packages/rear
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:ef1279a66445f33a661c82a1641abaaa66414967
Branches Tags
packages:main
..
compare: packages:65ee845839f88f535dd05aeb1bf7169e55b2a72f
Branches Tags
packages:main

10 Commits
ef1279a664 ... 65ee845839

Author SHA1 Message Date
openeuler-ci-bot
65ee845839
!21 Add ppcle64 support 
From: @yinxiulin 
Reviewed-by: @wang--ge 
Signed-off-by: @wang--ge
 2024-03-06 07:13:55 +00:00
yinxiulin
7acb493140 Add ppc64le support 2024-03-05 15:24:31 +08:00
openeuler-ci-bot
af1bdded24
!13 Fix CVE-2024-23301 
From: @wk333 
Reviewed-by: @wang--ge 
Signed-off-by: @wang--ge
 2024-01-15 08:05:00 +00:00
wk333
7fd1501e7e Fix CVE-2024-23301 2024-01-15 14:48:59 +08:00
openeuler-ci-bot
7ddd69488a
!12 update to version 2.7 
From: @paulthomas100199 
Reviewed-by: @wang--ge 
Signed-off-by: @wang--ge
 2024-01-15 02:26:53 +00:00
lwg
e65b858ce5 update to version 2.7 2024-01-04 14:07:02 +08:00
openeuler-ci-bot
8df4814527
!11 Upgrade to 2.6 
From: @starlet-dx 
Reviewed-by: @wang--ge 
Signed-off-by: @wang--ge
 2023-10-18 02:21:58 +00:00
starlet-dx
1e2898521d Upgrade to 2.6 2023-10-18 09:37:59 +08:00
openeuler-ci-bot
1483394227
!7 add loongarch support. 
From: @huajingyun 
Reviewed-by: @gitee-cmd 
Signed-off-by: @gitee-cmd
 2022-11-29 06:43:44 +00:00
Jingyun Hua
4299ea09ba Add loongarch64 support 
Signed-off-by: Jingyun Hua <huajingyun@loongson.cn>
 2022-11-22 12:03:59 +00:00
7 changed files with 100 additions and 13 deletions
Show Stats Expand all files Collapse all files

BIN
2.7.tar.gz Normal file
View File

Binary file not shown.

34
CVE-2024-23301.patch Normal file
View File

@ -0,0 +1,34 @@
From 89b61793d80bc2cb2abe47a7d0549466fb087d16 Mon Sep 17 00:00:00 2001
From: Johannes Meixner <jsmeix@suse.com>
Date: Fri, 12 Jan 2024 08:04:40 +0100
Subject: [PATCH] Make initrd accessible only by root (#3123)
Origin: https://github.com/rear/rear/commit/89b61793d80bc2cb2abe47a7d0549466fb087d16
In pack/GNU/Linux/900_create_initramfs.sh call
chmod 0600 "$TMP_DIR/$REAR_INITRD_FILENAME"
to let only 'root' access the ReaR initrd because
the ReaR recovery system in the initrd can contain secrets
(not by default but when certain things are explicitly
configured by the user like SSH keys without passphrase)
see https://github.com/rear/rear/issues/3122
and https://bugzilla.opensuse.org/show_bug.cgi?id=1218728
---
usr/share/rear/pack/GNU/Linux/900_create_initramfs.sh | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/usr/share/rear/pack/GNU/Linux/900_create_initramfs.sh b/usr/share/rear/pack/GNU/Linux/900_create_initramfs.sh
index 1e0c11039..12be718ed 100644
--- a/usr/share/rear/pack/GNU/Linux/900_create_initramfs.sh
+++ b/usr/share/rear/pack/GNU/Linux/900_create_initramfs.sh
@@ -125,4 +125,10 @@ case "$REAR_INITRD_COMPRESSION" in
fi
;;
esac
+
+# Only root should be allowed to access the initrd
+# because the ReaR recovery system can contain secrets
+# cf. https://github.com/rear/rear/issues/3122
+test -s "$TMP_DIR/$REAR_INITRD_FILENAME" && chmod 0600 "$TMP_DIR/$REAR_INITRD_FILENAME"
+
popd >/dev/null

BIN
rear-2.4.tar.gz
View File

Binary file not shown.

4
rear.cron Normal file
View File

@ -0,0 +1,4 @@
# cronjob for ReaR
# periodically check if disk layout has changed and update
# the rescue image
30 1 * * * root /usr/sbin/rear checklayout || /usr/sbin/rear mkrescue

6
rear.service Normal file
View File

@ -0,0 +1,6 @@
[Unit]
Description=Update ReaR rescue image
[Service]
Type=oneshot
ExecStart=/usr/sbin/rear checklayout || /usr/sbin/rear mkrescue

59
rear.spec
View File

@ -1,15 +1,24 @@
%define debug_package %{nil} %define debug_package %{nil}
Name: rear Name: rear
Version: 2.4 Version: 2.7
Release: 3 Release: 3
License: GPLv3 License: GPLv3
Summary: Relax-and-Recover is a setup-and-forget Linux bare metal disaster recovery solution Summary: Relax-and-Recover is a setup-and-forget Linux bare metal disaster recovery solution
URL: http://relax-and-recover.org/ URL: http://relax-and-recover.org/
Source0: https://sourceforge.net/projects/rear/files/rear/%{version}/rear-%{version}.tar.gz Source0: https://github.com/rear/rear/archive/refs/tags/%{version}.tar.gz
ExclusiveArch: x86_64 # Add cronjob and systemd timer as documentation
Source1: rear.cron
Source2: rear.service
Source3: rear.timer
Patch0: CVE-2024-23301.patch
ExclusiveArch: x86_64 loongarch64 ppc64le
Requires: binutils ethtool gzip iputils parted tar openssl gawk attr bc crontabs iproute Requires: binutils ethtool gzip iputils parted tar openssl gawk attr bc crontabs iproute
Requires: genisoimage util-linux syslinux Requires: genisoimage util-linux
%ifarch x86_64 i686
Requires: syslinux
%endif
BuildRequires: make asciidoctor
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
%description %description
@ -29,31 +38,55 @@ if [ $1 -gt 1 ] ; then
fi fi
%prep %prep
%autosetup %autosetup -p1
sed -E -e "s:([\"' ])/lib:\1/usr/lib:g" \
-i usr/share/rear/prep/GNU/Linux/*include*.sh
sed -e 's:/lib/:/usr/lib/:g' \
-e 's:/lib\*/:/usr/lib\*/:g' \
-e 's:/usr/usr/lib:/usr/lib:g' \
-i 'usr/share/rear/conf/GNU/Linux.conf'
%build %build
make doc
%install %install
rm -rf %{buildroot} %make_install
make install DESTDIR="%{buildroot}" install -p -d %{buildroot}%{_docdir}/%{name}/
echo "30 1 * * * root /usr/sbin/rear checklayout || /usr/sbin/rear mkrescue" > rear.cron install -m 0644 %{SOURCE1} %{buildroot}%{_docdir}/%{name}/
install -Dp -m 0644 rear.cron %{buildroot}%{_sysconfdir}/cron.d/rear install -m 0644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/
install -m 0644 %{SOURCE3} %{buildroot}%{_docdir}/%{name}/
%clean %clean
rm -rf %{buildroot} rm -rf %{buildroot}
%files %files
%doc MAINTAINERS COPYING README.adoc doc/*.txt %doc MAINTAINERS COPYING README.adoc doc/*.txt doc/user-guide/*.html
%config(noreplace) %{_sysconfdir}/cron.d/rear
%config(noreplace) %{_sysconfdir}/rear/ %config(noreplace) %{_sysconfdir}/rear/
%config(noreplace) %{_sysconfdir}/rear/cert/ %doc %{_docdir}/%{name}/rear.*
%{_datadir}/rear/ %{_datadir}/rear/
%{_localstatedir}/lib/rear/ %{_sharedstatedir}/rear/
%{_sbindir}/rear %{_sbindir}/rear
%files help %files help
%doc %{_mandir}/man8/rear.8* %doc %{_mandir}/man8/rear.8*
%changelog %changelog
* Tue Mar 5 2024 yinxiulin <xiulin.yin@shingroup.cn> - 2.7-3
- Add ppc64le support
* Mon Jan 15 2024 wangkai <13474090681@163.com> - 2.7-2
- Fix CVE-2024-23301
* Thu Jan 04 2024 Paul Thomas <paulthomas100199@gmail.com> - 2.7-1
- update to version 2.7
* Tue Oct 17 2023 yaoxin <yao_xin001@hoperun.com> - 2.6-1
- Upgrade to 2.6
* Tue Nov 15 2022 huajingyun <huajingyun@loongson.cn> - 2.4-4
- Add loongarch64 support
* Wed Feb 26 2020 Ling Yang <lingyang2@huawei.com> - 2.4-3 * Wed Feb 26 2020 Ling Yang <lingyang2@huawei.com> - 2.4-3
- Package Init - Package Init

10
rear.timer Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Update ReaR rescue image
[Timer]
OnCalendar=daily
RandomizedDelaySec=1h
Persistent=true
[Install]
WantedBy=timers.target