packages/pcs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update package to version 0.11.2

Browse Source
This commit is contained in:
jxy_git 2023-02-06 14:54:10 +08:00
parent 95299ede3e
commit c4bbf57de4
14 changed files with 326 additions and 418 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

184
0001-Resolve-the-failure-of-field-matching-in-test-cases.patch
View File

@ -1,184 +0,0 @@
From ff5b952ef785af34429b2560bb11d4ec7c7e07fa Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Thu, 10 Mar 2022 16:45:14 +0800
Subject: [PATCH] Resolve-the-failure-of-field-matching-in-test-cases
---
pcs_test/tier0/lib/cib/rule/test_parser.py | 64 +++++++++----------
pcs_test/tier0/lib/cib/test_nvpair_multi.py | 2 +-
.../tier0/lib/commands/test_cib_options.py | 2 +-
3 files changed, 34 insertions(+), 34 deletions(-)
diff --git a/pcs_test/tier0/lib/cib/rule/test_parser.py b/pcs_test/tier0/lib/cib/rule/test_parser.py
index ccedfee..e9b567f 100644
--- a/pcs_test/tier0/lib/cib/rule/test_parser.py
+++ b/pcs_test/tier0/lib/cib/rule/test_parser.py
@@ -782,8 +782,8 @@ class Parser(TestCase):
def test_not_valid_rule(self):
test_data = [
# node attr misc
- ("#uname", (1, 7, 6, 'Expected "eq"')),
- ("string node1", (1, 8, 7, 'Expected "eq"')),
+ ("#uname", (1, 7, 6, "Expected CaselessKeyword 'eq'")),
+ ("string node1", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
# node attr unary
("defined", (1, 8, 7, "Expected <attribute name>")),
("not_defined", (1, 12, 11, "Expected <attribute name>")),
@@ -791,58 +791,58 @@ class Parser(TestCase):
("defined date-spec hours=1", (1, 19, 18, "Expected end of text")),
("defined duration hours=1", (1, 18, 17, "Expected end of text")),
# node attr binary
- ("eq", (1, 3, 2, 'Expected "eq"')),
+ ("eq", (1, 3, 2, "Expected CaselessKeyword 'eq'")),
("#uname eq", (1, 10, 9, "Expected <attribute value>")),
- ("#uname node1", (1, 8, 7, 'Expected "eq"')),
- ("eq #uname", (1, 4, 3, 'Expected "eq"')),
+ ("#uname node1", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
+ ("eq #uname", (1, 4, 3, "Expected CaselessKeyword 'eq'")),
("eq lt", (1, 6, 5, "Expected <attribute value>")),
- ("string #uname eq node1", (1, 8, 7, 'Expected "eq"')),
+ ("string #uname eq node1", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
("date-spec hours=1 eq node1", (1, 19, 18, "Expected end of text")),
(
"#uname eq date-spec hours=1",
(1, 21, 20, "Expected end of text"),
),
- ("duration hours=1 eq node1", (1, 10, 9, 'Expected "eq"')),
+ ("duration hours=1 eq node1", (1, 10, 9, "Expected CaselessKeyword 'eq'")),
("#uname eq duration hours=1", (1, 20, 19, "Expected end of text")),
# node attr binary with optional parts
- ("string", (1, 7, 6, 'Expected "eq"')),
+ ("string", (1, 7, 6, "Expected CaselessKeyword 'eq'")),
("#uname eq string", (1, 17, 16, "Expected <attribute value>")),
- ("string #uname eq node1", (1, 8, 7, 'Expected "eq"')),
+ ("string #uname eq node1", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
# resource, op
- ("resource", (1, 9, 8, 'Expected "eq"')),
- ("op", (1, 3, 2, 'Expected "eq"')),
+ ("resource", (1, 9, 8, "Expected CaselessKeyword 'eq'")),
+ ("op", (1, 3, 2, "Expected CaselessKeyword 'eq'")),
("resource ::rA and", (1, 15, 14, "Expected end of text")),
("resource ::rA and op ", (1, 15, 14, "Expected end of text")),
("resource ::rA and (", (1, 15, 14, "Expected end of text")),
# and, or
- ("and", (1, 4, 3, 'Expected "eq"')),
- ("or", (1, 3, 2, 'Expected "eq"')),
- ("#uname and node1", (1, 8, 7, 'Expected "eq"')),
- ("#uname or node1", (1, 8, 7, 'Expected "eq"')),
- ("#uname or eq", (1, 8, 7, 'Expected "eq"')),
+ ("and", (1, 4, 3, "Expected CaselessKeyword 'eq'")),
+ ("or", (1, 3, 2, "Expected CaselessKeyword 'eq'")),
+ ("#uname and node1", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
+ ("#uname or node1", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
+ ("#uname or eq", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
("#uname eq node1 and node2", (1, 17, 16, "Expected end of text")),
("#uname eq node1 and", (1, 17, 16, "Expected end of text")),
(
"#uname eq node1 and #uname eq",
(1, 17, 16, "Expected end of text"),
),
- ("and #uname eq node1", (1, 5, 4, 'Expected "eq"')),
+ ("and #uname eq node1", (1, 5, 4, "Expected CaselessKeyword 'eq'")),
(
"#uname ne node1 and duration hours=1",
(1, 17, 16, "Expected end of text"),
),
(
"duration monthdays=1 or #uname ne node1",
- (1, 10, 9, 'Expected "eq"'),
+ (1, 10, 9, "Expected CaselessKeyword 'eq'"),
),
# date
- ("date in_range", (1, 14, 13, 'Expected "to"')),
- ("date in_range 2014-06-26", (1, 15, 14, 'Expected "to"')),
+ ("date in_range", (1, 14, 13, "Expected CaselessKeyword 'to'")),
+ ("date in_range 2014-06-26", (1, 15, 14, "Expected CaselessKeyword 'to'")),
("date in_range 2014-06-26 to", (1, 28, 27, "Expected <date>")),
- ("in_range 2014-06-26 to 2014-07-26", (1, 10, 9, 'Expected "eq"')),
+ ("in_range 2014-06-26 to 2014-07-26", (1, 10, 9, "Expected CaselessKeyword 'eq'")),
(
"date in_range #uname eq node1 to 2014-07-26",
- (1, 15, 14, 'Expected "to"'),
+ (1, 15, 14, "Expected CaselessKeyword 'to'"),
),
(
"date in_range 2014-06-26 to #uname eq node1",
@@ -850,7 +850,7 @@ class Parser(TestCase):
),
(
"date in_range defined pingd to 2014-07-26",
- (1, 15, 14, 'Expected "to"'),
+ (1, 15, 14, "Expected CaselessKeyword 'to'"),
),
(
"date in_range 2014-06-26 to defined pingd",
@@ -858,11 +858,11 @@ class Parser(TestCase):
),
(
"string date in_range 2014-06-26 to 2014-07-26",
- (1, 8, 7, 'Expected "eq"'),
+ (1, 8, 7, "Expected CaselessKeyword 'eq'"),
),
(
"date in_range string 2014-06-26 to 2014-07-26",
- (1, 15, 14, 'Expected "to"'),
+ (1, 15, 14, "Expected CaselessKeyword 'to'"),
),
(
"date in_range 2014-06-26 to string 2014-07-26",
@@ -870,19 +870,19 @@ class Parser(TestCase):
),
(
"date in_range 2014-06-26 string to 2014-07-26",
- (1, 15, 14, 'Expected "to"'),
+ (1, 15, 14, "Expected CaselessKeyword 'to'"),
),
(
"#uname in_range 2014-06-26 to 2014-07-26",
- (1, 8, 7, 'Expected "eq"'),
+ (1, 8, 7, "Expected CaselessKeyword 'eq'"),
),
# braces
- ("(#uname)", (1, 8, 7, 'Expected "eq"')),
- ("(", (1, 2, 1, 'Expected "date"')),
- ("()", (1, 2, 1, 'Expected "date"')),
- ("(#uname", (1, 8, 7, 'Expected "eq"')),
+ ("(#uname)", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
+ ("(", (1, 2, 1, "Expected CaselessKeyword 'date'")),
+ ("()", (1, 2, 1, "Expected CaselessKeyword 'date'")),
+ ("(#uname", (1, 8, 7, "Expected CaselessKeyword 'eq'")),
("(#uname eq", (1, 11, 10, "Expected <attribute value>")),
- ("(#uname eq node1", (1, 17, 16, 'Expected ")"')),
+ ("(#uname eq node1", (1, 17, 16, "Expected ')'")),
]
for rule_string, exception_data in test_data:
with self.subTest(rule_string=rule_string):
diff --git a/pcs_test/tier0/lib/cib/test_nvpair_multi.py b/pcs_test/tier0/lib/cib/test_nvpair_multi.py
index ff5ed68..6d9cc76 100644
--- a/pcs_test/tier0/lib/cib/test_nvpair_multi.py
+++ b/pcs_test/tier0/lib/cib/test_nvpair_multi.py
@@ -531,7 +531,7 @@ class ValidateNvsetAppendNew(TestCase):
fixture.error(
reports.codes.RULE_EXPRESSION_PARSE_ERROR,
rule_string="bad rule",
- reason='Expected "eq"',
+ reason="Expected CaselessKeyword 'eq'",
rule_line="bad rule",
line_number=1,
column_number=5,
diff --git a/pcs_test/tier0/lib/commands/test_cib_options.py b/pcs_test/tier0/lib/commands/test_cib_options.py
index df2716c..84dc008 100644
--- a/pcs_test/tier0/lib/commands/test_cib_options.py
+++ b/pcs_test/tier0/lib/commands/test_cib_options.py
@@ -329,7 +329,7 @@ class DefaultsCreateMixin:
fixture.error(
reports.codes.RULE_EXPRESSION_PARSE_ERROR,
rule_string="bad rule",
- reason='Expected "eq"',
+ reason="Expected CaselessKeyword 'eq'",
rule_line="bad rule",
line_number=1,
column_number=5,
--
2.33.0

57
0002-FIX-CVE-2022-1049.patch
View File

@ -1,57 +0,0 @@
From 4aaee013a2ad016399bc86d13c50c008214ddea4 Mon Sep 17 00:00:00 2001
From: duyiwei <duyiwei@kylinos.cn>
Date: Fri, 17 Jun 2022 10:00:03 +0800
Subject: [PATCH] CVE-2022-1049
Signed-off-by: duyiwei <duyiwei@kylinos.cn>
---
CHANGELOG.md | 4 +++-
pcs/daemon/auth.py | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index feefd72..9e44da5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,8 @@
- Removed unwanted logging to system log (/var/log/messages) ([rhbz#1917286])
- Fixed rare race condition in `pcs cluster start --wait` ([rhbz#1794062])
- Better error message when unable to connect to pcsd ([rhbz#1619818])
+- Pcs daemon was allowing expired accounts, and accounts with expired
+ passwords to login when using PAM auth. ([huntr#220307])
### Deprecated
- Commands `pcs config import-cman` and `pcs config export
@@ -38,7 +40,7 @@
[rhbz#1869399]: https://bugzilla.redhat.com/show_bug.cgi?id=1869399
[rhbz#1885841]: https://bugzilla.redhat.com/show_bug.cgi?id=1885841
[rhbz#1917286]: https://bugzilla.redhat.com/show_bug.cgi?id=1917286
-
+[huntr#220307]: https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5/
## [0.10.7] - 2020-09-30
diff --git a/pcs/daemon/auth.py b/pcs/daemon/auth.py
index 2c86b17..d99ae2d 100644
--- a/pcs/daemon/auth.py
+++ b/pcs/daemon/auth.py
@@ -52,6 +52,7 @@ libpam = CDLL(find_library("pam"))
strdup = prep_fn(libc.strdup, POINTER(c_char), [c_char_p])
calloc = prep_fn(libc.calloc, c_void_p, [c_uint, c_uint])
pam_authenticate = prep_fn(libpam.pam_authenticate, c_int, [pam_handle, c_int])
+pam_acct_mgmt = prep_fn(libpam.pam_acct_mgmt, c_int, [pam_handle, c_int])
pam_end = prep_fn(libpam.pam_end, c_int, [pam_handle, c_int])
pam_start = prep_fn(
libpam.pam_start,
@@ -90,6 +91,8 @@ def authenticate_by_pam(username, password):
)
if returncode == PAM_SUCCESS:
returncode = pam_authenticate(pamh, 0)
+ if returncode == PAM_SUCCESS:
+ returncode = pam_acct_mgmt(pamh, 0)
pam_end(pamh, returncode)
return returncode == PAM_SUCCESS
--
2.33.0

46
0003-CVE-2022-2735.patch
View File

@ -1,46 +0,0 @@
From 8a948565932a0ef93aedda6b2b3f4b9bab5e161f Mon Sep 17 00:00:00 2001
From: jxy_git <jiangxinyu@kylinos.cn>
Date: Wed, 7 Sep 2022 14:34:47 +0800
Subject: [PATCH] CVE-2022-2735
---
pcsd/rserver.rb | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/pcsd/rserver.rb b/pcsd/rserver.rb
index c37f9df..a54509f 100644
--- a/pcsd/rserver.rb
+++ b/pcsd/rserver.rb
@@ -7,6 +7,29 @@ require 'thin'
require 'settings.rb'
+# Replace Thin::Backends::UnixServer:connect
+# The only change is 'File.umask(0o777)' instead of 'File.umask(0)' to properly
+# set python-ruby socket permissions
+module Thin
+ module Backends
+ class UnixServer < Base
+ def connect
+ at_exit { remove_socket_file } # In case it crashes
+ old_umask = File.umask(0o077)
+ begin
+ EventMachine.start_unix_domain_server(@socket, UnixConnection, &method(:initialize_connection))
+ # HACK EventMachine.start_unix_domain_server doesn't return the connection signature
+ # so we have to go in the internal stuff to find it.
+ @signature = EventMachine.instance_eval{@acceptors.keys.first}
+ ensure
+ File.umask(old_umask)
+ end
+ end
+ end
+ end
+end
+
+
def pack_response(response)
return [200, {}, [response.to_json.to_str]]
end
--
2.33.0

58
Support-for-openEuler.patch Normal file
View File

@ -0,0 +1,58 @@
From b26bd40e94272e5d0d6cb985d42e0f8794ea5d5f Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 8 Feb 2023 10:43:57 +0800
Subject: [PATCH] Support for openEuler
---
configure.ac | 9 +++++++++
pcsd/Makefile.am | 1 +
pcsd/pam/pcsd.openEuler | 5 +++++
3 files changed, 15 insertions(+)
create mode 100644 pcsd/pam/pcsd.openEuler
diff --git a/configure.ac b/configure.ac
index a677a53..eaaedae 100644
--- a/configure.ac
+++ b/configure.ac
@@ -217,6 +217,15 @@ for i in $DISTRO $DISTROS; do
DISTROEXT=fedora
break
;;
+ openEuler)
+ FOUND_DISTRO=1
+ CONFIGDIR="$sysconfdir/sysconfig"
+ PCSLIBDIR="$LIBDIR"
+ PCMKDAEMONDIR="$prefix/libexec/pacemaker"
+ COROSYNCLOGDIR="$localstatedir/log/cluster"
+ DISTROEXT=openEuler
+ break
+ ;;
esac
done
diff --git a/pcsd/Makefile.am b/pcsd/Makefile.am
index a16917f..add8880 100644
--- a/pcsd/Makefile.am
+++ b/pcsd/Makefile.am
@@ -1,6 +1,7 @@
EXTRA_DIST = \
pam/pcsd.debian \
pam/pcsd.fedora \
+ pam/pcsd.openEuler \
test/cib1.xml \
test/corosync.conf \
test/crm1.xml \
diff --git a/pcsd/pam/pcsd.openEuler b/pcsd/pam/pcsd.openEuler
new file mode 100644
index 0000000..fcb7a46
--- /dev/null
+++ b/pcsd/pam/pcsd.openEuler
@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth include system-auth
+account include system-auth
+password include system-auth
+session include system-auth
--
2.33.0

70
bz2093935-01-Python-3.11-related-fixes.patch Normal file
View File

@ -0,0 +1,70 @@
From 5666877a0fe2cb9d99b1bca82d2d531887c22e4e Mon Sep 17 00:00:00 2001
From: Miroslav Lisik <mlisik@redhat.com>
Date: Wed, 8 Jun 2022 16:57:29 +0200
Subject: [PATCH] Python 3.11 related fixes
fix test_failed function in test tools
fix enum value in test fixture
fix test case mocking
---
pcs_test/tier0/cli/test_nvset.py | 3 ++-
pcs_test/tier0/lib/commands/test_ticket.py | 2 +-
pcs_test/tools/case_analysis.py | 13 ++++++-------
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/pcs_test/tier0/cli/test_nvset.py b/pcs_test/tier0/cli/test_nvset.py
index 93a96e7a..ad44f2a1 100644
--- a/pcs_test/tier0/cli/test_nvset.py
+++ b/pcs_test/tier0/cli/test_nvset.py
@@ -149,7 +149,8 @@ class NvsetDtoListToLines(TestCase):
def fixture_dto_list(self):
return [
- self.fixture_dto(in_effect) for in_effect in CibRuleInEffectStatus
+ self.fixture_dto(in_effect.value)
+ for in_effect in CibRuleInEffectStatus
]
def test_expired_included(self):
diff --git a/pcs_test/tier0/lib/commands/test_ticket.py b/pcs_test/tier0/lib/commands/test_ticket.py
index 5459582a..3e7b7310 100644
--- a/pcs_test/tier0/lib/commands/test_ticket.py
+++ b/pcs_test/tier0/lib/commands/test_ticket.py
@@ -95,7 +95,7 @@ class CreateTest(TestCase):
)
-@patch_commands("get_constraints", mock.Mock)
+@patch_commands("get_constraints", mock.Mock())
class RemoveTest(TestCase):
@patch_commands("ticket.remove_plain", mock.Mock(return_value=1))
@patch_commands(
diff --git a/pcs_test/tools/case_analysis.py b/pcs_test/tools/case_analysis.py
index 49fd1ee8..6d311548 100644
--- a/pcs_test/tools/case_analysis.py
+++ b/pcs_test/tools/case_analysis.py
@@ -10,15 +10,14 @@ def _list2reason(test, exc_list):
def test_failed(test):
# Borrowed from
# https://stackoverflow.com/questions/4414234/getting-pythons-unittest-results-in-a-teardown-method/39606065#39606065
- # for Python versions 2.7 to 3.6
- if hasattr(test, "_outcome"): # Python 3.4+
- # these 2 methods have no side effects
+ # for Python versions 3.4 to 3.11
+ if hasattr(test._outcome, "errors"):
+ # Python 3.4 - 3.10 (These 2 methods have no side effects)
result = test.defaultTestResult()
test._feedErrorsToResult(result, test._outcome.errors)
- else: # Python 3.2 - 3.3 or 3.0 - 3.1 and 2.7
- result = getattr(
- test, "_outcomeForDoCleanups", test._resultForDoCleanups
- )
+ else:
+ # Python 3.11+
+ result = test._outcome.result
return _list2reason(test, result.errors) or _list2reason(
test, result.failures
--
2.35.3

23
fix-backend-parameter-all-in-cluster-destroy.patch Normal file
View File

@ -0,0 +1,23 @@
From fa75f40361bc39cbd645b8014713e4c0ad0cda18 Mon Sep 17 00:00:00 2001
From: Ivan Devat <idevat@redhat.com>
Date: Mon, 24 Jan 2022 14:08:54 +0100
Subject: [PATCH 2/2] fix backend parameter "all" in cluster destroy
---
src/app/backend/calls/destroyCluster.ts | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/app/backend/calls/destroyCluster.ts b/src/app/backend/calls/destroyCluster.ts
index b6e83a41..cf41ea42 100644
--- a/src/app/backend/calls/destroyCluster.ts
+++ b/src/app/backend/calls/destroyCluster.ts
@@ -4,5 +4,5 @@ const { url } = endpoints.destroyCluster;
export const destroyCluster = (clusterName: string): CallResult =>
http.post(url({ clusterName }), {
- params: [["--all", "1"]],
+ params: [["all", "1"]],
});
--
2.34.1

BIN
pcs-0.10.8.tar.gz
View File

Binary file not shown.

BIN
pcs-0.11.2.tar.gz Normal file
View File

Binary file not shown.

BIN
pcs-web-ui-0.1.12.tar.gz Normal file
View File

Binary file not shown.

BIN
pcs-web-ui-0.1.5.tar.gz
View File

Binary file not shown.

BIN
pcs-web-ui-node-modules-0.1.5.tar.xz → pcs-web-ui-node-modules-0.1.12.tar.xz
View File

Binary file not shown.

280
pcs.spec
View File

@ -1,6 +1,6 @@
Name: pcs
Version: 0.10.8
Release: 4
Version: 0.11.2
Release: 1
License: GPLv2 and BSD-2-Clause and ASL 2.0 and MIT
URL: https://github.com/ClusterLabs/pcs
Summary: Pacemaker Configuration System
@ -9,123 +9,138 @@ Summary: Pacemaker Configuration System
%global pcs_source_name %{name}-%{version_or_commit}
# ui_commit can be determined by hash, tag or branch
%global ui_commit 0.1.5
%global ui_commit 0.1.12
%global ui_modules_version 0.1.12
%global ui_src_name pcs-web-ui-%{ui_commit}
%global pcs_snmp_pkg_name pcs-snmp
%global pyagentx_version 0.4.pcs.2
%global pyagentx_version 0.4.pcs.2
%global dacite_version 1.6.0
# bundled libraries for old web-ui
%global ember_version 1.4.0
%global jquery_version 1.9.1
%global jquery_ui_version 1.10.1
%global handlebars_version 1.2.1
%global version_rubygem_thin 1.8.1
# We do not use _libdir macro because upstream is not prepared for it.
# Pcs does not include binaries and thus it should live in /usr/lib. Tornado
# and gems include binaries and thus it should live in /usr/lib64. But the
# path to tornado/gems is hardcoded in pcs sources. Modify hard links in pcs
# sources is not the way since then rpmdiff complains that the same file has
# different content in different architectures.
%global pcs_libdir %{_prefix}/lib
%global bundled_src_dir pcs/bundled
%global required_pacemaker_version 2.1.0
%global pcs_bundled_dir pcs_bundled
%global pcsd_public_dir pcsd/public
%global rubygem_bundle_dir pcsd/vendor/bundle
%global rubygem_cache_dir %{rubygem_bundle_dir}/cache
#part after last slash is recognized as filename in look-aside repository
#desired name is achived by trick with hash anchor
Source0: %{url}/archive/%{version_or_commit}/%{pcs_source_name}.tar.gz
Source1: https://github.com/ondrejmular/pyagentx/archive/v%{pyagentx_version}/pyagentx-%{pyagentx_version}.tar.gz
Source2: https://github.com/konradhalas/dacite/archive/v%{dacite_version}/dacite-%{dacite_version}.tar.gz
Source3: https://github.com/idevat/pcs-web-ui/archive/%{ui_commit}/%{ui_src_name}.tar.gz
Source4: https://github.com/idevat/pcs-web-ui/releases/download/%{ui_commit}/pcs-web-ui-node-modules-%{ui_commit}.tar.xz
Source3: https://rubygems.org/downloads/thin-%{version_rubygem_thin}.gem
Source4: https://github.com/ClusterLabs/pcs-web-ui/archive/%{ui_commit}/%{ui_src_name}.tar.gz
Source5: https://github.com/ClusterLabs/pcs-web-ui/releases/download/%{ui_commit}/pcs-web-ui-node-modules-%{ui_modules_version}.tar.xz
Patch0: 0001-Resolve-the-failure-of-field-matching-in-test-cases.patch
Patch1: 0002-FIX-CVE-2022-1049.patch
Patch2: 0003-CVE-2022-2735.patch
Patch0: simplify-ternar-expression.patch
Patch1: fix-backend-parameter-all-in-cluster-destroy.patch
Patch2: bz2093935-01-Python-3.11-related-fixes.patch
Patch3: Support-for-openEuler.patch
# git for patches
BuildRequires: git-core
BuildRequires: make
#printf from coreutils is used in makefile
BuildRequires: coreutils
# python for pcs
BuildRequires: python3 >= 3.6
BuildRequires: python3 >= 3.9
BuildRequires: python3-dateutil >= 2.7.0
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-pycurl
BuildRequires: python3-pip
BuildRequires: python3-pyparsing
BuildRequires: python3-tornado
BuildRequires: python3-cryptography
BuildRequires: python3-lxml
# for building bundled python packages
BuildRequires: python3-wheel
# for bundled python dateutil
BuildRequires: python3-setuptools_scm
BuildRequires: python3-distro
# ruby and gems for pcsd
BuildRequires: ruby >= 2.2.0
BuildRequires: ruby >= 2.5.0
BuildRequires: ruby-devel
BuildRequires: rubygem-backports
BuildRequires: rubygem-daemons
BuildRequires: rubygem-ethon
BuildRequires: rubygem-eventmachine
BuildRequires: rubygem-ffi
BuildRequires: rubygem-io-console
BuildRequires: rubygem-json
BuildRequires: rubygem-mustermann
BuildRequires: rubygem-open4
BuildRequires: rubygem-rack
BuildRequires: rubygem-rack-protection
BuildRequires: rubygem-rack-test
BuildRequires: rubygem-sinatra
BuildRequires: rubygem(rexml)
BuildRequires: rubygem-tilt
BuildRequires: rubygem(rexml)
BuildRequires: rubygem(webrick)
# ruby libraries for tests
BuildRequires: rubygem-test-unit
# for bundled rubygems
BuildRequires: rubygems
BuildRequires: rubygem-bundler
BuildRequires: gcc
BuildRequires: gcc-c++
# for touching patch files (sanitization function)
BuildRequires: diffstat
# for post, preun and postun macros
BuildRequires: systemd
# for tests
BuildRequires: python3-lxml
BuildRequires: python3-pyOpenSSL
# pcsd fonts and font management tools for creating symlinks to fonts
BuildRequires: fontconfig
BuildRequires: liberation-sans-fonts
BuildRequires: overpass-fonts
# for building web ui
BuildRequires: npm
# cluster stack packages for pkg-config
BuildRequires: booth
BuildRequires: corosync-qdevice-devel
BuildRequires: corosynclib-devel >= 3.0
BuildRequires: fence-agents-common
BuildRequires: pacemaker-libs-devel >= %{required_pacemaker_version}
BuildRequires: resource-agents
BuildRequires: sbd
# python and libraries for pcs, setuptools for pcs entrypoint
Requires: python3 >= 3.6
Requires: python3 >= 3.9
Requires: python3-cryptography
Requires: python3-dateutil >= 2.7.0
Requires: python3-lxml
Requires: python3-setuptools
Requires: python3-pycurl
Requires: python3-dateutil >= 2.7.0
Requires: python3-pyparsing
Requires: python3-tornado
# ruby and gems for pcsd
Requires: ruby >= 2.2.0
Requires: ruby >= 2.5.0
Requires: rubygem-backports
Requires: rubygem-daemons
Requires: rubygem-ethon
Requires: rubygem-eventmachine
Requires: rubygem-ffi
Requires: rubygem-json
Requires: rubygem-mustermann
Requires: rubygem-open4
Requires: rubygem-rack
Requires: rubygem-rack-protection
Requires: rubygem-rack-test
Requires: rubygem-sinatra
Requires: rubygem-tilt
Requires: rubygem(rexml)
Requires: rubygem(webrick)
Requires: rubygem-tilt
Requires: rubygem-sinatra
# ruby and gems for pcsd-ruby
Requires: rubygem-daemons
Requires: rubygem-eventmachine
Requires: rubygem-thin
# for killall
Requires: psmisc
# for working with certificates (validation etc.)
Requires: openssl
Requires: python3-pyOpenSSL
# cluster stack and related packages
Requires: pcmk-cluster-manager >= %{required_pacemaker_version}
Suggests: pacemaker
Requires: (corosync >= 2.99 if pacemaker)
Requires: (corosync >= 3.0 if pacemaker)
# pcs enables corosync encryption by default so we require libknet1-plugins-all
Requires: (libknet1-plugins-all if corosync)
Requires: pacemaker-cli >= 2.0.0
Requires: pacemaker-cli >= %{required_pacemaker_version}
# for post, preun and postun macros
Requires(post): systemd
Requires(preun): systemd
@ -133,15 +148,12 @@ Requires(postun): systemd
# pam is used for authentication inside daemon (python ctypes)
# more details: https://bugzilla.redhat.com/show_bug.cgi?id=1717113
Requires: pam
# pcsd fonts
Requires: liberation-sans-fonts
Requires: overpass-fonts
# needs logrotate for /etc/logrotate.d/pcsd
Requires: logrotate
Provides: bundled(dacite) = %{dacite_version}
Provides: bundled(ember) = %{ember_version}
Provides: bundled(handlebars) = %{handlebars_version}
Provides: bundled(jquery) = %{jquery_version}
Provides: bundled(jquery-ui) = %{jquery_ui_version}
# bundled rubygems
Provides: bundled(thin) = %{version_rubygem_thin}
%description
pcs is a corosync and pacemaker configuration tool. It permits users to
@ -165,7 +177,6 @@ Provides: bundled(pyagentx) = %{pyagentx_version}
SNMP agent that provides information about pacemaker cluster to the master agent (snmpd)
%prep
%autosetup -p1 -n %{pcs_source_name}
# -- following is inspired by python-simplejon.el5 --
# Update timestamps on the files touched by a patch, to avoid non-equal
@ -183,7 +194,11 @@ update_times(){
unset file_list[0]
for fname in ${file_list[@]}; do
touch -r $reference_file $fname
# some files could be deleted by a patch therefore we test file for
# existance before touch to avoid exit with error: No such file or
# directory
# diffstat cannot create list of files without deleted files
test -e $fname && touch -r $reference_file $fname
done
}
@ -202,57 +217,79 @@ update_times_patch(){
update_times ${patch_file_name} `diffstat -p1 -l ${patch_file_name}`
}
# update_times_patch %%{PATCH0}
# documentation for setup/autosetup/autopatch:
# * http://ftp.rpm.org/max-rpm/s1-rpm-inside-macros.html
# * https://rpm-software-management.github.io/rpm/manual/autosetup.html
# patch web-ui sources
%autosetup -D -T -b 4 -a 5 -S git -n %{ui_src_name} -N
%autopatch -p1 -M 1
# update_times_patch %%{PATCH1}
update_times_patch %{PATCH0}
update_times_patch %{PATCH1}
# prepare dirs/files necessary for building web ui
# inside SOURCE3 is only directory %%{ui_src_name}
tar -xzf %SOURCE3 -C %{pcsd_public_dir}
tar -xf %SOURCE4 -C %{pcsd_public_dir}/%{ui_src_name}
# patch pcs sources
%autosetup -S git -n %{pcs_source_name} -N
%autopatch -p1 -m 2
update_times_patch %{PATCH2}
# dir for python bundles
mkdir -p %{bundled_src_dir}
# prepare dirs/files necessary for building all bundles
# -----------------------------------------------------
# 1) rubygems sources
# sources for pyagentx
tar -xzf %SOURCE1 -C %{bundled_src_dir}
mv %{bundled_src_dir}/pyagentx-%{pyagentx_version} %{bundled_src_dir}/pyagentx
update_times %SOURCE1 `find %{bundled_src_dir}/pyagentx -follow`
cp %{bundled_src_dir}/pyagentx/LICENSE.txt pyagentx_LICENSE.txt
cp %{bundled_src_dir}/pyagentx/CONTRIBUTORS.txt pyagentx_CONTRIBUTORS.txt
cp %{bundled_src_dir}/pyagentx/README.md pyagentx_README.md
mkdir -p %{rubygem_cache_dir}
cp -f %SOURCE3 %{rubygem_cache_dir}
# sources for python dacite
tar -xzf %SOURCE2 -C %{bundled_src_dir}
mv %{bundled_src_dir}/dacite-%{dacite_version} %{bundled_src_dir}/dacite
cp %{bundled_src_dir}/dacite/LICENSE dacite_LICENSE
cp %{bundled_src_dir}/dacite/README.md dacite_README.md
# 2) prepare python bundles
mkdir -p %{pcs_bundled_dir}/src
cp -f %SOURCE1 rpm/
cp -f %SOURCE2 rpm/
%build
%define debug_package %{nil}
./autogen.sh
%{configure} --enable-local-build --enable-use-local-cache-only --enable-individual-bundling PYTHON=%{__python3} ruby_CFLAGS="%{optflags}" ruby_LIBS="%{build_ldflags}"
make all
# build pcs-web-ui
make -C %{_builddir}/%{ui_src_name} build BUILD_USE_EXISTING_NODE_MODULES=true
%install
rm -rf $RPM_BUILD_ROOT
pwd
# build web ui and put it to pcsd
make -C %{pcsd_public_dir}/%{ui_src_name} build
mv %{pcsd_public_dir}/%{ui_src_name}/build pcsd/public/ui
rm -r %{pcsd_public_dir}/%{ui_src_name}
%make_install
# main pcs install
%make_install \
PREFIX=%{_prefix} \
SYSTEMD_UNIT_DIR=%{_unitdir} \
LIB_DIR=%{pcs_libdir} \
PYTHON=%{__python3} \
PYTHON_SITELIB=%{python3_sitelib} \
BASH_COMPLETION_DIR=%{_datadir}/bash-completion/completions \
BUNDLE_PYAGENTX_SRC_DIR=`readlink -f %{bundled_src_dir}/pyagentx` \
BUNDLE_DACITE_SRC_DIR=`readlink -f %{bundled_src_dir}/dacite` \
BUILD_GEMS=false \
SYSTEMCTL_OVERRIDE=true \
hdrdir="%{_includedir}" \
rubyhdrdir="%{_includedir}" \
includedir="%{_includedir}"
# install pcs-web-ui
cp -r %{_builddir}/%{ui_src_name}/build ${RPM_BUILD_ROOT}%{_libdir}/%{pcsd_public_dir}/ui
# symlink favicon into pcsd directories
mkdir -p ${RPM_BUILD_ROOT}%{_libdir}/%{pcsd_public_dir}/images/
ln -fs /etc/favicon.png ${RPM_BUILD_ROOT}%{_libdir}/%{pcsd_public_dir}/images/favicon.png
# prepare license files
# some rubygems do not have a license file (thin)
cp %{pcs_bundled_dir}/src/pyagentx-*/LICENSE.txt pyagentx_LICENSE.txt
cp %{pcs_bundled_dir}/src/pyagentx-*/CONTRIBUTORS.txt pyagentx_CONTRIBUTORS.txt
cp %{pcs_bundled_dir}/src/pyagentx-*/README.md pyagentx_README.md
cp %{pcs_bundled_dir}/src/dacite-*/LICENSE dacite_LICENSE
cp %{pcs_bundled_dir}/src/dacite-*/README.md dacite_README.md
# We are not building debug package for pcs but we need to add MiniDebuginfo
# to the bundled shared libraries from rubygem extensions in order to satisfy
# rpmdiff's binary stripping checker.
# Therefore we call find-debuginfo.sh script manually in order to strip
# binaries and add MiniDebugInfo with .gnu_debugdata section
/usr/lib/rpm/find-debuginfo.sh -j2 -m -i -S debugsourcefiles.list
# find-debuginfo.sh generated some files into /usr/lib/debug and
# /usr/src/debug/ that we don't want in the package
rm -rf $RPM_BUILD_ROOT%{_libdir}/debug
rm -rf $RPM_BUILD_ROOT/usr/lib/debug
rm -rf $RPM_BUILD_ROOT%{_prefix}/src/debug
# We can remove files required for gem compilation
rm -rf $RPM_BUILD_ROOT%{_libdir}/%{rubygem_bundle_dir}/gems/thin-%{version_rubygem_thin}/ext
%check
# In the building environment LC_CTYPE is set to C which causes tests to fail
@ -270,19 +307,17 @@ run_all_tests(){
# disabled tests:
#
BUNDLED_LIB_LOCATION=$RPM_BUILD_ROOT%{pcs_libdir}/pcs/bundled/packages \
%{__python3} pcs_test/suite.py --tier0 -v --vanilla --all-but \
pcs_test.tier0.daemon.app.test_app_remote.SyncConfigMutualExclusive.test_get_not_locked \
pcs_test.tier0.daemon.app.test_app_remote.SyncConfigMutualExclusive.test_post_not_locked \
%{__python3} pcs_test/suite --tier0 -v --vanilla --all-but \
pcs_test.tier0.daemon.app.test_app_remote.SyncConfigMutualExclusive.test_get_not_locked \
pcs_test.tier0.daemon.app.test_app_remote.SyncConfigMutualExclusive.test_post_not_locked \
test_result_python=$?
#run pcsd tests and remove them
pcsd_dir=$RPM_BUILD_ROOT%{pcs_libdir}/pcsd
GEM_HOME=$RPM_BUILD_ROOT%{pcs_libdir}/%{rubygem_bundle_dir} ruby \
-I${pcsd_dir} \
-I${pcsd_dir}/test \
${pcsd_dir}/test/test_all_suite.rb
GEM_HOME=$RPM_BUILD_ROOT%{_libdir}/%{rubygem_bundle_dir} ruby \
-I$RPM_BUILD_ROOT%{_libdir}/pcsd \
-Ipcsd/test \
pcsd/test/test_all_suite.rb
test_result_ruby=$?
if [ $test_result_python -ne 0 ]; then
@ -291,17 +326,7 @@ run_all_tests(){
return $test_result_ruby
}
remove_all_tests() {
pcsd_dir=$RPM_BUILD_ROOT%{pcs_libdir}/pcsd
#remove pcsd tests, we do not distribute them in the rpm
rm -r -v ${pcsd_dir}/test
# remove javascript testing files
rm -r -v ${pcsd_dir}/public/js/dev
}
run_all_tests
remove_all_tests
%posttrans
# Make sure the new version of the daemon is runnning.
@ -310,6 +335,7 @@ remove_all_tests
%{_bindir}/systemctl daemon-reload
%{_bindir}/systemctl try-restart pcsd.service
%post
%systemd_post pcsd.service
%systemd_post pcsd-ruby.service
@ -337,18 +363,16 @@ remove_all_tests
%doc dacite_README.md
%license dacite_LICENSE
%license COPYING
%{python3_sitelib}/pcs
%{python3_sitelib}/pcs-%{version}-py3.*.egg-info
%{python3_sitelib}/*
%{_sbindir}/pcs
%{_sbindir}/pcsd
%{pcs_libdir}/pcs/pcs_internal
%{pcs_libdir}/pcsd/*
%{pcs_libdir}/pcs/bundled/packages/dacite*
%{_libdir}/pcs/*
%{_libdir}/pcsd/*
%{_unitdir}/pcsd.service
%{_unitdir}/pcsd-ruby.service
%{_datadir}/bash-completion/completions/pcs
%{_sharedstatedir}/pcsd
%{_sysconfdir}/pam.d/pcsd
%config(noreplace) %{_sysconfdir}/pam.d/pcsd
%dir %{_var}/log/pcsd
%config(noreplace) %{_sysconfdir}/logrotate.d/pcsd
%config(noreplace) %{_sysconfdir}/sysconfig/pcsd
@ -361,22 +385,13 @@ remove_all_tests
%ghost %config(noreplace) %attr(0644,root,root) %{_sharedstatedir}/pcsd/pcs_users.conf
%{_mandir}/man8/pcs.*
%{_mandir}/man8/pcsd.*
%exclude %{pcs_libdir}/pcsd/*.debian
%exclude %{pcs_libdir}/pcsd/Gemfile
%exclude %{pcs_libdir}/pcsd/Gemfile.lock
%exclude %{pcs_libdir}/pcsd/Makefile
%exclude %{pcs_libdir}/pcsd/pcsd.conf
%exclude %{pcs_libdir}/pcsd/pcsd.service
%exclude %{pcs_libdir}/pcsd/pcsd-ruby.service
%exclude %{pcs_libdir}/pcsd/pcsd.8
%exclude %{pcs_libdir}/pcsd/public/js/dev/*
%exclude %{python3_sitelib}/pcs/bash_completion
%exclude %{python3_sitelib}/pcs/pcs.8
%exclude %{python3_sitelib}/pcs/pcs
%exclude %{_libdir}/pcs/pcs_snmp_agent
%exclude %{_libdir}/pcs/%{pcs_bundled_dir}/packages/pyagentx*
%files -n %{pcs_snmp_pkg_name}
%{pcs_libdir}/pcs/pcs_snmp_agent
%{pcs_libdir}/pcs/bundled/packages/pyagentx*
%{_libdir}/pcs/pcs_snmp_agent
%{_libdir}/pcs/%{pcs_bundled_dir}/packages/pyagentx*
%{_unitdir}/pcs_snmp_agent.service
%{_datadir}/snmp/mibs/PCMK-PCS*-MIB.txt
%{_mandir}/man8/pcs_snmp_agent.*
@ -388,6 +403,9 @@ remove_all_tests
%license pyagentx_LICENSE.txt
%changelog
* Mon Feb 06 2023 jiangxinyu <jiangxinyu@kylinos.cn> - 0.11.2-1
- Update package to version 0.11.2
* Wed Sep 07 2022 jiangxinyu <jiangxinyu@kylinos.cn> - 0.10.8-4
- Type:cves
- ID:CVE-2022-2735

26
simplify-ternar-expression.patch Normal file
View File

@ -0,0 +1,26 @@
From f44cdc871a39da3960bd04565b4d1d5ffa19bd23 Mon Sep 17 00:00:00 2001
From: Ivan Devat <idevat@redhat.com>
Date: Thu, 20 Jan 2022 13:32:49 +0100
Subject: [PATCH 1/2] simplify ternar expression
The motivation for this is that covscan complains about it.
---
src/app/view/share/useUrlTabs.ts | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/app/view/share/useUrlTabs.ts b/src/app/view/share/useUrlTabs.ts
index 7278dad8..a1136bf3 100644
--- a/src/app/view/share/useUrlTabs.ts
+++ b/src/app/view/share/useUrlTabs.ts
@@ -13,7 +13,7 @@ export const useUrlTabs = <TABS extends ReadonlyArray<string>>(
return {
currentTab,
- matchedContext: tab !== null ? tab.matched : `/${defaultTab}`,
+ matchedContext: tab?.matched ?? `/${defaultTab}`,
tabList,
};
};
--
2.34.1

BIN
thin-1.8.1.gem Normal file
View File

Binary file not shown.