Hello community, here is the log from the commit of package texlive-filesystem.12871 for openSUSE:Leap:15.1:Update checked in at 2020-06-13 06:17:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.1:Update/texlive-filesystem.12871 (Old) and /work/SRC/openSUSE:Leap:15.1:Update/.texlive-filesystem.12871.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "texlive-filesystem.12871" Sat Jun 13 06:17:02 2020 rev:1 rq:813058 version:unknown Changes: -------- New Changes file: --- /dev/null 2020-05-28 02:28:09.919761697 +0200 +++ /work/SRC/openSUSE:Leap:15.1:Update/.texlive-filesystem.12871.new.3606/texlive-filesystem.changes 2020-06-13 06:17:05.774039774 +0200 @@ -0,0 +1,485 @@ +------------------------------------------------------------------- +Wed Jun 3 07:11:26 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Simplify %pre scriplet, that is always create mktex group + +------------------------------------------------------------------- +Mon Mar 23 16:18:13 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Add new configuration variable HAVE_MKTEX_MEMBERS to texlive + sysconfig file to control the behaviour of the cron job. +- Change the cron job to clear data of other users which are + member of the group mktex (boo#1159740) + +------------------------------------------------------------------- +Thu Feb 20 11:01:15 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Use setpriv to create ls-R files, below /var/cache/texmf/fonts + use uid mktex for this (boo#1159740, CVE-2020-8016) + +------------------------------------------------------------------- +Wed Feb 5 06:56:24 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Check passwd not group file for user mktex + +------------------------------------------------------------------- +Tue Feb 4 12:20:03 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Use setpriv but now switch to every single owner for clearing + the files of this owner (boo#1159740, CVE-2020-8016) + +------------------------------------------------------------------- +Wed Jan 22 08:55:38 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Overwrite not wanted symbolic links on ls-R files + +------------------------------------------------------------------- +Thu Jan 16 12:02:43 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Be sure that owner of ls-R files are corrected even on update + of already existing texlive filesystem + +------------------------------------------------------------------- +Fri Jan 10 12:35:50 UTC 2020 - Dr. Werner Fink <[email protected]> + +- Set default user for ls-R files and font cache directories + to user nobody (bsc#1159740, CVE-2020-8016) +- Use setpriv to switch to nobody:mktex before clearing + font cache directories (bsc#1158910, CVE-2020-8017) + +------------------------------------------------------------------- +Thu Dec 19 08:04:39 UTC 2019 - Dr. Werner Fink <[email protected]> + +- Harden ls-R file generation at installation (bsc#1158910) + +------------------------------------------------------------------- +Fri Dec 13 14:12:29 UTC 2019 - Dr. Werner Fink <[email protected]> + +- Simply use rm(1) for the cron job of texlive as all files below + /var/cache/texmf/ belong to texlive and only root can write and + remove those files (bsc#1158910). All other users do create their + own files below ~/.cache/texmf/ + +------------------------------------------------------------------- +Mon Nov 18 12:59:58 UTC 2019 - Dr. Werner Fink <[email protected]> + +- Make cron script even more failsafe + +------------------------------------------------------------------- +Fri Nov 15 12:23:34 UTC 2019 - Dr. Werner Fink <[email protected]> + +- Make cron script more failsafe (boo#1150556) +- Refresh font map files as well on update (boo#1155381) + +------------------------------------------------------------------- +Tue Aug 20 11:23:25 CEST 2019 - [email protected] + +- BuildRequire cron, too, as it contains now the cron directories + +------------------------------------------------------------------- +Wed Jan 24 08:46:16 UTC 2018 - [email protected] + +- Switch over to python 3 (boo#1077170) + +------------------------------------------------------------------- +Thu Jan 11 12:41:32 UTC 2018 - [email protected] + +- Add debug and force mode to the TeXLive update script which + might help to fix broken systems as well as might show some + debug messages as well. + +------------------------------------------------------------------- +Mon Jan 8 12:55:08 UTC 2018 - [email protected] + +- If zypper way of posttrans scripts are disabled do use the rpm + %posttrans scriptlets (boo#1074128) + +------------------------------------------------------------------- +Fri Nov 24 12:46:53 UTC 2017 - [email protected] + +- Disable by a build conditions using zypper way of posttrans scripts + as we already use %posttrans. Nevertheless correct naming scheme + (boo#1069445) + +------------------------------------------------------------------- +Thu Nov 23 13:51:29 UTC 2017 - [email protected] + +- Replace references to /var/adm/fillup-templates with new + %_fillupdir macro (boo#1069468) + +------------------------------------------------------------------- +Mon Oct 23 09:52:35 UTC 2017 - [email protected] + +- Avoid overwriting ls-R files + +------------------------------------------------------------------- +Fri Aug 18 07:06:21 UTC 2017 - [email protected] + +- Really not define texgid rpm macro (boo#1054325) + +------------------------------------------------------------------- +Mon Jul 24 10:59:12 UTC 2017 - [email protected] + +- Enforce mktexlsr if texlive-filesystem becomes installed to + refresh/rehash the kpathsea data base files after this (boo#1046277) + +------------------------------------------------------------------- +Mon Jul 24 07:56:46 UTC 2017 - [email protected] + +- Avoid error in zypper python script + +------------------------------------------------------------------- +Tue Jul 18 13:50:34 UTC 2017 - [email protected] + +- Even more speedup for update.texlive, that is remove empty + work load directory + +------------------------------------------------------------------- +Tue Jul 18 11:02:31 UTC 2017 - [email protected] + +- Make update.texlive faster and remove specific tag file after + creating specific format + +------------------------------------------------------------------- +Wed Jul 12 07:41:21 UTC 2017 - [email protected] + +- Generate/remove specific formats at installation/erease of a + package (boo#1046277) + +------------------------------------------------------------------- +Tue Jul 11 12:00:53 UTC 2017 - [email protected] + +- Modify update.texlive script in such a way that we detect old + format files and enforce a refresh based on hyphen (boo#1046277) + +------------------------------------------------------------------- +Tue Jun 13 10:38:52 UTC 2017 - [email protected] + +- Final TeXLive 2017 20170520 + +------------------------------------------------------------------- +Thu Jun 1 12:29:31 UTC 2017 - [email protected] + +- Update to TeXLive 2017 20170520 pretest + +------------------------------------------------------------------- +Fri May 26 14:39:46 UTC 2017 - [email protected] + +- Run luatools and luaotfload-tool at update to get the caches up + +------------------------------------------------------------------- +Wed Jun 22 08:31:55 UTC 2016 - [email protected] + +- Add some typos in update script (boo#985971) + +------------------------------------------------------------------- +Mon Jun 20 07:54:36 UTC 2016 - [email protected] + +- Have a directory to hold the splitted hyphen informations + +------------------------------------------------------------------- +Tue Jun 7 16:44:43 UTC 2016 - [email protected] + +- Update to TeXLive 2016 + +------------------------------------------------------------------- +Wed Apr 13 14:11:56 UTC 2016 - [email protected] + +- Correct cut&paste typo with texlua-devel package name + +------------------------------------------------------------------- +Mon Mar 21 13:57:38 UTC 2016 - [email protected] + +- Really require the devel packages with texlive-devel + +------------------------------------------------------------------- +Mon Feb 8 11:35:46 UTC 2016 - [email protected] + ++++ 288 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.1:Update/.texlive-filesystem.12871.new.3606/texlive-filesystem.changes New: ---- collection-basic.tar.xz collection-bibtexextra.tar.xz collection-binextra.tar.xz collection-context.tar.xz collection-fontsextra.tar.xz collection-fontsrecommended.tar.xz collection-fontutils.tar.xz collection-formatsextra.tar.xz collection-games.tar.xz collection-humanities.tar.xz collection-langarabic.tar.xz collection-langchinese.tar.xz collection-langcjk.tar.xz collection-langcyrillic.tar.xz collection-langczechslovak.tar.xz collection-langenglish.tar.xz collection-langeuropean.tar.xz collection-langfrench.tar.xz collection-langgerman.tar.xz collection-langgreek.tar.xz collection-langitalian.tar.xz collection-langjapanese.tar.xz collection-langkorean.tar.xz collection-langother.tar.xz collection-langpolish.tar.xz collection-langportuguese.tar.xz collection-langspanish.tar.xz collection-latex.tar.xz collection-latexextra.tar.xz collection-latexrecommended.tar.xz collection-luatex.tar.xz collection-mathscience.tar.xz collection-metapost.tar.xz collection-music.tar.xz collection-pictures.tar.xz collection-plaingeneric.tar.xz collection-pstricks.tar.xz collection-publishers.tar.xz collection-xetex.tar.xz dot.dvipsrc fc-t1-texlive.conf fc-texlive.conf fc-truetype-texlive.conf rc.config.texlive scheme-basic.tar.xz scheme-context.tar.xz scheme-full.tar.xz scheme-gust.tar.xz scheme-infraonly.tar.xz scheme-medium.tar.xz scheme-minimal.tar.xz scheme-small.tar.xz scheme-tetex.tar.xz texlive-filesystem-rpmlintrc texlive-filesystem.changes texlive-filesystem.spec texlive.cron texlive.csh texlive.sh update.texlive zypplugin.in ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ texlive-filesystem.spec ++++++ ++++ 24382 lines (skipped) ++++++ dot.dvipsrc ++++++ %% How to print, maybe with lp instead lpr, the priner %% name <foo> has to be replaced by a real printer name %% maybe the printer name found in $PRINTER %% %o | lpr -P<foo> %o | lp -P<foo> %% If your default is A4 uncomment the line with A4 %% otherwise you may choose Letter as your default. %% %t A4 %t Letter ++++++ fc-t1-texlive.conf ++++++ <?xml version="1.0"?> <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> <!-- ************************************************************ --> <!-- list of font directories of Type1 of TeXLive packages --> <!-- all subdirectories of these directories are added as well --> <!-- ** WARNING: THIS IS A HUGE LIST OF FONTS AND THEREFORE IT ** --> <!-- ** WILL SLOW DOWN ALL PROGRAMS USING FONTCONFIG ** --> <!-- ** USE THE fc-cache(1) UTILITY TO AVOID SUCH A SLOW DOWN ** --> <!-- ************************************************************ --> <fontconfig> <dir>/usr/share/texmf/fonts/type1</dir> <dir>/usr/local/share/texmf/fonts/type1</dir> </fontconfig> ++++++ fc-texlive.conf ++++++ <?xml version="1.0"?> <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> <!-- ************************************************************ --> <!-- list of font directories of TeXLive packages --> <!-- all subdirectories of these directories are added as well --> <!-- ** WARNING: THIS IS A HUGE LIST OF FONTS AND THEREFORE IT ** --> <!-- ** WILL SLOW DOWN ALL PROGRAMS USING FONTCONFIG ** --> <!-- ** USE THE fc-cache(1) UTILITY TO AVOID SUCH A SLOW DOWN ** --> <!-- ************************************************************ --> <fontconfig> <dir>/usr/share/texmf/fonts/opentype</dir> <dir>/usr/local/share/texmf/fonts/opentype</dir> </fontconfig> ++++++ fc-truetype-texlive.conf ++++++ <?xml version="1.0"?> <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> <!-- ************************************************************ --> <!-- list of font directories of TeXLive packages --> <!-- all subdirectories of these directories are added as well --> <!-- ** WARNING: THIS IS A HUGE LIST OF FONTS AND THEREFORE IT ** --> <!-- ** WILL SLOW DOWN ALL PROGRAMS USING FONTCONFIG ** --> <!-- ** USE THE fc-cache(1) UTILITY TO AVOID SUCH A SLOW DOWN ** --> <!-- ** Be aware that the configurations in the files ** --> <!-- ** 58-texlive*.conf will not be affected by this ** --> <!-- ************************************************************ --> <fontconfig> <dir>/usr/share/texmf/fonts/truetype</dir> <dir>/usr/local/share/texmf/fonts/truetype</dir> </fontconfig> ++++++ rc.config.texlive ++++++ ## Path: Applications/TeX ## Description: ## Type: yesno ## Default: no ## Command: # # The automatical font generation of the TeX/LaTeX systems do # locate the bitmap font into the directory /var/cache/fonts/. # If CLEAR_TEXMF_FONTS is set to "yes" then this directory # will be cleared from fonts not used in the last 20 days. # CLEAR_TEXMF_FONTS="no" ## Type: yesno ## Default: no ## Command: # # If above is set to yes and there are users which are member # of the group mktex then it might be that users have set an # umask which does not allow the user mktex to clear the cache # below /var/cache/fonts/. Setting HAVE_MKTEX_MEMBERS to "yes" # will allow the cron job to change the group mask hence allow # to clear older data. # HAVE_MKTEX_MEMBERS="no" ++++++ texlive-filesystem-rpmlintrc ++++++ addFilter(".*texlive-(collection|scheme)-.*\.noarch:.*suse-filelist-empty.*") addFilter(".*texlive-(extratools|devel)\.noarch:.*suse-filelist-empty.*") addFilter(".*texlive.src:.*:.*macro-in-comment.*") addFilter(".*texlive-scheme-.*.noarch:.*:-*summary-not-capitalized.*") addFilter(".*texlive-.*noarch:.*:.*filename-too-long-for-joliet.*") addFilter(".*texlive-.*:.*:.*description-shorter-than-summary.*") addFilter(".*texlive-.*-devel\..*:.*:.*no-dependency-on.*") addFilter(".*texlive\..*no-manual-page-for-binary.*nobody.*") addFilter(".*texlive-.*-bin\..*no-manual-page-for-binary.*") addFilter(".*world-writable.*/var/lib/texmf/ls-R.*") addFilter(".*world-writable.*/var/lib/texmf/db/ls-R.*") addFilter(".*world-writable.*/var/cache/fonts/ls-R.*") addFilter(".*world-writable.*/var/lib/texmf/.*/ls-R.*") addFilter(".*incorrect-fsf-address.*") addFilter(".*name-repeated-in-summary.*") addFilter(".*non-conffile-in-etc.*/etc/texmf/ls-R.*") addFilter(".*rpm-buildroot-usage.*") addFilter(".*binary-or-shlib-calls-gethostbyname.*") addFilter(".*zero-length.*") addFilter(".*dangling-symlink.*/usr/lib/mktex/public.*") addFilter(".*devel-dependency.*texlive-lua-visual-debug.*") addFilter(".*obsolete-not-provided.*") ++++++ texlive.cron ++++++ #!/bin/bash # # Remove pk files older than 20 days # Remove tfm files older than 60 days # Remove source files older than 60 days # Remove crap # Call texhash # type -f -p kpsewhich >& /dev/null || exit 0 type -f -p mktexlsr >& /dev/null || exit 0 type -f -p find >& /dev/null || exit 0 type -f -p xargs >& /dev/null || exit 0 type -f -p setpriv >& /dev/null || exit 0 type -f -p sort >& /dev/null || exit 0 type -f -p rm >& /dev/null || exit 0 type -f -p seq >& /dev/null || exit 0 type -f -p getent >& /dev/null || exit 0 test -r /etc/sysconfig/texlive && . /etc/sysconfig/texlive OLDIFS=$IFS; IFS=':;' VARTEXFONTS="$(kpsewhich --expand-var '$VARTEXFONTS' 2> /dev/null)" IFS=$OLDIFS if test -n "$VARTEXFONTS" -a "$HAVE_MKTEX_MEMBERS" = yes then IFS=: users=($(getent group mktex)) IFS=$OLDIFS typeset -i i typeset -i u=${#users[*]} let u-- for p in $VARTEXFONTS do test -d $p || continue for i in $(seq 3 $u) do find -P $p \( \( -type f -and -not -type l \) -and -user ${users[$i]} \) -print0 | \ xargs -r -L100 -0 -- setpriv --reuid ${users[$i]} --regid mktex --init-groups chmod g+rw find -P $p \( \( -type d -and -not -type l \) -and -user ${users[$i]} \) -print0 | \ xargs -r -L100 -0 -- setpriv --reuid ${users[$i]} --regid mktex --init-groups chmod g+rwsx done done unset i u fi if test "$CLEAR_TEXMF_FONTS" = "yes" -a -n "$VARTEXFONTS" then for p in $VARTEXFONTS do test -d $p/pk && find -P $p/pk \( -not -type d -and -atime +20 \) -print0 test -d $p/tfm && find -P $p/tfm \( -not -type d -and -atime +60 \) -print0 test -d $p/source && find -P $p/source \( -not -type d -and -atime +60 \) -print0 done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid mktex --regid mktex --init-groups rm -f) fi if test -n "$VARTEXFONTS" then for p in $VARTEXFONTS do test -d $p/pk && find -P $p/pk \( -not -type d -and -not -name '*.*pk' \) -print0 test -d $p/tfm && find -P $p/tfm \( -not -type d -and -not -name '*.tfm' \) -print0 test -d $p/source && find -P $p/source \( -not -type d -and -not -name '*.mf' \) -print0 test -d $p && find -P $p \( -not -type d -and -path '*/[^[:alnum:]]*' \) -print0 done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid mktex --regid mktex --init-groups rm -vf) for p in $VARTEXFONTS do test -d $p && find -P $p -depth \( -type d -and -path '*/[^[:alnum:]]*' \) -print0 done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid mktex --regid mktex --init-groups rm -vfr) fi # # Update the ls-R's # Note that this is done as user mktex # mktexlsr > /dev/null # exit 0 ++++++ texlive.csh ++++++ # # /etc/profile.d/texlive.csh # # # Expand TEXINPUTS # if ( -d ${HOME}/TeX/ ) then # # Hmmm ... texmf/ should be used instead of TeX/ # if ( ${?TEXINPUTS} ) then setenv TEXINPUTS ${TEXINPUTS}:${HOME}/TeX//: else setenv TEXINPUTS ${HOME}/TeX//: endif endif if ( -d /usr/doc/.TeX/ ) then if ( ${?TEXINPUTS} ) then setenv TEXINPUTS ${TEXINPUTS}:/usr/doc/.TeX: else setenv TEXINPUTS /usr/doc/.TeX: endif endif ++++++ texlive.sh ++++++ # # /etc/profile.d/texlive.sh # # # Expand TEXINPUTS # if test -d $HOME/TeX/ ; then # # Hmmm ... texmf/ should be used instead of TeX/ # if test -n "$TEXINPUTS" ; then TEXINPUTS="$TEXINPUTS:$HOME/TeX//:" else TEXINPUTS="$HOME/TeX//:" fi fi if test -d /usr/doc/.TeX/ ; then if test -n "$TEXINPUTS" ; then TEXINPUTS="$TEXINPUTS:/usr/doc/.TeX:" else TEXINPUTS="/usr/doc/.TeX:" fi fi ++++++ update.texlive ++++++ ++++ 915 lines (skipped) ++++++ zypplugin.in ++++++ #!/usr/bin/python # # $TEXMFDIST/texconfig/zypper.py # # The substitute for the %posttrans scriptlets used by rpm. # Make sure that the update script does its work only once after # an installation/update transaction as zypper executes rpm for # each single texlive package. # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # Author: Werner Fink, 2012 # from os import path, remove, access, F_OK,R_OK,X_OK from subprocess import call global update, tagfile update = "%{_texmfdistdir}/texconfig/update" tagfile = "/var/run/texlive/run-update" if access(update, F_OK|X_OK) and path.exists(tagfile): call("VERBOSE=false " + update + " 2>&1 || :", shell=True) try: remove(tagfile) except OSError: pass
