April 2014 - openSUSE Commits - openSUSE Mailing Lists

commit nagios-plugins for openSUSE:Factory
by root＠hilbert.suse.de 22 Apr '14

22 Apr '14

Hello community, here is the log from the commit of package nagios-plugins for openSUSE:Factory checked in at 2014-04-22 07:38:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nagios-plugins (Old) and /work/SRC/openSUSE:Factory/.nagios-plugins.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "nagios-plugins" Changes: -------- --- /work/SRC/openSUSE:Factory/nagios-plugins/nagios-plugins.changes 2013-03-14 17:29:40.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.nagios-plugins.new/nagios-plugins.changes 2014-04-22 07:38:17.000000000 +0200 @@ -1,0 +2,144 @@ +Sat Apr 12 14:34:01 UTC 2014 - lars(a)linux-schulserver.de + +- do not package check_game for openSUSE > 13.1 as the needed binary + is not in Factory + +------------------------------------------------------------------- +Fri Mar 28 11:16:53 UTC 2014 - lars(a)linux-schulserver.de + +- also recommend/require apparmor-profiles to get tunables/global +- do not package check_apt on 13.1 and beyond as Factory maintainers + do not want a package requiring the binary + +------------------------------------------------------------------- +Tue Mar 11 15:21:27 UTC 2014 - lars(a)linux-schulserver.de + +- remove nagios-plugins-xenvm as this is now provided by + nagios-xen-host package + +------------------------------------------------------------------- +Sat Mar 1 23:19:24 UTC 2014 - lars(a)linux-schulserver.de + +- added new check_ircd, which allows to monitor SSL enabled IRCd + and prints out perfdata + + require IO::Socket::SSL and IO::Socket::INET6 + +------------------------------------------------------------------- +Wed Jan 22 09:31:45 UTC 2014 - lars(a)linux-schulserver.de + +- remove left overs from former bgpstate package +- add dbi-{mysql,pgsql,sqlite3} plugin package(s) +- add nagios-plugins-rpmlintrc for the virtual packages that + require the appropriate library for the dbi check + +------------------------------------------------------------------- +Sun Jan 19 01:47:43 UTC 2014 - lars(a)linux-schulserver.de + +- adapt URL to new upstream page (bnc#859105) + +------------------------------------------------------------------- +Sun Dec 22 11:14:55 UTC 2013 - jcnengel(a)gmail.com + +- Add SNMPv3 context support to check_snmp following an idea of + Lars Mathwig <mathwig(a)gmx.de> + +------------------------------------------------------------------- +Wed Nov 27 19:56:08 UTC 2013 - msvec(a)suse.com + +- Get rid of the old SUSE spelling in READMEs + +------------------------------------------------------------------- +Tue Nov 19 11:37:39 UTC 2013 - schneemann(a)b1-systems.de + +- update to 1.5 + * removed contrib directory + * New check_dbi plugin for checking an (SQL) database using DBI + * Let OpenSSL load its configuration file (see the + OPENSSL_config(3) man page) + * Add performance data to check_apt + * Add performance data to check_procs + * Added -4/-6 options to check_dig + * New check_oracle --connect option to perform real login + * New check_nagios -t option to override the default timeout + * New check_disk -f/--freespace-ignore-reserved option to + ignore space reserved for root + * New check_disk -N/--include-type option to limit the filesystem + types to check + * Allow for building the plugins in parallel + * Add --without-{dbi,ldap,radius} options to ./configure + * Made Verbose output of check_sensors compliant + * New switch -E/--extended-perfdata for check_http to print + additional performance data + * New check_http -d option to specify a string to expect within + the response headers + * New check_http -J/-K options for client certificate + authentication support + * Add support for executing queries to check_pgsql + * Let check_pgsql accept a UNIX socket directory as hostname + * New check_pgsql -o option to specify additional connection parameters + * New check_fping -S option to specify the source IP address + * New check_fping -I option to specify the interface to bind to + * Let check_fping support IPv6 + * New check_procs -k option to ignore kernel threads (on Linux) + * Let check_procs use /proc/<PID>/exe (if available) instead of + getpid(2), unless -T is specified + * Let check_mysql support SSL + * Let check_mysql add perfromance metrics for all checks + * New check_mysql -f option to specify a client options file + * New check_mysql -g option to specify a client options group + * New check_snmp --offset option to allow for adding/substracting + an offset value to sensor data + * Let check_snmp support an arbitrary number of OIDs + + * Fixes: + + Change the MAIL FROM command generated by check_smtp to be + RFC compliant + + Fix compilation of check_http without SSL support + + Fix check_snmp reversed threshold ranges + (backward-compatibility) + + Fix check_snmp memory violation when using more than 8 OIDs + + Fix check_apt security regular expression + + Fix check_http handling extra header (-k) containing semicolons + + Fix check_apt handling unknown exit codes from apt-get + + Fix deprecated imports of check_nmap.py + + +------------------------------------------------------------------- +Wed Oct 23 17:00:38 UTC 2013 - opensuse(a)cboltz.de + +- update apparmor profiles usr.lib.nagios.plugins.check_cups and + usr.lib.nagios.plugins.check_ping with /usr/bin/ paths (bnc#847229) + +------------------------------------------------------------------- +Fri Aug 30 11:14:59 UTC 2013 - lars(a)linux-schulserver.de + +- allow family="inet6" sock_type="raw" in apparmor profile for + check_ping + +------------------------------------------------------------------- +Tue Aug 13 10:37:17 CEST 2013 - ro(a)suse.de + +- update apparmor profile for ntp check (added nameservice) + +------------------------------------------------------------------- +Sun Aug 11 23:46:52 UTC 2013 - lars(a)linux-schulserver.de + +- add capabilities sys_admin and sys_rawio to ide_smart check + +------------------------------------------------------------------- +Mon Aug 5 14:10:18 CEST 2013 - ro(a)suse.de + +- add apparmor profiles for these checks: + icmp, ide_smart, ping, ssh + +------------------------------------------------------------------- +Wed Jul 17 13:01:40 UTC 2013 - lars(a)linux-schulserver.de + +- enhance the documentation for checks with special privileges + +------------------------------------------------------------------- +Thu May 23 13:50:14 UTC 2013 - opensuse(a)dstoecker.de + +- add check_procs_perf plugin + +------------------------------------------------------------------- Old: ---- nagios-plugins-1.4.14-check_inodes.patch nagios-plugins-1.4.14-command_cfg.patch nagios-plugins-1.4.14-nmap.patch nagios-plugins-1.4.16.tar.bz2 nagios-plugins-README.SuSE nagios-plugins-README.SuSE-check_dhcp nagios-plugins-README.SuSE-check_icmp nagios-plugins-README.SuSE-check_ide_smart nagios-plugins-stdio.h.patch nagios-plugins.check_xenvm.sh New: ---- check_ircd_ssl nagios-plugins-1.5.tar.bz2 nagios-plugins-README.SUSE nagios-plugins-README.SUSE-check_cups nagios-plugins-README.SUSE-check_dhcp nagios-plugins-README.SUSE-check_icmp nagios-plugins-README.SUSE-check_ide_smart nagios-plugins-rpmlintrc nagios-plugins.check_snmp.snmpv3-context.patch usr.lib.nagios.plugins.check_cups usr.lib.nagios.plugins.check_icmp usr.lib.nagios.plugins.check_ide_smart usr.lib.nagios.plugins.check_ping usr.lib.nagios.plugins.check_ssh ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nagios-plugins.spec ++++++ ++++ 637 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/nagios-plugins/nagios-plugins.spec ++++ and /work/SRC/openSUSE:Factory/.nagios-plugins.new/nagios-plugins.spec ++++++ check_ircd_ssl ++++++ #! /usr/bin/perl -w # # Copyright (C) 2014, SUSE Linux Products GmbH, Nuremberg # Author: Lars Vogdt # # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # * Redistributions of source code must retain the above copyright notice, this # list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # # * Neither the name of the Novell nor the names of its contributors may be # used to endorse or promote products derived from this software without # specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # use Getopt::Long; use IO::Socket::INET6; use strict; use vars qw($PROGNAME $VERSION); use vars qw($opt_V $opt_h $opt_t $opt_p $opt_H $opt_w $opt_c $ssl $verbose); use lib '/usr/lib/nagios/plugins'; use utils qw($TIMEOUT %ERRORS &print_revision &support &usage); # ----------------------------------------------------[ Function Prototypes ]-- sub print_help (); sub print_usage (); # -------------------------------------------------------------[ Enviroment ]-- $ENV{PATH} = ''; $ENV{ENV} = ''; $ENV{BASH_ENV} = ''; # -----------------------------------------------------------------[ Global ]-- $PROGNAME = 'check_ircd'; $VERSION = '1.5.0'; my $nick = "ircd$$"; # -------------------------------------------------------------[ print_help ]-- sub print_help () { print_revision($PROGNAME,$VERSION); print "Copyright (c) 2014 SUSE Linux Products GmbH, Nuremberg based on the original work of Richard Mayhew/Karl DeBisschop in 2000 Perl Check IRCD plugin for Nagios "; print_usage(); print " -H, --hostname=HOST Name or IP address of host to check -w, --warning=INTEGER Number of connected users which generates a warning state (Default: 50) -c, --critical=INTEGER Number of connected users which generates a critical state (Default: 100) -p, --port=INTEGER Port that the ircd daemon is running on <host> (Default: 6667) -v, --verbose Print extra debugging information -s, --ssl Use SSL for connection (NOTE: might need '-p 6697' option) "; } # ------------------------------------------------------------[ print_usage ]-- sub print_usage () { print "Usage: $PROGNAME -H <host> [-w <warn>] [-c <crit>] [-p <port>] [-s]\n"; } # ------------------------------------------------------------------[ debug ]-- sub debug ($$) { my ($string,$verbose) = @_; if ($verbose){ print STDOUT "DEBUG: $string"; } } # ----------------------------------------------------------------[ connect ]-- sub connection ($$$$$$) { my ($server,$port,$ssl,$ping_timeout,$nick,$verbose) = @_; my $user=-1; debug("Attempting connect.\n",$verbose); # Connect to server debug("Connecting ...........\n",$verbose); my $sock = IO::Socket::INET6->new( PeerAddr => $server, PeerPort => $port, Proto => 'tcp', Domain => AF_UNSPEC ) or return ($user); if($ssl) { use IO::Socket::SSL; debug("Starting SSL .........\n",$verbose); IO::Socket::SSL->start_SSL( $sock, SSL_verify_mode => 0, # Do not verify certificate ) or die "SSL handshake failed: $SSL_ERROR"; } debug("Connected to server: $server on port: $port\n",$verbose); # Set nick and username debug("Sending user info ....\n",$verbose); print $sock "NICK $nick\nUSER monitor localhost localhost : \n"; # Catch SIGALRM from the OS when timeout expired. local $SIG{ALRM} = sub {$sock->shutdown(0);}; # Send all incomming data to the parser while (<$sock>) { alarm 0; chomp($_); if (/^PING \:(.+)/) { debug("Received PING request, sending PONG :$1\n",$verbose); print $sock "PONG :$1\n"; } elsif (/\:I have\s+(\d+)/){ $user=$1; last; } alarm $ping_timeout; } debug("Closing socket.\n",$verbose); close $sock; return $user; } # ------------------------------------------------------------[ check_users ]-- sub check_users ($$$){ my ($users,$crit,$warn)=@_; $users =~ s/\ //g; my ($state,$answer); if ($users >= 0) { if ($users > $crit) { $state = "CRITICAL"; $answer = "Critical Number Of Clients Connected : $users (Limit = $crit)"; } elsif ($users > $warn) { $state = "WARNING"; $answer = "Warning Number Of Clients Connected : $users (Limit = $warn)"; } else { $state = "OK"; $answer = "IRCD ok - Current Local Users: $users"; } $answer.="|users=$users;$warn;$crit;0\n"; } else { $state = "UNKNOWN"; $answer = "Server has less than 0 users! Something is Really WRONG!\n"; } return ($answer,$state) } # ===================================================================[ MAIN ]== MAIN: { my $answer = 'IRCD UNKNOWN: Unknown error - maybe could not authenticate\n'; my $state = 'UNKOWN'; my $hostname; Getopt::Long::Configure('bundling'); GetOptions ( "V" => \$opt_V, "version" => \$opt_V, "h" => \$opt_h, "help" => \$opt_h, "v" => \$verbose,"verbose" => \$verbose, "s" => \$ssl, "ssl" => \$ssl, "t=i" => \$opt_t, "timeout=i" => \$opt_t, "w=i" => \$opt_w, "warning=i" => \$opt_w, "c=i" => \$opt_c, "critical=i" => \$opt_c, "p=i" => \$opt_p, "port=i" => \$opt_p, "H=s" => \$opt_H, "hostname=s" => \$opt_H); if ($opt_V) { print_revision($PROGNAME,$VERSION); exit $ERRORS{'OK'}; } if ($opt_h) {print_help(); exit $ERRORS{'OK'};} ($opt_H) || ($opt_H = shift @ARGV) || usage("Host name/address not specified\n"); my $server = $1 if ($opt_H =~ /([-.A-Za-z0-9]+)/); ($server) || usage("Invalid host: $opt_H\n"); ($opt_w) || ($opt_w = shift @ARGV) || ($opt_w = 50); my $warn = $1 if ($opt_w =~ /^([0-9]+)$/); ($warn) || usage("Invalid warning threshold: $opt_w\n"); ($opt_c) || ($opt_c = shift @ARGV) || ($opt_c = 100); my $crit = $1 if ($opt_c =~ /^([0-9]+)$/); ($crit) || usage("Invalid critical threshold: $opt_c\n"); if ($crit < $warn){ usage("Invalid threshold: $crit for critical is lower than $warn for warning\n"); } ($opt_p) || ($opt_p = shift @ARGV) || ($opt_p = 6667); my $port = $1 if ($opt_p =~ /^([0-9]+)$/); ($port) || usage("Invalid port: $opt_p\n"); if ($opt_t && $opt_t =~ /^([0-9]+)$/) { $TIMEOUT = $1; } # Just in case of problems, let's not hang Nagios $SIG{'ALRM'} = sub { print "Somthing is Taking a Long Time, Increase Your TIMEOUT (Currently Set At $TIMEOUT Seconds)\n"; exit $ERRORS{"UNKNOWN"}; }; alarm($TIMEOUT); my $ping_timeout=$TIMEOUT-1; my $users=connection($server,$port,$ssl,$ping_timeout,$nick,$verbose); ($answer,$state)=check_users($users,$crit,$warn); print "$answer"; exit $ERRORS{$state}; } ++++++ nagios-plugins-1.4.16.tar.bz2 -> nagios-plugins-1.5.tar.bz2 ++++++ ++++ 162856 lines of diff (skipped) ++++++ nagios-plugins-README.SUSE ++++++ README.SUSE for nagios-plugins == Features and documentation == Please refer to the upstream documentation on * http://www.nagios.org/docs/ * http://nagiosplugins.org/ * http://www.nagioscommunity.org/wiki/index.php/Main_Page The openSUSE package contains most of the currently available plugins. All plugins are installed in ''/usr/lib/nagios/plugins/'' on every architecture. == Special permissions for some plugins == The following checks require special handling as they need some root privileges to run: * check_dhcp * check_icmp * check_ide_smart In a default installation, those checks will not work if executed as user with limited rights (such as nagios or icinga). Please have a look into the corresponding documentation for those packages for more details. ( /usr/share/doc/packages/nagios-plugins-icmp/README.SUSE-check_icmp for example ) ++++++ nagios-plugins-README.SUSE-check_cups ++++++ README.SUSE for nagios-plugins-dhcp == check_cups == Nagios plugin for checking cups service This plug-in will check the status of a remote CUPS print service for the printer status, Its able to check all available printers on the cups, or just one of them. (for example if you have testing printer - is normally disable/off you don't need to check it.) It can also check only the queue status. it will provide the size of the queue and optionally the age of the queue. Generally I sugesst to create separate check for each printer only and then additional check for the queue itself. it using Nagios standards exit codes: # Nagios return codes STATE_OK=0 STATE_WARNING=1 STATE_CRITICAL=2 STATE_UNKNOWN=3 STATE_DEPENDENT=4 Usage: check_cups -H <hostname> -P -p<The CUPS printer name> | -Q <s|b> -w <size warning level> -c <size critical level> -a <max age> Notes: -H: Hostname - Can be a hostname or IP address. -P: Check only the printers status. -p: It will check only one specific printer. -Q: Type of check - Can be queue size (s) or both queu size and queue age (b) -w: WARNING level for queue size -c: CRITICAL level for queue size -a: Max age of queue. Returns CRITICAL if jobs exists older than <max age> days Example of test run usage: ---------------- Test all available printers and the queue. (queue size warning is 3, critical 10 and max age 3 days): nagios@nagios:~> /usr/lib/nagios/plugins/check_cups -H cups.server.org -P -Q s -w 3 -c 10 -a 3 Checking all printers... OK - CUPS printer is idle. Testing queue on the CUPS... OK: CUPS queue size - 0| print_jobs=0;3;10;0 Test one printer only : nagios@nagios:~> /usr/lib/nagios/plugins/check_cups -H cups.suse.cz -P -p myprinter Checking only the printer myprinter. OK - CUPS printer myprinter is idle. Test only the queue, do not test any printer (queue size warning is 3, critical 5 and max age 2 days): nagios@nagios:~> /usr/lib/nagios/plugins/check_cups -H cups.suse.cz -Q b -w 3 -c 5 -a 2 No printer check is require. Checking the queue ... Testing queue on the CUPS... OK: CUPS queue size - 0| print_jobs=0;3;5;0 Example of Nagios/Icinga command settings: ---------------------------------- Example commands/check_cups.cfg: # Check all printers in cups and queue size and queue age define command{ command_name check_cups_all_queue command_line $USER1$/check_cups -H $ARG1$ -P -Q b -w $ARG2$ -c $ARG3$ -a $ARG4$ } # Check one printer in cups and queue size and queue age define command{ command_name check_cups_one_queue command_line $USER1$/check_cups -H $ARG1$ -P -p $ARG2$ -Q b -w $ARG3$ -c $ARG4$ -a $ARG5$ } # Check all printers in cups and queue size and queue age define command{ command_name check_cups_all command_line $USER1$/check_cups -H $ARG1$ -P } # Check one printer in cups. define command{ command_name check_cups_one command_line $USER1$/check_cups -H $ARG1$ -P -p $ARG2$ } # Check only the queue define command{ command_name check_cups_queue command_line $USER1$/check_cups -H $ARG1$ -Q b -w $ARG2$ -c $ARG3$ -a $ARG4$ } Security: --------- In the version 0.2 I add appamor profile for the script usr.lib.nagios.plugins.check_cups into /etc/apparmor.d Autor notes: ------------ I`d like to thank to John E. Vincent (nagios-plugs(a)lusis.org) I learn a lof from his check CUPS print queue plugin. Then I`d like to thank to Mark Shirley for his check_cups_printer.sh script, which was also inspiration for me. Both of them you can find on http://exchange.nagios.org/ web site. Martin Caj 31/01/2013 <mcaj(a)suse.cz> Bugs: ------ Please report bugs to me mcaj(a)suse.cz Thanks and have lot printers online ;-) Martin ++++++ nagios-plugins-README.SUSE-check_dhcp ++++++ README.SUSE for nagios-plugins-dhcp == check_dhcp and SuSEfirewall == If you run the check_dhcp script on the server, please make sure your UDP ports 67 and 68 on the _client_ are opened in the firewall. You also need to allow the receive broadcasts for this interface. Otherwise the script will be unable to detect anything. If your client uses the "external" interface for the check, the entries in /etc/sysconfig/SuSEfirewall2 should look like: FW_SERVICES_EXT_UDP="67 68" FW_ALLOW_FW_BROADCAST_EXT="67 68" == Special privileges == To be "safe per default", SUSE doesn't install this plugin with the suid bit set. There are two recommended ways about overriding this on your system: === Set the suid bit === Copy the prepared permissions file from this directory to the right place in your file system: ~ # cp /usr/share/doc/packages/nagios-plugins-common/example/permissions.d/nagios-plugins \ /etc/permissions.d/nagios-plugins ...afterwards adapt the file /etc/permissions.d/nagios-plugins to your needs (see comments in the file) and run: ~ # SuSEconfig --module permissions or (on newer openSUSE distributions without SuSEconfig): ~ # chkstat --system --set This will set the correct permissions (from now on also during an update). === Alternative: Use sudo to grant the permission and modify your plugin config === This way you need an entry like: nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_dhcp in ''/etc/sudoers'' and an adapted command definition like the following: define command{ command_name check_dhcp command_line /usr/bin/sudo $USER1$/check_dhcp <other_options_here> } ++++++ nagios-plugins-README.SUSE-check_icmp ++++++ README.SUSE for nagios-plugins-icmp == Special privileges == To be "safe per default", SUSE doesn't install this plugin with the suid bit set. There are two recommended ways about overriding this on your system: === Set the suid bit === Copy the prepared permissions file from this directory to the right place in your file system: ~ # cp /usr/share/doc/packages/nagios-plugins/example/permissions.d/nagios-plugins \ /etc/permissions.d/nagios-plugins ...afterwards adapt the file /etc/permissions.d/nagios-plugins to your needs (see comments in the file) and run: ~ # SuSEconfig --module permissions or (on newer openSUSE distributions without SuSEconfig): ~ # chkstat --system --set This will set the correct permissions (from now on also during an update). === Alternative: Use sudo to grant the permission and modify your plugin config === This way you need an entry like: nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_icmp in ''/etc/sudoers'' and an adapted command definition like the following: define command{ command_name check_icmp command_line /usr/bin/sudo $USER1$/check_icmp <other_options_here> } ++++++ nagios-plugins-README.SUSE-check_ide_smart ++++++ README.SUSE for nagios-plugins-ide_smart == Special privileges == To be "safe per default", SUSE doesn't install this plugin with the suid bit set. There are two recommended ways about overriding this on your system: === Set the suid bit === Copy the prepared permissions file from this directory to the right place in your file system: ~ # cp /usr/share/doc/packages/nagios-plugins/example/permissions.d/nagios-plugins \ /etc/permissions.d/nagios-plugins ...afterwards adapt the file /etc/permissions.d/nagios-plugins to your needs (see comments in the file) and run: ~ # SuSEconfig --module permissions or (on newer openSUSE distributions without SuSEconfig): ~ # chkstat --system --set This will set the correct permissions (from now on also during an update). === Alternative: Use sudo to grant the permission and modify your plugin config === This way you need an entry like: nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_ide_smart in ''/etc/sudoers'' and an adapted command definition like the following: define command{ command_name check_ide_smart command_line /usr/bin/sudo $USER1$/check_ide_smart <other_options_here> } ++++++ nagios-plugins-permissions ++++++ --- /var/tmp/diff_new_pack.owB8a6/_old 2014-04-22 07:38:19.000000000 +0200 +++ /var/tmp/diff_new_pack.owB8a6/_new 2014-04-22 07:38:19.000000000 +0200 @@ -5,6 +5,8 @@ # Afterwards the files below will be adapted after a nagios-plugins # update via # 'SuSEconfig --module permissions' +# or (on newer openSUSE distributions without SuSEconfig): +# 'chkstat --system --set' # automatically. # # Note: You may check/set the following variable in /etc/sysconfg/security ++++++ nagios-plugins-rpmlintrc ++++++ # the virtual dbi-{mysql,pgsql,sqlite3} packages are there to require # the needed library for the generic dbi package. addFilter("explicit-lib-dependency.*libdbi-drivers-dbd-mysql"); addFilter("explicit-lib-dependency.*libdbi-drivers-dbd-sqlite3"); addFilter("explicit-lib-dependency.*libdbi-drivers-dbd-pgsql"); ++++++ nagios-plugins.check_cups.sh ++++++ --- /var/tmp/diff_new_pack.owB8a6/_old 2014-04-22 07:38:19.000000000 +0200 +++ /var/tmp/diff_new_pack.owB8a6/_new 2014-04-22 07:38:19.000000000 +0200 @@ -44,6 +44,9 @@ # Both of them you can find on http://exchange.nagios.org/ web site. # Martin Caj 31/01/2013 <mcaj(a)suse.cz> +# version 0.3 has no awk any more, cut can do it as well. +# the appamor profile was fix as well. +# Martin Caj 01/11/2013 # check_cups - nagios plugin for checking cups service # Description: @@ -56,8 +59,7 @@ # it will provide the size of the queue # and optionally the age of the queue # -# Version : 0.1 - +# Version : 0.3 #searchning the lpstat: LPSTAT="$(which lpstat)" @@ -91,13 +93,13 @@ echo "Usage: "$PROGNAME" -H <hostname> -P -p<The CUPS printer name> | -Q <s|b> -w <size warning level> -c <size critical level> -a <max age>" echo echo "Notes:" - echo "-H: Hostname - Can be a hostname or IP address" - echo "-P: Check only the printers status it doesn't check queue" - echo "-p: It will check only one specific printer" - echo "-Q: Type of check - Can be queue size (s) or both queu size and queue age (b)" - echo "-w: WARNING level for queue size" - echo "-c: CRITICAL level for queue size" - echo "-a: Max age of queue. Returns CRITICAL if jobs exists older than <max age> days" + echo "-H: Hostname - Can be a hostname or IP address." + echo "-P: Check only the printers status." + echo "-p: It will check only one specific printer." + echo "-Q: Type of check - Can be queue size (s) or both queu size and queue age (b)." + echo "-w: WARNING level for queue size." + echo "-c: CRITICAL level for queue size." + echo "-a: Max age of queue. Returns CRITICAL if jobs exists older than <max age> days." echo } @@ -107,12 +109,13 @@ print_usage echo - echo "This plugin will check the CUPS print service for the printer status, then if status is ok" - echo "it will check the queue on a remote (or local with -H localhost) CUPS server." + echo "This plugin will check the CUPS print service for the printer status" + echo "it can check the queue on a remote (or local with -H localhost) CUPS server." echo "It can check both the size of the queue and the age of the oldest print job in the queue." echo "-w and -c are for reporting warning and critical levels of the queue size." echo "-a is optional for specifying the max age of a job in the print queue. Anything older thatn <max age>" echo "will return a CRITICAL" + echo "For more details have look into README file. " echo exit 0 } @@ -166,23 +169,27 @@ case "$RESULT" in *Rejecting*) - OUTPUT="CRITICAL - CUPS printer "$printername" is rejecting jobs." + messages=$(echo "$RESULT"|grep -i rejecting ) + OUTPUT="CRITICAL - CUPS printer is rejecting jobs for: "$messages"." exitstatus="$STATE_CRITICAL" ;; *Unable*) - OUTPUT="CRITICAL - CUPS Unable to connect to "$printername"." + messages=$(echo "$RESULT"|grep -i unable ) + OUTPUT="CRITICAL - CUPS Unable to connect: "$messages"." exitstatus="$STATE_CRITICAL" ;; *disabled*) - OUTPUT="CRITICAL - CUPS printer "$printername" is stopped." + messages=$(echo "$RESULT"|grep -i disabled) + OUTPUT="CRITICAL - CUPS printer: "$messages"." exitstatus="$STATE_CRITICAL" ;; *Paused*) - OUTPUT="WARNING: - CUPS printer "$printername" is stopped." + messages=$(echo "$RESULT"|grep -i paused) + OUTPUT="WARNING: - CUPS printer is: "$messages"." exitstatus="$STATE_WARNING" ;; *printing*) - OUTPUT="OK - CUPS printer "$printername" is printing." + OUTPUT="OK - CUPS printer is printing now." exitstatus="$STATE_OK" ;; *idle*) @@ -190,7 +197,7 @@ exitstatus="$STATE_OK" ;; *) - OUTPUT="CRITICAL - Unknown error occured while checking "$printername"." + OUTPUT="CRITICAL - Unknown error occured while checking: "$RESULT"." exitstatus="$STATE_CRITICAL" ;; esac @@ -208,6 +215,10 @@ # this set default exit status to: exitstatus="$STATE_UNKNOWN" +# by default is test pritner disabled, you must allow it with -p $printer or -P all printers +testprinter="0" + + # testing arguments: while test -n "$1"; do case "$1" in @@ -223,7 +234,8 @@ testprinter="1" ;; -p) - printername="$2" + testprinter="2" + printername="$2" shift ;; -H) @@ -260,21 +272,25 @@ fi # testing priner(s) -if [ -z $testprinter ] #Check printes and continue with the script -then - check_printer_status $printname -# if there is differnt exit status then 0 doesn`t maka any sance to -# continue with the check. exit it ASAP. - if [ $exitstatus != 0 ] + +if [ $testprinter -eq 2 ] #Check specifics printer and continue with the script +then + check_printer_status "$printername" + + if [ -z $testtype ] # exits if there is no -Q checks then echo "$OUTPUT" exit "$exitstatus" fi -else #Check printers only and end the sctipt. - check_printer_status - echo "$OUTPUT" - exit "$exitstatus" +elif [ $testprinter -eq 1 ]; then # check all printers + check_printer_status + if [ -z $testtype ]; then # exits if there is no -Q checks + echo "$OUTPUT" + exit "$exitstatus" + fi +else # no cuos check is need + echo "No printer check is require. Checking the queue ..." fi # testing arguments for the queue checks: @@ -308,7 +324,7 @@ exitstatus="$STATE_UNKNOWN" exit "$exitstatus" else - + echo "Testing queue on the CUPS..." JOBTMP=$(mktemp -t lpstat.XXXXXX) # Create a tmpfile to store the lpstat results STALEJOBCOUNT=0 # default number of old jobs CURDATETS=$(date +%s) # Get the current date as unixtime @@ -330,7 +346,7 @@ while read PRINTJOB do # Grab the job date from the job listing - JOBDATE=$(echo $PRINTJOB | awk '{ print $4, $5, $6, $7, $8 }') + JOBDATE=$(echo $PRINTJOB | cut -c50-73) # Convert the job date to unixtime JOBDATETS=$(date --date="$JOBDATE" +%s) DATEDIFF=$(echo "($CURDATETS - $JOBDATETS)" | bc) ++++++ nagios-plugins.check_snmp.snmpv3-context.patch ++++++ diff -ruNp nagios-plugins-1.5.orig/plugins/check_snmp.c nagios-plugins-1.5/plugins/check_snmp.c --- nagios-plugins-1.5.orig/plugins/check_snmp.c 2013-12-24 11:47:42.333131442 +0100 +++ nagios-plugins-1.5/plugins/check_snmp.c 2013-12-24 14:12:21.000000000 +0100 @@ -104,6 +104,8 @@ int errcode, excode; char *server_address = NULL; char *community = NULL; +char **context = NULL; +char *v3context = NULL; char **authpriv = NULL; char *proto = NULL; char *seclevel = NULL; @@ -128,6 +130,7 @@ size_t nunits = 0; size_t unitv_size = OID_COUNT_STEP; int numoids = 0; int numauthpriv = 0; +int numcontext = 0; int verbose = 0; int usesnmpgetnext = FALSE; char *warning_thresholds = NULL; @@ -297,8 +300,8 @@ main (int argc, char **argv) snmpcmd = strdup (PATH_TO_SNMPGET); } - /* 10 arguments to pass before authpriv options + 1 for host and numoids. Add one for terminating NULL */ - command_line = calloc (10 + numauthpriv + 1 + numoids + 1, sizeof (char *)); + /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */ + command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *)); command_line[0] = snmpcmd; command_line[1] = strdup ("-Le"); command_line[2] = strdup ("-t"); @@ -310,23 +313,27 @@ main (int argc, char **argv) command_line[8] = "-v"; command_line[9] = strdup (proto); + for (i = 0; i < numcontext; i++) { + command_line[10 + i] = context[i]; + } + for (i = 0; i < numauthpriv; i++) { - command_line[10 + i] = authpriv[i]; + command_line[10 + numcontext + i] = authpriv[i]; } - xasprintf (&command_line[10 + numauthpriv], "%s:%s", server_address, port); + xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port); /* This is just for display purposes, so it can remain a string */ - xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s:%s", - snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[authpriv]", + xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s", + snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]", server_address, port); for (i = 0; i < numoids; i++) { - command_line[10 + numauthpriv + 1 + i] = oids[i]; + command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i]; xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); } - command_line[10 + numauthpriv + 1 + numoids] = NULL; + command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL; if (verbose) printf ("%s\n", cl_hidden_auth); @@ -646,6 +653,7 @@ process_arguments (int argc, char **argv {"retries", required_argument, 0, 'e'}, {"miblist", required_argument, 0, 'm'}, {"protocol", required_argument, 0, 'P'}, + {"context", required_argument, 0, 'N'}, {"seclevel", required_argument, 0, 'L'}, {"secname", required_argument, 0, 'U'}, {"authproto", required_argument, 0, 'a'}, @@ -675,7 +683,7 @@ process_arguments (int argc, char **argv } while (1) { - c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:L:U:a:x:A:X:", + c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:", longopts, &option); if (c == -1 || c == EOF) @@ -713,6 +721,9 @@ process_arguments (int argc, char **argv case 'P': /* SNMP protocol version */ proto = optarg; break; + case 'N': /* SNMPv3 context */ + v3context = optarg; + break; case 'L': /* security level */ seclevel = optarg; break; @@ -960,6 +971,13 @@ validate_arguments () authpriv[1] = strdup (community); } else if ( strcmp (proto, "3") == 0 ) { /* snmpv3 args */ + if (!(v3context == NULL)) { + numcontext = 2; + context = calloc (numcontext, sizeof (char *)); + context[0] = strdup ("-n"); + context[1] = strdup (v3context); + } + if (seclevel == NULL) xasprintf(&seclevel, "noAuthNoPriv"); @@ -1101,6 +1119,8 @@ print_help (void) printf (" %s\n", _("Use SNMP GETNEXT instead of SNMP GET")); printf (" %s\n", "-P, --protocol=[1|2c|3]"); printf (" %s\n", _("SNMP protocol version")); + printf (" %s\n", "-N, --context=CONTEXT"); + printf (" %s\n", _("SNMPv3 context")); printf (" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]"); printf (" %s\n", _("SNMPv3 securityLevel")); printf (" %s\n", "-a, --authproto=[MD5|SHA]"); @@ -1208,6 +1228,6 @@ print_usage (void) printf ("%s -H <ip_address> -o <OID> [-w warn_range] [-c crit_range]\n",progname); printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n"); printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n"); - printf ("[-m miblist] [-P snmp version] [-L seclevel] [-U secname] [-a authproto]\n"); - printf ("[-A authpasswd] [-x privproto] [-X privpasswd]\n"); + printf ("[-m miblist] [-P snmp version] [-N context] [-L seclevel] [-U secname]\n"); + printf ("[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd]\n"); } ++++++ nagios-plugins.negate.validate_arguments.patch ++++++ --- /var/tmp/diff_new_pack.owB8a6/_old 2014-04-22 07:38:19.000000000 +0200 +++ /var/tmp/diff_new_pack.owB8a6/_new 2014-04-22 07:38:19.000000000 +0200 @@ -4,18 +4,18 @@ Index: plugins/negate.c =================================================================== ---- plugins/negate.c.orig 2009-05-07 23:08:25.000000000 +0200 -+++ plugins/negate.c 2009-11-24 23:08:37.611524000 +0100 -@@ -42,7 +42,7 @@ const char *email = "nagiosplug-devel@li +--- plugins/negate.c.orig ++++ plugins/negate.c +@@ -44,7 +44,7 @@ const char *email = "nagiosplug-devel@li /* char *command_line; */ static const char **process_arguments (int, char **); -int validate_arguments (char **); +void validate_arguments (char **); + int translate_state (char *); void print_help (void); void print_usage (void); - int subst_text = FALSE; -@@ -204,7 +204,7 @@ process_arguments (int argc, char **argv +@@ -207,7 +207,7 @@ process_arguments (int argc, char **argv } ++++++ usr.lib.nagios.plugins.check_cups ++++++ # Last Modified: Mon Mar 11 14:58:16 2013 #include <tunables/global> /usr/lib/nagios/plugins/check_cups { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> network inet dgram, network inet stream, /bin/bash rix, /bin/grep rix, /{usr/,}bin/which rix, /{usr/,}bin/lpstat rix, /{usr/,}bin/basename rix, /{usr/,}bin/mktemp rix, /{usr/,}bin/date rix, /{usr/,}bin/rm rix, /{usr/,}bin/cut rix, /{usr/,}bin/bc rix, /{usr/,}bin/wc rix, /tmp/lpstat* wr, /var/run/nscd/services r, /etc/cups/client.conf r, /proc/sys/crypto/fips_enabled r, } ++++++ usr.lib.nagios.plugins.check_icmp ++++++ #include <tunables/global> /usr/lib/nagios/plugins/check_icmp { #include <abstractions/base> #include <abstractions/nameservice> capability net_raw, capability setuid, network inet raw, } ++++++ usr.lib.nagios.plugins.check_ide_smart ++++++ # Last Modified: Wed May 16 10:38:11 2012 #include <tunables/global> /usr/lib/nagios/plugins/check_ide_smart { #include <abstractions/base> capability sys_admin, capability sys_rawio, /dev/s* r, /dev/h* r, } ++++++ usr.lib.nagios.plugins.check_ntp_time ++++++ --- /var/tmp/diff_new_pack.owB8a6/_old 2014-04-22 07:38:19.000000000 +0200 +++ /var/tmp/diff_new_pack.owB8a6/_new 2014-04-22 07:38:19.000000000 +0200 @@ -3,6 +3,7 @@ /usr/lib/nagios/plugins/check_ntp_time { #include <abstractions/base> #include <abstractions/consoles> + #include <abstractions/nameservice> #include <abstractions/xad> network inet dgram, ++++++ usr.lib.nagios.plugins.check_ping ++++++ #include <tunables/global> /usr/lib/nagios/plugins/check_ping { #include <abstractions/base> #include <abstractions/nameservice> capability net_raw, capability setuid, network inet raw, network inet6 raw, /{usr/,}bin/ping rix, /{usr/,}bin/ping6 rix, } ++++++ usr.lib.nagios.plugins.check_ssh ++++++ #include <tunables/global> /usr/lib/nagios/plugins/check_ssh flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> } -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit baloo for openSUSE:Factory
by root＠hilbert.suse.de 22 Apr '14

22 Apr '14

Hello community, here is the log from the commit of package baloo for openSUSE:Factory checked in at 2014-04-22 07:37:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/baloo (Old) and /work/SRC/openSUSE:Factory/.baloo.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "baloo" Changes: -------- --- /work/SRC/openSUSE:Factory/baloo/baloo.changes 2014-04-18 12:37:51.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.baloo.new/baloo.changes 2014-04-22 07:37:58.000000000 +0200 @@ -1,0 +2,7 @@ +Sun Apr 20 16:56:53 UTC 2014 - hrvoje.senjan(a)gmail.com + +- Added 0001-Bug-333566-Quick-filter-in-KMail-4.13-stops-working-.patch: + fixes KMail searches with non-Latin characters, kde#333566; + triggers re-indexing of collections + +------------------------------------------------------------------- New: ---- 0001-Bug-333566-Quick-filter-in-KMail-4.13-stops-working-.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ baloo.spec ++++++ --- /var/tmp/diff_new_pack.emvatJ/_old 2014-04-22 07:37:59.000000000 +0200 +++ /var/tmp/diff_new_pack.emvatJ/_new 2014-04-22 07:37:59.000000000 +0200 @@ -25,6 +25,8 @@ Source0: %{name}-%{version}.tar.xz # PATCH-FIX-OPENSUSE tittiatcoke(a)gmail.com Don't build the filewatch_raiselimit to prevent security issues Patch1: kauth.patch +# PATCH-FIX-UPSTREAM 0001-Bug-333566-Quick-filter-in-KMail-4.13-stops-working-.patch -- fixes KMail searches with non-Latin characters +Patch2: 0001-Bug-333566-Quick-filter-in-KMail-4.13-stops-working-.patch BuildRequires: kfilemetadata-devel >= %{version} BuildRequires: libakonadiprotocolinternals-devel BuildRequires: libattr-devel @@ -113,6 +115,7 @@ %prep %setup -q %patch1 -p1 +%patch2 -p1 %build %cmake_kde4 -d build @@ -166,6 +169,13 @@ %{_kde4_servicesdir}/baloo_filesearchstore.desktop %{_kde4_modulesdir}/baloo_filesearchstore.so %{_kde4_iconsdir}/hicolor/*/apps/baloo.png +%if 0 +# These files can only be activated once the security team did a full review +%{_kde4_modulesdir}/libexec/kde_baloo_filewatch_raiselimit +%{_kde4_datadir}/dbus-1/system-services/org.kde.baloo.filewatch.service +%{_kde4_datadir}/polkit-1/actions/org.kde.baloo.filewatch.policy +%{_kde4_sysconfdir}/dbus-1/system.d/org.kde.baloo.filewatch.conf +%endif %files kioslaves %defattr(-,root,root) ++++++ 0001-Bug-333566-Quick-filter-in-KMail-4.13-stops-working-.patch ++++++ >From f99d93f4df844d4a9ed271bd9e505fdeaa5a20ee Mon Sep 17 00:00:00 2001 From: Montel Laurent <montel(a)kde.org> Date: Sun, 20 Apr 2014 17:17:53 +0200 Subject: [PATCH 1/1] Bug 333566 - Quick filter in KMail 4.13 stops working with non-Latin characters (Cyrillic Russian Unicode) - search empty result FIXED-IN: 4.13.1 BUG: 333566 We need to update database --- src/pim/agent/agent.cpp | 4 ++-- src/pim/agent/akonotesindexer.cpp | 2 +- src/pim/agent/emailindexer.cpp | 4 ++-- src/pim/lib/contactquery.cpp | 27 ++++++++++++++++----------- src/pim/lib/emailquery.cpp | 27 ++++++++++++++++----------- src/pim/lib/notequery.cpp | 6 ++++-- 6 files changed, 41 insertions(+), 29 deletions(-) diff --git a/src/pim/agent/agent.cpp b/src/pim/agent/agent.cpp index 3cb0a0c..7de454e 100644 --- a/src/pim/agent/agent.cpp +++ b/src/pim/agent/agent.cpp @@ -63,7 +63,7 @@ namespace { } } -#define INDEXING_AGENT_VERSION 3 +#define INDEXING_AGENT_VERSION 4 BalooIndexingAgent::BalooIndexingAgent(const QString& id) : AgentBase(id), @@ -144,7 +144,7 @@ qlonglong BalooIndexingAgent::indexedItemsInDatabase(const std::string& term, co { Xapian::Database db; try { - db = Xapian::Database(dbPath.toStdString()); + db = Xapian::Database(dbPath.toUtf8().constData()); } catch (const Xapian::DatabaseError& e) { kError() << "Failed to open database" << dbPath << ":" << QString::fromStdString(e.get_msg()); return 0; diff --git a/src/pim/agent/akonotesindexer.cpp b/src/pim/agent/akonotesindexer.cpp index b12d607..93d8de9 100644 --- a/src/pim/agent/akonotesindexer.cpp +++ b/src/pim/agent/akonotesindexer.cpp @@ -28,7 +28,7 @@ AkonotesIndexer::AkonotesIndexer(const QString& path) : AbstractIndexer(), m_termGen( 0 ) { - m_db = new Xapian::WritableDatabase(path.toStdString(), Xapian::DB_CREATE_OR_OPEN); + m_db = new Xapian::WritableDatabase(path.toUtf8().constData(), Xapian::DB_CREATE_OR_OPEN); } AkonotesIndexer::~AkonotesIndexer() diff --git a/src/pim/agent/emailindexer.cpp b/src/pim/agent/emailindexer.cpp index 0176c27..14acea6 100644 --- a/src/pim/agent/emailindexer.cpp +++ b/src/pim/agent/emailindexer.cpp @@ -32,8 +32,8 @@ EmailIndexer::EmailIndexer(const QString& path, const QString& contactDbPath): AbstractIndexer(), m_doc( 0 ), m_termGen( 0 ) { - m_db = new Xapian::WritableDatabase(path.toStdString(), Xapian::DB_CREATE_OR_OPEN); - m_contactDb = new Xapian::WritableDatabase(contactDbPath.toStdString(), Xapian::DB_CREATE_OR_OPEN); + m_db = new Xapian::WritableDatabase(path.toUtf8().constData(), Xapian::DB_CREATE_OR_OPEN); + m_contactDb = new Xapian::WritableDatabase(contactDbPath.toUtf8().constData(), Xapian::DB_CREATE_OR_OPEN); } EmailIndexer::~EmailIndexer() diff --git a/src/pim/lib/contactquery.cpp b/src/pim/lib/contactquery.cpp index dff26c8..a30fb59 100644 --- a/src/pim/lib/contactquery.cpp +++ b/src/pim/lib/contactquery.cpp @@ -108,19 +108,23 @@ ResultIterator ContactQuery::exec() if (d->criteria == ExactMatch) { if (!d->any.isEmpty()) { - m_queries << Xapian::Query(d->any.toStdString()); + const QByteArray ba = d->any.toUtf8(); + m_queries << Xapian::Query(ba.constData()); } if (!d->name.isEmpty()) { - m_queries << Xapian::Query("NA" + d->name.toStdString()); + const QByteArray ba = "NA" + d->name.toUtf8(); + m_queries << Xapian::Query(ba.constData()); } if (!d->nick.isEmpty()) { - m_queries << Xapian::Query("NI" + d->nick.toStdString()); + const QByteArray ba = "NI" + d->nick.toUtf8(); + m_queries << Xapian::Query(ba.constData()); } if (!d->email.isEmpty()) { - m_queries << Xapian::Query(d->email.toStdString()); + const QByteArray ba = d->email.toUtf8(); + m_queries << Xapian::Query(ba.constData()); } if (!d->uid.isEmpty()) { @@ -131,31 +135,32 @@ ResultIterator ContactQuery::exec() if (!d->any.isEmpty()) { Xapian::QueryParser parser; parser.set_database(db); - m_queries << parser.parse_query(d->any.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = d->any.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } if (!d->name.isEmpty()) { Xapian::QueryParser parser; parser.set_database(db); parser.add_prefix("", "NA"); - - m_queries << parser.parse_query(d->name.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = d->name.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } if (!d->nick.isEmpty()) { Xapian::QueryParser parser; parser.set_database(db); parser.add_prefix("", "NI"); - - m_queries << parser.parse_query(d->nick.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = d->nick.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } // FIXME: Check for exact match? if (!d->email.isEmpty()) { Xapian::QueryParser parser; parser.set_database(db); - - m_queries << parser.parse_query(d->email.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = d->email.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } if (!d->uid.isEmpty()) { diff --git a/src/pim/lib/emailquery.cpp b/src/pim/lib/emailquery.cpp index 2964846..e23f8b9 100644 --- a/src/pim/lib/emailquery.cpp +++ b/src/pim/lib/emailquery.cpp @@ -202,7 +202,8 @@ ResultIterator EmailQuery::exec() // vHanda: Do we really need the query parser over here? Q_FOREACH (const QString& str, d->involves) { - m_queries << parser.parse_query(str.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = str.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } } @@ -210,8 +211,8 @@ ResultIterator EmailQuery::exec() Xapian::QueryParser parser; parser.set_database(db); parser.add_prefix("", "F"); - - m_queries << parser.parse_query(d->from.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = d->from.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } if (!d->to.isEmpty()) { @@ -220,7 +221,8 @@ ResultIterator EmailQuery::exec() parser.add_prefix("", "T"); Q_FOREACH (const QString& str, d->to) { - m_queries << parser.parse_query(str.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = str.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } } @@ -230,7 +232,8 @@ ResultIterator EmailQuery::exec() parser.add_prefix("", "CC"); Q_FOREACH (const QString& str, d->cc) { - m_queries << parser.parse_query(str.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = str.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } } @@ -240,7 +243,8 @@ ResultIterator EmailQuery::exec() parser.add_prefix("", "BC"); Q_FOREACH (const QString& str, d->bcc) { - m_queries << parser.parse_query(str.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = str.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } } @@ -249,8 +253,8 @@ ResultIterator EmailQuery::exec() parser.set_database(db); parser.add_prefix("", "SU"); parser.set_default_op(Xapian::Query::OP_AND); - - m_queries << parser.parse_query(d->subjectMatchString.toStdString(), + const QByteArray ba = d->subjectMatchString.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } @@ -271,8 +275,8 @@ ResultIterator EmailQuery::exec() parser.set_database(db); parser.add_prefix("", "BO"); parser.set_default_op(Xapian::Query::OP_AND); - - m_queries << parser.parse_query(d->bodyMatchString.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray ba = d->bodyMatchString.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } if (d->important == 'T') @@ -297,7 +301,8 @@ ResultIterator EmailQuery::exec() QStringList list = d->matchString.split(QRegExp("\\s"), QString::SkipEmptyParts); Q_FOREACH (const QString& s, list) { - m_queries << parser.parse_query(s.toStdString(), + const QByteArray ba = s.toUtf8(); + m_queries << parser.parse_query(ba.constData(), Xapian::QueryParser::FLAG_PARTIAL); } } diff --git a/src/pim/lib/notequery.cpp b/src/pim/lib/notequery.cpp index 24a3907..2257cc6 100644 --- a/src/pim/lib/notequery.cpp +++ b/src/pim/lib/notequery.cpp @@ -86,7 +86,8 @@ ResultIterator NoteQuery::exec() parser.set_database(db); parser.add_prefix("", "BO"); - m_queries << parser.parse_query(d->note.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray baNote = d->note.toUtf8(); + m_queries << parser.parse_query(baNote.constData(), Xapian::QueryParser::FLAG_PARTIAL); } if (!d->title.isEmpty()) { @@ -95,7 +96,8 @@ ResultIterator NoteQuery::exec() parser.add_prefix("", "SU"); parser.set_default_op(Xapian::Query::OP_AND); - m_queries << parser.parse_query(d->title.toStdString(), Xapian::QueryParser::FLAG_PARTIAL); + const QByteArray baTitle = d->title.toUtf8(); + m_queries << parser.parse_query(baTitle.constData(), Xapian::QueryParser::FLAG_PARTIAL); } Xapian::Query query(Xapian::Query::OP_OR, m_queries.begin(), m_queries.end()); -- 1.9.2 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit amarok for openSUSE:Factory
by root＠hilbert.suse.de 22 Apr '14

22 Apr '14

Hello community, here is the log from the commit of package amarok for openSUSE:Factory checked in at 2014-04-22 07:37:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/amarok (Old) and /work/SRC/openSUSE:Factory/.amarok.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "amarok" Changes: -------- --- /work/SRC/openSUSE:Factory/amarok/amarok.changes 2013-10-03 15:42:49.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.amarok.new/amarok.changes 2014-04-22 07:37:46.000000000 +0200 @@ -1,0 +2,4 @@ +Fri Mar 7 18:29:32 UTC 2014 - tittiatcoke(a)gmail.com + +- Remove nepomuk-core from the buildrequires +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ amarok.spec ++++++ --- /var/tmp/diff_new_pack.IZlsZ2/_old 2014-04-22 07:37:48.000000000 +0200 +++ /var/tmp/diff_new_pack.IZlsZ2/_new 2014-04-22 07:37:48.000000000 +0200 @@ -70,7 +70,6 @@ BuildRequires: libqjson-devel BuildRequires: libqt4-devel >= 4.8.2 BuildRequires: loudmouth-devel -BuildRequires: nepomuk-core-devel BuildRequires: oxygen-icon-theme BuildRequires: qt4-qtscript BuildRequires: taglib-devel -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit screen for openSUSE:Factory
by root＠hilbert.suse.de 22 Apr '14

22 Apr '14

Hello community, here is the log from the commit of package screen for openSUSE:Factory checked in at 2014-04-22 07:35:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/screen (Old) and /work/SRC/openSUSE:Factory/.screen.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "screen" Changes: -------- --- /work/SRC/openSUSE:Factory/screen/screen.changes 2013-09-14 19:09:11.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.screen.new/screen.changes 2014-04-22 07:35:24.000000000 +0200 @@ -1,0 +2,10 @@ +Tue Apr 15 14:27:09 UTC 2014 - aj(a)suse.com + +- Fix comment. + +------------------------------------------------------------------- +Tue Apr 15 10:04:14 UTC 2014 - aj(a)suse.com + +- Use /run instead of /var/run. + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ screen.spec ++++++ --- /var/tmp/diff_new_pack.P3g8Fo/_old 2014-04-22 07:35:25.000000000 +0200 +++ /var/tmp/diff_new_pack.P3g8Fo/_new 2014-04-22 07:35:25.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package screen # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -75,7 +75,7 @@ %build CFLAGS="-DMAXWIN=1000 $RPM_OPT_FLAGS" %configure --prefix=/usr --infodir=%{_infodir} \ --mandir=%{_mandir} \ - --with-socket-dir='(eff_uid ? "/var/run/uscreens" : "/var/run/screens")' \ + --with-socket-dir='(eff_uid ? "/run/uscreens" : "/run/screens")' \ --with-sys-screenrc=/etc/screenrc \ --with-pty-group=5 \ --enable-use-locale \ @@ -92,10 +92,10 @@ mkdir -p $RPM_BUILD_ROOT/etc mkdir -p $RPM_BUILD_ROOT/usr/lib mkdir -p $RPM_BUILD_ROOT/usr/lib/tmpfiles.d -mkdir -p $RPM_BUILD_ROOT/var/run/screens -chmod 755 $RPM_BUILD_ROOT/var/run/screens -mkdir -p $RPM_BUILD_ROOT/var/run/uscreens -chmod 1777 $RPM_BUILD_ROOT/var/run/uscreens +mkdir -p $RPM_BUILD_ROOT/run/screens +chmod 755 $RPM_BUILD_ROOT/run/screens +mkdir -p $RPM_BUILD_ROOT/run/uscreens +chmod 1777 $RPM_BUILD_ROOT/run/uscreens install -m 644 screenrc $RPM_BUILD_ROOT/etc/screenrc install -m 644 %SOURCE1 $RPM_BUILD_ROOT/usr/lib/tmpfiles.d @@ -108,8 +108,8 @@ /usr/lib/tmpfiles.d/screen.conf /usr/share/screen/utf8encodings # Created via aaa_base or systemd on system boot -%ghost %dir /var/run/screens -%ghost %dir /var/run/uscreens +%ghost %dir /run/screens +%ghost %dir /run/uscreens %doc %{_infodir}/screen.info*.gz %doc %{_mandir}/man1/screen.1.gz @@ -118,8 +118,8 @@ # Create our dirs immediatly, after a manual package install. # After a reboot systemd/aaa_base will take care. -test -d /var/run/screens || mkdir -m 755 /var/run/screens -test -d /var/run/uscreens || mkdir -m 1777 /var/run/uscreens +test -d /run/screens || mkdir -m 755 /run/screens +test -d /run/uscreens || mkdir -m 1777 /run/uscreens %postun %install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz ++++++ screen.conf ++++++ --- /var/tmp/diff_new_pack.P3g8Fo/_old 2014-04-22 07:35:25.000000000 +0200 +++ /var/tmp/diff_new_pack.P3g8Fo/_new 2014-04-22 07:35:25.000000000 +0200 @@ -1,4 +1,4 @@ -# Screen needs some files in /var/run: -d /var/run/screens 0755 root root - -d /var/run/uscreens 1777 root root - +# Screen needs some files in /run: +d /run/screens 0755 root root - +d /run/uscreens 1777 root root - -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit filesystem for openSUSE:Factory
by root＠hilbert.suse.de 22 Apr '14

22 Apr '14

Hello community, here is the log from the commit of package filesystem for openSUSE:Factory checked in at 2014-04-22 07:35:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/filesystem (Old) and /work/SRC/openSUSE:Factory/.filesystem.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "filesystem" Changes: -------- --- /work/SRC/openSUSE:Factory/filesystem/filesystem.changes 2014-01-09 07:13:17.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.filesystem.new/filesystem.changes 2014-04-22 07:35:23.000000000 +0200 @@ -1,0 +2,39 @@ +Fri Apr 11 14:02:07 CEST 2014 - ro(a)suse.de + +- change /sys to mode 0555 (bnc#871640) + +------------------------------------------------------------------- +Wed Mar 12 10:19:17 CET 2014 - ro(a)suse.de + +- make /var/lock a symlink to /run/lock (bnc#867873) + +------------------------------------------------------------------- +Fri Mar 7 11:11:05 CET 2014 - ro(a)suse.de + +- use lazy umount + +------------------------------------------------------------------- +Thu Mar 6 01:03:53 CET 2014 - ro(a)suse.de + +- use os.execute("umount ...") instead of posix.umount("...") + bnc#866964 + +------------------------------------------------------------------- +Mon Mar 3 11:48:31 CET 2014 - ro(a)suse.de + +- change pre to pretrans for directory/symlink conversion + +------------------------------------------------------------------- +Fri Feb 28 13:56:47 CET 2014 - ro(a)suse.de + +- drop /var/lib/pam_devperm (bnc#866234) + +------------------------------------------------------------------- +Thu Feb 27 18:48:24 CET 2014 - ro(a)suse.de + +- replace /var/run by symlink to /run +- try to handle case where /var/run is a bind-mount +- extend lua script in preinstall to handle this transition +- bnc#865893 + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ filesystem.spec ++++++ --- /var/tmp/diff_new_pack.Y1D2s1/_old 2014-04-22 07:35:24.000000000 +0200 +++ /var/tmp/diff_new_pack.Y1D2s1/_new 2014-04-22 07:35:24.000000000 +0200 @@ -189,9 +189,26 @@ exit 1 } -%pre -p <lua> +%pretrans -p <lua> os.remove ("/usr/include/X11") os.remove ("/usr/lib/X11") +st = posix.stat("/var/run") +if st and st.type == "directory" then + sta = posix.stat("/var/run/systemd") + if sta and sta.type == "directory" then + os.execute("umount -l /var/run") + end + os.rename("/var/run","/var/run.old") + posix.symlink("/run","/var/run") + os.execute("rm -rf /var/run.old") +end +st = posix.stat("/var/lock") +if st and st.type == "directory" then + os.execute("umount -l /var/lock") + os.rename("/var/lock","/var/lock.old") + posix.symlink("/run/lock","/var/lock") + os.execute("rm -rf /var/lock.old") +end %files -f filesystem.list ++++++ directory.list ++++++ --- /var/tmp/diff_new_pack.Y1D2s1/_old 2014-04-22 07:35:24.000000000 +0200 +++ /var/tmp/diff_new_pack.Y1D2s1/_new 2014-04-22 07:35:24.000000000 +0200 @@ -68,13 +68,14 @@ 0700 root root /root/.gnupg 0755 root root /root/bin 0755 root root /run +0775 root lock /run/lock 0755 root root /sbin 0755 root root /selinux 0755 root root /srv/ftp 0755 root root /srv/www 0755 root root /srv/www/cgi-bin 0755 root root /srv/www/htdocs -0755 root root /sys +0555 root root /sys 1777 root root /tmp 0755 root root /usr 0755 root root /usr/bin @@ -170,10 +171,7 @@ 0755 root root /var/games 0755 root root /var/lib/misc 0755 nobody root /var/lib/nobody -0700 root root /var/lib/pam_devperm 0755 wwwrun root /var/lib/wwwrun -1775 root lock /var/lock -0755 root root /var/run 0755 root root /var/spool 0755 lp lp /var/spool/lpd 0770 mail mail /var/spool/clientmqueue ++++++ filesystem.links ++++++ --- /var/tmp/diff_new_pack.Y1D2s1/_old 2014-04-22 07:35:24.000000000 +0200 +++ /var/tmp/diff_new_pack.Y1D2s1/_new 2014-04-22 07:35:24.000000000 +0200 @@ -1,7 +1,12 @@ # links to be created init.d /etc/rc.d ../var/tmp /usr/tmp -../lock /var/spool/locks # Required for FHS 2.1 spool/mail /var/mail +# systemd +../run /var/run +../run/lock /var/lock +# modify +../../run/lock /var/spool/locks + -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit shim for openSUSE:Factory
by root＠hilbert.suse.de 21 Apr '14

21 Apr '14

Hello community, here is the log from the commit of package shim for openSUSE:Factory checked in at 2014-04-21 11:05:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/shim (Old) and /work/SRC/openSUSE:Factory/.shim.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "shim" Changes: -------- --- /work/SRC/openSUSE:Factory/shim/shim.changes 2014-04-20 11:35:07.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.shim.new/shim.changes 2014-04-21 11:05:28.000000000 +0200 @@ -2,110 +1,0 @@ -Thu Apr 10 08:20:20 UTC 2014 - glin(a)suse.com - -- Replace shim-mokmanager-support-sha1.patch with - shim-mokmanager-support-sha-family.patch to support the SHA - family - -------------------------------------------------------------------- -Mon Apr 7 09:32:21 UTC 2014 - glin(a)suse.com - -- Add shim-mokmanager-support-sha1.patch to support SHA1 hashes in - MOK - -------------------------------------------------------------------- -Mon Mar 31 11:57:13 UTC 2014 - mchang(a)suse.com - -- snapper rollback support (fate#317062) - - refresh shim-install - -------------------------------------------------------------------- -Thu Mar 13 02:32:15 UTC 2014 - glin(a)suse.com - -- Insert the right signature (bnc#867974) - -------------------------------------------------------------------- -Mon Mar 10 07:56:44 UTC 2014 - glin(a)suse.com - -- Add shim-fix-uninitialized-variable.patch to fix the use of - uninitialzed variables in lib - -------------------------------------------------------------------- -Fri Mar 7 09:09:12 UTC 2014 - glin(a)suse.com - -- Add shim-mokmanager-delete-bs-var-right.patch to delete the BS+NV - variables the right way -- Update shim-opensuse-cert-prompt.patch to delete openSUSE_Verify - correctly - -------------------------------------------------------------------- -Thu Mar 6 07:37:57 UTC 2014 - glin(a)suse.com - -- Add shim-fallback-avoid-duplicate-bootorder.patch to fix the - duplicate entries in BootOrder -- Add shim-allow-fallback-use-system-loadimage.patch to handle the - shim protocol properly to keep only one protocol entity -- Refresh shim-opensuse-cert-prompt.patch - -------------------------------------------------------------------- -Thu Mar 6 03:53:49 UTC 2014 - mchang(a)suse.com - -- shim-install: fix the $prefix to use grub2-mkrelpath for paths - on btrfs subvolume (bnc#866690). - -------------------------------------------------------------------- -Tue Mar 4 04:19:05 UTC 2014 - glin(a)suse.com - -- FATE#315002: Update shim-install to install shim.efi as the EFI - default bootloader when none exists in \EFI\boot. - -------------------------------------------------------------------- -Thu Feb 27 09:46:49 UTC 2014 - fcrozat(a)suse.com - -- Update signature-sles.asc: shim signed by UEFI signing service, - based on code from "Thu Feb 20 11:57:01 UTC 2014" - -------------------------------------------------------------------- -Fri Feb 21 08:45:46 UTC 2014 - glin(a)suse.com - -- Add shim-opensuse-cert-prompt.patch to show the prompt to ask - whether the user trusts the openSUSE certificate or not - -------------------------------------------------------------------- -Thu Feb 20 11:57:01 UTC 2014 - lnussel(a)suse.de - -- allow package to carry multiple signatures -- check correct certificate is embedded - -------------------------------------------------------------------- -Thu Feb 20 10:06:47 UTC 2014 - lnussel(a)suse.de - -- always clean up generated files that embed certificates - (shim_cert.h shim.cer shim.crt) to make sure next build loop - rebuilds them properly - -------------------------------------------------------------------- -Mon Feb 17 09:58:56 UTC 2014 - glin(a)suse.com - -- Add shim-bnc863205-mokmanager-fix-hash-delete.patch to fix the - hash deletion operation to avoid ruining the whole list - (bnc#863205) - -------------------------------------------------------------------- -Tue Feb 11 06:30:02 UTC 2014 - glin(a)suse.com - -- Update shim-mokx-support.patch to support the resetting of MOK - blacklist -- Add shim-get-variable-check.patch to fix the variable checking - in get_variable_attr -- Add shim-improve-fallback-entries-creation.patch to improve the - boot entry pathes and avoid generating the boot entries that - are already there -- Update SUSE certificate -- Update attach_signature.sh, show_hash.sh, strip_signature.sh, - extract_signature.sh and show_signatures.sh to remove the - creation of the temporary nss database -- Add shim-only-os-name.patch: remove the kernel version of the - build server -- Match the the prefix of the project name properly by escaping the - percent sign. - -------------------------------------------------------------------- Old: ---- shim-allow-fallback-use-system-loadimage.patch shim-bnc863205-mokmanager-fix-hash-delete.patch shim-fallback-avoid-duplicate-bootorder.patch shim-fallback-improve-entries-creation.patch shim-fix-uninitialized-variable.patch shim-get-variable-check.patch shim-mokmanager-delete-bs-var-right.patch shim-mokmanager-support-sha-family.patch shim-only-os-name.patch shim-opensuse-cert-prompt.patch signature-opensuse.asc signature-sles.asc New: ---- microsoft.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ shim.spec ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:29.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:29.000000000 +0200 @@ -28,7 +28,7 @@ Source: %{name}-%{version}.tar.bz2 # run "extract_signature.sh shim.efi" where shim.efi is the binary # with the signature from the UEFI signing service. -Source1: signature-opensuse.asc +Source1: microsoft.asc Source2: openSUSE-UEFI-CA-Certificate.crt Source3: shim-install Source4: SLES-UEFI-CA-Certificate.crt @@ -38,8 +38,6 @@ Source8: show_signatures.sh Source9: openSUSE-UEFI-CA-Certificate-4096.crt Source10: timestamp.pl -Source11: strip_signature.sh -Source12: signature-sles.asc # PATCH-FIX-UPSTREAM shim-fix-verify-mok.patch glin(a)suse.com -- Fix the error handling in verify_mok() Patch1: shim-fix-verify-mok.patch # PATCH-FIX-UPSTREAM shim-improve-error-messages.patch glin(a)suse.com -- Improve the error messages @@ -52,26 +50,6 @@ Patch5: shim-mokx-support.patch # PATCH-FIX-UPSTREAM shim-mokmanager-handle-keystroke-error.patch glin(a)suse.com -- Handle the error status from ReadKeyStroke to avoid the unexpected keys Patch6: shim-mokmanager-handle-keystroke-error.patch -# PATCH-FIX-SUSE shim-only-os-name.patch glin(a)suse.com -- Only include the OS name in version.c -Patch7: shim-only-os-name.patch -# PATCH-FIX-UPSTREAM shim-get-variable-check.patch glin(a)suse.com -- Fix the variable checking in get_variable_attr -Patch8: shim-get-variable-check.patch -# PATCH-FIX-UPSTREAM shim-fallback-improve--entries-creation.patch glin(a)suse.com -- Improve the boot entry pathes and avoid generating the boot entries that are already there -Patch9: shim-fallback-improve-entries-creation.patch -# PATCH-FIX-UPSTREAM shim-bnc863205-mokmanager-fix-hash-delete.patch bnc#863205 glin(a)suse.com -- Fix the hash deletion operation to avoid ruining the whole list -Patch10: shim-bnc863205-mokmanager-fix-hash-delete.patch -# PATCH-FIX-UPSTREAM shim-fallback-avoid-duplicate-bootorder.patch glin(a)suse.com -- Fix the duplicate BootOrder entries generated by fallback.efi -Patch11: shim-fallback-avoid-duplicate-bootorder.patch -# PATCH-FIX-UPSTREAM shim-allow-fallback-use-system-loadimage.patch glin(a)suse.com -- Handle the shim protocol properly to keep only one protocol entity -Patch12: shim-allow-fallback-use-system-loadimage.patch -# PATCH-FIX-UPSTREAM shim-mokmanager-delete-bs-var-right.patch glin(a)suse.com -- Delete BootService non-volatile variables the right way -Patch13: shim-mokmanager-delete-bs-var-right.patch -# PATCH-FIX-UPSTREAM shim-fix-uninitialized-variable.patch glin(a)suse.com -- Initialize the variable in lib properly -Patch14: shim-fix-uninitialized-variable.patch -# PATCH-FIX-UPSTREAM shim-mokmanager-support-sha-family.patch glin(a)suse.com -- Support SHA hashes in MOK -Patch15: shim-mokmanager-support-sha-family.patch -# PATCH-FIX-OPENSUSE shim-opensuse-cert-prompt.patch glin(a)suse.com -- Show the prompt to ask whether the user trusts openSUSE certificate or not -Patch100: shim-opensuse-cert-prompt.patch BuildRequires: gnu-efi >= 3.0t BuildRequires: mozilla-nss-tools BuildRequires: openssl >= 0.9.8 @@ -100,16 +78,6 @@ %patch4 -p1 %patch5 -p1 %patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch100 -p1 %build # first, build MokManager and fallback as they don't depend on a @@ -140,18 +108,12 @@ if test "$suffix" = "opensuse"; then cert=%{SOURCE2} cert2=%{SOURCE9} - verify='openSUSE Secure Boot CA1' - signature=%{SOURCE1} elif test "$suffix" = "sles"; then cert=%{SOURCE4} cert2='' - verify='SUSE Linux Enterprise Secure Boot CA1' - signature=%{SOURCE12} elif test "$suffix" = "devel"; then cert=%{_sourcedir}/_projectcert.crt cert2='' - verify=`openssl x509 -in "$cert" -noout -email` - signature='' test -e "$cert" || continue else echo "invalid suffix" @@ -159,7 +121,6 @@ fi openssl x509 -in $cert -outform DER -out shim-$suffix.der - rm -f shim_cert.h shim.cer shim.crt if [ -z "$cert2" ]; then # create empty local cert file, we don't need a local key pair as we # sign the mokmanager with our vendor key @@ -167,39 +128,36 @@ touch shim.cer else cp $cert2 shim.crt + rm -f shim.cer fi # make sure cast warnings don't trigger post build check make EFI_PATH=/usr/lib64 VENDOR_CERT_FILE=shim-$suffix.der shim.efi 2>/dev/null - # - # assert correct certificate embedded - grep -q "$verify" shim.efi # make VENDOR_CERT_FILE=cert.der VENDOR_DBX_FILE=dbx - chmod 755 %{SOURCE10} + chmod 755 %{SOURCE6} %{SOURCE7} %{SOURCE10} # alternative: verify signature #sbverify --cert MicCorThiParMarRoo_2010-10-05.pem shim-signed.efi - if test -n "$signature"; then - head -1 "$signature" > hash1 + head -1 %{SOURCE1} > hash1 cp shim.efi shim.efi.bak # pe header contains timestamp and checksum. we need to # restore that - %{SOURCE10} --set-from-file "$signature" shim.efi - pesign -h -P -i shim.efi > hash2 + %{SOURCE10} --set-from-file %{SOURCE1} shim.efi + %{SOURCE7} shim.efi > hash2 cat hash1 hash2 if ! cmp -s hash1 hash2; then - echo "ERROR: $suffix binary changed, need to request new signature!" + echo "ERROR: binary changed, need to request new signature!" # don't fail in devel projects prj="%{_project}" - if [ "${prj%%%:*}" = "openSUSE" -o "${prj%%%:*}" = "SUSE" ]; then + if [ "${prj%%:*}" = "openSUSE" -o "${prj%%:*}" = "SUSE" ]; then false fi mv shim.efi.bak shim-$suffix.efi rm shim.efi else # attach signature - pesign -m "$signature" -i shim.efi -o shim-$suffix.efi + %{SOURCE6} %{SOURCE1} shim.efi + mv shim-signed.efi shim-$suffix.efi rm -f shim.efi fi - fi rm -f shim.cer shim.crt # make sure cert.o gets rebuilt rm -f cert.o ++++++ SLES-UEFI-CA-Certificate.crt ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:29.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:29.000000000 +0200 @@ -1,29 +1,39 @@ -----BEGIN CERTIFICATE----- -MIIE5TCCA82gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBpjEtMCsGA1UEAwwkU1VT +MIIG5TCCBM2gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBpjEtMCsGA1UEAwwkU1VT RSBMaW51eCBFbnRlcnByaXNlIFNlY3VyZSBCb290IENBMQswCQYDVQQGEwJERTES MBAGA1UEBwwJTnVyZW1iZXJnMSEwHwYDVQQKDBhTVVNFIExpbnV4IFByb2R1Y3Rz IEdtYkgxEzARBgNVBAsMCkJ1aWxkIFRlYW0xHDAaBgkqhkiG9w0BCQEWDWJ1aWxk -QHN1c2UuZGUwHhcNMTMwNDE4MTQzMzQxWhcNMzUwMzE0MTQzMzQxWjCBpjEtMCsG +QHN1c2UuZGUwHhcNMTMwMTIyMTQyMDA4WhcNMzQxMjE4MTQyMDA4WjCBpjEtMCsG A1UEAwwkU1VTRSBMaW51eCBFbnRlcnByaXNlIFNlY3VyZSBCb290IENBMQswCQYD VQQGEwJERTESMBAGA1UEBwwJTnVyZW1iZXJnMSEwHwYDVQQKDBhTVVNFIExpbnV4 IFByb2R1Y3RzIEdtYkgxEzARBgNVBAsMCkJ1aWxkIFRlYW0xHDAaBgkqhkiG9w0B -CQEWDWJ1aWxkQHN1c2UuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDN/avXKoT4gcM2NVA1LMfsBPH01sxgS8gTs3SbvfbEP2M+ZlHyfj9ufHZ7cZ1p -ISoVm6ql5VbIeZgSNc17Y4y4Nynud1C8t2SP/iZK5YMYHGxdtIfv1zPE+Bo/KZqE -WgHg2YFtMXdiKfXBZRTfSh37t0pGO/OQi6K4JioKw55UtQNggePZWDXtsAviT2vv -abqLR9+kxdrQ0iWqhWM+LwXbTGkCpg41s8KucLD/JYAxxw05dKPApFDNnz+Ft2L7 -e5JtyB4S0u4PlvQBMNHt4hDs0rK4oeHFLbOxHvjF+nloneWhkg9eT0VCfpAYVYz+ -whMxuCHerDCdmeFrRGEMQz11AgMBAAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/ -MB0GA1UdDgQWBBTsqw1CxFbPdwQ2uXOZOGKWXocmLzCB0wYDVR0jBIHLMIHIgBTs -qw1CxFbPdwQ2uXOZOGKWXocmL6GBrKSBqTCBpjEtMCsGA1UEAwwkU1VTRSBMaW51 -eCBFbnRlcnByaXNlIFNlY3VyZSBCb290IENBMQswCQYDVQQGEwJERTESMBAGA1UE -BwwJTnVyZW1iZXJnMSEwHwYDVQQKDBhTVVNFIExpbnV4IFByb2R1Y3RzIEdtYkgx -EzARBgNVBAsMCkJ1aWxkIFRlYW0xHDAaBgkqhkiG9w0BCQEWDWJ1aWxkQHN1c2Uu -ZGWCAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQASviyFhVqU -Wc1JUQgXwdljJynTnp0/FQOZJBSe7XdBGPmy91+3ITqrXgyqo/218KISiQl53Qlw -pq+cIiGRAia1D7p7wbg7wsg+Trt0zZFXes30wfYq5pjfWadEBAgNCffkBz10TSjL -jQrVwW5N+yUJMoq+r843TzV56Huy6LBOVhI5yTz7X7i2rSJYfyQWM8oeHLj8Yl5M -rOB9gyTumxB4mOLmSqwKzJiUB0ppGPohdLUSSEKDdo6KSH/GjR7M7uBicwnzwJD3 -SVfT9nx9HKF2nXZlHvs5ViQQru3qP1tc6i0eXEnPTYW2+zkZcN0e5iHyozEZHsO0 -rvc1p6G0YWtO +CQEWDWJ1aWxkQHN1c2UuZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC +AQCrLYL1Uq02iIgro6x6PFESFDtUKU7xO/bJanI7+AQAroowFuLBI67BBSmoq3hR +QnH3OtQusGV8y+wvjaaunppvWMfjViZ88zssj5fKXrDr5U6BB566DJgHreWaEs2d +FD13XpKRr3Nk9zdjAJu5YsR7hI1NMXsnj1X8w71OY9HLjv+Kq9917PJwZQjOGnAJ +BQTi0ogHuLiwDqMKgg5rrYD4cJDPzoLEmEXnwHDIOSiWdD0bCzhN6GQDKldIxQ2O +d/mjUgzB+dWslIb+bUKaoJgDtyPV20W74t7Y2uwoaEVr9QkPoM3tOPttf4qsWo8B +J1TgeoF01ZeKcvSyvOXCKbfAN9sqURK2ZUTNThqZ//VPQmJP6fByrMJsbvTOSsQt +HI+fFPrg1DC2KT8SzuGtWDRscHZ7MofvUKEQolVgkGwp8u68t/RAAwDpUdqIajzi +yfp9qSDD+9uMeyiLa4rrAr2ATGohNBa0qha95slgvSepXbYKuHG5b4fWMsG7z4Uc +dqE2vK8cQma1nsAeQBaq2/89294TOHEzKyspesfCBCnKQ3q+l9xelYRdvapj1CH/ +cfUZf2/6X3VHN1P88RfRrPubswmrcOCEBT41upa2WKRDJ1GS6YhL6LJnrZSTjfe+ +KsfNVS1D+KqSKiK0hfk6YK6O88mMGeAKQs3Ap8WthBLf0QIDAQABo4IBGjCCARYw +DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPU1Az5OFOQJLHPxaEt7f6LF+dV8w +gdMGA1UdIwSByzCByIAUPU1Az5OFOQJLHPxaEt7f6LF+dV+hgaykgakwgaYxLTAr +BgNVBAMMJFNVU0UgTGludXggRW50ZXJwcmlzZSBTZWN1cmUgQm9vdCBDQTELMAkG +A1UEBhMCREUxEjAQBgNVBAcMCU51cmVtYmVyZzEhMB8GA1UECgwYU1VTRSBMaW51 +eCBQcm9kdWN0cyBHbWJIMRMwEQYDVQQLDApCdWlsZCBUZWFtMRwwGgYJKoZIhvcN +AQkBFg1idWlsZEBzdXNlLmRlggEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0B +AQsFAAOCAgEANtdMT47CjQtuERYa5jfygIO5F+urB4fl8pYcQQ/hTPE0KtAnAtrS +1strtMrVQ1t7Wu3fVbWYA6MZMXXkcwyyNbaWfj6roaSC6G5ZqCJ69oSyzaCbyaTI +eOgzIIiVGOAj7tiM6T88Xp9qx4Xa3F6UQHF6xfwBT3nNKerGKOG01p7mBfBewwO5 +Hxp7OAZmennUxV1uuT5/AsArxw9lMlawXhIAS7tRYHW+32D4tjHPDycldOw1hBjt +z5JdehBiTmxhJ6onl0HSpsX84IMSbkeFIxLfxIF0TNas1pGnSGmh8FcV+ck9js3P +yamJcNkgCstIwo3QZ2D5YdtQjOusyEuGjCIpDIQx36OMzeOo0SayOdzb2dSmcrHv +4DIkXDUELyIzu79A2R2KR7OQaGL6HGAVy6+yXHHygTbbUrb6ck2+aOG8913ChABc +ZAiSFFRKVZzzj7FeIxZNA8GBUbhd20eQB2fUXDypeAnTG6P3dtTs84xNb1qGm3VC +OAKjkWYQijLWmAOs9Q4NM/AXOeDTgXxA7iX7kWHRNeDbACirp7zM2ZOIP5ObIS6z +yMqcG9DecSVbXiH3MJDTBoB1idQTTyreqpM/l6N8xNNVjEiLJGMEM1SeYq6S1lFV +a+GcdOaLYkh7ya3I42l/tDOqH2OLIf7FEtocnc1xU6jTz8au1tZxec8= -----END CERTIFICATE----- ++++++ attach_signature.sh ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:29.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:29.000000000 +0200 @@ -11,4 +11,13 @@ outfile="${infile%.efi}-signed.efi" -pesign -m "$sig" -i "$infile" -o "$outfile" +nssdir=`mktemp -d` +cleanup() +{ + rm -r "$nssdir" +} +trap cleanup EXIT +echo > "$nssdir/pw" +certutil -f "$nssdir/pw" -d "$nssdir" -N + +pesign -n "$nssdir" -m "$sig" -i "$infile" -o "$outfile" ++++++ extract_signature.sh ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:29.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:29.000000000 +0200 @@ -9,7 +9,16 @@ exit 1 fi +nssdir=`mktemp -d` +cleanup() +{ + rm -r "$nssdir" +} +trap cleanup EXIT +echo > "$nssdir/pw" +certutil -f "$nssdir/pw" -d "$nssdir" -N + # wtf? -(pesign -h -P -i "$infile"; +(pesign -n "$nssdir" -h -P -i "$infile"; perl $(dirname $0)/timestamp.pl "$infile"; -pesign -a -f -e /dev/stdout -i "$infile")|cat +pesign -n "$nssdir" -a -f -e /dev/stdout -i "$infile")|cat ++++++ microsoft.asc ++++++ hash: 97a8c5ba11d61fefbb5d6a05da4e15ba472dc4c6cd4972fc1a035de321342fe4 # 2013-10-01 08:29:53 timestamp: 524a8801 checksum: d364 -----BEGIN AUTHENTICODE SIGNATURE----- MIIh8QYJKoZIhvcNAQcCoIIh4jCCId4CAQExDzANBglghkgBZQMEAgEFADBcBgor BgEEAYI3AgEEoE4wTDAXBgorBgEEAYI3AgEPMAkDAQCgBKICgAAwMTANBglghkgB ZQMEAgEFAAQgl6jFuhHWH++7XWoF2k4VukctxMbNSXL8GgNd4yE0L+Sgggs8MIIF JDCCBAygAwIBAgITMwAAAApmQvP0n7c3lgABAAAACjANBgkqhkiG9w0BAQsFADCB gTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjErMCkGA1UEAxMi TWljcm9zb2Z0IENvcnBvcmF0aW9uIFVFRkkgQ0EgMjAxMTAeFw0xMzA5MjQxNzU0 MDNaFw0xNDEyMjQxNzU0MDNaMIGVMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv cnBvcmF0aW9uMQ0wCwYDVQQLEwRNT1BSMTAwLgYDVQQDEydNaWNyb3NvZnQgV2lu ZG93cyBVRUZJIERyaXZlciBQdWJsaXNoZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCc2PZRP3t6i2DCLSAuWrFHZKfyD98yckc9yxqqqJACgekdZi4s ZEN1vYcVfiUhW4hFpdH3kcPah7wf+uqgyQa1hb/9AzDH63JYfaHLWA+Jx0leY0cG CsIFviaUHrCEgxhkeXdrGfHroDcWArv2yBBvj+zvePVE9/VpDoBK+2nAFxz0oG23 BzE5duVpHIZn96fNyoDKYvCf649VqjM+O5/b5jlDylkMWAIVTvWqE0r/7YnC1Vcc cgJDQk8IaIWSepRsjrvvf8C8uG3ZSxVjQeuPz7ETAryJIWvYdz240MzVAJD7SazH SbVJm1LPHfS2FEpx3uUNOuo3IJrrxqeals8FAgMBAAGjggF9MIIBeTAfBgNVHSUE GDAWBggrBgEFBQcDAwYKKwYBBAGCN1ACATAdBgNVHQ4EFgQU6t49RpSALGo0XSnP ixuEhp5y0NEwUQYDVR0RBEowSKRGMEQxDTALBgNVBAsTBE1PUFIxMzAxBgNVBAUT KjMxNjE5KzAxMjU1ZjQ2LTc0ZjUtNGZjNC1iYzcxLWU0ZGE5NzM2YmVlZTAfBgNV HSMEGDAWgBQTrb9DCb2CcJyM1U8xbtUimIob1DBTBgNVHR8ETDBKMEigRqBEhkJo dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb3JVRUZDQTIw MTFfMjAxMS0wNi0yNy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRo dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvclVFRkNB MjAxMV8yMDExLTA2LTI3LmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUA A4IBAQAqJ9a9LzTGipmJ7IVkSf5JNK1cBhXsWBlmQ5kFNzeoa+RskUuUeM45NTS3 We7F628BW3BrhT8dK+Uf6YB7F46qng+VWNal2RPFjHSSy60QartzlUJoAaQvNjhC 5gv3LQRmaIZdtdjOLJAclnMETQWrt0wXGsGYwPk3a7kYXsdSO7U+bSwRRkL/v74g 78bCVxwgBhWctw/yxCjpl/bOg79XrZpHxH3szpgwz4YaFWRxxiYAoCYLROKeqObj PEB8BG83vkpG3K84wBiyT5ab63FtjnbOvD0dGRNO1vIWzC41eEi0mYGW69cya8o+ Ot4bqI6YYSpWmkah9FhW9OLfoCpdMIIGEDCCA/igAwIBAgIKYQjTxAAAAAAABDAN BgkqhkiG9w0BAQsFADCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh dGlvbjE7MDkGA1UEAxMyTWljcm9zb2Z0IENvcnBvcmF0aW9uIFRoaXJkIFBhcnR5 IE1hcmtldHBsYWNlIFJvb3QwHhcNMTEwNjI3MjEyMjQ1WhcNMjYwNjI3MjEzMjQ1 WjCBgTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjErMCkGA1UE AxMiTWljcm9zb2Z0IENvcnBvcmF0aW9uIFVFRkkgQ0EgMjAxMTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAKUIbEzHRQlqSwykwId/BnUMQwFUZOAWfwft kn0LsnO/DArGSkVhoMUWLZbT9Sug+01Jm0GAkDy5VP3mvNGdxKQYin9BilxZg2gy u4xHye5xvCFPmop8/0Q/jY8ysiZIrnW17slMHkoZfuSCmh14d00MsL32D9MW07z6 K6VROF31+7rbeALb/+wKG5bVg7gZE+m2wHtAe+EfKCfJ+u9WXhzmfpR+wPBEsnk5 5dqyYotNvzhw4mgkFMkzpAg31VhpXtN87cEEUwjnTrAqh2MIYW9jFVnqsit51wxh Z4pb/V6th3+6hmdPcVgSIgQiIs6L71RxAM5QNVh2lQjuarGiAdUCAwEAAaOCAXYw ggFyMBIGCSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYBBAGCNxUCBBYEFPjBa7d/d1NK 8yU3HU6hJnsPIHCAMB0GA1UdDgQWBBQTrb9DCb2CcJyM1U8xbtUimIob1DAZBgkr BgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw AwEB/zAfBgNVHSMEGDAWgBRFZlJD4X5YEb/WTp4jVQg7OiJqqDBcBgNVHR8EVTBT MFGgT6BNhktodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0 cy9NaWNDb3JUaGlQYXJNYXJSb29fMjAxMC0xMC0wNS5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2Nl cnRzL01pY0NvclRoaVBhck1hclJvb18yMDEwLTEwLTA1LmNydDANBgkqhkiG9w0B AQsFAAOCAgEANQhC/zDMzvd2DK0QaFg1KUYydid87xJBJ0IbSqptgThIWRNV8+lY NKYWC4KqXa2C2oCDQQaPtB3yA7nzGl0b8VCQ+bNVhEIoHCC9sq5RFMXArJeVIRyQ 2w/8d56Vc5GIyr29UrkFUA3fV56gYe0N5W0l2UAPF0DIzqNKwk2vmhIdCFSPvce8 uSs9SSsfMvxqIWlPm8h+QjT8NgYXi48gQMCzmiV1J83JA6P2XdHnNlR6uVC10xLR B7+7dN/cHo+A1e0Y9C8UFmsv3maMsCPlx4TY7erBM4KtVksYLfFolQfNz/By8K67 3YaFmCwhTDMr8A9K8GiHtZJVMnWhaoJqPKMlEaTtrdcErsvYQFmghNGVTGKRIhp0 HYw9Rw5EpuSwmzQ1sfq2U6gsgeykBXHInbi66BtEZuRHVA6OVn+znxaYsobQaD6Q I7UvXo9QhY3GjYJfQaH0Lg3gmdJsdeS2abUhhvoH0fbiTdHarSx3Ux4lMjfHbFJy lYaw8TVhahn1sjuBUFamMi3+oon5QoYnGFWhgspam/gwmFQUpkeWJS/IJuRBlBpc Aj/lluOFWzw+P7tHFnJV4iUisdl75wMGKqP3HpBGwwAN1hmJ4w41J2IDcRWm79An oKBZN2D4OJS44Hhw+LpMhoeU9uCuAkXuZcK2o35pFnUHkpv1prxZg1gxghYoMIIW JAIBATCBmTCBgTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEr MCkGA1UEAxMiTWljcm9zb2Z0IENvcnBvcmF0aW9uIFVFRkkgQ0EgMjAxMQITMwAA AApmQvP0n7c3lgABAAAACjANBglghkgBZQMEAgEFAKCCAREwGQYJKoZIhvcNAQkD MQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJ KoZIhvcNAQkEMSIEIOBR1lXJ0yMtGJm8ETD6MEFIJCyjBPLlLe2aF6PcGN1xMIGk BgorBgEEAYI3AgEMMYGVMIGSoF6AXABoAHQAdABwADoALwAvAHcAdwB3AC4AbQBp AGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvAHcAaABkAGMALwBoAGMAbAAvAGQAZQBm AGEAdQBsAHQALgBtAHMAcAB4oTCALmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS93 aGRjL2hjbC9kZWZhdWx0Lm1zcHgwDQYJKoZIhvcNAQEBBQAEggEAVajbL42oQSy1 NUS6HAoCq0L01hhN9fHn8acFrSpXK+GjijNspEcxVWSmJCWUWj4oVgBU7hgB2cFr YBm7M6VLl0h45tCI0jyHURNs4bYeKhBlywIAKQ1B3sxBi84vrNmVv7tZqtV8eAte tmX/8X6mOObVtD1YfYRVc2/EAEqv/Dee3BKb2/3MJ8TlUDuPZ1yAjAq4MViGs0J3 m4T63cugiWPuoaZEGJ6eaPiVXPcEKiDDOboCMm6MY1CLADE0moMrQ86dtbmycXIu N44ImKRkPSSCnRbmNDl/OkITHAicitORyvpet6uciDQtXQEq8xuRHJ7tOrwTmuLs r+BEVn7BR6GCE0owghNGBgorBgEEAYI3AwMBMYITNjCCEzIGCSqGSIb3DQEHAqCC EyMwghMfAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggE9BgsqhkiG9w0BCRABBKCCASwE ggEoMIIBJAIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFlAwQCAQUABCBfmL3wsdu9 3kovdSnRVAah9huZNZbgGFJ05HSVLqfy9gIGUmk4IyjpGBMyMDEzMTAzMDE5MTY0 My42ODZaMAcCAQGAAgH0oIG5pIG2MIGzMQswCQYDVQQGEwJVUzETMBEGA1UECBMK V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 IENvcnBvcmF0aW9uMQ0wCwYDVQQLEwRNT1BSMScwJQYDVQQLEx5uQ2lwaGVyIERT RSBFU046QzBGNC0zMDg2LURFRjgxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0 YW1wIFNlcnZpY2Wggg7NMIIGcTCCBFmgAwIBAgIKYQmBKgAAAAAAAjANBgkqhkiG 9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEy MDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw MTAwHhcNMTAwNzAxMjEzNjU1WhcNMjUwNzAxMjE0NjU1WjB8MQswCQYDVQQGEwJV UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGlt ZS1TdGFtcCBQQ0EgMjAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKkdDbx3EYo6IOz8E5f1+n9plGt0VBDVpQoAgoX77XxoSyxfxcPlYcJ2tz5mK1vw FVMnBDEfQRsalR3OCROOfGEwWbEwRA/xYIiEVEMM1024OAizQt2TrNZzMFcmgqNF DdDq9UeBzb8kYDJYYEbyWEeGMoQedGFnkV+BVLHPk0ySwcSmXdFhE24oxhr5hoC7 32H8RsEnHSRnEnIaIYqvS2SJUGKxXf13Hz3wV3WsvYpCTUBR0Q+cBj5nf/VmwAOW RH7v0Ev9buWayrGo8noqCjHw2k4GkbaICDXoeByw6ZnNPOcvRLqn9NxkvaQBwSAJ k3jN/LzAyURdXhacAQVPIk0CAwEAAaOCAeYwggHiMBAGCSsGAQQBgjcVAQQDAgEA MB0GA1UdDgQWBBTVYzpcijGQ80N7fEYbxTNoWoVtVTAZBgkrBgEEAYI3FAIEDB4K AFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSME GDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRw Oi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJB dXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5o dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8y MDEwLTA2LTIzLmNydDCBoAYDVR0gAQH/BIGVMIGSMIGPBgkrBgEEAYI3LgMwgYEw PQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9QS0kvZG9jcy9D UFMvZGVmYXVsdC5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AUABv AGwAaQBjAHkAXwBTAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQAD ggIBAAfmiFEN4sbgmD+BcQM9naOhIW+z66bM9TG+zwXiqf76V20ZMLPCxWbJat/1 5/B4vceoniXj+bzta1RXCCtRgkQS+7lTjMz0YBKKdsxAQEGb3FwX/1z5Xhc1mCRW S3TvQhDIr79/xn/yN31aPxzymXlKkVIArzgPF/UveYFl2am1a+THzvbKegBvSzBE JCI8z+0DpZaPWSm8tv0E4XCfMkon/VWvL/625Y4zu2JfmttXQOnxzplmkIz/amJ/ 3cVKC5Em4jnsGUpxY517IW3DnKOiPPp/fZZqkHimbdLhnPkd/DjYlPTGpQqWhqS9 nhquBEKDuLWAmyI4ILUl5WTs9/S/fmNZJQ96LjlXdqJxqgaKD4kWumGnEcua2A5H moDF0M2n0O99g/DhO3EJ3110mCIIYdqwUB5vvfHhAN/nMQekkzr3ZUd46PioSKv3 3nJ+YWtvd6mBy6cJrDm77MbL2IK0cs0d9LiFAR6A+xuJKlQ5slvayA1VmXqHczsI 5pgt6o3gMy4SKfXAL1QnIffIrE7aKLixqduWsqdCosnPGUFN4Ib5KpqjEWYw07t0 MkvfY3v1mYovG8chr1m1rtxEPJdQcdeh0sVV42neV8HR3jDA/czmTfsNv11P6Z0e GTgvvM9YBS7vDaBQNdrvCScc1bN+NR4Iuto229Nfj950iEkSMIIE2jCCA8KgAwIB AgITMwAAACiQZ7kEsDxuZgAAAAAAKDANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQG EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQg VGltZS1TdGFtcCBQQ0EgMjAxMDAeFw0xMzAzMjcyMDEzMTNaFw0xNDA2MjcyMDEz MTNaMIGzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMQ0wCwYD VQQLEwRNT1BSMScwJQYDVQQLEx5uQ2lwaGVyIERTRSBFU046QzBGNC0zMDg2LURF RjgxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2UwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdpUi/akidSiGckmve4C3c5GP4zLmJ xMcbvee10/vtrs8x/vNmsEQD2plnCFq/dQYiEYnQZ1LM+s+SN0Xo+vG9M9PMc+O4 IaSgFX3LL8QDBdo/lnPTWeWYTQtWhi+dR9HWX52R6ceE2ZVrMky0awBS4EHTPGl0 qM7MfWidUlXmcH8UB6KeZ7CGRPMzP3Ndxij4F19SAS1EL9bteAi45TsvwLnDS8O3 Oy/TprWcsUhK3TIJVqEbS1rTqiYnDBJDYMVq19pADWCYiUG7k3Pdv/7EjFvO+lUn yk1Nmm99EWyxRyOwTHxsfwahdIIfUngY6QYaFlCawzrdgYH3mydyIX91AgMBAAGj ggEbMIIBFzAdBgNVHQ4EFgQU3JgInXnRBLKLR8Nx0Izns+awU50wHwYDVR0jBBgw FoAU1WM6XIoxkPNDe3xGG8UzaFqFbVUwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDov L2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljVGltU3RhUENB XzIwMTAtMDctMDEuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0 cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNUaW1TdGFQQ0FfMjAx MC0wNy0wMS5jcnQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDCDAN BgkqhkiG9w0BAQsFAAOCAQEAgiLztz1kfhJL/Cb84OS30MQUTgn+q1aa0VqYpr6M QR6UtDK+hLS3RXbj72AYJIeoz+m00VQpvMrkyxJ7wPHUDp8xMxsRP3o73d0CqhjK yjz6luNsu6+7yYQ+x9gMhctyCwEbpPUxERAMRaVaSJl+2r5Fhte6TeSB/9NYCnZl Blkv9sJCzwTJqxv6YZ3185hJcLFJ0GTEIejuYBdTfusC2miVi/UKPAHbo7WYFFF0 nlPp2nKYZqBfKc+Prx+CnNPr5vFMG1T46DLcwRXDrCpudAUWg+NEmJ/L7+gweX+v UqU6H99lx43+J9hHGZIItIs0jmknNxoC9pGzlSL/CEgq/qGCA3YwggJeAgEBMIHj oYG5pIG2MIGzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G A1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMQ0w CwYDVQQLEwRNT1BSMScwJQYDVQQLEx5uQ2lwaGVyIERTRSBFU046QzBGNC0zMDg2 LURFRjgxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2WiJQoB ATAJBgUrDgMCGgUAAxUA8120HsdfO2ZOZQ7emART9hWnH0SggcIwgb+kgbwwgbkx CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xDTALBgNVBAsTBE1P UFIxJzAlBgNVBAsTHm5DaXBoZXIgTlRTIEVTTjpCMDI3LUM2RjgtMUQ4ODErMCkG A1UEAxMiTWljcm9zb2Z0IFRpbWUgU291cmNlIE1hc3RlciBDbG9jazANBgkqhkiG 9w0BAQUFAAIFANYbbXkwIhgPMjAxMzEwMzAxMTM1MjFaGA8yMDEzMTAzMTExMzUy MVowdDA6BgorBgEEAYRZCgQBMSwwKjAKAgUA1htteQIBADAHAgEAAgIQxzAHAgEA AgIYcDAKAgUA1hy++QIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMB oAowCAIBAAIDFuNgoQowCAIBAAIDB6EgMA0GCSqGSIb3DQEBBQUAA4IBAQAxxOL5 p8WZx+WQXwsf9YpPA4dWCU2xk7l1MY2R653keklyM7ks9Md5/7JbBzMPQXMPJ0Ts SllTUWF+wCUwW84ZAJCG4IUS5MrfbC5yXPkCjYEW6pll2A77OgwC+UG7X5VN67nm XfRbw+3lyAAcCjpreeEOiMRTNP1UW3Th2x5Lmbgc4AW/6p+6VEj/7QJEuj7oMXVe KQNp/I+lJn1rBGU42wqteobjNmUI55+i5PN+Wa5uGh7IhkqpDRPIkBM9wqVDQoHb d727DRVQMwzTAGYdSaOPJjLYti078h71WDJYyM1waA435nrkukJ6ObWdMTNjJqsy /Tz7rYZPgMPKLjtfMYIC9TCCAvECAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNV BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg UENBIDIwMTACEzMAAAAokGe5BLA8bmYAAAAAACgwDQYJYIZIAWUDBAIBBQCgggEy MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgqtHU /PG7RLWN/Y5UsjD6+lFX/RpWbpbjNV/x7SF3lQwwgeIGCyqGSIb3DQEJEAIMMYHS MIHPMIHMMIGxBBTzXbQex187Zk5lDt6YBFP2FacfRDCBmDCBgKR+MHwxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29m dCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAAKJBnuQSwPG5mAAAAAAAoMBYEFLWf +tQPMIlyzZih4uVtvwa31BWHMA0GCSqGSIb3DQEBCwUABIIBAEJSSeyhVFmVBArn o02R+f9PxUVjdMsHRqTWdnfA6F4uFU2GGGB2NoGTPHVeHrTTejo2bzXf5Di0jO5r nIM1KVSUIDmM6xgvcIgxMuo2oM8MxHnYSh9QdWTCnJsqcR+PzIhsdrxaQOLRXNiS uEyj0MgaJuYATAmhM2oM4BFNmbFavr0Sar3fj54zoZ9/p7ZhROSVm40OKt8tzSDu 7KrU8rr6VikJV2svuvLsmBKP7H6A+ZBWgrSlraQhdOxgjdPci6rhoZ9GG3WzNIcg c+4KZEXs0hxinuZA2+Z9QhyXcTeLXm1UbKtN+P6hEv6ABEaghtj238dcrBtwijpX BkfJeJoAAAA= -----END AUTHENTICODE SIGNATURE----- ++++++ shim-install ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:30.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:30.000000000 +0200 @@ -4,18 +4,14 @@ bootdir= efidir= install_device= -efibootdir= -ca_string= removable=no clean=no sysconfdir="/etc" libdir="/usr/lib64" source_dir="$libdir/efi" grub_probe="`which grub2-probe`" -grub_mkrelpath="`which grub2-mkrelpath`" self="`basename $0`" grub_cfg="/boot/grub2/grub.cfg" -update_boot=no # Get GRUB_DISTRIBUTOR. if test -f "${sysconfdir}/default/grub" ; then @@ -30,14 +26,6 @@ efi_distributor="$bootloader_id" bootloader_id="${bootloader_id}-secureboot" -case "$bootloader_id" in - "sle"*) - ca_string='SUSE Linux Enterprise Secure Boot CA1';; - "opensuse"*) - ca_string='openSUSE Secure Boot CA1';; - *) ca_string="";; -esac - usage () { echo "Usage: $self [OPTION] [INSTALL_DEVICE]" echo @@ -181,32 +169,18 @@ if test -n "$efidir"; then efi_file=shim.efi - efibootdir="$efidir/EFI/boot" - mkdir -p "$efibootdir" || exit 1 efidir="$efidir/EFI/$efi_distributor" mkdir -p "$efidir" || exit 1 else exit 1; fi -if test -f "$efibootdir/bootx64.efi"; then - if test -n "$ca_string" && (grep -q "$ca_string" "$efibootdir/bootx64.efi"); then - update_boot=yes - fi -else - update_boot=yes -fi - if test "$clean" = "yes"; then rm -f "${efidir}/shim.efi" rm -f "${efidir}/MokManager.efi" rm -f "${efidir}/grub.efi" rm -f "${efidir}/grub.cfg" rm -f "${efidir}/boot.csv" - if test "$update_boot" = "yes"; then - rm -f "${efibootdir}/bootx64.efi" - rm -f "${efibootdir}/fallback.efi" - fi efibootmgr="`which efibootmgr`" if test "$removable" = no && test -n "$bootloader_id" && test -n "$efibootmgr"; then # Delete old entries from the same distributor. @@ -222,70 +196,17 @@ cp "${source_dir}/MokManager.efi" "${efidir}" cp "${source_dir}/grub.efi" "${efidir}" echo "shim.efi,${bootloader_id}" | iconv -f ascii -t ucs2 > "${efidir}/boot.csv" -if test "$update_boot" = "yes"; then - cp "${source_dir}/shim.efi" "${efibootdir}/bootx64.efi" - cp "${source_dir}/fallback.efi" "${efibootdir}" -fi - - -make_grubcfg () { grub_cfg_dirname=`dirname $grub_cfg` grub_cfg_basename=`basename $grub_cfg` cfg_fs_uuid=`"$grub_probe" --target=fs_uuid "$grub_cfg_dirname"` -descriptive_config="snapshot_submenu.cfg" -root_fstype=`$grub_probe -t fs /` -boot_fstype=`$grub_probe -t fs /boot` -if [ "x${root_fstype}" != "xbtrfs" ] || - [ "x${boot_fstype}" != "xbtrfs" ]; then - echo "/ is not on btrfs" >&2 - exit 1; -fi - -if test "x$SUSE_BTRFS_SNAPSHOT_BOOTING" = "xtrue" && - test "x$root_fstype" = "xbtrfs" && - test "x$boot_fstype" = "xbtrfs"; then - -cat <<EOF -set btrfs_relative_path="yes" -set extra_cmdline="" -btrfs_subvolid="" -btrfs_subvol="/" - -export btrfs_relative_path -export extra_cmdline +(cat << EOF search --fs-uuid --set=root ${cfg_fs_uuid} - -set timeout=0 - -terminal_input console -terminal_output console - -menuentry 'default' { - btrfs_subvol="" - configfile /boot/grub2/grub.cfg - btrfs_subvol="/" -} - -if [ -f "/.snapshots/${descriptive_config}" ]; then - source "/.snapshots/${descriptive_config}" -fi - -EOF - -else - -cat <<EOF -search --fs-uuid --set=root ${cfg_fs_uuid} -set prefix=(\${root})`${grub_mkrelpath} ${grub_cfg_dirname}` -configfile \$prefix/${grub_cfg_basename} +set prefix=(\${root})${grub_cfg_dirname} EOF -fi - -} - -make_grubcfg > "${efidir}/grub.cfg" +echo "configfile \$prefix/${grub_cfg_basename}") \ +> "${efidir}/grub.cfg" efibootmgr="`which efibootmgr`" if test "$removable" = no && test -n "$bootloader_id" && test -n "$efibootmgr"; then ++++++ shim-mokx-support.patch ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:30.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:30.000000000 +0200 @@ -1,12 +1,10 @@ -From 58b8e54ef60d488886a9f0d0877b7187eb200d07 Mon Sep 17 00:00:00 2001 +From 8614cf8c164049e77d702eb234d608d5342e975b Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Thu, 24 Oct 2013 17:02:08 +0800 -Subject: [PATCH 01/10] Support MOK blacklist +Subject: [PATCH 1/9] Support MOK blacklist The new blacklist, MokListX, stores the keys and hashes that are banned. - -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- MokManager.c | 241 +++++++++++++++++++++++++++++++++++++++++++++++++---------- shim.c | 3 +- @@ -512,7 +510,7 @@ return EFI_SUCCESS; } diff --git a/shim.c b/shim.c -index cf93d65..2c23a2f 100644 +index 9ae1936..c133bb2 100644 --- a/shim.c +++ b/shim.c @@ -1510,7 +1510,8 @@ EFI_STATUS check_mok_request(EFI_HANDLE image_handle) @@ -526,15 +524,14 @@ if (efi_status != EFI_SUCCESS) { -- -1.8.4.5 +1.8.1.4 -From d2980a5cbee887223405a24be44ffd5bb439e3f1 Mon Sep 17 00:00:00 2001 +From f36f4093bb72344242949b16b83905cefb93d3cd Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Thu, 24 Oct 2013 17:32:31 +0800 -Subject: [PATCH 02/10] MokManager: show the hash list properly +Subject: [PATCH 2/9] MokManager: show the hash list properly -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- MokManager.c | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 71 insertions(+), 11 deletions(-) @@ -678,15 +675,14 @@ for (i=0; menu_strings[i] != NULL; i++) -- -1.8.4.5 +1.8.1.4 -From 9c4b5d58385c64056adb5386c097219665f2f50d Mon Sep 17 00:00:00 2001 +From f1073a9bc757008d44b5b86cb5002a3654faf2d2 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Fri, 25 Oct 2013 16:54:25 +0800 -Subject: [PATCH 03/10] MokManager: delete the hash properly +Subject: [PATCH 3/9] MokManager: delete the hash properly -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- MokManager.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 114 insertions(+), 10 deletions(-) @@ -844,15 +840,14 @@ } -- -1.8.4.5 +1.8.1.4 -From 54ce2f9605990c00f9cafae7cab22a1c885828c1 Mon Sep 17 00:00:00 2001 +From b5cb83a92620b0b41857f3e3a292d1577eb3a3a5 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Fri, 25 Oct 2013 17:05:10 +0800 -Subject: [PATCH 04/10] MokManager: Match all hashes in the list +Subject: [PATCH 4/9] MokManager: Match all hashes in the list -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- MokManager.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) @@ -913,17 +908,15 @@ } } -- -1.8.4.5 +1.8.1.4 -From 4c1912c8521cca4d320a1417abff6f7954809a20 Mon Sep 17 00:00:00 2001 +From 70a4e12d2e6ba37541d0b78ec3c8ed5e8da9a941 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Fri, 25 Oct 2013 18:30:48 +0800 -Subject: [PATCH 05/10] MokManager: Write the hash list properly +Subject: [PATCH 5/9] MokManager: Write the hash list properly also return to the previous entry in the list - -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- MokManager.c | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) @@ -998,21 +991,20 @@ efi_status = uefi_call_wrapper(RT->SetVariable, 5, db_name, -- -1.8.4.5 +1.8.1.4 -From 8b96a93bda39617efbe51f24d1dc606ad8835d26 Mon Sep 17 00:00:00 2001 +From 225e5fca2f7cf63e365b77243d6e43b1eb9860c8 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Mon, 28 Oct 2013 15:08:40 +0800 -Subject: [PATCH 06/10] Copy the MOK blacklist to a RT variable +Subject: [PATCH 6/9] Copy the MOK blacklist to a RT variable -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- shim.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/shim.c b/shim.c -index 2c23a2f..ccb3071 100644 +index c133bb2..a0383a8 100644 --- a/shim.c +++ b/shim.c @@ -1480,6 +1480,33 @@ EFI_STATUS mirror_mok_list() @@ -1049,7 +1041,7 @@ * Check if a variable exists */ static BOOLEAN check_var(CHAR16 *varname) -@@ -1799,6 +1826,8 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab) +@@ -1795,6 +1822,8 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab) */ efi_status = mirror_mok_list(); @@ -1059,21 +1051,20 @@ * Create the runtime MokIgnoreDB variable so the kernel can make * use of it -- -1.8.4.5 +1.8.1.4 -From 044d04dbed3ef3f2f3004a770e3751eabc052c2c Mon Sep 17 00:00:00 2001 +From f9db55b719281ce491780ecd4ec269c5286a7251 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Mon, 28 Oct 2013 16:36:34 +0800 -Subject: [PATCH 07/10] No newline for console_notify +Subject: [PATCH 7/9] No newline for console_notify -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- shim.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/shim.c b/shim.c -index ccb3071..e30a464 100644 +index a0383a8..a2e0862 100644 --- a/shim.c +++ b/shim.c @@ -470,7 +470,7 @@ static BOOLEAN secure_mode (void) @@ -1095,13 +1086,13 @@ } -- -1.8.4.5 +1.8.1.4 -From 0e97d1576fcc1924f0f17b7f31baf1dd74a7f83e Mon Sep 17 00:00:00 2001 +From 0bf2da5c7d9442f3249fc977b3fbffab924a374c Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Mon, 4 Nov 2013 14:45:33 +0800 -Subject: [PATCH 08/10] Verify the EFI images with MOK blacklist +Subject: [PATCH 8/9] Verify the EFI images with MOK blacklist Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> --- @@ -1109,7 +1100,7 @@ 1 file changed, 9 insertions(+) diff --git a/shim.c b/shim.c -index e30a464..efd3d85 100644 +index a2e0862..5f5e9a6 100644 --- a/shim.c +++ b/shim.c @@ -365,6 +365,7 @@ static EFI_STATUS check_blacklist (WIN_CERTIFICATE_EFI_PKCS *cert, @@ -1136,13 +1127,13 @@ return EFI_SUCCESS; } -- -1.8.4.5 +1.8.1.4 -From a166edaa42ef96eaf5b000d0e4ad71779b745d68 Mon Sep 17 00:00:00 2001 +From 20ced27d1785bceaf814c07ca0d5686506a119ad Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin(a)suse.com> Date: Mon, 4 Nov 2013 17:51:55 +0800 -Subject: [PATCH 09/10] Exclude ca.crt while signing EFI images +Subject: [PATCH 9/9] Exclude ca.crt while signing EFI images If ca.crt was added into the certificate database, ca.crt would be the first certificate in the signature. Because shim couldn't verify ca.crt with the @@ -1167,33 +1158,5 @@ certutil -d certdb/ -A -i shim.crt -n shim -t u -- -1.8.4.5 - - -From cce37bfa5298e8e9c12d3509c78592f711699c4f Mon Sep 17 00:00:00 2001 -From: Gary Ching-Pang Lin <glin(a)suse.com> -Date: Tue, 11 Feb 2014 14:11:15 +0800 -Subject: [PATCH 10/10] Make shim to check MokXAuth for MOKX reset - -Signed-off-by: Gary Ching-Pang Lin <glin(a)suse.com> ---- - shim.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/shim.c b/shim.c -index efd3d85..7093c45 100644 ---- a/shim.c -+++ b/shim.c -@@ -1547,7 +1547,8 @@ EFI_STATUS check_mok_request(EFI_HANDLE image_handle) - if (check_var(L"MokNew") || check_var(L"MokSB") || - check_var(L"MokPW") || check_var(L"MokAuth") || - check_var(L"MokDel") || check_var(L"MokDB") || -- check_var(L"MokXNew") || check_var(L"MokXDel")) { -+ check_var(L"MokXNew") || check_var(L"MokXDel") || -+ check_var(L"MokXAuth")) { - efi_status = start_image(image_handle, MOK_MANAGER); - - if (efi_status != EFI_SUCCESS) { --- -1.8.4.5 +1.8.1.4 ++++++ show_hash.sh ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:30.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:30.000000000 +0200 @@ -9,4 +9,13 @@ exit 1 fi -pesign -h -P -i "$infile" +nssdir=`mktemp -d` +cleanup() +{ + rm -r "$nssdir" +} +trap cleanup EXIT +echo > "$nssdir/pw" +certutil -f "$nssdir/pw" -d "$nssdir" -N + +pesign -n "$nssdir" -h -P -i "$infile" ++++++ show_signatures.sh ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:30.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:30.000000000 +0200 @@ -9,4 +9,13 @@ exit 1 fi -pesign -S -i "$infile" +nssdir=`mktemp -d` +cleanup() +{ + rm -r "$nssdir" +} +trap cleanup EXIT +echo > "$nssdir/pw" +certutil -f "$nssdir/pw" -d "$nssdir" -N + +pesign -n "$nssdir" -S -i "$infile" ++++++ strip_signature.sh ++++++ --- /var/tmp/diff_new_pack.caxf2B/_old 2014-04-21 11:05:30.000000000 +0200 +++ /var/tmp/diff_new_pack.caxf2B/_new 2014-04-21 11:05:30.000000000 +0200 @@ -10,4 +10,13 @@ outfile="${infile%.efi}-unsigned.efi" -pesign -r -i "$infile" -o "$outfile" +nssdir=`mktemp -d` +cleanup() +{ + rm -r "$nssdir" +} +trap cleanup EXIT +echo > "$nssdir/pw" +certutil -f "$nssdir/pw" -d "$nssdir" -N + +pesign -n "$nssdir" -r -i "$infile" -o "$outfile" -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit tor for openSUSE:Factory
by root＠hilbert.suse.de 20 Apr '14

20 Apr '14

Hello community, here is the log from the commit of package tor for openSUSE:Factory checked in at 2014-04-20 11:37:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tor (Old) and /work/SRC/openSUSE:Factory/.tor.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "tor" Changes: -------- --- /work/SRC/openSUSE:Factory/tor/tor.changes 2014-03-09 20:27:18.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.tor.new/tor.changes 2014-04-20 11:37:21.000000000 +0200 @@ -1,0 +2,5 @@ +Sat Apr 19 02:54:55 UTC 2014 - mook.moz+com.novell(a)gmail.com + +- Add tor-fw-helper for UPnP port forwarding; not used by default + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tor.spec ++++++ --- /var/tmp/diff_new_pack.HMWl2z/_old 2014-04-20 11:37:22.000000000 +0200 +++ /var/tmp/diff_new_pack.HMWl2z/_new 2014-04-20 11:37:22.000000000 +0200 @@ -18,6 +18,7 @@ %define with_bufferevents 0%{?suse_version} > 1220 %define with_systemd 0%{?suse_version} > 1140 +%define with_upnp 0%{?suse_version} >= 1220 %define toruser %{name} %define torgroup %{name} %define home_dir %{_localstatedir}/lib/empty @@ -36,6 +37,9 @@ Source4: tor.tmpfiles # PATCH-FIX-UPSTREAM tor-0.2.2.37-logrotate.patch -- add su to logrotate config to fix W: suse-logrotate-user-writable-log-dir Patch0: tor-0.2.2.37-logrotate.patch +%if %{with_upnp} +BuildRequires: libminiupnpc-devel +%endif BuildRequires: openssl-devel BuildRequires: pwdutils Requires: logrotate @@ -93,6 +97,9 @@ %configure \ --with-tor-user=%{toruser} \ --with-tor-group=%{torgroup} \ +%if %{with_upnp} + --enable-upnp \ +%endif %if %{with_bufferevents} --enable-bufferevents \ %endif @@ -174,6 +181,9 @@ %{_bindir}/%{name}ify %{_bindir}/%{name}-gencert %{_bindir}/%{name}-resolve +%if %{with_upnp} +%{_bindir}/%{name}-fw-helper +%endif %dir %{_datadir}/%{name} %{_datadir}/%{name}/geoip* %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name} -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit libxmp for openSUSE:Factory
by root＠hilbert.suse.de 20 Apr '14

20 Apr '14

Hello community, here is the log from the commit of package libxmp for openSUSE:Factory checked in at 2014-04-20 11:37:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libxmp (Old) and /work/SRC/openSUSE:Factory/.libxmp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libxmp" Changes: -------- --- /work/SRC/openSUSE:Factory/libxmp/libxmp.changes 2014-03-04 13:46:51.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libxmp.new/libxmp.changes 2014-04-20 11:37:06.000000000 +0200 @@ -1,0 +2,19 @@ +Mon Apr 14 07:46:14 UTC 2014 - jengelh(a)inai.de + +- Update to new upstream release 4.2.7 +* This release adds support for ADPCM samples in XM files, and + implements an OctaMED channel pan effect. It also fixes OctaMED + MMD2 and MMD3 note and sample mapping, the XM channel pan + effect, and a disabled pan in IT instruments. + +------------------------------------------------------------------- +Tue Apr 8 14:18:07 UTC 2014 - jengelh(a)inai.de + +- Update to new upstream release 4.2.6 +* This release has fixes for the Impulse Tracker tempo slide + effect, for 15-instrument Soundtracker sample loops, and many + fixes for OctaMED modules, including 2-to-7 octave IFFOCT + samples, hold and decay support, vibrato depth, and synth + instrument volume. + +------------------------------------------------------------------- Old: ---- libxmp-4.2.5.tar.gz New: ---- libxmp-4.2.7.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxmp.spec ++++++ --- /var/tmp/diff_new_pack.IyvPuu/_old 2014-04-20 11:37:06.000000000 +0200 +++ /var/tmp/diff_new_pack.IyvPuu/_new 2014-04-20 11:37:06.000000000 +0200 @@ -21,7 +21,7 @@ Summary: Module Player library for MOD, S3M, IT and others License: LGPL-2.1 Group: Development/Libraries/C and C++ -Version: 4.2.5 +Version: 4.2.7 Release: 0 Url: http://xmp.sf.net/ ++++++ libxmp-4.2.5.tar.gz -> libxmp-4.2.7.tar.gz ++++++ ++++ 3791 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit crmsh for openSUSE:Factory
by root＠hilbert.suse.de 20 Apr '14

20 Apr '14

Hello community, here is the log from the commit of package crmsh for openSUSE:Factory checked in at 2014-04-20 11:36:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/crmsh (Old) and /work/SRC/openSUSE:Factory/.crmsh.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "crmsh" Changes: -------- --- /work/SRC/openSUSE:Factory/crmsh/crmsh.changes 2014-04-09 13:12:08.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.crmsh.new/crmsh.changes 2014-04-20 11:36:52.000000000 +0200 @@ -1,0 +2,16 @@ +Fri Apr 11 07:58:21 UTC 2014 - kgronlund(a)suse.com + +- hb_report: pcmk lib changed permissions (bnc#872958) +- history: Use subsecond precision if possible (bnc#872932) +- history: set colours for all nodes found (bnc#872936) +- upstream: 2.0.0-18-ga957470950b6 + +------------------------------------------------------------------- +Wed Apr 9 12:37:17 UTC 2014 - kgronlund(a)suse.com + +- parse: Support cib object tags (fate#315101) +- cibconfig: Support filename-style globs in show/edit (bnc#864346) +- Support Pacemaker 1.3 schema +- upstream: 2.0.0-12-g60ed9131ec43 + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ crmsh.spec ++++++ --- /var/tmp/diff_new_pack.c272Ki/_old 2014-04-20 11:36:53.000000000 +0200 +++ /var/tmp/diff_new_pack.c272Ki/_new 2014-04-20 11:36:53.000000000 +0200 @@ -41,7 +41,7 @@ Summary: High Availability cluster command-line interface License: GPL-2.0+ Group: %{pkg_group} -Version: 2.0+git5 +Version: 2.0+git18 Release: %{?crmsh_release}%{?dist} Url: http://crmsh.github.io Source0: crmsh.tar.bz2 ++++++ crmsh.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/doc/crm.8.txt new/crmsh/doc/crm.8.txt --- old/crmsh/doc/crm.8.txt 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/doc/crm.8.txt 2014-04-11 09:31:00.000000000 +0200 @@ -2717,6 +2717,24 @@ op_defaults record-pending=true ............... +[[cmdhelp_configure_tag,Define resource tags]] +==== `tag` + +Define a resource tag. A tag is an id referring to one or more +resources, without implying any constraints between the tagged +resources. This can be useful for grouping conceptually related +resources. + +Usage: +............... +tag <tag-name>: <rsc> [<rsc> ...] +............... +Example: +............... +tag web: p-webserver p-vip +............... + + [[cmdhelp_configure_schema,set or display current CIB RNG schema]] ==== `schema` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/hb_report/ha_cf_support.sh new/crmsh/hb_report/ha_cf_support.sh --- old/crmsh/hb_report/ha_cf_support.sh 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/hb_report/ha_cf_support.sh 2014-04-11 09:31:00.000000000 +0200 @@ -76,7 +76,7 @@ cat<<EOF d $HA_VARLIB 0755 root root d $HA_VARLIB/ccm 0750 hacluster haclient -d $PCMK_LIB 0755 root root +d $PCMK_LIB 0750 hacluster haclient d $PE_STATE_DIR 0750 hacluster haclient d $CIB_DIR 0750 hacluster haclient EOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/hb_report/openais_conf_support.sh new/crmsh/hb_report/openais_conf_support.sh --- old/crmsh/hb_report/openais_conf_support.sh 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/hb_report/openais_conf_support.sh 2014-04-11 09:31:00.000000000 +0200 @@ -90,7 +90,7 @@ } essential_files() { cat<<EOF -d $PCMK_LIB 0755 root root +d $PCMK_LIB 0750 hacluster haclient d $PE_STATE_DIR 0750 hacluster haclient d $CIB_DIR 0750 hacluster haclient EOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/cibconfig.py new/crmsh/modules/cibconfig.py --- old/crmsh/modules/cibconfig.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/cibconfig.py 2014-04-11 09:31:00.000000000 +0200 @@ -20,6 +20,7 @@ import os import sys import re +import fnmatch import time import config from singletonmixin import Singleton @@ -824,6 +825,7 @@ "utilization": "utilization", "operations": "operations", "op": "op", + "tag": "tag", } @@ -1752,7 +1754,8 @@ for enode in self.node.xpath("rule/expression"): if enode.get("attribute") == "#uname": uname = enode.get("value") - if uname and uname.lower() not in [id.lower() for id in cib_factory.node_id_list()]: + ids = [i.lower() for i in cib_factory.node_id_list()] + if uname and uname.lower() not in ids: common_warn("%s: referenced node %s does not exist" % (self.obj_id, uname)) rc = 1 return rc @@ -2141,6 +2144,29 @@ headnode.append(n) remove_id_used_attributes(oldnode) return headnode + + +class CibTag(CibObject): + + def _repr_cli_head(self, fmt): + s = cli_display.keyword('tag') + id_ = cli_display.id(self.obj_id) + return "%s %s:" % (s, id_) + + def _repr_cli_child(self, c, fmt): + return c.get('id') + + def _cli_list2node(self, cli_list, oldnode): + """ + cli_list: [[tag] <id> [<rsc>, <rsc>...]] + out: <tag id="<id>"><obj_ref id="<rsc>">...</tag> + """ + tagid = cli_list[0][1][0][1] + tag = etree.Element('tag', id=tagid) + for rsc in cli_list[1]: + etree.SubElement(tag, 'obj_ref', id=rsc) + return tag + # ################################################################ @@ -2182,6 +2208,7 @@ "fencing-topology": ("fencing_topology", CibFencingOrder, "configuration"), "acl_role": ("role", CibAcl, "acls"), "acl_user": ("user", CibAcl, "acls"), + "tag": ("tag", CibTag, "tags"), } # generate a translation cli -> tag @@ -2212,7 +2239,7 @@ self.last_commit_time = 0 # internal (just not to produce silly messages) self._no_constraint_rm_msg = False - self.supported_cib_re = "^pacemaker-1[.][012]$" + self.supported_cib_re = "^pacemaker-1[.][0123]$" def is_cib_sane(self): # try to initialize @@ -2616,16 +2643,23 @@ self._clean_state() id_store.clear() - def find_object(self, obj_id): - "Find an object for id." + def find_objects(self, obj_id): + "Find objects for id (can be a wildcard-glob)." + matchfn = lambda x: fnmatch.fnmatch(x, obj_id) + objs = [] for obj in self.cib_objects: - if obj.obj_id == obj_id: - return obj + if matchfn(obj.obj_id): + objs.append(obj) # special case for Heartbeat nodes which have id # different from uname - if obj.obj_type == "node" and \ - obj.node.get("uname") == obj_id: - return obj + elif obj.obj_type == "node" and matchfn(obj.node.get("uname")): + objs.append(obj) + return objs + + def find_object(self, obj_id): + objs = self.find_objects(obj_id) + if len(objs) > 0: + return objs[0] return None # @@ -2895,10 +2929,10 @@ elif spec.startswith("type:"): obj_set |= set(self.get_elems_on_type(spec)) else: - obj = self.find_object(spec) - if obj: + objs = self.find_objects(spec) + for obj in objs: obj_set.add(obj) - else: + if len(objs) == 0: no_object_err(spec) rc = False return rc, obj_set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/cibobjects.py new/crmsh/modules/cibobjects.py --- old/crmsh/modules/cibobjects.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/cibobjects.py 2014-04-11 09:31:00.000000000 +0200 @@ -397,3 +397,15 @@ def _to_list(self): return listfmt('[[% [[id %]]] [raw %]]', self.type, self.id, self.raw) + + +class Tag(Expr): + def __init__(self): + Expr.__init__(self) + self.id = None + self.resources = [] + + def _to_list(self): + ret = listfmt('[[tag [[id %]]]]', self.id) + ret.append(self.resources) + return ret diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/pacemaker.py new/crmsh/modules/pacemaker.py --- old/crmsh/modules/pacemaker.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/pacemaker.py 2014-04-11 09:31:00.000000000 +0200 @@ -30,6 +30,7 @@ "pacemaker-1.0": ("rng", "pacemaker-1.0.rng"), "pacemaker-1.1": ("rng", "pacemaker-1.1.rng"), "pacemaker-1.2": ("rng", "pacemaker-1.2.rng"), + "pacemaker-1.3": ("rng", "pacemaker-1.3.rng"), } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/parse.py new/crmsh/modules/parse.py --- old/crmsh/modules/parse.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/parse.py 2014-04-11 09:31:00.000000000 +0200 @@ -26,7 +26,7 @@ from msg import common_err, syntax_err from cibobjects import Primitive, RscTemplate, Group, Clone, Master from cibobjects import Location, Colocation, Order -from cibobjects import Monitor, Node, Property, RscTicket +from cibobjects import Monitor, Node, Property, RscTicket, Tag from cibobjects import FencingTopology, ACLRight, Role, User, RawXML @@ -805,6 +805,28 @@ return out +class TagParser(BaseParser): + _TAG_RE = re.compile(r"([^:]+):$") + + def can_parse(self): + return ('tag',) + + def parse(self, cmd): + self.begin(cmd, min_args=2) + self.match('tag') + self.match(self._TAG_RE) + tagname = self.matched(1) + resources = [] + while self.has_tokens(): + resources.append(self.match_resource()) + if not resources: + self.err("Expected at least one resource") + out = Tag() + out.id = tagname + out.resources = resources + return out + + class AclParser(BaseParser): _ACL_RIGHT_RE = re.compile(r'(%s)$' % ('|'.join(vars.acl_rule_names)), re.IGNORECASE) _ROLE_REF_RE = re.compile(r'role:(.+)$', re.IGNORECASE) @@ -1174,7 +1196,8 @@ PropertyParser, FencingOrderParser, AclParser, - RawXMLParser) + RawXMLParser, + TagParser) def _xml_lex(self, s): try: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/report.py new/crmsh/modules/report.py --- old/crmsh/modules/report.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/report.py 2014-04-11 09:31:00.000000000 +0200 @@ -72,13 +72,13 @@ def syslog_ts(s): try: # strptime defaults year to 1900 (sigh) + # strptime returns a time_struct tm = time.strptime(' '.join([YEAR] + s.split()[0:3]), "%Y %b %d %H:%M:%S") - return time.mktime(tm) + return datetime.datetime.fromtimestamp(time.mktime(tm)) except: # try the rfc5424 try: - tm = parse_time(s.split()[0]) - return time.mktime(tm.timetuple()) + return parse_time(s.split()[0]) except Exception: common_debug("malformed line: %s" % s) return None @@ -1038,7 +1038,7 @@ def set_node_colors(self): i = 0 - for n in self.cibnode_l: + for n in self.get_nodes(): self.nodecolor[n] = self.nodecolors[i] i = (i+1) % len(self.nodecolors) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/ui_configure.py new/crmsh/modules/ui_configure.py --- old/crmsh/modules/ui_configure.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/ui_configure.py 2014-04-11 09:31:00.000000000 +0200 @@ -758,6 +758,11 @@ status""" return self.__conf_object(context.get_command_name(), *args) + @command.skill_level('administrator') + @command.completers_repeating(compl.null, top_rsc_tmpl_id_list) + def do_tag(self, context, *args): + return self.__conf_object(context.get_command_name(), *args) + @command.skill_level('expert') @command.completers_repeating(_rsc_id_list) def do_rsctest(self, context, *args): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/ui_resource.py new/crmsh/modules/ui_resource.py --- old/crmsh/modules/ui_resource.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/ui_resource.py 2014-04-11 09:31:00.000000000 +0200 @@ -90,7 +90,16 @@ else: for n in xmlutil.get_set_nodes(target_node, "meta_attributes", 1): xmlutil.set_attr(n, attr, value) - return xmlutil.commit_rsc(target_node) + return True + + +def set_deep_meta_attr_tag(tag, attr, value): + """ + tag: an etree tag node + TODO: make transactional (shadow CIB?) + """ + return all(set_deep_meta_attr(attr, value, ref.get('id')) + for ref in tag.xpath("./obj_ref")) def set_deep_meta_attr(attr, value, rsc_id): @@ -109,10 +118,15 @@ if target_node is None: common_error("resource %s does not exist" % rsc_id) return False + + if target_node.tag == 'tag': + return set_deep_meta_attr_tag(target_node, attr, value) if not (target_node.tag == "primitive" and target_node.getparent().tag == "group"): target_node = xmlutil.get_topmost_rsc(target_node) - return set_deep_meta_attr_node(target_node, attr, value) + if not set_deep_meta_attr_node(target_node, attr, value): + return False + return xmlutil.commit_rsc(target_node) def cleanup_resource(rsc, node=''): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/utils.py new/crmsh/modules/utils.py --- old/crmsh/modules/utils.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/utils.py 2014-04-11 09:31:00.000000000 +0200 @@ -380,7 +380,8 @@ cmd = "(%s; rm -f %s)" % (cmd, dotfile) if options.regression_tests: print ".EXT", cmd - subprocess.Popen(cmd, shell=True, bufsize=0, stdin=None, stdout=None, stderr=None, close_fds=True) + subprocess.Popen(cmd, shell=True, bufsize=0, + stdin=None, stdout=None, stderr=None, close_fds=True) common_info("starting %s to show %s" % (config.core.dotty, desc)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/modules/xmlutil.py new/crmsh/modules/xmlutil.py --- old/crmsh/modules/xmlutil.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/modules/xmlutil.py 2014-04-11 09:31:00.000000000 +0200 @@ -887,7 +887,7 @@ def filter_on_type(cl, obj_type): - if type(cl[0]) == type([]): + if isinstance(cl[0], list): l = [cli_list for cli_list in cl if cli_list[0][0] == obj_type] if config.core.sort_elements: l.sort(cmp=cmp) @@ -958,7 +958,8 @@ ''' if not cl: return [] - return nodes_cli(cl) + templates_cli(cl) + primitives_cli(cl) + groups_cli(cl) + mss_cli(cl) + clones_cli(cl) \ + return nodes_cli(cl) + templates_cli(cl) + primitives_cli(cl) \ + + groups_cli(cl) + mss_cli(cl) + clones_cli(cl) \ + constraints_cli(cl) + fencing_topology_cli(cl) + properties_cli(cl) \ + ops_cli(cl) + acls_cli(cl) @@ -1311,18 +1312,18 @@ if a.tag != b.tag: return fail("tags differ: %s != %s" % (a.tag, b.tag)) - if a.attrib != b.attrib: + elif a.attrib != b.attrib: return fail("attributes differ: %s != %s" % (a.attrib, b.attrib)) - if safe_strip(a.text) != safe_strip(b.text): + elif safe_strip(a.text) != safe_strip(b.text): return fail("text differ %s != %s" % (repr(a.text), repr(b.text))) - if safe_strip(a.tail) != safe_strip(b.tail): + elif safe_strip(a.tail) != safe_strip(b.tail): return fail("tails differ: %s != %s" % (a.tail, b.tail)) - if len(a) != len(b): + elif len(a) != len(b): return fail("number of children differ") + elif len(a) == 0: + return True sorted_children = zip(sorted(a, key=sortby), sorted(b, key=sortby)) - if sorted_children: - return all(xml_equals_unordered(a, b) for a, b in sorted_children) - return True + return all(xml_equals_unordered(a, b) for a, b in sorted_children) def xml_equals(n, m, show=False): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh/test/unittests/test_parse.py new/crmsh/test/unittests/test_parse.py --- old/crmsh/test/unittests/test_parse.py 2014-04-07 22:28:33.000000000 +0200 +++ new/crmsh/test/unittests/test_parse.py 2014-04-11 09:31:00.000000000 +0200 @@ -362,6 +362,19 @@ out = self.parser.parse('fencing_topology vbox4: stonith-vbox3-1-off,stonith-vbox3-2-off,stonith-vbox3-1-on,stonith-vbox3-2-on') self.assertEqual(1, len(out.levels)) + def test_tag(self): + out = self.parser.parse('tag tag1: one two three') + self.assertEqual(out.id, 'tag1') + self.assertEqual(out.resources, ['one', 'two', 'three']) + self.assertEqual([['tag', [['id', 'tag1']]], ['one', 'two', 'three']], + out.to_list()) + + out = self.parser.parse('tag tag1:') + self.assertFalse(out) + + out = self.parser.parse('tag tag1:: foo') + self.assertFalse(out) + def _parse_lines(self, lines): out = [] for line in lines2cli(lines): -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit rabbitmq-server for openSUSE:Factory
by root＠hilbert.suse.de 20 Apr '14

20 Apr '14

Hello community, here is the log from the commit of package rabbitmq-server for openSUSE:Factory checked in at 2014-04-20 11:36:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rabbitmq-server (Old) and /work/SRC/openSUSE:Factory/.rabbitmq-server.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rabbitmq-server" Changes: -------- --- /work/SRC/openSUSE:Factory/rabbitmq-server/rabbitmq-server.changes 2014-04-05 21:41:30.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.rabbitmq-server.new/rabbitmq-server.changes 2014-04-20 11:36:44.000000000 +0200 @@ -1,0 +2,6 @@ +Thu Apr 10 10:25:08 UTC 2014 - matwey.kornilov(a)gmail.com + +- require epmd.socket in .service in order not to start earlier + than epmd.socket + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rabbitmq-server.service ++++++ --- /var/tmp/diff_new_pack.sRWlRH/_old 2014-04-20 11:36:45.000000000 +0200 +++ /var/tmp/diff_new_pack.sRWlRH/_new 2014-04-20 11:36:45.000000000 +0200 @@ -1,6 +1,7 @@ [Unit] Description=RabbitMQ broker -After=syslog.target network.target +After=epmd.socket syslog.target network.target +Requires=epmd.socket [Service] Type=simple -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0