diff --git a/0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch b/0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch deleted file mode 100644 index 6bdb98f..0000000 --- a/0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch +++ /dev/null @@ -1,162 +0,0 @@ -From 50d7dc0102751808823640321ec1da5d34811978 Mon Sep 17 00:00:00 2001 -From: Jan Engelhardt -Date: Wed, 3 May 2023 00:48:14 +0200 -Subject: [PATCH 1/2] build: put -l specifiers into LIBADD, not LDFLAGS -References: https://github.com/vmware/open-vm-tools/pull/664 - -Linking order matters. -LDFLAGS is the *totally* *wrong* place for -l. -Replace by LDLIBS / xxx_LDADD / xxx_LIBADD. ---- - open-vm-tools/libDeployPkg/Makefile.am | 3 +-- - open-vm-tools/libappmonitor/Makefile.am | 6 ++---- - open-vm-tools/libguestStoreClient/Makefile.am | 2 +- - open-vm-tools/libguestlib/Makefile.am | 6 ++---- - open-vm-tools/libhgfs/Makefile.am | 2 +- - open-vm-tools/libvmtools/Makefile.am | 2 +- - open-vm-tools/services/plugins/containerInfo/Makefile.am | 6 +++--- - open-vm-tools/tests/testVmblock/Makefile.am | 4 ++-- - open-vm-tools/vgauth/lib/Makefile.am | 2 +- - 9 files changed, 14 insertions(+), 19 deletions(-) - -diff --git a/open-vm-tools/libDeployPkg/Makefile.am b/open-vm-tools/libDeployPkg/Makefile.am -index 15728126..5f080744 100644 ---- a/open-vm-tools/libDeployPkg/Makefile.am -+++ b/open-vm-tools/libDeployPkg/Makefile.am -@@ -36,10 +36,9 @@ libDeployPkg_la_SOURCES += processPosix.c - libDeployPkg_la_SOURCES += linuxDeploymentUtilities.c - libDeployPkg_la_SOURCES += linuxDeploymentUtilities.h - --libDeployPkg_la_LDFLAGS = - # We require GCC, so we're fine passing compiler-specific flags. - # Needed for OS's that don't link shared libraries against libc by default, e.g. FreeBSD --libDeployPkg_la_LDFLAGS += -Wl,-lc -+libDeployPkg_la_LIBADD += -lc - - libDeployPkg_includedir = $(includedir)/libDeployPkg - -diff --git a/open-vm-tools/libappmonitor/Makefile.am b/open-vm-tools/libappmonitor/Makefile.am -index 2681eb79..be6b6a30 100644 ---- a/open-vm-tools/libappmonitor/Makefile.am -+++ b/open-vm-tools/libappmonitor/Makefile.am -@@ -48,12 +48,10 @@ libappmonitor_la_SOURCES += $(libappmonitor_rpcchanneldir)/vsockChannel.c - libappmonitor_la_SOURCES += $(libappmonitor_rpcchanneldir)/simpleSocket.c - endif - --libappmonitor_la_LDFLAGS = --libappmonitor_la_LDFLAGS += -Wl,-ldl --libappmonitor_la_LDFLAGS += -Wl,-lrt -+libappmonitor_la_LIBADD += -ldl -lrt - # We require GCC, so we're fine passing compiler-specific flags. - # Needed for OS's that don't link shared libraries against libc by default, e.g. FreeBSD --libappmonitor_la_LDFLAGS += -Wl,-lc -+libappmonitor_la_LIBADD += -lc - - libappmonitor_includedir = $(includedir)/libappmonitor - -diff --git a/open-vm-tools/libguestStoreClient/Makefile.am b/open-vm-tools/libguestStoreClient/Makefile.am -index adf69309..2dee8e7b 100644 ---- a/open-vm-tools/libguestStoreClient/Makefile.am -+++ b/open-vm-tools/libguestStoreClient/Makefile.am -@@ -33,4 +33,4 @@ libguestStoreClient_la_LDFLAGS = - libguestStoreClient_la_LDFLAGS += -Wl,-z,defs - # Needed for OS's that don't link shared libraries against libc by - #default, e.g. FreeBSD --libguestStoreClient_la_LDFLAGS += -Wl,-lc -+libguestStoreClient_la_LIBADD += -lc -diff --git a/open-vm-tools/libguestlib/Makefile.am b/open-vm-tools/libguestlib/Makefile.am -index d2cfb80a..5175b442 100644 ---- a/open-vm-tools/libguestlib/Makefile.am -+++ b/open-vm-tools/libguestlib/Makefile.am -@@ -50,12 +50,10 @@ libguestlib_la_SOURCES += $(libguestlib_rpcchanneldir)/vsockChannel.c - libguestlib_la_SOURCES += $(libguestlib_rpcchanneldir)/simpleSocket.c - endif - --libguestlib_la_LDFLAGS = --libguestlib_la_LDFLAGS += -Wl,-ldl --libguestlib_la_LDFLAGS += -Wl,-lrt -+libguestlib_la_LIBADD += -ldl -lrt - # We require GCC, so we're fine passing compiler-specific flags. - # Needed for OS's that don't link shared libraries against libc by default, e.g. FreeBSD --libguestlib_la_LDFLAGS += -Wl,-lc -+libguestlib_la_LIBADD += -lc - - libguestlib_includedir = $(includedir)/vmGuestLib - -diff --git a/open-vm-tools/libhgfs/Makefile.am b/open-vm-tools/libhgfs/Makefile.am -index 76091452..c388da75 100644 ---- a/open-vm-tools/libhgfs/Makefile.am -+++ b/open-vm-tools/libhgfs/Makefile.am -@@ -41,5 +41,5 @@ libhgfs_la_LDFLAGS = - libhgfs_la_LDFLAGS += -Wl,-z,defs - # Needed for OS's that don't link shared libraries against libc by - #default, e.g. FreeBSD --libhgfs_la_LDFLAGS += -Wl,-lc -+libhgfs_la_LIBADD += -lc - -diff --git a/open-vm-tools/libvmtools/Makefile.am b/open-vm-tools/libvmtools/Makefile.am -index 6da97362..a2f9a241 100644 ---- a/open-vm-tools/libvmtools/Makefile.am -+++ b/open-vm-tools/libvmtools/Makefile.am -@@ -89,5 +89,5 @@ libvmtools_la_LDFLAGS = - libvmtools_la_LDFLAGS += -Wl,-z,defs - # Needed for OS's that don't link shared libraries against libc by - #default, e.g. FreeBSD --libvmtools_la_LDFLAGS += -Wl,-lc -+libvmtools_la_LIBADD += -lc - -diff --git a/open-vm-tools/services/plugins/containerInfo/Makefile.am b/open-vm-tools/services/plugins/containerInfo/Makefile.am -index 488e35aa..10b4dfae 100644 ---- a/open-vm-tools/services/plugins/containerInfo/Makefile.am -+++ b/open-vm-tools/services/plugins/containerInfo/Makefile.am -@@ -36,7 +36,7 @@ libcontainerInfo_la_SOURCES += containerInfoInt.h - libcontainerInfo_la_SOURCES += containerInfo.c - - libcontainerInfo_la_SOURCES += containerInfo_docker.c --libcontainerInfo_la_LDFLAGS += -lcurl -+libcontainerInfo_la_LIBADD += -lcurl - libcontainerInfo_la_CPPFLAGS += @CURL_CPPFLAGS@ - libcontainerInfo_la_LIBADD += ../../../lib/jsmn/libJsmn.la - -@@ -61,8 +61,8 @@ libcontainerInfo_la_SOURCES += containers.grpc.pb.cc - libcontainerInfo_la_SOURCES += containerInfo_grpc.cc - - libcontainerInfo_la_CPPFLAGS += @GRPC_CPPFLAGS@ --libcontainerInfo_la_LDFLAGS += -lprotobuf --libcontainerInfo_la_LDFLAGS += -lgrpc++ -+libcontainerInfo_la_LIBADD += -lprotobuf -+libcontainerInfo_la_LIBADD += -lgrpc++ - - tasks.grpc.pb.cc containers.grpc.pb.cc: %.grpc.pb.cc : %.proto %.pb.cc - $(PROTOC) -I. -I$(GOGO_PROTOPATH) \ -diff --git a/open-vm-tools/tests/testVmblock/Makefile.am b/open-vm-tools/tests/testVmblock/Makefile.am -index 1fd469d5..ae6c79fe 100644 ---- a/open-vm-tools/tests/testVmblock/Makefile.am -+++ b/open-vm-tools/tests/testVmblock/Makefile.am -@@ -29,8 +29,8 @@ AM_CFLAGS = - AM_CFLAGS += -DVMX86_DEVEL - AM_CFLAGS += -DVMX86_DEBUG - --AM_LDFLAGS = --AM_LDFLAGS += -lpthread -+LDLIBS = -+LDLIBS += -lpthread - - vmware_testvmblock_fuse_CFLAGS = $(AM_CFLAGS) -Dvmblock_fuse - vmware_testvmblock_fuse_SOURCES = vmblocktest.c -diff --git a/open-vm-tools/vgauth/lib/Makefile.am b/open-vm-tools/vgauth/lib/Makefile.am -index bce97aac..88944f19 100644 ---- a/open-vm-tools/vgauth/lib/Makefile.am -+++ b/open-vm-tools/vgauth/lib/Makefile.am -@@ -59,7 +59,7 @@ libvgauth_la_LDFLAGS = - libvgauth_la_LDFLAGS += -Wl,-z,defs - # Needed for OS's that don't link shared libraries against libc by - #default, e.g. FreeBSD --libvgauth_la_LDFLAGS += -Wl,-lc -+libvgauth_la_LIBADD += -lc - - # Message catalogs. - install-data-hook: --- -2.40.1 - diff --git a/0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch b/0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch deleted file mode 100644 index d6e2f16..0000000 --- a/0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 7f97b8ac1df51da902c2db05e488e52bb3068149 Mon Sep 17 00:00:00 2001 -From: Jan Engelhardt -Date: Wed, 3 May 2023 00:48:56 +0200 -Subject: [PATCH 2/2] build: use grpc++ pkgconfig to retrieve flags/libraries -References: https://github.com/vmware/open-vm-tools/pull/664 - -When a .pc file exists, it should be used. Fixes obvious linking problems like - -ld: .libs/libcontainerInfo_la-containers.grpc.pb.o: in function `grpc::ByteBuffer::~ByteBuffer()': -/usr/include/grpcpp/support/byte_buffer.h:99: undefined reference to `grpc_byte_buffer_destroy' -collect2: error: ld returned 1 exit status -make[4]: *** [Makefile:649: libcontainerInfo.la] Error 1 ---- - open-vm-tools/configure.ac | 2 ++ - open-vm-tools/services/plugins/containerInfo/Makefile.am | 4 ++-- - 2 files changed, 4 insertions(+), 2 deletions(-) - -diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac -index 5f9a1937..fd8c2db0 100644 ---- a/open-vm-tools/configure.ac -+++ b/open-vm-tools/configure.ac -@@ -723,6 +723,8 @@ AC_DEFUN([AC_VMW_CONTAINERINFO_MSG],[ - [], - [AC_VMW_CONTAINERINFO_MSG(["grpc++ >= 1.3.2"])]) - -+PKG_CHECK_MODULES([grpcxx], [grpc++ >= 1.3.2]) -+ - # - # proto files needed by containerd grpc client. - # -diff --git a/open-vm-tools/services/plugins/containerInfo/Makefile.am b/open-vm-tools/services/plugins/containerInfo/Makefile.am -index 10b4dfae..74d9c8f0 100644 ---- a/open-vm-tools/services/plugins/containerInfo/Makefile.am -+++ b/open-vm-tools/services/plugins/containerInfo/Makefile.am -@@ -60,9 +60,9 @@ libcontainerInfo_la_SOURCES += containers.grpc.pb.h - libcontainerInfo_la_SOURCES += containers.grpc.pb.cc - libcontainerInfo_la_SOURCES += containerInfo_grpc.cc - --libcontainerInfo_la_CPPFLAGS += @GRPC_CPPFLAGS@ -+libcontainerInfo_la_CPPFLAGS += ${grpcxx_CFLAGS} - libcontainerInfo_la_LIBADD += -lprotobuf --libcontainerInfo_la_LIBADD += -lgrpc++ -+libcontainerInfo_la_LIBADD += ${grpcxx_LIBS} - - tasks.grpc.pb.cc containers.grpc.pb.cc: %.grpc.pb.cc : %.proto %.pb.cc - $(PROTOC) -I. -I$(GOGO_PROTOPATH) \ --- -2.40.1 - diff --git a/2023-20867-Remove-some-dead-code.patch b/2023-20867-Remove-some-dead-code.patch deleted file mode 100644 index a141364..0000000 --- a/2023-20867-Remove-some-dead-code.patch +++ /dev/null @@ -1,156 +0,0 @@ -From 3028cdd4c0b2461b904cbe5a5868c8e591aa0941 Mon Sep 17 00:00:00 2001 -From: John Wolfe -Date: Mon, 8 May 2023 19:04:57 -0700 -Subject: [PATCH] Remove some dead code. - -Address CVE-2023-20867. -Remove some authentication types which were deprecated long -ago and are no longer in use. These are dead code. ---- - open-vm-tools/services/plugins/vix/vixTools.c | 102 -------------------------- - 1 file changed, 102 deletions(-) - -diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c -index 9f376a7..85c5ba7 100644 ---- a/open-vm-tools/services/plugins/vix/vixTools.c -+++ b/open-vm-tools/services/plugins/vix/vixTools.c -@@ -254,8 +254,6 @@ char *gImpersonatedUsername = NULL; - #define VIX_TOOLS_CONFIG_API_AUTHENTICATION "Authentication" - #define VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS "InfrastructureAgents" - --#define VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT TRUE -- - /* - * The switch that controls all APIs - */ -@@ -730,9 +728,6 @@ VixError GuestAuthSAMLAuthenticateAndImpersonate( - - void GuestAuthUnimpersonate(); - --static Bool VixToolsCheckIfAuthenticationTypeEnabled(GKeyFile *confDictRef, -- const char *typeName); -- - #if SUPPORT_VGAUTH - - VGAuthError TheVGAuthContext(VGAuthContext **ctx); -@@ -8013,29 +8008,6 @@ VixToolsImpersonateUser(VixCommandRequestHeader *requestMsg, // IN - userToken); - break; - } -- case VIX_USER_CREDENTIAL_ROOT: -- { -- if ((requestMsg->requestFlags & VIX_REQUESTMSG_HAS_HASHED_SHARED_SECRET) && -- !VixToolsCheckIfAuthenticationTypeEnabled(gConfDictRef, -- VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS)) { -- /* -- * Don't accept hashed shared secret if disabled. -- */ -- g_message("%s: Requested authentication type has been disabled.\n", -- __FUNCTION__); -- err = VIX_E_GUEST_AUTHTYPE_DISABLED; -- goto done; -- } -- } -- // fall through -- -- case VIX_USER_CREDENTIAL_CONSOLE_USER: -- err = VixToolsImpersonateUserImplEx(NULL, -- credentialType, -- NULL, -- loadUserProfile, -- userToken); -- break; - case VIX_USER_CREDENTIAL_NAME_PASSWORD: - case VIX_USER_CREDENTIAL_NAME_PASSWORD_OBFUSCATED: - case VIX_USER_CREDENTIAL_NAMED_INTERACTIVE_USER: -@@ -8205,36 +8177,6 @@ VixToolsImpersonateUserImplEx(char const *credentialTypeStr, // IN - } - - /* -- * If the VMX asks to be root, then we allow them. -- * The VMX will make sure that only it will pass this value in, -- * and only when the VM and host are configured to allow this. -- */ -- if ((VIX_USER_CREDENTIAL_ROOT == credentialType) -- && (thisProcessRunsAsRoot)) { -- *userToken = PROCESS_CREATOR_USER_TOKEN; -- -- gImpersonatedUsername = Util_SafeStrdup("_ROOT_"); -- err = VIX_OK; -- goto quit; -- } -- -- /* -- * If the VMX asks to be root, then we allow them. -- * The VMX will make sure that only it will pass this value in, -- * and only when the VM and host are configured to allow this. -- * -- * XXX This has been deprecated XXX -- */ -- if ((VIX_USER_CREDENTIAL_CONSOLE_USER == credentialType) -- && ((allowConsoleUserOps) || !(thisProcessRunsAsRoot))) { -- *userToken = PROCESS_CREATOR_USER_TOKEN; -- -- gImpersonatedUsername = Util_SafeStrdup("_CONSOLE_USER_NAME_"); -- err = VIX_OK; -- goto quit; -- } -- -- /* - * If the VMX asks us to run commands in the context of the current - * user, make sure that the user who requested the command is the - * same as the current user. -@@ -10917,50 +10859,6 @@ VixToolsCheckIfVixCommandEnabled(int opcode, // IN - /* - *----------------------------------------------------------------------------- - * -- * VixToolsCheckIfAuthenticationTypeEnabled -- -- * -- * Checks to see if a given authentication type has been -- * disabled via the tools configuration. -- * -- * Return value: -- * TRUE if enabled, FALSE otherwise. -- * -- * Side effects: -- * None -- * -- *----------------------------------------------------------------------------- -- */ -- --static Bool --VixToolsCheckIfAuthenticationTypeEnabled(GKeyFile *confDictRef, // IN -- const char *typeName) // IN --{ -- char authnDisabledName[64]; // Authentication..disabled -- gboolean disabled; -- -- Str_Snprintf(authnDisabledName, sizeof(authnDisabledName), -- VIX_TOOLS_CONFIG_API_AUTHENTICATION ".%s.disabled", -- typeName); -- -- ASSERT(confDictRef != NULL); -- -- /* -- * XXX Skip doing the strcmp() to verify the auth type since we only -- * have the one typeName (VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS), and default -- * it to VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT. -- */ -- disabled = VMTools_ConfigGetBoolean(confDictRef, -- VIX_TOOLS_CONFIG_API_GROUPNAME, -- authnDisabledName, -- VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT); -- -- return !disabled; --} -- -- --/* -- *----------------------------------------------------------------------------- -- * - * VixTools_ProcessVixCommand -- - * - * --- -2.6.2 - diff --git a/CVE-20230-20900.patch b/CVE-20230-20900.patch deleted file mode 100644 index 2a0fb08..0000000 --- a/CVE-20230-20900.patch +++ /dev/null @@ -1,34 +0,0 @@ -From eb4f36dfeb8b89443f7d5ade03316ba49a295eee Mon Sep 17 00:00:00 2001 -From: John Wolfe -Date: Fri, 18 Aug 2023 11:23:53 -0700 -Subject: [PATCH] Address CVE-2023-20900 - -VGAuth: Allow only X509 certs to verify the SAML token signature. - ---- - open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c -index f5541a9..0b2a945 100644 ---- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c -+++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c -@@ -1335,7 +1335,14 @@ VerifySignature(xmlDocPtr doc, - */ - bRet = RegisterID(xmlDocGetRootElement(doc), "ID"); - if (bRet == FALSE) { -- g_warning("failed to register ID\n"); -+ g_warning("Failed to register ID\n"); -+ goto done; -+ } -+ -+ /* Use only X509 certs to validate the signature */ -+ if (xmlSecPtrListAdd(&(dsigCtx->keyInfoReadCtx.enabledKeyData), -+ BAD_CAST xmlSecKeyDataX509Id) < 0) { -+ g_warning("Failed to limit allowed key data\n"); - goto done; - } - --- -2.6.2 - diff --git a/_service b/_service index 507e446..8981fbe 100644 --- a/_service +++ b/_service @@ -2,9 +2,9 @@ git https://github.com/vmware/open-vm-tools.git - stable-12.2.0 + stable-12.3.0 open-vm-tools - 12.2.0 + 12.3.0 *.tar diff --git a/open-vm-tools-12.2.0.tar.xz b/open-vm-tools-12.2.0.tar.xz deleted file mode 100644 index d5db9b5..0000000 --- a/open-vm-tools-12.2.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ef22adf11d16a8bc675d1c73c190d178e791ee247d6cabfe78df9c56c9fae8c0 -size 1801020 diff --git a/open-vm-tools-12.3.0.tar.xz b/open-vm-tools-12.3.0.tar.xz new file mode 100644 index 0000000..7de488e --- /dev/null +++ b/open-vm-tools-12.3.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:034abbf1dbf34425789a94cc9de2551f0ef57b799712a9a610366c25c2a07ba3 +size 1808920 diff --git a/open-vm-tools.changes b/open-vm-tools.changes index 14199c6..61ba8b8 100644 --- a/open-vm-tools.changes +++ b/open-vm-tools.changes @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Wed Sep 6 15:52:41 UTC 2023 - Kirk Allan + +- Update to 12.3.0 (build 22234872) (boo#1214850) + - There are no new features in the open-vm-tools 12.3.0 release. This is + primarily a maintenance release that addresses a few critical problems, + including: + - This release integrates CVE-2023-20900 without the need for a patch. + For more information on this vulnerability and its impact on VMware + products, see + https://www.vmware.com/security/advisories/VMSA-2023-0019.html. + - A tools.conf configuration setting is available to temporaily direct + Linux quiesced snaphots to restore pre open-vm-tools 12.2.0 behavior + of ignoring file systems already frozen. + - Building of the VMware Guest Authentication Service (VGAuth) using + "xml-security-c" and "xerces-c" is being deprecated. + - A number of Coverity reported issues have been addressed. + - A number of GitHub issues and pull requests have been handled. + Please see the Resolves Issues section of the Release Notes. + - For issues resolved in this release, see the Resolved Issues section + of the Release Notes. + - For complete details, see: + https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.0 + - Release Notes are available at + https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/ReleaseNotes.md + - The granular changes that have gone into the 12.3.0 release are in the + ChangeLog at + https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/open-vm-tools/ChangeLog + +- Fix (bsc#1205927) - hv_vmbus module is loaded unnecessarily in VMware guests + +- jsc-PED-1344 - reinable building containerinfo plugin for SLES 15 SP4. + +- Drop patch now contained in 12.3.0: + + 0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch + + 0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch + + 2023-20867-Remove-some-dead-code.patch + + CVE-20230-20900.patch + ------------------------------------------------------------------- Mon Aug 28 15:10:27 UTC 2023 - Kirk Allan diff --git a/open-vm-tools.spec b/open-vm-tools.spec index ef8ef7e..3e2fb3d 100644 --- a/open-vm-tools.spec +++ b/open-vm-tools.spec @@ -38,7 +38,7 @@ %define with_X 1 Name: open-vm-tools -Version: 12.2.0 +Version: 12.3.0 Release: 0 Summary: Open Virtual Machine Tools License: BSD-3-Clause AND GPL-2.0-only AND LGPL-2.1-only @@ -69,7 +69,7 @@ BuildRequires: pam-devel BuildRequires: pcre-devel BuildRequires: procps-devel BuildRequires: update-desktop-files -%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150500 +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400 BuildRequires: containerd-devel BuildRequires: grpc-devel BuildRequires: libcurl-devel @@ -106,7 +106,11 @@ BuildRequires: pkgconfig(libudev) %if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 0120300 BuildRequires: libxml2-devel BuildRequires: pkgconfig(xmlsec1) +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 0150400 +Requires: libxmlsec1-openssl1 >= 1.2.37 +%else Requires: libxmlsec1-openssl1 >= 1.2.28 +%endif %define arg_xmlsec1 --enable-xmlsec1 %else # Leap 42.1 and 42.2 supports xmlsec1 and libxmlsec1-openssl1 but 12 SP1 and @@ -153,10 +157,6 @@ Obsoletes: open-vm-tools-deploypkg <= 10.0.5 Supplements: modalias(pci:v000015ADd*sv*sd*bc*sc*i*) ExclusiveArch: %ix86 x86_64 aarch64 #Upstream patches -Patch2: 0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch -Patch3: 0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch -Patch4: 2023-20867-Remove-some-dead-code.patch -Patch5: CVE-20230-20900.patch #SUSE specific patches Patch0: pam-vmtoolsd.patch @@ -243,7 +243,7 @@ Requires: libvmtools0 = %{version} Those are the development headers for libvmtools. They are needed if you intend to create own plugins for vmtoolsd. -%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150500 +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400 %package containerinfo Summary: Container Info Plugin Group: System Environment/Libraries @@ -259,10 +259,6 @@ This package interfaces with the container runtime to retrieve a list of contain # fix for an rpmlint warning regarding wrong line feeds sed -i -e "s/\r//" README #Upstream patches -%patch2 -p2 -%patch3 -p2 -%patch4 -p2 -%patch5 -p2 #SUSE specific patches %patch0 -p2 @@ -318,6 +314,10 @@ make %install %make_install +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400 +mkdir -p %buildroot%_modulesloaddir +echo vmw_vsock_vmci_transport > %buildroot%_modulesloaddir/vmw_vsock_vmci_transport.conf +%endif mkdir -p %{buildroot}%{_sbindir} # Remove exec bit from config files @@ -457,7 +457,7 @@ systemctl try-restart vmtoolsd.service || : %postun -n libvmtools0 -p /sbin/ldconfig -%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150500 +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400 %post containerinfo systemctl try-restart vmtoolsd.service || : @@ -466,6 +466,9 @@ systemctl try-restart vmtoolsd.service || : %endif %files +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400 +%_modulesloaddir/vmw_vsock_vmci_transport.conf +%endif %if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 0120300 %license COPYING %doc AUTHORS ChangeLog NEWS README @@ -590,7 +593,7 @@ systemctl try-restart vmtoolsd.service || : %{_includedir}/libDeployPkg %{_libdir}/pkgconfig/libDeployPkg.pc -%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150500 +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400 %files containerinfo %{_libdir}/%{name}/plugins/vmsvc/libcontainerInfo.so %endif