openSUSE Commits
Threads by month
- ----- 2024 -----
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
February 2013
- 1 participants
- 1989 discussions
Hello community,
here is the log from the commit of package polkit-default-privs for openSUSE:12.3 checked in at 2013-02-22 16:57:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.3/polkit-default-privs (Old)
and /work/SRC/openSUSE:12.3/.polkit-default-privs.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "polkit-default-privs", Maintainer is "meissner(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:12.3/polkit-default-privs/polkit-default-privs.changes 2013-02-21 10:44:12.000000000 +0100
+++ /work/SRC/openSUSE:12.3/.polkit-default-privs.new/polkit-default-privs.changes 2013-02-22 16:57:35.000000000 +0100
@@ -1,0 +2,7 @@
+Thu Feb 21 15:52:52 UTC 2013 - lnussel(a)suse.de
+
+- fix restrictive privileges
+- generate javascript files for new polkit (bnc#804376)
+- implement check for overrides
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ polkit-default-privs.spec ++++++
--- /var/tmp/diff_new_pack.Qg2Rw4/_old 2013-02-22 16:57:36.000000000 +0100
+++ /var/tmp/diff_new_pack.Qg2Rw4/_new 2013-02-22 16:57:36.000000000 +0100
@@ -47,7 +47,7 @@
%install
make install DESTDIR=$RPM_BUILD_ROOT
-mkdir -p $RPM_BUILD_ROOT/var/lib/polkit-1/localauthority/10-vendor.d
+mkdir -p $RPM_BUILD_ROOT/etc/polkit-1/rules.d/
%post
%{fillup_only -ns security polkit_default_privs}
@@ -65,8 +65,7 @@
/sbin/set_polkit_default_privs
%_mandir/man*/*
/var/adm/fillup-templates/sysconfig.security-polkit_default_privs
-%attr(0700,root,root) %dir /var/lib/polkit-1
-%dir /var/lib/polkit-1/localauthority
-%dir /var/lib/polkit-1/localauthority/10-vendor.d
+%attr(0755,root,root)%dir /etc/polkit-1/
+%attr(0755,root,root)%dir /etc/polkit-1/rules.d/
%changelog
++++++ polkit-default-privs-12.3.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/polkit-default-privs-12.3/chkstat-polkit new/polkit-default-privs-12.3/chkstat-polkit
--- old/polkit-default-privs-12.3/chkstat-polkit 2013-02-19 17:13:52.000000000 +0100
+++ new/polkit-default-privs-12.3/chkstat-polkit 2013-02-22 09:39:59.000000000 +0100
@@ -1,6 +1,6 @@
#!/usr/bin/perl -w
# This module sets policykit permssions
-# Copyright (C) 2008, 2009 SUSE Linux Products GmbH, Nuernberg, Germany.
+# Copyright (C) 2008, 2009, 2013 SUSE Linux Products GmbH, Nuernberg, Germany.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -21,13 +21,8 @@
use strict;
use File::Path;
-use Digest::MD5 qw/md5_hex/;
-my $polkit_public_dir = '/var/lib/PolicyKit-public';
-my $polkit1_localauthority_dir = '/var/lib/polkit-1/localauthority/10-vendor.d';
-my $suseconfig_dir = '/var/adm/SuSEconfig';
-my $md5_dir = $suseconfig_dir.'/md5';
-my $reload_file = '/var/lib/misc/PolicyKit.reload';
+my $file = '/etc/polkit-1/rules.d/50-default-privs.rules';
my $do_set;
# privilege => value
@@ -48,139 +43,6 @@
exit 1;
}
-my $policykit_ops = {
- name => 'PolicyKit',
- overridefile => sub {
- my $priv = shift;
- return $polkit_public_dir.'/'.$priv.'.defaults-override';
- },
- parse => sub {
- my $priv = shift;
- return shift;
- },
- create => sub {
- my $priv = shift;
- return shift;
- },
- pretty => sub {
- my $perms = shift;
- my @p = map { s/^auth/a/; s/_admin/a/; s/_self/s/; s/_keep/k/; s/_session/s/; s/_always/a/; $_ } split(/:/, $perms);
- return join(':', @p);
- },
-};
-
-my $polkit1_ops = {
- name => 'polkit1',
- overridefile => sub {
- my $priv = shift;
- return $polkit1_localauthority_dir.'/'.$priv.'.pkla';
- },
- parse => sub {
- my $priv = shift;
- my @p;
- for(@_) {
- if(/^ResultAny=(.+)\n/) {
- $p[0] = $1;
- } elsif(/^ResultInactive=(.+)\n/) {
- $p[1] = $1;
- } elsif(/^ResultActive=(.+)\n/) {
- $p[2] = $1;
- }
- }
- return join(':', @p) if ($p[0] && $p[1] && $p[2]);
- return undef;
- },
- convert => sub {
- my $perms = shift;
- my @p = map { s/^(auth_(?:admin|self)_keep).+$/$1/; s/_one_shot//; $_ } split(/:/, $perms);
- return join(':', @p);
- },
- create => sub {
- my $priv = shift;
- my $perms = shift;
-
- my @p = split(/:/, $perms);
-
- my $txt = "[$priv]\nIdentity=unix-group:*\nAction=$priv\n"
- . "ResultAny=$p[0]\nResultInactive=$p[1]\nResultActive=$p[2]\n";
- return $txt;
- },
- pretty => sub {
- my $perms = shift;
- my @p = map { s/^auth/a/; s/_admin/a/; s/_self/s/; s/_keep/k/; s/_session//; s/_always//; $_ } split(/:/, $perms);
- return join(':', @p);
- },
-};
-
-
-sub override($$$)
-{
- my ($privilege, $perms, $ops) = @_;
- my $overridefile = $ops->{overridefile}($privilege);
- my $old_perms;
- my @old_content;
- if(-e $overridefile) {
- if(!open(F, '<', $overridefile)) {
- print STDERR "can't open $overridefile: $!, skip.\n";
- return;
- }
- @old_content = <F>;
- $old_perms = $ops->{parse}($privilege, @old_content);
- close F;
- }
-
- $perms = $ops->{convert}($perms) if $ops->{convert};
-
- if(defined $old_perms && $perms eq $old_perms) {
- return;
- }
-
- if($do_set) {
- print $ops->{name}.": setting $privilege to ".$ops->{pretty}($perms).($old_perms?" (wrong setting ".$ops->{pretty}($old_perms).")\n":"\n");
- if(-e $overridefile) {
- if(!open(F, '<', $md5_dir.'/'.$overridefile)) {
- print STDERR "$overridefile was created externally, skip.\n";
- return;
- }
- my $should_digest = <F>;
- $should_digest = substr($should_digest, 0, 32);
- close F;
- my $digest = md5_hex(join('', @old_content));
- if($digest ne $should_digest) {
- print "$should_digest $digest\n";
- print STDERR "$overridefile was modifed externally, skip.\n";
- return;
- }
- }
- if(!open(F, '>', $overridefile.'.new')) {
- print STDERR "can't create $overridefile.new: $!, skip.\n";
- return;
- }
- my $content = $ops->{create}($privilege, $perms);
- print F $content;
- close F;
- my $digest = md5_hex($content);
- if(!open(F, '>', $md5_dir.'/'.$overridefile)) {
- print STDERR "can't save md5 check for $privilege: $!\n";
- unlink($overridefile.".new");
- return;
- }
- print F $digest." $overridefile\n";
- close F;
- rename($overridefile.'.new', $overridefile);
- } else {
- print $ops->{name}.": $privilege should be ".$ops->{pretty}($perms).($old_perms?" (wrong setting ".$ops->{pretty}($old_perms).")\n":"\n");
- }
-}
-
-if (-d $polkit_public_dir) {
- mkpath($md5_dir.'/'.$polkit_public_dir) if $do_set;
-} else {
- $policykit_ops = undef;
-}
-mkpath($polkit1_localauthority_dir) if $do_set;
-mkpath($md5_dir.'/'.$polkit1_localauthority_dir) if $do_set;
-
while(<>) {
chomp;
next unless $_;
@@ -189,15 +51,55 @@
if($perms !~ /:/) {
$perms = $perms.':'.$perms.':'.$perms;
}
- # backward compat with PolicyKit
- my @p = map { s/^auth_(admin\|self)_keep$/auth_$1_keep_always/; $_ } split(/:/, $perms);
- $perms = join(':', @p);
- $to_set{$privilege} = $perms;
+ # convert PolicyKit syntax
+ my @p = map { s/^(auth_(?:admin|self)_keep).+$/$1/; s/_one_shot//; $_ } split(/:/, $perms);
+ for (@p) {
+ unless (/^(?:auth_(?:admin|self)(?:_keep)?|yes|no)$/) {
+ warn "invalid value $_ in line $.\n";
+ next;
+ }
+ }
+ $to_set{$privilege} = [ @p ];
}
+
+my $rules = '';
while (my ($privilege, $perms) = each %to_set) {
- override($privilege, $perms, $policykit_ops) if defined $policykit_ops;
- override($privilege, $perms, $polkit1_ops);
+ my @p = @$perms;
+ $rules .= sprintf("\t\t'%s':\n\t\t\t[ '%s', '%s', '%s' ],\n", $privilege, $p[0], $p[1], $p[2]);
}
-utime undef, undef, $reload_file if $do_set;
+exit(0) unless $do_set;
+
+open(F, '>', $file.'.new') or die "can't open $file.new: $!\n";
+while(<DATA>) {
+ if (/INSERT_RULES_HERE/) {
+ $_ = $rules;
+ }
+ print F;
+}
+close F;
+
+rename($file.'.new', $file) or die "can't rename $file.new: $!\n";
+
+__END__
+/************************************\
+* AUTOMATICALY GENERATED DO NOT EDIT *
+* see man set_polkit_default_privs *
+\************************************/
+polkit.addRule(function(action, subject) {
+ rules = {
+ "INSERT_RULES_HERE" : [ "auth_admin", "auth_admin", "auth_admin" ],
+ };
+ var i = 0;
+ if (subject.local) {
+ if (subject.active) {
+ i = 2;
+ } else {
+ i = 1;
+ }
+ }
+ if (rules[action.id]) {
+ return rules[action.id][i];
+ }
+});
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/polkit-default-privs-12.3/listpolicies.pl new/polkit-default-privs-12.3/listpolicies.pl
--- old/polkit-default-privs-12.3/listpolicies.pl 2013-02-19 17:13:52.000000000 +0100
+++ new/polkit-default-privs-12.3/listpolicies.pl 2013-02-22 09:39:59.000000000 +0100
@@ -9,76 +9,104 @@
use strict;
use XML::Bare;
-use Data::Dumper;
+use Data::Dump;
+use Getopt::Long;
+Getopt::Long::Configure("no_ignore_case");
+
+my %options;
+
+sub usage($) {
+ my $r = shift;
+ eval "use Pod::Usage; pod2usage($r);";
+ if ($@) {
+ die "cannot display help, install perl(Pod::Usage)\n";
+ }
+}
+
+GetOptions(
+ \%options,
+ "verbose|v",
+ "policy=s@",
+ "check-override",
+ "help|h",
+) or usage(1);
+
+usage(0) if ($options{'help'});
-my $permissions;
my %known;
my @policies;
if ($#ARGV == -1) {
my $buildroot = $ENV{'BUILD_ROOT'} || '';
my $rpm_buildroot = $ENV{'RPM_BUILD_ROOT'} || '';
- @ARGV = glob "$rpm_buildroot/usr/share/PolicyKit/policy/*.policy";
push @ARGV, glob "$rpm_buildroot/usr/share/polkit-1/actions/*.policy";
- push @ARGV, '--';
- push @ARGV, "$buildroot/etc/polkit-default-privs.standard";
+ unless ($options{'policy'}) {
+ $options{'policy'} = [ "$buildroot/etc/polkit-default-privs.standard" ];
+ }
}
for my $f (@ARGV) {
- if ("$f" eq '--') {
- $permissions = 1;
- next;
- }
open (F, '<', $f) or die "$f: $!";
- if(!$permissions) {
- #print STDERR "+++ ", $f,"\n";
- my $xml = XML::Bare->new(text => join('', <F>))->parse();
-
- die "file is not a policykit config file" unless exists $xml->{'policyconfig'}->{'action'};
-
- my $a;
- if (ref $xml->{'policyconfig'}->{'action'} eq 'ARRAY') {
- $a = $xml->{'policyconfig'}->{'action'}
- } else {
- $a = [$xml->{'policyconfig'}->{'action'}];
- }
- for (@{$a}) {
- next unless exists $_->{'id'}->{"value"};
- my $p = { name => $_->{'id'}->{'value'} };
- my @v;
- for my $n (qw/any inactive active/) {
- my $ref = $_->{'defaults'}->{'allow_'.$n};
- if (ref $ref eq 'ARRAY') {
- warn $p->{'name'}.": duplicate allow_$n\n";
- $ref = $ref->[-1];
- }
- push @v, $ref->{'value'} || 'no';
+ #print STDERR "+++ ", $f,"\n";
+ my $xml = XML::Bare->new(text => join('', <F>))->parse();
+
+ die "file is not a policykit config file" unless exists $xml->{'policyconfig'}->{'action'};
+
+ my $a;
+ if (ref $xml->{'policyconfig'}->{'action'} eq 'ARRAY') {
+ $a = $xml->{'policyconfig'}->{'action'}
+ } else {
+ $a = [$xml->{'policyconfig'}->{'action'}];
+ }
+ for (@{$a}) {
+ next unless exists $_->{'id'}->{"value"};
+ my $p = { name => $_->{'id'}->{'value'} };
+ my $v = ();
+ for my $n (qw/any inactive active/) {
+ my $ref = $_->{'defaults'}->{'allow_'.$n};
+ if (ref $ref eq 'ARRAY') {
+ warn $p->{'name'}.": duplicate allow_$n\n";
+ $ref = $ref->[-1];
}
- $p->{'value'} = join(':', @v);
- push @policies, $p;
+ push @$v, $ref->{'value'} || 'no';
}
- } else {
- while(<F>) {
- chomp;
- next unless $_;
- next if(/^#/);
- my ($privilege, $perms) = split(/\s+/);
- $known{$privilege} = 1;
+ $p->{'value'} = $v;
+ push @policies, $p;
+ }
+}
+
+for my $f (@{$options{'policy'}}) {
+ open (F, '<', $f) or die "$f: $!";
+ while(<F>) {
+ chomp;
+ next unless $_;
+ next if(/^#/);
+ my ($privilege, $perms) = split(/\s+/);
+ my @p = map { s/^(auth_(?:admin|self)_keep).+$/$1/; s/_one_shot//; $_ } split(/:/, $perms);
+ if (@p != 3) {
+ @p = ($p[0], $p[0], $p[0]);
}
+ $known{$privilege} = [ @p ];
}
close F;
}
-if(!$permissions) {
+if (!$options{'policy'}) {
map { print $_->{'name'}, "\n" } @policies;
+} elsif ($options{'check-override'}) {
+ for my $p (@policies) {
+ next unless exists $known{$p->{'name'}};
+ next if $known{$p->{'name'}}->[2] eq $p->{'value'}->[2];
+ print sprintf('%-63s %s -> %s'."\n", $p->{'name'}, $p->{'value'}->[2], $known{$p->{'name'}}->[2]);
+ }
} else {
my $have_unknown;
for (@policies) {
next if exists $known{$_->{'name'}};
- print sprintf('%-63s %s'."\n", $_->{'name'}, $_->{'value'});
+ print sprintf('%-63s %s'."\n", $_->{'name'}, join(':', @{$_->{'value'}}));
$have_unknown = 1;
}
- if ($ENV{'VERBOSE'}) {
+ if ($options{'verbose'}) {
my %seen = map { $_->{'name'} => 1} @policies;
my @obs;
for (keys %known) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/polkit-default-privs-12.3/polkit-default-privs.restrictive new/polkit-default-privs-12.3/polkit-default-privs.restrictive
--- old/polkit-default-privs-12.3/polkit-default-privs.restrictive 2013-02-19 17:13:52.000000000 +0100
+++ new/polkit-default-privs-12.3/polkit-default-privs.restrictive 2013-02-22 09:39:59.000000000 +0100
@@ -187,13 +187,13 @@
org.freedesktop.udisks2.modify-device auth_admin
org.freedesktop.udisks2.ata-smart-update auth_admin
# (bnc#761872)
-org.freedesktop.udisks2.eject-media auth_admin:auth_admin:yes
-org.freedesktop.udisks2.filesystem-mount-other-seat auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.encrypted-unlock-other-seat auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.loop-modify-others auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.eject-media-system auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.eject-media-other-seat auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.modify-device-other-seat auth_admin:auth_admin:auth_admin_keep
+org.freedesktop.udisks2.eject-media auth_admin
+org.freedesktop.udisks2.filesystem-mount-other-seat auth_admin
+org.freedesktop.udisks2.encrypted-unlock-other-seat auth_admin
+org.freedesktop.udisks2.loop-modify-others auth_admin
+org.freedesktop.udisks2.eject-media-system auth_admin
+org.freedesktop.udisks2.eject-media-other-seat auth_admin
+org.freedesktop.udisks2.modify-device-other-seat auth_admin
#
# upower
@@ -364,14 +364,14 @@
#
# GNOME control-center (bnc#779938)
#
-org.gnome.controlcenter.user-accounts.administration no:no:auth_admin_keep
-org.gnome.controlcenter.datetime.configure no:no:auth_admin_keep
+org.gnome.controlcenter.user-accounts.administration auth_admin_keep
+org.gnome.controlcenter.datetime.configure auth_admin_keep
#
# PackageKit / systemd offline updates (bnc#798885)
#
-org.freedesktop.packagekit.trigger-offline-update no:no:auth_admin_keep
-org.freedesktop.packagekit.clear-offline-update no:no:auth_admin_keep
+org.freedesktop.packagekit.trigger-offline-update auth_admin_keep
+org.freedesktop.packagekit.clear-offline-update auth_admin_keep
###
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package polkit-default-privs for openSUSE:Factory checked in at 2013-02-22 16:57:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/polkit-default-privs (Old)
and /work/SRC/openSUSE:Factory/.polkit-default-privs.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "polkit-default-privs", Maintainer is "meissner(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/polkit-default-privs/polkit-default-privs.changes 2013-02-21 10:44:07.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.polkit-default-privs.new/polkit-default-privs.changes 2013-02-22 16:57:27.000000000 +0100
@@ -1,0 +2,7 @@
+Thu Feb 21 15:52:52 UTC 2013 - lnussel(a)suse.de
+
+- fix restrictive privileges
+- generate javascript files for new polkit (bnc#804376)
+- implement check for overrides
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ polkit-default-privs.spec ++++++
--- /var/tmp/diff_new_pack.TtvPkk/_old 2013-02-22 16:57:28.000000000 +0100
+++ /var/tmp/diff_new_pack.TtvPkk/_new 2013-02-22 16:57:28.000000000 +0100
@@ -47,7 +47,7 @@
%install
make install DESTDIR=$RPM_BUILD_ROOT
-mkdir -p $RPM_BUILD_ROOT/var/lib/polkit-1/localauthority/10-vendor.d
+mkdir -p $RPM_BUILD_ROOT/etc/polkit-1/rules.d/
%post
%{fillup_only -ns security polkit_default_privs}
@@ -65,8 +65,7 @@
/sbin/set_polkit_default_privs
%_mandir/man*/*
/var/adm/fillup-templates/sysconfig.security-polkit_default_privs
-%attr(0700,root,root) %dir /var/lib/polkit-1
-%dir /var/lib/polkit-1/localauthority
-%dir /var/lib/polkit-1/localauthority/10-vendor.d
+%attr(0755,root,root)%dir /etc/polkit-1/
+%attr(0755,root,root)%dir /etc/polkit-1/rules.d/
%changelog
++++++ polkit-default-privs-12.3.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/polkit-default-privs-12.3/chkstat-polkit new/polkit-default-privs-12.3/chkstat-polkit
--- old/polkit-default-privs-12.3/chkstat-polkit 2013-02-19 17:13:52.000000000 +0100
+++ new/polkit-default-privs-12.3/chkstat-polkit 2013-02-22 09:39:59.000000000 +0100
@@ -1,6 +1,6 @@
#!/usr/bin/perl -w
# This module sets policykit permssions
-# Copyright (C) 2008, 2009 SUSE Linux Products GmbH, Nuernberg, Germany.
+# Copyright (C) 2008, 2009, 2013 SUSE Linux Products GmbH, Nuernberg, Germany.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -21,13 +21,8 @@
use strict;
use File::Path;
-use Digest::MD5 qw/md5_hex/;
-my $polkit_public_dir = '/var/lib/PolicyKit-public';
-my $polkit1_localauthority_dir = '/var/lib/polkit-1/localauthority/10-vendor.d';
-my $suseconfig_dir = '/var/adm/SuSEconfig';
-my $md5_dir = $suseconfig_dir.'/md5';
-my $reload_file = '/var/lib/misc/PolicyKit.reload';
+my $file = '/etc/polkit-1/rules.d/50-default-privs.rules';
my $do_set;
# privilege => value
@@ -48,139 +43,6 @@
exit 1;
}
-my $policykit_ops = {
- name => 'PolicyKit',
- overridefile => sub {
- my $priv = shift;
- return $polkit_public_dir.'/'.$priv.'.defaults-override';
- },
- parse => sub {
- my $priv = shift;
- return shift;
- },
- create => sub {
- my $priv = shift;
- return shift;
- },
- pretty => sub {
- my $perms = shift;
- my @p = map { s/^auth/a/; s/_admin/a/; s/_self/s/; s/_keep/k/; s/_session/s/; s/_always/a/; $_ } split(/:/, $perms);
- return join(':', @p);
- },
-};
-
-my $polkit1_ops = {
- name => 'polkit1',
- overridefile => sub {
- my $priv = shift;
- return $polkit1_localauthority_dir.'/'.$priv.'.pkla';
- },
- parse => sub {
- my $priv = shift;
- my @p;
- for(@_) {
- if(/^ResultAny=(.+)\n/) {
- $p[0] = $1;
- } elsif(/^ResultInactive=(.+)\n/) {
- $p[1] = $1;
- } elsif(/^ResultActive=(.+)\n/) {
- $p[2] = $1;
- }
- }
- return join(':', @p) if ($p[0] && $p[1] && $p[2]);
- return undef;
- },
- convert => sub {
- my $perms = shift;
- my @p = map { s/^(auth_(?:admin|self)_keep).+$/$1/; s/_one_shot//; $_ } split(/:/, $perms);
- return join(':', @p);
- },
- create => sub {
- my $priv = shift;
- my $perms = shift;
-
- my @p = split(/:/, $perms);
-
- my $txt = "[$priv]\nIdentity=unix-group:*\nAction=$priv\n"
- . "ResultAny=$p[0]\nResultInactive=$p[1]\nResultActive=$p[2]\n";
- return $txt;
- },
- pretty => sub {
- my $perms = shift;
- my @p = map { s/^auth/a/; s/_admin/a/; s/_self/s/; s/_keep/k/; s/_session//; s/_always//; $_ } split(/:/, $perms);
- return join(':', @p);
- },
-};
-
-
-sub override($$$)
-{
- my ($privilege, $perms, $ops) = @_;
- my $overridefile = $ops->{overridefile}($privilege);
- my $old_perms;
- my @old_content;
- if(-e $overridefile) {
- if(!open(F, '<', $overridefile)) {
- print STDERR "can't open $overridefile: $!, skip.\n";
- return;
- }
- @old_content = <F>;
- $old_perms = $ops->{parse}($privilege, @old_content);
- close F;
- }
-
- $perms = $ops->{convert}($perms) if $ops->{convert};
-
- if(defined $old_perms && $perms eq $old_perms) {
- return;
- }
-
- if($do_set) {
- print $ops->{name}.": setting $privilege to ".$ops->{pretty}($perms).($old_perms?" (wrong setting ".$ops->{pretty}($old_perms).")\n":"\n");
- if(-e $overridefile) {
- if(!open(F, '<', $md5_dir.'/'.$overridefile)) {
- print STDERR "$overridefile was created externally, skip.\n";
- return;
- }
- my $should_digest = <F>;
- $should_digest = substr($should_digest, 0, 32);
- close F;
- my $digest = md5_hex(join('', @old_content));
- if($digest ne $should_digest) {
- print "$should_digest $digest\n";
- print STDERR "$overridefile was modifed externally, skip.\n";
- return;
- }
- }
- if(!open(F, '>', $overridefile.'.new')) {
- print STDERR "can't create $overridefile.new: $!, skip.\n";
- return;
- }
- my $content = $ops->{create}($privilege, $perms);
- print F $content;
- close F;
- my $digest = md5_hex($content);
- if(!open(F, '>', $md5_dir.'/'.$overridefile)) {
- print STDERR "can't save md5 check for $privilege: $!\n";
- unlink($overridefile.".new");
- return;
- }
- print F $digest." $overridefile\n";
- close F;
- rename($overridefile.'.new', $overridefile);
- } else {
- print $ops->{name}.": $privilege should be ".$ops->{pretty}($perms).($old_perms?" (wrong setting ".$ops->{pretty}($old_perms).")\n":"\n");
- }
-}
-
-if (-d $polkit_public_dir) {
- mkpath($md5_dir.'/'.$polkit_public_dir) if $do_set;
-} else {
- $policykit_ops = undef;
-}
-mkpath($polkit1_localauthority_dir) if $do_set;
-mkpath($md5_dir.'/'.$polkit1_localauthority_dir) if $do_set;
-
while(<>) {
chomp;
next unless $_;
@@ -189,15 +51,55 @@
if($perms !~ /:/) {
$perms = $perms.':'.$perms.':'.$perms;
}
- # backward compat with PolicyKit
- my @p = map { s/^auth_(admin\|self)_keep$/auth_$1_keep_always/; $_ } split(/:/, $perms);
- $perms = join(':', @p);
- $to_set{$privilege} = $perms;
+ # convert PolicyKit syntax
+ my @p = map { s/^(auth_(?:admin|self)_keep).+$/$1/; s/_one_shot//; $_ } split(/:/, $perms);
+ for (@p) {
+ unless (/^(?:auth_(?:admin|self)(?:_keep)?|yes|no)$/) {
+ warn "invalid value $_ in line $.\n";
+ next;
+ }
+ }
+ $to_set{$privilege} = [ @p ];
}
+
+my $rules = '';
while (my ($privilege, $perms) = each %to_set) {
- override($privilege, $perms, $policykit_ops) if defined $policykit_ops;
- override($privilege, $perms, $polkit1_ops);
+ my @p = @$perms;
+ $rules .= sprintf("\t\t'%s':\n\t\t\t[ '%s', '%s', '%s' ],\n", $privilege, $p[0], $p[1], $p[2]);
}
-utime undef, undef, $reload_file if $do_set;
+exit(0) unless $do_set;
+
+open(F, '>', $file.'.new') or die "can't open $file.new: $!\n";
+while(<DATA>) {
+ if (/INSERT_RULES_HERE/) {
+ $_ = $rules;
+ }
+ print F;
+}
+close F;
+
+rename($file.'.new', $file) or die "can't rename $file.new: $!\n";
+
+__END__
+/************************************\
+* AUTOMATICALY GENERATED DO NOT EDIT *
+* see man set_polkit_default_privs *
+\************************************/
+polkit.addRule(function(action, subject) {
+ rules = {
+ "INSERT_RULES_HERE" : [ "auth_admin", "auth_admin", "auth_admin" ],
+ };
+ var i = 0;
+ if (subject.local) {
+ if (subject.active) {
+ i = 2;
+ } else {
+ i = 1;
+ }
+ }
+ if (rules[action.id]) {
+ return rules[action.id][i];
+ }
+});
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/polkit-default-privs-12.3/listpolicies.pl new/polkit-default-privs-12.3/listpolicies.pl
--- old/polkit-default-privs-12.3/listpolicies.pl 2013-02-19 17:13:52.000000000 +0100
+++ new/polkit-default-privs-12.3/listpolicies.pl 2013-02-22 09:39:59.000000000 +0100
@@ -9,76 +9,104 @@
use strict;
use XML::Bare;
-use Data::Dumper;
+use Data::Dump;
+use Getopt::Long;
+Getopt::Long::Configure("no_ignore_case");
+
+my %options;
+
+sub usage($) {
+ my $r = shift;
+ eval "use Pod::Usage; pod2usage($r);";
+ if ($@) {
+ die "cannot display help, install perl(Pod::Usage)\n";
+ }
+}
+
+GetOptions(
+ \%options,
+ "verbose|v",
+ "policy=s@",
+ "check-override",
+ "help|h",
+) or usage(1);
+
+usage(0) if ($options{'help'});
-my $permissions;
my %known;
my @policies;
if ($#ARGV == -1) {
my $buildroot = $ENV{'BUILD_ROOT'} || '';
my $rpm_buildroot = $ENV{'RPM_BUILD_ROOT'} || '';
- @ARGV = glob "$rpm_buildroot/usr/share/PolicyKit/policy/*.policy";
push @ARGV, glob "$rpm_buildroot/usr/share/polkit-1/actions/*.policy";
- push @ARGV, '--';
- push @ARGV, "$buildroot/etc/polkit-default-privs.standard";
+ unless ($options{'policy'}) {
+ $options{'policy'} = [ "$buildroot/etc/polkit-default-privs.standard" ];
+ }
}
for my $f (@ARGV) {
- if ("$f" eq '--') {
- $permissions = 1;
- next;
- }
open (F, '<', $f) or die "$f: $!";
- if(!$permissions) {
- #print STDERR "+++ ", $f,"\n";
- my $xml = XML::Bare->new(text => join('', <F>))->parse();
-
- die "file is not a policykit config file" unless exists $xml->{'policyconfig'}->{'action'};
-
- my $a;
- if (ref $xml->{'policyconfig'}->{'action'} eq 'ARRAY') {
- $a = $xml->{'policyconfig'}->{'action'}
- } else {
- $a = [$xml->{'policyconfig'}->{'action'}];
- }
- for (@{$a}) {
- next unless exists $_->{'id'}->{"value"};
- my $p = { name => $_->{'id'}->{'value'} };
- my @v;
- for my $n (qw/any inactive active/) {
- my $ref = $_->{'defaults'}->{'allow_'.$n};
- if (ref $ref eq 'ARRAY') {
- warn $p->{'name'}.": duplicate allow_$n\n";
- $ref = $ref->[-1];
- }
- push @v, $ref->{'value'} || 'no';
+ #print STDERR "+++ ", $f,"\n";
+ my $xml = XML::Bare->new(text => join('', <F>))->parse();
+
+ die "file is not a policykit config file" unless exists $xml->{'policyconfig'}->{'action'};
+
+ my $a;
+ if (ref $xml->{'policyconfig'}->{'action'} eq 'ARRAY') {
+ $a = $xml->{'policyconfig'}->{'action'}
+ } else {
+ $a = [$xml->{'policyconfig'}->{'action'}];
+ }
+ for (@{$a}) {
+ next unless exists $_->{'id'}->{"value"};
+ my $p = { name => $_->{'id'}->{'value'} };
+ my $v = ();
+ for my $n (qw/any inactive active/) {
+ my $ref = $_->{'defaults'}->{'allow_'.$n};
+ if (ref $ref eq 'ARRAY') {
+ warn $p->{'name'}.": duplicate allow_$n\n";
+ $ref = $ref->[-1];
}
- $p->{'value'} = join(':', @v);
- push @policies, $p;
+ push @$v, $ref->{'value'} || 'no';
}
- } else {
- while(<F>) {
- chomp;
- next unless $_;
- next if(/^#/);
- my ($privilege, $perms) = split(/\s+/);
- $known{$privilege} = 1;
+ $p->{'value'} = $v;
+ push @policies, $p;
+ }
+}
+
+for my $f (@{$options{'policy'}}) {
+ open (F, '<', $f) or die "$f: $!";
+ while(<F>) {
+ chomp;
+ next unless $_;
+ next if(/^#/);
+ my ($privilege, $perms) = split(/\s+/);
+ my @p = map { s/^(auth_(?:admin|self)_keep).+$/$1/; s/_one_shot//; $_ } split(/:/, $perms);
+ if (@p != 3) {
+ @p = ($p[0], $p[0], $p[0]);
}
+ $known{$privilege} = [ @p ];
}
close F;
}
-if(!$permissions) {
+if (!$options{'policy'}) {
map { print $_->{'name'}, "\n" } @policies;
+} elsif ($options{'check-override'}) {
+ for my $p (@policies) {
+ next unless exists $known{$p->{'name'}};
+ next if $known{$p->{'name'}}->[2] eq $p->{'value'}->[2];
+ print sprintf('%-63s %s -> %s'."\n", $p->{'name'}, $p->{'value'}->[2], $known{$p->{'name'}}->[2]);
+ }
} else {
my $have_unknown;
for (@policies) {
next if exists $known{$_->{'name'}};
- print sprintf('%-63s %s'."\n", $_->{'name'}, $_->{'value'});
+ print sprintf('%-63s %s'."\n", $_->{'name'}, join(':', @{$_->{'value'}}));
$have_unknown = 1;
}
- if ($ENV{'VERBOSE'}) {
+ if ($options{'verbose'}) {
my %seen = map { $_->{'name'} => 1} @policies;
my @obs;
for (keys %known) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/polkit-default-privs-12.3/polkit-default-privs.restrictive new/polkit-default-privs-12.3/polkit-default-privs.restrictive
--- old/polkit-default-privs-12.3/polkit-default-privs.restrictive 2013-02-19 17:13:52.000000000 +0100
+++ new/polkit-default-privs-12.3/polkit-default-privs.restrictive 2013-02-22 09:39:59.000000000 +0100
@@ -187,13 +187,13 @@
org.freedesktop.udisks2.modify-device auth_admin
org.freedesktop.udisks2.ata-smart-update auth_admin
# (bnc#761872)
-org.freedesktop.udisks2.eject-media auth_admin:auth_admin:yes
-org.freedesktop.udisks2.filesystem-mount-other-seat auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.encrypted-unlock-other-seat auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.loop-modify-others auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.eject-media-system auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.eject-media-other-seat auth_admin:auth_admin:auth_admin_keep
-org.freedesktop.udisks2.modify-device-other-seat auth_admin:auth_admin:auth_admin_keep
+org.freedesktop.udisks2.eject-media auth_admin
+org.freedesktop.udisks2.filesystem-mount-other-seat auth_admin
+org.freedesktop.udisks2.encrypted-unlock-other-seat auth_admin
+org.freedesktop.udisks2.loop-modify-others auth_admin
+org.freedesktop.udisks2.eject-media-system auth_admin
+org.freedesktop.udisks2.eject-media-other-seat auth_admin
+org.freedesktop.udisks2.modify-device-other-seat auth_admin
#
# upower
@@ -364,14 +364,14 @@
#
# GNOME control-center (bnc#779938)
#
-org.gnome.controlcenter.user-accounts.administration no:no:auth_admin_keep
-org.gnome.controlcenter.datetime.configure no:no:auth_admin_keep
+org.gnome.controlcenter.user-accounts.administration auth_admin_keep
+org.gnome.controlcenter.datetime.configure auth_admin_keep
#
# PackageKit / systemd offline updates (bnc#798885)
#
-org.freedesktop.packagekit.trigger-offline-update no:no:auth_admin_keep
-org.freedesktop.packagekit.clear-offline-update no:no:auth_admin_keep
+org.freedesktop.packagekit.trigger-offline-update auth_admin_keep
+org.freedesktop.packagekit.clear-offline-update auth_admin_keep
###
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package pesign for openSUSE:12.3 checked in at 2013-02-22 16:57:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.3/pesign (Old)
and /work/SRC/openSUSE:12.3/.pesign.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pesign", Maintainer is "GLin(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:12.3/pesign/pesign.changes 2013-02-13 12:09:56.000000000 +0100
+++ /work/SRC/openSUSE:12.3/.pesign.new/pesign.changes 2013-02-22 16:57:15.000000000 +0100
@@ -1,0 +2,7 @@
+Fri Feb 22 08:44:43 UTC 2013 - glin(a)suse.com
+
+- Add pesign-bnc805166-fix-signature-list.patch to fix the broken
+ signature list when inserting signature into a signed EFI binary
+ (bnc#805166)
+
+-------------------------------------------------------------------
New:
----
pesign-bnc805166-fix-signature-list.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pesign.spec ++++++
--- /var/tmp/diff_new_pack.tsRKBH/_old 2013-02-22 16:57:15.000000000 +0100
+++ /var/tmp/diff_new_pack.tsRKBH/_new 2013-02-22 16:57:15.000000000 +0100
@@ -43,6 +43,8 @@
# PATCH-FIX-UPSTREAM pesign-privkey_unneeded.diff glin(a)suse.com -- Don't check the private key when importing the raw signature
Patch10: pesign-privkey_unneeded.diff
Patch11: pesign-no-set-image-size.patch
+# PATCH-FIX-UPSTREAM pesign-bnc805166-fix-signature-list.patch bnc#805166 glin(a)suse.com -- Fix the broken signature list when inserting a new signature into a signed EFI binary.
+Patch12: pesign-bnc805166-fix-signature-list.patch
BuildRequires: mozilla-nss-devel
BuildRequires: pkg-config
BuildRequires: popt-devel
@@ -78,6 +80,7 @@
%patch9 -p1
%patch10 -p1
%patch11 -p1
+%patch12 -p1
%build
make OPTFLAGS="$RPM_OPT_FLAGS"
++++++ pesign-bnc805166-fix-signature-list.patch ++++++
++++ 781 lines (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package pesign for openSUSE:Factory checked in at 2013-02-22 16:57:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pesign (Old)
and /work/SRC/openSUSE:Factory/.pesign.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pesign", Maintainer is "GLin(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/pesign/pesign.changes 2013-02-13 12:09:52.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.pesign.new/pesign.changes 2013-02-22 16:57:11.000000000 +0100
@@ -1,0 +2,7 @@
+Fri Feb 22 08:44:43 UTC 2013 - glin(a)suse.com
+
+- Add pesign-bnc805166-fix-signature-list.patch to fix the broken
+ signature list when inserting signature into a signed EFI binary
+ (bnc#805166)
+
+-------------------------------------------------------------------
New:
----
pesign-bnc805166-fix-signature-list.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pesign.spec ++++++
--- /var/tmp/diff_new_pack.1ncOKm/_old 2013-02-22 16:57:13.000000000 +0100
+++ /var/tmp/diff_new_pack.1ncOKm/_new 2013-02-22 16:57:13.000000000 +0100
@@ -43,6 +43,8 @@
# PATCH-FIX-UPSTREAM pesign-privkey_unneeded.diff glin(a)suse.com -- Don't check the private key when importing the raw signature
Patch10: pesign-privkey_unneeded.diff
Patch11: pesign-no-set-image-size.patch
+# PATCH-FIX-UPSTREAM pesign-bnc805166-fix-signature-list.patch bnc#805166 glin(a)suse.com -- Fix the broken signature list when inserting a new signature into a signed EFI binary.
+Patch12: pesign-bnc805166-fix-signature-list.patch
BuildRequires: mozilla-nss-devel
BuildRequires: pkg-config
BuildRequires: popt-devel
@@ -78,6 +80,7 @@
%patch9 -p1
%patch10 -p1
%patch11 -p1
+%patch12 -p1
%build
make OPTFLAGS="$RPM_OPT_FLAGS"
++++++ pesign-bnc805166-fix-signature-list.patch ++++++
++++ 781 lines (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package openstack-quickstart for openSUSE:Factory checked in at 2013-02-22 16:56:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openstack-quickstart (Old)
and /work/SRC/openSUSE:Factory/.openstack-quickstart.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-quickstart", Maintainer is "radmanic(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/openstack-quickstart/openstack-quickstart.changes 2013-01-30 11:18:05.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.openstack-quickstart.new/openstack-quickstart.changes 2013-02-22 16:56:59.000000000 +0100
@@ -1,0 +2,7 @@
+Thu Feb 7 18:38:37 UTC 2013 - cloud-devel(a)suse.de
+
+- Update to latest git (cb0fbe8):
+ + Enalbe Cinder and Swift Service endpoints
+ + Setup Cinder properly
+
+-------------------------------------------------------------------
Old:
----
openstack-quickstart-2012.2+git.1358781673.95d7088.tar.gz
New:
----
openstack-quickstart-2012.2+git.1360262230.cb0fbe8.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openstack-quickstart.spec ++++++
--- /var/tmp/diff_new_pack.ymofJY/_old 2013-02-22 16:57:00.000000000 +0100
+++ /var/tmp/diff_new_pack.ymofJY/_new 2013-02-22 16:57:00.000000000 +0100
@@ -18,8 +18,8 @@
Name: openstack-quickstart
-Version: 2012.2+git.1358781673.95d7088
-Release: 1
+Version: 2012.2+git.1360262230.cb0fbe8
+Release: 0
License: MIT
Summary: OpenStack Quickstart
Url: http://en.opensuse.org/SDB:Cloud_OpenStack_Quickstart
++++++ openstack-quickstart-2012.2+git.1358781673.95d7088.tar.gz -> openstack-quickstart-2012.2+git.1360262230.cb0fbe8.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openstack-quickstart-2012.2+git.1358781673.95d7088/scripts/openstack-quickstart-demosetup new/openstack-quickstart-2012.2+git.1360262230.cb0fbe8/scripts/openstack-quickstart-demosetup
--- old/openstack-quickstart-2012.2+git.1358781673.95d7088/scripts/openstack-quickstart-demosetup 2013-01-25 12:14:32.000000000 +0100
+++ new/openstack-quickstart-2012.2+git.1360262230.cb0fbe8/scripts/openstack-quickstart-demosetup 2013-02-07 19:38:06.000000000 +0100
@@ -161,6 +161,9 @@
echo "osapi_extensions_path=" >> /etc/nova/nova.conf
fi
+# configure cinder
+sed -i -e "s,#*[ ]*sql_connection=.*,sql_connection=$DB://cinder:${mpw}@${IP}/cinder," /etc/cinder/cinder.conf
+
grep -q nova-rootwrap /etc/sudoers || echo "openstack-nova ALL=(ALL) NOPASSWD:/usr/bin/nova-rootwrap" >> /etc/sudoers
grep -q cinder-rootwrap /etc/sudoers || echo "openstack-cinder ALL=(ALL) NOPASSWD:/usr/bin/cinder-rootwrap" >> /etc/sudoers
@@ -192,7 +195,7 @@
fi
fi
sudo -u postgres dropdb keystone # needed for keystone_data.sh
- for DBNAME in nova keystone glance horizon ; do
+ for DBNAME in nova cinder keystone glance horizon ; do
# use ALTER if CREATE fails: the role probably already exists
# in that case
sudo -u postgres psql -c "CREATE ROLE $DBNAME PASSWORD '$mpw' LOGIN;" || \
@@ -204,7 +207,7 @@
insserv postgresql
else
echo | mysql -u root || pwquery=-p
- for DBNAME in nova keystone glance horizon ; do
+ for DBNAME in nova cinder keystone glance horizon ; do
echo "
set global character_set_server=latin1;
set session character_set_server=latin1;
@@ -307,7 +310,7 @@
# 2012-02-28 keystone light setup
/etc/init.d/openstack-keystone restart
-ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-vol,n-sch,n-novnc,n-xvnc,horizon,mysql,rabbit}
+ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-vol,c-api,n-sch,n-novnc,n-xvnc,horizon,swift,mysql,rabbit}
KEYSTONE_AUTH_HOST=${KEYSTONE_AUTH_HOST:-$SERVICE_HOST}
KEYSTONE_AUTH_PORT=${KEYSTONE_AUTH_PORT:-35357}
KEYSTONE_AUTH_PROTOCOL=${KEYSTONE_AUTH_PROTOCOL:-http}
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package openstack-quantum for openSUSE:Factory checked in at 2013-02-22 16:56:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openstack-quantum (Old)
and /work/SRC/openSUSE:Factory/.openstack-quantum.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-quantum", Maintainer is "radmanic(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/openstack-quantum/openstack-quantum.changes 2013-02-08 07:14:42.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.openstack-quantum.new/openstack-quantum.changes 2013-02-22 16:56:46.000000000 +0100
@@ -1,0 +2,9 @@
+Fri Feb 22 10:12:49 UTC 2013 - cloud-devel(a)suse.de
+
+- Update to version 2012.2.4+git.1361527969.4de49b4:
+ + only destroy single namespace if router_id is set
+ + Enable OVS and NETNS utilities to perform logging
+ + Disable dhcp_domain distribution when dhcp_domain is empty
+ + Shorten the DHCP default resync_interval
+
+--------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openstack-quantum.spec ++++++
--- /var/tmp/diff_new_pack.R84CRf/_old 2013-02-22 16:56:47.000000000 +0100
+++ /var/tmp/diff_new_pack.R84CRf/_new 2013-02-22 16:56:47.000000000 +0100
@@ -21,7 +21,7 @@
%define username openstack-%{component}
Name: openstack-%{component}
-Version: 2012.2.4+git.1360134016.d2a85e6
+Version: 2012.2.4+git.1361527969.4de49b4
Release: 1
License: Apache-2.0
Summary: OpenStack Virtual Network Service (Quantum)
++++++ quantum-stable-folsom.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/AUTHORS new/quantum-2012.2.4/AUTHORS
--- old/quantum-2012.2.4/AUTHORS 2013-02-01 02:13:14.000000000 +0100
+++ new/quantum-2012.2.4/AUTHORS 2013-02-19 14:33:54.000000000 +0100
@@ -10,6 +10,7 @@
Brad Hall <brad(a)nicira.com>
Brian Waldon <bcwaldon(a)gmail.com>
chnm-kulkarni <chnm.kulkarni(a)gmail.com>
+Christoph Thiel <c.thiel(a)telekom.de>
Clark Boylan <clark.boylan(a)gmail.com>
Dan Prince <dprince(a)redhat.com>
Dan Wendlandt <dan(a)nicira.com>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/ChangeLog new/quantum-2012.2.4/ChangeLog
--- old/quantum-2012.2.4/ChangeLog 2013-02-01 02:13:14.000000000 +0100
+++ new/quantum-2012.2.4/ChangeLog 2013-02-19 14:33:54.000000000 +0100
@@ -1,3 +1,73 @@
+commit 4de49b4d81297fad33b4aff87c03f7508ea1a194
+Merge: 004a924 5d26f41
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Tue Feb 19 13:15:33 2013 +0000
+
+ Merge "Shorten the DHCP default resync_interval" into stable/folsom
+
+commit 004a924eca5e77dc4f73ce2eb29a82ece6a97099
+Merge: 7be990a 2f32795
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Tue Feb 19 13:15:28 2013 +0000
+
+ Merge "Disable dhcp_domain distribution when dhcp_domain is empty" into stable/folsom
+
+commit 5d26f41d5949d8d9712286f67d9e83dbb547bb71
+Author: Gary Kotton <gkotton(a)redhat.com>
+Date: Sun Feb 17 15:46:14 2013 +0000
+
+ Shorten the DHCP default resync_interval
+
+ Fixes bug 1128180
+
+ Change-Id: Ie63ef674b5e05fab659e675774a1b25cd57d4c41
+
+ etc/dhcp_agent.ini | 2 +-
+ quantum/agent/dhcp_agent.py | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+commit 7be990a16ccbd147eae422f71f6730065ee5ceaf
+Merge: 45baf03 8755cb3
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Mon Feb 18 07:55:12 2013 +0000
+
+ Merge "Enable OVS and NETNS utilities to perform logging" into stable/folsom
+
+commit 45baf034466275fbc32ababada1513c7b5e76c01
+Author: Christoph Thiel <c.thiel(a)telekom.de>
+Date: Tue Feb 12 11:44:23 2013 +0100
+
+ only destroy single namespace if router_id is set
+
+ Fixes bug 1122206
+
+ If multiple instances of l3_agent are running on the same host, all qrouter-
+ namespaces will be destroyed as new l3_agents are started. This fix allows
+ for multiple l3_agents to be running on the same host when router_id is set
+ for each agent.
+
+ Change-Id: I879cdc6faba94900f831232232d67e471c70d778
+
+ quantum/agent/l3_agent.py | 15 +++++++++++----
+ quantum/tests/unit/test_l3_agent.py | 29 +++++++++++++++++++++++++++--
+ 2 files changed, 38 insertions(+), 6 deletions(-)
+
+commit 8755cb3dc6d215f0dde178668c6e13cfa7d6b20d
+Author: Gary Kotton <gkotton(a)redhat.com>
+Date: Sat Feb 9 15:12:56 2013 +0000
+
+ Enable OVS and NETNS utilities to perform logging
+
+ Fixes bug 1118517
+
+ Change-Id: I041e61505475da2383b34eaeb16dd3b0e9750898
+
+ quantum/agent/netns_cleanup_util.py | 2 +-
+ quantum/agent/ovs_cleanup_util.py | 2 +-
+ quantum/tests/unit/test_agent_netns_cleanup.py | 38 +++++++++++++-----------
+ quantum/tests/unit/test_agent_ovs_cleanup.py | 11 ++++---
+ 4 files changed, 27 insertions(+), 26 deletions(-)
+
commit d2a85e655e1b721b5620d9e4a4a9d7201caed257
Author: Mark McLoughlin <markmc(a)redhat.com>
Date: Thu Jan 31 21:34:03 2013 +0000
@@ -22,6 +92,20 @@
quantum/version.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
+commit 2f3279502356008b69e3e43e210c86c1c9e659fe
+Author: Nachi Ueno <nachi(a)nttmcl.com>
+Date: Tue Jan 15 09:54:59 2013 -0800
+
+ Disable dhcp_domain distribution when dhcp_domain is empty
+
+ fixes bug 1099625
+
+ Change-Id: Ib86770345c46a0dd8bb38a4c3e435420170828af
+
+ quantum/agent/linux/dhcp.py | 8 +++++---
+ quantum/tests/unit/test_linux_dhcp.py | 16 ++++++++++------
+ 2 files changed, 15 insertions(+), 9 deletions(-)
+
commit a84ba7e171e809dbb62e8065f63729ba34d395d8
Author: Gary Kotton <gkotton(a)redhat.com>
Date: Tue Jan 29 15:46:01 2013 +0000
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/etc/dhcp_agent.ini new/quantum-2012.2.4/etc/dhcp_agent.ini
--- old/quantum-2012.2.4/etc/dhcp_agent.ini 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/etc/dhcp_agent.ini 2013-02-19 14:27:49.000000000 +0100
@@ -10,7 +10,7 @@
# The DHCP agent will resync its state with Quantum to recover from any
# transient notification or rpc errors. The interval is number of
# seconds between attempts.
-# resync_interval = 30
+# resync_interval = 5
# The DHCP requires that an inteface driver be set. Choose the one that best
# matches you plugin.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/agent/dhcp_agent.py new/quantum-2012.2.4/quantum/agent/dhcp_agent.py
--- old/quantum-2012.2.4/quantum/agent/dhcp_agent.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/agent/dhcp_agent.py 2013-02-19 14:27:49.000000000 +0100
@@ -46,7 +46,7 @@
class DhcpAgent(object):
OPTS = [
cfg.StrOpt('root_helper', default='sudo'),
- cfg.IntOpt('resync_interval', default=30),
+ cfg.IntOpt('resync_interval', default=5),
cfg.StrOpt('dhcp_driver',
default='quantum.agent.linux.dhcp.Dnsmasq',
help="The driver used to manage the DHCP server."),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/agent/l3_agent.py new/quantum-2012.2.4/quantum/agent/l3_agent.py
--- old/quantum-2012.2.4/quantum/agent/l3_agent.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/agent/l3_agent.py 2013-02-19 14:27:49.000000000 +0100
@@ -127,15 +127,22 @@
)
if self.conf.use_namespaces:
- self._destroy_all_router_namespaces()
+ self._destroy_router_namespaces(self.conf.router_id)
- def _destroy_all_router_namespaces(self):
- """Destroy all router namespaces on the host to eliminate
- all stale linux devices, iptables rules, and namespaces.
+ def _destroy_router_namespaces(self, only_router_id=None):
+ """Destroy router namespaces on the host to eliminate all stale
+ linux devices, iptables rules, and namespaces.
+
+ If only_router_id is passed, only destroy single namespace, to allow
+ for multiple l3 agents on the same host, without stepping on each
+ other's toes on init. This only makes sense if router_id is set.
"""
root_ip = ip_lib.IPWrapper(self.conf.root_helper)
for ns in root_ip.get_namespaces(self.conf.root_helper):
if ns.startswith(NS_PREFIX):
+ if only_router_id and not ns.endswith(only_router_id):
+ continue
+
try:
self._destroy_router_namespace(ns)
except:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/agent/linux/dhcp.py new/quantum-2012.2.4/quantum/agent/linux/dhcp.py
--- old/quantum-2012.2.4/quantum/agent/linux/dhcp.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/agent/linux/dhcp.py 2013-02-19 14:27:49.000000000 +0100
@@ -221,9 +221,8 @@
'--bind-interfaces',
'--interface=%s' % self.interface_name,
'--except-interface=lo',
- '--domain=%s' % self.conf.dhcp_domain,
- '--pid-file=%s' % self.get_conf_file_name('pid',
- ensure_conf_dir=True),
+ '--pid-file=%s' % self.get_conf_file_name(
+ 'pid', ensure_conf_dir=True),
#TODO (mark): calculate value from cidr (defaults to 150)
#'--dhcp-lease-max=%s' % ?,
'--dhcp-hostsfile=%s' % self._output_hosts_file(),
@@ -252,6 +251,9 @@
if self.conf.dnsmasq_dns_server:
cmd.append('--server=%s' % self.conf.dnsmasq_dns_server)
+ if self.conf.dhcp_domain:
+ cmd.append('--domain=%s' % self.conf.dhcp_domain)
+
if self.namespace:
ip_wrapper = ip_lib.IPWrapper(self.root_helper, self.namespace)
ip_wrapper.netns.execute(cmd, addl_env=env)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/agent/netns_cleanup_util.py new/quantum-2012.2.4/quantum/agent/netns_cleanup_util.py
--- old/quantum-2012.2.4/quantum/agent/netns_cleanup_util.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/agent/netns_cleanup_util.py 2013-02-19 14:27:49.000000000 +0100
@@ -53,7 +53,6 @@
conf = cfg.CommonConfigOpts()
conf.register_opts(opts)
conf.register_opts(dhcp.OPTS)
- config.setup_logging(conf)
return conf
@@ -147,6 +146,7 @@
conf = setup_conf()
conf(sys.argv)
+ config.setup_logging(conf)
# Identify namespaces that are candidates for deletion.
candidates = [ns for ns in
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/agent/ovs_cleanup_util.py new/quantum-2012.2.4/quantum/agent/ovs_cleanup_util.py
--- old/quantum-2012.2.4/quantum/agent/ovs_cleanup_util.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/agent/ovs_cleanup_util.py 2013-02-19 14:27:49.000000000 +0100
@@ -51,7 +51,6 @@
conf.register_opts(l3_agent.L3NATAgent.OPTS)
conf.register_opts(interface.OPTS)
conf.register_opts(agent_opts, 'AGENT')
- config.setup_logging(conf)
return conf
@@ -63,6 +62,7 @@
conf = setup_conf()
conf(sys.argv)
+ config.setup_logging(conf)
configuration_bridges = set([conf.ovs_integration_bridge,
conf.external_network_bridge])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/tests/unit/test_agent_netns_cleanup.py new/quantum-2012.2.4/quantum/tests/unit/test_agent_netns_cleanup.py
--- old/quantum-2012.2.4/quantum/tests/unit/test_agent_netns_cleanup.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/tests/unit/test_agent_netns_cleanup.py 2013-02-19 14:27:49.000000000 +0100
@@ -184,20 +184,21 @@
with mock.patch.multiple(util, **methods_to_mock) as mocks:
mocks['eligible_for_deletion'].return_value = True
mocks['setup_conf'].return_value = conf
- util.main()
+ with mock.patch('quantum.common.config.setup_logging'):
+ util.main()
- mocks['eligible_for_deletion'].assert_has_calls(
- [mock.call(conf, 'ns1', False),
- mock.call(conf, 'ns2', False)])
+ mocks['eligible_for_deletion'].assert_has_calls(
+ [mock.call(conf, 'ns1', False),
+ mock.call(conf, 'ns2', False)])
- mocks['destroy_namespace'].assert_has_calls(
- [mock.call(conf, 'ns1', False),
- mock.call(conf, 'ns2', False)])
+ mocks['destroy_namespace'].assert_has_calls(
+ [mock.call(conf, 'ns1', False),
+ mock.call(conf, 'ns2', False)])
- ip_wrap.assert_has_calls(
- [mock.call.get_namespaces('sudo')])
+ ip_wrap.assert_has_calls(
+ [mock.call.get_namespaces('sudo')])
- eventlet_sleep.assert_called_once_with(2)
+ eventlet_sleep.assert_called_once_with(2)
def test_main_no_candidates(self):
namespaces = ['ns1', 'ns2']
@@ -216,15 +217,16 @@
with mock.patch.multiple(util, **methods_to_mock) as mocks:
mocks['eligible_for_deletion'].return_value = False
mocks['setup_conf'].return_value = conf
- util.main()
+ with mock.patch('quantum.common.config.setup_logging'):
+ util.main()
- ip_wrap.assert_has_calls(
- [mock.call.get_namespaces('sudo')])
+ ip_wrap.assert_has_calls(
+ [mock.call.get_namespaces('sudo')])
- mocks['eligible_for_deletion'].assert_has_calls(
- [mock.call(conf, 'ns1', False),
- mock.call(conf, 'ns2', False)])
+ mocks['eligible_for_deletion'].assert_has_calls(
+ [mock.call(conf, 'ns1', False),
+ mock.call(conf, 'ns2', False)])
- self.assertFalse(mocks['destroy_namespace'].called)
+ self.assertFalse(mocks['destroy_namespace'].called)
- self.assertFalse(eventlet_sleep.called)
+ self.assertFalse(eventlet_sleep.called)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/tests/unit/test_agent_ovs_cleanup.py new/quantum-2012.2.4/quantum/tests/unit/test_agent_ovs_cleanup.py
--- old/quantum-2012.2.4/quantum/tests/unit/test_agent_ovs_cleanup.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/tests/unit/test_agent_ovs_cleanup.py 2013-02-19 14:27:49.000000000 +0100
@@ -24,12 +24,11 @@
class TestOVSCleanup(unittest.TestCase):
def test_setup_conf(self):
- with mock.patch('quantum.common.config.setup_logging'):
- conf = util.setup_conf()
- self.assertEqual(conf.external_network_bridge, 'br-ex')
- self.assertEqual(conf.ovs_integration_bridge, 'br-int')
- self.assertFalse(conf.ovs_all_ports)
- self.assertEqual(conf.AGENT.root_helper, 'sudo')
+ conf = util.setup_conf()
+ self.assertEqual(conf.external_network_bridge, 'br-ex')
+ self.assertEqual(conf.ovs_integration_bridge, 'br-int')
+ self.assertFalse(conf.ovs_all_ports)
+ self.assertEqual(conf.AGENT.root_helper, 'sudo')
def test_main(self):
with mock.patch('quantum.common.config.setup_logging'):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/tests/unit/test_l3_agent.py new/quantum-2012.2.4/quantum/tests/unit/test_l3_agent.py
--- old/quantum-2012.2.4/quantum/tests/unit/test_l3_agent.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/tests/unit/test_l3_agent.py 2013-02-19 14:27:49.000000000 +0100
@@ -273,12 +273,37 @@
def __init__(self, name):
self.name = name
- self.mock_ip.get_namespaces.return_value = ['qrouter-foo']
+ self.mock_ip.get_namespaces.return_value = ['qrouter-foo',
+ 'qrouter-bar']
self.mock_ip.get_devices.return_value = [FakeDev('qr-aaaa'),
FakeDev('qgw-aaaa')]
agent = l3_agent.L3NATAgent(self.conf)
- agent._destroy_all_router_namespaces()
+ agent._destroy_router_namespace = mock.MagicMock()
+ agent._destroy_router_namespaces()
+
+ self.assertEqual(agent._destroy_router_namespace.call_count, 2)
+
+ def testDestroyNamespaceWithRouterId(self):
+
+ class FakeDev(object):
+ def __init__(self, name):
+ self.name = name
+
+ self.conf.router_id = _uuid()
+
+ namespaces = ['qrouter-foo', 'qrouter-' + self.conf.router_id]
+
+ self.mock_ip.get_namespaces.return_value = namespaces
+ self.mock_ip.get_devices.return_value = [FakeDev('qr-aaaa'),
+ FakeDev('qgw-aaaa')]
+
+ agent = l3_agent.L3NATAgent(self.conf)
+
+ agent._destroy_router_namespace = mock.MagicMock()
+ agent._destroy_router_namespaces(self.conf.router_id)
+
+ self.assertEqual(agent._destroy_router_namespace.call_count, 1)
def testMain(self):
agent_mock_p = mock.patch('quantum.agent.l3_agent.L3NATAgent')
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/tests/unit/test_linux_dhcp.py new/quantum-2012.2.4/quantum/tests/unit/test_linux_dhcp.py
--- old/quantum-2012.2.4/quantum/tests/unit/test_linux_dhcp.py 2013-02-01 02:09:37.000000000 +0100
+++ new/quantum-2012.2.4/quantum/tests/unit/test_linux_dhcp.py 2013-02-19 14:27:49.000000000 +0100
@@ -426,7 +426,6 @@
'--bind-interfaces',
'--interface=tap0',
'--except-interface=lo',
- '--domain=openstacklocal',
'--pid-file=/dhcp/cccccccc-cccc-cccc-cccc-cccccccccccc/pid',
'--dhcp-hostsfile=/dhcp/cccccccc-cccc-cccc-cccc-cccccccccccc/host',
'--dhcp-optsfile=/dhcp/cccccccc-cccc-cccc-cccc-cccccccccccc/opts',
@@ -434,8 +433,7 @@
'dnsmasq-lease-update'),
'--leasefile-ro',
'--dhcp-range=set:tag0,192.168.0.0,static,120s',
- '--dhcp-range=set:tag1,fdca:3ba5:a17a:4ba3::,static,120s',
- ]
+ '--dhcp-range=set:tag1,fdca:3ba5:a17a:4ba3::,static,120s']
expected.extend(extra_options)
self.execute.return_value = ('', '')
@@ -466,15 +464,21 @@
check_exit_code=True)
def test_spawn(self):
- self._test_spawn(['--conf-file='])
+ self._test_spawn(['--conf-file=', '--domain=openstacklocal'])
def test_spawn_cfg_config_file(self):
self.conf.set_override('dnsmasq_config_file', '/foo')
- self._test_spawn(['--conf-file=/foo'])
+ self._test_spawn(['--conf-file=/foo', '--domain=openstacklocal'])
+
+ def test_spawn_no_dhcp_domain(self):
+ self.conf.set_override('dhcp_domain', '')
+ self._test_spawn(['--conf-file='])
def test_spawn_cfg_dns_server(self):
self.conf.set_override('dnsmasq_dns_server', '8.8.8.8')
- self._test_spawn(['--conf-file=', '--server=8.8.8.8'])
+ self._test_spawn(['--conf-file=',
+ '--server=8.8.8.8',
+ '--domain=openstacklocal'])
def test_output_opts_file(self):
fake_v6 = 'gdca:3ba5:a17a:4ba3::1'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/quantum-2012.2.4/quantum/vcsversion.py new/quantum-2012.2.4/quantum/vcsversion.py
--- old/quantum-2012.2.4/quantum/vcsversion.py 2013-02-01 02:13:13.000000000 +0100
+++ new/quantum-2012.2.4/quantum/vcsversion.py 2013-02-19 14:33:53.000000000 +0100
@@ -2,6 +2,6 @@
# This file is automatically generated by setup.py, So don't edit it. :)
version_info = {
'branch_nick': '(no',
- 'revision_id': 'd2a85e655e1b721b5620d9e4a4a9d7201caed257',
- 'revno': 1376
+ 'revision_id': '4de49b4d81297fad33b4aff87c03f7508ea1a194',
+ 'revno': 1383
}
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package openstack-nova for openSUSE:Factory checked in at 2013-02-22 16:56:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openstack-nova (Old)
and /work/SRC/openSUSE:Factory/.openstack-nova.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-nova", Maintainer is "radmanic(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/openstack-nova/openstack-nova.changes 2013-02-08 07:13:08.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.openstack-nova.new/openstack-nova.changes 2013-02-22 16:56:06.000000000 +0100
@@ -1,0 +2,10 @@
+Fri Feb 22 10:11:47 UTC 2013 - cloud-devel(a)suse.de
+
+- Update to version 2012.2.4+git.1361527907.d5e7f55:
+ + Avoid stuck task_state on snapshot image failure
+ + Add a safe_minidom_parse_string function. (CVE-2013-1664)
+ + Enable libvirt to work with NoopFirewallDriver
+ + Fix state sync logic related to the PAUSED VM state
+ + libvirt: Fix nova-compute start when missing ip.
+
+--------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openstack-nova-doc.spec ++++++
--- /var/tmp/diff_new_pack.56wMIe/_old 2013-02-22 16:56:08.000000000 +0100
+++ /var/tmp/diff_new_pack.56wMIe/_new 2013-02-22 16:56:08.000000000 +0100
@@ -20,7 +20,7 @@
%define majorversion 2012.2.3
Name: openstack-%{component}-doc
-Version: 2012.2.4+git.1360133953.e5d0f4b
+Version: 2012.2.4+git.1361527907.d5e7f55
Release: 1
License: Apache-2.0
Summary: OpenStack Compute (Nova) - Documentation
++++++ openstack-nova.spec ++++++
--- /var/tmp/diff_new_pack.56wMIe/_old 2013-02-22 16:56:08.000000000 +0100
+++ /var/tmp/diff_new_pack.56wMIe/_new 2013-02-22 16:56:08.000000000 +0100
@@ -22,7 +22,7 @@
%define username openstack-%{component}
Name: openstack-%{component}
-Version: 2012.2.4+git.1360133953.e5d0f4b
+Version: 2012.2.4+git.1361527907.d5e7f55
Release: 1
License: Apache-2.0
Summary: OpenStack Compute (Nova)
++++++ nova-stable-folsom.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/ChangeLog new/nova-2012.2.4/ChangeLog
--- old/nova-2012.2.4/ChangeLog 2013-02-01 02:09:20.000000000 +0100
+++ new/nova-2012.2.4/ChangeLog 2013-02-21 20:52:29.000000000 +0100
@@ -1,3 +1,93 @@
+commit d5e7f5512435fe0ca264be28ef23fe2ebb449d1c
+Author: Vishvananda Ishaya <vishvananda(a)gmail.com>
+Date: Thu Feb 21 10:40:45 2013 -0800
+
+ libvirt: Fix nova-compute start when missing ip.
+
+ If nova-compute is restarted when an instance has no ip address
+ the libvirt/vif:_get_configuration method will throw an index
+ error. Check for existance of an ip before attempting to retrieve
+ one. Includes failing test.
+
+ Fixes bug 1131330
+
+ Change-Id: Id383544b44e64205fc3b4f850d0d11ad2ebd5da7
+
+ nova/tests/test_libvirt_vif.py | 28 ++++++++++++++++++++++++++--
+ nova/virt/libvirt/vif.py | 3 ++-
+ 2 files changed, 28 insertions(+), 3 deletions(-)
+
+commit 7ac3fe143ca35493b7a0247dafe0693cf1d6a376
+Merge: 15b2734 7ace55f
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Thu Feb 21 15:55:53 2013 +0000
+
+ Merge "Fix state sync logic related to the PAUSED VM state" into stable/folsom
+
+commit 15b2734d80168bd098c0113258b41917585df776
+Merge: 8836869 ecd98d2
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Thu Feb 21 11:53:11 2013 +0000
+
+ Merge "Enable libvirt to work with NoopFirewallDriver" into stable/folsom
+
+commit 883686946c4e7847032345723bc485114b46c79a
+Merge: 7de7108 2ae74f8
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Wed Feb 20 00:39:01 2013 +0000
+
+ Merge "Add a safe_minidom_parse_string function." into stable/folsom
+
+commit ecd98d2555e2bf606e9078fcf4bd38f95abaaa69
+Author: Gary Kotton <gkotton(a)redhat.com>
+Date: Sun Feb 17 14:30:01 2013 +0000
+
+ Enable libvirt to work with NoopFirewallDriver
+
+ Fixes bug 1050433
+
+ Change-Id: I49613c7d1e6b14411dcdc342366e163a21673f78
+
+ nova/virt/libvirt/vif.py | 36 +++++++++++++++++++-----------------
+ 1 file changed, 19 insertions(+), 17 deletions(-)
+
+commit 7de7108a0fbe69236036d08857f8e4f90637ad21
+Merge: e5d0f4b 21d5e90
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Mon Feb 11 09:26:39 2013 +0000
+
+ Merge "Avoid stuck task_state on snapshot image failure" into stable/folsom
+
+commit 2ae74f8222058e475350458ca0c820adb910582c
+Author: Dan Prince <dprince(a)redhat.com>
+Date: Sat Feb 2 11:34:25 2013 -0500
+
+ Add a safe_minidom_parse_string function.
+
+ Adds a new utils.safe_minidom_parse_string function and
+ updates external API facing Nova modules to use it.
+ This ensures we have safe defaults on our incoming API XML parsing.
+
+ Internally safe_minidom_parse_string uses a ProtectedExpatParser
+ class to disable DTDs and entities from being parsed when using
+ minidom.
+
+ Fixes LP Bug #1100282 for Folsom.
+
+ Change-Id: I6a4051b5e66f3ce5a330b2589c42e6e9e5b9268e
+
+ nova/api/openstack/common.py | 10 ++---
+ nova/api/openstack/compute/contrib/hosts.py | 4 +-
+ .../openstack/compute/contrib/security_groups.py | 7 ++--
+ nova/api/openstack/compute/contrib/volumes.py | 3 +-
+ nova/api/openstack/compute/servers.py | 5 +--
+ .../api/openstack/volume/contrib/volume_actions.py | 4 +-
+ nova/api/openstack/volume/volumes.py | 3 +-
+ nova/api/openstack/wsgi.py | 13 +++---
+ nova/tests/test_utils.py | 33 +++++++++++++++
+ nova/utils.py | 44 ++++++++++++++++++++
+ 10 files changed, 100 insertions(+), 26 deletions(-)
+
commit e5d0f4b95cae7b83233a517c083cfc0855b8f722
Author: Mark McLoughlin <markmc(a)redhat.com>
Date: Thu Jan 31 21:32:07 2013 +0000
@@ -48,6 +138,31 @@
Merge "Fix to include error message in instance faults" into stable/folsom
+commit 21d5e907575a2042f1d0daaa9658a8758f619a1c
+Author: Eoghan Glynn <eglynn(a)redhat.com>
+Date: Fri Jan 25 15:47:33 2013 +0000
+
+ Avoid stuck task_state on snapshot image failure
+
+ Fixes bug LP 1101136
+
+ Previously if the glance interaction failed prior to an
+ instance being snapshot'd or backed up, the task state
+ remained stuck at image_snapshot/backup.
+
+ The normal task state reversion logic did not kick in,
+ as this is limited to the compute layer, whereas the
+ intial glance interaction occurs within the API layer.
+
+ Now, we avoid this problem by delaying setting the task
+ state until the initial image creation has completed.
+
+ Change-Id: Id498ae6b3674306743013e4fe99837da8e2031b5
+
+ nova/compute/api.py | 23 +++++++++++----------
+ nova/tests/compute/test_compute.py | 40 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 52 insertions(+), 11 deletions(-)
+
commit f6081d01878f0021a499f304c511b6e1e9c8f138
Merge: 1709c8e 5a66812
Author: Jenkins <jenkins(a)review.openstack.org>
@@ -62,6 +177,26 @@
Merge "remove session parameter from fixed_ip_get" into stable/folsom
+commit 7ace55fcf9e1b7fea074f6c0331b6feafbbc4178
+Author: Yun Mao <yunmao(a)gmail.com>
+Date: Fri Jan 11 11:59:23 2013 -0500
+
+ Fix state sync logic related to the PAUSED VM state
+
+ A VM may get into the paused state not only because the user request
+ via API calls, but also due to (temporary) external instrumentations.
+ Before the virt layer can reliably report the reason, we simply ignore
+ the state discrepancy. In many cases, the VM state will go back to
+ running after the external instrumentation is done.
+
+ Fix bug 1097806.
+
+ Change-Id: I8edef45d60fa79d6ddebf7d0438042a7b3986b55
+ (cherry picked from commit f7fbdeb5672bae7d3bffd6fa76de1ce81fc132bf)
+
+ nova/compute/manager.py | 16 ++++++++++++----
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
commit 03c3e9b0674623c2617cb4dc98f9dd9fbddfa0ca
Merge: cf67f3b 03200fe
Author: Jenkins <jenkins(a)review.openstack.org>
@@ -91640,7 +91775,7 @@
merged with 1383
commit 10ab2e76b1ea8bbbb6bff4ccaf506bfdd5b57388
-Merge: f1f86d2 dcac4bc
+Merge: f1f86d22 dcac4bc
Author: Ed Leafe <ed(a)leafe.com>
Date: Mon Aug 8 14:07:03 2011 +0000
@@ -127754,7 +127889,7 @@
- add testing for the openstack api versions resource and create a view builder
commit 52da63c50cf248abb0753c675d5b96c0cbe0e842
-Merge: 596e0b3 dab4c0f
+Merge: 596e0b37 dab4c0f
Author: Brian Waldon <brian.waldon(a)rackspace.com>
Date: Fri Mar 25 11:01:51 2011 -0400
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/common.py new/nova-2012.2.4/nova/api/openstack/common.py
--- old/nova-2012.2.4/nova/api/openstack/common.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/common.py 2013-02-21 20:47:14.000000000 +0100
@@ -21,7 +21,6 @@
import urlparse
import webob
-from xml.dom import minidom
from nova.api.openstack import wsgi
from nova.api.openstack import xmlutil
@@ -32,6 +31,7 @@
from nova import flags
from nova.openstack.common import log as logging
from nova import quota
+from nova import utils
LOG = logging.getLogger(__name__)
@@ -341,7 +341,7 @@
class MetadataDeserializer(wsgi.MetadataXMLDeserializer):
def deserialize(self, text):
- dom = minidom.parseString(text)
+ dom = utils.safe_minidom_parse_string(text)
metadata_node = self.find_first_child_named(dom, "metadata")
metadata = self.extract_metadata(metadata_node)
return {'body': {'metadata': metadata}}
@@ -349,7 +349,7 @@
class MetaItemDeserializer(wsgi.MetadataXMLDeserializer):
def deserialize(self, text):
- dom = minidom.parseString(text)
+ dom = utils.safe_minidom_parse_string(text)
metadata_item = self.extract_metadata(dom)
return {'body': {'meta': metadata_item}}
@@ -367,7 +367,7 @@
return metadata
def _extract_metadata_container(self, datastring):
- dom = minidom.parseString(datastring)
+ dom = utils.safe_minidom_parse_string(datastring)
metadata_node = self.find_first_child_named(dom, "metadata")
metadata = self.extract_metadata(metadata_node)
return {'body': {'metadata': metadata}}
@@ -379,7 +379,7 @@
return self._extract_metadata_container(datastring)
def update(self, datastring):
- dom = minidom.parseString(datastring)
+ dom = utils.safe_minidom_parse_string(datastring)
metadata_item = self.extract_metadata(dom)
return {'body': {'meta': metadata_item}}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/compute/contrib/hosts.py new/nova-2012.2.4/nova/api/openstack/compute/contrib/hosts.py
--- old/nova-2012.2.4/nova/api/openstack/compute/contrib/hosts.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/compute/contrib/hosts.py 2013-02-21 20:47:14.000000000 +0100
@@ -16,7 +16,6 @@
"""The hosts admin extension."""
import webob.exc
-from xml.dom import minidom
from xml.parsers import expat
from nova.api.openstack import extensions
@@ -27,6 +26,7 @@
from nova import exception
from nova import flags
from nova.openstack.common import log as logging
+from nova import utils
LOG = logging.getLogger(__name__)
@@ -80,7 +80,7 @@
class HostDeserializer(wsgi.XMLDeserializer):
def default(self, string):
try:
- node = minidom.parseString(string)
+ node = utils.safe_minidom_parse_string(string)
except expat.ExpatError:
msg = _("cannot understand XML")
raise exception.MalformedRequestBody(reason=msg)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/compute/contrib/security_groups.py new/nova-2012.2.4/nova/api/openstack/compute/contrib/security_groups.py
--- old/nova-2012.2.4/nova/api/openstack/compute/contrib/security_groups.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/compute/contrib/security_groups.py 2013-02-21 20:47:14.000000000 +0100
@@ -16,8 +16,6 @@
"""The security groups extension."""
-from xml.dom import minidom
-
import webob
from webob import exc
@@ -30,6 +28,7 @@
from nova import exception
from nova import flags
from nova.openstack.common import log as logging
+from nova import utils
LOG = logging.getLogger(__name__)
@@ -110,7 +109,7 @@
"""
def default(self, string):
"""Deserialize an xml-formatted security group create request"""
- dom = minidom.parseString(string)
+ dom = utils.safe_minidom_parse_string(string)
security_group = {}
sg_node = self.find_first_child_named(dom,
'security_group')
@@ -131,7 +130,7 @@
def default(self, string):
"""Deserialize an xml-formatted security group create request"""
- dom = minidom.parseString(string)
+ dom = utils.safe_minidom_parse_string(string)
security_group_rule = self._extract_security_group_rule(dom)
return {'body': {'security_group_rule': security_group_rule}}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/compute/contrib/volumes.py new/nova-2012.2.4/nova/api/openstack/compute/contrib/volumes.py
--- old/nova-2012.2.4/nova/api/openstack/compute/contrib/volumes.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/compute/contrib/volumes.py 2013-02-21 20:47:14.000000000 +0100
@@ -17,7 +17,6 @@
import webob
from webob import exc
-from xml.dom import minidom
from nova.api.openstack import common
from nova.api.openstack import extensions
@@ -155,7 +154,7 @@
def default(self, string):
"""Deserialize an xml-formatted volume create request."""
- dom = minidom.parseString(string)
+ dom = utils.safe_minidom_parse_string(string)
volume = self._extract_volume(dom)
return {'body': {'volume': volume}}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/compute/servers.py new/nova-2012.2.4/nova/api/openstack/compute/servers.py
--- old/nova-2012.2.4/nova/api/openstack/compute/servers.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/compute/servers.py 2013-02-21 20:47:14.000000000 +0100
@@ -21,7 +21,6 @@
import webob
from webob import exc
-from xml.dom import minidom
from nova.api.openstack import common
from nova.api.openstack.compute import ips
@@ -297,7 +296,7 @@
"""
def default(self, string):
- dom = minidom.parseString(string)
+ dom = utils.safe_minidom_parse_string(string)
action_node = dom.childNodes[0]
action_name = action_node.tagName
@@ -404,7 +403,7 @@
def default(self, string):
"""Deserialize an xml-formatted server create request."""
- dom = minidom.parseString(string)
+ dom = utils.safe_minidom_parse_string(string)
server = self._extract_server(dom)
return {'body': {'server': server}}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/volume/contrib/volume_actions.py new/nova-2012.2.4/nova/api/openstack/volume/contrib/volume_actions.py
--- old/nova-2012.2.4/nova/api/openstack/volume/contrib/volume_actions.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/volume/contrib/volume_actions.py 2013-02-21 20:47:14.000000000 +0100
@@ -13,7 +13,6 @@
# under the License.
import webob
-from xml.dom import minidom
from nova.api.openstack import extensions
from nova.api.openstack import wsgi
@@ -22,6 +21,7 @@
from nova import flags
from nova.openstack.common import log as logging
from nova.openstack.common.rpc import common as rpc_common
+from nova import utils
from nova import volume
@@ -54,7 +54,7 @@
class VolumeToImageDeserializer(wsgi.XMLDeserializer):
"""Deserializer to handle xml-formatted requests"""
def default(self, string):
- dom = minidom.parseString(string)
+ dom = utils.safe_minidom_parse_string(string)
action_node = dom.childNodes[0]
action_name = action_node.tagName
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/volume/volumes.py new/nova-2012.2.4/nova/api/openstack/volume/volumes.py
--- old/nova-2012.2.4/nova/api/openstack/volume/volumes.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/volume/volumes.py 2013-02-21 20:47:14.000000000 +0100
@@ -17,7 +17,6 @@
import webob
from webob import exc
-from xml.dom import minidom
from nova.api.openstack import common
from nova.api.openstack import wsgi
@@ -191,7 +190,7 @@
def default(self, string):
"""Deserialize an xml-formatted volume create request."""
- dom = minidom.parseString(string)
+ dom = utils.safe_minidom_parse_string(string)
volume = self._extract_volume(dom)
return {'body': {'volume': volume}}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/api/openstack/wsgi.py new/nova-2012.2.4/nova/api/openstack/wsgi.py
--- old/nova-2012.2.4/nova/api/openstack/wsgi.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/api/openstack/wsgi.py 2013-02-21 20:47:14.000000000 +0100
@@ -27,6 +27,7 @@
from nova import exception
from nova.openstack.common import jsonutils
from nova.openstack.common import log as logging
+from nova import utils
from nova import wsgi
@@ -217,7 +218,7 @@
plurals = set(self.metadata.get('plurals', {}))
try:
- node = minidom.parseString(datastring).childNodes[0]
+ node = utils.safe_minidom_parse_string(datastring).childNodes[0]
return {node.nodeName: self._from_xml_node(node, plurals)}
except expat.ExpatError:
msg = _("cannot understand XML")
@@ -268,11 +269,11 @@
def extract_text(self, node):
"""Get the text field contained by the given node"""
- if len(node.childNodes) == 1:
- child = node.childNodes[0]
+ ret_val = ""
+ for child in node.childNodes:
if child.nodeType == child.TEXT_NODE:
- return child.nodeValue
- return ""
+ ret_val += child.nodeValue
+ return ret_val
def extract_elements(self, node):
"""Get only Element type childs from node"""
@@ -631,7 +632,7 @@
def action_peek_xml(body):
"""Determine action to invoke."""
- dom = minidom.parseString(body)
+ dom = utils.safe_minidom_parse_string(body)
action_node = dom.childNodes[0]
return action_node.tagName
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/compute/api.py new/nova-2012.2.4/nova/compute/api.py
--- old/nova-2012.2.4/nova/compute/api.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/compute/api.py 2013-02-21 20:47:14.000000000 +0100
@@ -1260,17 +1260,6 @@
else:
raise Exception(_('Image type not recognized %s') % image_type)
- # change instance state and notify
- old_vm_state = instance["vm_state"]
- old_task_state = instance["task_state"]
-
- self.db.instance_test_and_set(
- context, instance_uuid, 'task_state', [None], task_state)
-
- notifications.send_update_with_states(context, instance, old_vm_state,
- instance["vm_state"], old_task_state, instance["task_state"],
- service="api", verify_states=True)
-
properties = {
'instance_uuid': instance_uuid,
'user_id': str(context.user_id),
@@ -1301,6 +1290,18 @@
sent_meta['properties'] = properties
recv_meta = self.image_service.create(context, sent_meta)
+
+ # change instance state and notify
+ old_vm_state = instance["vm_state"]
+ old_task_state = instance["task_state"]
+
+ self.db.instance_test_and_set(
+ context, instance_uuid, 'task_state', [None], task_state)
+
+ notifications.send_update_with_states(context, instance, old_vm_state,
+ instance["vm_state"], old_task_state, instance["task_state"],
+ service="api", verify_states=True)
+
self.compute_rpcapi.snapshot_instance(context, instance=instance,
image_id=recv_meta['id'], image_type=image_type,
backup_type=backup_type, rotation=rotation)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/compute/manager.py new/nova-2012.2.4/nova/compute/manager.py
--- old/nova-2012.2.4/nova/compute/manager.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/compute/manager.py 2013-02-21 20:47:22.000000000 +0100
@@ -2755,10 +2755,8 @@
LOG.exception(_("error during stop() in "
"sync_power_state."),
instance=db_instance)
- elif vm_power_state in (power_state.PAUSED,
- power_state.SUSPENDED):
- LOG.warn(_("Instance is paused or suspended "
- "unexpectedly. Calling "
+ elif vm_power_state == power_state.SUSPENDED:
+ LOG.warn(_("Instance is suspended unexpectedly. Calling "
"the stop API."), instance=db_instance)
try:
self.compute_api.stop(context, db_instance)
@@ -2766,6 +2764,16 @@
LOG.exception(_("error during stop() in "
"sync_power_state."),
instance=db_instance)
+ elif vm_power_state == power_state.PAUSED:
+ # Note(maoy): a VM may get into the paused state not only
+ # because the user request via API calls, but also
+ # due to (temporary) external instrumentations.
+ # Before the virt layer can reliably report the reason,
+ # we simply ignore the state discrepancy. In many cases,
+ # the VM state will go back to running after the external
+ # instrumentation is done. See bug 1097806 for details.
+ LOG.warn(_("Instance is paused unexpectedly. Ignore."),
+ instance=db_instance)
elif vm_state == vm_states.STOPPED:
if vm_power_state not in (power_state.NOSTATE,
power_state.SHUTDOWN,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/tests/compute/test_compute.py new/nova-2012.2.4/nova/tests/compute/test_compute.py
--- old/nova-2012.2.4/nova/tests/compute/test_compute.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/tests/compute/test_compute.py 2013-02-21 20:47:15.000000000 +0100
@@ -3639,6 +3639,46 @@
db.instance_destroy(self.context, instance['uuid'])
+ def test_snapshot_image_service_fails(self):
+ # Ensure task_state remains at None if image service fails.
+ def fake_create(*args, **kwargs):
+ raise test.TestingException()
+
+ restore = getattr(fake_image._FakeImageService, 'create')
+ self.stubs.Set(fake_image._FakeImageService, 'create', fake_create)
+
+ instance = self._create_fake_instance()
+ self.assertRaises(test.TestingException,
+ self.compute_api.snapshot,
+ self.context,
+ instance,
+ 'no_image_snapshot')
+
+ self.stubs.Set(fake_image._FakeImageService, 'create', restore)
+ db_instance = db.instance_get_all(context.get_admin_context())[0]
+ self.assertTrue(db_instance['task_state'] is None)
+
+ def test_backup_image_service_fails(self):
+ # Ensure task_state remains at None if image service fails.
+ def fake_create(*args, **kwargs):
+ raise test.TestingException()
+
+ restore = getattr(fake_image._FakeImageService, 'create')
+ self.stubs.Set(fake_image._FakeImageService, 'create', fake_create)
+
+ instance = self._create_fake_instance()
+ self.assertRaises(test.TestingException,
+ self.compute_api.backup,
+ self.context,
+ instance,
+ 'no_image_backup',
+ 'DAILY',
+ 0)
+
+ self.stubs.Set(fake_image._FakeImageService, 'create', restore)
+ db_instance = db.instance_get_all(context.get_admin_context())[0]
+ self.assertTrue(db_instance['task_state'] is None)
+
def test_backup(self):
"""Can't backup an instance which is already being backed up."""
instance = self._create_fake_instance()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/tests/test_libvirt_vif.py new/nova-2012.2.4/nova/tests/test_libvirt_vif.py
--- old/nova-2012.2.4/nova/tests/test_libvirt_vif.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/tests/test_libvirt_vif.py 2013-02-21 20:47:22.000000000 +0100
@@ -65,7 +65,7 @@
self.stubs.Set(utils, 'execute', fake_execute)
- def _get_instance_xml(self, driver):
+ def _get_instance_xml(self, driver, mapping=None):
conf = config.LibvirtConfigGuest()
conf.virt_type = "qemu"
conf.name = "fake-name"
@@ -73,7 +73,9 @@
conf.memory = 100 * 1024
conf.vcpus = 4
- nic = driver.plug(self.instance, (self.net, self.mapping))
+ if mapping is None:
+ mapping = self.mapping
+ nic = driver.plug(self.instance, (self.net, mapping))
conf.add_device(nic)
return conf.to_xml()
@@ -90,6 +92,28 @@
self.assertEqual(br_name, self.net['bridge'])
mac = node.find("mac").get("address")
self.assertEqual(mac, self.mapping['mac'])
+ first_filter = node.find("filterref")[0]
+ self.assertEqual(first_filter.get('name'), 'IP')
+
+ d.unplug(None, (self.net, self.mapping))
+
+ def test_bridge_driver_no_ips(self):
+ d = vif.LibvirtBridgeDriver()
+ mapping = dict(self.mapping)
+ mapping['ips'] = []
+ xml = self._get_instance_xml(d, mapping)
+
+ doc = etree.fromstring(xml)
+ ret = doc.findall('./devices/interface')
+ self.assertEqual(len(ret), 1)
+ node = ret[0]
+ self.assertEqual(node.get("type"), "bridge")
+ br_name = node.find("source").get("bridge")
+ self.assertEqual(br_name, self.net['bridge'])
+ mac = node.find("mac").get("address")
+ self.assertEqual(mac, self.mapping['mac'])
+ first_filter = node.find("filterref")[0]
+ self.assertNotEqual(first_filter.get('name'), 'IP')
d.unplug(None, (self.net, self.mapping))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/tests/test_utils.py new/nova-2012.2.4/nova/tests/test_utils.py
--- old/nova-2012.2.4/nova/tests/test_utils.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/tests/test_utils.py 2013-02-21 20:47:15.000000000 +0100
@@ -457,6 +457,39 @@
result = utils.service_is_up(service)
self.assertFalse(result)
+ def test_safe_parse_xml(self):
+
+ normal_body = ("""
+ <?xml version="1.0" ?><foo>
+ <bar>
+ <v1>hey</v1>
+ <v2>there</v2>
+ </bar>
+ </foo>""").strip()
+
+ def killer_body():
+ return (("""<!DOCTYPE x [
+ <!ENTITY a "%(a)s">
+ <!ENTITY b "%(b)s">
+ <!ENTITY c "%(c)s">]>
+ <foo>
+ <bar>
+ <v1>%(d)s</v1>
+ </bar>
+ </foo>""") % {
+ 'a': 'A' * 10,
+ 'b': '&a;' * 10,
+ 'c': '&b;' * 10,
+ 'd': '&c;' * 9999,
+ }).strip()
+
+ dom = utils.safe_minidom_parse_string(normal_body)
+ self.assertEqual(normal_body, str(dom.toxml()))
+
+ self.assertRaises(ValueError,
+ utils.safe_minidom_parse_string,
+ killer_body())
+
def test_xhtml_escape(self):
self.assertEqual('"foo"', utils.xhtml_escape('"foo"'))
self.assertEqual(''foo'', utils.xhtml_escape("'foo'"))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/utils.py new/nova-2012.2.4/nova/utils.py
--- old/nova-2012.2.4/nova/utils.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/utils.py 2013-02-21 20:47:15.000000000 +0100
@@ -39,6 +39,10 @@
import time
import uuid
import weakref
+from xml.dom import minidom
+from xml.parsers import expat
+from xml import sax
+from xml.sax import expatreader
from xml.sax import saxutils
from eventlet import event
@@ -567,6 +571,46 @@
return self.done.wait()
+class ProtectedExpatParser(expatreader.ExpatParser):
+ """An expat parser which disables DTD's and entities by default."""
+
+ def __init__(self, forbid_dtd=True, forbid_entities=True,
+ *args, **kwargs):
+ # Python 2.x old style class
+ expatreader.ExpatParser.__init__(self, *args, **kwargs)
+ self.forbid_dtd = forbid_dtd
+ self.forbid_entities = forbid_entities
+
+ def start_doctype_decl(self, name, sysid, pubid, has_internal_subset):
+ raise ValueError("Inline DTD forbidden")
+
+ def entity_decl(self, entityName, is_parameter_entity, value, base,
+ systemId, publicId, notationName):
+ raise ValueError("<!ENTITY> forbidden")
+
+ def unparsed_entity_decl(self, name, base, sysid, pubid, notation_name):
+ # expat 1.2
+ raise ValueError("<!ENTITY> forbidden")
+
+ def reset(self):
+ expatreader.ExpatParser.reset(self)
+ if self.forbid_dtd:
+ self._parser.StartDoctypeDeclHandler = self.start_doctype_decl
+ if self.forbid_entities:
+ self._parser.EntityDeclHandler = self.entity_decl
+ self._parser.UnparsedEntityDeclHandler = self.unparsed_entity_decl
+
+
+def safe_minidom_parse_string(xml_string):
+ """Parse an XML string using minidom safely.
+
+ """
+ try:
+ return minidom.parseString(xml_string, parser=ProtectedExpatParser())
+ except sax.SAXParseException as se:
+ raise expat.ExpatError()
+
+
def xhtml_escape(value):
"""Escapes a string so it is valid within XML or XHTML.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nova-2012.2.4/nova/virt/libvirt/vif.py new/nova-2012.2.4/nova/virt/libvirt/vif.py
--- old/nova-2012.2.4/nova/virt/libvirt/vif.py 2013-02-01 02:05:36.000000000 +0100
+++ new/nova-2012.2.4/nova/virt/libvirt/vif.py 2013-02-21 20:47:22.000000000 +0100
@@ -64,24 +64,27 @@
if FLAGS.libvirt_use_virtio_for_bridges:
conf.model = "virtio"
- conf.filtername = "nova-instance-" + instance['name'] + "-" + mac_id
- conf.add_filter_param("IP", mapping['ips'][0]['ip'])
- if mapping['dhcp_server']:
- conf.add_filter_param("DHCPSERVER", mapping['dhcp_server'])
+ if FLAGS.firewall_driver != "nova.virt.firewall.NoopFirewallDriver":
+ conf.filtername = "nova-instance-" + instance['name'] + "-" + \
+ mac_id
+ if mapping['ips']:
+ conf.add_filter_param("IP", mapping['ips'][0]['ip'])
+ if mapping['dhcp_server']:
+ conf.add_filter_param("DHCPSERVER", mapping['dhcp_server'])
- if FLAGS.use_ipv6:
- conf.add_filter_param("RASERVER",
- mapping.get('gateway_v6') + "/128")
-
- if FLAGS.allow_same_net_traffic:
- net, mask = netutils.get_net_and_mask(network['cidr'])
- conf.add_filter_param("PROJNET", net)
- conf.add_filter_param("PROJMASK", mask)
if FLAGS.use_ipv6:
- net_v6, prefixlen_v6 = netutils.get_net_and_prefixlen(
- network['cidr_v6'])
- conf.add_filter_param("PROJNET6", net_v6)
- conf.add_filter_param("PROJMASK6", prefixlen_v6)
+ conf.add_filter_param("RASERVER",
+ mapping.get('gateway_v6') + "/128")
+
+ if FLAGS.allow_same_net_traffic:
+ net, mask = netutils.get_net_and_mask(network['cidr'])
+ conf.add_filter_param("PROJNET", net)
+ conf.add_filter_param("PROJMASK", mask)
+ if FLAGS.use_ipv6:
+ net_v6, prefixlen_v6 = netutils.get_net_and_prefixlen(
+ network['cidr_v6'])
+ conf.add_filter_param("PROJNET6", net_v6)
+ conf.add_filter_param("PROJMASK6", prefixlen_v6)
return conf
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package openstack-keystone for openSUSE:Factory checked in at 2013-02-22 16:55:54
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openstack-keystone (Old)
and /work/SRC/openSUSE:Factory/.openstack-keystone.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-keystone", Maintainer is "radmanic(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/openstack-keystone/openstack-keystone.changes 2013-02-08 07:13:00.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.openstack-keystone.new/openstack-keystone.changes 2013-02-22 16:55:56.000000000 +0100
@@ -1,0 +2,7 @@
+Fri Feb 22 10:11:13 UTC 2013 - cloud-devel(a)suse.de
+
+- Update to version 2012.2.4+git.1361527873.37b3532:
+ + Disable XML entity parsing (CVE-2013-1664, CVE-2013-1665)
+ + Ensure user and tenant enabled in EC2 (CVE-2013-0282)
+
+--------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openstack-keystone-doc.spec ++++++
--- /var/tmp/diff_new_pack.O6QhFl/_old 2013-02-22 16:55:58.000000000 +0100
+++ /var/tmp/diff_new_pack.O6QhFl/_new 2013-02-22 16:55:58.000000000 +0100
@@ -19,7 +19,7 @@
%define component keystone
Name: openstack-%{component}-doc
-Version: 2012.2.4+git.1360133921.82c87e5
+Version: 2012.2.4+git.1361527873.37b3532
Release: 0
License: Apache-2.0
Summary: OpenStack Identity Service (Keystone) - Documentation
++++++ openstack-keystone.spec ++++++
--- /var/tmp/diff_new_pack.O6QhFl/_old 2013-02-22 16:55:58.000000000 +0100
+++ /var/tmp/diff_new_pack.O6QhFl/_new 2013-02-22 16:55:58.000000000 +0100
@@ -23,7 +23,7 @@
%define hybrid keystone-hybrid-backend-folsom
Name: openstack-%{component}
-Version: 2012.2.4+git.1360133921.82c87e5
+Version: 2012.2.4+git.1361527873.37b3532
Release: 0
License: Apache-2.0
Summary: OpenStack Identity Service (Keystone)
++++++ keystone-hybrid-backend-folsom.tar.gz ++++++
++++++ keystone-stable-folsom.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/keystone-2012.2.4/AUTHORS new/keystone-2012.2.4/AUTHORS
--- old/keystone-2012.2.4/AUTHORS 2013-02-05 17:24:46.000000000 +0100
+++ new/keystone-2012.2.4/AUTHORS 2013-02-20 02:12:23.000000000 +0100
@@ -84,6 +84,7 @@
Mohammed Naser <mnaser(a)vexxhost.com>
monsterxx03 <xyj.asmy(a)gmail.com>
Monty Taylor <mordred(a)inaugust.com>
+Nathanael Burton <nathanael.i.burton.work(a)gmail.com>
Pádraig Brady <pbrady(a)redhat.com>
Pádraig Brady <P(a)draigBrady.com>
Paul McMillan <paul.mcmillan(a)nebula.com>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/keystone-2012.2.4/ChangeLog new/keystone-2012.2.4/ChangeLog
--- old/keystone-2012.2.4/ChangeLog 2013-02-05 17:24:46.000000000 +0100
+++ new/keystone-2012.2.4/ChangeLog 2013-02-20 02:12:22.000000000 +0100
@@ -1,3 +1,36 @@
+commit 37b3532884f30fc979f633abe9be2b694d16887a
+Merge: 8a22745 f0b4d30
+Author: Jenkins <jenkins(a)review.openstack.org>
+Date: Wed Feb 20 00:49:06 2013 +0000
+
+ Merge "Ensure user and tenant enabled in EC2" into stable/folsom
+
+commit f0b4d300db5cc61d4f079f8bce9da8e8bea1081a
+Author: Nathanael Burton <nathanael.i.burton.work(a)gmail.com>
+Date: Tue Feb 19 09:27:04 2013 -0600
+
+ Ensure user and tenant enabled in EC2
+
+ Fixes bug 1121494.
+
+ Change-Id: Icc90d581691b5aa63754e076ce983dfa2885a1dc
+
+ keystone/contrib/ec2/core.py | 22 +++++++++++++++++-----
+ 1 file changed, 17 insertions(+), 5 deletions(-)
+
+commit 8a2274595ac628b2373eab0cb14690f866b7a024
+Author: Dolph Mathews <dolph.mathews(a)rackspace.com>
+Date: Tue Feb 19 09:04:11 2013 -0600
+
+ Disable XML entity parsing
+
+ Fixes bug 1100282 and bug 1100279.
+
+ Change-Id: Ibf2d73bca17b689cfa2dfd29eb15ea6e7458a123
+
+ keystone/common/serializer.py | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
commit 82c87e5638ebaf9f166a9b07a0155291276d6fdc
Merge: b3bd5fd bb2226f
Author: Jenkins <jenkins(a)review.openstack.org>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/keystone-2012.2.4/keystone/common/serializer.py new/keystone-2012.2.4/keystone/common/serializer.py
--- old/keystone-2012.2.4/keystone/common/serializer.py 2013-02-05 17:22:07.000000000 +0100
+++ new/keystone-2012.2.4/keystone/common/serializer.py 2013-02-20 02:08:12.000000000 +0100
@@ -29,6 +29,16 @@
DOCTYPE = '<?xml version="1.0" encoding="UTF-8"?>'
XMLNS = 'http://docs.openstack.org/identity/api/v2.0'
+PARSER = etree.XMLParser(
+ resolve_entities=False,
+ remove_comments=True,
+ remove_pis=True)
+
+# NOTE(dolph): lxml.etree.Entity() is just a callable that currently returns an
+# lxml.etree._Entity instance, which doesn't appear to be part of the
+# public API, so we discover the type dynamically to be safe
+ENTITY_TYPE = type(etree.Entity('x'))
+
def from_xml(xml):
"""Deserialize XML to a dictionary."""
@@ -51,7 +61,7 @@
class XmlDeserializer(object):
def __call__(self, xml_str):
"""Returns a dictionary populated by decoding the given xml string."""
- dom = etree.fromstring(xml_str.strip())
+ dom = etree.fromstring(xml_str.strip(), PARSER)
return self.walk_element(dom)
@staticmethod
@@ -87,7 +97,8 @@
# current spec does not have attributes on an element with text
values = values or text or {}
- for child in [self.walk_element(x) for x in element]:
+ for child in [self.walk_element(x) for x in element
+ if not isinstance(x, ENTITY_TYPE)]:
values = dict(values.items() + child.items())
return {XmlDeserializer._tag_name(element.tag): values}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/keystone-2012.2.4/keystone/contrib/ec2/core.py new/keystone-2012.2.4/keystone/contrib/ec2/core.py
--- old/keystone-2012.2.4/keystone/contrib/ec2/core.py 2013-02-05 17:22:07.000000000 +0100
+++ new/keystone-2012.2.4/keystone/contrib/ec2/core.py 2013-02-20 02:08:12.000000000 +0100
@@ -37,6 +37,7 @@
import uuid
from keystone import catalog
+from keystone.common import logging
from keystone.common import manager
from keystone.common import utils
from keystone.common import wsgi
@@ -49,6 +50,7 @@
CONF = config.CONF
+LOG = logging.getLogger(__name__)
class Manager(manager.Manager):
@@ -117,9 +119,9 @@
credentials['host'] = hostname
signature = signer.generate(credentials)
if not utils.auth_str_equal(credentials.signature, signature):
- raise exception.Unauthorized(message='Invalid EC2 signature.')
+ raise exception.Unauthorized()
else:
- raise exception.Unauthorized(message='EC2 signature not supplied.')
+ raise exception.Unauthorized()
def authenticate(self, context, credentials=None, ec2Credentials=None):
"""Validate a signed EC2 request and provide a token.
@@ -149,7 +151,7 @@
credentials = ec2Credentials
if not 'access' in credentials:
- raise exception.Unauthorized(message='EC2 signature not supplied.')
+ raise exception.Unauthorized()
creds_ref = self._get_credentials(context,
credentials['access'])
@@ -161,9 +163,19 @@
tenant_ref = self.identity_api.get_tenant(
context=context,
tenant_id=creds_ref['tenant_id'])
+ # If the tenant is disabled don't allow them to authenticate
+ if tenant_ref and not tenant_ref.get('enabled', True):
+ msg = 'Tenant %s is disabled' % tenant_ref['id']
+ LOG.warning(msg)
+ raise exception.Unauthorized()
user_ref = self.identity_api.get_user(
context=context,
user_id=creds_ref['user_id'])
+ # If the user is disabled don't allow them to authenticate
+ if not user_ref.get('enabled', True):
+ msg = 'User %s is disabled' % user_ref['id']
+ LOG.warning(msg)
+ raise exception.Unauthorized()
metadata_ref = self.identity_api.get_metadata(
context=context,
user_id=user_ref['id'],
@@ -174,7 +186,7 @@
# fill out the roles in the metadata
roles = metadata_ref.get('roles', [])
if not roles:
- raise exception.Unauthorized(message='User not valid for tenant.')
+ raise exception.Unauthorized()
roles_ref = [self.identity_api.get_role(context, role_id)
for role_id in roles]
@@ -279,7 +291,7 @@
creds = self.ec2_api.get_credential(context,
credential_id)
if not creds:
- raise exception.Unauthorized(message='EC2 access key not found.')
+ raise exception.Unauthorized()
return creds
def _assert_identity(self, context, user_id):
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package ninja for openSUSE:Factory checked in at 2013-02-22 16:55:45
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ninja (Old)
and /work/SRC/openSUSE:Factory/.ninja.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ninja", Maintainer is ""
Changes:
--------
--- /work/SRC/openSUSE:Factory/ninja/ninja.changes 2013-01-11 09:37:24.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.ninja.new/ninja.changes 2013-02-22 16:55:46.000000000 +0100
@@ -1,0 +2,7 @@
+Fri Feb 22 13:22:33 UTC 2013 - idonmez(a)suse.com
+
+- Update to git hash b26d217
+ * Documentation updates
+ * Fix wrong usage of std::string::find
+
+-------------------------------------------------------------------
Old:
----
ninja-8a4c9e05f7.tar.bz2
New:
----
ninja-b26d217.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ninja.spec ++++++
--- /var/tmp/diff_new_pack.gIW4CY/_old 2013-02-22 16:55:47.000000000 +0100
+++ /var/tmp/diff_new_pack.gIW4CY/_new 2013-02-22 16:55:47.000000000 +0100
@@ -16,18 +16,19 @@
#
-%define _githash 8a4c9e05f7
+%define _githash b26d217
Name: ninja
Summary: A small build system closest in spirit to Make
License: Apache-2.0
Group: Development/Tools/Building
-Version: 0.0_20121229
+Version: 0.0_20130222
Release: 0
Url: https://github.com/martine/ninja
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: asciidoc
BuildRequires: gcc-c++
+BuildRequires: libxslt-tools
BuildRequires: python
Source0: ninja-%{_githash}.tar.bz2
++++++ ninja-8a4c9e05f7.tar.bz2 -> ninja-b26d217.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/RELEASING new/ninja/RELEASING
--- old/ninja/RELEASING 1970-01-01 01:00:00.000000000 +0100
+++ new/ninja/RELEASING 2013-02-22 14:20:51.000000000 +0100
@@ -0,0 +1,10 @@
+Notes to myself on all the steps to make for a Ninja release.
+
+1. git checkout release; git merge master
+2. fix version number in source (it will likely conflict in the above)
+3. fix version in doc/manual.asciidoc
+4. grep doc/manual.asciidoc for XXX, fix version references
+5. rebuild manual, put in place on website
+6. commit, tag, push
+7. construct release notes from prior notes
+ credits: git shortlog -s --no-merges REV..
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/bootstrap.py new/ninja/bootstrap.py
--- old/ninja/bootstrap.py 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/bootstrap.py 2013-02-22 14:20:51.000000000 +0100
@@ -96,6 +96,7 @@
'-DNINJA_BOOTSTRAP'])
if options.windows:
cflags.append('-D_WIN32_WINNT=0x0501')
+ conf_args.append("--platform=mingw")
if options.x64:
cflags.append('-m64')
args.extend(cflags)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/configure.py new/ninja/configure.py
--- old/ninja/configure.py 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/configure.py 2013-02-22 14:20:51.000000000 +0100
@@ -279,7 +279,8 @@
'manifest_parser',
'metrics',
'state',
- 'util']:
+ 'util',
+ 'version']:
objs += cxx(name)
if platform in ('mingw', 'windows'):
for name in ['subprocess-win32',
@@ -396,9 +397,14 @@
n.comment('Generate the manual using asciidoc.')
n.rule('asciidoc',
- command='asciidoc -a toc -a max-width=45em -o $out $in',
- description='ASCIIDOC $in')
-manual = n.build(doc('manual.html'), 'asciidoc', doc('manual.asciidoc'))
+ command='asciidoc -b docbook -d book -o $out $in',
+ description='ASCIIDOC $out')
+n.rule('xsltproc',
+ command='xsltproc --nonet doc/docbook.xsl $in > $out',
+ description='XSLTPROC $out')
+xml = n.build(built('manual.xml'), 'asciidoc', doc('manual.asciidoc'))
+manual = n.build(doc('manual.html'), 'xsltproc', xml,
+ implicit=doc('style.css'))
n.build('manual', 'phony',
order_only=manual)
n.newline()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/doc/docbook.xsl new/ninja/doc/docbook.xsl
--- old/ninja/doc/docbook.xsl 1970-01-01 01:00:00.000000000 +0100
+++ new/ninja/doc/docbook.xsl 2013-02-22 14:20:51.000000000 +0100
@@ -0,0 +1,17 @@
+<!-- This soup of XML is the minimum customization necessary to make the
+ autogenerated manual look ok. -->
+<!DOCTYPE xsl:stylesheet [
+<!ENTITY css SYSTEM "style.css">
+]>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ version='1.0'>
+ <xsl:import href="http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl"/>
+ <xsl:template name="user.head.content"><style>&css;</style></xsl:template>
+ <xsl:template name="body.attributes"></xsl:template>
+ <xsl:param name="generate.toc" select="'book toc'"/>
+ <xsl:param name="chapter.autolabel" select="0" />
+ <xsl:param name="toc.list.type">ul</xsl:param>
+
+ <xsl:output method="html" encoding="utf-8" indent="no"
+ doctype-public=""/>
+</xsl:stylesheet>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/doc/manual.asciidoc new/ninja/doc/manual.asciidoc
--- old/ninja/doc/manual.asciidoc 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/doc/manual.asciidoc 2013-02-22 14:20:51.000000000 +0100
@@ -209,20 +209,22 @@
Environment variables
~~~~~~~~~~~~~~~~~~~~~
-Ninja supports one environment variable to control its behavior.
+Ninja supports one environment variable to control its behavior:
+`NINJA_STATUS`, the progress status printed before the rule being run.
-`NINJA_STATUS`:: The progress status printed before the rule being run.
Several placeholders are available:
-* `%s`: The number of started edges.
-* `%t`: The total number of edges that must be run to complete the build.
-* `%p`: The percentage of started edges.
-* `%r`: The number of currently running edges.
-* `%u`: The number of remaining edges to start.
-* `%f`: The number of finished edges.
-* `%o`: Overall rate of finished edges per second
-* `%c`: Current rate of finished edges per second (average over builds specified by -j or its default)
-* `%%`: A plain `%` character.
-* The default progress status is `"[%s/%t] "` (note the trailing space
+
+`%s`:: The number of started edges.
+`%t`:: The total number of edges that must be run to complete the build.
+`%p`:: The percentage of started edges.
+`%r`:: The number of currently running edges.
+`%u`:: The number of remaining edges to start.
+`%f`:: The number of finished edges.
+`%o`:: Overall rate of finished edges per second
+`%c`:: Current rate of finished edges per second (average over builds specified by -j or its default)
+`%%`:: A plain `%` character.
+
+The default progress status is `"[%s/%t] "` (note the trailing space
to separate from the build rule). Another example of possible progress status
could be `"[%u/%r/%f] "`.
@@ -354,17 +356,11 @@
follows an indented set of `variable = value` lines.
The basic example above declares a new rule named `cc`, along with the
-command to run. (In the context of a rule, the `command` variable is
-special and defines the command to run. A full list of special
-variables is provided in <<ref_rule,the reference>>.)
-
-Within the context of a rule, three additional special variables are
-available: `$in` expands to the list of input files (`foo.c`) and
-`$out` to the output file (`foo.o`) for the command. For use with
-`$rspfile_content`, there is also `$in_newline`, which is the same as
-`$in`, except that multiple inputs are separated by `\n`, rather than
-spaces.
-
+command to run. In the context of a rule, the `command` variable
+defines the command to run, `$in` expands to the list of
+input files (`foo.c`), and `$out` to the output files (`foo.o`) for the
+command. A full list of special variables is provided in
+<<ref_rule,the reference>>.
Build statements
~~~~~~~~~~~~~~~~
@@ -420,6 +416,8 @@
Pools
~~~~~
+_Available since Ninja 1.1._
+
Pools allow you to allocate one or more rules or edges a finite number
of concurrent jobs which is more tightly restricted than the default
parallelism.
@@ -532,6 +530,7 @@
default.
+[[ref_log]]
The Ninja log
~~~~~~~~~~~~~
@@ -545,6 +544,36 @@
`.ninja_log` will be kept in that directory instead.
+[[ref_versioning]]
+Version compatibility
+~~~~~~~~~~~~~~~~~~~~~
+
+_Available since Ninja 1.XXX._
+
+Ninja version labels follow the standard major.minor.patch format,
+where the major version is increased on backwards-incompatible
+syntax/behavioral changes and the minor version is increased on new
+behaviors. Your `build.ninja` may declare a variable named
+`ninja_required_version` that asserts the minimum Ninja version
+required to use the generated file. For example,
+
+-----
+ninja_required_version = 1.1
+-----
+
+declares that the build file relies on some feature that was
+introduced in Ninja 1.1 (perhaps the `pool` syntax), and that
+Ninja 1.1 or greater must be used to build. Unlike other Ninja
+variables, this version requirement is checked immediately when
+the variable is encountered in parsing, so it's best to put it
+at the top of the build file.
+
+Ninja always warns if the major versions of Ninja and the
+`ninja_required_version` don't match; a major version change hasn't
+come up yet so it's difficult to predict what behavior might be
+required.
+
+
Ninja file reference
--------------------
@@ -630,9 +659,22 @@
considered part of its parent's scope; if it is indented less than the
previous one, it closes the previous scope.
+Top-level variables
+~~~~~~~~~~~~~~~~~~~
+
+Two variables are significant when declared in the outermost file scope.
+
+`builddir`:: a directory for some Ninja output files. See <<ref_log,the
+ discussion of the build log>>. (You can also store other build output
+ in this directory.)
+
+`ninja_required_version`:: the minimum verison of Ninja required to process
+ the build correctly. See <<ref_versioning,the discussion of versioning>>.
+
+
+[[ref_rule]]
Rule variables
~~~~~~~~~~~~~~
-[[ref_rule]]
A `rule` block contains a list of `key = value` declarations that
affect the processing of the rule. Here is a full list of special
@@ -674,6 +716,20 @@
rebuilt if the command line changes; and secondly, they are not
cleaned by default.
+`in`:: the shell-quoted space-separated list of files provided as
+ inputs to the build line referencing this `rule`. (`$in` is provided
+ solely for convenience; if you need some subset or variant of this
+ list of files, just construct a new variable with that list and use
+ that instead.)
+
+`in_newline`:: the same as `$in` except that multiple inputs are
+ separated by newlines rather than spaces. (For use with
+ `$rspfile_content`; this works around a bug in the MSVC linker where
+ it uses a fixed-size buffer for processing input.)
+
+`out`:: the shell-quoted space-separated list of files provided as
+ outputs to the build line referencing this `rule`.
+
`restat`:: if present, causes Ninja to re-stat the command's outputs
after execution of the command. Each output whose modification time
the command did not change will be treated as though it had never
@@ -700,13 +756,9 @@
build myapp.exe: link a.obj b.obj [possibly many other .obj files]
----
-Finally, the special `$in` and `$out` variables expand to the
-shell-quoted space-separated list of files provided to the `build`
-line referencing this `rule`.
-
+[[ref_dependencies]]
Build dependencies
~~~~~~~~~~~~~~~~~~
-[[ref_dependencies]]
There are three types of build dependencies which are subtly different.
@@ -768,9 +820,9 @@
foo = bar
----
+[[ref_scope]]
Evaluation and scoping
~~~~~~~~~~~~~~~~~~~~~~
-[[ref_scope]]
Top-level variable declarations are scoped to the file they occur in.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/doc/style.css new/ninja/doc/style.css
--- old/ninja/doc/style.css 1970-01-01 01:00:00.000000000 +0100
+++ new/ninja/doc/style.css 2013-02-22 14:20:51.000000000 +0100
@@ -0,0 +1,29 @@
+body {
+ margin: 5ex 10ex;
+ max-width: 40em;
+ line-height: 1.4;
+ font-family: sans-serif;
+ font-size: 0.8em;
+}
+h1, h2, h3 {
+ font-weight: normal;
+}
+pre, code {
+ font-family: x, monospace;
+}
+pre {
+ padding: 1ex;
+ background: #eee;
+ border: solid 1px #ddd;
+ min-width: 0;
+ font-size: 90%;
+}
+code {
+ color: #007;
+}
+.chapter {
+ margin-top: 4em;
+}
+p {
+ margin-top: 0;
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/misc/packaging/ninja.spec new/ninja/misc/packaging/ninja.spec
--- old/ninja/misc/packaging/ninja.spec 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/misc/packaging/ninja.spec 2013-02-22 14:20:51.000000000 +0100
@@ -5,8 +5,10 @@
Group: Development/Tools
License: Apache 2.0
URL: https://github.com/martine/ninja
-Source0: %{name}-%{version}-%{release}.tar.gz
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}
+Source0: %{name}-%{version}-%{rel}.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{rel}
+
+BuildRequires: asciidoc
%description
Ninja is yet another build system. It takes as input the interdependencies of files (typically source code and output executables) and
@@ -17,7 +19,7 @@
seconds to start building after changing one file. Ninja is under a second.
%prep
-%setup -q -n %{name}-%{version}-%{release}
+%setup -q -n %{name}-%{version}-%{rel}
%build
echo Building..
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/src/graph.cc new/ninja/src/graph.cc
--- old/ninja/src/graph.cc 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/src/graph.cc 2013-02-22 14:20:51.000000000 +0100
@@ -284,8 +284,10 @@
bool DependencyScan::LoadDepFile(Edge* edge, const string& path, string* err) {
METRIC_RECORD("depfile load");
string content = disk_interface_->ReadFile(path, err);
- if (!err->empty())
+ if (!err->empty()) {
+ *err = "loading '" + path + "': " + *err;
return false;
+ }
// On a missing depfile: return false and empty *err.
if (content.empty())
return false;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/src/manifest_parser.cc new/ninja/src/manifest_parser.cc
--- old/ninja/src/manifest_parser.cc 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/src/manifest_parser.cc 2013-02-22 14:20:51.000000000 +0100
@@ -23,6 +23,7 @@
#include "metrics.h"
#include "state.h"
#include "util.h"
+#include "version.h"
ManifestParser::ManifestParser(State* state, FileReader* file_reader)
: state_(state), file_reader_(file_reader) {
@@ -66,10 +67,15 @@
case Lexer::IDENT: {
lexer_.UnreadToken();
string name;
- EvalString value;
- if (!ParseLet(&name, &value, err))
+ EvalString let_value;
+ if (!ParseLet(&name, &let_value, err))
return false;
- env_->AddBinding(name, value.Evaluate(env_));
+ string value = let_value.Evaluate(env_);
+ // Check ninja_required_version immediately so we can exit
+ // before encountering any syntactic surprises.
+ if (name == "ninja_required_version")
+ CheckNinjaVersion(value);
+ env_->AddBinding(name, value);
break;
}
case Lexer::INCLUDE:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/src/msvc_helper_main-win32.cc new/ninja/src/msvc_helper_main-win32.cc
--- old/ninja/src/msvc_helper_main-win32.cc 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/src/msvc_helper_main-win32.cc 2013-02-22 14:20:51.000000000 +0100
@@ -44,6 +44,31 @@
}
}
+void WriteDepFileOrDie(const char* object_path, CLWrapper* cl) {
+ string depfile_path = string(object_path) + ".d";
+ FILE* depfile = fopen(depfile_path.c_str(), "w");
+ if (!depfile) {
+ unlink(object_path);
+ Fatal("opening %s: %s", depfile_path.c_str(), GetLastErrorString().c_str());
+ }
+ if (fprintf(depfile, "%s: ", object_path) < 0) {
+ unlink(object_path);
+ fclose(depfile);
+ unlink(depfile_path.c_str());
+ Fatal("writing %s", depfile_path.c_str());
+ }
+ vector<string> headers = cl->GetEscapedResult();
+ for (vector<string>::iterator i = headers.begin(); i != headers.end(); ++i) {
+ if (fprintf(depfile, "%s\n", i->c_str()) < 0) {
+ unlink(object_path);
+ fclose(depfile);
+ unlink(depfile_path.c_str());
+ Fatal("writing %s", depfile_path.c_str());
+ }
+ }
+ fclose(depfile);
+}
+
} // anonymous namespace
int MSVCHelperMain(int argc, char** argv) {
@@ -95,17 +120,7 @@
cl.SetEnvBlock((void*)env.data());
int exit_code = cl.Run(command);
- string depfile = string(output_filename) + ".d";
- FILE* output = fopen(depfile.c_str(), "w");
- if (!output) {
- Fatal("opening %s: %s", depfile.c_str(), GetLastErrorString().c_str());
- }
- fprintf(output, "%s: ", output_filename);
- vector<string> headers = cl.GetEscapedResult();
- for (vector<string>::iterator i = headers.begin(); i != headers.end(); ++i) {
- fprintf(output, "%s\n", i->c_str());
- }
- fclose(output);
+ WriteDepFileOrDie(output_filename, &cl);
return exit_code;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/src/ninja.cc new/ninja/src/ninja.cc
--- old/ninja/src/ninja.cc 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/src/ninja.cc 2013-02-22 14:20:51.000000000 +0100
@@ -41,16 +41,13 @@
#include "metrics.h"
#include "state.h"
#include "util.h"
+#include "version.h"
// Defined in msvc_helper_main-win32.cc.
int MSVCHelperMain(int argc, char** argv);
namespace {
-/// The version number of the current Ninja release. This will always
-/// be "git" on trunk.
-const char* kVersion = "git";
-
/// Global information passed into subtools.
struct Globals {
Globals() : state(new State()) {}
@@ -109,7 +106,7 @@
" -C DIR change to DIR before doing anything else\n"
" -f FILE specify input build file [default=build.ninja]\n"
"\n"
-" -j N run N jobs in parallel [default=%d]\n"
+" -j N run N jobs in parallel [default=%d, derived from CPUs available]\n"
" -l N do not start new jobs if the load average is greater than N\n"
#ifdef _WIN32
" (not yet implemented on Windows)\n"
@@ -121,7 +118,7 @@
" -d MODE enable debugging (use -d list to list modes)\n"
" -t TOOL run a subtool (use -t list to list subtools)\n"
" terminates toplevel options; further flags are passed to the tool\n",
- kVersion, config.parallelism);
+ kNinjaVersion, config.parallelism);
}
/// Choose a default value for the -j (parallelism) flag.
@@ -772,7 +769,7 @@
working_dir = optarg;
break;
case OPT_VERSION:
- printf("%s\n", kVersion);
+ printf("%s\n", kNinjaVersion);
return 0;
case 'h':
default:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/src/util.cc new/ninja/src/util.cc
--- old/ninja/src/util.cc 2013-01-10 20:39:40.000000000 +0100
+++ new/ninja/src/util.cc 2013-02-22 14:20:51.000000000 +0100
@@ -325,7 +325,7 @@
}
#endif
-#ifdef _WIN32
+#if defined(_WIN32) || defined(__CYGWIN__)
double GetLoadAverage() {
// TODO(nicolas.despres(a)gmail.com): Find a way to implement it on Windows.
// Remember to also update Usage() when this is fixed.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/src/version.cc new/ninja/src/version.cc
--- old/ninja/src/version.cc 1970-01-01 01:00:00.000000000 +0100
+++ new/ninja/src/version.cc 2013-02-22 14:20:51.000000000 +0100
@@ -0,0 +1,57 @@
+// Copyright 2013 Google Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "version.h"
+
+#include <stdlib.h>
+
+#include "util.h"
+
+const char* kNinjaVersion = "1.1.0.git";
+
+void ParseVersion(const string& version, int* major, int* minor) {
+ size_t end = version.find('.');
+ *major = atoi(version.substr(0, end).c_str());
+ *minor = 0;
+ if (end != string::npos) {
+ size_t start = end + 1;
+ end = version.find('.', start);
+ *minor = atoi(version.substr(start, end).c_str());
+ }
+}
+
+void CheckNinjaVersion(const string& version) {
+ int bin_major, bin_minor;
+ ParseVersion(kNinjaVersion, &bin_major, &bin_minor);
+ int file_major, file_minor;
+ ParseVersion(version, &file_major, &file_minor);
+
+ if (bin_major > file_major) {
+ Warning("ninja executable version (%s) greater than build file "
+ "ninja_required_version (%s); versions may be incompatible.",
+ kNinjaVersion, version.c_str());
+ return;
+ }
+
+ if ((bin_major == file_major && bin_minor < file_minor) ||
+ bin_major < file_major) {
+ Fatal("ninja version (%s) incompatible with build file "
+ "ninja_required_version version (%s).",
+ kNinjaVersion, version.c_str());
+ }
+}
+
+
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ninja/src/version.h new/ninja/src/version.h
--- old/ninja/src/version.h 1970-01-01 01:00:00.000000000 +0100
+++ new/ninja/src/version.h 2013-02-22 14:20:51.000000000 +0100
@@ -0,0 +1,32 @@
+// Copyright 2013 Google Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef NINJA_VERSION_H_
+#define NINJA_VERSION_H_
+
+#include <string>
+using namespace std;
+
+/// The version number of the current Ninja release. This will always
+/// be "git" on trunk.
+extern const char* kNinjaVersion;
+
+/// Parse the major/minor components of a version string.
+void ParseVersion(const string& version, int* major, int* minor);
+
+/// Check whether \a version is compatible with the current Ninja version,
+/// aborting if not.
+void CheckNinjaVersion(const string& required_version);
+
+#endif // NINJA_VERSION_H_
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package Mesa for openSUSE:Factory checked in at 2013-02-22 16:55:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/Mesa (Old)
and /work/SRC/openSUSE:Factory/.Mesa.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "Mesa", Maintainer is "sndirsch(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/Mesa/Mesa.changes 2013-02-05 12:13:13.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.Mesa.new/Mesa.changes 2013-02-22 16:55:28.000000000 +0100
@@ -1,0 +2,34 @@
+Thu Feb 21 23:23:22 UTC 2013 - hrvoje.senjan(a)gmail.com
+
+- update to Mesa 9.0.3: a bugfix release
+ * Pink artifacts on objects in the distance in ETQW/Quake 4
+ (fdo#25201)
+ * configure: Doesn't check for python libxml2 (fdo#31598)
+ * [softpipe] piglit glsl-max-varyings regression (fdo#40404)
+ * [bisected] Oglc pxconv-gettex(basic.allCases) regressed (fdo#47220)
+ * [bisected i965]Oglc shad-compiler(advanced.TestLessThani)
+ regressed(fdo#48629)
+ * [swrast] piglit fbo-generatemipmap-filtering regression
+ (fdo#54240)
+ * [sandybridge][uxa] graphics very glitchy and always flickering
+ (fdo#56920)
+ * [GM45] Chrome experiment "Stars" crash: brw_fs_emit.cpp:708:
+ brw_reg brw_reg_from_fs_reg(fs_reg*): Assertion „!"not reached"“
+ failed. (fdo#57166)
+ * build test failure: nouveau_fbo.c:198:3: error: too few arguments to
+ function 'nouveau_renderbuffer_del' (fdo#57746)
+ * [swrast] Mesa 9.1-devel implementation error: Unable to
+ delete renderbuffer, no context (fdo#57754)
+ * [IVB] Graphical glitches in 0 A.D (fdo#58680)
+ * [softpipe] util/u_tile.c:795:pipe_put_tile_z: Assertion `0' failed.
+ (fdo#58972)
+ * [bisected] Mesa build fails: clientattrib.c:33:22: fatal error: indirect.h:
+ No such file or directory (fdo#59364)
+ * [ILK/SNB/IVB Bisected]Oglc vertexshader(advanced.TestLightsTwoSided)
+ causes GPU hung (fdo#59700)
+ * [swrast] piglit ext_framebuffer_multisample-interpolation 0
+ centroid-edges regression (fdo#59873)
+ * [Bisected]Piglit glx_extension_string_sanity fail (fdo#60052)
+ * Planeshift: triangles where grass would be (fdo#60172)
+
+-------------------------------------------------------------------
Old:
----
MesaLib-9.0.2.tar.bz2
New:
----
MesaLib-9.0.3.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ Mesa.spec ++++++
--- /var/tmp/diff_new_pack.lC51Vd/_old 2013-02-22 16:55:30.000000000 +0100
+++ /var/tmp/diff_new_pack.lC51Vd/_new 2013-02-22 16:55:30.000000000 +0100
@@ -17,11 +17,11 @@
%define glamor 1
-%define _version 9.0.2
+%define _version 9.0.3
%define _name_archive MesaLib
Name: Mesa
-Version: 9.0.2
+Version: 9.0.3
Release: 0
BuildRequires: autoconf >= 2.60
BuildRequires: automake
++++++ MesaLib-9.0.2.tar.bz2 -> MesaLib-9.0.3.tar.bz2 ++++++
++++ 4068 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0