syscare/syscare.spec

%global debug_package %{nil}

%define kernel_devel_rpm %(echo $(rpm -q kernel-devel | head -n 1))
%define kernel_version %(echo $(rpm -q --qf "\%%{VERSION}" %{kernel_devel_rpm}))
%define kernel_name %(echo $(rpm -q --qf "\%%{VERSION}-\%%{RELEASE}.\%%{ARCH}" %{kernel_devel_rpm}))

Name:           syscare
Version:        1.0.1
Release:        4
Summary:        system hot-fix service

License:        MulanPSL-2.0 and GPL-2.0-only
URL:            https://gitee.com/openeuler/syscare
Source0:        %{name}-%{version}.tar.gz

BuildRequires:  rust cargo gcc gcc-g++ cmake make
BuildRequires:  elfutils-libelf-devel

Requires:       coreutils systemd kpatch-runtime
Requires:       %{name}-kmod >= 1.0.1-1

%description
SysCare is a system-level hot-fix software that provides single-machine-level and cluster-level security patches and system error hot-fixes for the operating system.
The host can fix the system problem without rebooting.

%package kmod
Summary:       Syscare kernel modules.
Requires:      kernel = %{kernel_version}
BuildRequires: kernel-devel
BuildRequires: make gcc bison flex

%description kmod
Syscare kernel modules dependency.

%package build
Summary:  Tools for build syscare patch.
Requires: %{name} = %{version}-%{release}
Requires: %{name}-kmod >= 1.0.1-1
Requires: kpatch make gcc openssl-devel dwarves python3-devel bison flex
Requires: elfutils-libelf-devel
Requires: rpm-build

%description build
Syscare build tools.

%prep
%autosetup -p1

%build
mkdir -p build_tmp
cd build_tmp

cmake -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_VERSION=%{version}-%{release} -DKERNEL_VERSION=%{kernel_name} ..
make

%install
cd build_tmp
%make_install
mkdir -p %{buildroot}/lib/modules/%{kernel_name}/extra/syscare
mv %{buildroot}/usr/libexec/syscare/upatch.ko %{buildroot}/lib/modules/%{kernel_name}/extra/syscare

%post
# Create runtime directory
mkdir -p /usr/lib/syscare/patches

# Start all services
systemctl enable syscare
systemctl start syscare

%preun
# Stop all services
systemctl stop syscare
systemctl disable syscare

%postun
# Remove runtime directory at uninstallation
if [ "$1" -eq 0 ] || { [ -n "$2" ] && [ "$2" -eq 0 ]; }; then
    rm -rf /usr/lib/syscare
fi

%post kmod
# Create kmod weak-updates link
echo "/lib/modules/%{kernel_name}/extra/syscare/upatch.ko" | /sbin/weak-modules --add-module --no-initramfs --verbose >&2

# Start all services
systemctl enable syscare-upatch
systemctl start syscare-upatch

%preun kmod
# Stop all services
systemctl stop syscare-upatch
systemctl disable syscare-upatch

%postun kmod
# Remove kmod weak-updates link
echo "/lib/modules/%{kernel_name}/extra/syscare/upatch.ko" | /sbin/weak-modules --remove-module --no-initramfs --verbose >&2

%files
%defattr(-,root,root,-)
%attr(755,root,root) /usr/bin/syscare
%attr(644,root,root) /usr/lib/systemd/system/syscare.service
%dir /usr/libexec/syscare
%attr(755,root,root) /usr/libexec/syscare/upatch-tool

%files kmod
%dir /lib/modules/%{kernel_name}/extra/syscare
%attr(640,root,root) /lib/modules/%{kernel_name}/extra/syscare/upatch.ko
%attr(644,root,root) /usr/lib/systemd/system/syscare-upatch.service

%files build
%defattr(-,root,root,-)
%dir /usr/libexec/syscare
%attr(755,root,root) /usr/libexec/syscare/syscare-build
%attr(755,root,root) /usr/libexec/syscare/upatch-build
%attr(755,root,root) /usr/libexec/syscare/upatch-diff

%changelog
* Tue Apr 04 2023 renoseven<dev@renoseven.net> - 1.0.1-4
- Enable aarch64
- Fix syscare-upatch service may start failed issue
* Thu Mar 30 2023 renoseven<dev@renoseven.net> - 1.0.1-3
- Fix upatch may not contain all symbols issue
- Add syscare-kmod package
* Wed Mar 29 2023 renoseven<dev@renoseven.net> - 1.0.1-2
- Fix rpm install & remove script issue
* Wed Mar 15 2023 renoseven<dev@renoseven.net> - 1.0.1-1
- New syscare cli
- Support building patch for C++ code
- Support patch version verification
- Support elf name derivation
- Support fast reboot
* Wed Dec 21 2022 snoweay<snoweay@163.com> - 1.0.0-7
- Fix 42 relocation caused by gcc 11.
* Tue Dec 20 2022 snoweay<snoweay@163.com> - 1.0.0-6
- Fix patch open failure by reading patches at attach instead of load.
- Support epoch in spec.
* Sat Dec 17 2022 snoweay<snoweay@163.com> - 1.0.0-5
- Check version-release of source pkg & debuginfo pkg.
* Fri Dec 16 2022 snoweay<snoweay@163.com> - 1.0.0-4
- Avoid duplicate elfs by not following symlinks at build.
* Thu Dec 15 2022 snoweay<snoweay@163.com> - 1.0.0-3
- Change kernel patches' scontext before apply not at rpm-post.
* Wed Dec 14 2022 snoweay<snoweay@163.com> - 1.0.0-2
- Fix some issues:
- manager: Allow apply to actived kernel patch
- build: only 'NOT-APPLIED' patch package can be removed
- build: fix 'kernel patch cannot be insmod during system start' issue
- kmod: unregister when rmmod upatch
* Tue Dec 13 2022 snoweay<snoweay@163.com> - 1.0.0-1
- Release the first version 1.0.0.
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`%global debug_package %{nil}`

update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`%define kernel_devel_rpm %(echo $(rpm -q kernel-devel \| head -n 1))`
update to 1.0.1-4 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 567505f70fe05e4e05d35e71e768cec8f4d255a4) 2023-04-04 10:57:35 +08:00			`%define kernel_version %(echo $(rpm -q --qf "\%%{VERSION}" %{kernel_devel_rpm}))`
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`%define kernel_name %(echo $(rpm -q --qf "\%%{VERSION}-\%%{RELEASE}.\%%{ARCH}" %{kernel_devel_rpm}))`

init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`Name: syscare`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`Version: 1.0.1`
update to 1.0.1-4 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 567505f70fe05e4e05d35e71e768cec8f4d255a4) 2023-04-04 10:57:35 +08:00			`Release: 4`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`Summary: system hot-fix service`

update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`License: MulanPSL-2.0 and GPL-2.0-only`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`URL: https://gitee.com/openeuler/syscare`
			`Source0: %{name}-%{version}.tar.gz`

			`BuildRequires: rust cargo gcc gcc-g++ cmake make`
			`BuildRequires: elfutils-libelf-devel`

update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`Requires: coreutils systemd kpatch-runtime`
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`Requires: %{name}-kmod >= 1.0.1-1`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00
			`%description`
			`SysCare is a system-level hot-fix software that provides single-machine-level and cluster-level security patches and system error hot-fixes for the operating system.`
spec: Change bin file mode to 755 Because build command shoud be used by normal users. Signed-off-by: snoweay <snoweay@163.com> 2022-11-22 11:44:18 +00:00			`The host can fix the system problem without rebooting.`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`%package kmod`
			`Summary: Syscare kernel modules.`
			`Requires: kernel = %{kernel_version}`
			`BuildRequires: kernel-devel`
			`BuildRequires: make gcc bison flex`

			`%description kmod`
			`Syscare kernel modules dependency.`

init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`%package build`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`Summary: Tools for build syscare patch.`
			`Requires: %{name} = %{version}-%{release}`
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`Requires: %{name}-kmod >= 1.0.1-1`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`Requires: kpatch make gcc openssl-devel dwarves python3-devel bison flex`
			`Requires: elfutils-libelf-devel`
			`Requires: rpm-build`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00
			`%description build`
			`Syscare build tools.`

			`%prep`
			`%autosetup -p1`

			`%build`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`mkdir -p build_tmp`
			`cd build_tmp`

update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`cmake -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_VERSION=%{version}-%{release} -DKERNEL_VERSION=%{kernel_name} ..`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`make`

			`%install`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`cd build_tmp`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`%make_install`
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`mkdir -p %{buildroot}/lib/modules/%{kernel_name}/extra/syscare`
			`mv %{buildroot}/usr/libexec/syscare/upatch.ko %{buildroot}/lib/modules/%{kernel_name}/extra/syscare`
update to 0.1.2.rc2 for test Fix some issues. syscare-pre.service enable by default. Signed-off-by: snoweay <snoweay@163.com> 2022-12-02 11:45:58 +00:00
update to 0.1.1 First version for test. Support patches restore, remove, auto insmod upatch.ko. Signed-off-by: snoweay <snoweay@163.com> 2022-11-28 12:26:22 +00:00			`%post`
update to 1.0.1-4 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 567505f70fe05e4e05d35e71e768cec8f4d255a4) 2023-04-04 10:57:35 +08:00			`# Create runtime directory`
			`mkdir -p /usr/lib/syscare/patches`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`# Start all services`
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`systemctl enable syscare`
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`systemctl start syscare`
update to 0.1.2.rc2 for test Fix some issues. syscare-pre.service enable by default. Signed-off-by: snoweay <snoweay@163.com> 2022-12-02 11:45:58 +00:00
			`%preun`
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`# Stop all services`
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`systemctl stop syscare`
			`systemctl disable syscare`
update to 0.1.2.rc2 for test Fix some issues. syscare-pre.service enable by default. Signed-off-by: snoweay <snoweay@163.com> 2022-12-02 11:45:58 +00:00
			`%postun`
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`# Remove runtime directory at uninstallation`
			`if [ "$1" -eq 0 ] \|\| { [ -n "$2" ] && [ "$2" -eq 0 ]; }; then`
			`rm -rf /usr/lib/syscare`
			`fi`
update to 0.1.1 First version for test. Support patches restore, remove, auto insmod upatch.ko. Signed-off-by: snoweay <snoweay@163.com> 2022-11-28 12:26:22 +00:00
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`%post kmod`
update to 1.0.1-4 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 567505f70fe05e4e05d35e71e768cec8f4d255a4) 2023-04-04 10:57:35 +08:00			`# Create kmod weak-updates link`
			`echo "/lib/modules/%{kernel_name}/extra/syscare/upatch.ko" \| /sbin/weak-modules --add-module --no-initramfs --verbose >&2`
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`# Start all services`
			`systemctl enable syscare-upatch`
			`systemctl start syscare-upatch`

			`%preun kmod`
			`# Stop all services`
			`systemctl stop syscare-upatch`
			`systemctl disable syscare-upatch`

			`%postun kmod`
update to 1.0.1-4 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 567505f70fe05e4e05d35e71e768cec8f4d255a4) 2023-04-04 10:57:35 +08:00			`# Remove kmod weak-updates link`
			`echo "/lib/modules/%{kernel_name}/extra/syscare/upatch.ko" \| /sbin/weak-modules --remove-module --no-initramfs --verbose >&2`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`%files`
			`%defattr(-,root,root,-)`
spec: Change bin file mode to 755 Because build command shoud be used by normal users. Signed-off-by: snoweay <snoweay@163.com> 2022-11-22 11:44:18 +00:00			`%attr(755,root,root) /usr/bin/syscare`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`%attr(644,root,root) /usr/lib/systemd/system/syscare.service`
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`%dir /usr/libexec/syscare`
			`%attr(755,root,root) /usr/libexec/syscare/upatch-tool`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`%files kmod`
			`%dir /lib/modules/%{kernel_name}/extra/syscare`
			`%attr(640,root,root) /lib/modules/%{kernel_name}/extra/syscare/upatch.ko`
			`%attr(644,root,root) /usr/lib/systemd/system/syscare-upatch.service`

init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00			`%files build`
			`%defattr(-,root,root,-)`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`%dir /usr/libexec/syscare`
			`%attr(755,root,root) /usr/libexec/syscare/syscare-build`
			`%attr(755,root,root) /usr/libexec/syscare/upatch-build`
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`%attr(755,root,root) /usr/libexec/syscare/upatch-diff`
init spec and get-version script init for first version 0.1.1 Signed-off-by: snoweay <snoweay@163.com> 2022-11-15 12:55:32 +00:00
			`%changelog`
update to 1.0.1-4 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 567505f70fe05e4e05d35e71e768cec8f4d255a4) 2023-04-04 10:57:35 +08:00			`* Tue Apr 04 2023 renoseven<dev@renoseven.net> - 1.0.1-4`
			`- Enable aarch64`
			`- Fix syscare-upatch service may start failed issue`
update to 1.0.1-3 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit cf91c7dad32e6261c3065875d58d7f5c72181f3f) 2023-03-29 18:42:15 +08:00			`* Thu Mar 30 2023 renoseven<dev@renoseven.net> - 1.0.1-3`
			`- Fix upatch may not contain all symbols issue`
			`- Add syscare-kmod package`
update to syscare-1.0.1-2 Signed-off-by: renoseven <dev@renoseven.net> (cherry picked from commit 50ed636bcf32aeef2969ad40a4d7204c6479bafc) 2023-03-29 17:47:03 +08:00			`* Wed Mar 29 2023 renoseven<dev@renoseven.net> - 1.0.1-2`
			`- Fix rpm install & remove script issue`
update to 1.0.1 Signed-off-by: renoseven <dev@renoseven.net> 2023-03-15 11:34:43 +08:00			`* Wed Mar 15 2023 renoseven<dev@renoseven.net> - 1.0.1-1`
			`- New syscare cli`
			`- Support building patch for C++ code`
			`- Support patch version verification`
			`- Support elf name derivation`
			`- Support fast reboot`
add support for R_X86_64_GOTPCRELX R_X86_64_REX_GOTPCRELX Signed-off-by: snoweay <snoweay@163.com> 2022-12-21 12:03:08 +00:00			`* Wed Dec 21 2022 snoweay<snoweay@163.com> - 1.0.0-7`
			`- Fix 42 relocation caused by gcc 11.`
Fix patch open failure by reading patches at attach instead of load Signed-off-by: snoweay <snoweay@163.com> 2022-12-20 14:00:40 +00:00			`* Tue Dec 20 2022 snoweay<snoweay@163.com> - 1.0.0-6`
			`- Fix patch open failure by reading patches at attach instead of load.`
			`- Support epoch in spec.`
check release of source pkg & debuginfo pkg Signed-off-by: snoweay <snoweay@163.com> 2022-12-17 10:05:25 +00:00			`* Sat Dec 17 2022 snoweay<snoweay@163.com> - 1.0.0-5`
			`- Check version-release of source pkg & debuginfo pkg.`
Avoid duplicate elfs by not following symlinks at build Signed-off-by: snoweay <snoweay@163.com> 2022-12-16 09:15:36 +00:00			`* Fri Dec 16 2022 snoweay<snoweay@163.com> - 1.0.0-4`
			`- Avoid duplicate elfs by not following symlinks at build.`
Set kernel livepatches' scontext before apply not at rpm-post Signed-off-by: snoweay <snoweay@163.com> 2022-12-15 11:04:03 +00:00			`* Thu Dec 15 2022 snoweay<snoweay@163.com> - 1.0.0-3`
			`- Change kernel patches' scontext before apply not at rpm-post.`
Fix some issues and update to 1.0.0-2 release manager: Allow apply to actived kernel patch build: only 'NOT-APPLIED' patch package can be removed build: fix 'kernel patch cannot be insmod during system start' issue kmod: unregister when rmmod upatch Signed-off-by: snoweay <snoweay@163.com> 2022-12-14 13:43:07 +00:00			`* Wed Dec 14 2022 snoweay<snoweay@163.com> - 1.0.0-2`
			`- Fix some issues:`
			`- manager: Allow apply to actived kernel patch`
			`- build: only 'NOT-APPLIED' patch package can be removed`
			`- build: fix 'kernel patch cannot be insmod during system start' issue`
			`- kmod: unregister when rmmod upatch`
Release v1.0.0 Signed-off-by: snoweay <snoweay@163.com> 2022-12-13 03:07:16 +00:00			`* Tue Dec 13 2022 snoweay<snoweay@163.com> - 1.0.0-1`
			`- Release the first version 1.0.0.`