;
+ esac
+
+ # Depending on the distro we run, we may have some preliminary things to do
+ . /etc/os-release
+ case "$VERSION_ID" in
+ 15*)
+ # on SLE 15 we need to symlink the two path to the RPM DB or the GPG
+ # key won't be found.
+ mkdir -p "$ROOT/usr/lib/sysimage/rpm"
+ mkdir -p "$ROOT/var/lib"
+ ln -s ../../usr/lib/sysimage/rpm "$ROOT/var/lib"
+ ;;
+ esac
+
+ # First copy the SUSE GPG keys from the host to the new root
+ rpm -qa gpg-pubkey\* --qf "%{name}-%{version}-%{release}: %{summary}\n" | \
+ grep 'gpg(SuSE Package Signing Key <build@suse.de>)' | \
+ while read -r line; do
+ key=$(echo $line | cut -d ':' -f 1)
+ tmpkey=$(mktemp)
+ rpm -qi $key | sed -n '/BEGIN/,/END/p' > "$tmpkey"
+ rpm --root "$ROOT" --import "$tmpkey"
+ rm "$tmpkey"
+ done
+
+ # SUSE Connect adds the repositories, and refreshes them,
+ # but requires the GPG key to be already imported
+ CONNECT_ARGS=
+ if test -n "$REG_CODE"; then
+ CONNECT_ARGS="$CONNECT_ARGS -r $REG_CODE"
+ fi
+ if test -n "$URL"; then
+ CONNECT_ARGS="$CONNECT_ARGS --url $URL"
+ fi
+
+ PATTERN=Minimal
+ case "$TARGET_VERSION" in
+ 12*)
+ $RUN SUSEConnect -p "$PRODUCT/$TARGET_VERSION/$ARCH" --root "$ROOT" $CONNECT_ARGS
+ ;;
+ 15*)
+ # Due to SLE 15 modules we need to add the product first, let it fail,
+ # add the basesystem
+ set +e
+ $RUN SUSEConnect -p "$PRODUCT/$TARGET_VERSION/$ARCH" --root "$ROOT" $CONNECT_ARGS
+ set -e
+ $RUN SUSEConnect -p "sle-module-basesystem/$TARGET_VERSION/$ARCH" --root "$ROOT" $CONNECT_ARGS
+ PATTERN=base
+ ;;
+ esac
+
+ # Then we install what we need
+ call_zypper -n in --auto-agree-with-licenses -t pattern $PATTERN
+
+ # Create the baseproduct symlink if missing
+ if ! test -e "$ROOT/etc/products.d/baseproduct"; then
+ ln -s $PRODUCT.prod "$ROOT/etc/products.d/baseproduct"
+ fi
+}
+
+case "$DISTRO" in
+ SLED-*)
+ install_sle "SLED" "${DISTRO:5}"
+ ;;
+ SLED-* | SLES-*)
+ install_sle "SLES" "${DISTRO:5}"
+ ;;
+
+ openSUSE-*)
+ TARGET_VERSION=${DISTRO:9}
+ if test $TARGET_VERSION = "tumbleweed"; then
+ REPO="http://download.opensuse.org/tumbleweed/repo/oss/"
+ call_zypper ar "$REPO" "openSUSE"
+ else
+ REPO="http://download.opensuse.org/distribution/leap/$TARGET_VERSION/repo/oss/"
+ UPDATE_REPO="http://download.opensuse.org/update/leap/$TARGET_VERSION/oss/"
+ call_zypper ar "$REPO" "openSUSE"
+ call_zypper ar "$UPDATE_REPO" "openSUSE-udpate"
+ fi
+ call_zypper in --no-recommends -t pattern base
+ ;;
+esac
+
+if test "$DRY_RUN" != "yes"; then
+ echo "pts/0" >> "$ROOT/etc/securetty"
+ chroot "$ROOT" /usr/bin/passwd
+fi
Index: libvirt-8.2.0/docs/manpages/virt-create-rootfs.rst
===================================================================
--- /dev/null
+++ libvirt-8.2.0/docs/manpages/virt-create-rootfs.rst
@@ -0,0 +1,88 @@
+==================
+virt-create-rootfs
+==================
+
+---------------------------------------------------------
+A tool to create a root file system for distro containers
+---------------------------------------------------------
+
+:Manual section: 1
+:Manual group: Virtualization Support
+
+.. contents::
+
+SYNOPSIS
+========
+
+
+``virt-create-rootfs`` [*OPTION*]
+
+
+DESCRIPTION
+===========
+
+The ``virt-create-rootfs`` program is a shell script setting up a root file
+system for a distribution container.
+
+The basic structure of most virt-create-rootfs usage is:
+
+ ``virt-create-rootfs`` -r /path/to/root -d distro-name
+
+
+OPTIONS
+=======
+
+``-h``, ``--help``
+
+Display command line help usage then exit.
+
+``-r``, ``--root``
+
+Set the path where to create the new root file system.
+
+``-d``, ``--distro``
+
+Set the name of distribution to use for the root file system.
+
+As of now, only SLED-<XXX>, SLES-<XXX> and openSUSE-<XXX> are implemented
+where <XXX> is the version number. Examples are openSUSE-15.3, openSUSE-tumbleweed,
+and SLES-15.3. Note that SUSEConnect is required to handle SLE distributions.
+
+``-a``, ``--arch``
+
+Set the target architecture of the root file system to either i586 or x86_64.
+
+``-c``, ``--regcode``
+
+Set the registration code for the product to install in the root file system.
+For SLE distributions, use a registration code from SUSE Customer Center.
+
+``-u``, ``--url``
+
+For SLE distributions, set the registration server to use.
+Default: http://scc.suse.com.
+
+``--dry-run``
+
+Don't do anything, just report what would be done.
+
+
+COPYRIGHT
+=========
+
+Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+
+
+LICENSE
+=======
+
+``virt-create-rootfs`` is distributed under the terms of the GNU LGPL v2+.
+This is free software; see the source for copying conditions. There
+is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
+PURPOSE
+
+
+SEE ALSO
+========
+
+virsh(1), `https://libvirt.org/ <https://libvirt.org/>`_
Index: libvirt-8.2.0/docs/manpages/meson.build
===================================================================
--- libvirt-8.2.0.orig/docs/manpages/meson.build
+++ libvirt-8.2.0/docs/manpages/meson.build
@@ -20,6 +20,7 @@ docs_man_files = [
{ 'name': 'virt-pki-validate', 'section': '1', 'install': true },
{ 'name': 'virt-qemu-run', 'section': '1', 'install': conf.has('WITH_QEMU') },
{ 'name': 'virt-xml-validate', 'section': '1', 'install': true },
+ { 'name': 'virt-create-rootfs', 'section': '1', 'install': true },
{ 'name': 'libvirt-guests', 'section': '8', 'install': conf.has('WITH_LIBVIRTD') },
{ 'name': 'libvirtd', 'section': '8', 'install': conf.has('WITH_LIBVIRTD') },
Index: libvirt-8.2.0/tools/meson.build
===================================================================
--- libvirt-8.2.0.orig/tools/meson.build
+++ libvirt-8.2.0/tools/meson.build
@@ -154,6 +154,8 @@ else
virsh_icon_res = []
endif
+install_data('virt-create-rootfs', install_dir: bindir, install_mode: 'rwxr-xr-x',)
+
executable(
'virsh',
[