From db0a2009060687f3e97eb0c346c6a47dfca1a070 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Oct 20 2019 12:55:42 +0000 Subject: import bolt-0.7-1.el7 --- diff --git a/.bolt.metadata b/.bolt.metadata new file mode 100644 index 0000000..8ef09b7 --- /dev/null +++ b/.bolt.metadata @@ -0,0 +1 @@ +c87ace8d2405a88cc63a0b11ea54ee0f3842bd41 SOURCES/bolt-0.7.tar.bz2 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a38d810 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/bolt-0.7.tar.bz2 diff --git a/SOURCES/journal-fix-format.patch b/SOURCES/journal-fix-format.patch new file mode 100644 index 0000000..08cb661 --- /dev/null +++ b/SOURCES/journal-fix-format.patch @@ -0,0 +1,25 @@ +commit cf7387344ca9f78fa5aaaab38f41cf0ab9832568 +Author: Christian Kellner +Date: Fri Jan 4 11:44:53 2019 +0100 + + journal: fix invalid format string in warning + + Remove the erroneous extra string format specifier ('%s') that was + not passed; which of course is a bug and made some architectures + fall over. Should never actually happen in the wild, because bolt + tries very hard to not write invalid journal entries ... but who + knows. + +diff --git a/boltd/bolt-journal.c b/boltd/bolt-journal.c +index 715f862..5edd647 100644 +--- a/boltd/bolt-journal.c ++++ b/boltd/bolt-journal.c +@@ -490,7 +490,7 @@ bolt_journal_list (BoltJournal *journal, + if (err != NULL) + { + bolt_warn_err (err, LOG_TOPIC ("journal"), +- "invalid entry: '%s': %s", l); ++ "skipping entry '%s'", l); + continue; + } + diff --git a/SOURCES/py2-compat.patch b/SOURCES/py2-compat.patch new file mode 100644 index 0000000..96f143b --- /dev/null +++ b/SOURCES/py2-compat.patch @@ -0,0 +1,24 @@ +From 4ada3a5ce4aa4cfe7e3f0a066c2b9be7281f8930 Mon Sep 17 00:00:00 2001 +From: Christian Kellner +Date: Wed, 6 Jun 2018 20:34:56 +0200 +Subject: [PATCH] test: integration: use default python + +Instead of explicitly specifying the python version, use the +default, i.e. /usr/bin/python +--- + tests/test-integration | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/test-integration b/tests/test-integration +index d2fd7df..66fb89f 100755 +--- a/tests/test-integration ++++ b/tests/test-integration +@@ -1,4 +1,4 @@ +-#!/usr/bin/python3 ++#!/usr/bin/python + # -*- coding: utf-8 -*- + # + # bolt integration test suite +-- +2.17.1 + diff --git a/SOURCES/unsupported-settings.patch b/SOURCES/unsupported-settings.patch new file mode 100644 index 0000000..181f67c --- /dev/null +++ b/SOURCES/unsupported-settings.patch @@ -0,0 +1,38 @@ +From 6b62f6a9c94db39c635215ed4acf48bfe4b99d23 Mon Sep 17 00:00:00 2001 +From: Christian Kellner +Date: Wed, 27 Mar 2019 15:05:40 +0100 +Subject: [PATCH] data: remove unsupported service file settings + +On older systemd (say 219) some of the settings we use in bolt are +not supported and systemd would warn about them, so remove them. +--- + data/bolt.service.in | 10 ---------- + 1 file changed, 10 deletions(-) + +diff --git a/data/bolt.service.in b/data/bolt.service.in +index d17b4c7..a9e7a8a 100644 +--- a/data/bolt.service.in ++++ b/data/bolt.service.in +@@ -11,19 +11,9 @@ ExecStart=@libexecdir@/boltd + Restart=on-failure + NotifyAccess=main + +-MemoryDenyWriteExecute=yes + PrivateTmp=yes +-ProtectControlGroups=yes + ProtectHome=yes +-ProtectKernelModules=yes + ProtectSystem=full + RestrictAddressFamilies=AF_NETLINK AF_UNIX +-RestrictRealtime=yes +-ReadWritePaths=@dbdir@ + SystemCallFilter=~@mount + CapabilityBoundingSet=CAP_NET_ADMIN +- +-#directory management +-RuntimeDirectory=@dbname@ +-RuntimeDirectoryPreserve=yes +-StateDirectory=@dbname@ +-- +2.20.1 + diff --git a/SOURCES/use-sendfile.patch b/SOURCES/use-sendfile.patch new file mode 100644 index 0000000..a81b4cb --- /dev/null +++ b/SOURCES/use-sendfile.patch @@ -0,0 +1,35 @@ +From acda1b0d97fa9e2a3ea3a51619d30d7f2d0f7244 Mon Sep 17 00:00:00 2001 +From: Christian Kellner +Date: Tue, 26 Mar 2019 17:52:28 +0100 +Subject: [PATCH] common: use sendfile instead of copy_file_range + +On older kernels we cannot use copy_file_range so use sendfile +instead. +--- + common/bolt-io.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/common/bolt-io.c b/common/bolt-io.c +index 5e50afa..375f978 100644 +--- a/common/bolt-io.c ++++ b/common/bolt-io.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -831,7 +832,7 @@ bolt_copy_bytes (int fd_from, + { + ssize_t r; + +- r = copy_file_range (fd_from, NULL, fd_to, NULL, len, 0); ++ r = sendfile (fd_to, fd_from, NULL, len); + + if (r == -1) + { +-- +2.20.1 + diff --git a/SPECS/bolt.spec b/SPECS/bolt.spec new file mode 100644 index 0000000..39849a8 --- /dev/null +++ b/SPECS/bolt.spec @@ -0,0 +1,100 @@ +Name: bolt +Version: 0.7 +Release: 1%{?dist} +Summary: Thunderbolt device manager +License: LGPLv2+ +URL: https://gitlab.freedesktop.org/bolt/bolt +Source0: %{url}/-/archive/%{version}/%{name}-%{version}.tar.bz2 +Patch0: py2-compat.patch +Patch1: journal-fix-format.patch +Patch2: use-sendfile.patch +Patch3: unsupported-settings.patch + +BuildRequires: gcc +BuildRequires: asciidoc +BuildRequires: meson +BuildRequires: libudev-devel +BuildRequires: pkgconfig(gio-2.0) +BuildRequires: pkgconfig(libudev) +BuildRequires: pkgconfig(systemd) +BuildRequires: pkgconfig(libsystemd) +BuildRequires: polkit-devel +BuildRequires: systemd +%{?systemd_requires} + +# for the integration test (optional) +%if 0%{?fedora} +BuildRequires: pygobject3-devel +BuildRequires: python3-dbus +BuildRequires: python3-dbusmock +BuildRequires: umockdev-devel +%endif + +%description +bolt is a system daemon to manage thunderbolt 3 devices via a D-BUS +API. Thunderbolt 3 features different security modes that require +devices to be authorized before they can be used. The D-Bus API can be +used to list devices, enroll them (authorize and store them in the +local database) and forget them again (remove previously enrolled +devices). It also emits signals if new devices are connected (or +removed). During enrollment devices can be set to be automatically +authorized as soon as they are connected. A command line tool, called +boltctl, can be used to control the daemon and perform all the above +mentioned tasks. + +%prep +%autosetup -p1 + +%build +%meson -Ddb-name=boltd +%meson_build + +%check +%meson_test + +%install +%meson_install +install -m0755 -d $RPM_BUILD_ROOT%{_localstatedir}/lib/boltd + + +%post +%systemd_post %{name}.service + +%preun +%systemd_preun %{name}.service + +%postun +%systemd_postun_with_restart %{name}.service + +%files +%license COPYING +%doc README.md +%{_bindir}/boltctl +%{_libexecdir}/boltd +%{_unitdir}/%{name}.service +%{_udevrulesdir}/*-%{name}.rules +%{_sysconfdir}/dbus-1/system.d/org.freedesktop.bolt.conf +%{_datadir}/dbus-1/interfaces/org.freedesktop.bolt.xml +%{_datadir}/polkit-1/actions/org.freedesktop.bolt.policy +%{_datadir}/polkit-1/rules.d/org.freedesktop.bolt.rules +%{_datadir}/dbus-1/system-services/org.freedesktop.bolt.service +%{_mandir}/man1/boltctl.1* +%{_mandir}/man8/boltd.8* +%dir %{_localstatedir}/lib/boltd + +%changelog +* Tue Mar 26 2019 Christian Kellner - 0.7-1 +- bolt 0.7 release with pre-bootacl support. + Resolves: #1629713 +- Patch to fix a format string bug in the 0.7 +- Drop restricting-capabilities.patch (included in 0.7) +- Patch to not use unsuppported unit file settings. + Resolves: #1631050 + +* Wed Jul 18 2018 Christian Kellner - 0.4-3 +- Include patch to tighten sandbox by restricting capabilities +- Resolves: #1559611 + +* Wed Jun 6 2018 Christian Kellner - 0.4-2 +- bolt 0.4 upstream release +- Resolves: #1559611