September 2014 - openSUSE Commits - openSUSE Mailing Lists

commit ltrace for openSUSE:Factory
by root＠hilbert.suse.de 04 Sep '14

04 Sep '14

Hello community, here is the log from the commit of package ltrace for openSUSE:Factory checked in at 2014-09-04 07:55:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ltrace (Old) and /work/SRC/openSUSE:Factory/.ltrace.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ltrace" Changes: -------- --- /work/SRC/openSUSE:Factory/ltrace/ltrace.changes 2013-12-23 12:32:49.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.ltrace.new/ltrace.changes 2014-09-04 07:55:57.000000000 +0200 @@ -1,0 +2,56 @@ +Tue Sep 2 17:35:50 UTC 2014 - schwab(a)linux-m68k.org + +- Update to git rev 6c6bcc3 + ** Prototype libraries + - Each DSO can now ship an ltrace config file (called prototype + library) that ltrace will open when that DSO is loaded to process + image. See ltrace(1) for details. + + - ltrace.conf is no longer part of installation tarball. Instead, + we now ship libc.so.conf, libm.so.conf, libacl.so.conf, and + syscalls.conf. Those are now istalled to /usr/share/ltrace by + default. /etc/ltrace.conf and $HOME/.ltrace.conf are still + loaded if present, and can contain arbitrary user configuration. + + - The option -F was retrofitted to be a colon-separated list of + prototype libraries, and directories to look for prototype + libraries in. On Linux, ltrace looks into XDG_CONFIG_HOME, + XDG_CONFIG_DIRS, and /usr/share/ltrace as well. + + - Wide character strings are supported in prototypes. Use "string" + lens as usual, but use array of integers as underlying type. + libc.so.conf now contains prototypes of wide character functions. + + - Sole void function parameter such as in the following example, is + now considered obsolete: + + | int fork(void); | + + This use is still accepted, taken to mean "hide(int)", but + produces a warning, and will be removed in future. + + - Prototypes are now read from DWARF debug info, if available. This + complements the data available in config files + + ** Architectural support + - MIPS and MIPSel are now handled by the same backend. + - ARMv6, ARMv7 and ARMv8 (AArch64) are supported, including full + fetch backend. ARMv8 backend doesn't support tracing of 32-bit + binaries, as currently there's no 32-bit userspace available for + ARM64 processors. + - Imagination Technologies Meta is now supported. + - PowerPC64 ELFv2 little-endian ABI is now supported including full + fetch backend. + + - On Linux, tracing of IFUNC symbols is supported. On i386, + x86_64, ppc32 with secure PLT and ppc64, IRELATIVE PLT slots are + traced as well. + + ** -w output now shows full library path + The output format is similar to glibc's backtrace_symbols, e.g.: + > /bin/ls(_init+0x19be) [0x40398e] + > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f50cbc3676d] + > /bin/ls(_init+0x25fd) [0x4045cd] +- Enable for ppc64le and aarch64 + +------------------------------------------------------------------- Old: ---- ltrace-0.7.2.tar.bz2 New: ---- ltrace-0.7.91-g6c6bcc3.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ltrace.spec ++++++ --- /var/tmp/diff_new_pack.wuqsmV/_old 2014-09-04 07:55:58.000000000 +0200 +++ /var/tmp/diff_new_pack.wuqsmV/_new 2014-09-04 07:55:58.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package ltrace # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,10 +17,14 @@ Name: ltrace +BuildRequires: autoconf +BuildRequires: automake BuildRequires: binutils-devel BuildRequires: dejagnu BuildRequires: gcc-c++ +BuildRequires: libdw-devel BuildRequires: libelf-devel +BuildRequires: libtool Url: http://ltrace.org/ # bug437293 %ifarch ppc64 @@ -30,12 +34,13 @@ Summary: Trace the Library and System Calls a Program Makes License: GPL-2.0+ Group: Development/Tools/Debuggers -Version: 0.7.2 +Version: 0.7.91 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build -ExclusiveArch: %ix86 s390 s390x ppc ppc64 %arm x86_64 alpha ia64 m68k +ExclusiveArch: %ix86 s390 s390x ppc ppc64 ppc64le %arm x86_64 alpha ia64 m68k aarch64 Prefix: /usr -Source: ltrace-%{version}.tar.bz2 +%define git_id g6c6bcc3 +Source: ltrace-%{version}-%{git_id}.tar.bz2 Source2: baselibs.conf %description @@ -54,17 +59,10 @@ %setup -q %build +./autogen.sh export CFLAGS="%{optflags} -Wall -Wno-unused-local-typedefs" -./configure --prefix=/usr \ - --sysconfdir=/etc \ - --mandir=%{_mandir} \ - --disable-shared \ -%ifarch armv4l - --build=arm-suse-linux -%else - --build=%{_target_cpu}-suse-linux -%endif -make +%configure --disable-shared +make %{?_smp_mflags} %if 1 if make check then @@ -94,8 +92,8 @@ %defattr(-,root,root) %doc COPYING README %{_target_cpu}-testresults.txt testsuite/%{_target_cpu}-testrun.sum %{_bindir}/ltrace +%{_datadir}/ltrace %{_mandir}/man1/ltrace.1.gz %{_mandir}/man5/ltrace.conf.5.gz -%config /etc/ltrace.conf %changelog -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit libgcrypt for openSUSE:Factory
by root＠hilbert.suse.de 04 Sep '14

04 Sep '14

Hello community, here is the log from the commit of package libgcrypt for openSUSE:Factory checked in at 2014-09-04 07:55:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libgcrypt (Old) and /work/SRC/openSUSE:Factory/.libgcrypt.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libgcrypt" Changes: -------- --- /work/SRC/openSUSE:Factory/libgcrypt/libgcrypt.changes 2014-08-16 15:37:36.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libgcrypt.new/libgcrypt.changes 2014-09-04 07:55:55.000000000 +0200 @@ -1,0 +2,15 @@ +Mon Sep 1 10:57:06 UTC 2014 - vcizek(a)suse.com + +- fix an issue in DRBG patchset + * size_t type is 32-bit on 32-bit systems +- fix a potential NULL pointer deference in DRBG patchset + * patches from https://bugs.g10code.com/gnupg/issue1701 +- added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch +- added v9-0007-User-interface-to-DRBG.patch +- removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch +- removed v7-0007-User-interface-to-DRBG.patch +- add a subpackage for CAVS testing + * add cavs_driver.pl and cavs-test.sh from the kernel cavs package + * added drbg_test.patch + +------------------------------------------------------------------- Old: ---- 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2 0007-User-interface-to-DRBG.patch New: ---- cavs-test.sh cavs_driver.pl drbg_test.patch v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch v9-0007-User-interface-to-DRBG.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libgcrypt.spec ++++++ --- /var/tmp/diff_new_pack.jC7aRw/_old 2014-09-04 07:55:57.000000000 +0200 +++ /var/tmp/diff_new_pack.jC7aRw/_new 2014-09-04 07:55:57.000000000 +0200 @@ -32,6 +32,9 @@ Source2: baselibs.conf # http://www.gnupg.org/signature_key.en.html Source4: %{name}.keyring +# cavs test framework +Source5: cavs-test.sh +Source6: cavs_driver.pl Patch0: %{name}-ppc64.patch Patch1: %{name}-strict-aliasing.patch Patch3: %{name}-1.4.1-rijndael_no_strict_aliasing.patch @@ -49,15 +52,16 @@ #PATCH-FIX-SUSE: bnc#724841, fix a random device opening routine Patch14: libgcrypt-1.6.1-fips-cfgrandom.patch # add support for SP800-90A DRBG (fate#316929, bnc#856312) -Patch21: 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2 +Patch21: v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch Patch22: 0002-Compile-DRBG.patch Patch23: 0003-Function-definitions-of-interfaces-for-random.c.patch Patch24: 0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch Patch25: 0005-Function-definitions-for-gcry_control-callbacks.patch Patch26: 0006-DRBG-specific-gcry_control-requests.patch -Patch27: 0007-User-interface-to-DRBG.patch +Patch27: v9-0007-User-interface-to-DRBG.patch Patch28: libgcrypt-fix-rng.patch Patch29: libgcrypt-init-at-elf-load-fips.patch +Patch30: drbg_test.patch BuildRequires: automake >= 1.11 BuildRequires: libgpg-error-devel >= 1.11 BuildRequires: libtool @@ -65,8 +69,6 @@ %if 0%{?suse_version} > 1310 BuildRequires: fipscheck %endif -# not for base packages to avoid huge cycles -#BuildRequires: gpg-offline %description Libgcrypt is a general purpose library of cryptographic building @@ -111,6 +113,16 @@ This package contains needed files to compile and link against the library. +%package cavs +Summary: The GNU Crypto Library +License: GFDL-1.1 and GPL-2.0+ and LGPL-2.1+ and MIT +Group: Development/Libraries/C and C++ +Requires: %{libsoname} = %{version} +Requires: %{libsoname}-hmac + +%description cavs +CAVS testing framework for libgcrypt + %if 0%{?separate_hmac256_binary} %package hmac256 @@ -150,6 +162,7 @@ %patch27 -p1 %patch28 -p1 %patch29 -p1 +%patch30 -p1 %endif %patch13 -p1 %patch14 -p1 @@ -207,6 +220,12 @@ make DESTDIR=%{buildroot} install %{?_smp_mflags} rm %{buildroot}%{_libdir}/%{name}.la +# cavs +install -m 0755 -d %{buildroot}/%{_libexecdir}/%{name} +install -m 0755 %{SOURCE5} %{buildroot}/%{_libexecdir}/%{name} +install -m 0755 %{SOURCE6} %{buildroot}/%{_libexecdir}/%{name} +mv %{buildroot}%{_bindir}/fipsdrv %{buildroot}/%{_libexecdir}/%{name} +mv %{buildroot}%{_bindir}/drbg_test %{buildroot}/%{_libexecdir}/%{name} %post -n %{libsoname} -p /sbin/ldconfig @@ -255,4 +274,8 @@ %{_bindir}/.hmac256.hmac %doc %{_mandir}/man1/hmac256.1* +%files cavs +%defattr(-,root,root) +%{_libexecdir}/%{name} + %changelog ++++++ cavs-test.sh ++++++ #!/bin/bash # # This is the driver script around the actual FIPS testing # Written by: Stephan MÃŒller <sm(a)atsec.com> # (c) atsec information security corporation # The easiest way to perform the cipher compliance testing # is the following: # # 1. patch/compile/copy the openssl binary with the patch if necessary # (old versions hang when running the MC test if unpatched) # # 2. unpack the test vector ZIP file to a local dir # # 3. set PATH in a way that cavs_driver.pl is found # # 4. go to the local dir where you unzipped the test vector archive and execute # $0 # # 5. send atsec the prepared CAVS_results-*.zip archive found in the same dir DATE=$(date +%Y%m%d) ARCH=$(uname -m) PATH=$PATH:$(pwd) # test interface to be used # can be overridden by passing an argument to this script # possible values are: # openssl OpenSSL (default) # libgcrypt Libgcrypt # cryptoapi Kernel INTERFACE="libgcrypt" if [ "$1" == "-I" -a -n "$2" ]; then INTERFACE="$2" fi for i in $(find ./ -name "*.req"); do ( cd $(dirname $i) || exit 1 # We have to see whether we check on DSA based on path name echo $(dirname $i) | if [ ! $(grep -v DSA) ]; then /usr/lib/libgcrypt/cavs_driver.pl -I $INTERFACE -D $(basename $i) else /usr/lib/libgcrypt/cavs_driver.pl -I $INTERFACE $(basename $i) fi # for CAVS, we have path/req/<testvectors> # and want to have the responses in path/resp/*.rsp if [ $(basename $(dirname $i)) = "req" ]; then mkdir ../resp > /dev/null 2>&1 outfile="$(basename $i .req).rsp" mv "$outfile" ../resp/ fi ) & done wait zip -r CAVS_results-$ARCH-$DATE.zip $(find ./ -name "*.rsp") ++++++ cavs_driver.pl ++++++ ++++ 3072 lines (skipped) ++++++ drbg_test.patch ++++++ ++++ 1303 lines (skipped) ++++++ v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch ++++++ ++++ 2406 lines (skipped) ++++++ v9-0007-User-interface-to-DRBG.patch ++++++ From 581c850aa7ac63086a489480efa4cc0bf8cfd510 Mon Sep 17 00:00:00 2001 From: Stephan Mueller <smueller(a)chronox.de> Date: Thu, 21 Aug 2014 21:26:27 +0200 Subject: [PATCH v9 7/7] User interface to DRBG DRBG Usage ========== The SP 800-90A DRBG allows the user to specify a personalization string for initialization as well as an additional information string for each random number request. The following code fragments show how a caller uses the kernel crypto API to use the full functionality of the DRBG. Usage without any additional data --------------------------------- gcry_randomize(outbuf, OUTLEN, GCRY_STRONG_RANDOM); Usage with personalization string during initialization ------------------------------------------------------- struct drbg_string pers; drbg_string_fill(&pers, "string", strlen("string")); // The reset completely re-initializes the DRBG with the provided // personalization string without changing the DRBG type ret = gcry_control(GCRYCTL_DRBG_REINIT, 0, &pers, NULL); gcry_randomize(outbuf, OUTLEN, GCRY_STRONG_RANDOM); Usage with additional information string during random number request --------------------------------------------------------------------- struct drbg_string addtl; drbg_string_fill(&addtl, "string", strlen("string")); // The following call is a wrapper to gcry_randomize() and returns // the same error codes. gcry_randomize_drbg(outbuf, OUTLEN, GCRY_STRONG_RANDOM, &addtl); Usage with personalization and additional information strings ------------------------------------------------------------- Just mix both scenarios above. Switch the DRBG type to some other type --------------------------------------- // Switch to CTR DRBG AES-128 without prediction resistance ret = gcry_control(GCRYCTL_DRBG_REINIT, DRBG_NOPR_CTRAES128, NULL, NULL); gcry_randomize(outbuf, OUTLEN, GCRY_STRONG_RANDOM); Signed-off-by: Stephan Mueller <smueller(a)chronox.de> --- src/gcrypt.h.in | 157 +++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 144 insertions(+), 13 deletions(-) Index: libgcrypt-1.6.1/src/gcrypt.h.in =================================================================== --- libgcrypt-1.6.1.orig/src/gcrypt.h.in 2014-01-29 10:49:05.000000000 +0100 +++ libgcrypt-1.6.1/src/gcrypt.h.in 2014-09-02 13:45:42.439648231 +0200 @@ -193,7 +193,7 @@ gcry_error_t gcry_err_make_from_errno (g /* Return an error value with the system error ERR. */ gcry_err_code_t gcry_error_from_errno (int err); - + /* NOTE: Since Libgcrypt 1.6 the thread callbacks are not anymore used. However we keep it to allow for some source code compatibility if used in the standard way. */ @@ -228,7 +228,7 @@ struct gcry_thread_cbs (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8))} - + /* A generic context object as used by some functions. */ struct gcry_context; typedef struct gcry_context *gcry_ctx_t; @@ -254,7 +254,7 @@ typedef struct } gcry_buffer_t; - + /* Check that the library fulfills the version requirement. */ const char *gcry_check_version (const char *req_version); @@ -329,7 +329,8 @@ enum gcry_ctl_cmds GCRYCTL_SET_CCM_LENGTHS = 69, GCRYCTL_CLOSE_RANDOM_DEVICE = 70, GCRYCTL_INACTIVATE_FIPS_FLAG = 71, - GCRYCTL_REACTIVATE_FIPS_FLAG = 72 + GCRYCTL_REACTIVATE_FIPS_FLAG = 72, + GCRYCTL_DRBG_REINIT = 74, }; /* Perform various operations defined by CMD. */ @@ -477,7 +478,7 @@ gpg_error_t gcry_sexp_extract_param (gcr const char *list, ...) _GCRY_GCC_ATTR_SENTINEL(0); - + /******************************************* * * * Multi Precision Integer Functions * @@ -833,7 +834,7 @@ gcry_mpi_t _gcry_mpi_get_const (int no); #endif /* GCRYPT_NO_MPI_MACROS */ - + /************************************ * * * Symmetric Cipher Functions * @@ -1015,7 +1016,7 @@ size_t gcry_cipher_get_algo_blklen (int #define gcry_cipher_test_algo(a) \ gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) - + /************************************ * * * Asymmetric Cipher Functions * @@ -1114,7 +1115,7 @@ gcry_sexp_t gcry_pk_get_param (int algo, gcry_error_t gcry_pubkey_get_sexp (gcry_sexp_t *r_sexp, int mode, gcry_ctx_t ctx); - + /************************************ * * @@ -1291,7 +1292,7 @@ void gcry_md_debug (gcry_md_hd_t hd, con #define gcry_md_get_asnoid(a,b,n) \ gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n)) - + /********************************************** * * @@ -1407,7 +1408,7 @@ int gcry_mac_map_name (const char *name) #define gcry_mac_test_algo(a) \ gcry_mac_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) - + /****************************** * * * Key Derivation Functions * @@ -1435,7 +1436,7 @@ gpg_error_t gcry_kdf_derive (const void - + /************************************ * * * Random Generating Functions * @@ -1504,7 +1505,7 @@ void gcry_create_nonce (void *buffer, si - + /*******************************/ /* */ /* Prime Number Functions */ @@ -1563,7 +1564,7 @@ void gcry_prime_release_factors (gcry_mp gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags); - + /************************************ * * * Miscellaneous Stuff * @@ -1668,6 +1669,136 @@ int gcry_is_secure (const void *a) _GCRY /* Return true if Libgcrypt is in FIPS mode. */ #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0) +/* DRBG test data */ +struct drbg_test_data { + struct drbg_string *testentropy; /* TEST PARAMETER: test entropy */ + int fail_seed_source:1; /* if set, the seed function will return an + * error */ +}; + +/* DRBG input data structure for DRBG generate with additional information + * string */ +struct drbg_gen { + unsigned char *outbuf; /* output buffer for random numbers */ + unsigned int outlen; /* size of output buffer */ + struct drbg_string *addtl; /* input buffer for + * additional information string */ + struct drbg_test_data *test_data; /* test data */ +}; + +/* + * Concatenation Helper and string operation helper + * + * SP800-90A requires the concatenation of different data. To avoid copying + * buffers around or allocate additional memory, the following data structure + * is used to point to the original memory with its size. In addition, it + * is used to build a linked list. The linked list defines the concatenation + * of individual buffers. The order of memory block referenced in that + * linked list determines the order of concatenation. + */ +/* DRBG string definition */ +struct drbg_string { + const unsigned char *buf; + size_t len; + struct drbg_string *next; +}; + +static inline void drbg_string_fill(struct drbg_string *string, + const unsigned char *buf, size_t len) +{ + string->buf = buf; + string->len = len; + string->next = NULL; +} + +/* this is a wrapper function for users of libgcrypt */ +static inline void gcry_randomize_drbg(void *outbuf, size_t outlen, + enum gcry_random_level level, + struct drbg_string *addtl) +{ + struct drbg_gen genbuf; + genbuf.outbuf = (unsigned char *)outbuf; + genbuf.outlen = outlen; + genbuf.addtl = addtl; + genbuf.test_data = NULL; + gcry_randomize(&genbuf, 0, level); +} + +/* this is a wrapper function for users of libgcrypt */ +static inline void gcry_randomize_drbg_test(void *outbuf, size_t outlen, + enum gcry_random_level level, + struct drbg_string *addtl, + struct drbg_test_data *test_data) +{ + struct drbg_gen genbuf; + genbuf.outbuf = (unsigned char *)outbuf; + genbuf.outlen = outlen; + genbuf.addtl = addtl; + genbuf.test_data = test_data; + gcry_randomize(&genbuf, 0, level); +} + + +/* + * DRBG flags bitmasks + * + * 31 (B) 28 19 (A) 0 + * +-+-+-+--------+---+-----------+-----+ + * |~|~|u|~~~~~~~~| 3 | 2 | 1 | + * +-+-+-+--------+- -+-----------+-----+ + * ctl flg| |drbg use selection flags + * + */ + +/* internal state control flags (B) */ +#define DRBG_PREDICTION_RESIST ((u_int32_t)1<<28) + +/* CTR type modifiers (A.1)*/ +#define DRBG_CTRAES ((u_int32_t)1<<0) +#define DRBG_CTRSERPENT ((u_int32_t)1<<1) +#define DRBG_CTRTWOFISH ((u_int32_t)1<<2) +#define DRBG_CTR_MASK (DRBG_CTRAES | DRBG_CTRSERPENT | DRBG_CTRTWOFISH) + +/* HASH type modifiers (A.2)*/ +#define DRBG_HASHSHA1 ((u_int32_t)1<<4) +#define DRBG_HASHSHA224 ((u_int32_t)1<<5) +#define DRBG_HASHSHA256 ((u_int32_t)1<<6) +#define DRBG_HASHSHA384 ((u_int32_t)1<<7) +#define DRBG_HASHSHA512 ((u_int32_t)1<<8) +#define DRBG_HASH_MASK (DRBG_HASHSHA1 | DRBG_HASHSHA224 | \ + DRBG_HASHSHA256 | DRBG_HASHSHA384 | \ + DRBG_HASHSHA512) +/* type modifiers (A.3)*/ +#define DRBG_HMAC ((u_int32_t)1<<12) +#define DRBG_SYM128 ((u_int32_t)1<<13) +#define DRBG_SYM192 ((u_int32_t)1<<14) +#define DRBG_SYM256 ((u_int32_t)1<<15) +#define DRBG_TYPE_MASK (DRBG_HMAC | DRBG_SYM128 | DRBG_SYM192 | \ + DRBG_SYM256) +#define DRBG_CIPHER_MASK (DRBG_CTR_MASK | DRBG_HASH_MASK | DRBG_TYPE_MASK) + +#define DRBG_PR_CTRAES128 (DRBG_PREDICTION_RESIST | DRBG_CTRAES | DRBG_SYM128) +#define DRBG_PR_CTRAES192 (DRBG_PREDICTION_RESIST | DRBG_CTRAES | DRBG_SYM192) +#define DRBG_PR_CTRAES256 (DRBG_PREDICTION_RESIST | DRBG_CTRAES | DRBG_SYM256) +#define DRBG_NOPR_CTRAES128 (DRBG_CTRAES | DRBG_SYM128) +#define DRBG_NOPR_CTRAES192 (DRBG_CTRAES | DRBG_SYM192) +#define DRBG_NOPR_CTRAES256 (DRBG_CTRAES | DRBG_SYM256) +#define DRBG_PR_HASHSHA1 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA1) +#define DRBG_PR_HASHSHA256 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA256) +#define DRBG_PR_HASHSHA384 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA384) +#define DRBG_PR_HASHSHA512 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA512) +#define DRBG_NOPR_HASHSHA1 (DRBG_HASHSHA1) +#define DRBG_NOPR_HASHSHA256 (DRBG_HASHSHA256) +#define DRBG_NOPR_HASHSHA384 (DRBG_HASHSHA384) +#define DRBG_NOPR_HASHSHA512 (DRBG_HASHSHA512) +#define DRBG_PR_HMACSHA1 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA1 | DRBG_HMAC) +#define DRBG_PR_HMACSHA256 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA256|DRBG_HMAC) +#define DRBG_PR_HMACSHA384 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA384|DRBG_HMAC) +#define DRBG_PR_HMACSHA512 (DRBG_PREDICTION_RESIST | DRBG_HASHSHA512|DRBG_HMAC) +#define DRBG_NOPR_HMACSHA1 (DRBG_HASHSHA1 | DRBG_HMAC) +#define DRBG_NOPR_HMACSHA256 (DRBG_HASHSHA256 | DRBG_HMAC) +#define DRBG_NOPR_HMACSHA384 (DRBG_HASHSHA384 | DRBG_HMAC) +#define DRBG_NOPR_HMACSHA512 (DRBG_HASHSHA512 | DRBG_HMAC) #if 0 /* (Keep Emacsens' auto-indent happy.) */ { N§²æìržyéZ)z{.±ç(húéì¹»®&Þ¢§²ë¢ž¢¶v+b¢v¥rŠjwlzf¢^Ë¬yÊ&+~éi¢§²ë¢ž

1 0

commit cups for openSUSE:Factory
by root＠hilbert.suse.de 04 Sep '14

04 Sep '14

Hello community, here is the log from the commit of package cups for openSUSE:Factory checked in at 2014-09-04 07:55:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cups (Old) and /work/SRC/openSUSE:Factory/.cups.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "cups" Changes: -------- --- /work/SRC/openSUSE:Factory/cups/cups.changes 2014-05-27 07:09:12.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.cups.new/cups.changes 2014-09-04 07:55:53.000000000 +0200 @@ -1,0 +2,19 @@ +Tue Sep 2 15:48:23 CEST 2014 - jsmeix(a)suse.de + +- Let fdupes only create symlinks in /usr/share/cups/templates/ to + avoid a symlink /usr/share/cups/webcontent/images/cups-icon.png + because the cupsd web server does no longer follow symlinks + to avoid the security issues mentioned in the previous entry + below (fixes bnc#892587 a regression of bnc#887240). + +------------------------------------------------------------------- +Tue Sep 2 15:26:36 CEST 2014 - jsmeix(a)suse.de + +- str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch + fixes that the web interface incorrectly served symlinked files + and files that were not world-readable, potentially leading to + a disclosure of information (CVE-2014-3537 STR #4450 plus the + subsequent CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 STR #4455 + all in bnc#887240). + +------------------------------------------------------------------- New: ---- str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cups.spec ++++++ --- /var/tmp/diff_new_pack.75vzNd/_old 2014-09-04 07:55:54.000000000 +0200 +++ /var/tmp/diff_new_pack.75vzNd/_new 2014-09-04 07:55:54.000000000 +0200 @@ -222,6 +222,11 @@ Patch114: str4351.patch # Patch115 fixes STR #4388: no or malformed output from lpstat in charset other than utf-8 Patch115: cups-1.5.4-strftime.patch +# Patch116 fixes that the web interface incorrectly served symlinked files +# and files that were not world-readable, potentially leading to +# a disclosure of information (CVE-2014-3537 STR #4450 bnc#887240 +# plus the subsequent CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 STR #4455): +Patch116: str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch # Install into this non-root directory (required when norootforbuild is used): BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -386,6 +391,11 @@ %patch114 # Patch115 fixes STR #4388: no or malformed output from lpstat in charset other than utf-8 %patch115 -p1 +# Patch116 fixes that the web interface incorrectly served symlinked files +# and files that were not world-readable, potentially leading to +# a disclosure of information (CVE-2014-3537 STR #4450 bnc#887240 +# plus the subsequent CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 STR #4455): +%patch116 %build # Disable SILENT run of make so that make runs verbose as usual: @@ -576,8 +586,14 @@ # compare https://bugzilla.novell.com/show_bug.cgi?id=784869 # so that fdupes can only run for specific directories where linking files is safe. # Using fdupes -s, which will create symlinks that are easier to grasp for rpm and -# rpmlint will give a "dangling symlink" error if the file and link ended up in different packages: -%fdupes -s %{buildroot}/%{_datadir}/cups +# rpmlint will give a "dangling symlink" error if the file and link ended up in different packages. +# All symlinks created by fdupes are in /usr/share/cups/templates/ +# except /usr/share/cups/webcontent/images/cups-icon.png -> /usr/share/cups/webcontent/images/cups.png +# but that one must not be a symlink because since CUPS 1.7.4/1.7.5 the cupsd web server does no longer +# follow symlink to avoid security issues (see bnc#892587 and bnc#887240 and and the upstream +# issues http://www.cups.org/str.php?L4450 and https://www.cups.org/str.php?L4455) +# so that fdupes should only create symlinks in /usr/share/cups/templates/: +%fdupes -s %{buildroot}/%{_datadir}/cups/templates %pre # Use a real bash script with an explicit "exit 0" at the end to be by default fail safe ++++++ str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch ++++++ --- scheduler/client.c.orig 2014-09-02 11:26:57.000000000 +0200 +++ scheduler/client.c 2014-09-02 12:35:05.000000000 +0200 @@ -3672,51 +3672,72 @@ get_file(cupsd_client_t *con, /* I - C if ((ptr = strchr(filename, '?')) != NULL) *ptr = '\0'; /* * Grab the status for this language; if there isn't a language-specific file * then fallback to the default one... */ - if ((status = stat(filename, filestats)) != 0 && language[0] && + if ((status = lstat(filename, filestats)) != 0 && language[0] && strncmp(con->uri, "/icons/", 7) && strncmp(con->uri, "/ppd/", 5) && strncmp(con->uri, "/rss/", 5) && strncmp(con->uri, "/admin/conf/", 12) && strncmp(con->uri, "/admin/log/", 11)) { /* * Drop the country code... */ language[3] = '\0'; snprintf(filename, len, "%s%s%s", DocumentRoot, language, con->uri); if ((ptr = strchr(filename, '?')) != NULL) *ptr = '\0'; - if ((status = stat(filename, filestats)) != 0) + if ((status = lstat(filename, filestats)) != 0) { /* * Drop the language prefix and try the root directory... */ language[0] = '\0'; snprintf(filename, len, "%s%s", DocumentRoot, con->uri); if ((ptr = strchr(filename, '?')) != NULL) *ptr = '\0'; - status = stat(filename, filestats); + status = lstat(filename, filestats); } } /* - * If we're found a directory, get the index.html file instead... + * If we've found a symlink, 404 the sucker to avoid disclosing information. + */ + + if (!status && S_ISLNK(filestats->st_mode)) + { + cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Symlinks such as \"%s\" are not allowed.", con->http.fd, filename); + return (NULL); + } + + /* + * Similarly, if the file/directory does not have world read permissions, do + * not allow access... + */ + + if (!status && !(filestats->st_mode & S_IROTH)) + { + cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename); + return (NULL); + } + + /* + * If we've found a directory, get the index.html file instead... */ if (!status && S_ISDIR(filestats->st_mode)) { /* * Make sure the URI ends with a slash... */ @@ -3749,58 +3770,79 @@ get_file(cupsd_client_t *con, /* I - C if ((ptr = strchr(filename, '?')) != NULL) *ptr = '\0'; ptr = filename + strlen(filename); plen = len - (ptr - filename); strlcpy(ptr, "index.html", plen); - status = stat(filename, filestats); + status = lstat(filename, filestats); #ifdef HAVE_JAVA if (status) { strlcpy(ptr, "index.class", plen); - status = stat(filename, filestats); + status = lstat(filename, filestats); } #endif /* HAVE_JAVA */ #ifdef HAVE_PERL if (status) { strlcpy(ptr, "index.pl", plen); - status = stat(filename, filestats); + status = lstat(filename, filestats); } #endif /* HAVE_PERL */ #ifdef HAVE_PHP if (status) { strlcpy(ptr, "index.php", plen); - status = stat(filename, filestats); + status = lstat(filename, filestats); } #endif /* HAVE_PHP */ #ifdef HAVE_PYTHON if (status) { strlcpy(ptr, "index.pyc", plen); - status = stat(filename, filestats); + status = lstat(filename, filestats); } if (status) { strlcpy(ptr, "index.py", plen); status = stat(filename, filestats); } #endif /* HAVE_PYTHON */ } while (status && language[0]); + + /* + * If we've found a symlink, 404 the sucker to avoid disclosing information. + */ + + if (!status && S_ISLNK(filestats->st_mode)) + { + cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Symlinks such as \"%s\" are not allowed.", con->http.fd, filename); + return (NULL); + } + + /* + * Similarly, if the file/directory does not have world read permissions, do + * not allow access... + */ + + if (!status && !(filestats->st_mode & S_IROTH)) + { + cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename); + return (NULL); + } } cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_file(con=%p(%d), filestats=%p, filename=%p, len=%d) = " "%s", con, con->http.fd, filestats, filename, len, status ? "(null)" : filename); if (status) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit e2fsprogs for openSUSE:Factory
by root＠hilbert.suse.de 04 Sep '14

04 Sep '14

Hello community, here is the log from the commit of package e2fsprogs for openSUSE:Factory checked in at 2014-09-04 07:55:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/e2fsprogs (Old) and /work/SRC/openSUSE:Factory/.e2fsprogs.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "e2fsprogs" Changes: -------- --- /work/SRC/openSUSE:Factory/e2fsprogs/e2fsprogs.changes 2014-07-16 16:37:24.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.e2fsprogs.new/e2fsprogs.changes 2014-09-04 07:55:50.000000000 +0200 @@ -1,0 +2,9 @@ +Tue Sep 2 13:39:35 UTC 2014 - jack(a)suse.cz + +- Update to 1.42.12 + * fix e2fsck bugs when repairing bigalloc filesystems + * fix rare e2fsck bugs discovered by fs fuzzing + * resize2fs will use less memory when resizing large filesystems + ... + +------------------------------------------------------------------- Old: ---- e2fsprogs-1.42.11.tar.gz New: ---- e2fsprogs-1.42.12.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ e2fsprogs.spec ++++++ --- /var/tmp/diff_new_pack.lQXNZH/_old 2014-09-04 07:55:52.000000000 +0200 +++ /var/tmp/diff_new_pack.lQXNZH/_new 2014-09-04 07:55:52.000000000 +0200 @@ -61,7 +61,7 @@ Conflicts: libcom_err-mini-devel %endif # -Version: 1.42.11 +Version: 1.42.12 Release: 0 Summary: Utilities for the Second Extended File System License: GPL-2.0 ++++++ e2fsprogs-1.41.1-splash_support.patch ++++++ --- /var/tmp/diff_new_pack.lQXNZH/_old 2014-09-04 07:55:52.000000000 +0200 +++ /var/tmp/diff_new_pack.lQXNZH/_new 2014-09-04 07:55:52.000000000 +0200 @@ -167,7 +167,7 @@ blk64_t orig_superblock; struct problem_context pctx; + struct splash_ops *sops; - int flags, run_result; + int flags, run_result, was_changed; int journal_size; int sysval, sys_page_size = 4096; @@ -1215,6 +1217,7 @@ int main (int argc, char *argv[]) ++++++ e2fsprogs-1.42.11.tar.gz -> e2fsprogs-1.42.12.tar.gz ++++++ /work/SRC/openSUSE:Factory/e2fsprogs/e2fsprogs-1.42.11.tar.gz /work/SRC/openSUSE:Factory/.e2fsprogs.new/e2fsprogs-1.42.12.tar.gz differ: char 5, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit bluedevil for openSUSE:Factory
by root＠hilbert.suse.de 04 Sep '14

04 Sep '14

Hello community, here is the log from the commit of package bluedevil for openSUSE:Factory checked in at 2014-09-04 07:55:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bluedevil (Old) and /work/SRC/openSUSE:Factory/.bluedevil.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "bluedevil" Changes: -------- --- /work/SRC/openSUSE:Factory/bluedevil/bluedevil.changes 2013-12-23 12:33:25.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.bluedevil.new/bluedevil.changes 2014-09-04 07:55:48.000000000 +0200 @@ -5,0 +6,2 @@ +- Drop remove-unused-bluedevilaction-link-target.patch: it's not + needed with new tarball Old: ---- remove-unused-bluedevilaction-link-target.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bluedevil.spec ++++++ --- /var/tmp/diff_new_pack.DyDv3H/_old 2014-09-04 07:55:49.000000000 +0200 +++ /var/tmp/diff_new_pack.DyDv3H/_new 2014-09-04 07:55:49.000000000 +0200 @@ -31,8 +31,6 @@ Source0: %{name}-%{rversion}.tar.xz Source1: preferences-system-bluetooth.png Patch0: typo2.diff -# PATCH-FIX-UPSTREAM remove-unused-bluedevilaction-link-target.patch -- bluedevilaction was forgotten, so linker can't find it -Patch1: remove-unused-bluedevilaction-link-target.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libbluedevil-devel >= 2.0~rc1 @@ -62,7 +60,6 @@ %prep %setup -q -n %{name}-%{rversion} %patch0 -p1 -%patch1 -p1 %build %cmake_kde4 -d build ++++++ bluedevil-2.0-rc1.tar.xz ++++++ ++++ 41325 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit kdump for openSUSE:Factory
by root＠hilbert.suse.de 04 Sep '14

04 Sep '14

Hello community, here is the log from the commit of package kdump for openSUSE:Factory checked in at 2014-09-04 07:55:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kdump (Old) and /work/SRC/openSUSE:Factory/.kdump.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "kdump" Changes: -------- --- /work/SRC/openSUSE:Factory/kdump/kdump.changes 2014-08-20 17:51:52.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.kdump.new/kdump.changes 2014-09-04 07:55:47.000000000 +0200 @@ -1,0 +2,7 @@ +Mon Sep 1 14:21:38 UTC 2014 - juwolf(a)suse.com + +- Write proper regex into multipath.conf to prevent syntax error there + (bnc#883883) + Add: 0001-multipath-Write-proper-regex-into-multipath-conf.patch + +------------------------------------------------------------------- New: ---- 0001-multipath-Write-proper-regex-into-multipath-conf.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kdump.spec ++++++ --- /var/tmp/diff_new_pack.9LSvXr/_old 2014-09-04 07:55:48.000000000 +0200 +++ /var/tmp/diff_new_pack.9LSvXr/_new 2014-09-04 07:55:48.000000000 +0200 @@ -64,6 +64,7 @@ Source: %{name}-%{version}.tar.bz2 Source2: %{name}-rpmlintrc Source3: kdump.service +Patch0: 0001-multipath-Write-proper-regex-into-multipath-conf.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build # rename "kdump-helpers" (10.3) -> "kdump" (11.0/SP2) Provides: kdump-helpers = %{version} @@ -101,6 +102,7 @@ %prep %setup +%patch0 -p1 %build export CFLAGS="%optflags" ++++++ 0001-multipath-Write-proper-regex-into-multipath-conf.patch ++++++ >From 4ce21a05fdfa91cb894d140c1962b29fb4b1431a Mon Sep 17 00:00:00 2001 From: Julian Wolf <juwolf(a)suse.de> Date: Mon, 1 Sep 2014 15:46:21 +0200 Subject: multipath: Write proper regex into multipath.conf Signed-off-by: Julian Wolf <juwolf(a)suse.de> --- kdumptool/multipath.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kdumptool/multipath.cc b/kdumptool/multipath.cc index 4ffe493..a9acafc 100644 --- a/kdumptool/multipath.cc +++ b/kdumptool/multipath.cc @@ -206,7 +206,7 @@ void AddBlacklistHandler::outputLine(const string &raw) // ----------------------------------------------------------------------------- void AddBlacklistHandler::doBlacklist(lineHandler handler) { - (this->*handler)("\twwid \"*\"\n"); + (this->*handler)("\twwid \".*\"\n"); m_blacklist_done = true; } -- 1.8.1.4 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit yast2-packager for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package yast2-packager for openSUSE:Factory checked in at 2014-09-03 18:21:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-packager (Old) and /work/SRC/openSUSE:Factory/.yast2-packager.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-packager" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-packager/yast2-packager.changes 2014-08-20 17:54:21.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-packager.new/yast2-packager.changes 2014-09-03 21:23:48.000000000 +0200 @@ -1,0 +2,13 @@ +Tue Sep 2 11:59:32 UTC 2014 - ancor(a)suse.com + +- Use DM device for encrypted partitions during test mount + (bnc#889334) +- 3.1.44 + +------------------------------------------------------------------- +Mon Sep 1 14:16:27 UTC 2014 - ancor(a)suse.com + +- Use options from partitioner during test mount (bnc#873180) +- 3.1.43 + +------------------------------------------------------------------- Old: ---- yast2-packager-3.1.42.tar.bz2 New: ---- yast2-packager-3.1.44.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-packager.spec ++++++ --- /var/tmp/diff_new_pack.Ef0UxX/_old 2014-09-03 21:23:49.000000000 +0200 +++ /var/tmp/diff_new_pack.Ef0UxX/_new 2014-09-03 21:23:49.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-packager -Version: 3.1.42 +Version: 3.1.44 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-packager-3.1.42.tar.bz2 -> yast2-packager-3.1.44.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/package/yast2-packager.changes new/yast2-packager-3.1.44/package/yast2-packager.changes --- old/yast2-packager-3.1.42/package/yast2-packager.changes 2014-08-18 16:14:14.000000000 +0200 +++ new/yast2-packager-3.1.44/package/yast2-packager.changes 2014-09-03 14:04:10.000000000 +0200 @@ -1,4 +1,17 @@ ------------------------------------------------------------------- +Tue Sep 2 11:59:32 UTC 2014 - ancor(a)suse.com + +- Use DM device for encrypted partitions during test mount + (bnc#889334) +- 3.1.44 + +------------------------------------------------------------------- +Mon Sep 1 14:16:27 UTC 2014 - ancor(a)suse.com + +- Use options from partitioner during test mount (bnc#873180) +- 3.1.43 + +------------------------------------------------------------------- Mon Aug 18 12:57:01 UTC 2014 - lslezak(a)suse.cz - fixed adding of new SLP and CD/DVD repositories diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/package/yast2-packager.spec new/yast2-packager-3.1.44/package/yast2-packager.spec --- old/yast2-packager-3.1.42/package/yast2-packager.spec 2014-08-18 16:14:14.000000000 +0200 +++ new/yast2-packager-3.1.44/package/yast2-packager.spec 2014-09-03 14:04:10.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-packager -Version: 3.1.42 +Version: 3.1.44 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/src/modules/SpaceCalculation.rb new/yast2-packager-3.1.44/src/modules/SpaceCalculation.rb --- old/yast2-packager-3.1.42/src/modules/SpaceCalculation.rb 2014-08-18 16:14:14.000000000 +0200 +++ new/yast2-packager-3.1.44/src/modules/SpaceCalculation.rb 2014-09-03 14:04:10.000000000 +0200 @@ -653,8 +653,14 @@ end used = 0 - if !(Ops.get_boolean(part, "create", false) || - Ops.get_boolean(part, "format", false)) + # If reusing a previously existent filesystem + if !(part["create"] || part["format"]) + + # Mount the filesystem to check the available space. + # FIXME: libstorage provides functions to query free + # information for devices (even caching the information). + # This part should be refactored to rely on libstorage. + tmpdir = Convert.to_string(SCR.Read(path(".target.tmpdir"))) tmpdir = Ops.add(tmpdir, "/diskspace_mount") SCR.Execute( @@ -662,8 +668,11 @@ Builtins.sformat("test -d %1 || mkdir -p %1", tmpdir) ) + # mount options determined by partitioner + mount_options = (part["fstopt"] || "").split(",") + # mount in read-only mode (safer) - mount_options = ["ro"] + mount_options << "ro" # add "nolock" if it's a NFS share (bnc#433893) if used_fs == :nfs @@ -672,12 +681,16 @@ end # join the options - mount_options_str = Builtins.mergestring(mount_options, ",") + mount_options_str = mount_options.uniq.join(",") + + # Use DM device if it's encrypted, plain device otherwise + # (bnc#889334) + device = part["crypt_device"] || part["device"] || "" mount_command = Builtins.sformat( "/bin/mount -o %1 %2 %3", mount_options_str, - Ops.get_string(part, "device", ""), + device, tmpdir ) @@ -717,7 +730,7 @@ else Builtins.y2error( "Mount failed, ignoring partition %1", - Ops.get_string(part, "device", "") + device ) @failed_mounts = Builtins.add(@failed_mounts, part) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/test/Makefile.am new/yast2-packager-3.1.44/test/Makefile.am --- old/yast2-packager-3.1.42/test/Makefile.am 2014-08-18 16:14:14.000000000 +0200 +++ new/yast2-packager-3.1.44/test/Makefile.am 2014-09-03 14:04:10.000000000 +0200 @@ -1,6 +1,7 @@ TESTS = \ addon_product_test.rb \ - packages_test.rb + packages_test.rb \ + space_calculation_test.rb TEST_EXTENSIONS = .rb RB_LOG_COMPILER = rspec diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/test/data/luks_target_map.yml new/yast2-packager-3.1.44/test/data/luks_target_map.yml --- old/yast2-packager-3.1.42/test/data/luks_target_map.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-packager-3.1.44/test/data/luks_target_map.yml 2014-09-03 14:04:10.000000000 +0200 @@ -0,0 +1,147 @@ +--- +"/dev/btrfs": + device: "/dev/btrfs" + name: btrfs + partitions: [] + type: :CT_BTRFS + used_by_device: '' + used_by_type: :UB_NONE +"/dev/sda": + bios_id: '0x80' + bus: IDE + cyl_count: 16709 + cyl_size: 8225280 + device: "/dev/sda" + driver: ahci + driver_module: ahci + label: msdos + max_logical: 255 + max_primary: 4 + model: HARDDISK + name: sda + partitions: + - detected_fs: :swap + device: "/dev/sda1" + fsid: 130 + fstype: Linux swap + inactive: true + mount: swap + mountby: :uuid + name: sda1 + nr: 1 + region: + - 0 + - 262 + size_k: 2103296 + type: :primary + udev_id: + - ata-VBOX_HARDDISK_VB57271fd6-27adef38-part1 + - scsi-0ATA_VBOX_HARDDISK_VB57271fd6-27adef38-part1 + - scsi-1ATA_VBOX_HARDDISK_VB57271fd6-27adef38-part1 + - scsi-SATA_VBOX_HARDDISK_VB57271fd6-27adef38-part1 + udev_path: pci-0000:00:1f.2-ata-1.0-part1 + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :swap + uuid: f5f25b5d-22fd-4ed3-9134-715bc1899db5 + - boot: true + detected_fs: :btrfs + device: "/dev/sda2" + format: true + fsid: 131 + fstype: Linux native + inactive: true + mount: "/" + mountby: :uuid + name: sda2 + nr: 2 + region: + - 261 + - 5224 + size_k: 41946112 + subvol: + - create: true + name: "@/boot/grub2/i386-pc" + - create: true + name: "@/boot/grub2/x86_64-efi" + - create: true + name: "@/opt" + - create: true + name: "@/srv" + - create: true + name: "@/tmp" + - create: true + name: "@/usr/local" + - create: true + name: "@/var/crash" + - create: true + name: "@/var/lib/mailman" + - create: true + name: "@/var/lib/named" + - create: true + name: "@/var/lib/pgsql" + - create: true + name: "@/var/log" + - create: true + name: "@/var/opt" + - create: true + name: "@/var/spool" + - create: true + name: "@/var/tmp" + type: :primary + udev_id: + - ata-VBOX_HARDDISK_VB57271fd6-27adef38-part2 + - scsi-0ATA_VBOX_HARDDISK_VB57271fd6-27adef38-part2 + - scsi-1ATA_VBOX_HARDDISK_VB57271fd6-27adef38-part2 + - scsi-SATA_VBOX_HARDDISK_VB57271fd6-27adef38-part2 + udev_path: pci-0000:00:1f.2-ata-1.0-part2 + used_by: + - device: '12345' + type: :UB_BTRFS + used_by_device: '12345' + used_by_type: :UB_BTRFS + used_fs: :btrfs + userdata: + "/": snapshots + uuid: '12345' + - crypt_device: "/dev/mapper/cr_ata-VBOX_HARDDISK_VB57271fd6-27adef38-part3" + detected_fs: :xfs + device: "/dev/sda3" + enc_type: :luks + fsid: 131 + fstype: Linux native + inactive: true + mount: "/home" + mountby: :uuid + name: sda3 + nr: 3 + region: + - 5484 + - 11225 + size_k: 90165248 + type: :primary + udev_id: + - ata-VBOX_HARDDISK_VB57271fd6-27adef38-part3 + - scsi-0ATA_VBOX_HARDDISK_VB57271fd6-27adef38-part3 + - scsi-1ATA_VBOX_HARDDISK_VB57271fd6-27adef38-part3 + - scsi-SATA_VBOX_HARDDISK_VB57271fd6-27adef38-part3 + udev_path: pci-0000:00:1f.2-ata-1.0-part3 + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :xfs + uuid: bcbd324b-dcae-478e-94a6-fa6ef1a4a663 + proposal_name: 1. IDE Disk, 128.00 GiB, /dev/sda, VBOX-HARDDISK + sector_size: 512 + size_k: 134217728 + transport: :sata + type: :CT_DISK + udev_id: + - ata-VBOX_HARDDISK_VB57271fd6-27adef38 + - scsi-0ATA_VBOX_HARDDISK_VB57271fd6-27adef38 + - scsi-1ATA_VBOX_HARDDISK_VB57271fd6-27adef38 + - scsi-SATA_VBOX_HARDDISK_VB57271fd6-27adef38 + udev_path: pci-0000:00:1f.2-ata-1.0 + unique: 3OOL.F0a81fNDOj7 + used_by_device: '' + used_by_type: :UB_NONE + vendor: VBOX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/test/data/nfs_target_map.yml new/yast2-packager-3.1.44/test/data/nfs_target_map.yml --- old/yast2-packager-3.1.42/test/data/nfs_target_map.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-packager-3.1.44/test/data/nfs_target_map.yml 2014-09-03 14:04:10.000000000 +0200 @@ -0,0 +1,81 @@ +--- +"/dev/nfs": + device: "/dev/nfs" + name: nfs + partitions: + - detected_fs: :nfs + device: nfs-host:/nfsroot + fstopt: noatime,nfsvers=3,nolock + fstype: NFS + inactive: true + mount: "/" + mountby: :device + name: nfs-host:/nfsroot + size_k: 528336896 + type: :nfs + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :nfs + type: :CT_NFS + used_by_device: '' + used_by_type: :UB_NONE +"/dev/sda": + bus: SCSI + cyl_count: 913 + cyl_size: 8225280 + device: "/dev/sda" + driver: hv_storvsc + driver_module: hv_storvsc + label: msdos + max_logical: 255 + max_primary: 4 + model: Virtual Disk + name: sda + partitions: + - detected_fs: :swap + device: "/dev/sda1" + fsid: 130 + fstype: Linux swap + name: sda1 + nr: 1 + region: + - 0 + - 17 + size_k: 128000 + type: :primary + udev_id: + - scsi-14d53465420202020f0b629d55569424d87c45d5d487ba648-part1 + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :swap + uuid: 650ac9f8-affc-4951-8c71-494d1606fb56 + - boot: true + detected_fs: :ext4 + device: "/dev/sda2" + fsid: 131 + fstype: Linux native + label: ar_sl12-dev + name: sda2 + nr: 2 + region: + - 126 + - 787 + size_k: 6313984 + type: :primary + udev_id: + - scsi-14d53465420202020f0b629d55569424d87c45d5d487ba648-part2 + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :ext4 + uuid: 9fe51394-d7de-470c-b176-10996fd09a43 + proposal_name: 1. SCSI Disk, 7.00 GiB, /dev/sda, Msft-Virtual Disk + sector_size: 512 + size_k: 7340032 + transport: :unknown + type: :CT_DISK + udev_id: + - scsi-14d53465420202020f0b629d55569424d87c45d5d487ba648 + unique: R7kM.3NysQ6jC4p5 + used_by_device: '' + used_by_type: :UB_NONE + vendor: Msft diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/test/data/xfs_target_map.yml new/yast2-packager-3.1.44/test/data/xfs_target_map.yml --- old/yast2-packager-3.1.42/test/data/xfs_target_map.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-packager-3.1.44/test/data/xfs_target_map.yml 2014-09-03 14:04:10.000000000 +0200 @@ -0,0 +1,90 @@ +--- +"/dev/vda": + bios_id: '0x80' + bus: None + cyl_count: 4307 + cyl_size: 8225280 + device: "/dev/vda" + driver: virtio-pci + driver_module: virtio_pci + label: msdos + max_logical: 15 + max_primary: 4 + name: vda + partitions: + - detected_fs: :xfs + device: "/dev/vda1" + fsid: 131 + fstype: Linux native + name: vda1 + nr: 1 + region: + - 0 + - 2220 + size_k: 17830912 + type: :primary + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :xfs + uuid: 00eea959-67c3-4223-a02d-2fd0dcbc725e + - detected_fs: :swap + device: "/dev/vda2" + fsid: 130 + fstype: "Linux \n swap" + inactive: true + mount: swap + mountby: :uuid + name: vda2 + nr: 2 + region: + - 2219 + - 263 + size_k: 2104320 + type: :primary + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :swap + uuid: 47f2f88d-8b05-46f2-b912-212348586d8f + - boot: true + detected_fs: :ext4 + device: "/dev/vda3" + fsid: 131 + fstype: Linux native + name: vda3 + nr: 3 + region: + - 2481 + - 1308 + size_k: 10490880 + type: :primary + fstopt: acl,user_xattr + mount: "/" + mountby: :uuid + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :ext4 + uuid: 4c486a9b-cc25-40ab-9c49-8203e62a8953 + - detected_fs: :xfs + device: "/dev/vda4" + fsid: 131 + fstype: Linux native + name: vda4 + nr: 4 + region: + - 3788 + - 519 + size_k: 4175872 + type: :primary + used_by_device: '' + used_by_type: :UB_NONE + used_fs: :xfs + uuid: 039bbc0d-ebe9-4b0e-ae6b-9b049398143e + proposal_name: '1. Disk, 33.00 GiB, /dev/vda, ' + sector_size: 512 + size_k: 34603008 + transport: :unknown + type: :CT_DISK + unique: KSbE.Fxp0d3BezAE + used_by_device: '' + used_by_type: :UB_NONE + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-packager-3.1.42/test/space_calculation_test.rb new/yast2-packager-3.1.44/test/space_calculation_test.rb --- old/yast2-packager-3.1.42/test/space_calculation_test.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-packager-3.1.44/test/space_calculation_test.rb 2014-09-03 14:04:10.000000000 +0200 @@ -0,0 +1,113 @@ +#! /usr/bin/env rspec + +require_relative "./test_helper" +require 'yaml' + +Yast.import 'WFM' +Yast.import 'Stage' +Yast.import 'Mode' +Yast.import 'SCR' +Yast.import 'SpaceCalculation' + +DATA_PATH = File.join(File.expand_path(File.dirname(__FILE__)), "data") +SCR_TMPDIR_PATH = Yast::Path.new(".target.tmpdir") +SCR_BASH_PATH = Yast::Path.new(".target.bash") + +def stub_target_map(name, with_fstopt) + path = File.join(DATA_PATH, "#{name}_target_map.yml") + tm = YAML.load_file(path) + # Remove the "fstopt" key from every partition + if with_fstopt == false + tm.each do |k,v| + v["partitions"].each {|p| p.delete("fstopt") } + end + end + allow(Yast::WFM).to(receive(:call).with("wrapper_storage", + ["GetTargetMap"]).and_return(tm)) +end + +def expect_to_execute(command) + expect(Yast::SCR).to receive(:Execute).with(SCR_BASH_PATH, command) +end + +describe Yast::SpaceCalculation do + describe "#get_partition_info" do + + context "on test mount during installation" do + before do + allow(Yast::Stage).to receive(:stage).and_return "initial" + allow(Yast::Mode).to receive(:mode).and_return "normal" + + stub_target_map(target_map, with_options) + + allow(Yast::SCR).to receive(:Read).with(SCR_TMPDIR_PATH).and_return "/tmp" + allow(Yast::SCR).to receive(:Execute).with(SCR_BASH_PATH, /^test -d.* mkdir -p/) + allow(Yast::SCR).to receive(:Execute).with(SCR_BASH_PATH, /^\/bin\/umount/) + end + + context "on xfs" do + let(:target_map) { "xfs" } + + context "with mount options" do + let(:with_options) { true } + + it "honours the options and adds 'ro'" do + expect_to_execute(/mount -o acl,user_xattr,ro \/dev\/vda3/).and_return(-1) + Yast::SpaceCalculation.get_partition_info + end + end + + context "without mount options" do + let(:with_options) { false } + + it "uses 'ro'" do + expect_to_execute(/mount -o ro \/dev\/vda3/).and_return(-1) + Yast::SpaceCalculation.get_partition_info + end + end + end + + context "on nfs" do + let(:target_map) { "nfs" } + + context "with mount options" do + let(:with_options) { true } + + it "honours the options and adds 'ro' and 'nolock'" do + expect_to_execute(/mount -o noatime,nfsvers=3,nolock,ro nfs-host:\/nfsroot/).and_return(-1) + Yast::SpaceCalculation.get_partition_info + end + end + + context "without mount options" do + let(:with_options) { false } + + it "uses 'ro,nolock'" do + expect_to_execute(/mount -o ro,nolock nfs-host:\/nfsroot/).and_return(-1) + Yast::SpaceCalculation.get_partition_info + end + end + end + + context "on non encrypted device" do + let(:target_map) { "xfs" } + let(:with_options) { false } + + it "mounts the plain device" do + expect_to_execute(/mount -o ro \/dev\/vda3/).and_return(-1) + Yast::SpaceCalculation.get_partition_info + end + end + + context "on encrypted device" do + let(:target_map) { "luks" } + let(:with_options) { false } + + it "mounts the DM device" do + expect_to_execute(/mount -o ro \/dev\/mapper\/cr_ata-VBOX_HARDDISK_VB57271fd6-27adef38-part3/).and_return(-1) + Yast::SpaceCalculation.get_partition_info + end + end + end + end +end -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit yast2-ntp-client for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package yast2-ntp-client for openSUSE:Factory checked in at 2014-09-03 18:21:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-ntp-client (Old) and /work/SRC/openSUSE:Factory/.yast2-ntp-client.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-ntp-client" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-ntp-client/yast2-ntp-client.changes 2014-08-27 16:53:04.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-ntp-client.new/yast2-ntp-client.changes 2014-09-03 21:23:44.000000000 +0200 @@ -1,0 +2,15 @@ +Tue Sep 2 10:00:18 UTC 2014 - cwh(a)suse.com + +- Using Report.Error to be autoyast-proof +- Fixed variable replacement int gettext string; +- Added linebreaks in too long popup content (bnc#894573) +- 3.1.12 + +------------------------------------------------------------------- +Mon Sep 1 15:34:23 UTC 2014 - cwh(a)suse.com + +- Aligned "Synchronize now" button and "NTP Server Address" box (bnc#893065) +- Fixed checking of return value of "sntp -s" (bnc#893094) +- 3.1.11 + +------------------------------------------------------------------- Old: ---- yast2-ntp-client-3.1.10.tar.bz2 New: ---- yast2-ntp-client-3.1.12.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-ntp-client.spec ++++++ --- /var/tmp/diff_new_pack.d3vuT4/_old 2014-09-03 21:23:45.000000000 +0200 +++ /var/tmp/diff_new_pack.d3vuT4/_new 2014-09-03 21:23:45.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-ntp-client -Version: 3.1.10 +Version: 3.1.12 Release: 0 Summary: YaST2 - NTP Client Configuration License: GPL-2.0+ ++++++ yast2-ntp-client-3.1.10.tar.bz2 -> yast2-ntp-client-3.1.12.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-ntp-client-3.1.10/package/yast2-ntp-client.changes new/yast2-ntp-client-3.1.12/package/yast2-ntp-client.changes --- old/yast2-ntp-client-3.1.10/package/yast2-ntp-client.changes 2014-08-20 16:51:18.000000000 +0200 +++ new/yast2-ntp-client-3.1.12/package/yast2-ntp-client.changes 2014-09-02 16:16:06.000000000 +0200 @@ -1,4 +1,19 @@ ------------------------------------------------------------------- +Tue Sep 2 10:00:18 UTC 2014 - cwh(a)suse.com + +- Using Report.Error to be autoyast-proof +- Fixed variable replacement int gettext string; +- Added linebreaks in too long popup content (bnc#894573) +- 3.1.12 + +------------------------------------------------------------------- +Mon Sep 1 15:34:23 UTC 2014 - cwh(a)suse.com + +- Aligned "Synchronize now" button and "NTP Server Address" box (bnc#893065) +- Fixed checking of return value of "sntp -s" (bnc#893094) +- 3.1.11 + +------------------------------------------------------------------- Wed Aug 20 16:27:49 CEST 2014 - schubi(a)suse.de - Autoyast cloning: Do not show error popup if ntp server has not diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-ntp-client-3.1.10/package/yast2-ntp-client.spec new/yast2-ntp-client-3.1.12/package/yast2-ntp-client.spec --- old/yast2-ntp-client-3.1.10/package/yast2-ntp-client.spec 2014-08-20 16:51:18.000000000 +0200 +++ new/yast2-ntp-client-3.1.12/package/yast2-ntp-client.spec 2014-09-02 16:16:06.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-ntp-client -Version: 3.1.10 +Version: 3.1.12 Release: 0 Summary: YaST2 - NTP Client Configuration License: GPL-2.0+ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-ntp-client-3.1.10/src/clients/ntp-client_proposal.rb new/yast2-ntp-client-3.1.12/src/clients/ntp-client_proposal.rb --- old/yast2-ntp-client-3.1.10/src/clients/ntp-client_proposal.rb 2014-08-20 16:51:18.000000000 +0200 +++ new/yast2-ntp-client-3.1.12/src/clients/ntp-client_proposal.rb 2014-09-02 16:16:06.000000000 +0200 @@ -231,6 +231,7 @@ HWeight( 1, VBox( + VSpacing(0.5), Left( ComboBox( Id(:ntp_address), @@ -264,7 +265,6 @@ 1, VBox( Label(""), - VSpacing(0.3), # try to line up the widgets horizontally # push button label Left(PushButton(Id(:ntp_now), _("S&ynchronize now"))), VSpacing(0.3), @@ -350,23 +350,21 @@ # return: # `success, `invalid_hostname or `ntpdate_failed def Write(param) - param = deep_copy(param) - ret = nil - ntp_servers = Ops.get_list(param, "servers", []) - ntp_server = Ops.get_string(param, "server", "") - run_service = Ops.get_boolean(param, "run_service", true) + ntp_servers = param["servers"] || [] + ntp_server = param["server"] || "" + run_service = param["run_service"] || true if ntp_server == "" # get the value from UI only when it wasn't given as a parameter - ntp_server = Convert.to_string(UI.QueryWidget(Id(:ntp_address), :Value)) + ntp_server = UI.QueryWidget(Id(:ntp_address), :Value) end return :invalid_hostname if !ValidateSingleServer(ntp_server) WriteNtpSettings(ntp_servers, ntp_server, run_service) - return :success if Ops.get_boolean(param, "write_only", false) + return :success if param["write_only"] # One-time adjusment without running the ntp daemon # Meanwhile, ntpdate was replaced by sntp - ntpdate_only = Ops.get_boolean(param, "ntpdate_only", false) + ntpdate_only = param["ntpdate_only"] required_package = "ntp" @@ -393,7 +391,8 @@ ) end end - r = 0 + + ret = 0 if NetworkService.isNetworkRunning #Only if network is running try to synchronize the ntp server Popup.ShowFeedback("", _("Synchronizing with NTP server...")) @@ -403,21 +402,16 @@ # -s: do set the system time # -t 5: timeout of 5 seconds # -l <file>: log to a file to not mess text mode installation - r2 = Convert.to_integer( - SCR.Execute( - path(".target.bash"), - Builtins.sformat( - "/usr/sbin/sntp -l /var/log/YaST2/sntp.log -t 5 -s '%1'", - String.Quote(ntp_server) - ) - ) - ) - Builtins.y2milestone("'sntp %1' returned %2", ntp_server, r2) + ret = SCR.Execute( + path(".target.bash"), + "/usr/sbin/sntp -l /var/log/YaST2/sntp.log -t 5 -s '#{String.Quote(ntp_server)}'" + ) + Builtins.y2milestone("'sntp %1' returned %2", ntp_server, ret) Popup.ClearFeedback end - return :ntpdate_failed if r != 0 + return :ntpdate_failed if ret != 0 # User wants to more than running sntp (synchronize on boot) WriteNtpSettings(ntp_servers, ntp_server, run_service) if !ntpdate_only @@ -427,13 +421,12 @@ # ui = UI::UserInput def ui_handle(ui) - ui = deep_copy(ui) redraw = false if ui == :ntp_configure rv = AskUser() if rv == :invalid_hostname handle_invalid_hostname( - Convert.to_string(UI.QueryWidget(Id(:ntp_address), :Value)) + UI.QueryWidget(Id(:ntp_address), :Value) ) elsif rv == :next && !Stage.initial # show the 'save' status after configuration @@ -443,11 +436,11 @@ if ui == :ntp_now rv = Write({ "ntpdate_only" => true }) if rv == :invalid_hostname - handle_invalid_hostname( - Convert.to_string(UI.QueryWidget(Id(:ntp_address), :Value)) - ) + handle_invalid_hostname(UI.QueryWidget(Id(:ntp_address), :Value)) elsif rv == :success redraw = true # update time widgets + else + Report.Error(_("Connection to selected NTP server failed.")) end end @@ -479,7 +472,9 @@ if Popup.YesNo( Builtins.sformat( _( - "'Test query to server '%1' failed. If server is not yet accessible or network is not configured click 'No' to ignore. Revisit NTP server configuration?" + "Test query to server '%1' failed.\n" + + "If server is not yet accessible or network is not configured\n"+ + "click 'No' to ignore. Revisit NTP server configuration?" ), server ) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit yast2-iscsi-lio-server for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package yast2-iscsi-lio-server for openSUSE:Factory checked in at 2014-09-03 18:29:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-iscsi-lio-server (Old) and /work/SRC/openSUSE:Factory/.yast2-iscsi-lio-server.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-iscsi-lio-server" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-iscsi-lio-server/yast2-iscsi-lio-server.changes 2014-09-02 08:22:30.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-iscsi-lio-server.new/yast2-iscsi-lio-server.changes 2014-09-03 21:23:33.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Sep 3 12:01:01 CEST 2014 - gs(a)suse.de + +- don't log user/password info (additional bug-fix for bnc #893362) +- 3.1.10 + +------------------------------------------------------------------- Old: ---- yast2-iscsi-lio-server-3.1.9.tar.bz2 New: ---- yast2-iscsi-lio-server-3.1.10.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-iscsi-lio-server.spec ++++++ --- /var/tmp/diff_new_pack.bFpI30/_old 2014-09-03 21:23:34.000000000 +0200 +++ /var/tmp/diff_new_pack.bFpI30/_new 2014-09-03 21:23:34.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-iscsi-lio-server -Version: 3.1.9 +Version: 3.1.10 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-iscsi-lio-server-3.1.9.tar.bz2 -> yast2-iscsi-lio-server-3.1.10.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.changes new/yast2-iscsi-lio-server-3.1.10/package/yast2-iscsi-lio-server.changes --- old/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.changes 2014-09-01 16:25:10.000000000 +0200 +++ new/yast2-iscsi-lio-server-3.1.10/package/yast2-iscsi-lio-server.changes 2014-09-03 17:00:07.000000000 +0200 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Wed Sep 3 12:01:01 CEST 2014 - gs(a)suse.de + +- don't log user/password info (additional bug-fix for bnc #893362) +- 3.1.10 + +------------------------------------------------------------------- Wed Aug 27 12:26:10 CEST 2014 - gs(a)suse.de - do not write user/password info to YaST log-file (bnc #893362) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.spec new/yast2-iscsi-lio-server-3.1.10/package/yast2-iscsi-lio-server.spec --- old/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.spec 2014-09-01 16:25:10.000000000 +0200 +++ new/yast2-iscsi-lio-server-3.1.10/package/yast2-iscsi-lio-server.spec 2014-09-03 17:00:07.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-iscsi-lio-server -Version: 3.1.9 +Version: 3.1.10 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.9/src/modules/IscsiLioData.rb new/yast2-iscsi-lio-server-3.1.10/src/modules/IscsiLioData.rb --- old/yast2-iscsi-lio-server-3.1.9/src/modules/IscsiLioData.rb 2014-09-01 16:25:10.000000000 +0200 +++ new/yast2-iscsi-lio-server-3.1.10/src/modules/IscsiLioData.rb 2014-09-03 17:00:07.000000000 +0200 @@ -1318,10 +1318,11 @@ def SetTpgAuth(tgt, tpg, value) ret = true tgt_auth_info = GetTgt(@data, tgt, tpg) - Builtins.y2milestone("SetTpgAuth tgt:%1 tpg:%2 value:%3 auth_info:%4", - tgt, tpg, value, tgt_auth_info) + current_value = tgt_auth_info.fetch("auth", false) + Builtins.y2milestone("SetTpgAuth tgt:%1 tpg:%2 auth:%3 current auth:%4", + tgt, tpg, value, current_value) - value_changed = value != tgt_auth_info.fetch("auth", false) + value_changed = value != current_value if value_changed || tgt_auth_info.empty? auth = value ? "--enableauth" : "--disableauth" cmd = "lio_node #{auth} #{tgt} #{tpg}" -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit yast2-inetd for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package yast2-inetd for openSUSE:Factory checked in at 2014-09-03 18:21:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-inetd (Old) and /work/SRC/openSUSE:Factory/.yast2-inetd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-inetd" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-inetd/yast2-inetd.changes 2014-08-20 17:52:50.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-inetd.new/yast2-inetd.changes 2014-09-03 21:23:29.000000000 +0200 @@ -1,0 +2,6 @@ +Mon Sep 1 12:22:05 UTC 2014 - mvidner(a)suse.com + +- allow tested code to know it is being tested (bnc#893965) +- 3.1.7 + +------------------------------------------------------------------- Old: ---- yast2-inetd-3.1.6.tar.bz2 New: ---- yast2-inetd-3.1.7.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-inetd.spec ++++++ --- /var/tmp/diff_new_pack.lnjbfu/_old 2014-09-03 21:23:30.000000000 +0200 +++ /var/tmp/diff_new_pack.lnjbfu/_new 2014-09-03 21:23:30.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-inetd -Version: 3.1.6 +Version: 3.1.7 Release: 0 Url: https://github.com/yast/yast-inetd ++++++ yast2-inetd-3.1.6.tar.bz2 -> yast2-inetd-3.1.7.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-inetd-3.1.6/package/yast2-inetd.changes new/yast2-inetd-3.1.7/package/yast2-inetd.changes --- old/yast2-inetd-3.1.6/package/yast2-inetd.changes 2014-08-15 16:34:09.000000000 +0200 +++ new/yast2-inetd-3.1.7/package/yast2-inetd.changes 2014-09-01 14:55:13.000000000 +0200 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Mon Sep 1 12:22:05 UTC 2014 - mvidner(a)suse.com + +- allow tested code to know it is being tested (bnc#893965) +- 3.1.7 + +------------------------------------------------------------------- Fri Aug 15 15:43:33 CEST 2014 - locilka(a)suse.com - Fixed adjusting the xinetd service status (bnc#886420) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-inetd-3.1.6/package/yast2-inetd.spec new/yast2-inetd-3.1.7/package/yast2-inetd.spec --- old/yast2-inetd-3.1.6/package/yast2-inetd.spec 2014-08-15 16:34:09.000000000 +0200 +++ new/yast2-inetd-3.1.7/package/yast2-inetd.spec 2014-09-01 14:55:13.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-inetd -Version: 3.1.6 +Version: 3.1.7 Release: 0 Url: https://github.com/yast/yast-inetd diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-inetd-3.1.6/testsuite/run/runtest-ag.sh new/yast2-inetd-3.1.7/testsuite/run/runtest-ag.sh --- old/yast2-inetd-3.1.6/testsuite/run/runtest-ag.sh 2014-08-15 16:34:09.000000000 +0200 +++ new/yast2-inetd-3.1.7/testsuite/run/runtest-ag.sh 2014-09-01 14:55:13.000000000 +0200 @@ -9,6 +9,7 @@ unset Y2DEBUG unset Y2DEBUGGER +export Y2ALLGLOBAL=1 shopt -s expand_aliases alias kick-nonerror-lines="grep -v -e ' <[0-2]> '" -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit yast2 for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package yast2 for openSUSE:Factory checked in at 2014-09-03 18:21:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2 (Old) and /work/SRC/openSUSE:Factory/.yast2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2/yast2.changes 2014-08-30 16:04:16.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2.new/yast2.changes 2014-09-03 21:23:09.000000000 +0200 @@ -1,0 +2,7 @@ +Thu Aug 28 11:17:16 UTC 2014 - jreidinger(a)suse.com + +- fix using changed root in netd agent so it can be used in + installation (bnc#893965) +- 3.1.103 + +------------------------------------------------------------------- Old: ---- yast2-3.1.102.tar.bz2 New: ---- yast2-3.1.103.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2.spec ++++++ --- /var/tmp/diff_new_pack.3aQZai/_old 2014-09-03 21:23:10.000000000 +0200 +++ /var/tmp/diff_new_pack.3aQZai/_new 2014-09-03 21:23:10.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2 -Version: 3.1.102 +Version: 3.1.103 Release: 0 Url: https://github.com/yast/yast-yast2 ++++++ yast2-3.1.102.tar.bz2 -> yast2-3.1.103.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-3.1.102/library/general/src/servers_non_y2/ag_netd new/yast2-3.1.103/library/general/src/servers_non_y2/ag_netd --- old/yast2-3.1.102/library/general/src/servers_non_y2/ag_netd 2014-08-27 14:27:18.000000000 +0200 +++ new/yast2-3.1.103/library/general/src/servers_non_y2/ag_netd 2014-09-01 14:52:08.000000000 +0200 @@ -7,6 +7,8 @@ use ycp; use strict; use File::Basename; +use File::Spec; + my $debug = defined ($ARGV[0]) && $ARGV[0] =~ "^-.*d"; @@ -19,8 +21,9 @@ # Testsuite hack: # Automake invokes dejagnu with an absolute srcdir :( # This will replace the current directory in file names by "./" -# Turn it off by -n -my $strip = ! (defined ($ARGV[0]) && $ARGV[0] =~ "^-.*n"); +# Turn it on only in old testsuite +# TODO remove all this stuff when we drop old testsuite in yast2-inetd +my $strip = defined($ENV{'Y2ALLGLOBAL'}) && ($ENV{'Y2ALLGLOBAL'} eq "1"); my $pwd; if ($strip) { @@ -478,12 +481,14 @@ { if (/^\s*include\s+(\S+)/) { - $class->parse_file ($1); + my $ipath = $strip ? $1 : File::Spec->canonpath(File::Spec->catfile($main::root, $1)); + $class->parse_file ($ipath); $reclineno = 0; } elsif (/^\s*includedir\s+(\S+)/) { - $class->include_dir ($1); + my $ipath = $strip ? $1 : File::Spec->canonpath(File::Spec->catfile($main::root, $1)); + $class->include_dir ($ipath); # Bug 24270: # the include directive must not belong # to the following service @@ -675,6 +680,7 @@ my $netd; # if reading fails, defaulting to no services @services = (); +our $root = "/"; while ( <STDIN> ) { @@ -687,6 +693,17 @@ } my ($command, @arguments) = ycp::ParseTerm ($_); + if ($command eq "SetRoot") + { + ycp::Return(undef); + $root = shift @arguments; + y2milestone("Set root to '$root'"); + my $fn = shift @arguments || "/etc/$netd.conf"; + $fn = File::Spec->canonpath(File::Spec->catfile($root, $fn)) unless $strip; + + $base_file = strip_pwd ($fn); + next; + } if ($command =~ "Netd|Inetd|Xinetd") { # reply to the client (this actually gets eaten by the ScriptingAgent) @@ -694,6 +711,7 @@ print "\n"; $netd = ($command eq "Xinetd")? "xinetd": "inetd"; my $fn = shift @arguments || "/etc/$netd.conf"; + $fn = File::Spec->canonpath(File::Spec->catfile($root, $fn)) unless $strip; $base_file = strip_pwd ($fn); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-3.1.102/package/yast2.changes new/yast2-3.1.103/package/yast2.changes --- old/yast2-3.1.102/package/yast2.changes 2014-08-27 14:27:18.000000000 +0200 +++ new/yast2-3.1.103/package/yast2.changes 2014-09-01 14:52:08.000000000 +0200 @@ -1,4 +1,11 @@ ------------------------------------------------------------------- +Thu Aug 28 11:17:16 UTC 2014 - jreidinger(a)suse.com + +- fix using changed root in netd agent so it can be used in + installation (bnc#893965) +- 3.1.103 + +------------------------------------------------------------------- Wed Aug 27 13:24:34 CEST 2014 - locilka(a)suse.com - Lazy-loading SuSEfirewall2 services - some new services can be diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-3.1.102/package/yast2.spec new/yast2-3.1.103/package/yast2.spec --- old/yast2-3.1.102/package/yast2.spec 2014-08-27 14:27:18.000000000 +0200 +++ new/yast2-3.1.103/package/yast2.spec 2014-09-01 14:52:08.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2 -Version: 3.1.102 +Version: 3.1.103 Release: 0 URL: https://github.com/yast/yast-yast2 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit xinetd for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package xinetd for openSUSE:Factory checked in at 2014-09-03 18:21:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xinetd (Old) and /work/SRC/openSUSE:Factory/.xinetd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "xinetd" Changes: -------- --- /work/SRC/openSUSE:Factory/xinetd/xinetd.changes 2014-06-19 13:19:37.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.xinetd.new/xinetd.changes 2014-09-03 21:21:18.000000000 +0200 @@ -1,0 +2,5 @@ +Fri Aug 29 07:59:05 UTC 2014 - fcrozat(a)suse.com + +- Update license tag to use SPDX 1.2. + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xinetd.spec ++++++ --- /var/tmp/diff_new_pack.5LCKwh/_old 2014-09-03 21:21:20.000000000 +0200 +++ /var/tmp/diff_new_pack.5LCKwh/_new 2014-09-03 21:21:20.000000000 +0200 @@ -21,7 +21,7 @@ Release: 0 Url: http://www.xinetd.org/ Summary: An 'inetd' with Expanded Functionality -License: SUSE-xinetd +License: xinetd Group: Productivity/Networking/System Source0: http://www.xinetd.org/%{name}-%{version}.tar.gz Source1: xinetd.service -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit xf86-video-ast for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package xf86-video-ast for openSUSE:Factory checked in at 2014-09-03 18:22:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xf86-video-ast (Old) and /work/SRC/openSUSE:Factory/.xf86-video-ast.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "xf86-video-ast" Changes: -------- --- /work/SRC/openSUSE:Factory/xf86-video-ast/xf86-video-ast.changes 2014-04-26 06:06:34.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.xf86-video-ast.new/xf86-video-ast.changes 2014-09-03 21:19:53.000000000 +0200 @@ -1,0 +2,24 @@ +Fri Aug 22 08:52:34 UTC 2014 - eich(a)suse.com + +- Update to Version 1.0.1: + This update essentially contains: + * my fixes (which get obsoleted): + u_01-Fix-compiler-warnings-get-rid-if-xf86PciInfo-h.patch + u_02-Fix-compiler-warnings-get-rid-of-deprecated-IOADDRESS.patch + u_03-Fix-compiler-warnings-add-DrawablePtr-argument-to-ASTPutImage.patch + u_04-Clean-up-namespace-in-ast_vgatools.c.patch + u_05-Clean-up-namespace-in-ast_2dtool.c.patch + u_06-Clean-up-namespace-in-ast_cursor.c.patch + u_07-Clean-up-namespace-in-ast_mode.c.patch + u_08-Clean-up-namespace-in-ast_accel.c.patch + u_09-Clean-up-namespace-in-ast_tool.c.patch + u_10-Include-local-headers-only-when-needed.patch + u_11-Fix-typo.patch + u_12-Fix-ABI-version-conflict-in-xf86UnclaimPciSlot.patch + u_13-Move-firmware-for-DP501-to-a-separate-file.patch + u_14-Add-_AST_H_-define-to-ast.h.patch + * Fix for bnc#892723: + Fixed-1600x900-cannot-display-properly.patch + * An update for DP501 support + +------------------------------------------------------------------- Old: ---- u_01-Fix-compiler-warnings-get-rid-if-xf86PciInfo-h.patch u_02-Fix-compiler-warnings-get-rid-of-deprecated-IOADDRESS.patch u_03-Fix-compiler-warnings-add-DrawablePtr-argument-to-ASTPutImage.patch u_04-Clean-up-namespace-in-ast_vgatools.c.patch u_05-Clean-up-namespace-in-ast_2dtool.c.patch u_06-Clean-up-namespace-in-ast_cursor.c.patch u_07-Clean-up-namespace-in-ast_mode.c.patch u_08-Clean-up-namespace-in-ast_accel.c.patch u_09-Clean-up-namespace-in-ast_tool.c.patch u_10-Include-local-headers-only-when-needed.patch u_11-Fix-typo.patch u_12-Fix-ABI-version-conflict-in-xf86UnclaimPciSlot.patch u_13-Move-firmware-for-DP501-to-a-separate-file.patch u_14-Add-_AST_H_-define-to-ast.h.patch xf86-video-ast-0.99.9.tar.bz2 New: ---- xf86-video-ast-1.0.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xf86-video-ast.spec ++++++ --- /var/tmp/diff_new_pack.bw3Zmh/_old 2014-09-03 21:19:55.000000000 +0200 +++ /var/tmp/diff_new_pack.bw3Zmh/_new 2014-09-03 21:19:55.000000000 +0200 @@ -17,27 +17,13 @@ Name: xf86-video-ast -Version: 0.99.9 +Version: 1.0.1 Release: 0 Summary: ASpeed Technologies video driver for the Xorg X server License: MIT Group: System/X11/Servers/XF86_4 Url: http://xorg.freedesktop.org/ Source0: http://xorg.freedesktop.org/releases/individual/driver/%{name}-%{version}.t… -Patch1: u_01-Fix-compiler-warnings-get-rid-if-xf86PciInfo-h.patch -Patch2: u_02-Fix-compiler-warnings-get-rid-of-deprecated-IOADDRESS.patch -Patch3: u_03-Fix-compiler-warnings-add-DrawablePtr-argument-to-ASTPutImage.patch -Patch4: u_04-Clean-up-namespace-in-ast_vgatools.c.patch -Patch5: u_05-Clean-up-namespace-in-ast_2dtool.c.patch -Patch6: u_06-Clean-up-namespace-in-ast_cursor.c.patch -Patch7: u_07-Clean-up-namespace-in-ast_mode.c.patch -Patch8: u_08-Clean-up-namespace-in-ast_accel.c.patch -Patch9: u_09-Clean-up-namespace-in-ast_tool.c.patch -Patch10: u_10-Include-local-headers-only-when-needed.patch -Patch11: u_11-Fix-typo.patch -Patch12: u_12-Fix-ABI-version-conflict-in-xf86UnclaimPciSlot.patch -Patch13: u_13-Move-firmware-for-DP501-to-a-separate-file.patch -Patch14: u_14-Add-_AST_H_-define-to-ast.h.patch BuildRequires: pkg-config BuildRequires: pkgconfig(fontsproto) BuildRequires: pkgconfig(pciaccess) >= 0.8.0 @@ -60,20 +46,6 @@ %prep %setup -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 %build %configure ++++++ xf86-video-ast-0.99.9.tar.bz2 -> xf86-video-ast-1.0.1.tar.bz2 ++++++ ++++ 17221 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit wicked for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package wicked for openSUSE:Factory checked in at 2014-09-03 18:21:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/wicked (Old) and /work/SRC/openSUSE:Factory/.wicked.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "wicked" Changes: -------- --- /work/SRC/openSUSE:Factory/wicked/wicked.changes 2014-08-20 17:53:45.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.wicked.new/wicked.changes 2014-09-03 21:18:11.000000000 +0200 @@ -1,0 +2,16 @@ +Mon Sep 1 19:25:47 UTC 2014 - mt(a)suse.de + +- version 0.6.3 +- client/nanny: lease handling/status fixes (partial bnc#891045), + do not fail when slave/port is missing (bnc#889666,bnc#890275) +- ifstatus: Do not check for config files (bnc#889666,bnc#890275) +- dhcp4: advance secs field for dhcpd min-secs (bnc#889314), + retransmit DHCP4 renewals enter reboot state with valid lease. +- ifevent: increase netlink socket recv buffer size (bnc#884012) +- ipv6: wait for addresses to become usable (bnc#882259) +- fixed completed sit/gre/ipip tunnel support +- dhcp6: initial defer handling and no-addr cleanup (bnc#891045) +- dhcp: apply suse ifcfg dhcp options (bnc#866994) +- ifup/reload: use default timeout if 0 (bnc#892486) + +------------------------------------------------------------------- Old: ---- wicked-0.6.2.tar.bz2 New: ---- wicked-0.6.3.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wicked.spec ++++++ --- /var/tmp/diff_new_pack.P73He2/_old 2014-09-03 21:18:13.000000000 +0200 +++ /var/tmp/diff_new_pack.P73He2/_new 2014-09-03 21:18:13.000000000 +0200 @@ -18,7 +18,7 @@ %define release_prefix %{?snapshot:%{snapshot}}%{!?snapshot:0} Name: wicked -Version: 0.6.2 +Version: 0.6.3 Release: %{release_prefix}.0.0 Summary: Network configuration infrastructure License: GPL-2.0 ++++++ wicked-0.6.2.tar.bz2 -> wicked-0.6.3.tar.bz2 ++++++ ++++ 6819 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit vsftpd for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package vsftpd for openSUSE:Factory checked in at 2014-09-03 18:21:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vsftpd (Old) and /work/SRC/openSUSE:Factory/.vsftpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "vsftpd" Changes: -------- --- /work/SRC/openSUSE:Factory/vsftpd/vsftpd.changes 2014-05-27 12:03:21.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.vsftpd.new/vsftpd.changes 2014-09-03 21:17:40.000000000 +0200 @@ -1,0 +2,6 @@ +Thu Aug 21 14:21:51 UTC 2014 - jmatejek(a)suse.com + +- force using fork() instead of clone() on s390 - fixes bnc#890469 + * vsftpd-3.0.2-s390.patch + +------------------------------------------------------------------- New: ---- vsftpd-3.0.2-s390.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vsftpd.spec ++++++ --- /var/tmp/diff_new_pack.NHnlkt/_old 2014-09-03 21:17:42.000000000 +0200 +++ /var/tmp/diff_new_pack.NHnlkt/_new 2014-09-03 21:17:42.000000000 +0200 @@ -56,6 +56,8 @@ Patch16: vsftpd-root-squashed-chroot.patch #PATCH-FIX-UPSTREAM: bnc#870122 Patch17: vsftpd-enable-gettimeofday-sec.patch +#PATCH-FIX-UPSTREAM: bnc#890469 fix broken syscall on s390 +Patch18: vsftpd-3.0.2-s390.patch BuildRequires: gpg-offline BuildRequires: libcap-devel BuildRequires: openssl-devel @@ -97,6 +99,7 @@ %patch15 -p1 %patch16 -p1 %patch17 -p1 +%patch18 -p1 %build %define seccomp_opts -D_GNU_SOURCE -DUSE_SECCOMP ++++++ vsftpd-3.0.2-s390.patch ++++++ Index: vsftpd-3.0.2/sysdeputil.c =================================================================== --- vsftpd-3.0.2.orig/sysdeputil.c 2014-08-21 16:12:59.845872489 +0200 +++ vsftpd-3.0.2/sysdeputil.c 2014-08-21 16:14:59.641431931 +0200 @@ -66,7 +66,7 @@ #include <utmpx.h> /* BEGIN config */ -#if defined(__linux__) +#if defined(__linux__) && !defined(__s390__) #include <errno.h> #include <syscall.h> #define VSF_SYSDEP_HAVE_LINUX_CLONE -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit vlgothic-fonts for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package vlgothic-fonts for openSUSE:Factory checked in at 2014-09-03 18:22:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vlgothic-fonts (Old) and /work/SRC/openSUSE:Factory/.vlgothic-fonts.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "vlgothic-fonts" Changes: -------- --- /work/SRC/openSUSE:Factory/vlgothic-fonts/vlgothic-fonts.changes 2012-09-14 12:41:45.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.vlgothic-fonts.new/vlgothic-fonts.changes 2014-09-03 21:17:30.000000000 +0200 @@ -1,0 +2,7 @@ +Mon Sep 1 14:19:08 UTC 2014 - ftake(a)geeko.jp + +- updated to version 20140801 + * new glyphs including Unicode emoji + * update M+ part to the latest CVS HEAD + +------------------------------------------------------------------- Old: ---- VLGothic-20120325.tar.bz2 New: ---- VLGothic-20140801.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vlgothic-fonts.spec ++++++ --- /var/tmp/diff_new_pack.bbWVeq/_old 2014-09-03 21:17:32.000000000 +0200 +++ /var/tmp/diff_new_pack.bbWVeq/_new 2014-09-03 21:17:32.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package vlgothic-fonts # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,13 +17,13 @@ Name: vlgothic-fonts -Version: 20120325 +Version: 20140801 Release: 0 Summary: VL-Gothic TrueType font family License: BSD-3-Clause and SUSE-mplus Group: System/X11/Fonts Url: http://dicey.org/vlgothic/ -Source0: VLGothic-%{version}.tar.bz2 +Source0: VLGothic-%{version}.tar.xz BuildRequires: fontpackages-devel Provides: scalable-font-ja Provides: vlgothic = %{version} @@ -41,11 +41,6 @@ %setup -q -n VLGothic %build -for i in README_J.mplus LICENSE_J.mplus -do - iconv -feucjp -tutf-8 < $i > $i.tmp - mv $i.tmp $i -done %install mkdir -p %{buildroot}%{_ttfontsdir} -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit texmaker for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package texmaker for openSUSE:Factory checked in at 2014-09-03 18:23:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/texmaker (Old) and /work/SRC/openSUSE:Factory/.texmaker.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "texmaker" Changes: -------- --- /work/SRC/openSUSE:Factory/texmaker/texmaker.changes 2014-05-05 21:14:19.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.texmaker.new/texmaker.changes 2014-09-03 21:14:00.000000000 +0200 @@ -1,0 +2,21 @@ +Mon Sep 1 13:56:01 UTC 2014 - badshah400(a)gmail.com + +- Update to version 4.3: + + A visual diff view has been added to the "source viewer" + (differences between the current files loaded in the editor + and in the "source viewer") based on jsdifflib from Chas + Emerick (BSD license) + + When a command fails, the command is now displayed with the + error message "Could not start the command" + + An "reload all documents from file" option has been added to + the "File" menu + + If a "completion.txt" file is found in the same directory than + texmaker.exe on windows, in the "/usr/share/texmaker/" folder + on linux and in the "Resources" subdirectory of the .app + on macosx, all items from this file will be added + automatically for the autocompletion + + An option to launch the "Clean" tool when exiting the program + has been added + + The cs, el, es, hu and se translations have been updated. + +------------------------------------------------------------------- Old: ---- texmaker-4.2.tar.bz2 New: ---- texmaker-4.3.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ texmaker.spec ++++++ --- /var/tmp/diff_new_pack.LXYxPU/_old 2014-09-03 21:14:02.000000000 +0200 +++ /var/tmp/diff_new_pack.LXYxPU/_new 2014-09-03 21:14:02.000000000 +0200 @@ -17,10 +17,10 @@ Name: texmaker -Version: 4.2 +Version: 4.3 Release: 0 Summary: Free cross-platform LaTeX editor -License: GPL-2.0 +License: GPL-2.0 and BSD-3-Clause Group: Productivity/Publishing/TeX/Frontends Url: http://www.xm1math.net/texmaker/ Source: http://www.xm1math.net/texmaker/texmaker-%{version}.tar.bz2 ++++++ texmaker-4.2.tar.bz2 -> texmaker-4.3.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/texmaker/texmaker-4.2.tar.bz2 /work/SRC/openSUSE:Factory/.texmaker.new/texmaker-4.3.tar.bz2 differ: char 11, line 1 ++++++ texmaker-correct-doc-location.patch ++++++ --- /var/tmp/diff_new_pack.LXYxPU/_old 2014-09-03 21:14:02.000000000 +0200 +++ /var/tmp/diff_new_pack.LXYxPU/_new 2014-09-03 21:14:02.000000000 +0200 @@ -1,7 +1,7 @@ -Index: texmaker-4.2/texmaker.pro +Index: texmaker-4.3/texmaker.pro =================================================================== ---- texmaker-4.2.orig/texmaker.pro -+++ texmaker-4.2/texmaker.pro +--- texmaker-4.3.orig/texmaker.pro ++++ texmaker-4.3/texmaker.pro @@ -387,9 +387,6 @@ utilities.files = doc/doc1.png \ atd/atd.css \ atd/csshttprequest.js \ -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit tcl-tktray for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package tcl-tktray for openSUSE:Factory checked in at 2014-09-03 18:22:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tcl-tktray (Old) and /work/SRC/openSUSE:Factory/.tcl-tktray.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "tcl-tktray" Changes: -------- --- /work/SRC/openSUSE:Factory/tcl-tktray/tcl-tktray.changes 2012-06-25 12:06:31.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.tcl-tktray.new/tcl-tktray.changes 2014-09-03 21:12:49.000000000 +0200 @@ -1,0 +2,5 @@ +Mon Sep 1 10:52:53 UTC 2014 - gber(a)opensuse.org + +- change license name to TCL again + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tcl-tktray.spec ++++++ --- /var/tmp/diff_new_pack.laRAFY/_old 2014-09-03 21:12:50.000000000 +0200 +++ /var/tmp/diff_new_pack.laRAFY/_new 2014-09-03 21:12:50.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package tcl-tktray # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2011 open-slx GmbH <Sascha.Manns(a)open-slx.de> # # All modifications and additions to the file contributed by third parties @@ -21,7 +21,7 @@ Version: 1.3.9 Release: 0 Summary: System Tray Icon Support for Tk on X11 -License: SUSE-TCL +License: TCL Group: Development/Languages/Tcl Url: http://sw4me.com/wiki/Tktray Source: http://tktray.googlecode.com/files/tktray%{version}.tar.gz -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit systemd for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package systemd for openSUSE:Factory checked in at 2014-09-03 18:21:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/systemd (Old) and /work/SRC/openSUSE:Factory/.systemd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "systemd" Changes: -------- --- /work/SRC/openSUSE:Factory/systemd/systemd-mini.changes 2014-08-29 17:43:05.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.systemd.new/systemd-mini.changes 2014-09-03 21:12:19.000000000 +0200 @@ -1,0 +2,29 @@ +Tue Sep 2 12:56:47 UTC 2014 - rmilasan(a)suse.com + +- udev: add option to generate old 'buggy' serials (bnc#886852) + Add 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch + +------------------------------------------------------------------- +Tue Sep 2 09:14:03 UTC 2014 - werner(a)suse.de + +- Add upstream patch + 0001-login-simplify-controller-handling.patch + +------------------------------------------------------------------- +Mon Sep 1 13:00:29 UTC 2014 - werner(a)suse.de + +- Add upstream patches + 0001-completion-filter-templates-from-restartable-units.patch + 0002-systemd-fix-error-message.patch + 0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch + 0004-config-parser-fix-mem-leak.patch + 0005-login-fix-mem-leak.patch + 1065-udev-bump-event-timeout-to-60-seconds.patch + +------------------------------------------------------------------- +Fri Aug 29 14:14:06 UTC 2014 - werner(a)suse.de + +- Add upstream patch 0001-nspawn-fix-network-interface.patch to + make option network-interface of systemd-nspawn work + +------------------------------------------------------------------- systemd.changes: same change New: ---- 0001-completion-filter-templates-from-restartable-units.patch 0001-login-simplify-controller-handling.patch 0001-nspawn-fix-network-interface.patch 0002-systemd-fix-error-message.patch 0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch 0004-config-parser-fix-mem-leak.patch 0005-login-fix-mem-leak.patch 1065-udev-bump-event-timeout-to-60-seconds.patch 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ systemd-mini.spec ++++++ --- /var/tmp/diff_new_pack.ndIGBV/_old 2014-09-03 21:12:23.000000000 +0200 +++ /var/tmp/diff_new_pack.ndIGBV/_new 2014-09-03 21:12:23.000000000 +0200 @@ -814,6 +814,20 @@ Patch392: 0003-sd-journal-properly-convert-object-size-on-big-endia.patch # PATCH-FIX-UPSTREAM added at 2014/08/28 Patch393: 0004-sd-journal-verify-that-object-start-with-the-field-n.patch +# PATCH-FIX-UPSTREAM added at 2014/08/29 +Patch394: 0001-nspawn-fix-network-interface.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch395: 0001-completion-filter-templates-from-restartable-units.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch396: 0002-systemd-fix-error-message.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch397: 0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch398: 0004-config-parser-fix-mem-leak.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch399: 0005-login-fix-mem-leak.patch +# PATCH-FIX-UPSTREAM added at 2014/09/02 +Patch400: 0001-login-simplify-controller-handling.patch # UDEV PATCHES # ============ @@ -949,6 +963,10 @@ Patch1063: 1063-udev-path_id-suppress-ID_PATH-for-devices-with-an-un.patch # PATCH-FIX-UPSTREAM 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch Patch1064: 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch +# PATCH-FIX-UPSTREAM 1065-udev-bump-event-timeout-to-60-seconds.patch +Patch1065: 1065-udev-bump-event-timeout-to-60-seconds.patch +# PATCH-FIX-SUSE 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch (bnc#886852) +Patch1066: 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1501,6 +1519,13 @@ %patch391 -p0 %patch392 -p0 %patch393 -p0 +%patch394 -p0 +%patch395 -p0 +%patch396 -p0 +%patch397 -p0 +%patch398 -p0 +%patch399 -p0 +%patch400 -p0 # udev patches %patch1001 -p1 @@ -1588,6 +1613,8 @@ %patch1062 -p1 %patch1063 -p0 %patch1064 -p0 +%patch1065 -p0 +%patch1066 -p1 # remove patch backups find -name '*.orig' -exec rm -f '{}' \+ ++++++ systemd.spec ++++++ --- /var/tmp/diff_new_pack.ndIGBV/_old 2014-09-03 21:12:23.000000000 +0200 +++ /var/tmp/diff_new_pack.ndIGBV/_new 2014-09-03 21:12:23.000000000 +0200 @@ -809,6 +809,20 @@ Patch392: 0003-sd-journal-properly-convert-object-size-on-big-endia.patch # PATCH-FIX-UPSTREAM added at 2014/08/28 Patch393: 0004-sd-journal-verify-that-object-start-with-the-field-n.patch +# PATCH-FIX-UPSTREAM added at 2014/08/29 +Patch394: 0001-nspawn-fix-network-interface.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch395: 0001-completion-filter-templates-from-restartable-units.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch396: 0002-systemd-fix-error-message.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch397: 0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch398: 0004-config-parser-fix-mem-leak.patch +# PATCH-FIX-UPSTREAM added at 2014/09/01 +Patch399: 0005-login-fix-mem-leak.patch +# PATCH-FIX-UPSTREAM added at 2014/09/02 +Patch400: 0001-login-simplify-controller-handling.patch # UDEV PATCHES # ============ @@ -944,6 +958,10 @@ Patch1063: 1063-udev-path_id-suppress-ID_PATH-for-devices-with-an-un.patch # PATCH-FIX-UPSTREAM 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch Patch1064: 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch +# PATCH-FIX-UPSTREAM 1065-udev-bump-event-timeout-to-60-seconds.patch +Patch1065: 1065-udev-bump-event-timeout-to-60-seconds.patch +# PATCH-FIX-SUSE 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch (bnc#886852) +Patch1066: 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1496,6 +1514,13 @@ %patch391 -p0 %patch392 -p0 %patch393 -p0 +%patch394 -p0 +%patch395 -p0 +%patch396 -p0 +%patch397 -p0 +%patch398 -p0 +%patch399 -p0 +%patch400 -p0 # udev patches %patch1001 -p1 @@ -1583,6 +1608,8 @@ %patch1062 -p1 %patch1063 -p0 %patch1064 -p0 +%patch1065 -p0 +%patch1066 -p1 # remove patch backups find -name '*.orig' -exec rm -f '{}' \+ ++++++ 0001-completion-filter-templates-from-restartable-units.patch ++++++ Based on ec15977a3cd82eff6c94bb13db72195f7cd512e8 Mon Sep 17 00:00:00 2001 From: Dave Reisner <dreisner(a)archlinux.org> Date: Fri, 29 Aug 2014 20:35:15 -0400 Subject: [PATCH] completion: filter templates from restartable units Since c6a373a2634854, we might encounter unit templates via the 'list-units' verb. These aren't restartable (and we throw errors), so make sure they're filtered out of the completion options. fixes downstream bug: https://bugs.archlinux.org/task/41719 --- shell-completion/bash/systemctl.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git shell-completion/bash/systemctl.in shell-completion/bash/systemctl.in index 64b15df..0150018 100644 --- shell-completion/bash/systemctl +++ shell-completion/bash/systemctl @@ -182,7 +182,7 @@ _systemctl () { comps=$( __filter_units_by_property $mode CanStart yes \ $( __get_all_units $mode \ | while read -r line; do \ - [[ "$line" =~ \.(device|snapshot|socket|timer)$ ]] || echo " $line"; \ + [[ "$line" =~ @\.|\.(device|snapshot|socket|timer)$ ]] || echo " $line"; \ done )) compopt -o filenames -- 1.7.9.2 ++++++ 0001-login-simplify-controller-handling.patch ++++++ Based on b12e56156e5f363ebb8dc4ea5c10f5fd0665dc9d Mon Sep 17 00:00:00 2001 From: David Herrmann <dh.herrmann(a)gmail.com> Date: Mon, 1 Sep 2014 14:04:44 +0200 Subject: [PATCH] login: simplify controller handling Simplify the way we handler session-controllers and fix several shortcomings: * send ReleaseDevice() signals on forced session takeover * fix mem-leaks for busnames in case VT preparation fails (non-critical) * avoid passing pre-allocated names to helpers --- src/login/logind-session.c | 55 ++++++++++++++++++++++---------------------- 1 file changed, 28 insertions(+), 27 deletions(-) diff --git src/login/logind-session.c src/login/logind-session.c index 58453b5..10a43a4 100644 --- src/login/logind-session.c +++ src/login/logind-session.c @@ -1059,32 +1059,30 @@ bool session_is_controller(Session *s, const char *sender) { return streq_ptr(s->controller, sender); } -static void session_swap_controller(Session *s, char *name) { +static void session_release_controller(Session *s, bool notify) { + _cleanup_free_ char *name = NULL; SessionDevice *sd; - char *c; - if (s->controller) { - c = s->controller; - s->controller = NULL; - manager_drop_busname(s->manager, c); - free(c); + if (!s->controller) + return; - /* Drop all devices as they're now unused. Do that after the - * controller is released to avoid sending out useles - * dbus signals. */ - while ((sd = hashmap_first(s->devices))) - session_device_free(sd); + name = s->controller; - if (!name) - session_restore_vt(s); - } + /* By resetting the controller before releasing the devices, we won't + * send notification signals. This avoids sending useless notifications + * if the controller is released on disconnects. */ + if (!notify) + s->controller = NULL; - s->controller = name; - session_save(s); + while ((sd = hashmap_first(s->devices))) + session_device_free(sd); + + s->controller = NULL; + manager_drop_busname(s->manager, name); } int session_set_controller(Session *s, const char *sender, bool force) { - char *t; + _cleanup_free_ char *name = NULL; int r; assert(s); @@ -1095,15 +1093,13 @@ int session_set_controller(Session *s, const char *sender, bool force) { if (s->controller && !force) return -EBUSY; - t = strdup(sender); - if (!t) + name = strdup(sender); + if (!name) return -ENOMEM; - r = manager_watch_busname(s->manager, sender); - if (r) { - free(t); + r = manager_watch_busname(s->manager, name); + if (r) return r; - } /* When setting a session controller, we forcibly mute the VT and set * it into graphics-mode. Applications can override that by changing @@ -1115,11 +1111,14 @@ int session_set_controller(Session *s, const char *sender, bool force) { * or reset the VT in case it crashed/exited, too. */ r = session_mute_vt(s); if (r < 0) { - free(t); + manager_drop_busname(s->manager, name); return r; } - session_swap_controller(s, t); + session_release_controller(s, true); + s->controller = name; + name = NULL; + session_save(s); return 0; } @@ -1130,7 +1129,9 @@ void session_drop_controller(Session *s) { if (!s->controller) return; - session_swap_controller(s, NULL); + session_release_controller(s, false); + session_save(s); + session_restore_vt(s); } static const char* const session_state_table[_SESSION_STATE_MAX] = { -- 1.7.9.2 ++++++ 0001-nspawn-fix-network-interface.patch ++++++ Based on 3125b3ef5db70d45882c7d6f617705802c5f939e Mon Sep 17 00:00:00 2001 From: Tom Gundersen <teg(a)jklm.no> Date: Thu, 28 Aug 2014 12:15:51 +0200 Subject: [PATCH] nspawn: fix --network-interface Use SETLINK when modifying an existing link. --- src/nspawn/nspawn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- src/nspawn/nspawn.c +++ src/nspawn/nspawn.c 2014-08-29 14:11:25.866235309 +0000 @@ -1568,7 +1568,7 @@ static int move_network_interfaces(pid_t return -EBUSY; } - r = sd_rtnl_message_new_link(rtnl, &m, RTM_NEWLINK, ifi); + r = sd_rtnl_message_new_link(rtnl, &m, RTM_SETLINK, ifi); if (r < 0) { log_error("Failed to allocate netlink message: %s", strerror(-r)); return r; ++++++ 0002-systemd-fix-error-message.patch ++++++ Based on 6ad3b2b62cbe34cc02ee98deb5f48047f5e42d26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek(a)in.waw.pl> Date: Sat, 30 Aug 2014 17:22:42 -0400 Subject: [PATCH] systemd: fix error message --- src/core/dbus-manager.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- src/core/dbus-manager.c +++ src/core/dbus-manager.c 2014-09-01 12:51:33.266735961 +0000 @@ -1114,7 +1114,7 @@ static int method_switch_root(sd_bus *bu return r; if (m->running_as != SYSTEMD_SYSTEM) - return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "KExec is only supported for system managers."); + return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Root switching is only supported by system manager."); r = sd_bus_message_read(message, "ss", &root, &init); if (r < 0) @@ -1125,7 +1125,7 @@ static int method_switch_root(sd_bus *bu /* Safety check */ if (isempty(init)) { - if (! path_is_os_tree(root)) + if (!path_is_os_tree(root)) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Specified switch root path %s does not seem to be an OS tree. /etc/os-release is missing.", root); } else { _cleanup_free_ char *p = NULL; ++++++ 0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch ++++++ >From 8e07fc41f86d41e68c5663b2a3c620a0adedcc11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek(a)in.waw.pl> Date: Sun, 31 Aug 2014 00:42:27 -0400 Subject: [PATCH] Quote unit names in suggested systemctl commandlines The fact that unit names have to be quoted can be a bit surprising. Show quotes in the hint commandline, but only after checking that this is necessary, since quotes are visually heavy and usually not needed. https://bugs.freedesktop.org/show_bug.cgi?id=82832 --- src/core/job.c | 11 +++++++++-- src/systemctl/systemctl.c | 14 ++++++++++++-- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git src/core/job.c src/core/job.c index 5e4987f..ef5dbce 100644 --- src/core/job.c +++ src/core/job.c @@ -632,11 +632,18 @@ static void job_print_status_message(Unit *u, JobType t, JobResult result) { unit_status_printf(u, ANSI_GREEN_ON " OK " ANSI_HIGHLIGHT_OFF, format); break; - case JOB_FAILED: + case JOB_FAILED: { + bool quotes; + + quotes = chars_intersect(u->id, SHELL_NEED_QUOTES); + manager_flip_auto_status(u->manager, true); unit_status_printf(u, ANSI_HIGHLIGHT_RED_ON "FAILED" ANSI_HIGHLIGHT_OFF, format); - manager_status_printf(u->manager, false, NULL, "See 'systemctl status %s' for details.", u->id); + manager_status_printf(u->manager, false, NULL, + "See \"systemctl status %s%s%s\" for details.", + quotes ? "'" : "", u->id, quotes ? "'" : ""); break; + } case JOB_DEPENDENCY: manager_flip_auto_status(u->manager, true); diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c index 6534819..de43c87 100644 --- src/systemctl/systemctl.c +++ src/systemctl/systemctl.c @@ -2351,8 +2351,18 @@ static int check_wait_response(WaitData *d) { log_error("Job for %s canceled.", strna(d->name)); else if (streq(d->result, "dependency")) log_error("A dependency job for %s failed. See 'journalctl -xn' for details.", strna(d->name)); - else if (!streq(d->result, "done") && !streq(d->result, "skipped")) - log_error("Job for %s failed. See 'systemctl status %s' and 'journalctl -xn' for details.", strna(d->name), strna(d->name)); + else if (!streq(d->result, "done") && !streq(d->result, "skipped")) { + if (d->name) { + bool quotes; + + quotes = chars_intersect(d->name, SHELL_NEED_QUOTES); + + log_error("Job for %s failed. See \"systemctl status %s%s%s\" and \"journalctl -xn\" for details.", + d->name, + quotes ? "'" : "", d->name, quotes ? "'" : ""); + } else + log_error("Job failed. See \"journalctl -xn\" for details."); + } } if (streq(d->result, "timeout")) -- 1.7.9.2 ++++++ 0004-config-parser-fix-mem-leak.patch ++++++ >From 9e60277835e61597011358afcdbfb3dd712ce128 Mon Sep 17 00:00:00 2001 From: Thomas Hindoe Paaboel Andersen <phomes(a)gmail.com> Date: Sun, 31 Aug 2014 23:13:12 +0200 Subject: [PATCH] config-parser: fix mem leak --- src/shared/conf-parser.c | 1 + 1 file changed, 1 insertion(+) diff --git src/shared/conf-parser.c src/shared/conf-parser.c index 439cfc5..ee6de65 100644 --- src/shared/conf-parser.c +++ src/shared/conf-parser.c @@ -710,6 +710,7 @@ int config_parse_strv(const char *unit, if (!utf8_is_valid(n)) { log_invalid_utf8(unit, LOG_ERR, filename, line, EINVAL, rvalue); + free(n); continue; } -- 1.7.9.2 ++++++ 0005-login-fix-mem-leak.patch ++++++ Based on 13f493dc9ace9861c1f27c4d37e8cd6d52fe6a32 Mon Sep 17 00:00:00 2001 From: Thomas Hindoe Paaboel Andersen <phomes(a)gmail.com> Date: Sun, 31 Aug 2014 23:34:01 +0200 Subject: [PATCH] login: fix mem leak --- src/login/logind-session.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- src/login/logind-session.c +++ src/login/logind-session.c 2014-09-01 12:59:27.870235647 +0000 @@ -1101,8 +1101,10 @@ int session_set_controller(Session *s, c * If logind crashes/restarts, we restore the controller during restart * or reset the VT in case it crashed/exited, too. */ r = session_mute_vt(s); - if (r < 0) + if (r < 0) { + free(t); return r; + } session_swap_controller(s, t); ++++++ 1065-udev-bump-event-timeout-to-60-seconds.patch ++++++ >From 2e92633dbae52f5ac9b7b2e068935990d475d2cd Mon Sep 17 00:00:00 2001 From: Kay Sievers <kay(a)vrfy.org> Date: Sat, 30 Aug 2014 11:36:32 +0200 Subject: [PATCH] udev: bump event timeout to 60 seconds --- src/udev/udevadm-test.c | 2 +- src/udev/udevd.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git src/udev/udevadm-test.c src/udev/udevadm-test.c index 8486049..809adb6 100644 --- src/udev/udevadm-test.c +++ src/udev/udevadm-test.c @@ -136,7 +136,7 @@ static int adm_test(struct udev *udev, int argc, char *argv[]) { goto out; } - udev_event_execute_rules(event, 30 * USEC_PER_SEC, rules, &sigmask_orig); + udev_event_execute_rules(event, 60 * USEC_PER_SEC, rules, &sigmask_orig); udev_list_entry_foreach(entry, udev_device_get_properties_list_entry(dev)) printf("%s=%s\n", udev_list_entry_get_name(entry), udev_list_entry_get_value(entry)); diff --git src/udev/udevd.c src/udev/udevd.c index 9c2b0d5..e72c5b2 100644 --- src/udev/udevd.c +++ src/udev/udevd.c @@ -73,7 +73,7 @@ static bool reload; static int children; static int children_max; static int exec_delay; -static usec_t event_timeout_usec = 30 * USEC_PER_SEC; +static usec_t event_timeout_usec = 60 * USEC_PER_SEC; static sigset_t sigmask_orig; static UDEV_LIST(event_list); static UDEV_LIST(worker_list); -- 1.7.9.2 ++++++ 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch ++++++ From: Jeff Mahoney <jeffm(a)suse.com> Subject: udev: add option to generate old 'buggy' serials References: bnc#886852 Prior to udev 184, scsi_id would truncate the last character of the model string when generating the ID_SERIAL value. If a system was installed prior to that fix being available in udev, there may be configuration information that refers to the truncated link. This patch adds a --truncated-serial option and a udev rule will created the old truncated links. Signed-off-by: Jeff Mahoney <jeffm(a)suse.com> --- rules/60-persistent-storage.rules | 4 ++++ src/udev/scsi_id/scsi_id.c | 15 ++++++++++++++- src/udev/scsi_id/scsi_id.h | 1 + src/udev/scsi_id/scsi_serial.c | 19 +++++++++++++------ 4 files changed, 32 insertions(+), 7 deletions(-) --- a/rules/60-persistent-storage.rules +++ b/rules/60-persistent-storage.rules @@ -46,6 +46,10 @@ KERNEL=="sd*|cciss*", ENV{DEVTYPE}=="par KERNEL=="sd*[!0-9]", ENV{ID_BUS}=="ata", PROGRAM="scsi_id --whitelisted --replace-whitespace -p0x80 -d $devnode", RESULT=="?*", ENV{ID_SCSI_COMPAT}="$result", SYMLINK+="disk/by-id/scsi-$env{ID_SCSI_COMPAT}" KERNEL=="sd*[0-9]", ENV{ID_SCSI_COMPAT}=="?*", SYMLINK+="disk/by-id/scsi-$env{ID_SCSI_COMPAT}-part%n" +# scsi compat links for ATA devices (for compatibility with udev < 184) +KERNEL=="sd*[!0-9]", ENV{ID_BUS}=="ata", PROGRAM="scsi_id --truncated-serial --whitelisted --replace-whitespace -p0x80 -d$tempnode", RESULT=="?*", ENV{ID_SCSI_COMPAT_TRUNCATED}="$result", SYMLINK+="disk/by-id/scsi-$env{ID_SCSI_COMPAT_TRUNCATED}" +KERNEL=="sd*[0-9]", ENV{ID_SCSI_COMPAT_TRUNCATED}=="?*", SYMLINK+="disk/by-id/scsi-$env{ID_SCSI_COMPAT_TRUNCATED}-part%n" + # firewire KERNEL=="sd*[!0-9]|sr*", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394-$attr{ieee1394_id}" KERNEL=="sd*[0-9]", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394-$attr{ieee1394_id}-part%n" --- a/src/udev/scsi_id/scsi_id.c +++ b/src/udev/scsi_id/scsi_id.c @@ -44,6 +44,7 @@ static const struct option options[] = { { "replace-whitespace", no_argument, NULL, 'u' }, { "sg-version", required_argument, NULL, 's' }, { "verbose", no_argument, NULL, 'v' }, + { "truncated-serial", no_argument, NULL, '9' }, { "version", no_argument, NULL, 'V' }, /* don't advertise -V */ { "export", no_argument, NULL, 'x' }, { "help", no_argument, NULL, 'h' }, @@ -56,6 +57,7 @@ static char config_file[MAX_PATH_LEN] = static enum page_code default_page_code = PAGE_UNSPECIFIED; static int sg_version = 4; static int debug = 0; +static bool compat_truncated = false; static bool reformat_serial = false; static bool export = false; static char vendor_str[64]; @@ -323,6 +325,7 @@ static void help(void) { " -g,--whitelisted threat device as whitelisted\n" " -u,--replace-whitespace replace all whitespace by underscores\n" " -v,--verbose verbose logging\n" + " --truncated-serial truncated serial for compatibility with systems configured with by-id links created by udev < 184\n" " --version print version\n" " -x,--export print values as environment keys\n" " -h,--help print this help text\n\n"); @@ -393,6 +396,10 @@ static int set_options(struct udev *udev debug++; break; + case '9': + compat_truncated = true; + break; + case 'V': printf("%s\n", VERSION); exit(0); @@ -535,6 +542,9 @@ static int scsi_id(struct udev *udev, ch util_replace_whitespace(dev_scsi.serial, serial_str, sizeof(serial_str)); util_replace_chars(serial_str, NULL); printf("ID_SERIAL=%s\n", serial_str); + util_replace_whitespace(dev_scsi.serial_compat, serial_str, sizeof(serial_str)); + util_replace_chars(serial_str, NULL); + printf("ID_SERIAL_COMPAT=%s\n", serial_str); util_replace_whitespace(dev_scsi.serial_short, serial_str, sizeof(serial_str)); util_replace_chars(serial_str, NULL); printf("ID_SERIAL_SHORT=%s\n", serial_str); @@ -565,7 +575,10 @@ static int scsi_id(struct udev *udev, ch if (reformat_serial) { char serial_str[MAX_SERIAL_LEN]; - util_replace_whitespace(dev_scsi.serial, serial_str, sizeof(serial_str)); + if (compat_truncated) + util_replace_whitespace(dev_scsi.serial_compat, serial_str, sizeof(serial_str)); + else + util_replace_whitespace(dev_scsi.serial, serial_str, sizeof(serial_str)); util_replace_chars(serial_str, NULL); printf("%s\n", serial_str); goto out; --- a/src/udev/scsi_id/scsi_id.h +++ b/src/udev/scsi_id/scsi_id.h @@ -43,6 +43,7 @@ struct scsi_id_device { char kernel[64]; char serial[MAX_SERIAL_LEN]; char serial_short[MAX_SERIAL_LEN]; + char serial_compat[MAX_SERIAL_LEN]; int use_sg; /* Always from page 0x80 e.g. 'B3G1P8500RWT' - may not be unique */ --- a/src/udev/scsi_id/scsi_serial.c +++ b/src/udev/scsi_id/scsi_serial.c @@ -97,7 +97,8 @@ static const char hex_str[]="0123456789a static int do_scsi_page80_inquiry(struct udev *udev, struct scsi_id_device *dev_scsi, int fd, - char *serial, char *serial_short, int max_len); + char *serial, char *serial_short, + char *serial_compat, int max_len); static int sg_err_category_new(struct udev *udev, int scsi_status, int msg_status, int @@ -620,7 +621,7 @@ static int do_scsi_page83_inquiry(struct unsigned char page_83[SCSI_INQ_BUFF_LEN]; /* also pick up the page 80 serial number */ - do_scsi_page80_inquiry(udev, dev_scsi, fd, NULL, unit_serial_number, MAX_SERIAL_LEN); + do_scsi_page80_inquiry(udev, dev_scsi, fd, NULL, unit_serial_number, NULL, MAX_SERIAL_LEN); memzero(page_83, SCSI_INQ_BUFF_LEN); retval = scsi_inquiry(udev, dev_scsi, fd, 1, PAGE_83, page_83, @@ -765,7 +766,8 @@ static int do_scsi_page83_prespc3_inquir /* Get unit serial number VPD page */ static int do_scsi_page80_inquiry(struct udev *udev, struct scsi_id_device *dev_scsi, int fd, - char *serial, char *serial_short, int max_len) + char *serial, char *serial_short, + char *serial_compat, int max_len) { int retval; int ser_ind; @@ -799,9 +801,14 @@ static int do_scsi_page80_inquiry(struct ser_ind = prepend_vendor_model(udev, dev_scsi, &serial[1]); if (ser_ind < 0) return 1; + if (serial_compat) + strcpy(serial_compat, serial); ser_ind++; /* for the leading 'S' */ - for (i = 4; i < len + 4; i++, ser_ind++) + for (i = 4; i < len + 4; i++, ser_ind++) { serial[ser_ind] = buf[i]; + if (serial_compat) + serial_compat[ser_ind - 1] = buf[i]; + } } if (serial_short != NULL) { memcpy(serial_short, &buf[4], len); @@ -877,7 +884,7 @@ int scsi_get_serial(struct udev *udev, return 1; if (page_code == PAGE_80) { - if (do_scsi_page80_inquiry(udev, dev_scsi, fd, dev_scsi->serial, dev_scsi->serial_short, len)) { + if (do_scsi_page80_inquiry(udev, dev_scsi, fd, dev_scsi->serial, dev_scsi->serial_short, dev_scsi->serial_compat, len)) { retval = 1; goto completed; } else { @@ -951,7 +958,7 @@ int scsi_get_serial(struct udev *udev, for (ind = 4; ind <= page0[3] + 3; ind++) if (page0[ind] == PAGE_80) if (!do_scsi_page80_inquiry(udev, dev_scsi, fd, - dev_scsi->serial, dev_scsi->serial_short, len)) { + dev_scsi->serial, dev_scsi->serial_short, dev_scsi->serial_compat, len)) { /* * Success */ -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit suse-build-key for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package suse-build-key for openSUSE:Factory checked in at 2014-09-03 18:23:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/suse-build-key (Old) and /work/SRC/openSUSE:Factory/.suse-build-key.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "suse-build-key" Changes: -------- --- /work/SRC/openSUSE:Factory/suse-build-key/suse-build-key.changes 2014-01-14 13:55:20.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.suse-build-key.new/suse-build-key.changes 2014-09-03 21:11:58.000000000 +0200 @@ -1,0 +2,7 @@ +Fri Aug 29 08:28:03 UTC 2014 - meissner(a)suse.com + +- Went to new method again. + - suse-build-key.gpg blob dropped + - ship seperate files + +------------------------------------------------------------------- Old: ---- suse-build-key.gpg ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ suse-build-key.spec ++++++ --- /var/tmp/diff_new_pack.8jnina/_old 2014-09-03 21:12:00.000000000 +0200 +++ /var/tmp/diff_new_pack.8jnina/_new 2014-09-03 21:12:00.000000000 +0200 @@ -26,20 +26,16 @@ Group: System/Packages Version: 12.0 Release: 0 -Source0: suse-build-key.gpg -Source1: dumpsigs - # pub 2048R/39DB7C82 2013-01-31 SuSE Package Signing Key <build(a)suse.de> # The main package signing key. -Source2: gpg-pubkey-39db7c82-510a966b.asc +Source0: gpg-pubkey-39db7c82-510a966b.asc # pub 2048R/50A3DD1C 2013-01-14 SuSE Package Signing Key (reserve key) <build(a)suse.de> # Fallback key if main key gets lost. -Source3: gpg-pubkey-50a3dd1c-50f35137.asc +Source1: gpg-pubkey-50a3dd1c-50f35137.asc # pub 1024R/307E3D54 2006-03-21 SuSE Package Signing Key <build(a)suse.de> -# SLE11 build(a)suse.de key, 1024 bit -Source4: gpg-pubkey-307e3d54-4be01a65.asc - +# SLES 10 key. +Source2: gpg-pubkey-307e3d54-4be01a65.asc # pub 1024D/B37B98A9 2005-05-11 SUSE PTF Signing Key <support(a)suse.com> # SUSE supplied PTF (program temporary fixes) are signed by this key. # supplied to be not imported by default @@ -50,13 +46,10 @@ # Only used for E-Mail encryption and signing to/from security(a)suse.de. Source99: security_at_suse_de.asc +Source100: dumpsigs BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %define keydir %{_prefix}/lib/rpm/gnupg/keys - -%define pubring usr/lib/rpm/gnupg/pubring.gpg -%define susering usr/lib/rpm/gnupg/suse-build-key.gpg - PreReq: sh-utils gpg fileutils mktemp %description @@ -75,76 +68,24 @@ %install rm -rf $RPM_BUILD_ROOT -mkdir -p $RPM_BUILD_ROOT/usr/lib/rpm/gnupg -install %{SOURCE0} $RPM_BUILD_ROOT/%{susering} -install -m 755 %{SOURCE1} $RPM_BUILD_ROOT/usr/lib/rpm/gnupg -mkdir keys -cd keys -$RPM_BUILD_ROOT/usr/lib/rpm/gnupg/dumpsigs $RPM_BUILD_ROOT/%{susering} -cd .. -cp -a keys $RPM_BUILD_ROOT/usr/lib/rpm/gnupg - -touch $RPM_BUILD_ROOT/%{pubring} -touch $RPM_BUILD_ROOT/%{pubring}~ +mkdir -p $RPM_BUILD_ROOT%{keydir} +for i in %sources; do + case "$i" in + */gpg-pubkey-*.asc) + install -m 644 "$i" $RPM_BUILD_ROOT%{keydir} + ;; + esac +done +install -m 755 %{SOURCE100} $RPM_BUILD_ROOT/usr/lib/rpm/gnupg %files %defattr(644,root,root) -%attr(755,root,root) %dir /usr/lib/rpm/gnupg -%attr(755,root,root) /usr/lib/rpm/gnupg/dumpsigs -/usr/lib/rpm/gnupg/keys -%config /%{susering} -%ghost /%{pubring} -%ghost /%{pubring}~ - -%post -if [ ! -f %{pubring} ]; then - touch %{pubring} -fi -echo -n "importing SuSE build key to rpm keyring... " -TF=`mktemp /tmp/gpg.XXXXXX` -if [ -z "$TF" ]; then - echo "suse-build-key::post: cannot make temporary file. Fatal error." - exit 20 -fi -if [ -z "$HOME" ]; then - HOME=/root - export HOME -fi -if [ ! -d "$HOME" ]; then - mkdir "$HOME" -fi -gpg -q --batch --no-options < /dev/null > /dev/null 2>&1 || true -# no kidding... gpg won't initialize correctly without being called twice. -gpg < /dev/null > /dev/null 2>&1 || true -gpg < /dev/null > /dev/null 2>&1 || true -gpg -q --batch --no-options --no-default-keyring --no-permission-warning \ - --keyring %{susering} --export -a > $TF -a="$?" -gpg -q --batch --no-options --no-default-keyring --no-permission-warning \ - --keyring %{pubring} --import < $TF -b="$?" -rm -f "$TF" -if [ "$a" = 0 -a "$b" = 0 ]; then - echo "done." -else - echo "importing the key from the file %{susering}" - echo "returned an error. This should not happen. It may not be possible" - echo "to properly verify the authenticity of rpm packages from SuSE sources." - echo "The keyring containing the SuSE rpm package signing key can be found" - echo "in the root directory of the first CD (DVD) of your SuSE product." - exit -1 -fi -### import suse package build key to roots gpg keyring -if test -f root/.gnupg/pubring.gpg ; then - chroot . usr/bin/gpg --export --armor --no-default-keyring \ - --keyring %{susering} build(a)suse.de \ - | chroot . usr/bin/gpg --import || true - if ! chroot . usr/bin/gpg --list-keys build(a)suse.de >/dev/null 2>&1 ; then - echo "gpg import for build(a)suse.de failed, please import manually" >&2 - fi -else - cp %{susering} root/.gnupg/pubring.gpg -fi -chmod 600 root/.gnupg/pubring.gpg +%doc security_at_suse_de.asc suse_ptf_key.asc +%attr(755,root,root) %dir %{_prefix}/lib/rpm/gnupg +%attr(755,root,root) %dir %{keydir} +%attr(755,root,root) %{_prefix}/lib/rpm/gnupg/dumpsigs +%{keydir}/gpg-pubkey-50a3dd1c-50f35137.asc +%{keydir}/gpg-pubkey-39db7c82-510a966b.asc +%{keydir}/gpg-pubkey-307e3d54-4be01a65.asc %changelog -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit splix for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package splix for openSUSE:Factory checked in at 2014-09-03 18:22:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/splix (Old) and /work/SRC/openSUSE:Factory/.splix.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "splix" Changes: -------- --- /work/SRC/openSUSE:Factory/splix/splix.changes 2014-06-25 10:49:15.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.splix.new/splix.changes 2014-09-03 21:11:06.000000000 +0200 @@ -1,0 +2,6 @@ +Mon Aug 25 11:03:47 CEST 2014 - jsmeix(a)suse.de + +- splix-add-debuginfo.patch (from lpechacek(a)suse.cz) lets build + make also the missing debuginfo packages (bnc#890843). + +------------------------------------------------------------------- New: ---- splix-add-debuginfo.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ splix.spec ++++++ --- /var/tmp/diff_new_pack.2pbxj7/_old 2014-09-03 21:11:07.000000000 +0200 +++ /var/tmp/diff_new_pack.2pbxj7/_new 2014-09-03 21:11:07.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package splix (Version 2.0.0) +# spec file for package splix # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,22 +15,22 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild %bcond_with jbigkit Name: splix Summary: Driver for Samsung Printer Language printers -Version: 2.0.0 -Release: 4 License: GPL-2.0 Group: Hardware/Printing +Version: 2.0.0 +Release: 0 Url: http://splix.ap2c.org/ Source0: http://downloads.sourceforge.net/project/splix/splix/%{version}/%{name}-%{v… Source1: http://splix.ap2c.org/samsung_cms.tar.bz2 Source2: README.SUSE Patch0: %name-2.0.0-gcc45.patch Patch1: %name-libs.patch +Patch2: %name-add-debuginfo.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: cups-devel BuildRequires: fdupes @@ -70,6 +70,7 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 %__cp %SOURCE2 . %build ++++++ splix-add-debuginfo.patch ++++++ SLE needs debugging information even for optimized binaries. Signed-off-by: Libor Pechacek <lpechacek(a)suse.cz> Index: splix-2.0.0/Makefile =================================================================== --- splix-2.0.0.orig/Makefile +++ splix-2.0.0/Makefile @@ -74,8 +74,8 @@ comma := , DEBUG_CFLAGS := -O0 -g DEBUG_CXXFLAGS := -O0 -g -OPTIM_CFLAGS := -O2 -OPTIM_CXXFLAGS := -O2 +OPTIM_CFLAGS := -O2 -g +OPTIM_CXXFLAGS := -O2 -g ARCHI := $(shell uname -s) Index: splix-2.0.0/rules.mk =================================================================== --- splix-2.0.0.orig/rules.mk +++ splix-2.0.0/rules.mk @@ -21,9 +21,9 @@ cmd_install_cms = INSTALL col install: $(rastertoqpdl_TARGET) $(pstoqpdl_TARGET) $(Q)mkdir -p $(DESTDIR)${CUPSFILTER} $(call printCmd, $(cmd_install_raster)) - $(Q)install -m 755 -s $(rastertoqpdl_TARGET) $(DESTDIR)${CUPSFILTER} + $(Q)install -m 755 $(rastertoqpdl_TARGET) $(DESTDIR)${CUPSFILTER} $(call printCmd, $(cmd_install_ps)) - $(Q)install -m 755 -s $(pstoqpdl_TARGET) $(DESTDIR)${CUPSFILTER} + $(Q)install -m 755 $(pstoqpdl_TARGET) $(DESTDIR)${CUPSFILTER} $(Q)$(MAKE) --no-print-directory -C ppd install Q=$(Q) \ DESTDIR=$(abspath $(DESTDIR)) DISABLE_JBIG=$(DISABLE_JBIG) @echo "" -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit spec-cleaner for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package spec-cleaner for openSUSE:Factory checked in at 2014-09-03 18:22:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/spec-cleaner (Old) and /work/SRC/openSUSE:Factory/.spec-cleaner.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "spec-cleaner" Changes: -------- --- /work/SRC/openSUSE:Factory/spec-cleaner/spec-cleaner.changes 2014-07-08 16:59:10.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.spec-cleaner.new/spec-cleaner.changes 2014-09-03 21:10:55.000000000 +0200 @@ -1,0 +2,18 @@ +Fri Aug 29 10:46:17 UTC 2014 - tchvatal(a)suse.com + +- py3 include arpgarse itself. + +------------------------------------------------------------------- +Wed Aug 13 12:28:45 UTC 2014 - tchvatal(a)suse.com + +- Version bump to 0.6.1: + * Fixup release with working spec-cleaner script executable + +------------------------------------------------------------------- +Wed Aug 13 12:09:35 UTC 2014 - tchvatal(a)suse.com + +- Version bump to 0.6.0: + * Use setuptools and nosetests for building&testing + * Various bugfixes as found by java icedtea cleaning + +------------------------------------------------------------------- Old: ---- spec-cleaner-0.5.9.tar.gz New: ---- spec-cleaner-0.6.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ spec-cleaner.spec ++++++ --- /var/tmp/diff_new_pack.F19LTI/_old 2014-09-03 21:10:57.000000000 +0200 +++ /var/tmp/diff_new_pack.F19LTI/_new 2014-09-03 21:10:57.000000000 +0200 @@ -18,23 +18,18 @@ Name: spec-cleaner -Version: 0.5.9 +Version: 0.6.1 Release: 0 Summary: .spec file cleaner License: BSD-3-Clause Group: Development/Tools/Other Url: http://github.com/openSUSE/spec-cleaner Source0: https://github.com/openSUSE/%{name}/archive/%{name}-%{version}.tar.gz -BuildRequires: python -Requires: python-argparse +BuildRequires: python3-mock +BuildRequires: python3-nose +BuildRequires: python3-setuptools BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch -# This is just for tests -# It is conditional so we built on older distros too -# Drop after 12.2 and older are not targeted here -%if 0%{?suse_version} > 01220 -BuildRequires: python3 -%endif %description This script cleans spec file according to some arbitrary style guide. The @@ -45,15 +40,13 @@ %setup -q -n %{name}-%{name}-%{version} %build +python3 setup.py build %check -make check -j1 +python3 setup.py test %install -make DESTDIR=%{buildroot} install %{?_smp_mflags} \ - LIBEXECDIR=%{_libexecdir} \ - LIBDIR=%{_libdir} \ - SITEDIR=%{python_sitelib} +python3 setup.py install --root="%{buildroot}" %files %defattr(-, root, root) @@ -62,23 +55,25 @@ %dir %{_libexecdir}/obs/service/ %{_libexecdir}/obs/service/clean_spec_file %{_libexecdir}/obs/service/clean_spec_file.service -%dir %{python_sitelib}/spec_cleaner/ -%{python_sitelib}/spec_cleaner/__init__.py* -%{python_sitelib}/spec_cleaner/fileutils.py* -%{python_sitelib}/spec_cleaner/rpmbuild.py* -%{python_sitelib}/spec_cleaner/rpmcheck.py* -%{python_sitelib}/spec_cleaner/rpmcleaner.py* -%{python_sitelib}/spec_cleaner/rpmcopyright.py* -%{python_sitelib}/spec_cleaner/rpmdescription.py* -%{python_sitelib}/spec_cleaner/rpmexception.py* -%{python_sitelib}/spec_cleaner/rpmfiles.py* -%{python_sitelib}/spec_cleaner/rpminstall.py* -%{python_sitelib}/spec_cleaner/rpmpreamble.py* -%{python_sitelib}/spec_cleaner/rpmprep.py* -%{python_sitelib}/spec_cleaner/rpmprune.py* -%{python_sitelib}/spec_cleaner/rpmregexp.py* -%{python_sitelib}/spec_cleaner/rpmscriplets.py* -%{python_sitelib}/spec_cleaner/rpmsection.py* +%dir %{python3_sitelib}/spec_cleaner/ +%{python3_sitelib}/spec_cleaner/__init__.py +%{python3_sitelib}/spec_cleaner/fileutils.py +%{python3_sitelib}/spec_cleaner/rpmbuild.py +%{python3_sitelib}/spec_cleaner/rpmcheck.py +%{python3_sitelib}/spec_cleaner/rpmcleaner.py +%{python3_sitelib}/spec_cleaner/rpmcopyright.py +%{python3_sitelib}/spec_cleaner/rpmdescription.py +%{python3_sitelib}/spec_cleaner/rpmexception.py +%{python3_sitelib}/spec_cleaner/rpmfiles.py +%{python3_sitelib}/spec_cleaner/rpminstall.py +%{python3_sitelib}/spec_cleaner/rpmpreamble.py +%{python3_sitelib}/spec_cleaner/rpmprep.py +%{python3_sitelib}/spec_cleaner/rpmprune.py +%{python3_sitelib}/spec_cleaner/rpmregexp.py +%{python3_sitelib}/spec_cleaner/rpmscriplets.py +%{python3_sitelib}/spec_cleaner/rpmsection.py +%{python3_sitelib}/spec_cleaner/__pycache__ +%{python3_sitelib}/spec_cleaner-%{version}-py%{py3_ver}.egg-info %dir %{_datadir}/%{name}/ %{_datadir}/%{name}/excludes-bracketing.txt %{_datadir}/%{name}/licenses_changes.txt ++++++ spec-cleaner-0.5.9.tar.gz -> spec-cleaner-0.6.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/.gitignore new/spec-cleaner-spec-cleaner-0.6.1/.gitignore --- old/spec-cleaner-spec-cleaner-0.5.9/.gitignore 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/.gitignore 2014-08-13 14:23:57.000000000 +0200 @@ -1 +1,6 @@ +build/ +dist/ +*.egg-info/ *.pyc +.coverage +.coveralls.yml diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/.travis.yml new/spec-cleaner-spec-cleaner-0.6.1/.travis.yml --- old/spec-cleaner-spec-cleaner-0.5.9/.travis.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/.travis.yml 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,11 @@ +language: python +python: + - "2.7" + - "3.3" +install: + - pip install python-coveralls mock + - sudo apt-get install -y rpm +script: + - nosetests --with-coverage --cover-package=spec_cleaner --cover-inclusive +after_success: + - coveralls diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/MANIFEST.in new/spec-cleaner-spec-cleaner-0.6.1/MANIFEST.in --- old/spec-cleaner-spec-cleaner-0.5.9/MANIFEST.in 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/MANIFEST.in 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,5 @@ +include AUTHORS COPYING README.rst +include obs/* +include data/*.txt +recursive-include tests * +include pkgconfig-update.* license-update.sh Makefile diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/Makefile new/spec-cleaner-spec-cleaner-0.6.1/Makefile --- old/spec-cleaner-spec-cleaner-0.5.9/Makefile 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/Makefile 2014-08-13 14:23:57.000000000 +0200 @@ -1,10 +1,3 @@ -PREFIX ?= /usr -BINDIR ?= $(PREFIX)/bin -DATADIR ?= $(PREFIX)/share -LIBEXECDIR ?= $(PREFIX)/libexec -LIBDIR ?= $(PREFIX)/lib -SITEDIR ?= $(LIBDIR)/python2.7/site-packages - all: data/pkgconfig_conversions.txt data/licenses_changes.txt data/pkgconfig_conversions.txt: pkgconfig-update.sed pkgconfig-update.sh @@ -12,87 +5,3 @@ data/licenses_changes.txt: license-update.sh @sh license-update.sh > $@ - -install: bin/spec-cleaner - @echo "Installing package to $(DESTDIR)" ; \ - install -d $(DESTDIR)$(BINDIR) ; \ - install -m 755 bin/spec-cleaner $(DESTDIR)/$(BINDIR) - @install -d $(DESTDIR)$(DATADIR)/spec-cleaner/ ; \ - install -m 644 data/licenses_changes.txt $(DESTDIR)$(DATADIR)/spec-cleaner/ ; \ - install -m 644 data/pkgconfig_conversions.txt $(DESTDIR)$(DATADIR)/spec-cleaner/ ; \ - install -m 644 data/excludes-bracketing.txt $(DESTDIR)$(DATADIR)/spec-cleaner/ - @install -d $(DESTDIR)$(LIBEXECDIR)/obs/service/ ; \ - install -m 755 obs/clean_spec_file $(DESTDIR)$(LIBEXECDIR)/obs/service/ ; \ - install -m 644 obs/clean_spec_file.service $(DESTDIR)$(LIBEXECDIR)/obs/service/ - @install -d $(DESTDIR)$(SITEDIR)/spec_cleaner ; \ - install -m 755 spec_cleaner/__init__.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmcleaner.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmcopyright.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmexception.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmsection.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/fileutils.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmbuild.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmdescription.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmfiles.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpminstall.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmpreamble.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmprep.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmprune.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmscriplets.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmregexp.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ ; \ - install -m 644 spec_cleaner/rpmcheck.py $(DESTDIR)$(SITEDIR)/spec_cleaner/ - -test: check - -check: spec_cleaner/__init__.py - @if [ -x /usr/bin/python2 ]; then \ - echo "Running tests in python2:" ; \ - for i in tests/in/*.spec; do \ - CORRECT="`echo $$i | sed 's|^tests/in|tests/out|'`" ; \ - NEW="` echo $$i | sed 's|^tests/in|tests/tmp|'`" ; \ - TEST="` echo $$i | sed 's|^tests/in/$.*$.spec|\1|'`" ; \ - python2 spec_cleaner/__init__.py -p -f $$i | sed "s|`date +%Y`|2013|" > "$$NEW" ; \ - echo -n " * test '$$TEST': " ; \ - if [ "`diff "$$CORRECT" "$$NEW" 2>&1`" ]; then \ - echo "failed" ; \ - FAILED="$$FAILED $$TEST" ; \ - else \ - echo "passed" ; \ - fi ; \ - done ; \ - fi ; \ - if [ -x /usr/bin/python3 ]; then \ - echo "Running tests in python3:" ; \ - for i in tests/in/*.spec; do \ - CORRECT="`echo $$i | sed 's|^tests/in|tests/out|'`" ; \ - NEW="` echo $$i | sed 's|^tests/in|tests/tmp|'`" ; \ - TEST="` echo $$i | sed 's|^tests/in/$.*$.spec|\1|'`" ; \ - python3 spec_cleaner/__init__.py -p -f $$i | sed "s|`date +%Y`|2013|" > "$$NEW" ; \ - echo -n " * test '$$TEST': " ; \ - if [ "`diff "$$CORRECT" "$$NEW" 2>&1`" ]; then \ - echo "failed" ; \ - FAILED="$$FAILED $$TEST" ; \ - else \ - echo "passed" ; \ - fi ; \ - done ; \ - fi ; \ - echo ; \ - if [ "$$FAILED" ]; then \ - echo "`echo $$FAILED | wc -w` tests out of `echo tests/in/*.spec | wc -w` failed:" ; \ - echo " $$FAILED" ; \ - echo ; \ - echo "Check errors by running:"; \ - for i in $$FAILED; do echo " diff -Naru tests/out/$$i.spec tests/tmp/$$i.spec"; done; \ - echo ; \ - exit 1 ; \ - else \ - echo "All tests passed!" ; \ - echo ; \ - fi - -clean: - rm -rf tests/tmp/* \ - rm -rf spec_cleaner/*.pyc - -.PHONY: install check test clean diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/README.md new/spec-cleaner-spec-cleaner-0.6.1/README.md --- old/spec-cleaner-spec-cleaner-0.5.9/README.md 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/README.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,5 +0,0 @@ -spec-cleaner -============ - -spec-cleaner is a tool that is planned to be replacement for "osc service localrun format_spec_file". -It is intended to provide same or better features in order for us to be able to unify all the spec files in obs. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/README.rst new/spec-cleaner-spec-cleaner-0.6.1/README.rst --- old/spec-cleaner-spec-cleaner-0.5.9/README.rst 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/README.rst 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,11 @@ +============ +spec-cleaner +============ + +.. image:: https://travis-ci.org/openSUSE/spec-cleaner.svg?branch=master + :target: https://travis-ci.org/openSUSE/spec-cleaner +.. image:: https://coveralls.io/repos/openSUSE/spec-cleaner/badge.png + :target: https://coveralls.io/r/openSUSE/spec-cleaner + +spec-cleaner is a tool that is planned to be replacement for "osc service localrun format_spec_file". +It is intended to provide same or better features in order for us to be able to unify all the spec files in obs. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/bin/spec-cleaner new/spec-cleaner-spec-cleaner-0.6.1/bin/spec-cleaner --- old/spec-cleaner-spec-cleaner-0.5.9/bin/spec-cleaner 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/bin/spec-cleaner 1970-01-01 01:00:00.000000000 +0100 @@ -1,15 +0,0 @@ -#!/usr/bin/env python -# vim: set ts=4 sw=4 et: coding=UTF-8 -# -# Copyright (c) 2013, SUSE LINUX Products GmbH, Nuernberg, Germany -# All rights reserved. -# See COPYING for details. - -import sys - -from spec_cleaner import main - -try: - sys.exit(main(sys.argv[1:])) -except KeyboardInterrupt: - pass diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/data/excludes-bracketing.txt new/spec-cleaner-spec-cleaner-0.6.1/data/excludes-bracketing.txt --- old/spec-cleaner-spec-cleaner-0.5.9/data/excludes-bracketing.txt 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/data/excludes-bracketing.txt 2014-08-13 14:23:57.000000000 +0200 @@ -8,6 +8,7 @@ config defattr define +defined description desktop_database_post[^\s]* dir @@ -55,8 +56,9 @@ py_compile requires_eq restart_on_update -setup service_(add|del)_[^\s]* +setup +set_permissions stop_on_removal suse_update_desktop_file systemd_requires diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/data/licenses_changes.txt new/spec-cleaner-spec-cleaner-0.6.1/data/licenses_changes.txt --- old/spec-cleaner-spec-cleaner-0.5.9/data/licenses_changes.txt 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/data/licenses_changes.txt 2014-08-13 14:23:57.000000000 +0200 @@ -167,6 +167,7 @@ CC-BY-SA-3.0 CC BY-SA V3.0 CC-BY-SA-3.0 CC-BY-SA-3.0 CC-BY-SA-3.0+ CC-BY-SA-3.0+ +CC-BY-SA-4.0 http://creativecommons.org/licenses/by-sa/4.0/legalcode CC0-1.0 CC0-1.0 CC0-1.0+ CC0-1.0+ CDDL-1.0 CDDL @@ -514,6 +515,7 @@ OLDAP-2.8 openldap 2.8 OLDAP-2.8+ OLDAP-2.8+ OPL-1.0 OPL-1.0 +OPL-1.0 Open Publication License 1.0 OPL-1.0+ OPL-1.0+ OSL-1.0 OSL-1.0 OSL-1.0+ OSL-1.0+ @@ -561,6 +563,7 @@ Ruby GPL-2.0+ or Ruby Ruby GPLv2+ or Ruby Ruby Ruby +Ruby same as ruby's Ruby+ Ruby+ SAX-PD SAX-PD SAX-PD+ SAX-PD+ @@ -598,6 +601,8 @@ SUSE-DMTF+ SUSE-DMTF+ SUSE-Docbook-XSL Copyright (C) 1999-2007 Norman Walsh SUSE-Docbook-XSL+ SUSE-Docbook-XSL+ +SUSE-EULA SUSE End User License Agreement +SUSE-EULA+ SUSE-EULA+ SUSE-Egenix-1.1.0 Egenix Public License Agreement 1.1.0 (e.g. python-egenix-mx-base) http://www.egenix.com/products/python/mxBase/eGenix.com-Public-License-1.1.… SUSE-Egenix-1.1.0+ SUSE-Egenix-1.1.0+ SUSE-FHS See for example, the "FHS" license here: https://launchpad.net/ubuntu/precise/+source/debian-policy/+copyright @@ -623,6 +628,8 @@ SUSE-GPL-2.0-with-FLOSS-exception+ SUSE-GPL-2.0-with-FLOSS-exception+ SUSE-GPL-2.0-with-OSI-exception GPL-2.0 with linking exception for OSI licenses (see elfutils e.g.) SUSE-GPL-2.0-with-OSI-exception+ SUSE-GPL-2.0-with-OSI-exception+ +SUSE-GPL-2.0-with-linking-exception Copyright holder expressly allows GPL-2.0 component to be linked with components which are not GPL compatible +SUSE-GPL-2.0-with-linking-exception+ SUSE-GPL-2.0-with-linking-exception+ SUSE-GPL-2.0-with-openssl-exception SPDX does not have this exception SUSE-GPL-2.0-with-openssl-exception+ SUSE-GPL-2.0-with-openssl-exception+ SUSE-GPL-2.0-with-plugin-exception Many GPL-2.0 licensed applications grant an exception that permits non-free plugins (e.g. from gstreamer) to be linked against them @@ -671,12 +678,16 @@ SUSE-LGPL-2.1-with-digia-exception-1.1+ SUSE-LGPL-2.1-with-digia-exception-1.1+ SUSE-LGPL-2.1-with-nokia-exception-1.1 Part of the license choice in libqt4 SUSE-LGPL-2.1-with-nokia-exception-1.1+ SUSE-LGPL-2.1-with-nokia-exception-1.1+ +SUSE-LGPL-3.0-with-openssl-exception e.g python-psycopg2 +SUSE-LGPL-3.0-with-openssl-exception+ SUSE-LGPL-3.0-with-openssl-exception+ SUSE-Liberation LiberationFontsLicense (Fedora calls this the Liberation license - it will be easier to get it upstream if we adopt that) SUSE-Liberation+ SUSE-Liberation+ SUSE-MakeIndex http://pastebin.com/CYB22gju (the license used in csindex) SUSE-MakeIndex+ SUSE-MakeIndex+ SUSE-Manpages Manpages licenses (linux man pages e.g.) SUSE-Manpages+ SUSE-Manpages+ +SUSE-Matplotlib E.g. python -matplotlib -> LICENSE/LICENSE +SUSE-Matplotlib+ SUSE-Matplotlib+ SUSE-MgOpen MgOpen Fonts license (similar to Bitstream Vera but with additional language) SUSE-MgOpen+ SUSE-MgOpen+ SUSE-NetCDF SUSE-NetCDF @@ -733,10 +744,10 @@ SUSE-TGPPL-1.0+ SUSE-TGPPL-1.0+ SUSE-TeX http://en.wikipedia.org/wiki/TeX#License SUSE-TeX+ SUSE-TeX+ +SUSE-Ubuntu-Font-License-1.0 http://font.ubuntu.com/licence/ +SUSE-Ubuntu-Font-License-1.0+ SUSE-Ubuntu-Font-License-1.0+ SUSE-Vim SUSE-Vim SUSE-Vim+ SUSE-Vim+ -SUSE-WTFPL-2.0 http://sam.zoy.org/wtfpl/ -SUSE-WTFPL-2.0+ SUSE-WTFPL-2.0+ SUSE-XFree86-with-font-exception XFree86 with exception to clarify that a document embedding such fonts does not need to be licensed under the XFree86 license SUSE-XFree86-with-font-exception+ SUSE-XFree86-with-font-exception+ SUSE-XSL-Lint http://pastebin.com/cFxX3zCb (probably deprecated but found in docbook-dsssl-stylesheets) @@ -757,6 +768,7 @@ Sleepycat+ Sleepycat+ SugarCRM-1.1.3 SugarCRM-1.1.3 SugarCRM-1.1.3+ SugarCRM-1.1.3+ +Unicode http://www.unicode.org/copyright.html Unlicense Unlicense Unlicense+ Unlicense+ VSL-1.0 VSL-1.0 @@ -764,6 +776,7 @@ W3C W3C W3C W3C Software License W3C+ W3C+ +WTFPL SUSE-WTFPL-2.0 WTFPL WTFPL WTFPL+ WTFPL+ WXwindows WXwindows diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/setup.py new/spec-cleaner-spec-cleaner-0.6.1/setup.py --- old/spec-cleaner-spec-cleaner-0.5.9/setup.py 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/setup.py 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,45 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from setuptools import setup +import glob +from spec_cleaner import __version__ + +test_requires = [ + 'mock', + 'nose', +] + +setup( + name='spec_cleaner', + description = 'RPM .spec files cleaner', + long_description = 'Command-line tool for cleaning various formatting' + + 'errors in RPM .spec files', + url = 'https://github.com/openSUSE/spec-cleaner', + download_url = 'https://github.com/openSUSE/spec-cleaner', + + version = __version__, + + author = 'Tomáš Chvátal', + author_email = 'tchvatal(a)suse.cz', + + maintainer = 'Tomáš Chvátal', + maintainer_email = 'tchvatal(a)suse.cz', + + license = 'License :: OSI Approved :: BSD License', + platforms = ['Linux'], + keywords = ['SUSE', 'RPM', '.spec', 'cleaner'], + + tests_require=test_requires, + test_suite="nose.collector", + + packages = ['spec_cleaner'], + + data_files=[('/usr/lib/obs/service/', glob.glob('obs/*')), + ('/usr/share/spec-cleaner/', glob.glob('data/*')), + ], + + entry_points = { + 'console_scripts': ['spec-cleaner = spec_cleaner:main']}, +) + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/__init__.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/__init__.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/__init__.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/__init__.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,18 +1,17 @@ -#!/usr/bin/env python # vim: set ts=4 sw=4 et: coding=UTF-8 # Copyright (c) 2013, SUSE LINUX Products GmbH, Nuernberg, Germany # All rights reserved. # See COPYING for details. -__version__ = '0.5.9' +__version__ = '0.6.1' import os import sys import argparse -from rpmexception import RpmWrongArgs, RpmException -from rpmcleaner import RpmSpecCleaner +from .rpmexception import RpmWrongArgs, RpmException +from .rpmcleaner import RpmSpecCleaner def process_args(argv): @@ -66,15 +65,14 @@ return options -def main(argv): +def main(): """ Main function that calls argument parsing ensures their sanity and then creates RpmSpecCleaner object that works with passed spec file. - :param argv: passed arguments """ try: - options = process_args(argv) + options = process_args(sys.argv[1:]) except RpmWrongArgs as e: sys.stderr.write('ERROR: {0}\n'.format(e)) return 1 @@ -92,9 +90,3 @@ return 1 return 0 - -if __name__ == '__main__': - try: - sys.exit(main(sys.argv[1:])) - except KeyboardInterrupt: - pass diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/fileutils.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/fileutils.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/fileutils.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/fileutils.py 2014-08-13 14:23:57.000000000 +0200 @@ -2,7 +2,7 @@ import os -from rpmexception import RpmException +from .rpmexception import RpmException class FileUtils: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmbuild.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmbuild.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmbuild.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmbuild.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,7 +1,7 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 # We basically extend rpmcheck -from rpmcheck import RpmCheck +from .rpmcheck import RpmCheck class RpmBuild(RpmCheck): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmcheck.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmcheck.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmcheck.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmcheck.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,6 +1,6 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 -from rpmsection import Section +from .rpmsection import Section class RpmCheck(Section): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmcleaner.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmcleaner.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmcleaner.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmcleaner.py 2014-08-13 14:23:57.000000000 +0200 @@ -7,21 +7,21 @@ import shlex import os.path -from rpmsection import Section -from rpmexception import RpmException -from rpmcopyright import RpmCopyright -from rpmdescription import RpmDescription -from rpmprune import RpmClean -from rpmprune import RpmChangelog -from rpmpreamble import RpmPreamble -from rpmpreamble import RpmPackage -from rpmprep import RpmPrep -from rpmbuild import RpmBuild -from rpmcheck import RpmCheck -from rpminstall import RpmInstall -from rpmscriplets import RpmScriptlets -from rpmfiles import RpmFiles -from rpmregexp import RegexpSingle +from .rpmsection import Section +from .rpmexception import RpmException +from .rpmcopyright import RpmCopyright +from .rpmdescription import RpmDescription +from .rpmprune import RpmClean +from .rpmprune import RpmChangelog +from .rpmpreamble import RpmPreamble +from .rpmpreamble import RpmPackage +from .rpmprep import RpmPrep +from .rpmbuild import RpmBuild +from .rpmcheck import RpmCheck +from .rpminstall import RpmInstall +from .rpmscriplets import RpmScriptlets +from .rpmfiles import RpmFiles +from .rpmregexp import RegexpSingle class RpmSpecCleaner: @@ -97,8 +97,10 @@ # check if the current line is starting new section, and if so # if previous non-empty-uncommented line was starting the condition # we end up the condition section in preamble (if applicable) and proceed to output - if self.reg.re_else.match(line) or self.reg.re_endif.match(line): - if hasattr(self.current_section, 'condition') and not self.current_section.condition: + if self.reg.re_else.match(line) or self.reg.re_endif.match(line) or \ + (type(self.current_section) is Section and self.reg.re_if.match(line)): + if not hasattr(self.current_section, 'condition') or \ + (hasattr(self.current_section, 'condition') and not self.current_section.condition): # If we have to break out we go ahead with small class # which just print the one evil line return Section @@ -107,10 +109,9 @@ for (regexp, newclass) in self.section_starts: if regexp.match(line): # check if we are in if conditional and act accordingly if we change sections - if self._previous_nonempty_line and self.reg.re_if.match(self._previous_nonempty_line): - if hasattr(self.current_section, 'condition'): - self.current_section.condition = False - self.current_section._end_subparagraph(True) + if hasattr(self.current_section, 'condition') and self.current_section.condition: + self.current_section.condition = False + self.current_section._end_subparagraph(True) return newclass # if we still are here and we are just doing copyright @@ -127,8 +128,8 @@ # This avoids deleting %if before %files section that could # be deleted otherwise if isinstance(self.current_section, RpmClean): - if line == '': - return RpmPreamble + if line.strip() == '': + return Section # we are staying in the section return None @@ -150,13 +151,28 @@ line = line.rstrip('\r') new_class = self._detect_new_section(line) + # Following line is debug output with class info + # USE: 'spec-cleaner file > /dev/null' to see the stderr output + #sys.stderr.write("class: '{0}' line: '{1}'\n".format(new_class, line)) if new_class: - self.current_section.output(self.fout) + # We don't want to print newlines before %else and %endif + if new_class == Section and self.reg.re_else.match(line) or self.reg.re_endif.match(line): + newline = False + else: + newline = True + self.current_section.output(self.fout, newline) # we need to sent pkgconfig option to preamble and package if new_class == RpmPreamble or new_class == RpmPackage: self.current_section = new_class(self.specfile, self.pkgconfig) else: self.current_section = new_class(self.specfile) + # skip empty line adding if we are switching sections + if self._previous_line == '' and line == '': + continue + + # Do not store data from clean and skip out here + if isinstance(self.current_section, RpmClean): + continue self.current_section.add(line) self._previous_line = line diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmcopyright.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmcopyright.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmcopyright.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmcopyright.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,9 +1,9 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 import os -import time +import datetime -from rpmsection import Section +from .rpmsection import Section class RpmCopyright(Section): @@ -13,8 +13,10 @@ that are still relevant. Everything else is ignored. """ - copyrights = [] - buildrules = [] + def __init__(self, specfile): + Section.__init__(self, specfile) + self.copyrights = [] + self.buildrules = [] def _add_pkg_header(self): specname = os.path.splitext(os.path.basename(self.spec))[0] @@ -24,7 +26,7 @@ def _create_default_copyright(self): - year = time.strftime('%Y', time.localtime(time.time())) + year = datetime.datetime.now().year return '# Copyright (c) {0} SUSE LINUX Products GmbH, Nuernberg, Germany.'.format(year) @@ -77,7 +79,7 @@ return - def output(self, fout): + def output(self, fout, newline = True): self._add_pkg_header() self._add_copyright() self._add_default_license() @@ -85,4 +87,4 @@ # trailing enters # prep_spec does two so do the same self.lines.append('') self.lines.append('') - Section.output(self, fout) + Section.output(self, fout, newline) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmdescription.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmdescription.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmdescription.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmdescription.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,6 +1,6 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 -from rpmsection import Section +from .rpmsection import Section class RpmDescription(Section): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmfiles.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmfiles.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmfiles.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmfiles.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,6 +1,6 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 -from rpmsection import Section +from .rpmsection import Section class RpmFiles(Section): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpminstall.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpminstall.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpminstall.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpminstall.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,6 +1,6 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 -from rpmsection import Section +from .rpmsection import Section class RpmInstall(Section): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmpreamble.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmpreamble.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmpreamble.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmpreamble.py 2014-08-13 14:23:57.000000000 +0200 @@ -2,9 +2,9 @@ import re -from rpmsection import Section -from fileutils import FileUtils -from rpmexception import RpmException +from .rpmsection import Section +from .fileutils import FileUtils +from .rpmexception import RpmException LICENSES_CHANGES = 'licenses_changes.txt' @@ -33,18 +33,6 @@ line, even if we reorder the lines. """ - # Old storage - _oldstore = [] - - # Is the parsed variable multiline (ending with \) - multiline = False - - # Are we inside of conditional or not - condition = False - - # Is the condition with define or just regular one - _condition_define = False - category_to_key = { 'name': 'Name', 'version': 'Version', @@ -74,6 +62,8 @@ categories_order = [ 'define', 'define_conditions', + 'bconds', + 'bcond_conditions', 'name', 'version', 'release', @@ -122,6 +112,16 @@ def __init__(self, specfile, pkgconfig): Section.__init__(self, specfile) + # Old storage + self._oldstore = [] + # Is the parsed variable multiline (ending with \) + self.multiline = False + # Are we inside of conditional or not + self.condition = False + # Is the condition with define/global variables + self._condition_define = False + # Is the condition based probably on bcond evaluation + self._condition_bcond = False # do we want pkgconfig self.pkgconfig = pkgconfig # dict of license replacement options @@ -278,15 +278,26 @@ # If we are on endif we check the condition content # and if we find the defines we put it on top. - if endif: + if endif or not self.condition: if self._condition_define: + # If we have define conditions and possible bcond start + # we need to put it bellow bcond definitions as otherwise + # the switches do not have any effect + if self._condition_bcond: + self.paragraph['bcond_conditions'] += self.paragraph['conditions'] + else: + self.paragraph['define_conditions'] += self.paragraph['conditions'] # in case the nested condition contains define we consider all parents - # to require to be on top too + # to require to be on top too; if len(self._oldstore) == 0: self._condition_define = False - self.paragraph['define_conditions'] += self.paragraph['conditions'] else: self.paragraph['build_conditions'] += self.paragraph['conditions'] + + # bcond must be reseted when on top and can be set even outside of the + # define scope. So reset it here always + if len(self._oldstore) == 0: + self._condition_bcond = False self.paragraph['conditions'] = [] @@ -303,12 +314,11 @@ self.paragraph[i].sort(key=self._sort_helper_key) for group in self.paragraph[i]: lines += self._add_group(group) - if self.current_group: # the current group was not added to any category. It's just some # random stuff that should be at the end anyway. lines += self._add_group(self.current_group) - + self.current_group = '' return lines @@ -357,6 +367,10 @@ if not self.previous_line.startswith('#'): self.current_group.append('# FIXME: Use %requires_eq macro instead') return [ value ] + # we also skip all various rpm-macroed content as it is usually not easy + # to determine how that should be split + if value.startswith('%'): + return [ value ] tokens = [ item[1] for item in self.reg.re_requires_token.findall(value) ] # Split based on ',' here as it breaks up pattern matching later on @@ -487,6 +501,9 @@ elif self.reg.re_if.match(line): self._add_line_to('conditions', line) self.condition = True + # check for possibility of the bcond conditional + if "%{with" in line or "%{without" in line: + self._condition_bcond = True self._start_subparagraph() self.previous_line = line return @@ -529,7 +546,11 @@ self._add_line_value_to('patch', match.group(3), key = '%sPatch%s%s' % (match.group(1), zero, match.group(2))) return - elif self.reg.re_define.match(line) or self.reg.re_global.match(line) or self.reg.re_bcond_with.match(line): + elif self.reg.re_bcond_with.match(line): + self._add_line_to('bconds', line) + return + + elif self.reg.re_define.match(line) or self.reg.re_global.match(line) or self.reg.re_onelinecond.match(line): self._add_line_to('define', line) if line.endswith('\\'): self.multiline = True @@ -543,7 +564,7 @@ elif self.reg.re_prereq.match(line): match = self.reg.re_prereq.match(line) # add the comment about using proper macro which needs investingaton - if not self.previous_line.startswith('#'): + if not self.previous_line.startswith('#') and not self.previous_line.startswith('PreReq'): self.current_group.append('# FIXME: use proper Requires(pre/post/preun/...)') self._add_line_value_to('prereq', match.group(1)) return @@ -615,12 +636,10 @@ self._add_line_to('misc', line) - def output(self, fout): + def output(self, fout, newline = True): lines = self._end_paragraph() self.lines += lines - # append empty line to the end of the section - self.lines.append('') - Section.output(self, fout) + Section.output(self, fout, newline) class RpmPackage(RpmPreamble): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmprep.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmprep.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmprep.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmprep.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,6 +1,6 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 -from rpmsection import Section +from .rpmsection import Section class RpmPrep(Section): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmprune.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmprune.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmprune.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmprune.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,6 +1,6 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 -from rpmsection import Section +from .rpmsection import Section class RpmClean(Section): @@ -9,7 +9,7 @@ """ - def output(self, fout): + def output(self, fout, newline = True): pass diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmregexp.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmregexp.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmregexp.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmregexp.py 2014-08-13 14:23:57.000000000 +0200 @@ -3,7 +3,7 @@ import re import os -from fileutils import FileUtils +from .fileutils import FileUtils class Singleton: def __init__(self, klass): @@ -29,7 +29,7 @@ re_spec_install = re.compile('^%install\s*$', re.IGNORECASE) re_spec_clean = re.compile('^%clean\s*$', re.IGNORECASE) re_spec_check = re.compile('^%check\s*$', re.IGNORECASE) - re_spec_scriptlets = re.compile('(?:^%pretrans\s*)|(?:^%pre\s*)|(?:^%post\s*)|(?:^%preun\s*)|(?:^%postun\s*)|(?:^%posttrans\s*)', re.IGNORECASE) + re_spec_scriptlets = re.compile('(?:^%pretrans\s*)|(?:^%pre\s*)|(?:^%post\s*)|(?:^%verifyscript\s*)|(?:^%preun\s*)|(?:^%postun\s*)|(?:^%posttrans\s*)', re.IGNORECASE) re_spec_files = re.compile('^%files\s*', re.IGNORECASE) re_spec_changelog = re.compile('^%changelog\s*$', re.IGNORECASE) @@ -63,12 +63,13 @@ re_epoch = re.compile('^\s*Epoch:\s*(.*)', re.IGNORECASE) re_define = re.compile('^\s*%define\s*(.*)', re.IGNORECASE) re_global = re.compile('^\s*%global\s*(.*)', re.IGNORECASE) - re_bcond_with = re.compile('^\s*%bcond_with\s*(.*)', re.IGNORECASE) + re_bcond_with = re.compile('^\s*%bcond_with(out)?\s*(.*)', re.IGNORECASE) re_requires_token = re.compile('(\s*([^<>=\s]+(\s*[<>=]+\s*[^<>=\s]+)?)\s*)') re_autoreqprov = re.compile('^\s*AutoReqProv:.*$', re.IGNORECASE) # here we need to grab all submacros with rpm calls so just match almost everything re_rpm_command = re.compile('%$.*$') re_requires_eq = re.compile('^\s*%requires_eq\s*(.*)') + re_onelinecond = re.compile('^\s*%{!?[^?]*\?[^:]+:[^}]+}') # rpmbuild re_jobs = re.compile('%{(_smp_mflags|\?_smp_flags|\?jobs:\s*-j\s*%(jobs|{jobs}))}') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmscriplets.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmscriplets.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmscriplets.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmscriplets.py 2014-08-13 14:23:57.000000000 +0200 @@ -1,6 +1,6 @@ # vim: set ts=4 sw=4 et: coding=UTF-8 -from rpmsection import Section +from .rpmsection import Section class RpmScriptlets(Section): @@ -8,7 +8,7 @@ Do %post -p /sbin/ldconfig when only scriplet command is /sbin/ldconfig ''' - def output(self, fout): + def output(self, fout, newline = True): # if we have 2 or 3 lines where last one is empty nolines = len(self.lines) if nolines == 2 or ( nolines == 3 and self.lines[2] == ''): @@ -17,4 +17,4 @@ self.lines = [] self.lines.append('{0} -p /sbin/ldconfig'.format(pkg)) self.lines.append('') - Section.output(self, fout) + Section.output(self, fout, newline) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmsection.py new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmsection.py --- old/spec-cleaner-spec-cleaner-0.5.9/spec_cleaner/rpmsection.py 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/spec_cleaner/rpmsection.py 2014-08-13 14:23:57.000000000 +0200 @@ -2,7 +2,7 @@ import re -from rpmregexp import RegexpSingle +from .rpmregexp import RegexpSingle class Section(object): """ @@ -56,12 +56,23 @@ self.previous_line = line - def output(self, fout): - # always append one empty line at the end if it is not present + def output(self, fout, newline = True): + # Always append one empty line at the end if it is not present # and changelog is trailing part of our spec so do not put nothing # bellow - if self.lines[-1] != '' and self.lines[-1] != '%changelog': - self.lines.append('') + # Also if we are jumping away just after writing one macroed line + # we don't want to create new line + if len(self.lines) >= 1: + if self.lines[-1] != '' and \ + self.lines[-1] != '%changelog' and not \ + self.lines[-1].startswith('%if') and \ + newline: + self.lines.append('') + # remove the newlines around ifs if they are not wanted + if self.lines[-1] == '' and \ + (self.lines[-2].startswith('%if') or + self.lines[-2].startswith('%else')): + self.lines.pop() for line in self.lines: fout.write(line + '\n') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/README new/spec-cleaner-spec-cleaner-0.6.1/tests/README --- old/spec-cleaner-spec-cleaner-0.5.9/tests/README 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/README 1970-01-01 01:00:00.000000000 +0100 @@ -1,10 +0,0 @@ -This is test folder for spec-cleaner repository. - -There are 3 folders in, out and tmp. - -For each spec in the in folder there should be respective -spec in out folder with desired formatting. - -The tmp folder is used for holding the generated spec file -which if differ from out content will fail the testsuite. - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/acceptance-tests.py new/spec-cleaner-spec-cleaner-0.6.1/tests/acceptance-tests.py --- old/spec-cleaner-spec-cleaner-0.5.9/tests/acceptance-tests.py 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/acceptance-tests.py 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,107 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# + +import unittest +import os +import shutil +import tempfile +import difflib +import datetime +from mock import patch + +from spec_cleaner import RpmSpecCleaner + +class TestCompare(unittest.TestCase): + """ + We run individual tests to verify the content compared to expected results + """ + + def setUp(self): + """ + Declare global scope variables for further use. + """ + + self.input_dir = self._get_input_dir() + self.fixtures_dir = self._get_fixtures_dir() + self.tmp_dir = tempfile.mkdtemp() + self.tmp_file_rerun = tempfile.NamedTemporaryFile() + + def tearDown(self): + """ + Remove the tmp directory + """ + shutil.rmtree(self.tmp_dir) + + def _difftext(self, lines1, lines2, junk=None): + junk = junk or (' ', '\t') + # result is a generator + result = difflib.ndiff(lines1, lines2, charjunk=lambda x: x in junk) + read = [] + for line in result: + read.append(line) + # lines that don't start with a ' ' are diff ones + if not line.startswith(' '): + self.fail(''.join(read + list(result))) + + def assertStreamEqual(self, stream1, stream2, junk=None): + """compare two streams (using difflib and readlines())""" + # if stream2 is stream2, readlines() on stream1 will also read lines + # in stream2, so they'll appear different, although they're not + if stream1 is stream2: + return + # make sure we compare from the beginning of the stream + stream1.seek(0) + stream2.seek(0) + # ocmpare + self._difftext(stream1.readlines(), stream2.readlines(), junk) + + def _get_input_dir(self): + """ + Return path for input files used by tests + """ + return os.path.join(os.getcwd(), 'tests/in/') + + def _get_fixtures_dir(self): + """ + Return path for representative output specs + """ + return os.path.join(os.getcwd(), 'tests/out/') + + def _obtain_list_of_tests(self): + """ + Generate list of tests we are going to use according to what is on hdd + """ + + test_files = list() + + for spec in os.listdir(self.fixtures_dir): + if spec.endswith(".spec"): + test_files.append(spec) + + return test_files + + def _run_individual_test(self, infile, outfile): + """ + Run the cleaner as specified and store the output for further comparison. + """ + cleaner = RpmSpecCleaner(infile, outfile, True, False, False, 'vimdiff') + cleaner.run() + + @patch('spec_cleaner.rpmcopyright.datetime') + def test_input_files(self, datetime_mock): + datetime_mock.datetime.now.return_value = (datetime.datetime(2013, 1, 1)) + for test in self._obtain_list_of_tests(): + infile = os.path.join(self.input_dir, test) + compare = os.path.join(self.fixtures_dir, test) + tmp_file = os.path.join(self.tmp_dir, test) + + # first try to generate cleaned content from messed up + self._run_individual_test(infile, tmp_file) + with open(compare) as ref, open(tmp_file) as test: + self.assertStreamEqual(ref, test) + + # second run it again while ensuring it didn't change + self._run_individual_test(tmp_file, self.tmp_file_rerun.name) + with open(compare) as ref, open(self.tmp_file_rerun.name) as test: + self.assertStreamEqual(ref, test) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/in/bconds.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/in/bconds.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/in/bconds.spec 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/in/bconds.spec 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,46 @@ +%{!?aarch64:%global aarch64 aarch64 arm64 armv8} +%global jit_arches %ix86 x86_64 %{aarch64} ppc64 ppc64le +%global test_arches %ix86 x86_64 ppc64 ppc64le +%global icedtea_version 2.5.1 +%global icedtea_sound_version 1.0.1 +%global mauvedate 2008-10-22 +%global buildoutputdir openjdk.build/ +# Convert an absolute path to a relative path. Each symbolic link is +# specified relative to the directory in which it is installed so that +# it will resolve properly within chrooted installations. +%global script 'use File::Spec; print File::Spec->abs2rel($ARGV[0], $ARGV[1])' +%global abs2rel perl -e %{script} +# Standard JPackage naming and versioning defines. +%global priority 17147 +%global javaver 1.7.0 +%global buildver 65 +# Standard JPackage directories and symbolic links. +%global sdklnk java-%{javaver}-openjdk +%global archname %{sdklnk} +%global jrelnk jre-%{javaver}-openjdk +%global sdkdir %{sdklnk}-%{javaver} +%global jredir %{sdkdir}/jre +%global sdkbindir %{_jvmdir}/%{sdklnk}/bin +%global jrebindir %{_jvmdir}/%{jrelnk}/bin +%global jvmjardir %{_jvmjardir}/%{sdkdir} +%global jvmjarlink %{_jvmjardir}/%{sdklnk} +# Prevent brp-java-repack-jars from being run. +%global __jar_repack 0 +# cacert symlink +%global cacerts %{_jvmdir}/%{jredir}/lib/security/cacerts +# real file made by update-ca-certificates +%global javacacerts %{_var}/lib/ca-certificates/java-cacerts +%global with_default_hotspot_tarball 1 +%ifarch %{aarch64} +%global _with_bootstrap 1 +%global _with_zero 1 +%endif +# turn zero on non jit arches by default +%ifnarch %{jit_arches} +%global _with_zero 1 +%endif +%bcond_with zero +%bcond_without bootstrap +%if %{with zero} +%define something 1 +%endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/in/cleansectionbig.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/in/cleansectionbig.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/in/cleansectionbig.spec 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/in/cleansectionbig.spec 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,29 @@ + +%clean +rm -rf %{buildroot} + +%if 0%{?suse_version} +# TODO(must): Determine sensible non-SUSE versions of these, +# in particular restart_on_update and stop_on_removal. + +%verifyscript +%verify_permissions -e %{_sbindir}/hawk_chkpwd +%verify_permissions -e %{_sbindir}/hawk_invoke + +%pre +%service_add_pre hawk.service + +%post +%set_permissions %{_sbindir}/hawk_chkpwd +%set_permissions %{_sbindir}/hawk_invoke +%service_add_post hawk.service + +%preun +%service_del_preun hawk.service + +%postun +%service_del_postun hawk.service + +%triggerin -- lighttpd +%restart_on_update hawk +%endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/in/requires.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/in/requires.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/in/requires.spec 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/in/requires.spec 2014-08-13 14:23:57.000000000 +0200 @@ -6,6 +6,9 @@ Requires: aaa<3.2.1 zzz pkgconfig(glib-2.0) perl(DBD::SQLite) Requires: rrr >= %{version} kkk -PreReq: iii <= 4.2.1 jjj> %{version} eee=%{version}-%{release} bbb +PreReq: iii <= 4.2.1 jjj> %{version} eee=%{version}-%{release} aaa PreReq: aaa<3.2.1 zzz PreReq: rrr >= %{version} kkk + +BuildRequires: %{rubygem fast_gettext} +BuildRequires: %{rubygem rails >= 3.2} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/bconds.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/bconds.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/bconds.spec 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/bconds.spec 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,65 @@ +# +# spec file for package bconds +# +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + + +%{!?aarch64:%global aarch64 aarch64 arm64 armv8} +%global jit_arches %ix86 x86_64 %{aarch64} ppc64 ppc64le +%global test_arches %ix86 x86_64 ppc64 ppc64le +%global icedtea_version 2.5.1 +%global icedtea_sound_version 1.0.1 +%global mauvedate 2008-10-22 +%global buildoutputdir openjdk.build/ +# Convert an absolute path to a relative path. Each symbolic link is +# specified relative to the directory in which it is installed so that +# it will resolve properly within chrooted installations. +%global script 'use File::Spec; print File::Spec->abs2rel($ARGV[0], $ARGV[1])' +%global abs2rel perl -e %{script} +# Standard JPackage naming and versioning defines. +%global priority 17147 +%global javaver 1.7.0 +%global buildver 65 +# Standard JPackage directories and symbolic links. +%global sdklnk java-%{javaver}-openjdk +%global archname %{sdklnk} +%global jrelnk jre-%{javaver}-openjdk +%global sdkdir %{sdklnk}-%{javaver} +%global jredir %{sdkdir}/jre +%global sdkbindir %{_jvmdir}/%{sdklnk}/bin +%global jrebindir %{_jvmdir}/%{jrelnk}/bin +%global jvmjardir %{_jvmjardir}/%{sdkdir} +%global jvmjarlink %{_jvmjardir}/%{sdklnk} +# Prevent brp-java-repack-jars from being run. +%global __jar_repack 0 +# cacert symlink +%global cacerts %{_jvmdir}/%{jredir}/lib/security/cacerts +# real file made by update-ca-certificates +%global javacacerts %{_var}/lib/ca-certificates/java-cacerts +%global with_default_hotspot_tarball 1 +%ifarch %{aarch64} +%global _with_bootstrap 1 +%global _with_zero 1 +%endif +# turn zero on non jit arches by default +%ifnarch %{jit_arches} +%global _with_zero 1 +%endif +%bcond_with zero +%bcond_without bootstrap +%if %{with zero} +%define something 1 +%endif + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/cleansection.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/cleansection.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/cleansection.spec 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/cleansection.spec 2014-08-13 14:23:57.000000000 +0200 @@ -20,7 +20,6 @@ install bla %ifarch x86 - %files -n something %defattr(-,root,root) /bin/bla diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/cleansectionbig.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/cleansectionbig.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/cleansectionbig.spec 1970-01-01 01:00:00.000000000 +0100 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/cleansectionbig.spec 2014-08-13 14:23:57.000000000 +0200 @@ -0,0 +1,44 @@ +# +# spec file for package cleansectionbig +# +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + + +%if 0%{?suse_version} +# TODO(must): Determine sensible non-SUSE versions of these, +# in particular restart_on_update and stop_on_removal. + +%verifyscript +%verify_permissions -e %{_sbindir}/hawk_chkpwd +%verify_permissions -e %{_sbindir}/hawk_invoke + +%pre +%service_add_pre hawk.service + +%post +%set_permissions %{_sbindir}/hawk_chkpwd +%set_permissions %{_sbindir}/hawk_invoke +%service_add_post hawk.service + +%preun +%service_del_preun hawk.service + +%postun +%service_del_postun hawk.service + +%triggerin -- lighttpd +%restart_on_update hawk +%endif + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/conditionalpkgs.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/conditionalpkgs.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/conditionalpkgs.spec 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/conditionalpkgs.spec 2014-08-13 14:23:57.000000000 +0200 @@ -49,16 +49,14 @@ http://httpd.apache.org/docs-2.2/upgrading.html. %if %{worker} - %package worker Summary: Apache 2 worker MPM (Multi-Processing Module) Group: Productivity/Networking/Web/Servers Requires: %{name} = %{version} Provides: %{pname}-MPM - %endif -%if %{prefork} +%if %{prefork} %package prefork Summary: Apache 2 "prefork" MPM (Multi-Processing Module) Group: Productivity/Networking/Web/Servers @@ -67,24 +65,21 @@ %if 0%{?suse_version} >= 901 && 0%{?sles_version} != 9 Provides: apache:%{_sbindir}/httpd %endif - %endif -%if %{event} +%if %{event} %package event Summary: Apache 2 event MPM (Multi-Processing Module) Group: Productivity/Networking/Web/Servers Requires: %{name} = %{version} Provides: %{pname}-MPM - %endif -%if %{itk} +%if %{itk} %package itk Summary: Apache 2 "ITK" MPM (Multi-Processing Module) Group: Productivity/Networking/Web/Servers Requires: %{name} = %{version} Provides: %{pname}-MPM - %endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/conditions.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/conditions.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/conditions.spec 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/conditions.spec 2014-08-13 14:23:57.000000000 +0200 @@ -32,7 +32,6 @@ %if %{distro} == "suse" # FIXME: use proper Requires(pre/post/preun/...) PreReq: %insserv_prereq -# FIXME: use proper Requires(pre/post/preun/...) PreReq: aaa_base %endif %if %{with editor} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/requires.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/requires.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/requires.spec 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/requires.spec 2014-08-13 14:23:57.000000000 +0200 @@ -16,6 +16,8 @@ # +BuildRequires: %{rubygem fast_gettext} +BuildRequires: %{rubygem rails >= 3.2} BuildRequires: aaa < 3.2.1 BuildRequires: bbb BuildRequires: eee = %{version}-%{release} @@ -35,13 +37,11 @@ Requires: zzz Requires: pkgconfig(glib-2.0) # FIXME: use proper Requires(pre/post/preun/...) +PreReq: aaa PreReq: aaa < 3.2.1 -# FIXME: use proper Requires(pre/post/preun/...) -PreReq: bbb PreReq: eee = %{version}-%{release} PreReq: iii <= 4.2.1 PreReq: jjj > %{version} -# FIXME: use proper Requires(pre/post/preun/...) PreReq: kkk PreReq: rrr >= %{version} PreReq: zzz diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/rpmcallpkg.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/rpmcallpkg.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/rpmcallpkg.spec 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/rpmcallpkg.spec 2014-08-13 14:23:57.000000000 +0200 @@ -17,7 +17,6 @@ %if %{with kde4} - %package -n %{name}-client-kde4 Summary: KDE 4 Backend for sflphone Group: Productivity/Telephony/SIP/Clients diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/out/sourcespatches.spec new/spec-cleaner-spec-cleaner-0.6.1/tests/out/sourcespatches.spec --- old/spec-cleaner-spec-cleaner-0.5.9/tests/out/sourcespatches.spec 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/out/sourcespatches.spec 2014-08-13 14:23:57.000000000 +0200 @@ -16,10 +16,10 @@ # -%bcond_with self_hosting # this is crazy define %define root %{version} %global test somethingelse +%bcond_with self_hosting Source: testfile.tar.bz2 Source2: testfile2.tar.bz2 Source15: anothersource.tar.xz diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec-cleaner-spec-cleaner-0.5.9/tests/tmp/.gitignore new/spec-cleaner-spec-cleaner-0.6.1/tests/tmp/.gitignore --- old/spec-cleaner-spec-cleaner-0.5.9/tests/tmp/.gitignore 2014-07-08 13:17:58.000000000 +0200 +++ new/spec-cleaner-spec-cleaner-0.6.1/tests/tmp/.gitignore 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -*.spec -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit shorewall for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2014-09-03 18:22:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "shorewall" Changes: -------- --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-08-15 09:56:20.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-09-03 21:09:38.000000000 +0200 @@ -1,0 +2,23 @@ +Sun Aug 31 17:24:13 UTC 2014 - toganm(a)opensuse.org + +- Update to version 4.6.3.1 For more details see changelog.txt and + releasenotes.tx + * The DNSAmp action released in 4.6.3 matched more packets than it + should have. That has now been corrected. + * The handling of REJECT in IP[6]TABLES rules has been clarified + inthe shorewall-rules(5) and shorewall6-rules(5) manpages. + * The following misleading error message has now been corrected: + + ERROR: The xxx TARGET is now allowed in the filter table + + The message now reads: + + ERROR: The xxx TARGET is not allowed in the filter table + +- Spec fixes + + * Fixed shorewall-init requires so it needs shoreline-firewall + which is an alias for shorewall shorewall6 shorewall-lite and + shorewall6-lite packages + * shorewall-init package was missing a rc link +------------------------------------------------------------------- Old: ---- shorewall-4.6.2.5.tar.bz2 shorewall-core-4.6.2.5.tar.bz2 shorewall-docs-html-4.6.2.5.tar.bz2 shorewall-init-4.6.2.5.tar.bz2 shorewall-lite-4.6.2.5.tar.bz2 shorewall6-4.6.2.5.tar.bz2 shorewall6-lite-4.6.2.5.tar.bz2 New: ---- shorewall-4.6.3.1.tar.bz2 shorewall-core-4.6.3.1.tar.bz2 shorewall-docs-html-4.6.3.1.tar.bz2 shorewall-init-4.6.3.1.tar.bz2 shorewall-lite-4.6.3.1.tar.bz2 shorewall6-4.6.3.1.tar.bz2 shorewall6-lite-4.6.3.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ shorewall.spec ++++++ --- /var/tmp/diff_new_pack.YNKUe7/_old 2014-09-03 21:09:40.000000000 +0200 +++ /var/tmp/diff_new_pack.YNKUe7/_new 2014-09-03 21:09:40.000000000 +0200 @@ -20,19 +20,19 @@ %define have_systemd 1 Name: shorewall -Version: 4.6.2.5 +Version: 4.6.3.1 Release: 0 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems License: GPL-2.0 Group: Productivity/Networking/Security Url: http://www.shorewall.net/ -Source: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-%version.t… -Source1: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-core-%vers… -Source2: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-lite-%vers… -Source3: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-init-%vers… -Source4: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%{name}6-lite-%v… -Source5: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%{name}6-%versio… -Source6: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-docs-html-… +Source: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-%version.t… +Source1: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-core-%vers… +Source2: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-lite-%vers… +Source3: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-init-%vers… +Source4: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-lite-%v… +Source5: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-%versio… +Source6: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-docs-html-… Source7: %name-4.4.22.rpmlintrc Source8: README.openSUSE # PATCH-FIX-UPSTREAM toganm(a)opensuse.org Shorewall-lite init.suse.sh Required Stop @@ -61,6 +61,8 @@ Requires: iptables Requires: logrotate Requires: xtables-addons +Provides: shoreline_firewall = %{version}-%{release} + BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch BuildRequires: bash >= 4 @@ -135,6 +137,7 @@ Requires: iproute2 Requires: iptables Requires: logrotate +Provides: shoreline_firewall = %{version}-%{release} %if 0%{?suse_version} Conflicts: SuSEfirewall2 %endif @@ -175,7 +178,7 @@ Requires(preun): systemd-units Requires(postun): systemd-units %endif - +Provides: shoreline_firewall = %{version}-%{release} Requires: %name > 4.5.0-0 Requires: logrotate %if 0%{?suse_version} @@ -217,6 +220,7 @@ %endif Requires: %name-core Requires: logrotate +Provides: shoreline_firewall = %{version}-%{release} %if 0%{?suse_version} Conflicts: SuSEfirewall2 %endif @@ -257,8 +261,9 @@ Requires(preun): systemd-units Requires(postun): systemd-units %endif -Requires: %name > 4.4.9 -Requires: %{name}6 > 4.4.9 + +Requires: shoreline_firewall >= 4.5.0 + Requires: logrotate %if 0%{?suse_version} Conflicts: SuSEfirewall2 @@ -391,7 +396,7 @@ done # FIXME linkto /usr/sbin/service should follow usr_move thing -rctargets="shorewall shorewall-lite shorewall6 shorewall6-lite" +rctargets="shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init" mkdir -p %buildroot/%_sbindir for i in $rctargets; do %if 0%{?suse_version} > 1220 @@ -811,6 +816,8 @@ # FIXME %if 0%{?suse_version} +%{_sbindir}/rc%{name}-init + %_localstatedir/adm/fillup-templates/sysconfig.%name-init %if 0%{?suse_version} <= 1220 %attr(0544,root,root) %_initddir/%name-init ++++++ shorewall-4.6.2.5.tar.bz2 -> shorewall-4.6.3.1.tar.bz2 ++++++ ++++ 1866 lines of diff (skipped) ++++++ shorewall-core-4.6.2.5.tar.bz2 -> shorewall-core-4.6.3.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/changelog.txt new/shorewall-core-4.6.3.1/changelog.txt --- old/shorewall-core-4.6.2.5/changelog.txt 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-core-4.6.3.1/changelog.txt 2014-08-27 16:54:44.000000000 +0200 @@ -1,23 +1,45 @@ -Changes in 4.6.2.5 +Changes in 4.6.3.1 + +1) Update release documents + +2) Correct the u32 match string in action.DNSAmp. + +3) Clarify REJECT handling in IP[6]TABLES rules. + +Changes in 4.6.3 Final + +1) Update release documents. + +2) Apply Thomas D's fix for SAVE_IPSETS on Debian. + +Changes in 4.6.3 RC 1 1) Update release documents. -2) Allow a physical interface name in the INTERFACE column of the - providers files. +2) Minor code and documentation cleanup. -3) Apply Louis Lagendijk's patch for shorewall-init. +3) Defect repair from 4.6.2.5. -Changes in 4.6.2.4 +hanges in 4.6.3 Beta 2 1) Update release documents. -2) Allow inline matches in the body of an action. +2) Add DNSAmp action + +3) Allow inline matches in action bodies (from 4.6.2.4) -Changes in 4.6.2.3 +4) Allow physical names to be used in the INTERFACE column of the + providers file. + +Changes in 4.6.3 Beta 1 1) Update release documents. -2) Correct handling of optimize level 8 with Perl 5.20. +2) Describe new helper assignment in the FTP article. + +3) Merge defect repair from 4.6.2.3. + +4) Implement the 'run' command. Changes in 4.6.2.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/configure new/shorewall-core-4.6.3.1/configure --- old/shorewall-core-4.6.2.5/configure 2014-08-13 01:53:51.000000000 +0200 +++ new/shorewall-core-4.6.3.1/configure 2014-08-27 16:54:43.000000000 +0200 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.6.2.5 +VERSION=4.6.3.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/configure.pl new/shorewall-core-4.6.3.1/configure.pl --- old/shorewall-core-4.6.2.5/configure.pl 2014-08-13 01:53:51.000000000 +0200 +++ new/shorewall-core-4.6.3.1/configure.pl 2014-08-27 16:54:43.000000000 +0200 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.6.2.5' + VERSION => '4.6.3.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/install.sh new/shorewall-core-4.6.3.1/install.sh --- old/shorewall-core-4.6.2.5/install.sh 2014-08-13 01:53:51.000000000 +0200 +++ new/shorewall-core-4.6.3.1/install.sh 2014-08-27 16:54:43.000000000 +0200 @@ -22,7 +22,7 @@ # along with this program; if not, see <http://www.gnu.org/licenses/>. # -VERSION=4.6.2.5 +VERSION=4.6.3.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/known_problems.txt new/shorewall-core-4.6.3.1/known_problems.txt --- old/shorewall-core-4.6.2.5/known_problems.txt 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-core-4.6.3.1/known_problems.txt 2014-08-27 16:54:44.000000000 +0200 @@ -1,87 +1,22 @@ 1) On systems running Upstart, shorewall-init cannot reliably secure the firewall before interfaces are brought up. -2) In the tcrules file: +2) The DNSAmp action released in 4.6.3 matches more packets than it + should. - - SAVE and RESTORE generate fatal compilation errors. - - '|' and '&' are ignored. + Workaround: Change the single rule in + /usr/share/shorewall/action.DNSAmp to: - Corrected in 4.6.2.1. + IPTABLES(@1) - - udp 53 ; -m u32 --u32 "0>>22&0x3C\@8&0xffff=0x0100 && 0>>22&0x3C\@12&0xffff0000=0x00010000" -3) In the mangle file: + Corrected in 4.6.3.1. - - '|' and '&' are ignored in MARK ACTIONS. +3) A typo results in the following misleading error message: - Corrected in 4.6.2.1. + ERROR: The xxx TARGET is now allowed in the filter table -4) The compiler fails to detect the IPv6 Header Match capability when - LOAD_MODULES_ONLY=No. + The message should read: - Workaround: Use a capabilities file or set LOAD_MODULES_ONLY=Yes. + ERROR: The xxx TARGET is not allowed in the filter table - Corrected in 4.6.2.2. - -5) The compiler fails to detect Ipset Match support when the system is - running a 3.14 Linux Kernel. - - Workaround: Use a capabilities file. - - Corrected in 4.6.2.2. - -6) The compiler fails to detect the Arptables JF capability when - LOAD_MODULES_ONLY=No. - - Workaround: Use a capabilities file or set LOAD_MODULES_ONLY=Yes. - - Corrected in 4.6.2.2. - -7) The tcfilter manpages fail to mention that BASIC_FILTERS=Yes is - required to use ipsets in the tcfilters files. - - Corrected in 4.6.2.2. - -8) The compiler fails with a Perl diagnostic if: - - - Optimize Level 8 is enabled. - - Perl 5.20 is being used - - The diagnostic is: - - Can't use string ("nat") as a HASH ref while "strict refs" in use - at /usr/share/shorewall/Shorewall/Chains.pm line 3486. - - Workaround: Disable optimize level 8 by subtracting 8 from the - current setting. If 'all' is the current value, - change the setting to OPTIMIZE=23 - - Corrected in 4.6.2.3. - -9) Inline matches are incorrectly disallowed in action files. - - Corrected in 4.6.2.4. - -10) If the following entry appears in /etc/shorewall/interfaces: - - prov2 VPNIF physical=tun1,optional - - then this entry in /etc/shorewall/provider - - prov2 2 2 - tun1 192.168.1.1 track,fallback - - results in the following: - - Use of uninitialized value $physical in pattern match - (m//) at /usr/lib/perl5/vendor_perl/5.18.1/ - Shorewall/Providers.pm line 463, <$currentfile> line 2. - ERROR: A provider interface must have at least one - associated zone /opt/etc/shorewall/providers (line 2) - - Workaround: Change the provider entry to - - prov2 2 2 - VPNIF 192.168.1.1 track,fallback - - Corrected in 4.6.2.5. - -11) Shorewall-init fails when installed on a system with systemd. - - Corrected in 4.6.2.5. + Corrected in 4.6.3.1. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/lib.cli new/shorewall-core-4.6.3.1/lib.cli --- old/shorewall-core-4.6.2.5/lib.cli 2014-08-13 01:39:52.000000000 +0200 +++ new/shorewall-core-4.6.3.1/lib.cli 2014-08-24 20:59:51.000000000 +0200 @@ -1470,22 +1470,10 @@ $g_tool -t rawpost -L $g_ipt_options fi - local count - local max + local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count) + local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max) - if [ -f /proc/sys/net/netfilter/nf_conntrack_count ]; then - count=$(cat /proc/sys/net/netfilter/nf_conntrack_count) - max=$(cat /proc/sys/net/netfilter/nf_conntrack_max) - - heading "Conntrack Table ($count out of $max)" - elif [ -f /proc/sys/net/ipv4/netfilter/ip_conntrack_count ]; then - count=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count) - max=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max) - - heading "Conntrack Table ($count out of $max)" - else - heading "Conntrack Table" - fi + heading "Conntrack Table ($count out of $max)" if [ $g_family -eq 4 ]; then [ -f /proc/net/ip_conntrack ] && cat /proc/net/ip_conntrack || grep -v '^ipv6' /proc/net/nf_conntrack @@ -3527,6 +3515,14 @@ return $rc } +run_command() { + if [ -x ${VARDIR}/firewall ] ; then + run_it ${VARDIR}/firewall $g_debugging $@ + else + fatal_error "${VARDIR}/firewall does not exist or is not executable" + fi +} + # # Give Usage Information # @@ -3558,6 +3554,7 @@ echo " reset [ <chain> ... ]" echo " restart [ -n ] [ -p ] [ -f ] [ <directory> ]" echo " restore [ -n ] [ <file name> ]" + echo " run <command> [ <parameter> ... ]" echo " save [ <file name> ]" echo " [ show | list | ls ] [ -b ] [ -x ] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]" echo " [ show | list | ls ] [ -f ] capabilities" @@ -3586,6 +3583,7 @@ echo " start [ -f ] [ -p ] [ <directory> ]" echo " stop" echo " status [ -i ]" + echo " run <function> [ function ... ]" echo " version [ -a ]" echo exit $1 @@ -3830,6 +3828,11 @@ fatal_error "$g_product is not running" fi ;; + run) + [ $# -gt 1 ] || fatal_error "Missing function name" + get_config Yes + run_command $@ + ;; show|list|ls) get_config Yes No Yes shift diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/lib.common new/shorewall-core-4.6.3.1/lib.common --- old/shorewall-core-4.6.2.5/lib.common 2014-08-13 01:39:52.000000000 +0200 +++ new/shorewall-core-4.6.3.1/lib.common 2014-08-24 20:59:51.000000000 +0200 @@ -172,6 +172,7 @@ error_message() # $* = Error Message { echo " $@" >&2 + return 1 } # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/releasenotes.txt new/shorewall-core-4.6.3.1/releasenotes.txt --- old/shorewall-core-4.6.2.5/releasenotes.txt 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-core-4.6.3.1/releasenotes.txt 2014-08-27 16:54:44.000000000 +0200 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 6 . 2 . 5 + S H O R E W A L L 4 . 6 . 3 . 1 ------------------------------------ - A u g u s t 1 4 , 2 0 1 4 + A u g u s t 2 6 , 2 0 1 4 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,80 +14,28 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -4.6.2.5 +4.6.3 -1) Previously, when an interface specified the 'physical=' option and - the physical interface name was specified in the INTERFACES column - of the providers file, compilation would fail with diagnostics - similar to the following: +1) The DNSAmp action released in 4.6.3 matched more packets than it + should have. That has now been corrected. - Use of uninitialized value $physical in pattern match - (m//) at /usr/lib/perl5/vendor_perl/5.18.1/ - Shorewall/Providers.pm line 463, <$currentfile> line 2. - ERROR: A provider interface must have at least one - associated zone /opt/etc/shorewall/providers (line 2) +2) The handling of REJECT in IP[6]TABLES rules has been clarified in + the shorewall-rules(5) and shorewall6-rules(5) manpages. -2) Shorewall-init now works correctly on systems with systemd. - By Louis Lagendijk. +3) The following misleading error message has now been corrected: -4.6.2.4 + ERROR: The xxx TARGET is now allowed in the filter table -1) Previously, inline matches were incorrectly disallowed in action - files. These matches are now allowed. + The message now reads: -4.6.2.3 - -1) Previously, the compiler would fail with a Perl diagnostic if: - - - Optimize Level 8 was enabled. - - Perl 5.20 was being used. This is the current Perl version on - Arch Linux. + ERROR: The xxx TARGET is not allowed in the filter table - The diagnostic was: +4.6.3 - Can't use string ("nat") as a HASH ref while "strict refs" in use - at /usr/share/shorewall/Shorewall/Chains.pm line 3486. +1) This release contains defect repair up through release 4.6.2.5. -4.6.2.2 - -1) The compiler now correctly detects the IPv6 "Header Match" - capability when LOAD_MODULES_ONLY=No. - -2) The compiler now correctly detects the IPv6 "Ipset Match" - capability on systems running a 3.14 or later kernel. - -3) The compiler now correctly detects "Arptables JF" capability when - LOAD_MODULES_ONLY=No. - -3) The tcfilter manpages previously failed to mention that - BASIC_FILTERS=Yes is required to use ipsets in the tcfilters files. - -4.6.2.1 - -1) Two issues with tcrules processing have been corrected: - - - SAVE and RESTORE generated fatal compilation errors. - - '|' and '&' were ignored. - -4.6.2 - -1) The DSCP match in the mangle and tcrules files didn't work with - service class names such as EF, BE, CS1, ... (Thibaut Chèze) - -2) The SAVE and RESTORE actions were disallowed in the OUTPUT chain in - tcrules and mangle; this was a regression from 4.5.21. - -3) Additional ports required by Asus, Supermicro and Dell have been - added to the IPMI macro (Tuomo Soini). - -4) Some issues regarding install under Cygwin64 have been addressed. - - - configure.pl did not understand CYGWIN returned from `uname` - - Shorewall-core install.sh did not understand CYGWIN returned from - `uname`. - - The Shorewall and Shorewall6 installers tried to run the command - 'mkdir -p //etc/shorewall[6]' which is broken in the current - Cygwin64. +2) The SAVE_IPSETS option in the Debian version of Shorewall-init now + works correctly. Thomas D. ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G @@ -100,45 +48,19 @@ I I I. N E W F E A T U R E S I N T H I S R E L E A S E ---------------------------------------------------------------------------- -1) The 'status' command now allows a -i option which causes the state - of all optional and provider interfaces to be displayed. - - Example: - - root@gateway:/etc/shorewall# shorewall status -i - Shorewall-4.6.1 Status at gateway - Wed Jun 18 14:27:19 PDT 2014 - - Shorewall is running - State:Started (Wed Jun 18 09:50:01 PDT 2014) from /etc/shorewall/ - (/var/lib/shorewall/firewall compiled by Shorewall version 4.6.1) - - Interface eth0 is Enabled - Interface eth1 is Enabled - Interface lo is Enabled - -2) A 'shorewall show blacklists' command has been - implemented. The abbreviation 'bl' may be used in place of - 'blacklists'. - - The command displays the output of the 'dynamic' chain together - with the chains created by entries in the blrules file. - -3) A TIME column has been added to the mangle file. It has the same - use in that file as the corresponding column in the rules file. - -4) A stateful port knocking example has been added to the Events - article (http://www.shorewall.net/Events.html). This example allows - a sequence of knocking ports to be defined (Gerhard Weisinger). - -5) A macro supporting HP's Integrated Lights Out (ILO) has been added - (Tuomo Soini). - -6) It is now possible to specify the MAC address of a provider - GATEWAY. This is useful when there are multiple providers serviced - by a single interface as it avoids the need for the generated - script to detect the MAC during start/restart. - -7) The copyrights in the sample configuration files have been updated. +1) A new 'run' command has been implemented. This command allows you + to run an arbitrary command in the context of the generated + script. + + shorewall[6][-lite] run <command> [ <parameter> ... ] + + Normally, <command> will be a function declared in lib.private. + +2) A DNSAmp action has been added. This action matches recursive UDP + DNS queries. The default disposition is DROP which can be + overridden by the single action parameter (e.g, 'DNSAmp(REJECT)' + will reject these queries). Recursive DNS queries are the basis for + 'DNS Amplification' attacks; hence the action name. ---------------------------------------------------------------------------- I V. M I G R A T I O N I S S U E S @@ -412,7 +334,130 @@ ---------------------------------------------------------------------------- V. N O T E S F R O M O T H E R 4 . 6 R E L E A S E S ---------------------------------------------------------------------------- - P R O B L E M S C O R R E C T E D I N 4 . 6 . 0 + P R O B L E M S C O R R E C T E D I N 4 . 6 . 2 +---------------------------------------------------------------------------- + +4.6.2.5 + +1) Previously, when an interface specified the 'physical=' option and + the physical interface name was specified in the INTERFACES column + of the providers file, compilation would fail with diagnostics + similar to the following: + + Use of uninitialized value $physical in pattern match + (m//) at /usr/lib/perl5/vendor_perl/5.18.1/ + Shorewall/Providers.pm line 463, <$currentfile> line 2. + ERROR: A provider interface must have at least one + associated zone /opt/etc/shorewall/providers (line 2) + +2) Shorewall-init now works correctly on systems with systemd. + By Louis Lagendijk. + +4.6.2.4 + +1) Previously, inline matches were incorrectly disallowed in action + files. These matches are now allowed. + +4.6.2.3 + +1) Previously, the compiler would fail with a Perl diagnostic if: + + - Optimize Level 8 was enabled. + - Perl 5.20 was being used. This is the current Perl version on + Arch Linux. + + The diagnostic was: + + Can't use string ("nat") as a HASH ref while "strict refs" in use + at /usr/share/shorewall/Shorewall/Chains.pm line 3486. + +4.6.2.2 + +1) The compiler now correctly detects the IPv6 "Header Match" + capability when LOAD_MODULES_ONLY=No. + +2) The compiler now correctly detects the IPv6 "Ipset Match" + capability on systems running a 3.14 or later kernel. + +3) The compiler now correctly detects "Arptables JF" capability when + LOAD_MODULES_ONLY=No. + +3) The tcfilter manpages previously failed to mention that + BASIC_FILTERS=Yes is required to use ipsets in the tcfilters files. + +4.6.2.1 + +1) Two issues with tcrules processing have been corrected: + + - SAVE and RESTORE generated fatal compilation errors. + - '|' and '&' were ignored. + +4.6.2 + +1) The DSCP match in the mangle and tcrules files didn't work with + service class names such as EF, BE, CS1, ... (Thibaut Chèze) + +2) The SAVE and RESTORE actions were disallowed in the OUTPUT chain in + tcrules and mangle; this was a regression from 4.5.21. + +3) Additional ports required by Asus, Supermicro and Dell have been + added to the IPMI macro (Tuomo Soini). + +4) Some issues regarding install under Cygwin64 have been addressed. + + - configure.pl did not understand CYGWIN returned from `uname` + - Shorewall-core install.sh did not understand CYGWIN returned from + `uname`. + - The Shorewall and Shorewall6 installers tried to run the command + 'mkdir -p //etc/shorewall[6]' which is broken in the current + Cygwin64. + +---------------------------------------------------------------------------- + N E W F E A T U R E S I N 4 . 6 . 2 +---------------------------------------------------------------------------- + +1) The 'status' command now allows a -i option which causes the state + of all optional and provider interfaces to be displayed. + + Example: + + root@gateway:/etc/shorewall# shorewall status -i + Shorewall-4.6.1 Status at gateway - Wed Jun 18 14:27:19 PDT 2014 + + Shorewall is running + State:Started (Wed Jun 18 09:50:01 PDT 2014) from /etc/shorewall/ + (/var/lib/shorewall/firewall compiled by Shorewall version 4.6.1) + + Interface eth0 is Enabled + Interface eth1 is Enabled + Interface lo is Enabled + +2) A 'shorewall show blacklists' command has been + implemented. The abbreviation 'bl' may be used in place of + 'blacklists'. + + The command displays the output of the 'dynamic' chain together + with the chains created by entries in the blrules file. + +3) A TIME column has been added to the mangle file. It has the same + use in that file as the corresponding column in the rules file. + +4) A stateful port knocking example has been added to the Events + article (http://www.shorewall.net/Events.html). This example allows + a sequence of knocking ports to be defined (Gerhard Weisinger). + +5) A macro supporting HP's Integrated Lights Out (ILO) has been added + (Tuomo Soini). + +6) It is now possible to specify the MAC address of a provider + GATEWAY. This is useful when there are multiple providers serviced + by a single interface as it avoids the need for the generated + script to detect the MAC during start/restart. + +7) The copyrights in the sample configuration files have been updated. + +---------------------------------------------------------------------------- + P R O B L E M S C O R R E C T E D I N 4 . 6 . 1 ---------------------------------------------------------------------------- 4.6.1.4 @@ -487,7 +532,7 @@ optimized away. ---------------------------------------------------------------------------- - N E W F E A T U R E S I N 4 . 6 . 0 + N E W F E A T U R E S I N 4 . 6 . 1 ---------------------------------------------------------------------------- 1) Tuomo Soini has provided new macros for AMOP, MongoDB, Redis, Sieve diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/shorewall-core.spec new/shorewall-core-4.6.3.1/shorewall-core.spec --- old/shorewall-core-4.6.2.5/shorewall-core.spec 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-core-4.6.3.1/shorewall-core.spec 2014-08-27 16:54:44.000000000 +0200 @@ -1,6 +1,6 @@ %define name shorewall-core -%define version 4.6.2 -%define release 5 +%define version 4.6.3 +%define release 1 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -62,12 +62,16 @@ %doc COPYING INSTALL changelog.txt releasenotes.txt %changelog -* Tue Aug 12 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-5 -* Tue Aug 05 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-4 -* Sat Jul 26 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-3 +* Thu Aug 21 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-1 +* Thu Aug 14 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0base +* Sun Aug 10 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0RC1 +* Sun Aug 03 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0Beta2 +* Fri Jul 25 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0Beta1 * Fri Jul 18 2014 Tom Eastep tom(a)shorewall.net - Updated to 4.6.2-2 * Fri Jul 18 2014 Tom Eastep tom(a)shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.2.5/uninstall.sh new/shorewall-core-4.6.3.1/uninstall.sh --- old/shorewall-core-4.6.2.5/uninstall.sh 2014-08-13 01:53:51.000000000 +0200 +++ new/shorewall-core-4.6.3.1/uninstall.sh 2014-08-27 16:54:43.000000000 +0200 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.6.2.5 +VERSION=4.6.3.1 usage() # $1 = exit status { ++++++ shorewall-docs-html-4.6.2.5.tar.bz2 -> shorewall-docs-html-4.6.3.1.tar.bz2 ++++++ ++++ 7168 lines of diff (skipped) ++++++ shorewall-init-4.6.2.5.tar.bz2 -> shorewall-init-4.6.3.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/changelog.txt new/shorewall-init-4.6.3.1/changelog.txt --- old/shorewall-init-4.6.2.5/changelog.txt 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/changelog.txt 2014-08-27 16:54:44.000000000 +0200 @@ -1,23 +1,45 @@ -Changes in 4.6.2.5 +Changes in 4.6.3.1 + +1) Update release documents + +2) Correct the u32 match string in action.DNSAmp. + +3) Clarify REJECT handling in IP[6]TABLES rules. + +Changes in 4.6.3 Final + +1) Update release documents. + +2) Apply Thomas D's fix for SAVE_IPSETS on Debian. + +Changes in 4.6.3 RC 1 1) Update release documents. -2) Allow a physical interface name in the INTERFACE column of the - providers files. +2) Minor code and documentation cleanup. -3) Apply Louis Lagendijk's patch for shorewall-init. +3) Defect repair from 4.6.2.5. -Changes in 4.6.2.4 +hanges in 4.6.3 Beta 2 1) Update release documents. -2) Allow inline matches in the body of an action. +2) Add DNSAmp action + +3) Allow inline matches in action bodies (from 4.6.2.4) -Changes in 4.6.2.3 +4) Allow physical names to be used in the INTERFACE column of the + providers file. + +Changes in 4.6.3 Beta 1 1) Update release documents. -2) Correct handling of optimize level 8 with Perl 5.20. +2) Describe new helper assignment in the FTP article. + +3) Merge defect repair from 4.6.2.3. + +4) Implement the 'run' command. Changes in 4.6.2.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/configure new/shorewall-init-4.6.3.1/configure --- old/shorewall-init-4.6.2.5/configure 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/configure 2014-08-27 16:54:44.000000000 +0200 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.6.2.5 +VERSION=4.6.3.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/configure.pl new/shorewall-init-4.6.3.1/configure.pl --- old/shorewall-init-4.6.2.5/configure.pl 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/configure.pl 2014-08-27 16:54:44.000000000 +0200 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.6.2.5' + VERSION => '4.6.3.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/init.debian.sh new/shorewall-init-4.6.3.1/init.debian.sh --- old/shorewall-init-4.6.2.5/init.debian.sh 2014-08-13 01:39:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/init.debian.sh 2014-08-24 20:59:51.000000000 +0200 @@ -123,6 +123,17 @@ echo "done." + if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then + + echo -n "Restoring ipsets: " + + if ! ipset -R < "$SAVE_IPSETS"; then + echo_notdone + fi + + echo "done." + fi + return 0 } @@ -142,6 +153,20 @@ echo "done." + if [ -n "$SAVE_IPSETS" ]; then + + echo "Saving ipsets: " + + mkdir -p $(dirname "$SAVE_IPSETS") + if ipset -S > "${SAVE_IPSETS}.tmp"; then + grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" + else + echo_notdone + fi + + echo "done." + fi + return 0 } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/install.sh new/shorewall-init-4.6.3.1/install.sh --- old/shorewall-init-4.6.2.5/install.sh 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/install.sh 2014-08-27 16:54:44.000000000 +0200 @@ -27,7 +27,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.6.2.5 +VERSION=4.6.3.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/releasenotes.txt new/shorewall-init-4.6.3.1/releasenotes.txt --- old/shorewall-init-4.6.2.5/releasenotes.txt 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/releasenotes.txt 2014-08-27 16:54:44.000000000 +0200 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 6 . 2 . 5 + S H O R E W A L L 4 . 6 . 3 . 1 ------------------------------------ - A u g u s t 1 4 , 2 0 1 4 + A u g u s t 2 6 , 2 0 1 4 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,80 +14,28 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -4.6.2.5 +4.6.3 -1) Previously, when an interface specified the 'physical=' option and - the physical interface name was specified in the INTERFACES column - of the providers file, compilation would fail with diagnostics - similar to the following: +1) The DNSAmp action released in 4.6.3 matched more packets than it + should have. That has now been corrected. - Use of uninitialized value $physical in pattern match - (m//) at /usr/lib/perl5/vendor_perl/5.18.1/ - Shorewall/Providers.pm line 463, <$currentfile> line 2. - ERROR: A provider interface must have at least one - associated zone /opt/etc/shorewall/providers (line 2) +2) The handling of REJECT in IP[6]TABLES rules has been clarified in + the shorewall-rules(5) and shorewall6-rules(5) manpages. -2) Shorewall-init now works correctly on systems with systemd. - By Louis Lagendijk. +3) The following misleading error message has now been corrected: -4.6.2.4 + ERROR: The xxx TARGET is now allowed in the filter table -1) Previously, inline matches were incorrectly disallowed in action - files. These matches are now allowed. + The message now reads: -4.6.2.3 - -1) Previously, the compiler would fail with a Perl diagnostic if: - - - Optimize Level 8 was enabled. - - Perl 5.20 was being used. This is the current Perl version on - Arch Linux. + ERROR: The xxx TARGET is not allowed in the filter table - The diagnostic was: +4.6.3 - Can't use string ("nat") as a HASH ref while "strict refs" in use - at /usr/share/shorewall/Shorewall/Chains.pm line 3486. +1) This release contains defect repair up through release 4.6.2.5. -4.6.2.2 - -1) The compiler now correctly detects the IPv6 "Header Match" - capability when LOAD_MODULES_ONLY=No. - -2) The compiler now correctly detects the IPv6 "Ipset Match" - capability on systems running a 3.14 or later kernel. - -3) The compiler now correctly detects "Arptables JF" capability when - LOAD_MODULES_ONLY=No. - -3) The tcfilter manpages previously failed to mention that - BASIC_FILTERS=Yes is required to use ipsets in the tcfilters files. - -4.6.2.1 - -1) Two issues with tcrules processing have been corrected: - - - SAVE and RESTORE generated fatal compilation errors. - - '|' and '&' were ignored. - -4.6.2 - -1) The DSCP match in the mangle and tcrules files didn't work with - service class names such as EF, BE, CS1, ... (Thibaut Chèze) - -2) The SAVE and RESTORE actions were disallowed in the OUTPUT chain in - tcrules and mangle; this was a regression from 4.5.21. - -3) Additional ports required by Asus, Supermicro and Dell have been - added to the IPMI macro (Tuomo Soini). - -4) Some issues regarding install under Cygwin64 have been addressed. - - - configure.pl did not understand CYGWIN returned from `uname` - - Shorewall-core install.sh did not understand CYGWIN returned from - `uname`. - - The Shorewall and Shorewall6 installers tried to run the command - 'mkdir -p //etc/shorewall[6]' which is broken in the current - Cygwin64. +2) The SAVE_IPSETS option in the Debian version of Shorewall-init now + works correctly. Thomas D. ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G @@ -100,45 +48,19 @@ I I I. N E W F E A T U R E S I N T H I S R E L E A S E ---------------------------------------------------------------------------- -1) The 'status' command now allows a -i option which causes the state - of all optional and provider interfaces to be displayed. - - Example: - - root@gateway:/etc/shorewall# shorewall status -i - Shorewall-4.6.1 Status at gateway - Wed Jun 18 14:27:19 PDT 2014 - - Shorewall is running - State:Started (Wed Jun 18 09:50:01 PDT 2014) from /etc/shorewall/ - (/var/lib/shorewall/firewall compiled by Shorewall version 4.6.1) - - Interface eth0 is Enabled - Interface eth1 is Enabled - Interface lo is Enabled - -2) A 'shorewall show blacklists' command has been - implemented. The abbreviation 'bl' may be used in place of - 'blacklists'. - - The command displays the output of the 'dynamic' chain together - with the chains created by entries in the blrules file. - -3) A TIME column has been added to the mangle file. It has the same - use in that file as the corresponding column in the rules file. - -4) A stateful port knocking example has been added to the Events - article (http://www.shorewall.net/Events.html). This example allows - a sequence of knocking ports to be defined (Gerhard Weisinger). - -5) A macro supporting HP's Integrated Lights Out (ILO) has been added - (Tuomo Soini). - -6) It is now possible to specify the MAC address of a provider - GATEWAY. This is useful when there are multiple providers serviced - by a single interface as it avoids the need for the generated - script to detect the MAC during start/restart. - -7) The copyrights in the sample configuration files have been updated. +1) A new 'run' command has been implemented. This command allows you + to run an arbitrary command in the context of the generated + script. + + shorewall[6][-lite] run <command> [ <parameter> ... ] + + Normally, <command> will be a function declared in lib.private. + +2) A DNSAmp action has been added. This action matches recursive UDP + DNS queries. The default disposition is DROP which can be + overridden by the single action parameter (e.g, 'DNSAmp(REJECT)' + will reject these queries). Recursive DNS queries are the basis for + 'DNS Amplification' attacks; hence the action name. ---------------------------------------------------------------------------- I V. M I G R A T I O N I S S U E S @@ -412,7 +334,130 @@ ---------------------------------------------------------------------------- V. N O T E S F R O M O T H E R 4 . 6 R E L E A S E S ---------------------------------------------------------------------------- - P R O B L E M S C O R R E C T E D I N 4 . 6 . 0 + P R O B L E M S C O R R E C T E D I N 4 . 6 . 2 +---------------------------------------------------------------------------- + +4.6.2.5 + +1) Previously, when an interface specified the 'physical=' option and + the physical interface name was specified in the INTERFACES column + of the providers file, compilation would fail with diagnostics + similar to the following: + + Use of uninitialized value $physical in pattern match + (m//) at /usr/lib/perl5/vendor_perl/5.18.1/ + Shorewall/Providers.pm line 463, <$currentfile> line 2. + ERROR: A provider interface must have at least one + associated zone /opt/etc/shorewall/providers (line 2) + +2) Shorewall-init now works correctly on systems with systemd. + By Louis Lagendijk. + +4.6.2.4 + +1) Previously, inline matches were incorrectly disallowed in action + files. These matches are now allowed. + +4.6.2.3 + +1) Previously, the compiler would fail with a Perl diagnostic if: + + - Optimize Level 8 was enabled. + - Perl 5.20 was being used. This is the current Perl version on + Arch Linux. + + The diagnostic was: + + Can't use string ("nat") as a HASH ref while "strict refs" in use + at /usr/share/shorewall/Shorewall/Chains.pm line 3486. + +4.6.2.2 + +1) The compiler now correctly detects the IPv6 "Header Match" + capability when LOAD_MODULES_ONLY=No. + +2) The compiler now correctly detects the IPv6 "Ipset Match" + capability on systems running a 3.14 or later kernel. + +3) The compiler now correctly detects "Arptables JF" capability when + LOAD_MODULES_ONLY=No. + +3) The tcfilter manpages previously failed to mention that + BASIC_FILTERS=Yes is required to use ipsets in the tcfilters files. + +4.6.2.1 + +1) Two issues with tcrules processing have been corrected: + + - SAVE and RESTORE generated fatal compilation errors. + - '|' and '&' were ignored. + +4.6.2 + +1) The DSCP match in the mangle and tcrules files didn't work with + service class names such as EF, BE, CS1, ... (Thibaut Chèze) + +2) The SAVE and RESTORE actions were disallowed in the OUTPUT chain in + tcrules and mangle; this was a regression from 4.5.21. + +3) Additional ports required by Asus, Supermicro and Dell have been + added to the IPMI macro (Tuomo Soini). + +4) Some issues regarding install under Cygwin64 have been addressed. + + - configure.pl did not understand CYGWIN returned from `uname` + - Shorewall-core install.sh did not understand CYGWIN returned from + `uname`. + - The Shorewall and Shorewall6 installers tried to run the command + 'mkdir -p //etc/shorewall[6]' which is broken in the current + Cygwin64. + +---------------------------------------------------------------------------- + N E W F E A T U R E S I N 4 . 6 . 2 +---------------------------------------------------------------------------- + +1) The 'status' command now allows a -i option which causes the state + of all optional and provider interfaces to be displayed. + + Example: + + root@gateway:/etc/shorewall# shorewall status -i + Shorewall-4.6.1 Status at gateway - Wed Jun 18 14:27:19 PDT 2014 + + Shorewall is running + State:Started (Wed Jun 18 09:50:01 PDT 2014) from /etc/shorewall/ + (/var/lib/shorewall/firewall compiled by Shorewall version 4.6.1) + + Interface eth0 is Enabled + Interface eth1 is Enabled + Interface lo is Enabled + +2) A 'shorewall show blacklists' command has been + implemented. The abbreviation 'bl' may be used in place of + 'blacklists'. + + The command displays the output of the 'dynamic' chain together + with the chains created by entries in the blrules file. + +3) A TIME column has been added to the mangle file. It has the same + use in that file as the corresponding column in the rules file. + +4) A stateful port knocking example has been added to the Events + article (http://www.shorewall.net/Events.html). This example allows + a sequence of knocking ports to be defined (Gerhard Weisinger). + +5) A macro supporting HP's Integrated Lights Out (ILO) has been added + (Tuomo Soini). + +6) It is now possible to specify the MAC address of a provider + GATEWAY. This is useful when there are multiple providers serviced + by a single interface as it avoids the need for the generated + script to detect the MAC during start/restart. + +7) The copyrights in the sample configuration files have been updated. + +---------------------------------------------------------------------------- + P R O B L E M S C O R R E C T E D I N 4 . 6 . 1 ---------------------------------------------------------------------------- 4.6.1.4 @@ -487,7 +532,7 @@ optimized away. ---------------------------------------------------------------------------- - N E W F E A T U R E S I N 4 . 6 . 0 + N E W F E A T U R E S I N 4 . 6 . 1 ---------------------------------------------------------------------------- 1) Tuomo Soini has provided new macros for AMOP, MongoDB, Redis, Sieve diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/shorewall-init new/shorewall-init-4.6.3.1/shorewall-init --- old/shorewall-init-4.6.2.5/shorewall-init 2014-08-13 01:39:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/shorewall-init 2014-08-24 20:59:51.000000000 +0200 @@ -63,19 +63,18 @@ for PRODUCT in $PRODUCTS; do setstatedir - if [ -x ${STATEDIR}/firewall ]; then + if [ -x ${STATEDIR}/$PRODUCT/firewall ]; then # # Run in a sub-shell to avoid name collisions # ( - if ! ${STATEDIR}/firewall status > /dev/null 2>&1; then - ${STATEDIR}/firewall ${OPTIONS} stop || exit 1 + if ! ${STATEDIR}/$PRODUCT/firewall status > /dev/null 2>&1; then + ${STATEDIR}/$PRODUCT/firewall ${OPTIONS} stop || exit 1 else exit 1 fi ) else - echo ERROR: ${STATEDIR}/firewall does not exist or is not executable! exit 1 fi done @@ -96,8 +95,8 @@ for PRODUCT in $PRODUCTS; do setstatedir - if [ -x ${STATEDIR}/firewall ]; then - ${STATEDIR}/firewall ${OPTIONS} clear || exit 1 + if [ -x ${STATEDIR}/$PRODUCT/firewall ]; then + ${STATEDIR}/$PRODUCT/firewall ${OPTIONS} clear || exit 1 fi done diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/shorewall-init.spec new/shorewall-init-4.6.3.1/shorewall-init.spec --- old/shorewall-init-4.6.2.5/shorewall-init.spec 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/shorewall-init.spec 2014-08-27 16:54:44.000000000 +0200 @@ -1,6 +1,6 @@ %define name shorewall-init -%define version 4.6.2 -%define release 5 +%define version 4.6.3 +%define release 1 Summary: Shorewall-init adds functionality to Shoreline Firewall (Shorewall). Name: %{name} @@ -125,12 +125,16 @@ %doc COPYING changelog.txt releasenotes.txt %changelog -* Tue Aug 12 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-5 -* Tue Aug 05 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-4 -* Sat Jul 26 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-3 +* Thu Aug 21 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-1 +* Thu Aug 14 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0base +* Sun Aug 10 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0RC1 +* Sun Aug 03 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0Beta2 +* Fri Jul 25 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0Beta1 * Fri Jul 18 2014 Tom Eastep tom(a)shorewall.net - Updated to 4.6.2-2 * Fri Jul 18 2014 Tom Eastep tom(a)shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.2.5/uninstall.sh new/shorewall-init-4.6.3.1/uninstall.sh --- old/shorewall-init-4.6.2.5/uninstall.sh 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-init-4.6.3.1/uninstall.sh 2014-08-27 16:54:44.000000000 +0200 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.6.2.5 +VERSION=4.6.3.1 usage() # $1 = exit status { ++++++ shorewall-lite-4.6.2.5.tar.bz2 -> shorewall-lite-4.6.3.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/changelog.txt new/shorewall-lite-4.6.3.1/changelog.txt --- old/shorewall-lite-4.6.2.5/changelog.txt 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/changelog.txt 2014-08-27 16:54:44.000000000 +0200 @@ -1,23 +1,45 @@ -Changes in 4.6.2.5 +Changes in 4.6.3.1 + +1) Update release documents + +2) Correct the u32 match string in action.DNSAmp. + +3) Clarify REJECT handling in IP[6]TABLES rules. + +Changes in 4.6.3 Final + +1) Update release documents. + +2) Apply Thomas D's fix for SAVE_IPSETS on Debian. + +Changes in 4.6.3 RC 1 1) Update release documents. -2) Allow a physical interface name in the INTERFACE column of the - providers files. +2) Minor code and documentation cleanup. -3) Apply Louis Lagendijk's patch for shorewall-init. +3) Defect repair from 4.6.2.5. -Changes in 4.6.2.4 +hanges in 4.6.3 Beta 2 1) Update release documents. -2) Allow inline matches in the body of an action. +2) Add DNSAmp action + +3) Allow inline matches in action bodies (from 4.6.2.4) -Changes in 4.6.2.3 +4) Allow physical names to be used in the INTERFACE column of the + providers file. + +Changes in 4.6.3 Beta 1 1) Update release documents. -2) Correct handling of optimize level 8 with Perl 5.20. +2) Describe new helper assignment in the FTP article. + +3) Merge defect repair from 4.6.2.3. + +4) Implement the 'run' command. Changes in 4.6.2.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/configure new/shorewall-lite-4.6.3.1/configure --- old/shorewall-lite-4.6.2.5/configure 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/configure 2014-08-27 16:54:44.000000000 +0200 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.6.2.5 +VERSION=4.6.3.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/configure.pl new/shorewall-lite-4.6.3.1/configure.pl --- old/shorewall-lite-4.6.2.5/configure.pl 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/configure.pl 2014-08-27 16:54:44.000000000 +0200 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.6.2.5' + VERSION => '4.6.3.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/install.sh new/shorewall-lite-4.6.3.1/install.sh --- old/shorewall-lite-4.6.2.5/install.sh 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/install.sh 2014-08-27 16:54:44.000000000 +0200 @@ -22,7 +22,7 @@ # along with this program; if not, see <http://www.gnu.org/licenses/>. # -VERSION=4.6.2.5 +VERSION=4.6.3.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/manpages/shorewall-lite-vardir.5 new/shorewall-lite-4.6.3.1/manpages/shorewall-lite-vardir.5 --- old/shorewall-lite-4.6.2.5/manpages/shorewall-lite-vardir.5 2014-08-13 01:57:10.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/manpages/shorewall-lite-vardir.5 2014-08-27 16:58:10.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite-vardir .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 08/12/2014 +.\" Date: 08/27/2014 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-LITE\-VAR" "5" "08/12/2014" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-LITE\-VAR" "5" "08/27/2014" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/manpages/shorewall-lite.8 new/shorewall-lite-4.6.3.1/manpages/shorewall-lite.8 --- old/shorewall-lite-4.6.2.5/manpages/shorewall-lite.8 2014-08-13 01:57:12.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/manpages/shorewall-lite.8 2014-08-27 16:58:12.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 08/12/2014 +.\" Date: 08/27/2014 .\" Manual: Administrative Commands .\" Source: Administrative Commands .\" Language: English .\" -.TH "SHOREWALL\-LITE" "8" "08/12/2014" "Administrative Commands" "Administrative Commands" +.TH "SHOREWALL\-LITE" "8" "08/27/2014" "Administrative Commands" "Administrative Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -75,6 +75,8 @@ .HP \w'\fBshorewall\-lite\fR\ 'u \fBshorewall\-lite\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBrestore\fR [\fIfilename\fR] .HP \w'\fBshorewall\-lite\fR\ 'u +\fBshorewall\-lite\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBrun\fR function [\fIparameter\ \&.\&.\&.\fR] +.HP \w'\fBshorewall\-lite\fR\ 'u \fBshorewall\-lite\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBsave\fR [\fIfilename\fR] .HP \w'\fBshorewall\-lite\fR\ 'u \fBshorewall\-lite\fR [\fBtrace\fR|\fBdebug\fR] [\-\fIoptions\fR] [\fBshow\ |\ list\ |\ ls\ \fR] [\fB\-b\fR] [\fB\-x\fR] [\fB\-l\fR] [\fB\-t\fR\ {\fBfilter\fR|\fBmangle\fR|\fBnat\fR|\fBraw|rawpost\fR}] [[\fBchain\fR]\ \fIchain\fR...] @@ -376,6 +378,22 @@ \m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[1]\d\s+2(5)\&. .RE .PP +\fBrun\fR +.RS 4 +Added in Shorewall 4\&.6\&.3\&. Executes +\fIcommand\fR +in the context of the generated script passing the supplied +\fIparameter\fRs\&. Normally, the +\fIcommand\fR +will be a function declared in +lib\&.private\&. +.sp +Before executing the +\fIcommand\fR, the script will detect the configuration, setting all SW_* variables and will run your +init +extension script with $COMMAND = \*(Aqrun\*(Aq\&. +.RE +.PP \fBsave\fR .RS 4 The dynamic blacklist is stored in /var/lib/shorewall\-lite/save\&. The state of the firewall is stored in /var/lib/shorewall\-lite/\fIfilename\fR diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/manpages/shorewall-lite.conf.5 new/shorewall-lite-4.6.3.1/manpages/shorewall-lite.conf.5 --- old/shorewall-lite-4.6.2.5/manpages/shorewall-lite.conf.5 2014-08-13 01:57:09.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/manpages/shorewall-lite.conf.5 2014-08-27 16:58:09.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite.conf .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 08/12/2014 +.\" Date: 08/27/2014 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-LITE\&.CO" "5" "08/12/2014" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-LITE\&.CO" "5" "08/27/2014" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/manpages/shorewall-lite.xml new/shorewall-lite-4.6.3.1/manpages/shorewall-lite.xml --- old/shorewall-lite-4.6.2.5/manpages/shorewall-lite.xml 2014-08-13 01:57:12.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/manpages/shorewall-lite.xml 2014-08-27 16:58:12.000000000 +0200 @@ -325,6 +325,21 @@ <arg>-<replaceable>options</replaceable></arg> + <arg choice="plain"><option>run</option></arg> + + <arg choice="plain">function</arg> + + <arg><replaceable>parameter ...</replaceable></arg> + </cmdsynopsis> + + <cmdsynopsis> + <command>shorewall-lite</command> + + <arg + choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg> + + <arg>-<replaceable>options</replaceable></arg> + <arg choice="plain"><option>save</option></arg> <arg choice="opt"><replaceable>filename</replaceable></arg> @@ -822,6 +837,23 @@ </listitem> </varlistentry> + <varlistentry> + <term><emphasis role="bold">run</emphasis></term> + + <listitem> + <para>Added in Shorewall 4.6.3. Executes + <replaceable>command</replaceable> in the context of the generated + script passing the supplied <replaceable>parameter</replaceable>s. + Normally, the <replaceable>command</replaceable> will be a function + declared in <filename>lib.private</filename>.</para> + + <para>Before executing the <replaceable>command</replaceable>, the + script will detect the configuration, setting all SW_* variables and + will run your <filename>init</filename> extension script with + $COMMAND = 'run'.</para> + </listitem> + </varlistentry> + <varlistentry> <term><emphasis role="bold">save</emphasis></term> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/releasenotes.txt new/shorewall-lite-4.6.3.1/releasenotes.txt --- old/shorewall-lite-4.6.2.5/releasenotes.txt 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/releasenotes.txt 2014-08-27 16:54:44.000000000 +0200 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 6 . 2 . 5 + S H O R E W A L L 4 . 6 . 3 . 1 ------------------------------------ - A u g u s t 1 4 , 2 0 1 4 + A u g u s t 2 6 , 2 0 1 4 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,80 +14,28 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -4.6.2.5 +4.6.3 -1) Previously, when an interface specified the 'physical=' option and - the physical interface name was specified in the INTERFACES column - of the providers file, compilation would fail with diagnostics - similar to the following: +1) The DNSAmp action released in 4.6.3 matched more packets than it + should have. That has now been corrected. - Use of uninitialized value $physical in pattern match - (m//) at /usr/lib/perl5/vendor_perl/5.18.1/ - Shorewall/Providers.pm line 463, <$currentfile> line 2. - ERROR: A provider interface must have at least one - associated zone /opt/etc/shorewall/providers (line 2) +2) The handling of REJECT in IP[6]TABLES rules has been clarified in + the shorewall-rules(5) and shorewall6-rules(5) manpages. -2) Shorewall-init now works correctly on systems with systemd. - By Louis Lagendijk. +3) The following misleading error message has now been corrected: -4.6.2.4 + ERROR: The xxx TARGET is now allowed in the filter table -1) Previously, inline matches were incorrectly disallowed in action - files. These matches are now allowed. + The message now reads: -4.6.2.3 - -1) Previously, the compiler would fail with a Perl diagnostic if: - - - Optimize Level 8 was enabled. - - Perl 5.20 was being used. This is the current Perl version on - Arch Linux. + ERROR: The xxx TARGET is not allowed in the filter table - The diagnostic was: +4.6.3 - Can't use string ("nat") as a HASH ref while "strict refs" in use - at /usr/share/shorewall/Shorewall/Chains.pm line 3486. +1) This release contains defect repair up through release 4.6.2.5. -4.6.2.2 - -1) The compiler now correctly detects the IPv6 "Header Match" - capability when LOAD_MODULES_ONLY=No. - -2) The compiler now correctly detects the IPv6 "Ipset Match" - capability on systems running a 3.14 or later kernel. - -3) The compiler now correctly detects "Arptables JF" capability when - LOAD_MODULES_ONLY=No. - -3) The tcfilter manpages previously failed to mention that - BASIC_FILTERS=Yes is required to use ipsets in the tcfilters files. - -4.6.2.1 - -1) Two issues with tcrules processing have been corrected: - - - SAVE and RESTORE generated fatal compilation errors. - - '|' and '&' were ignored. - -4.6.2 - -1) The DSCP match in the mangle and tcrules files didn't work with - service class names such as EF, BE, CS1, ... (Thibaut Chèze) - -2) The SAVE and RESTORE actions were disallowed in the OUTPUT chain in - tcrules and mangle; this was a regression from 4.5.21. - -3) Additional ports required by Asus, Supermicro and Dell have been - added to the IPMI macro (Tuomo Soini). - -4) Some issues regarding install under Cygwin64 have been addressed. - - - configure.pl did not understand CYGWIN returned from `uname` - - Shorewall-core install.sh did not understand CYGWIN returned from - `uname`. - - The Shorewall and Shorewall6 installers tried to run the command - 'mkdir -p //etc/shorewall[6]' which is broken in the current - Cygwin64. +2) The SAVE_IPSETS option in the Debian version of Shorewall-init now + works correctly. Thomas D. ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G @@ -100,45 +48,19 @@ I I I. N E W F E A T U R E S I N T H I S R E L E A S E ---------------------------------------------------------------------------- -1) The 'status' command now allows a -i option which causes the state - of all optional and provider interfaces to be displayed. - - Example: - - root@gateway:/etc/shorewall# shorewall status -i - Shorewall-4.6.1 Status at gateway - Wed Jun 18 14:27:19 PDT 2014 - - Shorewall is running - State:Started (Wed Jun 18 09:50:01 PDT 2014) from /etc/shorewall/ - (/var/lib/shorewall/firewall compiled by Shorewall version 4.6.1) - - Interface eth0 is Enabled - Interface eth1 is Enabled - Interface lo is Enabled - -2) A 'shorewall show blacklists' command has been - implemented. The abbreviation 'bl' may be used in place of - 'blacklists'. - - The command displays the output of the 'dynamic' chain together - with the chains created by entries in the blrules file. - -3) A TIME column has been added to the mangle file. It has the same - use in that file as the corresponding column in the rules file. - -4) A stateful port knocking example has been added to the Events - article (http://www.shorewall.net/Events.html). This example allows - a sequence of knocking ports to be defined (Gerhard Weisinger). - -5) A macro supporting HP's Integrated Lights Out (ILO) has been added - (Tuomo Soini). - -6) It is now possible to specify the MAC address of a provider - GATEWAY. This is useful when there are multiple providers serviced - by a single interface as it avoids the need for the generated - script to detect the MAC during start/restart. - -7) The copyrights in the sample configuration files have been updated. +1) A new 'run' command has been implemented. This command allows you + to run an arbitrary command in the context of the generated + script. + + shorewall[6][-lite] run <command> [ <parameter> ... ] + + Normally, <command> will be a function declared in lib.private. + +2) A DNSAmp action has been added. This action matches recursive UDP + DNS queries. The default disposition is DROP which can be + overridden by the single action parameter (e.g, 'DNSAmp(REJECT)' + will reject these queries). Recursive DNS queries are the basis for + 'DNS Amplification' attacks; hence the action name. ---------------------------------------------------------------------------- I V. M I G R A T I O N I S S U E S @@ -412,7 +334,130 @@ ---------------------------------------------------------------------------- V. N O T E S F R O M O T H E R 4 . 6 R E L E A S E S ---------------------------------------------------------------------------- - P R O B L E M S C O R R E C T E D I N 4 . 6 . 0 + P R O B L E M S C O R R E C T E D I N 4 . 6 . 2 +---------------------------------------------------------------------------- + +4.6.2.5 + +1) Previously, when an interface specified the 'physical=' option and + the physical interface name was specified in the INTERFACES column + of the providers file, compilation would fail with diagnostics + similar to the following: + + Use of uninitialized value $physical in pattern match + (m//) at /usr/lib/perl5/vendor_perl/5.18.1/ + Shorewall/Providers.pm line 463, <$currentfile> line 2. + ERROR: A provider interface must have at least one + associated zone /opt/etc/shorewall/providers (line 2) + +2) Shorewall-init now works correctly on systems with systemd. + By Louis Lagendijk. + +4.6.2.4 + +1) Previously, inline matches were incorrectly disallowed in action + files. These matches are now allowed. + +4.6.2.3 + +1) Previously, the compiler would fail with a Perl diagnostic if: + + - Optimize Level 8 was enabled. + - Perl 5.20 was being used. This is the current Perl version on + Arch Linux. + + The diagnostic was: + + Can't use string ("nat") as a HASH ref while "strict refs" in use + at /usr/share/shorewall/Shorewall/Chains.pm line 3486. + +4.6.2.2 + +1) The compiler now correctly detects the IPv6 "Header Match" + capability when LOAD_MODULES_ONLY=No. + +2) The compiler now correctly detects the IPv6 "Ipset Match" + capability on systems running a 3.14 or later kernel. + +3) The compiler now correctly detects "Arptables JF" capability when + LOAD_MODULES_ONLY=No. + +3) The tcfilter manpages previously failed to mention that + BASIC_FILTERS=Yes is required to use ipsets in the tcfilters files. + +4.6.2.1 + +1) Two issues with tcrules processing have been corrected: + + - SAVE and RESTORE generated fatal compilation errors. + - '|' and '&' were ignored. + +4.6.2 + +1) The DSCP match in the mangle and tcrules files didn't work with + service class names such as EF, BE, CS1, ... (Thibaut Chèze) + +2) The SAVE and RESTORE actions were disallowed in the OUTPUT chain in + tcrules and mangle; this was a regression from 4.5.21. + +3) Additional ports required by Asus, Supermicro and Dell have been + added to the IPMI macro (Tuomo Soini). + +4) Some issues regarding install under Cygwin64 have been addressed. + + - configure.pl did not understand CYGWIN returned from `uname` + - Shorewall-core install.sh did not understand CYGWIN returned from + `uname`. + - The Shorewall and Shorewall6 installers tried to run the command + 'mkdir -p //etc/shorewall[6]' which is broken in the current + Cygwin64. + +---------------------------------------------------------------------------- + N E W F E A T U R E S I N 4 . 6 . 2 +---------------------------------------------------------------------------- + +1) The 'status' command now allows a -i option which causes the state + of all optional and provider interfaces to be displayed. + + Example: + + root@gateway:/etc/shorewall# shorewall status -i + Shorewall-4.6.1 Status at gateway - Wed Jun 18 14:27:19 PDT 2014 + + Shorewall is running + State:Started (Wed Jun 18 09:50:01 PDT 2014) from /etc/shorewall/ + (/var/lib/shorewall/firewall compiled by Shorewall version 4.6.1) + + Interface eth0 is Enabled + Interface eth1 is Enabled + Interface lo is Enabled + +2) A 'shorewall show blacklists' command has been + implemented. The abbreviation 'bl' may be used in place of + 'blacklists'. + + The command displays the output of the 'dynamic' chain together + with the chains created by entries in the blrules file. + +3) A TIME column has been added to the mangle file. It has the same + use in that file as the corresponding column in the rules file. + +4) A stateful port knocking example has been added to the Events + article (http://www.shorewall.net/Events.html). This example allows + a sequence of knocking ports to be defined (Gerhard Weisinger). + +5) A macro supporting HP's Integrated Lights Out (ILO) has been added + (Tuomo Soini). + +6) It is now possible to specify the MAC address of a provider + GATEWAY. This is useful when there are multiple providers serviced + by a single interface as it avoids the need for the generated + script to detect the MAC during start/restart. + +7) The copyrights in the sample configuration files have been updated. + +---------------------------------------------------------------------------- + P R O B L E M S C O R R E C T E D I N 4 . 6 . 1 ---------------------------------------------------------------------------- 4.6.1.4 @@ -487,7 +532,7 @@ optimized away. ---------------------------------------------------------------------------- - N E W F E A T U R E S I N 4 . 6 . 0 + N E W F E A T U R E S I N 4 . 6 . 1 ---------------------------------------------------------------------------- 1) Tuomo Soini has provided new macros for AMOP, MongoDB, Redis, Sieve diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/shorewall-lite.spec new/shorewall-lite-4.6.3.1/shorewall-lite.spec --- old/shorewall-lite-4.6.2.5/shorewall-lite.spec 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/shorewall-lite.spec 2014-08-27 16:54:44.000000000 +0200 @@ -1,6 +1,6 @@ %define name shorewall-lite -%define version 4.6.2 -%define release 5 +%define version 4.6.3 +%define release 1 %define initdir /etc/init.d Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. @@ -105,12 +105,16 @@ %doc COPYING changelog.txt releasenotes.txt %changelog -* Tue Aug 12 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-5 -* Tue Aug 05 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-4 -* Sat Jul 26 2014 Tom Eastep tom(a)shorewall.net -- Updated to 4.6.2-3 +* Thu Aug 21 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-1 +* Thu Aug 14 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0base +* Sun Aug 10 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0RC1 +* Sun Aug 03 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0Beta2 +* Fri Jul 25 2014 Tom Eastep tom(a)shorewall.net +- Updated to 4.6.3-0Beta1 * Fri Jul 18 2014 Tom Eastep tom(a)shorewall.net - Updated to 4.6.2-2 * Fri Jul 18 2014 Tom Eastep tom(a)shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.2.5/uninstall.sh new/shorewall-lite-4.6.3.1/uninstall.sh --- old/shorewall-lite-4.6.2.5/uninstall.sh 2014-08-13 01:53:52.000000000 +0200 +++ new/shorewall-lite-4.6.3.1/uninstall.sh 2014-08-27 16:54:44.000000000 +0200 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.6.2.5 +VERSION=4.6.3.1 usage() # $1 = exit status { ++++++ shorewall-4.6.2.5.tar.bz2 -> shorewall6-4.6.3.1.tar.bz2 ++++++ ++++ 125451 lines of diff (skipped) ++++++ shorewall-lite-4.6.2.5.tar.bz2 -> shorewall6-lite-4.6.3.1.tar.bz2 ++++++ ++++ 7782 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit sbcl for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package sbcl for openSUSE:Factory checked in at 2014-09-03 18:22:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sbcl (Old) and /work/SRC/openSUSE:Factory/.sbcl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "sbcl" Changes: -------- --- /work/SRC/openSUSE:Factory/sbcl/sbcl.changes 2014-08-13 17:08:20.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.sbcl.new/sbcl.changes 2014-09-03 21:08:10.000000000 +0200 @@ -1,0 +2,29 @@ +Sun Aug 31 18:24:15 UTC 2014 - toganm(a)opensuse.org + +- Update to version 1.2.3 + + * Enhancement: + + DOCUMENTATION works on instances of FUNCALLABLE-STANDARD-CLASS + + ASSERT reports arguments of calls to lexical functions in + additional to global functions. + + ASDF updated to 3.1.3 + + UIOP can be loaded without ASDF. + * Bug Fix: + + Some methods on CHANGE-CLASS did not finalize the new class + before accessing its class-precedence list. + + CHANGE-CLASS no longer fails on unbound slots in the source + object. + + CHANGE-CLASS signals an appropriate error when the destination + class is a FORWARD-REFERENCED-CLASS. + + CHANGE-CLASS no longer signals bogus TYPE-ERRORs for slots for + which initargs have been supplied. + + saving cores on ARM was broken since the introduction of GENCGC. + (lp#1349795) + + macroexpanding a backquoted expression involving ",." outside + of the compiler failed. (lp#1354623) + +- Backported from git for arm builds + 0002-Fix-array-bound-checking-with-negative-indexes-on-AR.patch + + +------------------------------------------------------------------- Old: ---- sbcl-1.2.2-source.tar.bz2 New: ---- 0002-Fix-array-bound-checking-with-negative-indexes-on-AR.patch sbcl-1.2.3-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sbcl.spec ++++++ --- /var/tmp/diff_new_pack.qh4RSZ/_old 2014-09-03 21:08:12.000000000 +0200 +++ /var/tmp/diff_new_pack.qh4RSZ/_new 2014-09-03 21:08:12.000000000 +0200 @@ -17,7 +17,7 @@ Name: sbcl -Version: 1.2.2 +Version: 1.2.3 Release: 0 Summary: Steel Bank Common Lisp License: SUSE-Public-Domain and BSD-3-Clause @@ -65,6 +65,8 @@ Patch6: sbcl-cast.patch # PATCH-FIX-OPENSUSE disable localport bsd sockets tests broken in kvm builds for some toganm(a)opensuse.org Patch7: disable-localport-bsd-sockets-test.patch +#PATCH-FIX-UPSTREAM backported from git +Patch8: 0002-Fix-array-bound-checking-with-negative-indexes-on-AR.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -88,6 +90,10 @@ %patch7 -p1 -b sockets %endif +%ifarch %arm +%patch8 -p1 -b arm +%endif + cp %{S:1} . cp %{S:2} . cp %{S:3} . ++++++ 0002-Fix-array-bound-checking-with-negative-indexes-on-AR.patch ++++++ >From 5e7d58ea89324d9c9d852fba2fb168b58b215f1a Mon Sep 17 00:00:00 2001 From: Stas Boukarev <stassats(a)gmail.com> Date: Sat, 30 Aug 2014 20:51:10 +0400 Subject: [PATCH 2/6] Fix array bound checking with negative indexes on ARM. Need to use an unsigned comparison, not a signed one, to weed out the negative numbers. Patch by Wendall Marvel. Signed-off-by: Togan Muftuoglu <toganm(a)opensuse.org> --- src/compiler/arm/array.lisp | 2 +- tests/vector.pure.lisp | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/src/compiler/arm/array.lisp b/src/compiler/arm/array.lisp index 6d652b4..7fc6622 100644 --- a/src/compiler/arm/array.lisp +++ b/src/compiler/arm/array.lisp @@ -73,7 +73,7 @@ (:generator 5 (let ((error (generate-error-code vop 'invalid-array-index-error array bound index))) (inst cmp index bound) - (inst b :ge error) + (inst b :hs error) (move result index)))) ;;;; Accessors/Setters diff --git a/tests/vector.pure.lisp b/tests/vector.pure.lisp index 30c349e..004a3b1 100644 --- a/tests/vector.pure.lisp +++ b/tests/vector.pure.lisp @@ -54,3 +54,13 @@ (compile nil `(lambda (a) (declare ((vector undefined-type) a)) (setf (svref a 0) 10)))) + +(with-test (:name :svref-negative-index) + (let ((vector #(1))) + (flet ((test (index) + (funcall (compile nil `(lambda (vector index) + (svref vector index))) + vector index))) + (assert-error (test -1)) + (assert (= (test 0) 1)) + (assert-error (test 1))))) -- 2.1.0 ++++++ sbcl-1.2.2-source.tar.bz2 -> sbcl-1.2.3-source.tar.bz2 ++++++ ++++ 31263 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0

commit sawfish-pager for openSUSE:Factory
by root＠hilbert.suse.de 03 Sep '14

03 Sep '14

Hello community, here is the log from the commit of package sawfish-pager for openSUSE:Factory checked in at 2014-09-03 18:23:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sawfish-pager (Old) and /work/SRC/openSUSE:Factory/.sawfish-pager.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "sawfish-pager" Changes: -------- --- /work/SRC/openSUSE:Factory/sawfish-pager/sawfish-pager.changes 2013-09-29 19:28:41.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.sawfish-pager.new/sawfish-pager.changes 2014-09-03 21:08:00.000000000 +0200 @@ -1,0 +2,14 @@ +Tue Sep 2 07:23:03 UTC 2014 - toganm(a)opensuse.org + +- Updated to version 0.90.4 + * Accept clicks on workspaces borders +- Removed the following from BuildRequires + * obsoleted sawfish-lisp + * autoconf automake libtool + +- Remove 0001-Fix-Makefile.patch and replace it with + Makefile-Overrides.patch + + + +------------------------------------------------------------------- Old: ---- 0001-Fix-Makefile.patch sawfish-pager-0.90.3.tar.xz New: ---- Makefile-Overrides.patch sawfish-pager_0.90.4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sawfish-pager.spec ++++++ --- /var/tmp/diff_new_pack.MxzVWG/_old 2014-09-03 21:08:02.000000000 +0200 +++ /var/tmp/diff_new_pack.MxzVWG/_new 2014-09-03 21:08:02.000000000 +0200 @@ -17,7 +17,7 @@ Name: sawfish-pager -Version: 0.90.3 +Version: 0.90.4 Release: 0 Summary: Pager for Sawfish window manager License: GPL-2.0 @@ -26,23 +26,20 @@ %else Group: System/GUI/Other %endif -Source0: http://download.tuxfamily.org/sawfishpager/%name-%version.tar.xz +Source0: http://download.tuxfamily.org/sawfishpager/%{name}_%{version}.tar.xz # PATCH-FIX-UPSTREAM sawfish-pager-makefilefix --toganm(a)opensuse.org -Patch0: 0001-Fix-Makefile.patch +Patch0: Makefile-Overrides.patch Url: http://sawfish.wikia.com/ BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: autoconf -BuildRequires: automake BuildRequires: bc BuildRequires: gmp-devel -BuildRequires: libtool BuildRequires: pkg-config BuildRequires: pkgconfig(gdk-pixbuf-2.0) >= 2.12.0 BuildRequires: pkgconfig(gtk+-2.0) >= 2.12.0 BuildRequires: pkgconfig(librep) BuildRequires: pkgconfig(rep-gtk) BuildRequires: pkgconfig(sawfish) >= 1.9.1 -BuildRequires: sawfish-lisp >= 1.9.1 +#BuildRequires: sawfish-lisp >= 1.9.1 %if 0%{?suse_version} == 1210 BuildRequires: xz @@ -65,11 +62,11 @@ Check README from this package documentation how to activate. %prep -%setup -q +%setup -q -n %{name}_%{version} %patch0 -p1 %build -autoreconf -fi +#autoreconf -fi %configure make %{?_smp_mflags} ++++++ Makefile-Overrides.patch ++++++ --- Makefile.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/Makefile.in +++ b/Makefile.in @@ -23,10 +23,12 @@ # along with sawfish-pager; see the file COPYING. If not, write to # the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. -override CFLAGS += @GTK_CFLAGS@ @IMAGE_LOADER_CFLAGS@ @SAWFISH_CFLAGS@ -DG_DISABLE_DEPRECATED -DGDK_DISABLE_DEPRECATED -DGDK_PIXBUF_DISABLE_DEPRECATED -DGTK_DISABLE_DEPRECATED +override CFLAGS += @GTK_CFLAGS@ @IMAGE_LOADER_CFLAGS@ @SAWFISH_CFLAGS@ LDFLAGS = -Wl,-rpath @SAWFISH_CLIENT_LIB_DIR@ LDLIBS = @SAWFISH_CLIENT_LIB_DIR@/client.so @GTK_LIBS@ @SAWFISH_LIBS@ @IMAGE_LOADER_LIBS@ + + all: sawfishpager pager.jlc %.jlc: %.jl -- To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-commit+help(a)opensuse.org

1 0