Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package hawk2.15985 for openSUSE:Leap:15.2:Update checked in at 2021-03-25 09:11:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/hawk2.15985 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.hawk2.15985.new.2401 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "hawk2.15985" Thu Mar 25 09:11:42 2021 rev:1 rq:881066 version:2.6.3+git.1614684118.af555ad9 Changes: -------- New Changes file: --- /dev/null 2021-03-11 01:47:46.020784395 +0100 +++ /work/SRC/openSUSE:Leap:15.2:Update/.hawk2.15985.new.2401/hawk2.changes 2021-03-25 09:11:43.670907945 +0100 @@ -0,0 +1,2813 @@ +------------------------------------------------------------------- +Wed Mar 03 10:45:50 UTC 2021 - dmaioc...@suse.com + +- Update to version 2.6.3: + * Remove hawk_invoke and use capture3 instead of runas (bsc#1179999)(CVE-2020-35459) + * Remove unnecessary chmod (bsc#1182166)(CVE-2021-25314) + * Sanitize filename to contains whitelist of alphanumeric (bsc#1182165) + +------------------------------------------------------------------- +Thu Feb 18 13:37:56 UTC 2021 - dmaioc...@suse.com + +- Update to version 2.6.0: + * Use fullpath of binary (bsc#1181436) + * remove %x (bsc#1182163) + +------------------------------------------------------------------- +Wed Jan 20 13:54:20 UTC 2021 - dmaioc...@suse.com + +- Update to version 2.4.0+git.1611141202.2fe6369e: + * Improve further mechanism of controllers to system commands. + * drop patch 0001-Improve-controllers.patch since merged upstream + (CVE-2020-35458) + +------------------------------------------------------------------- +Tue Dec 15 17:28:43 UTC 2020 - Dario Maiocchi <dmaioc...@suse.com> + +- Update to version 2.3.0+git.1603969748 + * fix bsc#1179998. Handle better input on app controllers (CVE-2020-35458) + +------------------------------------------------------------------- +Mon Nov 09 18:24:07 UTC 2020 - dmaioc...@suse.com + +- Update to version 2.2.0+git.1603969748.10468582: + * Fix server error after authentication if a resource has the same name as a node (bsc#1163381) + * Allow also users in haclient to view history explorer (jsc#SLE-7358) + +------------------------------------------------------------------- +Thu Jul 16 08:20:11 UTC 2020 - Dario Maiocchi <dmaioc...@suse.com> +- Update to version 2.1.2+git.1594886920.d00b94aa: + * update puma rubygem to 4.3.5 requirement for for disabling TLSv1.0 and TLSv1.1 (jsc#SLE-6965) + * add functional tests in docker + * various refactoring and cleanup + +------------------------------------------------------------------- +Thu Mar 26 15:15:23 UTC 2020 - dmaioc...@suse.com + +- Update to version 2.1.1+git.1585233369.bea4326a: + * drop patch 0001-Fix-nameless-cluster-display-bsc-1137891.patch + * drop patch 0002-Fix-acl_version-check-bsc-1089802.patch + * drop patch 0003-Fix-cib.xml-parsing-for-acl_version-bsc-1158681.patch + * drop patch hawk2-nodev.patch + * Implement mechanism to switch binaries in case (bsc#1165587) + * Low: Fix omission of built-in stonith attributes (bsc#1165587) + * Refactor: Obtain the Pacemaker daemon directory during initialization + * Work around the removal of Dir::Tmpname#make_tmpname (bsc#1162221) + * Fix cib.xml parsing for acl_version (bsc#1158681) + * Fix boot.rb + * Fix Rails.groups issue when requiring the Gemfile + * Remove Number Precision since it's handled by sassc-rails + * Dev: Fix sass-rails version + * Add application/x-bzip2 mime type (bsc#1098637) + * Fix Sass version for Travis build + * Fix mime type issue in MS windows (bsc#1098637) + * preserve CIB_server et al environment variables (connect to remote) + * Fix nameless cluster display (bsc#1137891) + * High: Enable invoking new daemon names via hawk_invoke + * High: Handle new daemon names in CrmConfig + * Dev: Update Dashboard and fix compatibility issue + * Dev: Fix provisioning on remote libvirt + * Dev: Disable Nagios client provisioning + * Dev: Update Readme + * Dev: Add webui keys for testing masterless + * Dev: Fix loading yaml from the pillars + * Dev: Clean up the yaml config + * Dev: skip installing grafana for now + * Dev: get pillars from vagrant.sls + * Dev: Fix missing dep + * Dev: Read pillars from vconf.yml + * Dev: Fix master config + * Dev: Allow configuring vagrant through external conf + * Dev: avoid using global variables + * Dev: Clean up config + * Dev: Change to yaml config + * Dev: Fix Master config + * Dev: Install master using bootstrap script + * Dev: Update Vagrantfile + * Dev: accept all incoming public keys from minions + * Dev: instruct the minion to look for a master + * Dev: Update to working bootstrap script + * Dev: Create pillar defaults + * Dev: Sync salt root and pillar with nfs and fix path in salt/etc/minion + * dev: Use Prometheus Formula for configuring prometheus.yml + * Dev: Configure installation repo using the Formula + * Dev: Adapt Pillar data to changes in Formula + * Dev: install prometheus server packages + * Dev: Disable legacy provisioning + * Have to use NFS v3 over UDP for it to work + * connect_via_ssh only if VM_HOST is set + * Dev: Fixing the prometheus Pillar + * Dev: Disabling Nagios provisioning + * Dev: Change to forked Prometheus formula + * Dev: Use the Prometheus formula and configure it using pillars + * Dev: configure salt to use Gitfs backend + * Dev: Install necessary packages for gitfs + * Dev: Fix constant name conflict + * Dev: exclude minion_id file from sync + * Dev: Add configure_minion method and use minion_id + * Dev: Remove vagrant triggers from Vagrantfile + * Dev: Remove Virtualbox provider config + * Dev: Fix minion config file paths + * Dev: Sync Pillar directory + * Dev: Rename salt directory to avoid confusion + * Dev: Deploy Grafana's Datasource and HA Dashboard + * Dev: Configure Grafana datasource + * Dev: Disable bundler-audit + * Dev: Continue when errors with Vagrant Triggers + * Update SUSE's Copyright + * Dev: Scrap data from all the nodes and not only localhost + * Dev: Configure Grafana and change serving port + * Dev: Configure prometheus for using pacemaker-exporter + * Dev: fix pacemaker-exporter systemd issue + * Dev: Install godep and fix pacemaker_exporter build + * Dev: Install packages and configure go + * Dev: Use requisites for managing dependencies + * Dev: Use Salt to configure public ip for nagios + * Dev: Restart apache using apachectl + * Dev: Remove accidental log file addition + * Dev: Restart gracefully nagios and apache2 services + * Dev: Clean up Nagios scripts + * Dev: Restart Nagios and apache2 after config + * Dev: Fix typo in configure_nagios_server.sh + * Dev: Rename Nagios scripts + * Dev: Configure the before destroy trigger to run on the host instead of the guest + * Dev: Fix Nagios server local hostname + * Dev: Parse nagios_nrpe script with Jinja + * Dev: Salt config for Nagios + * Dev: require vagrant 2.1.0 + * Dev: Add public_ip files to .gitignore + * Dev: Save guests public ips + * Dev: Disable firewalld using Salt + * Dev: Support external config for vagrant and Salt + * Doc: Add Lukas Krause to Authors list and sort Alphabetically + * Dev: Fix incorrect disk size for DRBD disk + * High: Set secure flag to enforce https (bsc#1090657) + * Medium: Improve hawk-server side cookie handling (bsc#1090667) + * Medium: Set Symmetrical to False when score is Serialize (bsc#1085515) + * Medium: Make resource stop/start icon dependent on target-role (bsc#1076421) + * Dev: Update box to leap 15.0 version 1.0.7 + * Dev: Use latest bootstrap script that support Leap 15 + * Api: Fix undefined method `get_cib' for #<Api::V1::Status> error + * Api: Add necessary headers for cross-origin resource sharing + * Api: Add the options method to the /register endpoint + * Api: Add advance resource type(group|clone|master|bundle) in resource route(fate#323437) + * Dev: Ignore byebug_history file + * Dev: Start server using hawk binary instead + * Dev: Load byebug in dev env + * Dev: Install byebug by default + * Dev: Disable hawk-dev-backend service + * Dev: Enabling hawk dev services + * Dev: Update dev env using salt + * Api: Add 'param/meta/op' in resource return value(fate#323437) To show the parameters/attributes/operations of this ra + * Api: Add 'script' in resource return value(fate#323437) To show the class/provider/type of this ra + * Api: Add 'belong' in resource return value(fate#323437) + * Api: primitive resource's type should always be primitive(fate#323437) + * Api: Add 'attributes' and 'utilization' in node return value(fate#323437) + * Api: Add cors preflight check and enable options method in routes(fate#323437) + * Api: instance variable should not use here(fate#323437) will cause NoMethodError + * Api: get right status when resource is started(fate#323437) + * Api: change to_hash function more dynamic(fate#323437) + * Api: implement show method in controller(fate#323437) + * Api: return nil if elem is nil(fate#323437) in some case, param in determine_online_status_fencing is nil, this will cause NoMethodError + * Testing: Add validation test for order model + * Testing: Enhance colocation validation tests a little + * Dev: Prevent error through strip! method on empty score + * Testing: Add ID to colocation validation test + * Testing: Add validation test for colocation model + * Dev: Create validation class for colocation and order model + * Medium: Fix acl_version check (bsc#1089802) + * Dev: Move colocation validation to constraint model + * High: Fetch correct meta data (bsc#1092122) + * Medium: Fix history explorer views (bsc#1093420) + * High: Update links to release notes and documentation (bsc#1089709) + * High: Return after redirect in reports (bsc#1090562) + * Dev: Remove json extension from javascript delete operations + * Medium: Comply routes' id with resources' ID (bsc#1092108) + * Testing: Add tag to tests where cluster env is needed + * Testing: Create helper for dummy yaml store + * Testing: Add rspec fixtures and test api endpoints with valid token + * Api: Implement basic structure for each endpoint (fate#323437) + * Api: Fix typo (fate#323437) + * Api: Clean up status structure (fate#323437) + * Api: Create models' super class (fate#323437) + * Api: Render basic response from /status (fate#323437) + * Api: Refactor status.rb (fate#323437) + * Api: Refactor api models (fate#323437) + * Api: Set current_user during authentication (fate#323437) + * Api: Implement models' logic (fate#323437) ++++ 2616 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.2:Update/.hawk2.15985.new.2401/hawk2.changes New: ---- _service _servicedata hawk-rpmlintrc hawk2-2.6.3+git.1614684118.af555ad9.tar.bz2 hawk2.changes hawk2.spec sysconfig.hawk ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ hawk2.spec ++++++ # # spec file for package hawk2 # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} %define _fillupdir /var/adm/fillup-templates %endif %define vendor_ruby vendor_ruby %define init_style suse %define pkg_group Productivity/Clustering/HA %define www_base %{_datadir} %define www_tmp %{_localstatedir}/lib/hawk/tmp %define www_log %{_localstatedir}/log/hawk %define gname haclient %define uname hacluster %define rb_build_versions ruby25 %define rb_ruby_abi ruby:2.5.0 %define rb_ruby_suffix ruby2.5 Name: hawk2 Summary: HA Web Konsole License: GPL-2.0-only Group: %{pkg_group} Version: 2.6.3+git.1614684118.af555ad9 Release: 0 Url: http://www.clusterlabs.org/wiki/Hawk Source: %{name}-%{version}.tar.bz2 Source1: sysconfig.hawk Source100: hawk-rpmlintrc BuildRoot: %{_tmppath}/%{name}-%{version}-build Provides: ha-cluster-webui Obsoletes: hawk <= 1.1.0 Provides: hawk = %{version} Requires: crmsh >= 3.0.0 Requires: graphviz Requires: graphviz-gd Requires: hawk-apiserver Requires(post): %fillup_prereq # Need a font of some kind for graphviz to work correctly (bsc#931950) Requires: dejavu Requires: pacemaker >= 1.1.8 Recommends: graphviz-gnome Requires: iproute2 PreReq: permissions BuildRequires: fdupes BuildRequires: systemd-rpm-macros %{?systemd_requires} BuildRequires: distribution-release BuildRequires: timezone BuildRequires: nodejs10 BuildRequires: %{rubygem bundler} Requires: %{rubygem bundler} BuildRequires: %{rubygem rails:5.1} Requires: %{rubygem rails:5.1} BuildRequires: %{rubygem puma >= 4.3.5} Requires: %{rubygem puma >= 4.3.5} BuildRequires: %{rubygem sass-rails >= 5.0.1} Requires: %{rubygem sass-rails >= 5.0.1} BuildRequires: %{rubygem virtus:1.0 >= 1.0.1} Requires: %{rubygem virtus:1.0 >= 1.0.1} BuildRequires: %{rubygem js-routes >= 1.3.3} Requires: %{rubygem js-routes >= 1.3.3} BuildRequires: %{rubygem fast_gettext >= 1.4} Requires: %{rubygem fast_gettext >= 1.4} BuildRequires: %{rubygem gettext_i18n_rails >= 1.8} Requires: %{rubygem gettext_i18n_rails >= 1.8} BuildRequires: %{rubygem gettext_i18n_rails_js >= 1.3} Requires: %{rubygem gettext_i18n_rails_js >= 1.3} BuildRequires: %{rubygem sprockets >= 3.7} Requires: %{rubygem sprockets >= 3.7} BuildRequires: %{rubygem kramdown >= 1.14} Requires: %{rubygem kramdown >= 1.14} BuildRequires: %{rubygem gettext >= 3.2} BuildRequires: %{rubygem uglifier >= 3} # Help OBS scheduler: BuildRequires: %{rubygem mail >= 2.6} BuildRequires: %{rubygem tilt >= 2} #/Help OBS scheduler BuildRequires: git BuildRequires: nodejs >= 6 BuildRequires: pam-devel %description A web-based GUI for managing and monitoring the Pacemaker High-Availability cluster resource manager. %prep %setup %build sed -i 's$#!/.*$#!%{_bindir}/ruby.%{rb_ruby_suffix}$' hawk/bin/rails sed -i 's$#!/.*$#!%{_bindir}/ruby.%{rb_ruby_suffix}$' hawk/bin/rake sed -i 's$#!/.*$#!%{_bindir}/ruby.%{rb_ruby_suffix}$' hawk/bin/bundle pushd hawk if [ -x /usr/bin/bundle.ruby.%{rb_ruby_suffix} ]; then bundlerexe=bundle.ruby.%{rb_ruby_suffix} else bundlerexe=bundle.%{rb_ruby_suffix} fi $bundlerexe exec bin/rails version popd export NOKOGIRI_USE_SYSTEM_LIBRARIES=1 CFLAGS="${CFLAGS} ${RPM_OPT_FLAGS}" export CFLAGS make WWW_BASE=%{www_base} WWW_TMP=%{www_tmp} WWW_LOG=%{www_log} INIT_STYLE=%{init_style} LIBDIR=%{_libdir} BINDIR=%{_bindir} SBINDIR=%{_sbindir} RUBY_SUFFIX=.%{rb_ruby_suffix} %install make WWW_BASE=%{www_base} WWW_TMP=%{www_tmp} WWW_LOG=%{www_log} INIT_STYLE=%{init_style} DESTDIR=%{buildroot} install # copy of GPL cp COPYING %{buildroot}%{www_base}/hawk/ # Hack so missing links to docs don't kill the build mkdir -p %{buildroot}/usr/share/doc/manual/sle-ha-geo-quick_en-pdf mkdir -p %{buildroot}/usr/share/doc/manual/sle-ha-guide_en-pdf mkdir -p %{buildroot}/usr/share/doc/manual/sle-ha-manuals_en mkdir -p %{buildroot}/usr/share/doc/manual/sle-ha-geo-manuals_en mkdir -p %{buildroot}/usr/share/doc/manual/sle-ha-nfs-quick_en-pdf mkdir -p %{buildroot}/usr/share/doc/manual/sle-ha-install-quick_en-pdf # mark .mo files as such (works on SUSE but not FC12, as the latter wants directory to # be "share/locale", not just "locale", and it also doesn't support appending to %%{name}.lang) %find_lang hawk hawk.lang # don't ship .po files (find_lang only grabs the mos, and we don't need the pos anyway) rm %{buildroot}%{www_base}/hawk/locale/*/hawk.po rm %{buildroot}%{www_base}/hawk/locale/*/hawk.po.time_stamp rm %{buildroot}%{www_base}/hawk/locale/*/hawk.edit.po # hard link duplicate files %fdupes %{buildroot} # more cruft to clean up (WTF?) rm -f %{buildroot}%{www_log}/* # likewise .git special files find %{buildroot}%{www_base}/hawk -type f -name '.git*' -print0 | xargs --no-run-if-empty -0 rm %{__ln_s} -f %{_sbindir}/service %{buildroot}%{_sbindir}/rchawk install -p -d -m 755 %{buildroot}%{_sysconfdir}/hawk install -D -m 0644 %{S:1} %{buildroot}%{_fillupdir}/sysconfig.hawk %clean rm -rf %{buildroot} %verifyscript %verify_permissions -e %{_sbindir}/hawk_chkpwd %pre getent group %{gname} >/dev/null || groupadd -r %{gname} -g 189 getent passwd %{uname} >/dev/null || useradd -r -g %{gname} -u 189 -s /sbin/nologin -c "cluster user" %{uname} %service_add_pre hawk.service hawk-backend.service %post %set_permissions %{_sbindir}/hawk_chkpwd %service_add_post hawk.service hawk-backend.service %{fillup_only -n hawk} %preun %service_del_preun hawk.service hawk-backend.service %postun %service_del_postun hawk.service hawk-backend.service %files -f hawk.lang %defattr(644,root,root,755) %{_fillupdir}/sysconfig.hawk %attr(4750, root, %{gname})%{_sbindir}/hawk_chkpwd %dir %{www_base}/hawk %{www_base}/hawk/log %{www_base}/hawk/tmp %{www_base}/hawk/app %{www_base}/hawk/config %dir %{_localstatedir}/lib/hawk %dir %{www_base}/hawk/bin %attr(0755, root, root)%{www_base}/hawk/bin/rake %attr(0755, root, root)%{www_base}/hawk/bin/rails %exclude %{www_base}/hawk/bin/hawk %attr(0755, root, root)%{www_base}/hawk/bin/generate-ssl-cert %attr(0755, root, root)%{www_base}/hawk/bin/bundle %attr(0750, %{uname},%{gname})%{_sysconfdir}/hawk %dir %attr(0750, %{uname},%{gname})%{www_log} %dir %attr(0750, %{uname},%{gname})%{www_tmp} %attr(-, %{uname},%{gname})%{www_tmp}/cache %attr(-, %{uname},%{gname})%{www_tmp}/explorer %attr(-, %{uname},%{gname})%{www_tmp}/home %attr(-, %{uname},%{gname})%{www_tmp}/pids %attr(-, %{uname},%{gname})%{www_tmp}/sessions %attr(-, %{uname},%{gname})%{www_tmp}/sockets %{www_base}/hawk/locale/hawk.pot %{www_base}/hawk/public %{www_base}/hawk/Rakefile %exclude %{www_base}/hawk/Gemfile %exclude %{www_base}/hawk/Gemfile.lock %{www_base}/hawk/COPYING %{www_base}/hawk/config.ru %{www_base}/hawk/test %{www_base}/hawk/spec # itemizing content in %%{www_base}/hawk/locale to avoid # duplicate files that would otherwise be the result of including hawk.lang %dir %{www_base}/hawk/locale %dir %{www_base}/hawk/locale/* %dir %{www_base}/hawk/locale/*/* # Not doing this itemization for %%lang files in vendor, it's frightfully # hideous, so we're going to live with a handful of file-not-in-%%lang rpmlint # warnings for bundled gems. %{www_base}/hawk/vendor %{_unitdir}/hawk.service %{_unitdir}/hawk-backend.service %attr(-,root,root) %{_sbindir}/rchawk %changelog ++++++ _service ++++++ <services> <service name="tar_scm" mode="disabled"> <param name="url">git://github.com/ClusterLabs/hawk.git</param> <param name="scm">git</param> <param name="exclude">.git</param> <param name="filename">hawk2</param> <param name="versionformat">2.6.3+git.%ct.%h</param> <param name="revision">master</param> <param name="changesgenerate">enable</param> </service> <service name="recompress" mode="disabled"> <param name="file">hawk2*.tar</param> <param name="compression">bz2</param> </service> <service name="set_version" mode="disabled"> <param name="basename">hawk2</param> </service> </services> ++++++ _servicedata ++++++ <servicedata> <service name="tar_scm"> <param name="url">git://github.com/ClusterLabs/hawk.git</param> <param name="changesrevision">9288120c1602356ba7b467d1e0a26fbc084010ea</param></service></servicedata>++++++ hawk-rpmlintrc ++++++ addFilter("non-executable-script .*/srv/www/hawk/vendor/*") addFilter("script-without-shebang .*/srv/www/hawk/vendor/*") addFilter("wrong-script-end-of-line-encoding .*/srv/www/hawk/vendor/*") addFilter("file-not-in-%lang .*/srv/www/hawk/vendor/*") addFilter("hidden-file-or-dir .*/srv/www/hawk/vendor/*") addFilter("zero-length .*/srv/www/hawk/vendor/*") addFilter("unexpanded-macro .*/srv/www/hawk/vendor/bundle") addFilter("hidden-file-or-dir /srv/www/hawk/.bundle") addFilter("dangling-symlink /srv/www/hawk/public/doc/") addFilter("zero-length .*/srv/www/hawk/public/assets/*") addFilter("no-manual-page-for-binary hawk_*") ++++++ sysconfig.hawk ++++++ ## Path: Cluster/Hawk ## Description: Mode of operation ## Type: string(production,development,test) ## Default: production ## ServiceRestart: hawk # Hawk can run in production, development or test mode. Normally, this # determines which database is used, but it may also have other # implications. HAWK_ENV="production" ## Path: Cluster/Hawk ## Description: Maximum number of threads ## Type: integer ## Default: 1 ## ServiceRestart: hawk # Sets the maximum number of threads used by the web server. HAWK_THREADS="16" ## Path: Cluster/Hawk ## Description: Maximum number of worker processes ## Type: integer ## Default: 2 ## ServiceRestart: hawk # Sets the maximum number of separate worker processes spawned by the # web server. HAWK_WORKERS="1" ## Path: Cluster/Hawk ## Description: Listen address ## Type: ip ## Default: 0.0.0.0 ## ServiceRestart: hawk # Network address which Hawk listens to for connections. HAWK_LISTEN="0.0.0.0" ## Path: Cluster/Hawk ## Description: Port ## Type: integer(0:65565) ## Default: 7630 ## ServiceRestart: hawk # Port which Hawk listens to. HAWK_PORT="7630" ## Path: Cluster/Hawk ## Description: SSL key used by the web server ## Type: string ## Default: /etc/hawk/hawk.key ## ServiceRestart: hawk # Configures an SSL key that the Hawk web server presents. HAWK_KEY="/etc/hawk/hawk.key" ## Path: Cluster/Hawk ## Description: SSL certificate used by the web server ## Type: string ## Default: /etc/hawk/hawk.pem ## ServiceRestart: hawk # Configures an SSL certificate that the Hawk web server presents. HAWK_CERT="/etc/hawk/hawk.pem"
