pool/warewulf4
SHA256
17
0
Fork 2
Code Issues Pull Requests Activity

Compare commits

merge into: pool:leap-16.0
Branches Tags
pool:factory pool:leap-16.0 pool:leap-16.1
...
pull from: pool:factory
Branches Tags
pool:factory pool:leap-16.0 pool:leap-16.1

3 Commits
leap-16.0 ... factory

Author SHA256 Message Date
Ana Guerrero
14a86076d0 Accepting request 1328111 from network:cluster 
- Removed switched-to-dnsmasq-as-default-dhcp-and-tftp-service.patch 
  preferring editing conf with yq (forwarded request 1328110 from mslacken)

OBS-URL: https://build.opensuse.org/request/show/1328111
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/warewulf4?expand=0&rev=38
 2026-01-19 17:39:34 +00:00
Christian Goll
e11945c1e0 - Removed switched-to-dnsmasq-as-default-dhcp-and-tftp-service.patch 
preferring editing conf with yq

OBS-URL: https://build.opensuse.org/package/show/network:cluster/warewulf4?expand=0&rev=123
 2026-01-19 15:04:54 +00:00
Christian Goll
82642b3871 updated to v4.6.5 with following changes: 
* new wwctl overlay info command
  * fixed wwctl image import --update option (bsc#1254470)
  * cross-arch support for wwclient
  * improved IPv6 support
  * improved support for bonded interfaces
  * renamed debian.interfaces overlay to ifupdown
  * new systemd-networkd overlay
  * warewulf-dracut fixes, including "provision-to-disk" fixes
- default to dnsmasq instead of dhcpd and tftp
- Removed fix-CVE-2025-58058.patch as updated upstream

OBS-URL: https://build.opensuse.org/package/show/network:cluster/warewulf4?expand=0&rev=122
 2026-01-19 15:02:34 +00:00
10 changed files with 31 additions and 200 deletions
Expand all files Collapse all files

22
_service
View File

@@ -1,22 +0,0 @@
<services>
<service name="obs_scm" mode="manual">
<param name="url">https://github.com/warewulf/warewulf.git</param>
<param name="scm">git</param>
<param name="revision">v4.6.4</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
<param name="submodules">enable</param>
<param name="package-meta">yes</param>
</service>
<service name="set_version" mode="manual" />
<service name="format_spec_file" mode="manual" />
<service name="tar" mode="buildtime">
<param name="package-meta">yes</param>
</service>
<service name="go_modules" mode="manual" >
<param name="compression">xz</param>
<param name="archive">warewulf*obscpio</param>
</service>
<service name="format_spec_file" mode="manual" />
</services>

56
fix-CVE-2025-58058.patch
View File

@@ -1,56 +0,0 @@
From 8e6c115089c0cbea4347ed252aba7cfe575c9456 Mon Sep 17 00:00:00 2001
From: Christian Goll <cgoll@suse.com>
Date: Mon, 8 Sep 2025 15:33:28 +0200
Subject: [PATCH] fix CVE-2025-58058
---
CHANGELOG.md | 3 +++
go.mod | 2 +-
go.sum | 4 ++--
3 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 26c5994c..41fd92bf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## v4.6.5, unreleased
+### Fixed
+- updated github.com/ulikunitz/xz to 0.5.14 whiche fixes CVE-2025-58058
+
## v4.6.4, 2025-09-05
### Added
diff --git a/go.mod b/go.mod
index bdd4ef25..55b9642a 100644
--- a/go.mod
+++ b/go.mod
@@ -135,7 +135,7 @@ require (
github.com/swaggest/jsonschema-go v0.3.73 // indirect
github.com/swaggest/refl v1.3.0 // indirect
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
- github.com/ulikunitz/xz v0.5.12 // indirect
+ github.com/ulikunitz/xz v0.5.14 // indirect
github.com/urfave/cli v1.22.16 // indirect
github.com/vbatts/go-mtree v0.5.0 // indirect
github.com/vbatts/tar-split v0.11.7 // indirect
diff --git a/go.sum b/go.sum
index c5a19894..878b35c5 100644
--- a/go.sum
+++ b/go.sum
@@ -399,8 +399,8 @@ github.com/tj/assert v0.0.3/go.mod h1:Ne6X72Q+TB1AteidzQncjw9PabbMp4PBMZ1k+vd1Pv
github.com/tj/go-elastic v0.0.0-20171221160941-36157cbbebc2/go.mod h1:WjeM0Oo1eNAjXGDx2yma7uG2XoyRZTq1uv3M/o7imD0=
github.com/tj/go-kinesis v0.0.0-20171128231115-08b17f58cb1b/go.mod h1:/yhzCV0xPfx6jb1bBgRFjl5lytqVqZXEaeqWP8lTEao=
github.com/tj/go-spin v1.1.0/go.mod h1:Mg1mzmePZm4dva8Qz60H2lHwmJ2loum4VIrLgVnKwh4=
-github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
-github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
+github.com/ulikunitz/xz v0.5.14 h1:uv/0Bq533iFdnMHZdRBTOlaNMdb1+ZxXIlHDZHIHcvg=
+github.com/ulikunitz/xz v0.5.14/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli v1.22.16 h1:MH0k6uJxdwdeWQTwhSO42Pwr4YLrNLwBtg1MRgTqPdQ=
github.com/urfave/cli v1.22.16/go.mod h1:EeJR6BKodywf4zciqrdw6hpCPk68JO9z5LazXZMn5Po=
--
2.51.0

102
switched-to-dnsmasq-as-default-dhcp-and-tftp-service.patch
View File

@@ -1,102 +0,0 @@
From 9e39845bda60e006936c8b6e34a02325d31448b3 Mon Sep 17 00:00:00 2001
From: Christian Goll <cgoll@suse.com>
Date: Fri, 18 Jul 2025 16:29:37 +0200
Subject: [PATCH] switched to dnsmasq as default dhcp and tftp service
---
CHANGELOG.md | 1 +
etc/warewulf.conf | 4 ++--
userdocs/server/dnsmasq.rst | 33 ++-------------------------------
warewulf.spec.in | 2 +-
4 files changed, 6 insertions(+), 34 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 26c5994c..0c6378e9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -61,6 +61,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Fixed handling of comma-separated mount options in `fstab` and `ignition` overlays. #1950
- Fixed a race condition in `wwctl overlay edit`. #1947
- Fixed a syntax error in the RPM specfile.
+- switched to dnsmasq as default tftp and dhcp service
## v4.6.2, 2025-07-09
diff --git a/etc/warewulf.conf b/etc/warewulf.conf
index 33cec64c..6e68047c 100644
--- a/etc/warewulf.conf
+++ b/etc/warewulf.conf
@@ -10,11 +10,11 @@ dhcp:
enabled: true
range start: 10.0.1.1
range end: 10.0.1.255
- systemd name: dhcpd
+ systemd name: dnsmasq
template: default
tftp:
enabled: true
- systemd name: tftp
+ systemd name: dnsmasq
ipxe:
00:09: ipxe-snponly-x86_64.efi
00:00: undionly.kpxe
diff --git a/userdocs/server/dnsmasq.rst b/userdocs/server/dnsmasq.rst
index b182ee8d..ba6037a0 100644
--- a/userdocs/server/dnsmasq.rst
+++ b/userdocs/server/dnsmasq.rst
@@ -2,37 +2,8 @@
Using dnsmasq
=============
-As an experimental feature, it is possible to use ``dnsmasq`` instead of the ISC
-``dhcpd`` server and ``TFTP`` server.
-
-In order to keep the file ``/etc/dnsmasq.d/ww4-hosts.conf`` is created and must
-be included in the main ``dnsmasq.conf`` via the ``conf-dir=/etc/dnsmasq.d``
-option.
-
-Installation
-============
-
-Before the installation, make sure that ``dhcpd`` and ``tftp`` are disabled.
-You can do that with the commands:
-
-.. code-block:: shell
-
- systemctl disable --now dhcpd
- systemctl disable --now tftp
-
-Now you can install ``dnsmasq``.
-
-.. code-block:: shell
-
- # Rocky Linux
- dnf install dnsmasq
-
- # SUSE
- zypper install dnsmasq
-
-After the installation, instruct ``warewulf`` to use ``dnsmasq`` as its
-``dhcpd`` and ``tftp`` service. This is done in the server configuration file,
-typically at ``/etc/warewulf/warewulf.conf``:
+``dnsmasq`` is the default ``dhcpd`` and ``tftp`` service. This can be configured
+in the server configuration file, typically at ``/etc/warewulf/warewulf.conf``:
.. code-block:: yaml
diff --git a/warewulf.spec.in b/warewulf.spec.in
index f32585db..ae5f098c 100644
--- a/warewulf.spec.in
+++ b/warewulf.spec.in
@@ -69,7 +69,7 @@ Requires: ipxe-bootimgs-aarch64
Requires: dnsmasq
%else
%if 0%{?rhel} >= 8 || 0%{?suse_version} || 0%{?fedora}
-Requires: dhcp-server
+Requires: dnsmasq
%else
# rhel < 8 and others
Requires: dhcp
--
2.51.0

3
vendor.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fcd08cc9522e0b1757d9a445b9fca7ad20a18cb607eaed3fd3a4992d6df5b2a8
size 10190476

3
vendor.tar.xz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:629cfae88716e34aa4e99e7b45ab770eee3a44e1bf83bd24ccfaecf8c2d270fd
size 6489812

3
warewulf-4.6.4.obscpio
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b080ebcb0fcdeb3da9cb1e69a0053e7c0ffa0d1bd43d9e6bf8e58908bdda887e
size 4748300

4
warewulf.obsinfo
View File

@@ -1,4 +0,0 @@
name: warewulf
version: 4.6.4
mtime: 1757112751
commit: 4b9e2f0282ff82c31b20d65507dd02989210aaf2

3
warewulf4-v4.6.5.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9b5caa2d97ab1b68c0b3e0a85221e97c9d6c222b72b0dbbb711e7e9cbb42646e
size 11235905

17
warewulf4.changes
View File

@@ -1,3 +1,20 @@
-------------------------------------------------------------------
Mon Jan 19 13:48:50 UTC 2026 - Christian Goll <cgoll@suse.com>
- updated to v4.6.5 with following changes:
* new wwctl overlay info command
* fixed wwctl image import --update option (bsc#1254470)
* cross-arch support for wwclient
* improved IPv6 support
* improved support for bonded interfaces
* renamed debian.interfaces overlay to ifupdown
* new systemd-networkd overlay
* warewulf-dracut fixes, including "provision-to-disk" fixes
- default to dnsmasq instead of dhcpd and tftp
- Removed fix-CVE-2025-58058.patch as updated upstream
- Removed switched-to-dnsmasq-as-default-dhcp-and-tftp-service.patch
preferring editing conf with yq
-------------------------------------------------------------------
Mon Sep 08 09:45:51 UTC 2025 - Christian Goll <cgoll@suse.com>

18
warewulf4.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package warewulf4
#
# Copyright (c) 2025 SUSE LLC
# Copyright (c) 2026 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -29,23 +29,19 @@
ExclusiveArch: x86_64 aarch64
Name: warewulf4
Version: 4.6.4
Version: 4.6.5
Release: 0
Summary: A suite of tools for clustering
License: BSD-3-Clause
Group: Productivity/Clustering/Computing
URL: https://warewulf.org
Source0: warewulf-%{version}.tar
Source1: vendor.tar.xz
Source0: https://github.com/warewulf/warewulf/releases/download/v%{version}/warewulf-%{version}.tar.gz#/warewulf4-v%{version}.tar.gz
Source1: vendor.tar.gz
Source5: warewulf4-rpmlintrc
Source10: config-ww4.sh
Source11: adjust_overlays.sh
Source20: README.dnsmasq
Source21: README.RKE2.md
Patch0: switched-to-dnsmasq-as-default-dhcp-and-tftp-service.patch
Patch1: fix-CVE-2025-58058.patch
#Patch1: overlay.patch
#Patch2: upstream.patch
BuildRequires: %{python_module Sphinx-latex}
BuildRequires: distribution-release
@@ -66,7 +62,6 @@ BuildRequires: pkgconfig(gpgme)
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%sysusers_requires
Requires: %{name}-overlay = %{version}
Requires: firewalld
Requires: iproute2
Requires: ipxe-bootimgs
Requires: logrotate
@@ -201,7 +196,10 @@ yq e '
.tftp.ipxe."00:09" = "ipxe-x86_64.efi" |
.tftp.ipxe."00:0B" = "snp-arm64.efi" |
.["image mounts"] += {"source": "/etc/SUSEConnect", "dest": "/etc/SUSEConnect", "readonly": true} |
.["image mounts"] += {"source": "/etc/zypp/credentials.d/SCCcredentials", "dest": "/etc/zypp/credentials.d/SCCcredentials", "readonly": true}' \
.["image mounts"] += {"source": "/etc/zypp/credentials.d/SCCcredentials", "dest": "/etc/zypp/credentials.d/SCCcredentials", "readonly": true} |
.dhcp.["systemd name"] = "dnsmasq" |
.tftp.["systemd name"] = "dnsmasq"
' \
-i %{buildroot}%{_sysconfdir}/warewulf/warewulf.conf
# SUSE starts user UIDs at 1000
#sed -i -e 's@\(.* \$_UID \(>\|-ge\) \)500\(.*\)@\11000\3@' %{buildroot}%{_localstatedir}/lib/warewulf/overlays/host/rootfs/etc/profile.d/ssh_setup.*sh.ww