Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package sdbootutil for openSUSE:Factory checked in at 2026-01-15 16:43:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sdbootutil (Old) and /work/SRC/openSUSE:Factory/.sdbootutil.new.1928 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sdbootutil" Thu Jan 15 16:43:43 2026 rev:88 rq:1327386 version:1+git20260115.cd41d07 Changes: -------- --- /work/SRC/openSUSE:Factory/sdbootutil/sdbootutil.changes 2026-01-09 17:03:30.920006628 +0100 +++ /work/SRC/openSUSE:Factory/.sdbootutil.new.1928/sdbootutil.changes 2026-01-15 16:44:02.554760531 +0100 @@ -1,0 +2,14 @@ +Thu Jan 15 12:58:34 UTC 2026 - Alberto Planas Dominguez <[email protected]> + +- Update to version 1+git20260115.cd41d07: + * sdbootutil: ignore devices that aren't listed in /etc/crypttab + * Print message about debug log to stderr + +------------------------------------------------------------------- +Wed Jan 14 10:44:23 UTC 2026 - Alberto Planas Dominguez <[email protected]> + +- Update to version 1+git20260114.371a8b3: + * Create the /var/lib/sdbootutil directory during installation + * Make fde-tools file optional + +------------------------------------------------------------------- Old: ---- sdbootutil-1+git20260108.be38224.obscpio New: ---- sdbootutil-1+git20260115.cd41d07.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sdbootutil.spec ++++++ --- /var/tmp/diff_new_pack.kPXNTy/_old 2026-01-15 16:44:03.570802844 +0100 +++ /var/tmp/diff_new_pack.kPXNTy/_new 2026-01-15 16:44:03.574803010 +0100 @@ -18,7 +18,7 @@ %global rustflags '-Clink-arg=-Wl,-z,relro,-z,now' Name: sdbootutil -Version: 1+git20260108.be38224 +Version: 1+git20260115.cd41d07 Release: 0 Summary: Bootctl wrapper for BLS boot loaders License: MIT @@ -192,6 +192,12 @@ install -Dpm 0644 %{name}.conf %{buildroot}%{_tmpfilesdir}/%{name}.conf install -Dpm 0644 kernel-install-%{name}.conf %{buildroot}%{_tmpfilesdir}/kernel-install-%{name}.conf +# tmpfiles_create macro is a noop, and the directories in /var/lib +# will be present in the next reboot. The problem is that when the +# package is installed by YaST / Agama, this directory needs to be +# present, as sdbootutil is called for enrollment +install -d -m 700 %{buildroot}%{_sharedstatedir}/%{name} + %transfiletriggerin -- %{_prefix}/lib/systemd/boot/efi %{_datadir}/grub2/%{_build_arch}-efi %{_datadir}/efi/%{_build_arch} cat > /dev/null || : [ "$YAST_IS_RUNNING" != 'instsys' ] || exit 0 @@ -218,7 +224,7 @@ %post %service_add_post %{name}-update-predictions.service -%tmpfiles_create %{_tmpfilesdir}/%{name}.conf +%tmpfiles_create %{name}.conf %preun enroll %service_del_preun %{name}-enroll.service @@ -232,8 +238,8 @@ %post enroll %service_add_post %{name}-enroll.service -%posttrans kernel-install -%tmpfiles_create %{_tmpfilesdir}/kernel-install-%{name}.conf +%post kernel-install +%tmpfiles_create kernel-install-%{name}.conf %post dracut-measure-pcr %{?regenerate_initrd_post} ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.kPXNTy/_old 2026-01-15 16:44:03.766811006 +0100 +++ /var/tmp/diff_new_pack.kPXNTy/_new 2026-01-15 16:44:03.794812173 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/openSUSE/sdbootutil.git</param> - <param name="changesrevision">be38224bc757fd4cade25f37f39ff87b838698a2</param></service></servicedata> + <param name="changesrevision">cd41d07334aa22fbd8907216c693dfe2061dbaf9</param></service></servicedata> (No newline at EOF) ++++++ sdbootutil-1+git20260108.be38224.obscpio -> sdbootutil-1+git20260115.cd41d07.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sdbootutil-1+git20260108.be38224/sdbootutil new/sdbootutil-1+git20260115.cd41d07/sdbootutil --- old/sdbootutil-1+git20260108.be38224/sdbootutil 2026-01-08 20:49:55.000000000 +0100 +++ new/sdbootutil-1+git20260115.cd41d07/sdbootutil 2026-01-15 13:56:43.000000000 +0100 @@ -13,9 +13,9 @@ [[ "$*" =~ "--stop-trace-code" ]] && rm -f "$DEBUG_LOG" if [ -f "$DEBUG_LOG" ]; then verbose=3 - echo "The trace of the code is being stored in $DEBUG_LOG" - echo "Remove the file or use --stop-trace-code to stop tracing the code" - echo "Audit the file before sharing, as secrets can be leaked" + echo "The trace of the code is being stored in $DEBUG_LOG" >&2 + echo "Remove the file or use --stop-trace-code to stop tracing the code" >&2 + echo "Audit the file before sharing, as secrets can be leaked" >&2 exec 3>>"$DEBUG_LOG" export BASH_XTRACEFD=3 export PS4='+ \D{%F %T} ${BASH_SOURCE##*/}:${LINENO}:${FUNCNAME[0]:-main}: ' @@ -3025,7 +3025,11 @@ # situation but fail during the initial enrollment. This is # because we generate the prediction first and later we do the # enrollment - is_config_file || err "/etc/sysconfig/fde-tools not found" + is_config_file || { + warn "/etc/sysconfig/fde-tools not found (manual enrollment?)" + warn "No TPM2 predictions generated" + return 0 + } load_config_file [ -z "$arg_pcr" ] || FDE_SEAL_PCR_LIST="$arg_pcr" @@ -3081,8 +3085,11 @@ while read -r dev fstype uuid; do [ "$fstype" = 'crypto_LUKS' ] || continue cryptsetup isLuks --type luks2 "$dev" || continue - [ -e /etc/crypttab ] && grep -E -q "${dev}[[:space:]].*x-sdbootutil.ignore" /etc/crypttab && continue - [ -e /etc/crypttab ] && grep -E -q "${uuid}[[:space:]].*x-sdbootutil.ignore" /etc/crypttab && continue + if [ -e /etc/crypttab ]; then + grep -E -q "(${dev}|${uuid})" /etc/crypttab || continue + grep -E -q "${dev}[[:space:]].*x-sdbootutil.ignore" /etc/crypttab && continue + grep -E -q "${uuid}[[:space:]].*x-sdbootutil.ignore" /etc/crypttab && continue + fi dbg "Tracking encrypted device $dev" tracked_devices+=("$dev") done < <(lsblk --noheadings -o PATH,FSTYPE,UUID) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sdbootutil-1+git20260108.be38224/sdbootutil.spec new/sdbootutil-1+git20260115.cd41d07/sdbootutil.spec --- old/sdbootutil-1+git20260108.be38224/sdbootutil.spec 2026-01-08 20:49:55.000000000 +0100 +++ new/sdbootutil-1+git20260115.cd41d07/sdbootutil.spec 2026-01-15 13:56:43.000000000 +0100 @@ -192,6 +192,12 @@ install -Dpm 0644 %{name}.conf %{buildroot}%{_tmpfilesdir}/%{name}.conf install -Dpm 0644 kernel-install-%{name}.conf %{buildroot}%{_tmpfilesdir}/kernel-install-%{name}.conf +# tmpfiles_create macro is a noop, and the directories in /var/lib +# will be present in the next reboot. The problem is that when the +# package is installed by YaST / Agama, this directory needs to be +# present, as sdbootutil is called for enrollment +install -d -m 700 %{buildroot}%{_sharedstatedir}/%{name} + %transfiletriggerin -- %{_prefix}/lib/systemd/boot/efi %{_datadir}/grub2/%{_build_arch}-efi %{_datadir}/efi/%{_build_arch} cat > /dev/null || : [ "$YAST_IS_RUNNING" != 'instsys' ] || exit 0 @@ -218,7 +224,7 @@ %post %service_add_post %{name}-update-predictions.service -%tmpfiles_create %{_tmpfilesdir}/%{name}.conf +%tmpfiles_create %{name}.conf %preun enroll %service_del_preun %{name}-enroll.service @@ -232,8 +238,8 @@ %post enroll %service_add_post %{name}-enroll.service -%posttrans kernel-install -%tmpfiles_create %{_tmpfilesdir}/kernel-install-%{name}.conf +%post kernel-install +%tmpfiles_create kernel-install-%{name}.conf %post dracut-measure-pcr %{?regenerate_initrd_post} ++++++ sdbootutil.obsinfo ++++++ --- /var/tmp/diff_new_pack.kPXNTy/_old 2026-01-15 16:44:04.186828498 +0100 +++ /var/tmp/diff_new_pack.kPXNTy/_new 2026-01-15 16:44:04.194828831 +0100 @@ -1,5 +1,5 @@ name: sdbootutil -version: 1+git20260108.be38224 -mtime: 1767901795 -commit: be38224bc757fd4cade25f37f39ff87b838698a2 +version: 1+git20260115.cd41d07 +mtime: 1768481803 +commit: cd41d07334aa22fbd8907216c693dfe2061dbaf9
