Re: [Rpm-maint] [rpm-software-management/rpm] Add %bcond macro for defining build conditionals (#1520)
I'd *really* like to see this happen. How can I move it forward? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1520#issuecomment-799870515___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Failure to read rpmdb from CentOS 7.5.1804 with the bdb_ro backend (#1576)
@pmatilai Thank you ++ for these commits! Let me test that. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1576#issuecomment-799836920___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Fall back to /tmp if TMPDIR is bogus (#1567)
> I routinely do a `make check` in Podman containers and never encountered this > issue. Is there some specific set-up (of the testsuite) that you're referring > to? The container image itself is practically empty ― everything is bind-mounted from the host. To be fair, it is possible that the container image that I am using is buggy, or that I am misusing podman. Additionally, I have my source directory bind-mounted at `/source` and my build directory bind-mounted at `/build`. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1567#issuecomment-799703639___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Better detection of I/O errors (#1566)
Merged #1566 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1566#event-4460234433___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Better detection of I/O errors (#1566)
Thanks! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1566#issuecomment-799620888___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Better detection of I/O errors (#1566)
@DemiMarie pushed 1 commit. ecb2a94bc31ca18722f0331c92933af81df59f30 Better detection of I/O errors -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1566/files/d1d2dde4aa58ba64a9429b4be8e57d03839ca901..ecb2a94bc31ca18722f0331c92933af81df59f30 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Better detection of I/O errors (#1566)
Done -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1566#issuecomment-799612887___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Fall back to /tmp if TMPDIR is bogus (#1567)
I routinely do a `make check` in Podman containers and never encountered this issue. Is there some specific set-up (of the testsuite) that you're referring to? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1567#issuecomment-799609306___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Better detection of I/O errors (#1566)
Oh, indeed. Thanks for spotting this! Also kudos for checking for the `fprintf()` return value - although it still returns a positive value in case of an `ENOSPC`, there could be other errors, so why not check for them right away. That said, I realized I should've moved the `free(val)` statement above the new conditional in my original patch. So while at it, could you please incorporate that, too? Either storing the return value of `fprintf()` in a variable and then doing the `free(val)`, or just putting another `free(val)` call just before the `exit(EXIT_FAILURE)` statement should be fine. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1566#issuecomment-799603408___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] Add --dwz-single-file-mode argument for find-debuginfo.sh. (#1579)
Sometimes its handy to disable multi-file mode and the patch adds option for that: `--dwz-single-file-mode`. It will be used in openSUSE for packages that use baselibs.conf mechanism. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1579 -- Commit Summary -- * Add --dwz-single-file-mode argument for find-debuginfo.sh. -- File Changes -- M scripts/find-debuginfo.sh (9) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1579.patch https://github.com/rpm-software-management/rpm/pull/1579.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1579 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Enforce GPG signatures by default (#1573)
> > Personally, I would consider being able to disable this on a per-package > > basis a good idea, but it isn’t a blocker. > > How is `--nosignature` failing to achieve that as it is? It does for `rpm(8)`, but not for `dnf(8)`. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1573#issuecomment-799505225___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Avoid undefined shifts (#1547)
I wholeheartedly agree, which is why I would be perfectly with you requiring that a compiler support `-fwrapv -fwrapv-pointer -fno-strict-aliasing -fno-delete-null-pointer-checks` :smile:. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1547#issuecomment-799504660___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] rpmsign cannot use Ed25519 keys (#1565)
Fixed by #1571 / commit 23770e1a4f28c56a31fe600cae332c77333b60b6 -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1565#issuecomment-799410047___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] rpmsign cannot use Ed25519 keys (#1565)
Closed #1565. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1565#event-4458634442___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Permit secondary index open to fail for bdb_ro (#1578)
@pmatilai pushed 1 commit. 88b47ae2a1471d0ce11b034bf9529f8a89a29754 Permit secondary index open to fail for bdb_ro -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1578/files/d0a579f3b6c6d1e93d9ff87ad06c59b0fe3e16f5..88b47ae2a1471d0ce11b034bf9529f8a89a29754 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Avoid undefined shifts (#1547)
Yeah, I've ran into this as well, on more than one occasion. Rant alert... :warning: Here's what C99 standard says of it: > The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated bits > are filled with zeros. If E1 has an unsigned type, the value of > the result is E1×2^E2, reduced modulo one more than the maximum value > representable in the result type.If E1 has a signed type and > nonnegative value, and E1×2^E2 is representable in the result type, > then that is the resulting value; otherwise, the behavior is undefined. ...and... > Each enumerated type shall be compatible with char, a signed integer > type, or an unsigned integer type. The choice of type is > implementation-defined, but shall be capable of representing the > values of all the members of the enumeration. The enumerated > type is incomplete until after the that terminates the list of > enumerator declarations. To me that reads the compiler is responsible for figuring out the proper type for the enum, and meanwhile *we* don't actually care whether it thinks its signed or not because it's just an effing bitfield. However I'm quite positive any old number of compiler authors will disagree with my assessment. I deeply hate this language-lawyering - this is C, your friendly high-level assembler, and a bit-shift is a bit-shift regardless of the compiler vintage, damnit :unamused: I remember trying this very thing at some point, only to find that our Python (2.x) bindings blew up on 32bit systems because it couldn't represent the *unsigned* values. That's not an issue in Python 3 anymore, just noting that these kind of changes are not without risk. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1547#issuecomment-799401476___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Enforce GPG signatures by default (#1573)
> Personally, I would consider being able to disable this on a per-package > basis a good idea, but it isn’t a blocker. How is `--nosignature` failing to achieve that as it is? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1573#issuecomment-799364236___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] rpmsign: support EdDSA signatures (#1571)
Merged #1571 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1571#event-4458259053___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] rpmsign: support EdDSA signatures (#1571)
Seems like a revised version of #1500 accidentally ended up in this PR. No matter, I far prefer this version and splitting this to yet more PR's wouldn't actually help anything. Also, @mlschroe seems to be busy but he did indicate the preference for existing tags in #1202 so... Thanks for the patches! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1571#issuecomment-799362147___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Reconsider GPG key loading from %_keyringpath (#1543)
Closed #1543 via #1575. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1543#event-4458209775___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Make the rpmdb keyring type macro-configurable (#1575)
Merged #1575 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1575#event-4458209751___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add query formats for displaying tag numbers and names (#1551)
Merged #1551 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1551#event-4458208132___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] scripts/pythondistdeps: Fix for Python 3.10 (#1558)
Merged #1558 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1558#event-4458208697___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Permit secondary index open to fail for bdb_ro (#1578)
Hmm, while this does cover the case is #1576 it'll segfault if there are no secondary indexes at all. So this isn't a proper solution, just first-aid. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1578#issuecomment-799353571___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] Permit secondary index open to fail for bdb_ro (#1578)
The other backends would want to create the missing index, but as bdb_ro is read-only it cant do that. As the main purpose of bdb_ro is to support migrating away from BDB for which only the primary database is needed, it doesnt make sense to fail it for non-essential data. Let it fail for secondary indexes - this might affect our ability to query but thats secondary, literally, and we also do emit a warning here. Fixes: #1576 You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1578 -- Commit Summary -- * Fix bdb_ro index open error handling * Permit secondary index open to fail for bdb_ro -- File Changes -- M lib/backend/bdb_ro.c (14) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1578.patch https://github.com/rpm-software-management/rpm/pull/1578.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1578 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Be much more careful about copying data from the signature header (#1577)
(reporter credits added to commit message) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1577#issuecomment-799312095___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] Be much more careful about copying data from the signature header (#1577)
Only look for known tags, and ensure correct type and size where known before copying over. Bump the old arbitrary 16k count limit to 16M limit though, its not inconceivable that a package could have that many files. While at it, ensure none of these tags exist in the main header, which would confuse us greatly. This is optimized for backporting ease, upstream can remove redundancies and further improve checking later. Fixes: RhBug:1935049, RhBug:1933867, RhBug:1935035, RhBug:1934125, ... Fixes: CVE-2021-3421, CVE-2021-20271 You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1577 -- Commit Summary -- * Be much more careful about copying data from the signature header -- File Changes -- M lib/package.c (114) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1577.patch https://github.com/rpm-software-management/rpm/pull/1577.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1577 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint