diff options
author | xuhy <huayong.xu@samsung.com> | 2023-11-16 17:39:20 +0800 |
---|---|---|
committer | xuhy <huayong.xu@samsung.com> | 2023-11-16 17:39:20 +0800 |
commit | 76ea0b5d4a1b8180f2552c2729d84388a77beecb (patch) | |
tree | 9a2b028c24c205b075d9386acd7a62a2eb2271a7 /packaging | |
parent | c30d127e8780dc678168ee121b9f2eeb1a8aaafa (diff) | |
download | librpm-tizen-76ea0b5d4a1b8180f2552c2729d84388a77beecb.tar.gz librpm-tizen-76ea0b5d4a1b8180f2552c2729d84388a77beecb.tar.bz2 librpm-tizen-76ea0b5d4a1b8180f2552c2729d84388a77beecb.zip |
The following issues are fixed:
1. Prevent execution of arbitrary scripts
2. Enable dash(-) in spec file.
3. Ignore bad expressions in %if conditionals.
4. Ignore unknown tags.
5. Ignore error macro.
Change-Id: Id5b7b47c1a78de364ef0d513023fbe9ccc773a87
Signed-off-by: xuhy <huayong.xu@samsung.com>
Diffstat (limited to 'packaging')
-rw-r--r-- | packaging/db-4.8.30-integration.dif | 82 | ||||
-rw-r--r-- | packaging/device-sec-policy | 46 | ||||
-rw-r--r-- | packaging/find-docs.sh | 33 | ||||
-rwxr-xr-x | packaging/find-provides.ksyms | 41 | ||||
-rw-r--r-- | packaging/librpm-tizen.changes | 42 | ||||
-rw-r--r-- | packaging/librpm-tizen.spec | 173 | ||||
-rw-r--r-- | packaging/rpm-tizen_macros | 305 | ||||
-rw-r--r-- | packaging/rpm.changes | 102 | ||||
-rw-r--r-- | packaging/rpm.manifest | 5 | ||||
-rw-r--r-- | packaging/rpmconfigcheck | 80 |
10 files changed, 909 insertions, 0 deletions
diff --git a/packaging/db-4.8.30-integration.dif b/packaging/db-4.8.30-integration.dif new file mode 100644 index 000000000..dbfb2939f --- /dev/null +++ b/packaging/db-4.8.30-integration.dif @@ -0,0 +1,82 @@ +--- db/db/db.c.orig 2010-04-12 20:25:22.000000000 +0000 ++++ db/db/db.c 2011-05-12 11:38:59.000000000 +0000 +@@ -646,6 +646,8 @@ __env_mpool(dbp, fname, flags) + MAKE_INMEM(dbp); + return (ret); + } ++ if (LF_ISSET(DB_NOFSYNC) && mpf->mfp) ++ F_SET(mpf->mfp, MP_NOFSYNC); + + /* + * Set the open flag. We use it to mean that the dbp has gone +--- db/db/db_iface.c.orig 2010-04-12 20:25:22.000000000 +0000 ++++ db/db/db_iface.c 2011-05-12 11:21:32.000000000 +0000 +@@ -1230,6 +1230,7 @@ __db_open_arg(dbp, txn, fname, dname, ty + #define OKFLAGS \ + (DB_AUTO_COMMIT | DB_CREATE | DB_EXCL | DB_FCNTL_LOCKING | \ + DB_MULTIVERSION | DB_NOMMAP | DB_NO_AUTO_COMMIT | DB_RDONLY | \ ++ DB_NOFSYNC | \ + DB_RDWRMASTER | DB_READ_UNCOMMITTED | DB_THREAD | DB_TRUNCATE) + if ((ret = __db_fchk(env, "DB->open", flags, OKFLAGS)) != 0) + return (ret); +--- db/dbinc/mp.h.orig 2010-04-12 20:25:22.000000000 +0000 ++++ db/dbinc/mp.h 2011-05-12 12:01:32.000000000 +0000 +@@ -467,6 +467,7 @@ struct __mpoolfile { + #define MP_FAKE_UOC 0x080 /* Unlink_on_close field: fake flag. */ + #define MP_NOT_DURABLE 0x100 /* File is not durable. */ + #define MP_TEMP 0x200 /* Backing file is a temporary. */ ++#define MP_NOFSYNC 0x400 /* Don't fsync */ + u_int32_t flags; + }; + +--- db/dbinc_auto/api_flags.in.orig 2011-05-12 11:40:57.000000000 +0000 ++++ db/dbinc_auto/api_flags.in 2011-05-12 11:55:10.000000000 +0000 +@@ -83,6 +83,7 @@ + #define DB_NOORDERCHK 0x00000002 + #define DB_NOPANIC 0x00000800 + #define DB_NO_AUTO_COMMIT 0x00001000 ++#define DB_NOFSYNC 0x00040000 + #define DB_ODDFILESIZE 0x00000080 + #define DB_ORDERCHKONLY 0x00000004 + #define DB_OVERWRITE 0x00001000 +--- db/dist/s_config.orig 2010-04-12 20:25:23.000000000 +0000 ++++ db/dist/s_config 2011-05-12 12:00:34.000000000 +0000 +@@ -8,7 +8,8 @@ trap 'rm -f aclocal.m4 ; exit 0' 0 1 2 3 + . ./RELEASE + + echo "autoconf: building aclocal.m4..." +-cat aclocal/*.m4 aclocal_java/*.m4 > aclocal.m4 ++cat aclocal/*.m4 aclocal_java/*.m4 > acinclude.m4 ++aclocal + + echo "autoconf: running autoheader to build config.hin..." + rm -f config.hin +--- db/mp/mp_sync.c.orig 2010-04-12 20:25:34.000000000 +0000 ++++ db/mp/mp_sync.c 2011-05-12 11:36:58.000000000 +0000 +@@ -578,7 +578,7 @@ done: /* + if (ret == 0 && required_write) { + if (dbmfp == NULL) + ret = __memp_sync_files(env); +- else ++ else if (!F_ISSET(dbmfp->mfp, MP_NOFSYNC)) + ret = __os_fsync(env, dbmfp->fhp); + } + +@@ -665,7 +665,7 @@ __memp_sync_file(env, mfp, argp, countp, + "%s: unable to flush", (char *) + R_ADDR(dbmp->reginfo, mfp->path_off)); + } +- } else ++ } else if (!F_ISSET(dbmfp->mfp, MP_NOFSYNC)) + ret = __os_fsync(env, dbmfp->fhp); + + /* +@@ -801,6 +801,8 @@ __memp_mf_sync(dbmp, mfp, locked) + COMPQUIET(hp, NULL); + env = dbmp->env; + ++ if (F_ISSET(mfp, MP_NOFSYNC)) ++ return 0; + /* + * We need to be holding the hash lock: we're using the path name + * and __memp_nameop might try and rename the file. diff --git a/packaging/device-sec-policy b/packaging/device-sec-policy new file mode 100644 index 000000000..83c0c46eb --- /dev/null +++ b/packaging/device-sec-policy @@ -0,0 +1,46 @@ +<config> + <sw_source name="root" rankkey="/10020/10000.root"> + <origin> + <keyinfo> +mQENBE6MJTABCAC6pAFNW9tCbLQtgmwxzNf7ftSL5RrsjVTlPtpyeFLhxSmqmeHr +KB10C6Co1zYB/fW8zvGXU613g3WEo4SKlS2lnOVBxviet0qn58zwCQASbdFYtckk +thtkxiSInoKbj4n/Z+hHB9dvcyqcWqp2IFQEDDpxgP4KuzCvvj6W+e9EtYsdGt9P +ZHsVjIAe0w+j7Hs4Q7FYWD+mdQAjgBsLlc16Ci8EPYnvBL/xdbJ3Ryfi59tTdfGG +HnwpjM2J1WshooyvsOtHZU+T1nHtuegEzdRMVFo502Lkb60dJRsREE2iyPWFX2TE +ZdaQqUMmkPaROUlWhGBSWIKbOVARwWBn94KDABEBAAG0CXJvb3QudGVzdIkBPgQT +AQIAKAUCTowlMAIbAwUJA8JnAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ +TTk+Qq2l7P210wgApKVLpdve9jDsy/y//gSAGvfA4fXFuGhHkH5+QW7L+QkUAo0Z +vv0KB0Pw5qZjV+k8jlq3Q3f/vcIEKxc40d0coa3m+bUlL2vy0+0gLSTiZ4MNFAk5 +LvJgEj+7ks75/qtJVWfCZeXo9NiugSoW9D+jNflmfstd8k2wT2ucH7IJHHzK1lGm +vZHXeJeSULRHiibVyK5cG+NH/1Akuxkgo2jOzqhLjhp4/UiJlyAD0k/J4ULfmWp8 +C9/sIhWBoS5OcrtMVQtUMTx85I2dEC/01hnfLUk8mi5VscLu3xQoJ9hNrMEgji6H +S+MmxcPGnVziEA0Z7VNN6DpuG/xZ1i9fgXXVfLkBDQROjCUwAQgA6fyD7eqaoah/ +za0X+Xv3o1y52UHmeHMmyzM/W4UlVsd01h7KzSHWyQKHi0i0pxRtUj+pkV+r+QjV +BiAowq2HVpyXsmre29PEgAuIVv6/pZjfZEWFKjSDsvdXpS+mT+J6LjRxYh7ZbGvv +SR3hMiMocWYENj13XDRw5USGhC0UxlmmMfjQfWJ6eHeQTiyZWW+CZUAJ2IbEkPVP +nBDH/fTuVMfOo4g0HwqUSJmwV47BPLec1ArSaPG1YgKX1Y+UYoNfUvo/ieiF59At +A8UbjQMzZggIfkvJsDL8U5n4ojFL8Rs/aMYuH76OlA4wuKPAnBSt+fVBnjaAAadf +FCy/CHZt/wARAQABiQElBBgBAgAPBQJOjCUwAhsMBQkDwmcAAAoJEE05PkKtpez9 +S7IH/j44MxOP6dAycQAreWVAzdMiw82DjP7c6jMxYZj8ss1x++iO5GW82qm0WJ6h +IOEdll+wBhPX0acKvE4KrlNzfsB2WzDRwOyiZfuSQI0J3Jrytj8zyCVKwHTsI8VC +RkOzaMYsEqmPc+ve+wxxcwWXC0EtoyhMRjRZlMy55IeJcEfM8bcE4wcsyotsura6 +o1fmU223Xj1k5xXxDvXalPUoXnhvsev7kMBnIQRac194qkSkTzVXGLGu5Ng7Bfxl +BMhf6RSk31+Q43ASbn4ralnswMhsHSatJIeasbHyvsTJzMnfEoSdpb8/dQI8KnHf +tRrR5cbqmVr8tkFjS/QK6TWfNMM= +</keyinfo> + </origin> + <package name="unknown-sw-source"/> + <package name="ac-domain-system"> + <provide> + <ac_domain name="_" policy="shared"/> + <ac_domain name="Isolated"/> + </provide> + </package> + <package name="root"/> + <sw_source name="_default_" rankkey="/10020/11000/10000._default_"> + <allow> + <ac_domain match="*"/> + </allow> + </sw_source> + </sw_source> +</config> diff --git a/packaging/find-docs.sh b/packaging/find-docs.sh new file mode 100644 index 000000000..afe4e22b7 --- /dev/null +++ b/packaging/find-docs.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +usage () { +cat << EOF +Usage: $0 TOP_DIR + +EOF +exit 1 +} + +if [ -z "$1" ] ; then usage +elif [ $1 = / ] ; then echo $0: expects non-/ argument for '$1' 1>&2 +elif [ ! -d $1 ] ; then + echo $0: $1: no such directory + exit 1 +else TOP_DIR="`echo $1|sed -e 's:/$::'`" +fi +shift + +DOC_NAME=documentation.list +touch $DOC_NAME + +find $TOP_DIR -type f -o -type l | sed ' +s:'"$TOP_DIR"':: +s:\(.*/man/man./.*\.[0-9]\):%doc \1: +s:\(.*/man/*/man./.*\.[0-9]\):%doc \1: +s:\(.*/gtk-doc/html/.*\):%doc \1: +s:\(.*/info/.*\info.*\):%doc \1: +s:^\([^%].*\):: +/^$/d' >> $DOC_NAME + + +exit 0 diff --git a/packaging/find-provides.ksyms b/packaging/find-provides.ksyms new file mode 100755 index 000000000..c8f2ccda6 --- /dev/null +++ b/packaging/find-provides.ksyms @@ -0,0 +1,41 @@ +#! /bin/sh + +IFS=$'\n' + +case "$1" in +kernel-module-*) ;; # Fedora kernel module package names start with + # kernel-module. +kernel*) kernel_flavor=${1#kernel-} ;; +esac + +trap 'rm -f "$tmp"' EXIT +tmp=$(mktemp) +while read f; do + test -e "$f" || continue + case "$f" in + *.debug) + continue + ;; + */lib/modules/*/*.ko | */lib/modules/*/*.ko.gz | */boot/vmlinu[xz]*) + ;; + *) + continue + esac + unzip=false + case "$f" in + *.gz | */boot/vmlinuz*) + unzip=true + esac + if $unzip && gzip -cd "$f" >"$tmp"; then + f=$tmp + fi + flavor=$(/usr/sbin/modinfo -F vermagic "$f") + flavor=${flavor%% *} + flavor=${flavor##*-} + if test -z "$flavor"; then + flavor=$kernel_flavor + fi + nm "$f" \ + | sed -r -ne "s/^0*([0-9a-f]+) A __crc_(.+)/ksym($flavor:\\2) = \\1/p" +done \ +| sort -u diff --git a/packaging/librpm-tizen.changes b/packaging/librpm-tizen.changes new file mode 100644 index 000000000..ee80cf410 --- /dev/null +++ b/packaging/librpm-tizen.changes @@ -0,0 +1,42 @@ +* Wed Jul 23 2014 Markus Lehtonen <markus.lehtonen@linux.intel.com> tizen-tools/4.11.0.1.tizen20140530-20140723 +- Rebase on latest Tizen 3.0 +- packaging: enable lua 5.2 for openSUSE +- rpm-packaging: enable customized autoreq + +* Thu Mar 06 2014 Markus Lehtonen <markus.lehtonen@linux.intel.com> tizen-tools/4.11.0.1.tizen20130618-20140306 +- Fix build against Lua 5.2 + +* Tue Oct 01 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> 4.11.0.1.tizen20130618 +- lua: fall through failed lua scripts +- lua: Enable Lua +- Ignore bad expressions in %if conditionals + +* Wed Aug 21 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> 4.11.0.1.tizen20130618 +- fix segmentation fault error while parsing spec +- Bump the log level of "unexpanded script" msg +- Prevent execution of arbitrary scripts + +* Tue Jun 18 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> 4.11.0.1.tizen20130618 +- Version bump to latest from Tizen 3.0 + +* Thu Mar 07 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> 4.11.0.1.tizen20130304 +- Version bump to latest from Tizen + +* Wed Feb 27 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> 4.10.91.tizen20121215 +- Enable lua +- update package Provide info +- Add a provide tag to make gbs depend on new changes +- packaging: fix Makefile +- Install Tizen macros + +* Mon Feb 25 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> 4.10.91.tizen20121215 +- packaging: Disable autoreq, too +- Ignore unknown internal scripts + +* Thu Feb 22 2013 Qiang Zhang <qiang.z.zhang@intel.com> 4.10.91.tizen20121215 +- packaging: fix build for CentOS + +* Thu Feb 21 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> 4.10.91.tizen20121215 +- packaging: Drop bdb sources +- packaging: fix build for Fedora (18) +- packaging: disable autoprov diff --git a/packaging/librpm-tizen.spec b/packaging/librpm-tizen.spec new file mode 100644 index 000000000..4eff279d8 --- /dev/null +++ b/packaging/librpm-tizen.spec @@ -0,0 +1,173 @@ +# Use custom autoreq script for filtering out all librpm* stuff +# (basically everything that the package would auto-provide) in order to make +# the package installable +%define _use_internal_dependency_generator 0 +%define __find_requires bash -c "/usr/lib/rpm/find-requires | grep -v librpm" + +%define rpmlibdir %{_prefix}/lib +%define rpmhome %{rpmlibdir}/rpm + +Name: librpm-tizen +Summary: The RPM libraries for git-buildpackage +License: GPL-2.0+ +Group: Development/Tools/Building +Version: 4.14.1.1.tizen20230628 +Release: 0 +Url: http://www.rpm.org +BuildRequires: binutils +BuildRequires: bzip2 +BuildRequires: file-devel +BuildRequires: findutils +BuildRequires: gcc +BuildRequires: glibc-devel +BuildRequires: gzip +BuildRequires: libacl-devel +BuildRequires: pkgconfig(libcap) +BuildRequires: libelf-devel +BuildRequires: libtool +%if 0%{?suse_version} +BuildRequires: pkgconfig(lua) +%else +BuildRequires: lua-devel +%endif +BuildRequires: make +BuildRequires: pkgconfig(ncurses) +BuildRequires: patch +%if 0%{?fedora} || 0%{?centos_ver} || 0%{?centos_version} +BuildRequires: popt-devel +%else +BuildRequires: pkgconfig(popt) +%endif +BuildRequires: pkgconfig(zlib) +BuildRequires: pkgconfig(nss) +BuildRequires: pkg-config +%if 0%{?centos_ver} || 0%{?centos_version} +BuildRequires: python-devel +%else +BuildRequires: pkgconfig(python3) +%endif +# Disable security +%if 0 +BuildRequires: uthash-devel +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(libsmack) +%endif +BuildRequires: libarchive-devel +%if 0%{?suse_version} +BuildRequires: fdupes +%endif +%if 0%{?fedora} || 0%{?centos_ver} >= 7 +BuildRequires: libdb-devel +%else +BuildRequires: db-devel +%endif +BuildRequires: pkgconfig(libzstd) + +Source4: rpm-tizen_macros +Source8: rpmconfigcheck +Source13: find-docs.sh +Source22: device-sec-policy +Source23: find-provides.ksyms +Source1001: rpm.manifest +Source0: rpm-%{version}.tar.gz +AutoProv: No + +Provides: rpm-tizen = %{version}-tizen20230628 +# +# avoid bootstrapping problem +%define _binary_payload w9.bzdio +# +# Python module name +%define python_mod_name rpm_tizen + +%description +RPM Package Manager is the main tool for managing the software packages +of Tizen. + +RPM can be used to install and remove software packages. With rpm, it +is easy to update packages. RPM keeps track of all these manipulations +in a central database. This way it is possible to get an overview of +all installed packages. RPM also supports database queries. + +This is a special stripped-down version of RPM, only intended to be used by the +git-buildpackage tool. This package doesn't interfere with the RPM libraries of +the host system and it only contains rpmlib and rpm-python. + +%prep +%setup -q -n rpm-%{version} +cp %{SOURCE1001} . +rm -rf sqlite +if [ -s %{_sysconfdir}/rpm/tizen_macros ]; then + cp -a %{_sysconfdir}/rpm/tizen_macros %{SOURCE4} +fi +cp -a %{SOURCE4} tizen_macros +rm -f m4/libtool.m4 +rm -f m4/lt*.m4 + +%build +CPPFLAGS="$CPPFLAGS `pkg-config --cflags nss`" +export CPPFLAGS +export CFLAGS="%{optflags} -ffunction-sections -fstack-protector-strong -Wl,-z,relro -D_FORTIFY_SOURCE=2 -fPIE" +export LDFLAGS="${LDFLAGS} -pie -Wl,-Bsymbolic-functions -ffunction-sections" +%ifarch armv5tel +export CFLAGS="-g -O0 -fno-strict-aliasing -ffunction-sections" +%endif + +%{?hwasan_build: +export CPPFLAGS="$CPPFLAGS -DHWASAN_BUILD" +} + +autoreconf -i -f + +%configure \ + --libdir=%{_libdir}/%{name} \ + --disable-dependency-tracking \ + --with-lua \ + --with-acl \ + --with-cap \ + --enable-shared \ + --enable-python \ + --with-vendor=tizen \ + --without-msm \ + --enable-zstd \ + --with-external-db \ + PYTHON_MODULENAME=%{python_mod_name} + +make %{?_smp_mflags} + +%install +# Install into a temporary location +make install DESTDIR="`pwd`/tmp_install" + +# And only copy the files that we want +install -d %{buildroot}%{_libdir}/%{name} +install -d %{buildroot}%{python3_sitearch} +cp -ax tmp_install/%{_libdir}/%{name} %{buildroot}%{_libdir}/ +cp -ax tmp_install/%{python3_sitearch}/%{python_mod_name} %{buildroot}%{python3_sitearch}/ + +# Install extra sources +install -m644 %{SOURCE4} %{buildroot}%{_libdir}/%{name}/rpm/tizen_macros +install -d %{buildroot}%{_libdir}/%{name}/rpm/tizen +ln -s ../tizen_macros %{buildroot}%{_libdir}/%{name}/rpm/tizen/macros + +# Delete unwanted development files etc. +find %{buildroot} -name "*.la" | xargs rm -f -- +find %{buildroot}/%{_libdir}/%{name} -name "*.so" | xargs rm -f -- +rm -rf "%{buildroot}%{_libdir}/%{name}/pkgconfig" +rm -rf "%{buildroot}%{_libdir}/%{name}/rpm-plugins" + +# Compile python modules (Fedora does this automatically) and find duplicates +%if 0%{?suse_version} +%py3_compile %{buildroot}/%{python3_sitearch}/%{python_mod_name}/ +%py3_compile -O %{buildroot}/%{python3_sitearch}/%{python_mod_name}/ + +%fdupes %{buildroot}/%{python3_sitearch}/ +%endif + +%files +%defattr(-,root,root,-) +%dir %{_libdir}/%{name} +%dir %{python3_sitearch}/%{python_mod_name}/ +%{_libdir}/%{name}/*.so.* +%{_libdir}/%{name}/rpm +%{python3_sitearch}/%{python_mod_name}/* diff --git a/packaging/rpm-tizen_macros b/packaging/rpm-tizen_macros new file mode 100644 index 000000000..e7648f9f8 --- /dev/null +++ b/packaging/rpm-tizen_macros @@ -0,0 +1,305 @@ +# directories +%_infodir %{_prefix}/share/info +%_mandir %{_prefix}/share/man +%_sysconfdir /etc +%_localstatedir /var +%_defaultdocdir %{_usr}/share/doc/packages +%_unitdir_user /usr/lib/systemd/user +%_unitdir /usr/lib/systemd/system + +# package build macros +# %make_install make install DESTDIR=%{?buildroot} +# %makeinstall make DESTDIR=%{?buildroot:%{buildroot}} install +%rb_arch %(echo %{_host_cpu}-linux | sed -e "s/i686/i586/" -e "s/armv5tel/armv4l/" -e "s/hppa2.0/hppa/") +%rb_ver %(/usr/bin/ruby -e 'puts VERSION.sub(/\\\.\\\d$/, "")') + +# external kernel module helper macro(s) +%kernel_devel_uname_r %(/bin/rpm -q --provides $(/bin/rpm -q --whatprovides kernel-devel-uname-r) | sed -ne 's,kernel-devel-uname-r = ,, p') +%kernel_release %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}-%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel)) +%kernel_name %(/bin/rpm -q --queryformat '%{RPMTAG_NAME}' $(/bin/rpm -q --whatprovides kernel)) + +# this script calls all scripts in /usr/lib/rpm/brp-tizen.d +%__os_install_post \ + /usr/lib/rpm/brp-compress \ + /usr/lib/rpm/brp-tizen \ + %{!?disable_docs_package:/usr/lib/rpm/tizen/find-docs.sh %{buildroot}} \ +%{nil} + +# macro: %configure_kernel_source +# +# +%configure_kernel_source() \ + if test -d /usr/src/linux ; then \ + pushd /usr/src/linux \ + test -f .config || cp arch/%_arch/defconfig.default .config \ + yes "" | make oldconfig \ + make dep \ + popd \ + fi \ + %nil + +%install_info(:-:) \ + ALL_ARGS=(%{**}) \ + NUM_ARGS=${#ALL_ARGS[@]} \ + if test -x /sbin/install-info ; then \ + if test -e "${ALL_ARGS[$((NUM_ARGS-1))]}" ; then \ + /sbin/install-info "${ALL_ARGS[@]}" \ + fi \ + fi ; + +%install_info_delete(:-:) \ + ALL_ARGS=(%{**}) \ + NUM_ARGS=${#ALL_ARGS[@]} \ + if test -x /sbin/install-info ; then \ + if ! test -e "${ALL_ARGS[$((NUM_ARGS-1))]}" ; then \ + /sbin/install-info --quiet --delete "${ALL_ARGS[@]}" \ + fi ; \ + fi ; + +# find-supplements.ksyms parses this macro directly out of the spec file: +%supplements_kernel_module() \ + %{expand:%(if ! rpm -q kernel-syms > /dev/null; then echo "%fail Please add the kernel-syms package to BuildRequires"; fi)} + +%do_profiling 1 +%cflags_profile_generate -fprofile-generate +%cflags_profile_feedback -fprofile-use + + + +# Tizen +# +%configure \ + CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS ; \ + CXXFLAGS="${CXXFLAGS:-%optflags}" ; export CXXFLAGS ; \ + FFLAGS="${FFLAGS:-%optflags -I%_fmoddir}" ; export FFLAGS ; \ + ./configure --build=%{_build} --host=%{_host} \\\ + --program-prefix=%{?_program_prefix} \\\ + --prefix=%{_prefix} \\\ + --exec-prefix=%{_exec_prefix} \\\ + --bindir=%{_bindir} \\\ + --sbindir=%{_sbindir} \\\ + --sysconfdir=%{_sysconfdir} \\\ + --datadir=%{_datadir} \\\ + --includedir=%{_includedir} \\\ + --libdir=%{_libdir} \\\ + --libexecdir=%{_libexecdir} \\\ + --localstatedir=%{_localstatedir} \\\ + --sharedstatedir=%{_sharedstatedir} \\\ + --mandir=%{_mandir} \\\ + --infodir=%{_infodir} + + +%reconfigure \ + CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS ; \ + CXXFLAGS="${CXXFLAGS:-%optflags}" ; export CXXFLAGS ; \ + FFLAGS="${FFLAGS:-%optflags -I%_fmoddir}" ; export FFLAGS ; \ + autoreconf -v --install --force || exit 1 \ + ./configure --build=%{_build} --host=%{_host} \\\ + --program-prefix=%{?_program_prefix} \\\ + --prefix=%{_prefix} \\\ + --exec-prefix=%{_exec_prefix} \\\ + --bindir=%{_bindir} \\\ + --sbindir=%{_sbindir} \\\ + --sysconfdir=%{_sysconfdir} \\\ + --datadir=%{_datadir} \\\ + --includedir=%{_includedir} \\\ + --libdir=%{_libdir} \\\ + --libexecdir=%{_libexecdir} \\\ + --localstatedir=%{_localstatedir} \\\ + --sharedstatedir=%{_sharedstatedir} \\\ + --mandir=%{_mandir} \\\ + --infodir=%{_infodir} + +%autogen \ + CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS ; \ + CXXFLAGS="${CXXFLAGS:-%optflags}" ; export CXXFLAGS ; \ + FFLAGS="${FFLAGS:-%optflags -I%_fmoddir}" ; export FFLAGS ; \ + ./autogen.sh --build=%{_build} --host=%{_host} \\\ + --program-prefix=%{?_program_prefix} \\\ + --prefix=%{_prefix} \\\ + --exec-prefix=%{_exec_prefix} \\\ + --bindir=%{_bindir} \\\ + --sbindir=%{_sbindir} \\\ + --sysconfdir=%{_sysconfdir} \\\ + --datadir=%{_datadir} \\\ + --includedir=%{_includedir} \\\ + --libdir=%{_libdir} \\\ + --libexecdir=%{_libexecdir} \\\ + --localstatedir=%{_localstatedir} \\\ + --sharedstatedir=%{_sharedstatedir} \\\ + --mandir=%{_mandir} \\\ + --infodir=%{_infodir} + + +%makeinstall \ + %{__make} \\\ + prefix=%{?buildroot:%{buildroot}}%{_prefix} \\\ + exec_prefix=%{?buildroot:%{buildroot}}%{_exec_prefix} \\\ + bindir=%{?buildroot:%{buildroot}}%{_bindir} \\\ + sbindir=%{?buildroot:%{buildroot}}%{_sbindir} \\\ + sysconfdir=%{?buildroot:%{buildroot}}%{_sysconfdir} \\\ + datadir=%{?buildroot:%{buildroot}}%{_datadir} \\\ + includedir=%{?buildroot:%{buildroot}}%{_includedir} \\\ + libdir=%{?buildroot:%{buildroot}}%{_libdir} \\\ + libexecdir=%{?buildroot:%{buildroot}}%{_libexecdir} \\\ + localstatedir=%{?buildroot:%{buildroot}}%{_localstatedir} \\\ + sharedstatedir=%{?buildroot:%{buildroot}}%{_sharedstatedir} \\\ + mandir=%{?buildroot:%{buildroot}}%{_mandir} \\\ + infodir=%{?buildroot:%{buildroot}}%{_infodir} \\\ + install + + +%make_install \ + %{__make} \\\ + DESTDIR=%{?buildroot:%{buildroot}} \\\ + INSTALL_ROOT=%{?buildroot:%{buildroot}} \\\ + install \ + rm -f %{?buildroot:%{buildroot}}%{_infodir}/dir \ + find %{?buildroot:%{buildroot}} -regex ".*\\.la$" | xargs rm -f -- \ + %{!?keepstatic:find %{?buildroot:%{buildroot}} -regex ".*\\.a$" | xargs rm -f --} + +%_smp_mflags %([ -z "$RPM_BUILD_NCPUS" ] \\\ + && RPM_BUILD_NCPUS="`/usr/bin/getconf _NPROCESSORS_ONLN`"; \\\ + [ "$RPM_BUILD_NCPUS" -gt 1 ] && echo "-j$RPM_BUILD_NCPUS") + +%lang_package(n:f:) \ +%package %{-n:-n %{-n*}-}locale \ +Summary: Translations and Locale for package %{name}\ +Group: System/Localization\ +Requires: %{-n:%{-n*}}%{!-n:%{name}} = %{version} \ +Provides: %{-n:%{-n*}}%{!-n:%{name}}-lang-all = %{version} \ +BuildArch: noarch \ +%description %{-n:-n %{-n*}-}locale\ +This package provides translations for package %{name}.\ +%files %{-n:-n %{-n*}-}locale -f %{-f:%{-f*}.lang} %{!-f:%{name}.lang}\ +%defattr(-,root,root,-)\ +%{nil} + +%docs_package \ +%package docs \ +Summary: Documentation for package %{name}\ +Group: Documentation\ +AutoReqProv: 0\ +%description docs\ +This package provides documentation for package %{name}.\ +%files docs -f documentation.list\ +%defattr(-,root,root,-)\ +%{nil} + +# Bad hack to set $LANG to C during all RPM builds +%prep \ +%%prep\ +LANG=C\ +export LANG\ +unset DISPLAY\ +%{nil} + +%build %%build\ +LANG=C\ +export LANG\ +unset DISPLAY\ +CFLAGS="%optflags" ; export CFLAGS ; \ +CXXFLAGS="${CXXFLAGS:-%optflags}" ; export CXXFLAGS ; \ +FFLAGS="${FFLAGS:-%optflags -I%_fmoddir}" ; export FFLAGS ; \ +LD_AS_NEEDED=1; export LD_AS_NEEDED ; \ +%{nil} + +%install %{?_enable_debug_packages:%{?buildsubdir:%{debug_package}}}\ +%%install\ +LANG=C\ +export LANG\ +unset DISPLAY\ +rm -rf %{?buildroot:%{buildroot}} \ +mkdir -p %{?buildroot:%{buildroot}} \ +%{nil} + + +%clean %%clean\ +rm -rf %{?buildroot:%{buildroot}} \ +%{nil} + +%find_lang /usr/lib/rpm/find-lang.sh %{buildroot} +%find_docs /usr/lib/rpm/tizen/find-docs.sh %{buildroot} + + + +#============================================================================== +# ---- default .desktop directories per the desktop-entry freedesktop.org spec + +%_desktopdir %{_datadir}/applications + +#============================================================================== +# ---- Generic auto req/prov filtering macros +# +# http://fedoraproject.org/wiki/PackagingDrafts/AutoProvidesAndRequiresFiltering + +# prevent anything matching from being scanned for provides +%filter_provides_in(P) %{expand: \ +%global __filter_prov_cmd %{?__filter_prov_cmd} %{__grep} -v %{-P} '%*' | \ +} + +# prevent anything matching from being scanned for requires +%filter_requires_in(P) %{expand: \ +%global __filter_req_cmd %{?__filter_req_cmd} %{__grep} -v %{-P} '%*' | \ +} + +# filter anything matching out of the provides stream +%filter_from_provides() %{expand: \ +%global __filter_from_prov %{?__filter_from_prov} | %{__sed} -e '%*' \ +} + +# filter anything matching out of the requires stream +%filter_from_requires() %{expand: \ +%global __filter_from_req %{?__filter_from_req} | %{__sed} -e '%*' \ +} + +# actually set up the filtering bits +%filter_setup %{expand: \ +%global _use_internal_dependency_generator 0 \ +%global __deploop() while read FILE; do /usr/lib/rpm/rpmdeps -%{1} ${FILE}; done | /bin/sort -u \ +%global __find_provides /bin/sh -c "%{?__filter_prov_cmd} %{__deploop P} %{?__filter_from_prov}" \ +%global __find_requires /bin/sh -c "%{?__filter_req_cmd} %{__deploop R} %{?__filter_from_req}" \ +} + +%remove_docs \ + rm -rf %{?buildroot:%{buildroot}}%{_infodir} \ + rm -rf %{?buildroot:%{buildroot}}%{_defaultdocdir} \ + rm -rf %{?buildroot:%{buildroot}}%{_datadir}/doc/%{name} \ + rm -rf %{?buildroot:%{buildroot}}%{_datadir}/doc/%{name}-%{version} \ + rm -rf %{?buildroot:%{buildroot}}%{_datadir}/gtk-doc \ + rm -rf %{?buildroot:%{buildroot}}%{_datadir}/doc \ + rm -rf %{?buildroot:%{buildroot}}%{_datadir}/man \ + find %{?buildroot:%{buildroot}} -regex ".*/man/man./.*\.[0-9]" | xargs rm -f -- \ + find %{?buildroot:%{buildroot}} -regex ".*/man/../man./.*\.[0-9]" | xargs rm -f -- \ + find %{?buildroot:%{buildroot}} -regex ".*/man/man./.*\.[0-9]pm" | xargs rm -f -- + + +%install_service() \ +mkdir -p %{buildroot}/%{_unitdir}/%{1} \ +ln -s ../%{2} %{buildroot}/%{_unitdir}/%{1}/%{2} \ +%{nil} + + +%_fontsdir %{_usr}/share/fonts +%_ttfontsdir %{_fontsdir}/truetype +%_miscfontsdir %{_fontsdir}/misc +%_fontsconfdir %{_sysconfdir}/fonts +%_fontsconfddir %{_fontsconfdir}/conf.d +%_fontsconfavaildir %{_datadir}/%{name}/conf.avail + +%devel_package \ +%package devel \ +Summary: Development files for package %{name}\ +Group: Development\ +%description devel\ +This package provides header files and other developer releated files for package %{name}.\ +%files devel \ +%{_includedir}/*\ +%{_libdir}/pkgconfig/*.pc\ +%{_libdir}/*.so\ +%{nil} + +%devel_desc This package contains all necessary include files and libraries needed \ +to develop applications that require %{name}.\ +%{nil} + diff --git a/packaging/rpm.changes b/packaging/rpm.changes new file mode 100644 index 000000000..c654c5e8b --- /dev/null +++ b/packaging/rpm.changes @@ -0,0 +1,102 @@ +* Wed Jan 29 2014 Patrick McCarty <patrick.mccarty@linux.intel.com> 940f59b +- Add three new RPM macros to use in packages with build dependencies on a + platform's kernel and/or kernel-devel package. The macros are + '%kernel_devel_uname_r', '%kernel_release', and '%kernel_name'. + +* Fri Jan 17 2014 Mikko Ylinen <mikko.ylinen@intel.com> accepted/tizen/generic/20140106.135159@e9e247d +- MSM: fix access type length and validation +- Security plugin: change policy to advisory +- Security plugin: adding support for l access type + +* Tue Dec 03 2013 Rusty Lynch <rusty.lynch@intel.com> accepted/tizen/20131115.212447@d460069 +- Security plugin: removing exec label restriction + +* Fri Nov 15 2013 Rusty Lynch <rusty.lynch@intel.com> accepted/tizen/20131108.201843@93d4902 +- Fix rpmlint error +- PTREL-155: fix build python-rpm +- armv7l:fix faulty line in rpmrc.in +- msm: check libxml/{xmlreader,tree}.h +- Security plugin: Removing definition of System domain from default device policy + +* Wed Sep 25 2013 Jacek Bukarewicz <j.bukarewicz@samsung.com> accepted/tizen/20130916.211819@a771cdf +- Introduction of -locale and -docs subpackages. Moved package to another group +- update changes + +* Mon Sep 16 2013 Anas Nashif <anas.nashif@intel.com> accepted/tizen/20130913.024734@b487cf5 +- remove --target from %configure macros + +* Mon Sep 02 2013 Anas Nashif <anas.nashif@intel.com> submit/tizen/20130820.223822@6ebf41a +- Security plugin: adding checking of return code for dbus policy verification + +* Wed Aug 21 2013 Anas Nashif <anas.nashif@intel.com> submit/tizen/20130820.223822@6ec9c11 +- Security plugin: small fixes +- Security plugin: removing disable-dchecks option +- update changes and release + +* Mon Aug 05 2013 Anas Nashif <anas.nashif@intel.com> accepted/tizen/20130710.214747@675aeea +- Security plugin: support for --root option +- Security plugin: pkg_name allocation in conflict +- Security plugin: allowing multiple domains definition +- resetting manifest requested domain to floor +- update changelog + +* Wed Jun 12 2013 Anas Nashif <anas.nashif@intel.com> accepted/tizen/20130520.094313@a3c78e0 +- update macros from project conf +- Security plugin: Adding configuration option --disable-dchecks +- Security-plugin: Fix the null pointer comparison possibility in msmXattrSupport +- Set license using %license +- Fix 32bit kernel builds by not using eu-strip +- Cleaning up code identation +- Fix the missing path prefix for Plugin init hook +- Fixes to rpm security plugin - stricter control over smack64exec label assigment - strciter control over dbus interface labels +- Add VCS tag into .src.rpm +- add find-provides.ksyms + +* Fri Mar 29 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130322.180734@fcbf4ed +- find-provides.ksyms added for kernel packages and symbols + +* Fri Mar 29 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130322.180734@fcbf4ed +- init message test [Elena Reshetova] +- Adding Isolated domain to policy [Elena Reshetova] +- Changing smack load path [Elena Reshetova] + +* Fri Mar 22 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130318.200853@1a584da +- Fixed package groups + +* Mon Mar 18 2013 Anas Nashif <anas.nashif@intel.com> accepted/trunk/20130309.052847@1a584da +- Adding a new attribute tag to manifest [Elena Reshetova] + +* Mon Mar 04 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130207.030314@31fe202 +- Fixed package groups +- add macro no_lang_C +- update find-lang +- Call ldconfig +- Include %{VCS} in rpm -q --info output + +* Wed Feb 06 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130206.154747@e2d13a6 +- Call ldconfig + +* Wed Feb 06 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130203.005409@caedd28 +- Move libs back to main package + +* Sat Feb 02 2013 Anas Nashif <anas.nashif@intel.com> rpm-4.11.0-release@531803c +- Update to 4.11.0.1 + +* Tue Jan 29 2013 Markus Lehtonen <markus.lehtonen@linux.intel.com> accepted/trunk/20130119.012137@c917b46 +- Temporally making loading of a configured plugin optional [Elena Reshetova] + +* Thu Jan 17 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130117.002510@77a88bd +- fixing error in cleanup if magic db can't be loaded [Elena Reshetova] + +* Wed Jan 16 2013 Anas Nashif <anas.nashif@intel.com> accepted/trunk/20130114.165627@8999b08 +- Enable security plugin/Smack + +* Mon Jan 14 2013 Anas Nashif <anas.nashif@intel.com> accepted/trunk/20121215.193208@ed3861a +- Move build related files to rpm-build + +* Sat Dec 15 2012 Anas Nashif <anas.nashif@intel.com> submit/trunk/20121215.171010@735e3f1 +- cleanup macros + +* Sat Dec 15 2012 Anas Nashif <anas.nashif@intel.com> rpm-4.11.0-beta1@be4c7d8 +- Update to 4.11 beta1 + diff --git a/packaging/rpm.manifest b/packaging/rpm.manifest new file mode 100644 index 000000000..017d22d3a --- /dev/null +++ b/packaging/rpm.manifest @@ -0,0 +1,5 @@ +<manifest> + <request> + <domain name="_"/> + </request> +</manifest> diff --git a/packaging/rpmconfigcheck b/packaging/rpmconfigcheck new file mode 100644 index 000000000..97bba74ee --- /dev/null +++ b/packaging/rpmconfigcheck @@ -0,0 +1,80 @@ +#! /bin/bash +# Copyright (c) 2002 SuSE GmbH Nuernberg, Germany. +# +# Author: Michael Schroeder <feedback@suse.de> +# +# /etc/init.d/rpmconfigcheck +# /usr/sbin/rcrpmconfigcheck +# +# Script to scan for unresolved .rpmnew, .rpmorig, and .rpmsave files +# +### BEGIN INIT INFO +# Provides: rpmconfigcheck +# Required-Start: $remote_fs +# Required-Stop: $null +# Default-Start: 2 3 5 +# Default-Stop: +# Description: rpm config file scan +### END INIT INFO + +. /etc/rc.status + +# First reset status of this service +rc_reset + +configcheckfile=/var/adm/rpmconfigcheck +packages=/var/lib/rpm/Packages + +test -z "$1" && set start + +case "$1" in + start|restart|try-restart|reload|force-reload) + if test -s $packages -a \( ! -e $configcheckfile -o -s $configcheckfile -o ! $packages -ot $configcheckfile \) ; then + echo -n "Searching for unresolved configuration files" + if test ! -e $configcheckfile -o ! $packages -ot $configcheckfile ; then + test -e $configcheckfile && mv -f $configcheckfile $configcheckfile.old + rpm -qalc | sort | perl -lne '-e "$_.rpmnew" and print "$_.rpmnew"; -e "$_.rpmorig" and print "$_.rpmorig"; -e "$_.rpmsave" and print "$_.rpmsave"' > $configcheckfile + else + mv -f $configcheckfile $configcheckfile.old + while read l; do + test -e $l && echo $l + done < $configcheckfile.old > $configcheckfile + true + fi + rc_status -v + if test -s $configcheckfile; then + echo "Please check the following files (see /var/adm/rpmconfigcheck):" + sed -e 's/^/ /' < $configcheckfile + touch $configcheckfile.old + cat $configcheckfile $configcheckfile.old | sort | uniq -d > $configcheckfile.dup + cat $configcheckfile $configcheckfile.dup | sort | uniq -u > $configcheckfile.new + if test -s $configcheckfile.new ; then + ( + echo "----------------------------------------------------------------------" + echo "----------------------------------------------------------------------" + echo "rpmconfigcheck" + date + echo "----------------------------------------" + echo "This is a warning message." + echo "rpmconfigcheck has found the following new unresolved config files" + echo "(all files are listed in /var/adm/rpmconfigcheck):" + cat $configcheckfile.new + echo "----------------------------------------" + ) >> /var/log/update-messages + fi + fi + rm -f $configcheckfile.old $configcheckfile.dup $configcheckfile.new + fi + ;; + stop) + ;; + status) + rc_failed 4 + rc_status -v + ;; + *) + echo "Usage: $0 {start}" + exit 1 + ;; +esac +rc_exit |