From 8cedcdd09f45c68db7bd0af7ec21a5bf7789da12637f74cb39ac4bece720e531 Mon Sep 17 00:00:00 2001 From: Antonio Teixeira Date: Tue, 24 Sep 2024 13:27:46 +0000 Subject: [PATCH] - Update to version 2.4.4: * powerman: fix segfault if unspecified host reports status * redfishpower: do not report errors on dependent hosts * Update hostlist library to fix potential array out of bounds error. OBS-URL: https://build.opensuse.org/package/show/hardware/powerman?expand=0&rev=56 --- .gitattributes | 23 ++ .gitignore | 1 + ...-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch | 28 ++ harden_powerman.service.patch | 22 ++ powerman-2.4.2.tar.gz | 3 + powerman-2.4.3.tar.gz | 3 + powerman-2.4.4.tar.gz | 3 + powerman.changes | 243 ++++++++++++++++++ powerman.spec | 160 ++++++++++++ 9 files changed, 486 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Replace-deprecated-usmHMACMD5AuthProtocol-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch create mode 100644 harden_powerman.service.patch create mode 100644 powerman-2.4.2.tar.gz create mode 100644 powerman-2.4.3.tar.gz create mode 100644 powerman-2.4.4.tar.gz create mode 100644 powerman.changes create mode 100644 powerman.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Replace-deprecated-usmHMACMD5AuthProtocol-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch b/Replace-deprecated-usmHMACMD5AuthProtocol-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch new file mode 100644 index 0000000..abe6b39 --- /dev/null +++ b/Replace-deprecated-usmHMACMD5AuthProtocol-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch @@ -0,0 +1,28 @@ +From: Egbert Eich +Date: Sat Mar 4 07:59:09 2023 +0100 +Subject: Replace deprecated usmHMACMD5AuthProtocol Protocol by SNMP_DEFAULT_AUTH_PROTO +Patch-mainline: Not yet +Git-commit: 01428c387fc149489536ba9a9ea17095f5a20bc5 +References: + +Signed-off-by: Egbert Eich +Signed-off-by: Egbert Eich +--- + src/snmppower/snmppower.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) +Index: b/src/snmppower/snmppower.c +=================================================================== +--- a/src/snmppower/snmppower.c ++++ b/src/snmppower/snmppower.c +@@ -192,9 +192,9 @@ start_v3 (char **av, char *hostname, str + session.securityNameLen = strlen (av[1]); + + session.securityLevel = SNMP_SEC_LEVEL_AUTHNOPRIV; +- session.securityAuthProto = usmHMACMD5AuthProtocol; ++ session.securityAuthProto = SNMP_DEFAULT_AUTH_PROTO; + session.securityAuthProtoLen = +- sizeof (usmHMACMD5AuthProtocol) / sizeof (oid); ++ sizeof (SNMP_DEFAULT_AUTH_PROTO) / sizeof (oid); + session.securityAuthKeyLen = USM_AUTH_KU_LEN; + + if (generate_Ku (session.securityAuthProto, diff --git a/harden_powerman.service.patch b/harden_powerman.service.patch new file mode 100644 index 0000000..547ee17 --- /dev/null +++ b/harden_powerman.service.patch @@ -0,0 +1,22 @@ +Index: b/etc/powerman.service.in +=================================================================== +--- a/etc/powerman.service.in ++++ b/etc/powerman.service.in +@@ -5,6 +5,17 @@ After=syslog.target network.target + [Service] + Environment=SHELL=/bin/sh + PrivateTmp=yes ++# added automatically, for details please see ++# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort ++ProtectSystem=full ++ProtectHome=true ++ProtectHostname=true ++ProtectKernelTunables=true ++ProtectKernelModules=true ++ProtectKernelLogs=true ++ProtectControlGroups=true ++RestrictRealtime=true ++# end of automatic additions + User=@RUN_AS_USER@ + Group=@RUN_AS_GROUP@ + ExecStart=@X_SBINDIR@/powermand diff --git a/powerman-2.4.2.tar.gz b/powerman-2.4.2.tar.gz new file mode 100644 index 0000000..5502b10 --- /dev/null +++ b/powerman-2.4.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8465d1669745a72e3822fdc73f3e4a06737d8579a59190fef0b8aa259d7fc13f +size 789294 diff --git a/powerman-2.4.3.tar.gz b/powerman-2.4.3.tar.gz new file mode 100644 index 0000000..1a3939b --- /dev/null +++ b/powerman-2.4.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a6a3e1221fd89f9470651e87f95bd6515628aba49548dc8542f31db7a6515f77 +size 789459 diff --git a/powerman-2.4.4.tar.gz b/powerman-2.4.4.tar.gz new file mode 100644 index 0000000..7d1d5cf --- /dev/null +++ b/powerman-2.4.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d675502144bc0875def92dad4c0efc6d43bc81c78d6fdb09ebc5f3558b3b7c85 +size 789750 diff --git a/powerman.changes b/powerman.changes new file mode 100644 index 0000000..5fa29e3 --- /dev/null +++ b/powerman.changes @@ -0,0 +1,243 @@ +------------------------------------------------------------------- +Sun Sep 15 12:51:05 UTC 2024 - Antonio Teixeira + +- Update to version 2.4.4: + * powerman: fix segfault if unspecified host reports status + * redfishpower: do not report errors on dependent hosts + * Update hostlist library to fix potential array out of bounds error. + +------------------------------------------------------------------- +Thu Jul 25 20:02:41 UTC 2024 - Antonio Teixeira + +- Update to version 2.4.3: + * powerman: increase maximum line length + +------------------------------------------------------------------- +Tue May 14 19:04:31 UTC 2024 - Antonio Teixeira + +- Update to version 2.4.2: + * New features + * redfishpower: cache host resolution lookups (#190) + * redfishpower: support new --resolve-hosts option (#188) + * redfishpower: support message timeout config (#186) + * Fixes + * redfishpower: increase default message timeout (#191) + * redfishpower: output more detailed error messages (#183) +- Changelog for 2.4.1 and 2.4.0: + * Too many changes, see NEWS.md +- Removed patches: + * service-dynamic-user-autofiles.patch + * service-dynamic-user-configure.patch +- Refreshed patches: + * Replace-deprecated-usmHMACMD5AuthProtocol-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch + * harden_powerman.service.patch + +------------------------------------------------------------------- +Thu Feb 29 14:48:34 UTC 2024 - Dominique Leuenberger + +- Use %autosetup macro. Allows to eliminate the usage of deprecated + %patchN. + +------------------------------------------------------------------- +Fri Apr 28 17:36:06 UTC 2023 - Antonio Teixeira + +- Version update to 2.3.27 + * Add redfish support for Cray r272z30, Cray windom, and Supermicro + * H12DSG-O-CPU (#55, #47) + * CI: Enable github workflow (#59, #58, #57, #56) + * Misc fixes (#54, #52, #50, #46) +- Add file permissions for %{_tmpfilesdir}/powerman.conf +- Modified patch service-dynamic-user-configure.patch (refreshed) + +------------------------------------------------------------------- +Sat Mar 4 07:01:36 UTC 2023 - Egbert Eich + +- Replace-deprecated-usmHMACMD5AuthProtocol-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch + Replace deprecated usmHMACMD5AuthProtocol Protocol by + SNMP_DEFAULT_AUTH_PROTO. + +------------------------------------------------------------------- +Mon Nov 15 14:20:41 UTC 2021 - Egbert Eich + +- Utilize sysuser infrastructure to set user/group powerman. + +------------------------------------------------------------------- +Tue Oct 19 13:06:07 UTC 2021 - Johannes Segitz + +- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): + * harden_powerman.service.patch + +------------------------------------------------------------------- +Thu May 13 07:54:21 UTC 2021 - pgajdos@suse.com + +- version update to 2.3.26 + * Log power state changes to syslog (Olaf Faaland, PR #37) + * Fix default systemd unit file path for 'make distcheck' + * Add etc/rancid-cisco-poe.dev (Daniel Rich, PR #28) + * Add etc/openbmc.dev (Albert Chu, PR #33) + * Add etc/kvm.dev & etc/kvm-ssh.dev (tisbeok, PR #8) + * Fix misinterpretation of error strings in ipmipower.dev. +- fix [bsc#1185071] -- PIDFile under /run +- modified patches + % service-dynamic-user-autofiles.patch (refreshed) + % service-dynamic-user-configure.patch (refreshed) + +------------------------------------------------------------------- +Wed Apr 25 09:48:37 UTC 2018 - eich@suse.com + +- For SLE-12 set user/group to daemon/root for backward + compatibility. + +------------------------------------------------------------------- +Tue Aug 15 13:22:50 UTC 2017 - eich@suse.com + +- Minor specfile cosmetics: + * Simplified the entry for %{_sysconfdir}/powerman. + +------------------------------------------------------------------- +Fri Aug 11 19:47:51 UTC 2017 - eich@suse.com + +- This package should not provide the user/group powerman + as it is the only user of this group: powermand runs as + this user/group and writes its data as this user/group. + This gives the sysadmin some control over who to give + access. There is no other application requiring this + user/group. + +------------------------------------------------------------------- +Fri Aug 11 18:04:54 UTC 2017 - eich@suse.com + +- run systemd-tmpfiles --create ... before starting service (bsc#1053481). + +------------------------------------------------------------------- +Thu Jun 15 15:20:21 UTC 2017 - jjolly@suse.com + +- powerman service configured to start as powerman:powerman user + - Fixed autoconf files to allow for dynamic user and group in + powerman.service file + - service-dynamic-user-autofiles.patch + - Updated configure file with only necessary changes from + autoconf changes + - service-dynamic-user-configure.patch +- Added %config to /etc/powerman/*.dev files + +------------------------------------------------------------------- +Sun Apr 2 21:28:34 UTC 2017 - meissner@suse.com + +- prequire daemon user for new factory userhandling + +------------------------------------------------------------------- +Wed Feb 15 17:24:43 UTC 2017 - eich@suse.com + +- Create /usr/lib/tmpfiles.d/powerman.conf: + Add systemd handling for temporary directory /var/run/powerman. + +------------------------------------------------------------------- +Wed Jan 4 18:16:09 UTC 2017 - eich@suse.com + +- Added support for snmp, tcpwrappers and genders to be compatible + with the powerman package from openHPC.community (latter one is + currently disabled). + To use tcpwrappers, they need to be enabled in /etc/powerman/powerman.conf + - the default is 'off'. +- Don't create /run/powerman - systemd will do this for us. + +------------------------------------------------------------------- +Fri Nov 13 18:40:43 UTC 2015 - mpluskal@suse.com + +- Update to 2.3.24 + * Don't package /var/run/powerman; let systemd manage it + [TOSS-2987] + * Cleanup: drop trailing whitespace +- Changes for 2.3.23 + * Build: silence CC lines, fix AC_LANG_CONFTEST warnings, fix + $(EXEEXT) warnings. + * Build: install System V init scripts if + --with-systemdsystemunitdir is not configured and include both + in EXTRA_DIST. + * Build: re-enable 'make check' unit tests. + * Build: fix some 'make distcheck' issues, but until unit tests + are fixed to find *.exp and *.conf files in $(srcdir), this will still fail. + * RPM: configure genders, httppower, snmppower, and tcp-wrappers + unconditionally; update URL. +- Cleanups spec file with spec-cleaner +- Drop powerman.service and use bundled one + +------------------------------------------------------------------- +Thu Mar 12 09:45:27 UTC 2015 - p.drouand@gmail.com + +- Update to version 2.3.20 + * add dist tag to release (TOSS-2667) + * Minor automake updates +- Move to systemd +- Remove unneeded patchs + * powerman-piddir.patch + * powerman-runlevel.patch +- Update project and download Urls; project has moved to github +- Some cleanup + +------------------------------------------------------------------- +Mon Aug 4 16:54:41 UTC 2014 - sfalken@opensuse.org + +- Updates in 2.3.16 + * Fix duplicate node name (Issue 35) + Pulled in another hotlist fix (Mark Grondona) + * Fix powerman stonith OFF should verify plug state (chaos bz 1439) +- Updated powerman-pidfile.patch to reflect /run instead of /var/run + + +------------------------------------------------------------------- +Wed Jul 30 02:43:19 UTC 2014 - sfalken@opensuse.org + +- Updated to 2.3.16 + * Changed /var/run to /run in .spec to fix rpmlint check failures + Updated URL in .spec file + * Added: + powerman-2.3.16.tar.gz + * Removed: + powerman-2.3.9.tar.bz2 + * Updated: + powerman.spec + +------------------------------------------------------------------- +Thu Dec 8 13:04:25 UTC 2011 - coolo@suse.com + +- the COPYING is GPL-2.0+ + +------------------------------------------------------------------- +Thu Jul 28 19:29:35 CEST 2011 - sbrabec@suse.cz + +- Update to version 2.3.9: + * Add MIB support to snmppower. + * Add eaton-epdu-blue-switched.dev. + * Add support for SNMP power controllers. + * Add SNMP dev files for 8-port APC, 8-port Baytech, and 20 port + Eaton Revelation PDU. + * Add support for APC 7900 revision 3 firmware. + * Add support for Appro Greenblade. + * Add support for APC 7920. + * Add Support for ranged beacon on/off device scripts, and beacon + support for ipmipower. +- Make heartbeat support optional as it is dropped now. + +------------------------------------------------------------------- +Wed May 19 02:38:24 CEST 2010 - ro@suse.de + +- keep /var/run/powerman only as ghost in filelist + and create it in initscript if missing + +------------------------------------------------------------------- +Tue May 18 19:42:02 UTC 2010 - aj@suse.de + +- Add pkg-config as build requires. + +------------------------------------------------------------------- +Fri Aug 14 15:00:56 CEST 2009 - sbrabec@suse.cz + +- PreReq fix. + +------------------------------------------------------------------- +Mon Aug 10 17:24:08 CEST 2009 - sbrabec@suse.cz + +- New SuSE package, version 2.3.5. + diff --git a/powerman.spec b/powerman.spec new file mode 100644 index 0000000..757491f --- /dev/null +++ b/powerman.spec @@ -0,0 +1,160 @@ +# +# spec file for package powerman +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# +%define _with_snmppower 1 +%define _with_tcp_wrappers 1 +%undefine _with_genders + +%if 0%{?suse_version} >= 1500 +%define powerman_g %name +%define powerman_u %name +%define have_sysuser 1 +%else +%define powerman_g daemon +%define powerman_u root +%endif + +Name: powerman +Version: 2.4.4 +Release: 0 +Summary: Centralized Power Control for Clusters +License: GPL-2.0-or-later +Group: Productivity/Clustering/HA +URL: https://github.com/chaos/powerman +Source: https://github.com/chaos/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz +Patch1: harden_powerman.service.patch +Patch2: Replace-deprecated-usmHMACMD5AuthProtocol-Protocol-by-SNMP_DEFAULT_AUTH_PROTO.patch +BuildRequires: automake +BuildRequires: bison +BuildRequires: fdupes +BuildRequires: flex +BuildRequires: ncurses-devel +BuildRequires: pkg-config +BuildRequires: tcpd-devel +BuildRequires: pkgconfig(jansson) +BuildRequires: pkgconfig(libcurl) +%{?have_sysuser:BuildRequires: sysuser-tools} +%if 0%{?_with_snmppower} +BuildRequires: net-snmp-devel +%endif +%if 0%{?_with_genders} +BuildRequires: genders +%endif +BuildRequires: pkgconfig(systemd) +%{?systemd_requires} + +Requires(pre): shadow + +%description +PowerMan is a tool for manipulating remote power control (RPC) devices from a +central location. Several RPC varieties are supported natively by PowerMan and +Expect-like configurability simplifies the addition of new devices. + +%package -n libpowerman0 +Summary: Libraries for applications using PowerMan +Group: System/Libraries + +%description -n libpowerman0 +A shared library for applications using PowerMan. + +%package devel +Summary: Headers and libraries for developing applications using PowerMan +Group: Development/Libraries/C and C++ +Requires: libpowerman0 = %{version} + +%description devel +Header files, pkg-config file and man pages for developing applications using PowerMan. + +%prep +%autosetup -p1 + +%build +%configure \ + --disable-static\ + --with-httppower \ + --with-user=%{powerman_u} \ + --with-group=%{powerman_g} \ + --with-systemdsystemunitdir=%{_unitdir} \ +%{?_with_snmppower:--with-snmppower} \ +%{?_with_genders:--with-genders} \ +%{?_with_tcp_wrappers:--with-tcp-wrappers} \ + +make %{?_smp_mflags} + +%install +make DESTDIR=%{buildroot} install %{?_smp_mflags} +find %{buildroot} -type f -name "*.la" -delete -print +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name} +%{__mkdir} -p %{buildroot}%{_tmpfilesdir} +cat > %{buildroot}%{_tmpfilesdir}/%{name}.conf < system-user-%{name}.conf +%sysusers_generate_pre system-user-%{name}.conf powerman system-user-%{name}.conf +install -D -m 644 system-user-%{name}.conf %{buildroot}%{_sysusersdir}/system-user-%{name}.conf +%endif + +%fdupes -s %{buildroot} + +%pre %{?have_sysuser:-f %{name}.pre} +%service_add_pre %{name}.service + +%post +systemd-tmpfiles --create %{_tmpfilesdir}/powerman.conf +%service_add_post %{name}.service + +%preun +%service_del_preun %{name}.service + +%postun +%service_del_postun %{name}.service + +%post -n libpowerman0 -p /sbin/ldconfig + +%postun -n libpowerman0 -p /sbin/ldconfig + +%files +%defattr(-,root,root) +%doc DISCLAIMER NEWS.md +%license COPYING +%{_bindir}/* +%{_mandir}/man?/*.* +%exclude %{_mandir}/man3/*.* +%{_sbindir}/* +%config %{_sysconfdir}/powerman/ +%attr(0644,root,root) %{_unitdir}/%{name}.service +%attr(0644,root,root) %{_tmpfilesdir}/powerman.conf +%ghost %{_rundir}/powerman +%{?have_sysuser:%{_sysusersdir}/system-user-%{name}.conf} + +%files devel +%defattr(-,root,root) +%{_includedir}/* +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc +%{_mandir}/man3/*.* + +%files -n libpowerman0 +%defattr(-,root,root) +%{_libdir}/*.so.* + +%changelog