rpms
/
toolbox
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:i10c-beta
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:c9-beta
rpms:i8c-stream-rhel8
rpms:c8-stream-rhel8
rpms:i8c-beta-stream-rhel8
rpms:c8-beta-stream-rhel8
rpms:i8c-stream-4.0
rpms:c8-stream-4.0
rpms:i8c-stream-3.0
rpms:c8-stream-3.0
rpms:i8c-stream-2.0
rpms:c8-stream-2.0
rpms:i9c
rpms:c9
...
pull from: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:c9-beta
rpms:i8c-stream-rhel8
rpms:c8-stream-rhel8
rpms:i8c-beta-stream-rhel8
rpms:c8-beta-stream-rhel8
rpms:i8c-stream-4.0
rpms:c8-stream-4.0
rpms:i8c-stream-3.0
rpms:c8-stream-3.0
rpms:i8c-stream-2.0
rpms:c8-stream-2.0
rpms:i9c
rpms:c9

No commits in common. 'i10c-beta' and 'c9' have entirely different histories.
i10c-beta ... c9

11 changed files with 479 additions and 1607 deletions
Show Stats

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/toolbox-0.0.99.5-vendored.tar.xz
SOURCES/toolbox-0.0.99.4-vendored.tar.xz

2
.toolbox.metadata
Unescape View File

@ -1 +1 @@
9b8595f66d8dd76636c308426919bb81cba5498a SOURCES/toolbox-0.0.99.5-vendored.tar.xz
3a2506e53c44cab54d476ee38af7197175e8af10 SOURCES/toolbox-0.0.99.4-vendored.tar.xz

89
SOURCES/toolbox-Don-t-use-podman-1-when-generating-the-comp.patch
Unescape View File

@ -0,0 +1,89 @@
From fc5f568c5d82f4a16982268fa67092e52be91fbe Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Tue, 28 Feb 2023 17:12:04 +0100
Subject: [PATCH] cmd/root: Don't use podman(1) when generating the completions
Ever since commit bafbbe81c9220cb3, the shell completions are generated
while building Toolbx using the 'completion' command. This involves
running toolbox(1) itself, and hence invoking 'podman version' to decide
if 'podman system migrate' is needed or not.
Unfortunately, some build environments, like Fedora's, are set up inside
a chroot(2) or systemd-nspawn(1) or similar, where 'podman version' may
not work because it does various things with namespaces(7) and clone(2)
that can, under certain circumstances, encounter an EPERM.
Therefore, it's better to avoid using podman(1) when generating the
shell completions, especially, since they are generated by Cobra itself
and podman(1) is not involved at all.
Note that podman(1) is needed when the generated shell completions are
actually used in interactive command line environments. The shell
completions invoke the hidden '__complete' command to get the results
that are presented to the user, and, if needed, 'podman system migrate'
will continue to be run as part of that.
This partially reverts commit f3e005d0142d7ec76d5ac8f0a2f331a52fd46011
because podman(1) is now only an optional runtime dependency for the
system tests.
https://github.com/containers/podman/issues/17657
---
meson.build | 2 +-
src/cmd/root.go | 9 +++++++--
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/meson.build b/meson.build
index 6f044bb204e3..653a3d3ac588 100644
--- a/meson.build
+++ b/meson.build
@@ -18,12 +18,12 @@ subid_dep = cc.find_library('subid', has_headers: ['shadow/subid.h'])
go = find_program('go')
go_md2man = find_program('go-md2man')
-podman = find_program('podman')
bats = find_program('bats', required: false)
codespell = find_program('codespell', required: false)
htpasswd = find_program('htpasswd', required: false)
openssl = find_program('openssl', required: false)
+podman = find_program('podman', required: false)
shellcheck = find_program('shellcheck', required: false)
skopeo = find_program('skopeo', required: false)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 304b03dcd889..9975ccc7a4c8 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -166,7 +166,7 @@ func preRun(cmd *cobra.Command, args []string) error {
logrus.Debugf("TOOLBOX_PATH is %s", toolboxPath)
- if err := migrate(); err != nil {
+ if err := migrate(cmd, args); err != nil {
return err
}
@@ -211,13 +211,18 @@ func rootRun(cmd *cobra.Command, args []string) error {
return rootRunImpl(cmd, args)
}
-func migrate() error {
+func migrate(cmd *cobra.Command, args []string) error {
logrus.Debug("Migrating to newer Podman")
if utils.IsInsideContainer() {
return nil
}
+ if cmdName, completionCmdName := cmd.Name(), completionCmd.Name(); cmdName == completionCmdName {
+ logrus.Debugf("Migration not needed: command %s doesn't need it", cmdName)
+ return nil
+ }
+
configDir, err := os.UserConfigDir()
if err != nil {
logrus.Debugf("Migrating to newer Podman: failed to get the user config directory: %s", err)
--
2.39.1

149
SOURCES/toolbox-Don-t-validate-subordinate-IDs-when-generat.patch
Unescape View File

@ -0,0 +1,149 @@
From 52de8d4a933ab6a4b1b6ef1c02c7e9f1f834c4a5 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Wed, 1 Mar 2023 19:41:56 +0100
Subject: [PATCH 1/3] cmd/root: Sprinkle a debug log
https://github.com/containers/toolbox/pull/1251
---
src/cmd/root.go | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 304b03dcd889..82fbfd651c33 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -215,6 +215,7 @@ func migrate() error {
logrus.Debug("Migrating to newer Podman")
if utils.IsInsideContainer() {
+ logrus.Debug("Migration not needed: running inside a container")
return nil
}
--
2.39.2
From 0beab62c935cd1166d6b03f58c519bbc7b040221 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Wed, 1 Mar 2023 19:46:11 +0100
Subject: [PATCH 2/3] cmd/root: Shuffle some code around and sprinkle some
debug logs
Having a separate convenience function reduces the indentation levels by
at least one, and sometimes two, and makes it easy to have more detailed
debug logs.
This will make the subsequent commit easier to read.
https://github.com/containers/toolbox/issues/1246
---
src/cmd/root.go | 32 ++++++++++++++++++++++++--------
1 file changed, 24 insertions(+), 8 deletions(-)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 82fbfd651c33..4c740ec60d38 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -1,5 +1,5 @@
/*
- * Copyright © 2019 2022 Red Hat Inc.
+ * Copyright © 2019 2023 Red Hat Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -139,13 +139,8 @@ func preRun(cmd *cobra.Command, args []string) error {
if !utils.IsInsideContainer() {
logrus.Debugf("Running on a cgroups v%d host", cgroupsVersion)
- if currentUser.Uid != "0" {
- logrus.Debugf("Looking for sub-GID and sub-UID ranges for user %s", currentUser.Username)
-
- if _, err := utils.ValidateSubIDRanges(currentUser); err != nil {
- logrus.Debugf("Looking for sub-GID and sub-UID ranges: %s", err)
- return newSubIDError()
- }
+ if _, err := validateSubIDRanges(cmd, args, currentUser); err != nil {
+ return err
}
}
@@ -387,3 +382,24 @@ func setUpLoggers() error {
return nil
}
+
+func validateSubIDRanges(cmd *cobra.Command, args []string, user *user.User) (bool, error) {
+ logrus.Debugf("Looking for sub-GID and sub-UID ranges for user %s", user.Username)
+
+ if user.Uid == "0" {
+ logrus.Debugf("Look-up not needed: user %s doesn't need them", user.Username)
+ return true, nil
+ }
+
+ if utils.IsInsideContainer() {
+ logrus.Debug("Look-up not needed: running inside a container")
+ return true, nil
+ }
+
+ if _, err := utils.ValidateSubIDRanges(user); err != nil {
+ logrus.Debugf("Looking for sub-GID and sub-UID ranges: %s", err)
+ return false, newSubIDError()
+ }
+
+ return true, nil
+}
--
2.39.2
From d09c9cd1de41b6e85a6953902c9982778a423f3c Mon Sep 17 00:00:00 2001
From: Jan Zerebecki <jan.suse@zerebecki.de>
Date: Wed, 1 Mar 2023 19:52:28 +0100
Subject: [PATCH 3/3] cmd/root: Don't validate subordinate IDs when generating
the completions
Ever since commit bafbbe81c9220cb3, the shell completions are generated
while building Toolbx using the 'completion' command. This involves
running toolbox(1) itself, and hence validating the subordinate user and
group ID ranges.
Unfortunately, some build environments, like openSUSE's, don't have
subordinate ID ranges set up. Therefore, it's better to not validate
the subordinate ID ranges when generating the shell completions, since
they are generated by Cobra itself and subordinate ID ranges are not
involved at all.
Note that subordinate ID ranges may be needed when the generated shell
completions are actually used in interactive command line environments.
The shell completions invoke the hidden '__complete' command to get the
results that are presented to the user, and, if needed, the subordinate
ID ranges will continue to be used by podman(1) as part of that.
Some changes by Debarshi Ray.
https://github.com/containers/toolbox/issues/1246
https://github.com/containers/toolbox/pull/1249
---
src/cmd/root.go | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/cmd/root.go b/src/cmd/root.go
index 4c740ec60d38..efee8ce9990b 100644
--- a/src/cmd/root.go
+++ b/src/cmd/root.go
@@ -396,6 +396,11 @@ func validateSubIDRanges(cmd *cobra.Command, args []string, user *user.User) (bo
return true, nil
}
+ if cmdName, completionCmdName := cmd.Name(), completionCmd.Name(); cmdName == completionCmdName {
+ logrus.Debugf("Look-up not needed: command %s doesn't need them", cmdName)
+ return true, nil
+ }
+
if _, err := utils.ValidateSubIDRanges(user); err != nil {
logrus.Debugf("Looking for sub-GID and sub-UID ranges: %s", err)
return false, newSubIDError()
--
2.39.2

54
SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch
Unescape View File

@ -1,54 +0,0 @@
From 4f8b443ab925c84d059d894ddcfcf4dcf66a747e Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Mon, 29 Jun 2020 17:57:47 +0200
Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags}
for PPC64
The Go toolchain also doesn't like the LDFLAGS environment variable as
exported by Fedora's %{meson} RPM macro.
Note that these flags are only meant for the "ppc64" CPU architecture,
and should be kept updated to match Fedora's Go guidelines. Use
'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro.
---
src/go-build-wrapper | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/go-build-wrapper b/src/go-build-wrapper
index c572d6dfb02b..cae2de426a96 100755
--- a/src/go-build-wrapper
+++ b/src/go-build-wrapper
@@ -33,9 +33,9 @@ if ! cd "$1"; then
exit 1
fi
-tags=""
+tags="-tags rpm_crashtraceback,${BUILDTAGS:-}"
if $7; then
- tags="-tags migration_path_for_coreos_toolbox"
+ tags="$tags,migration_path_for_coreos_toolbox"
fi
if ! libc_dir=$("$5" --print-file-name=libc.so); then
@@ -70,11 +70,16 @@ fi
dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename"
+unset LDFLAGS
+
# shellcheck disable=SC2086
go build \
+ -compiler gc \
$tags \
- -trimpath \
- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \
+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \
+ -a \
+ -v \
+ -x \
-o "$2/$3"
exit "$?"
--
2.43.0

54
SOURCES/toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch
Unescape View File

@ -1,54 +0,0 @@
From 3175ef2fab1f61f5784361070ac338dabda3c04e Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Mon, 29 Jun 2020 17:57:47 +0200
Subject: [PATCH] build: Make the build flags match Fedora's %{gobuildflags}
The Go toolchain doesn't like the LDFLAGS environment variable as
exported by Fedora's %{meson} RPM macro.
Note that these flags are meant for every CPU architecture other than
PPC64, and should be kept updated to match Fedora's Go guidelines. Use
'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro.
---
src/go-build-wrapper | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/go-build-wrapper b/src/go-build-wrapper
index c572d6dfb02b..0e6a2efa6853 100755
--- a/src/go-build-wrapper
+++ b/src/go-build-wrapper
@@ -33,9 +33,9 @@ if ! cd "$1"; then
exit 1
fi
-tags=""
+tags="-tags rpm_crashtraceback,${BUILDTAGS:-}"
if $7; then
- tags="-tags migration_path_for_coreos_toolbox"
+ tags="$tags,migration_path_for_coreos_toolbox"
fi
if ! libc_dir=$("$5" --print-file-name=libc.so); then
@@ -70,11 +70,17 @@ fi
dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename"
+unset LDFLAGS
+
# shellcheck disable=SC2086
go build \
+ -buildmode pie \
+ -compiler gc \
$tags \
- -trimpath \
- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \
+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \
+ -a \
+ -v \
+ -x \
-o "$2/$3"
exit "$?"
--
2.43.0

76
SOURCES/toolbox-cmd-initContainer-Be-aware-of-security-hardened-moun.patch
Unescape View File

@ -0,0 +1,76 @@
From 1cc9e07b7c36fe9f9784b40b58f0a2a3694dd328 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Thu, 13 Jul 2023 13:08:40 +0200
Subject: [PATCH] cmd/initContainer: Be aware of security hardened mount points
Sometimes locations such as /var/lib/flatpak, /var/lib/systemd/coredump
and /var/log/journal sit on security hardened mount points that are
marked as 'nosuid,nodev,noexec' [1]. In such cases, when Toolbx is used
rootless, an attempt to bind mount these locations read-only at runtime
with mount(8) fails because of permission problems:
# mount --rbind -o ro <source> <containerPath>
mount: <containerPath>: filesystem was mounted, but any subsequent
operation failed: Unknown error 5005.
(Note that the above error message from mount(8) was subsequently
improved to show something more meaningful than 'Unknown error' [2].)
The problem is that 'init-container' is running inside the container's
mount and user namespace, and the source paths were mounted inside the
host's namespace with 'nosuid,nodev,noexec'. The above mount(8) call
tries to remove the 'nosuid,nodev,noexec' flags from the mount point and
replace them with only 'ro', which is something that can't be done from
a child namespace.
Note that this doesn't fail when Toolbx is running as root. This is
because the container uses the host's user namespace and is able to
remove the 'nosuid,nodev,noexec' flags from the mount point and replace
them with only 'ro'. Even though it doesn't fail, the flags shouldn't
get replaced like that inside the container, because it removes the
security hardening of those mount points.
There's actually no benefit in bind mounting these paths as read-only.
It was historically done this way 'just to be safe' because a user isn't
expected to write to these locations from inside a container. However,
Toolbx doesn't intend to provide any heightened security beyond what's
already available on the host.
Hence, it's better to get out of the way and leave it to the permissions
on the source location from the host operating system to guard the
castle. This is accomplished by not passing any file system options to
mount(8) [1].
Based on an idea from Si.
[1] https://man7.org/linux/man-pages/man8/mount.8.html
[2] util-linux commit 9420ca34dc8b6f0f
https://github.com/util-linux/util-linux/commit/9420ca34dc8b6f0f
https://github.com/util-linux/util-linux/pull/2376
https://github.com/containers/toolbox/issues/911
---
src/cmd/initContainer.go | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/cmd/initContainer.go b/src/cmd/initContainer.go
index 222aa42e1036..41b825b33f58 100644
--- a/src/cmd/initContainer.go
+++ b/src/cmd/initContainer.go
@@ -62,10 +62,10 @@ var (
{"/run/udev/data", "/run/host/run/udev/data", ""},
{"/run/udev/tags", "/run/host/run/udev/tags", ""},
{"/tmp", "/run/host/tmp", "rslave"},
- {"/var/lib/flatpak", "/run/host/var/lib/flatpak", "ro"},
+ {"/var/lib/flatpak", "/run/host/var/lib/flatpak", ""},
{"/var/lib/libvirt", "/run/host/var/lib/libvirt", ""},
- {"/var/lib/systemd/coredump", "/run/host/var/lib/systemd/coredump", "ro"},
- {"/var/log/journal", "/run/host/var/log/journal", "ro"},
+ {"/var/lib/systemd/coredump", "/run/host/var/lib/systemd/coredump", ""},
+ {"/var/log/journal", "/run/host/var/log/journal", ""},
{"/var/mnt", "/run/host/var/mnt", "rslave"},
}
)
--
2.41.0

161
SOURCES/toolbox-playbooks-test-system-bats-1.11-podman-5.patch
Unescape View File

@ -1,161 +0,0 @@
From 6626b11e1565412e411f585657ebe9615ec58cad Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Wed, 17 Apr 2024 16:58:32 +0200
Subject: [PATCH 1/2] playbooks: Show the Bats version
Ansible's built-in 'package' module doesn't show any details when
installing the RPMs. All that can be seen is:
TASK [Install RPM packages]
fedora-rawhide | changed
Therefore, there's no way to know what version of the packages got
installed.
In this case, not knowing the Bats version being used by the CI makes it
difficult to know why the tests are generating this spew on Fedora
Rawhide [1]:
TASK [Run system tests]
test/system/libs/helpers.bash: line 7: TEMP_BASE_DIR: readonly variable
test/system/libs/helpers.bash: line 8: TEMP_STORAGE_DIR: readonly variable
test/system/libs/helpers.bash: line 10: IMAGE_CACHE_DIR: readonly variable
test/system/libs/helpers.bash: line 11: ROOTLESS_PODMAN_STORE_DIR: readonly variable
test/system/libs/helpers.bash: line 12: ROOTLESS_PODMAN_RUNROOT_DIR: readonly variable
test/system/libs/helpers.bash: line 13: PODMAN_STORE_CONFIG_FILE: readonly variable
test/system/libs/helpers.bash: line 14: DOCKER_REG_ROOT: readonly variable
test/system/libs/helpers.bash: line 15: DOCKER_REG_CERTS_DIR: readonly variable
test/system/libs/helpers.bash: line 16: DOCKER_REG_AUTH_DIR: readonly variable
test/system/libs/helpers.bash: line 17: DOCKER_REG_URI: readonly variable
test/system/libs/helpers.bash: line 18: DOCKER_REG_NAME: readonly variable
test/system/libs/helpers.bash: line 21: PODMAN: readonly variable
test/system/libs/helpers.bash: line 22: TOOLBX: readonly variable
test/system/libs/helpers.bash: line 23: SKOPEO: readonly variable
...
fedora-rawhide | 1..340
[1] https://github.com/bats-core/bats-core/pull/904
https://github.com/containers/toolbox/pull/1482
---
playbooks/dependencies-centos-9-stream.yaml | 2 +-
playbooks/dependencies-fedora.yaml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/playbooks/dependencies-centos-9-stream.yaml b/playbooks/dependencies-centos-9-stream.yaml
index ffbc6d9903cb..d058d314b7b3 100644
--- a/playbooks/dependencies-centos-9-stream.yaml
+++ b/playbooks/dependencies-centos-9-stream.yaml
@@ -54,7 +54,7 @@
chdir: '{{ zuul.project.src_dir }}'
- name: Check versions of crucial packages
- command: rpm -qa ShellCheck codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo
+ command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo
- name: Show podman versions
command: podman version
diff --git a/playbooks/dependencies-fedora.yaml b/playbooks/dependencies-fedora.yaml
index d493bd0729ea..ade169917cbe 100644
--- a/playbooks/dependencies-fedora.yaml
+++ b/playbooks/dependencies-fedora.yaml
@@ -54,7 +54,7 @@
chdir: '{{ zuul.project.src_dir }}'
- name: Check versions of crucial packages
- command: rpm -qa ShellCheck codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo
+ command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo
- name: Show podman versions
command: podman version
--
2.44.0
From b58f9a51088afbfc22edb0b25776cfa2c4d8cc40 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Mon, 25 Mar 2024 23:04:23 +0100
Subject: [PATCH 2/2] playbooks, test/system: Work around bug in pasta(1)
networks
Podman 5.0 switched to using pasta(1), instead of slirp4netns(1), by
default for rootless containers. This change has led to a regression
causing 'skopeo copy' to get stuck uploading an OCI image to the local
temporary Docker registry run by the tests as a Podman container [1],
which breaks the test suite on Fedora 40 onwards.
Work around this by forcing the use of slirp4netns(1).
Note that the slirp4nets package needs to be explicitly installed on
Fedora 40 onwards, because the dependency in containers-common-extra
changed from Recommends to Suggests [2].
[1] https://github.com/containers/podman/issues/22575
[2] Fedora containers-common commit 17934d87b2686ab5
Fedora containers-common commit 13c232f064113860
https://src.fedoraproject.org/rpms/containers-common/c/17934d87b2686ab5
https://src.fedoraproject.org/rpms/containers-common/c/13c232f064113860
https://github.com/containers/toolbox/pull/1468
---
playbooks/dependencies-centos-9-stream.yaml | 3 ++-
playbooks/dependencies-fedora.yaml | 3 ++-
test/system/libs/helpers.bash | 1 +
3 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/playbooks/dependencies-centos-9-stream.yaml b/playbooks/dependencies-centos-9-stream.yaml
index d058d314b7b3..5c1194c03583 100644
--- a/playbooks/dependencies-centos-9-stream.yaml
+++ b/playbooks/dependencies-centos-9-stream.yaml
@@ -13,6 +13,7 @@
- podman
- shadow-utils-subid-devel
- skopeo
+ - slirp4netns
- systemd
- udisks2
@@ -54,7 +55,7 @@
chdir: '{{ zuul.project.src_dir }}'
- name: Check versions of crucial packages
- command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo
+ command: rpm -qa ShellCheck bats codespell *kernel* gcc *glibc* golang golang-github-cpuguy83-md2man shadow-utils-subid-devel podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo slirp4netns
- name: Show podman versions
command: podman version
diff --git a/playbooks/dependencies-fedora.yaml b/playbooks/dependencies-fedora.yaml
index ade169917cbe..76ce655bf9d3 100644
--- a/playbooks/dependencies-fedora.yaml
+++ b/playbooks/dependencies-fedora.yaml
@@ -35,6 +35,7 @@
- podman
- shadow-utils-subid-devel
- skopeo
+ - slirp4netns
- systemd
- udisks2
@@ -54,7 +55,7 @@
chdir: '{{ zuul.project.src_dir }}'
- name: Check versions of crucial packages
- command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo
+ command: rpm -qa ShellCheck bash bats codespell *kernel* gcc *glibc* shadow-utils-subid-devel golang golang-github-cpuguy83-md2man podman conmon containernetworking-plugins containers-common container-selinux crun fuse-overlayfs flatpak-session-helper skopeo slirp4netns
- name: Show podman versions
command: podman version
diff --git a/test/system/libs/helpers.bash b/test/system/libs/helpers.bash
index 66278888cbe2..c056c601ab94 100644
--- a/test/system/libs/helpers.bash
+++ b/test/system/libs/helpers.bash
@@ -202,6 +202,7 @@ function _setup_docker_registry() {
-e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
+ --network slirp4netns \
-p 50000:443 \
"${IMAGES[docker-reg]}"
assert_success
--
2.44.0

208
SOURCES/toolbox-test-system-Unbreak-Podman-s-downstream-Fedora-CI.patch
Unescape View File

@ -1,208 +0,0 @@
From a859f73d075ec0505994d8ce0f371ec28e466983 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Tue, 13 Feb 2024 21:56:06 +0100
Subject: [PATCH 1/2] test/system: Unbreak Podman's downstream Fedora CI
The paths to bats-assert and bats-support are broken, if bats(1) is
invoked from any other location than the parent directory of the 'tests'
directory. eg., Podman's downstream Fedora CI invokes the tests as:
$ cd /path/to/toolbox/test/system
$ bats .
... and it led to [1]:
1..306
# test suite: Set up
# Missing dependencies
# Forgot to run 'git submodule init' and 'git submodule update' ?
# test suite: Tear down
not ok 1 setup_suite
# (from function `setup_suite' in test file ./setup_suite.bash, line 33)
# `return 1' failed
# bats warning: Executed 1 instead of expected 306 tests
Fallout from 2c0960660330dc6be6861502988695f9812c475a
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2263968
https://github.com/containers/toolbox/pull/1448
---
test/system/setup_suite.bash | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/system/setup_suite.bash b/test/system/setup_suite.bash
index e4edf232bcd8..01985b7f9afc 100644
--- a/test/system/setup_suite.bash
+++ b/test/system/setup_suite.bash
@@ -17,7 +17,7 @@
missing_dependencies=false
-if [ -f test/system/libs/bats-assert/load.bash ] && [ -f test/system/libs/bats-support/load.bash ]; then
+if [ -f "$BATS_TEST_DIRNAME/libs/bats-assert/load.bash" ] && [ -f "$BATS_TEST_DIRNAME/libs/bats-support/load.bash" ]; then
load 'libs/helpers'
else
missing_dependencies=true
--
2.43.0
From a183876eae2bb4ffd84bca4303fc28be6725ebc2 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Fri, 23 Feb 2024 10:38:16 +0100
Subject: [PATCH 2/2] test/system: Unbreak Podman's downstream Fedora CI (part
2)
The working directory from which bats(1) is invoked might not be part of
the Toolbx container. eg., Podman's downstream Fedora CI invokes the
tests as:
$ cd /path/to/toolbox/test/system
$ bats .
... and it led to [1]:
not ok 110 run: Smoke test with true(1)
# (from function `assert_output' in file
./libs/bats-assert/src/assert.bash, line 255,
# in test file ./104-run.bats, line 38)
# `assert_output ""' failed
#
# -- output differs --
# expected (0 lines):
#
# actual (3 lines):
# Error: crun: chdir to `/usr/share/toolbox/test/system`: No such
file or directory: OCI runtime attempted to invoke a command that
was not found
# Error: directory /usr/share/toolbox/test/system not found in
container fedora-toolbox-41
# Using /home/testuser instead.
# --
#
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2263968
https://github.com/containers/toolbox/pull/1457
---
test/system/104-run.bats | 2 ++
test/system/201-ipc.bats | 2 ++
test/system/203-network.bats | 2 ++
test/system/206-user.bats | 2 ++
test/system/210-ulimit.bats | 2 ++
test/system/211-dbus.bats | 2 ++
test/system/220-environment-variables.bats | 2 ++
7 files changed, 14 insertions(+)
diff --git a/test/system/104-run.bats b/test/system/104-run.bats
index ff11a8477062..a0cb89fdeeca 100644
--- a/test/system/104-run.bats
+++ b/test/system/104-run.bats
@@ -23,9 +23,11 @@ setup() {
bats_require_minimum_version 1.7.0
_setup_environment
cleanup_containers
+ pushd "$HOME" || return 1
}
teardown() {
+ popd || return 1
cleanup_containers
}
diff --git a/test/system/201-ipc.bats b/test/system/201-ipc.bats
index 15c791dec86d..09200b41d06c 100644
--- a/test/system/201-ipc.bats
+++ b/test/system/201-ipc.bats
@@ -23,9 +23,11 @@ setup() {
bats_require_minimum_version 1.7.0
_setup_environment
cleanup_containers
+ pushd "$HOME" || return 1
}
teardown() {
+ popd || return 1
cleanup_containers
}
diff --git a/test/system/203-network.bats b/test/system/203-network.bats
index db1ba561f314..012374e3317f 100644
--- a/test/system/203-network.bats
+++ b/test/system/203-network.bats
@@ -35,9 +35,11 @@ setup() {
bats_require_minimum_version 1.7.0
_setup_environment
cleanup_containers
+ pushd "$HOME" || return 1
}
teardown() {
+ popd || return 1
cleanup_containers
}
diff --git a/test/system/206-user.bats b/test/system/206-user.bats
index 2df7862f259e..473a6b40905a 100644
--- a/test/system/206-user.bats
+++ b/test/system/206-user.bats
@@ -23,9 +23,11 @@ setup() {
bats_require_minimum_version 1.7.0
_setup_environment
cleanup_containers
+ pushd "$HOME" || return 1
}
teardown() {
+ popd || return 1
cleanup_containers
}
diff --git a/test/system/210-ulimit.bats b/test/system/210-ulimit.bats
index ea0c46685df1..ea08feea1513 100644
--- a/test/system/210-ulimit.bats
+++ b/test/system/210-ulimit.bats
@@ -23,9 +23,11 @@ setup() {
bats_require_minimum_version 1.7.0
_setup_environment
cleanup_containers
+ pushd "$HOME" || return 1
}
teardown() {
+ popd || return 1
cleanup_containers
}
diff --git a/test/system/211-dbus.bats b/test/system/211-dbus.bats
index 295bb71b2789..61c543a56005 100644
--- a/test/system/211-dbus.bats
+++ b/test/system/211-dbus.bats
@@ -23,9 +23,11 @@ setup() {
bats_require_minimum_version 1.7.0
_setup_environment
cleanup_containers
+ pushd "$HOME" || return 1
}
teardown() {
+ popd || return 1
cleanup_containers
}
diff --git a/test/system/220-environment-variables.bats b/test/system/220-environment-variables.bats
index 5b51d17dee55..c24e07d146ee 100644
--- a/test/system/220-environment-variables.bats
+++ b/test/system/220-environment-variables.bats
@@ -23,9 +23,11 @@ setup() {
bats_require_minimum_version 1.7.0
_setup_environment
cleanup_containers
+ pushd "$HOME" || return 1
}
teardown() {
+ popd || return 1
cleanup_containers
}
--
2.43.0

894
SOURCES/toolbox-test-system-new.patch
Unescape View File

@ -1,894 +0,0 @@
From f51c4a4cd8ff1c51a68073a10eaddab8f16fdaf6 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Thu, 8 Feb 2024 22:18:33 +0100
Subject: [PATCH 1/4] test/system: Ensure that the user is part of a group with
the same name
https://github.com/containers/toolbox/pull/1447
---
test/system/206-user.bats | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/test/system/206-user.bats b/test/system/206-user.bats
index c295d8a61f39..cdd38c146024 100644
--- a/test/system/206-user.bats
+++ b/test/system/206-user.bats
@@ -434,6 +434,7 @@ teardown() {
run --keep-empty-lines --separate-stderr "$TOOLBOX" run cat /etc/group
assert_success
+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$"
assert_line --regexp "^(sudo|wheel):x:[[:digit:]]+:$USER$"
assert [ ${#lines[@]} -gt 1 ]
@@ -447,6 +448,7 @@ teardown() {
run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch cat /etc/group
assert_success
+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$"
assert_line --regexp "^wheel:x:[[:digit:]]+:$USER$"
assert [ ${#lines[@]} -gt 1 ]
@@ -460,6 +462,7 @@ teardown() {
run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 cat /etc/group
assert_success
+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$"
assert_line --regexp "^wheel:x:[[:digit:]]+:$USER$"
assert [ ${#lines[@]} -gt 1 ]
@@ -473,6 +476,7 @@ teardown() {
run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 cat /etc/group
assert_success
+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$"
assert_line --regexp "^wheel:x:[[:digit:]]+:$USER$"
assert [ ${#lines[@]} -gt 1 ]
@@ -486,6 +490,7 @@ teardown() {
run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 cat /etc/group
assert_success
+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$"
assert_line --regexp "^sudo:x:[[:digit:]]+:$USER$"
assert [ ${#lines[@]} -gt 1 ]
@@ -499,6 +504,7 @@ teardown() {
run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 cat /etc/group
assert_success
+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$"
assert_line --regexp "^sudo:x:[[:digit:]]+:$USER$"
assert [ ${#lines[@]} -gt 1 ]
@@ -512,6 +518,7 @@ teardown() {
run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 cat /etc/group
assert_success
+ assert_line --regexp "^$USER:x:[[:digit:]]+:$USER$"
assert_line --regexp "^sudo:x:[[:digit:]]+:$USER$"
assert [ ${#lines[@]} -gt 1 ]
--
2.43.0
From b2d64fad1a23a07919efdb70de9247645e44f973 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Thu, 8 Feb 2024 22:51:43 +0100
Subject: [PATCH 2/4] test/system: Ensure that process started by 'podman exec'
has all groups
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Commit 15173f8c25c81244 exposed a bug in crun(1) [1] where the process
started directly by 'podman exec --user ...' inside the Toolbx container
would not have the supplementary groups attached to the user by the
entry point.
This could be observed by differences in id(1):
⬢$ id
uid=1000(user) gid=1000(user) groups=1000(user)
⬢$ id user
uid=1000(user) gid=1000(user) groups=1000(user),10(wheel)
... and could be worked around by starting a new session with sudo(8).
[1] crun commit 9effaebb429a1aed
https://github.com/containers/crun/commit/9effaebb429a1aed
https://github.com/containers/crun/issues/644
https://github.com/containers/podman/issues/9986
https://github.com/containers/toolbox/issues/608
---
test/system/206-user.bats | 231 ++++++++++++++++++++++++++++++++++++++
1 file changed, 231 insertions(+)
diff --git a/test/system/206-user.bats b/test/system/206-user.bats
index cdd38c146024..2df7862f259e 100644
--- a/test/system/206-user.bats
+++ b/test/system/206-user.bats
@@ -525,3 +525,234 @@ teardown() {
# shellcheck disable=SC2154
assert [ ${#stderr_lines[@]} -eq 0 ]
}
+
+@test "user: id(1) for $USER inside the default container" {
+ create_default_container
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run id
+
+ assert_success
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ local output_id="${lines[0]}"
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run id "$USER"
+
+ assert_success
+ assert_line --index 0 "$output_id"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "user: id(1) for $USER inside Arch Linux" {
+ create_distro_container arch latest arch-toolbox-latest
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch id
+
+ assert_success
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ local output_id="${lines[0]}"
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch id "$USER"
+
+ assert_success
+ assert_line --index 0 "$output_id"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "user: id(1) for $USER inside Fedora 34" {
+ create_distro_container fedora 34 fedora-toolbox-34
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 id
+
+ assert_success
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ local output_id="${lines[0]}"
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 id "$USER"
+
+ assert_success
+ assert_line --index 0 "$output_id"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "user: id(1) for $USER inside RHEL 8.7" {
+ create_distro_container rhel 8.7 rhel-toolbox-8.7
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 id
+
+ assert_success
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ local output_id="${lines[0]}"
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 id "$USER"
+
+ assert_success
+ assert_line --index 0 "$output_id"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "user: id(1) for $USER inside Ubuntu 16.04" {
+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 id
+
+ assert_success
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ local output_id="${lines[0]}"
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 id "$USER"
+
+ assert_success
+ assert_line --index 0 "$output_id"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "user: id(1) for $USER inside Ubuntu 18.04" {
+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 id
+
+ assert_success
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ local output_id="${lines[0]}"
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 id "$USER"
+
+ assert_success
+ assert_line --index 0 "$output_id"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "user: id(1) for $USER inside Ubuntu 20.04" {
+ create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 id
+
+ assert_success
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ local output_id="${lines[0]}"
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 id "$USER"
+
+ assert_success
+ assert_line --index 0 "$output_id"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ # shellcheck disable=SC2154
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
--
2.43.0
From da2555d04f9ff677b3f2033ff36390f75c3a509d Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Thu, 18 Jan 2024 19:53:02 +0100
Subject: [PATCH 3/4] test/system: Group by higher-level objective, not
distribution
Fallout from 51ffd2793d882ffab45ace44c03edfdaeb3f138c
https://github.com/containers/toolbox/pull/1436
---
test/system/220-environment-variables.bats | 152 ++++++++++-----------
1 file changed, 76 insertions(+), 76 deletions(-)
diff --git a/test/system/220-environment-variables.bats b/test/system/220-environment-variables.bats
index 0e1356654468..dd74b1dc5142 100644
--- a/test/system/220-environment-variables.bats
+++ b/test/system/220-environment-variables.bats
@@ -1,6 +1,6 @@
# shellcheck shell=bats
#
-# Copyright © 2023 Red Hat, Inc.
+# Copyright © 2023 2024 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -57,25 +57,24 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTSIZE inside the default container" {
- skip "https://pagure.io/setup/pull-request/48"
-
- create_default_container
+@test "environment variables: HISTFILESIZE inside Arch Linux" {
+ create_distro_container arch latest arch-toolbox-latest
- if [ "$HISTSIZE" = "" ]; then
+ # shellcheck disable=SC2031
+ if [ "$HISTFILESIZE" = "" ]; then
# shellcheck disable=SC2030
- HISTSIZE=1001
+ HISTFILESIZE=1001
else
- ((HISTSIZE++))
+ ((HISTFILESIZE++))
fi
- export HISTSIZE
+ export HISTFILESIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run bash -c 'echo "$HISTSIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTFILESIZE"'
assert_success
- assert_line --index 0 "$HISTSIZE"
+ assert_line --index 0 "$HISTFILESIZE"
if check_bats_version 1.10.0; then
assert [ ${#lines[@]} -eq 1 ]
@@ -87,8 +86,8 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTFILESIZE inside Arch Linux" {
- create_distro_container arch latest arch-toolbox-latest
+@test "environment variables: HISTFILESIZE inside Fedora 34" {
+ create_distro_container fedora 34 fedora-toolbox-34
# shellcheck disable=SC2031
if [ "$HISTFILESIZE" = "" ]; then
@@ -101,7 +100,7 @@ teardown() {
export HISTFILESIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTFILESIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTFILESIZE"'
assert_success
assert_line --index 0 "$HISTFILESIZE"
@@ -116,24 +115,24 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTSIZE inside Arch Linux" {
- create_distro_container arch latest arch-toolbox-latest
+@test "environment variables: HISTFILESIZE inside RHEL 8.7" {
+ create_distro_container rhel 8.7 rhel-toolbox-8.7
# shellcheck disable=SC2031
- if [ "$HISTSIZE" = "" ]; then
+ if [ "$HISTFILESIZE" = "" ]; then
# shellcheck disable=SC2030
- HISTSIZE=1001
+ HISTFILESIZE=1001
else
- ((HISTSIZE++))
+ ((HISTFILESIZE++))
fi
- export HISTSIZE
+ export HISTFILESIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTSIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTFILESIZE"'
assert_success
- assert_line --index 0 "$HISTSIZE"
+ assert_line --index 0 "$HISTFILESIZE"
if check_bats_version 1.10.0; then
assert [ ${#lines[@]} -eq 1 ]
@@ -145,8 +144,8 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTFILESIZE inside Fedora 34" {
- create_distro_container fedora 34 fedora-toolbox-34
+@test "environment variables: HISTFILESIZE inside Ubuntu 16.04" {
+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04
# shellcheck disable=SC2031
if [ "$HISTFILESIZE" = "" ]; then
@@ -159,7 +158,8 @@ teardown() {
export HISTFILESIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTFILESIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 \
+ bash -c 'echo "$HISTFILESIZE"'
assert_success
assert_line --index 0 "$HISTFILESIZE"
@@ -174,26 +174,25 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTSIZE inside Fedora 34" {
- skip "https://pagure.io/setup/pull-request/48"
-
- create_distro_container fedora 34 fedora-toolbox-34
+@test "environment variables: HISTFILESIZE inside Ubuntu 18.04" {
+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04
# shellcheck disable=SC2031
- if [ "$HISTSIZE" = "" ]; then
+ if [ "$HISTFILESIZE" = "" ]; then
# shellcheck disable=SC2030
- HISTSIZE=1001
+ HISTFILESIZE=1001
else
- ((HISTSIZE++))
+ ((HISTFILESIZE++))
fi
- export HISTSIZE
+ export HISTFILESIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTSIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 \
+ bash -c 'echo "$HISTFILESIZE"'
assert_success
- assert_line --index 0 "$HISTSIZE"
+ assert_line --index 0 "$HISTFILESIZE"
if check_bats_version 1.10.0; then
assert [ ${#lines[@]} -eq 1 ]
@@ -205,12 +204,11 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTFILESIZE inside RHEL 8.7" {
- create_distro_container rhel 8.7 rhel-toolbox-8.7
+@test "environment variables: HISTFILESIZE inside Ubuntu 20.04" {
+ create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04
# shellcheck disable=SC2031
if [ "$HISTFILESIZE" = "" ]; then
- # shellcheck disable=SC2030
HISTFILESIZE=1001
else
((HISTFILESIZE++))
@@ -219,7 +217,8 @@ teardown() {
export HISTFILESIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTFILESIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 \
+ bash -c 'echo "$HISTFILESIZE"'
assert_success
assert_line --index 0 "$HISTFILESIZE"
@@ -234,12 +233,11 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTSIZE inside RHEL 8.7" {
+@test "environment variables: HISTSIZE inside the default container" {
skip "https://pagure.io/setup/pull-request/48"
- create_distro_container rhel 8.7 rhel-toolbox-8.7
+ create_default_container
- # shellcheck disable=SC2031
if [ "$HISTSIZE" = "" ]; then
# shellcheck disable=SC2030
HISTSIZE=1001
@@ -250,7 +248,7 @@ teardown() {
export HISTSIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTSIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run bash -c 'echo "$HISTSIZE"'
assert_success
assert_line --index 0 "$HISTSIZE"
@@ -265,25 +263,24 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTFILESIZE inside Ubuntu 16.04" {
- create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04
+@test "environment variables: HISTSIZE inside Arch Linux" {
+ create_distro_container arch latest arch-toolbox-latest
# shellcheck disable=SC2031
- if [ "$HISTFILESIZE" = "" ]; then
+ if [ "$HISTSIZE" = "" ]; then
# shellcheck disable=SC2030
- HISTFILESIZE=1001
+ HISTSIZE=1001
else
- ((HISTFILESIZE++))
+ ((HISTSIZE++))
fi
- export HISTFILESIZE
+ export HISTSIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 \
- bash -c 'echo "$HISTFILESIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HISTSIZE"'
assert_success
- assert_line --index 0 "$HISTFILESIZE"
+ assert_line --index 0 "$HISTSIZE"
if check_bats_version 1.10.0; then
assert [ ${#lines[@]} -eq 1 ]
@@ -295,8 +292,10 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTSIZE inside Ubuntu 16.04" {
- create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04
+@test "environment variables: HISTSIZE inside Fedora 34" {
+ skip "https://pagure.io/setup/pull-request/48"
+
+ create_distro_container fedora 34 fedora-toolbox-34
# shellcheck disable=SC2031
if [ "$HISTSIZE" = "" ]; then
@@ -309,7 +308,7 @@ teardown() {
export HISTSIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 bash -c 'echo "$HISTSIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HISTSIZE"'
assert_success
assert_line --index 0 "$HISTSIZE"
@@ -324,25 +323,26 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTFILESIZE inside Ubuntu 18.04" {
- create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04
+@test "environment variables: HISTSIZE inside RHEL 8.7" {
+ skip "https://pagure.io/setup/pull-request/48"
+
+ create_distro_container rhel 8.7 rhel-toolbox-8.7
# shellcheck disable=SC2031
- if [ "$HISTFILESIZE" = "" ]; then
+ if [ "$HISTSIZE" = "" ]; then
# shellcheck disable=SC2030
- HISTFILESIZE=1001
+ HISTSIZE=1001
else
- ((HISTFILESIZE++))
+ ((HISTSIZE++))
fi
- export HISTFILESIZE
+ export HISTSIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 \
- bash -c 'echo "$HISTFILESIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HISTSIZE"'
assert_success
- assert_line --index 0 "$HISTFILESIZE"
+ assert_line --index 0 "$HISTSIZE"
if check_bats_version 1.10.0; then
assert [ ${#lines[@]} -eq 1 ]
@@ -354,8 +354,8 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTSIZE inside Ubuntu 18.04" {
- create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04
+@test "environment variables: HISTSIZE inside Ubuntu 16.04" {
+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04
# shellcheck disable=SC2031
if [ "$HISTSIZE" = "" ]; then
@@ -368,7 +368,7 @@ teardown() {
export HISTSIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 bash -c 'echo "$HISTSIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 bash -c 'echo "$HISTSIZE"'
assert_success
assert_line --index 0 "$HISTSIZE"
@@ -383,24 +383,24 @@ teardown() {
assert [ ${#stderr_lines[@]} -eq 0 ]
}
-@test "environment variables: HISTFILESIZE inside Ubuntu 20.04" {
- create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04
+@test "environment variables: HISTSIZE inside Ubuntu 18.04" {
+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04
# shellcheck disable=SC2031
- if [ "$HISTFILESIZE" = "" ]; then
- HISTFILESIZE=1001
+ if [ "$HISTSIZE" = "" ]; then
+ # shellcheck disable=SC2030
+ HISTSIZE=1001
else
- ((HISTFILESIZE++))
+ ((HISTSIZE++))
fi
- export HISTFILESIZE
+ export HISTSIZE
# shellcheck disable=SC2016
- run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 \
- bash -c 'echo "$HISTFILESIZE"'
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 bash -c 'echo "$HISTSIZE"'
assert_success
- assert_line --index 0 "$HISTFILESIZE"
+ assert_line --index 0 "$HISTSIZE"
if check_bats_version 1.10.0; then
assert [ ${#lines[@]} -eq 1 ]
--
2.43.0
From ee2c92299d5488bab4e54cb04d9a120e0b9ed405 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <rishi@fedoraproject.org>
Date: Thu, 18 Jan 2024 20:17:50 +0100
Subject: [PATCH 4/4] test/system: Test that the HOSTNAME environment variable
is set
Bash automatically sets the HOSTNAME environment variable to the name of
the current host [1] as returned by gethostname(2), which is the same as
hostname(1).
However, on Fedora, from Fedora 33 onwards, /etc/profile sets the
HOSTNAME environment variable to 'hostnamectl --transient' [2], and,
from Fedora 35 onwards, it has a fallback to hostname(1) [3]. These two
approaches return different values when used inside a Toolbx container.
The former picks up the hostname of the host operating system, while the
fallback gets the name that was set when creating the container with
'podman create --hostname toolbox ...'.
Hence, the value of HOSTNAME inside a Toolbx container for Fedora
depends on whether the corresponding version of the fedora-toolbox image
contained hostnamectl(1) or not.
[1] https://www.gnu.org/software/bash/manual/html_node/Bash-Variables.html
[2] setup commit eb9cc4dce89be24f
https://pagure.io/setup/c/eb9cc4dce89be24f
https://bugzilla.redhat.com/show_bug.cgi?id=1745245
[3] setup commit ddd74b5d971a734c
https://pagure.io/setup/c/ddd74b5d971a734c
https://pagure.io/setup/pull-request/28
https://bugzilla.redhat.com/show_bug.cgi?id=1938223
https://github.com/containers/toolbox/issues/558
---
test/system/220-environment-variables.bats | 126 +++++++++++++++++++++
1 file changed, 126 insertions(+)
diff --git a/test/system/220-environment-variables.bats b/test/system/220-environment-variables.bats
index dd74b1dc5142..5b51d17dee55 100644
--- a/test/system/220-environment-variables.bats
+++ b/test/system/220-environment-variables.bats
@@ -439,3 +439,129 @@ teardown() {
# shellcheck disable=SC2154
assert [ ${#stderr_lines[@]} -eq 0 ]
}
+
+@test "environment variables: HOSTNAME inside the default container" {
+ create_default_container
+
+ # shellcheck disable=SC2016
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run bash -c 'echo "$HOSTNAME"'
+
+ assert_success
+ assert_line --index 0 --regexp "^(toolbox|$HOSTNAME)$"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "environment variables: HOSTNAME inside Arch Linux" {
+ create_distro_container arch latest arch-toolbox-latest
+
+ # shellcheck disable=SC2016
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro arch bash -c 'echo "$HOSTNAME"'
+
+ assert_success
+ assert_line --index 0 "toolbox"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "environment variables: HOSTNAME inside Fedora 34" {
+ create_distro_container fedora 34 fedora-toolbox-34
+
+ # shellcheck disable=SC2016
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro fedora --release 34 bash -c 'echo "$HOSTNAME"'
+
+ assert_success
+ assert_line --index 0 "$HOSTNAME"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "environment variables: HOSTNAME inside RHEL 8.7" {
+ create_distro_container rhel 8.7 rhel-toolbox-8.7
+
+ # shellcheck disable=SC2016
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro rhel --release 8.7 bash -c 'echo "$HOSTNAME"'
+
+ assert_success
+ assert_line --index 0 "toolbox"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "environment variables: HOSTNAME inside Ubuntu 16.04" {
+ create_distro_container ubuntu 16.04 ubuntu-toolbox-16.04
+
+ # shellcheck disable=SC2016
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 16.04 bash -c 'echo "$HOSTNAME"'
+
+ assert_success
+ assert_line --index 0 "toolbox"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "environment variables: HOSTNAME inside Ubuntu 18.04" {
+ create_distro_container ubuntu 18.04 ubuntu-toolbox-18.04
+
+ # shellcheck disable=SC2016
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 18.04 bash -c 'echo "$HOSTNAME"'
+
+ assert_success
+ assert_line --index 0 "toolbox"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
+
+@test "environment variables: HOSTNAME inside Ubuntu 20.04" {
+ create_distro_container ubuntu 20.04 ubuntu-toolbox-20.04
+
+ # shellcheck disable=SC2016
+ run --keep-empty-lines --separate-stderr "$TOOLBOX" run --distro ubuntu --release 20.04 bash -c 'echo "$HOSTNAME"'
+
+ assert_success
+ assert_line --index 0 "toolbox"
+
+ if check_bats_version 1.10.0; then
+ assert [ ${#lines[@]} -eq 1 ]
+ else
+ assert [ ${#lines[@]} -eq 2 ]
+ fi
+
+ assert [ ${#stderr_lines[@]} -eq 0 ]
+}
--
2.43.0

397
SPECS/toolbox.spec
Unescape View File

@ -1,63 +1,41 @@
%global __brp_check_rpaths %{nil}
Name: toolbox
Version: 0.0.99.5
Version: 0.0.99.4
%global goipath github.com/containers/%{name}
%if 0%{?fedora}
%gometa -f
%endif
%if 0%{?rhel}
%if 0%{?rhel} <= 9
%if 0%{?rhel} == 9
%gometa
%else
%gometa -f
%endif
%endif
%global toolbx_go 1.20
%if 0%{?fedora}
%global toolbx_go 1.22
%endif
%if 0%{?rhel}
%if 0%{?rhel} == 9
%global toolbx_go 1.22.5
%elif 0%{?rhel} == 10
%global toolbx_go 1.22.5
%endif
%endif
Release: 15%{?dist}
Summary: Tool for interactive command line environments on Linux
Release: 6%{?dist}
Summary: Tool for containerized command line environments on Linux
License: Apache-2.0
License: ASL 2.0
URL: https://containertoolbx.org/
Source0: https://github.com/containers/%{name}/releases/download/%{version}/%{name}-%{version}-vendored.tar.xz
# RHEL specific
%if 0%{?rhel}
Source1: %{name}.conf
%endif
# Upstream
Patch0: toolbox-test-system-new.patch
Patch1: toolbox-test-system-Unbreak-Podman-s-downstream-Fedora-CI.patch
Patch2: toolbox-playbooks-test-system-bats-1.11-podman-5.patch
# Fedora specific
Patch100: toolbox-Make-the-build-flags-match-Fedora-s-gobuild.patch
Patch101: toolbox-Make-the-build-flags-match-Fedora-s-gobuild-for-PPC64.patch
Patch0: toolbox-Don-t-use-podman-1-when-generating-the-comp.patch
Patch1: toolbox-Don-t-validate-subordinate-IDs-when-generat.patch
Patch2: toolbox-cmd-initContainer-Be-aware-of-security-hardened-moun.patch
# RHEL specific
Patch200: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch
Patch201: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch
Patch202: toolbox-Add-migration-paths-for-coreos-toolbox-users.patch
Patch100: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch
Patch101: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch
%if 0%{?rhel}
Patch102: toolbox-Add-migration-paths-for-coreos-toolbox-users.patch
%endif
BuildRequires: gcc
BuildRequires: go-md2man
BuildRequires: golang >= %{toolbx_go}
BuildRequires: golang >= 1.20.10
BuildRequires: meson >= 0.58.0
BuildRequires: pkgconfig(bash-completion)
BuildRequires: shadow-utils-subid-devel
@ -67,15 +45,14 @@ BuildRequires: systemd-rpm-macros
BuildRequires: golang(github.com/HarryMichal/go-version) >= 1.0.1
BuildRequires: golang(github.com/acobaugh/osrelease) >= 0.1.0
BuildRequires: golang(github.com/briandowns/spinner) >= 1.17.0
BuildRequires: golang(github.com/docker/go-units) >= 0.5.0
BuildRequires: golang(github.com/docker/go-units) >= 0.4.0
BuildRequires: golang(github.com/fsnotify/fsnotify) >= 1.5.1
BuildRequires: golang(github.com/godbus/dbus) >= 5.0.6
BuildRequires: golang(github.com/sirupsen/logrus) >= 1.8.1
BuildRequires: golang(github.com/spf13/cobra) >= 1.3.0
BuildRequires: golang(github.com/spf13/viper) >= 1.10.1
BuildRequires: golang(golang.org/x/sys/unix) >= 0.1.0
BuildRequires: golang(golang.org/x/text) >= 0.3.8
BuildRequires: golang(gopkg.in/yaml.v3) >= 3.0.0
BuildRequires: golang(golang.org/x/sys/unix)
BuildRequires: golang(golang.org/x/term)
BuildRequires: pkgconfig(fish)
# for tests
# BuildRequires: codespell
@ -83,25 +60,17 @@ BuildRequires: pkgconfig(fish)
# BuildRequires: ShellCheck
%endif
Recommends: skopeo
Requires: containers-common
Requires: podman >= 1.6.4
Requires: podman >= 1.4.0
%if ! 0%{?rhel}
Requires: flatpak-session-helper
%endif
%description
Toolbx is a tool for Linux, which allows the use of interactive command line
environments for development and troubleshooting the host operating system,
without having to install software on the host. It is built on top of Podman
and other standard container technologies from OCI.
Toolbx environments have seamless access to the user's home directory, the
Wayland and X11 sockets, networking (including Avahi), removable devices (like
USB sticks), systemd journal, SSH agent, D-Bus, ulimits, /dev and the udev
database, etc..
Toolbox is a tool for Linux operating systems, which allows the use of
containerized command line environments. It is built on top of Podman and
other standard container technologies from OCI.
%package tests
@ -109,45 +78,31 @@ Summary: Tests for %{name}
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: coreutils
Requires: gawk
Requires: grep
# for htpasswd
Requires: httpd-tools
Requires: openssl
Requires: skopeo
%if ! 0%{?rhel}
Requires: bats >= 1.7.0
Requires: bats
%endif
%description tests
The %{name}-tests package contains system tests for %{name}.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch -P0 -p1
%patch -P1 -p1
%patch -P2 -p1
%if 0%{?fedora}
%ifnarch ppc64
%patch -P100 -p1
%patch100 -p1
%else
%patch -P101 -p1
%endif
%patch101 -p1
%endif
%if 0%{?rhel}
%ifnarch ppc64
%patch -P200 -p1
%else
%patch -P201 -p1
%endif
%if 0%{?rhel} <= 9
%patch -P202 -p1
%endif
%patch102 -p1
%endif
%gomkdir -s %{_builddir}/%{extractdir}/src %{?rhel:-k}
@ -161,9 +116,7 @@ export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_
%meson \
%if 0%{?rhel}
-Dfish_completions_dir=%{_datadir}/fish/vendor_completions.d \
%if 0%{?rhel} <= 9
-Dmigration_path_for_coreos_toolbox=true \
%endif
%endif
-Dprofile_dir=%{_sysconfdir}/profile.d \
-Dtmpfiles_dir=%{_tmpfilesdir} \
@ -180,10 +133,8 @@ export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_
%meson_install
%if 0%{?rhel}
%if 0%{?rhel} <= 9
install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf
%endif
%endif
%files
@ -200,182 +151,160 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf
%{_sysconfdir}/profile.d/%{name}.sh
%{_tmpfilesdir}/%{name}.conf
%files tests
%{_datadir}/%{name}
%changelog
* Tue Nov 26 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 0.0.99.5-15
- Rebuilt for MSVSphere 10
* Fri Aug 09 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-15
- Rebuild for CVE-2024-24791
Resolves: RHEL-47199
* Thu Jul 11 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-14
- Silence 'rpminspect --tests=stack-prot'
- Silence 'rpminspect --tests=annocheck' (part 2)
Resolves: RHEL-33522
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 0.0.99.5-13
- Bump release for June 2024 mass rebuild
* Tue May 07 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-12
- Rebuild for CVE-2024-24788
Resolves: RHEL-35915
* Tue May 07 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-11
- Unbreak the tests with Podman 5.0
Resolves: RHEL-36170
* Sat Oct 14 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-6
- Rebuild for CVE-2023-39325 and CVE-2023-44487
Resolves: RHEL-12693
* Tue Mar 26 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-10
- Specify the golang versions for RHEL 9 and 10
Resolves: RHEL-30245
* Tue Mar 05 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-9
- Conditionalize the BuildRequires on golang
Resolves: RHEL-30245
* Tue Feb 27 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-8
- Unbreak Podman's downstream Fedora CI (part 2)
- Backport some new upstream tests
Resolves: RHEL-30245
* Tue Feb 13 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-7
- Unbreak Podman's downstream Fedora CI
- Update the BuildRequires on golang to reflect reality
Resolves: RHEL-30245
* Sun Feb 11 2024 Maxwell G <maxwell@gtmx.me> - 0.0.99.5-6
- Rebuild for golang 1.22.0
* Wed Feb 07 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-5
- Migrate to SPDX license
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.99.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jan 11 2024 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-3
- Drop 'Recommends: subscription-manager'
* Tue Dec 19 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-2
- Drop the experience and support subpackages
* Tue Dec 19 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.5-1
- Update to 0.0.99.5
* Tue Dec 19 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-10
- Require openssl(1) for the system tests in the tests subpackage
* Wed Dec 06 2023 Adam Williamson <awilliam@redhat.com> - 0.0.99.4-9
- tests subpackage: require httpd-tools for htpasswd
* Tue Dec 05 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-8
- Fix the conditionals for 'if RHEL <= 9'
* Thu Nov 30 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-7
- Track the active container on Fedora Linux Asahi Remix
* Thu Nov 09 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-6
- Drop the custom /etc/containers/toolbox.conf from RHEL 10 onwards
* Mon Oct 02 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-5
- Drop github.com/coreos/toolbox compatibility from RHEL 10 onwards
* Mon Oct 02 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-4
* Fri Aug 11 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-5
- Be aware of security hardened mount points
- Simplify removing the user's password
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.99.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
Resolves: #2222789
* Wed Mar 8 2023 Nieves Montero <nmontero@redhat.com> - 0.0.99.4-2
- Sprinkle a debug log
* Wed Feb 22 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-1
- Update to 0.0.99.4
* Mon Aug 07 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-4
- Rebuild for CVE-2023-24539, CVE-2023-24540 and CVE-2023-29400
Resolves: #2221850
* Wed Feb 22 2023 Martin Jackson <mhjacks@swbell.net> - 0.0.99.3-12
- Fix the ExclusiveArch
* Tue May 16 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-3
- Rebuild for CVE-2022-41723, CVE-2023-24534, CVE-2023-24536 and
CVE-2023-24538
Resolves: #2187337, #2187385, #2203706
* Tue Feb 21 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-11
- Add ExclusiveArch to match Podman
* Tue May 16 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-2
- Rebuild for CVE-2022-41724 and CVE-2022-41725
Resolves: #2179968
* Thu Feb 02 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 0.0.99.3-10
- Sync packaging changes from CentOS Stream
* Mon Apr 03 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.4-1
- Update to 0.0.99.4
Resolves: #2165742
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.99.3-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Feb 06 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-9
- Rebuild for CVE-2022-41717
Resolves: #2164292
* Thu Dec 22 2022 Yaakov Selkowitz <yselkowi@redhat.com> - 0.0.99.3-8
- Use vendored dependencies for RHEL/ELN builds
* Mon Jan 30 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-8
- Support RHEL 9 Toolbx containers
Resolves: #2163752
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.99.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Dec 13 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-7
- Unbreak sorting and clearly identify copied images in 'list'
Resolves: #2033282
* Tue Jul 19 2022 Maxwell G <gotmax@e.email> - 0.0.99.3-6
- Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in
golang
* Fri Oct 14 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-6
- Rebuild for CVE-2022-27664 and CVE-2022-32189
Resolves: #2116786
* Sat Jun 18 2022 Robert-André Mauchin <zebob.m@gmail.com> - 0.0.99.3-5
- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191,
CVE-2022-29526, CVE-2022-30629
* Tue Aug 16 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-5
- Rebuild for CVE-2022-1705, CVE-2022-30630, CVE-2022-30631 and CVE-2022-30632
Resolves: #2111830
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.99.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue May 17 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-4
- Bump the minimum required golang version for added reassurance
Resolves: #2060769, #2089194
* Sun Jan 09 2022 Ondřej Míchal <harrymichal@fedoraproject.org> - 0.0.99.3-3
- Add upstream patch fixing doubled error messages
* Mon May 16 2022 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-3
- Rebuild for FIPS-mode memory leak in the Go toolchain
Resolves: #2060769
* Fri Dec 10 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-2
- BuildRequire only systemd-rpm-macros as recommended by the Fedora packaging
guidelines
* Wed May 11 2022 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-2
- BuildRequires: /usr/bin/go-md2man
- Related: #2061316
* Fri Dec 10 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-1
- Update to 0.0.99.3
* Mon Oct 25 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-9
- Restore backwards compatibility with existing containers
* Fri Oct 22 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-8
- Ensure that binaries are run against their build-time ABI
* Mon Sep 13 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-7
- Rebuilt for gating tests
* Thu Sep 09 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-6
- Rebuilt for gating tests
* Mon Aug 23 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-5
- Version bump to build and check fedora gating after fixing ansible playbooks
* Fri Aug 20 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-4
- Version bump to build and check fedora gating
* Wed Aug 18 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-3
- Added Fedora gating
* Wed Aug 18 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-2
- Require containers-common for ownership of %%{_sysconfdir}/containers
* Mon Aug 09 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^3.git075b9a8d2779-1
- Updated to 0.0.99.2^3.git075b9a8d2779 snapshot
* Thu Jul 29 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^2.git40fbd377ed0b-1
- Updated to 0.0.99.2^2.git40fbd377ed0b snapshot
* Wed Jul 28 2021 Oliver Gutiérrez <ogutierrez@fedoraproject.org> - 0.0.99.2^1.git9820550c82bb-1
- Updated to 0.00.99.2^1.git9820550c82bb snapshot
* Wed Jul 28 2021 Ondřej Míchal <harrymichal@seznam.cz> - 0.0.99.2-3
- Update dependencies of -tests subpackage
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.99.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sat Jun 26 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.2-1
- Update to 0.0.99.2
- BuildRequire only systemd-rpm-macros as recommended by the Fedora packaging
guidelines
- Update the Summary to match upstream
- Update the URL to point to the website
Resolves: #2000807
* Wed Sep 22 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-0.14.git660b6970e998
- Suggest a way forward if coreos/toolbox was used
Resolves: #2006802
* Wed Sep 22 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-0.13.git660b6970e998
- Switch to using the Toolbox-specific UBI image by default
Resolves: #2004563
* Thu Sep 16 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.12.git660b6970e998
- Changed image for tests and tests parameters to fix gating
Related: #2000051
* Thu Sep 16 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.11.git660b6970e998
- Changed image for tests and added /etc/containers dir check
Related: #2000051
* Tue Sep 14 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.10.git660b6970e998
- Added ability to force test system id and version id
Related: #2000051
* Tue Sep 14 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.9.git660b6970e998
- Fixed test roles and changed default image path
Related: #2000051
* Tue Sep 14 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.8.git660b6970e998
- Added default container image configuration for tests
Related: #2000051
* Fri Sep 03 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.7.git660b6970e998
- Added missing gating tests files and patch for tests
Related: #2000051
* Fri Sep 03 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-0.6.git660b6970e998
- re-add gating tests
- Related: #2000051
* Fri Sep 03 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.3-0.5.git660b6970e998
- Make sosreport work by setting the HOST environment variable
- Related: #2000051
* Mon Aug 30 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.4.git660b6970e998
- Fixed gating tests bats version
Related: rhbz#1977343
* Tue Aug 24 2021 Oliver Gutiérrez <ogutierrez@redhat.com> - 0.0.99.3-0.3.git660b6970e998
- Rebuilt for gating checks
Related: rhbz#1977343
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.99.3-0.2.git660b6970e998
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Aug 02 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.3-0.1.git660b6970e998
- Fix the build on CentOS Stream
Related: #1970747
* Wed Jul 28 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2^1.git660b6970e998-1
- Add support for configuration files
- Related: #1970747
* Sat Jul 10 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2-3
- Expose the host's entire / in the container at /run/host
- Resolves: #1977343
* Mon Jul 05 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2-2
- Actually apply the patch to make 'toolbox' create or fall back to a
container if possible
- Support logging into a registry if necessary
- Resolves: #1977343
* Fri Jul 02 2021 Jindrich Novy <jnovy@redhat.com> - 0.0.99.2-1
- update to 0.99.2
- Resolves: #1977343
* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.99.1-4
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Thu Apr 29 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.1-3
- Fix FTBFS
Resolves: #1912983
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.99.1-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Feb 23 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.0.99.1-1
- Update to 0.0.99.1

Write Preview
Loading…
Cancel
Save