Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package apptainer for openSUSE:Factory checked in at 2023-02-16 16:56:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apptainer (Old) and /work/SRC/openSUSE:Factory/.apptainer.new.22824 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apptainer" Thu Feb 16 16:56:15 2023 rev:14 rq:1065997 version:1.1.6 Changes: -------- --- /work/SRC/openSUSE:Factory/apptainer/apptainer.changes 2023-01-12 22:45:24.745241890 +0100 +++ /work/SRC/openSUSE:Factory/.apptainer.new.22824/apptainer.changes 2023-02-16 16:56:31.154860669 +0100 @@ -1,0 +2,30 @@ +Wed Feb 15 09:01:08 UTC 2023 - Christian Goll <cg...@suse.com> + +- update to 1.1.6 with following changes: + + * Included a fix for CVE-2022-23538 which potentially leaked user credentials + to a third-party S3 storage service when using the library:// protocol. See + the https://github.com/sylabs/scs-library-client/security/advisories/GHSA-7p8m-22h4-9pj7 + for details. + * Make PS1 environment variable changeable via %environment section on + definition file that used to be only changeable via APPTAINERENV_PS1 + outside of container. This makes the container's prompt customizable. + * Fix the passing of nested bind mounts when there are multiple binds + separated by commas and some of them have colons separating sources and + destinations. + * Hide messages about SINGULARITY variables if corresponding APPTAINER + variables are defined. Fixes a regression introduced in 1.1.4. + * Print a warning if extra arguments are given to a shell action, and show in + the run action usage that arguments may be passed. + * Check for the existence of the runtime executable prefix, to avoid issues + when running under Slurm's srun. If it doesn't exist, fall back to the + compile-time prefix. + * Increase the timeout on image driver (that is, FUSE) mounts from 2 seconds + to 10 seconds. Instead, print an INFO message if it takes more than 2 + seconds. + * If a remote is defined both globally (i.e. system-wide) and individually, + change apptainer remote commands to print an info message instead of + exiting with a fatal error and to give precedence to the individual + configuration. + +------------------------------------------------------------------- Old: ---- apptainer-1.1.5.tar.gz New: ---- apptainer-1.1.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apptainer.spec ++++++ --- /var/tmp/diff_new_pack.EAeLfc/_old 2023-02-16 16:56:32.670866728 +0100 +++ /var/tmp/diff_new_pack.EAeLfc/_new 2023-02-16 16:56:32.674866745 +0100 @@ -25,7 +25,7 @@ License: BSD-3-Clause-LBNL Group: Productivity/Clustering/Computing Name: apptainer -Version: 1.1.5 +Version: 1.1.6 Release: 0 # https://spdx.org/licenses/BSD-3-Clause-LBNL.html URL: https://apptainer.org ++++++ apptainer-1.1.5.tar.gz -> apptainer-1.1.6.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/CHANGELOG.md new/apptainer-1.1.6/CHANGELOG.md --- old/apptainer-1.1.5/CHANGELOG.md 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/CHANGELOG.md 2023-02-14 18:57:18.000000000 +0100 @@ -5,6 +5,44 @@ and re-branded as Apptainer. For older changes see the [archived Singularity change log](https://github.com/apptainer/singularity/blob/release-3.8/CHANGELOG.md). +## v1.1.6 - \[2023-02-14\] + +### Security fix + +- Included a fix for [CVE-2022-23538](https://github.com/sylabs/scs-library-client/security/advisories/GHSA-7p8m-22h4-9pj7) + which potentially leaked user credentials to a third-party S3 storage + service when using the `library://` protocol. See the link for details. + +### Other changes + +- Restored the ability for running instances to be tracked when apptainer + is installed with tools/install-unprivileged.sh. Instance tracking + depends on argument 0 of the starter, which was not getting preserved. +- Fix `GOCACHE` environment variable settings when building debian source + package on PPA build environment. +- Make `PS1` environment variable changeable via `%environment` section on + definition file that used to be only changeable via `APPTAINERENV_PS1` + outside of container. This makes the container's prompt customizable. +- Fix the passing of nested bind mounts when there are multiple binds + separated by commas and some of them have colons separating sources + and destinations. +- Added `Provides: bundled(golang())` statements to the rpm packaging + for each bundled golang module. +- Hide messages about SINGULARITY variables if corresponding APPTAINER + variables are defined. Fixes a regression introduced in 1.1.4. +- Print a warning if extra arguments are given to a shell action, and + show in the run action usage that arguments may be passed. +- Check for the existence of the runtime executable prefix, to avoid + issues when running under Slurm's srun. If it doesn't exist, fall + back to the compile-time prefix. +- Increase the timeout on image driver (that is, FUSE) mounts from 2 + seconds to 10 seconds. Instead, print an INFO message if it takes + more than 2 seconds. +- If a `remote` is defined both globally (i.e. system-wide) and + individually, change `apptainer remote` commands to print an info message + instead of exiting with a fatal error and to give precedence to the + individual configuration. + ## v1.1.5 - \[2023-01-10\] - Update the rpm packaging to (a) move the Obsoletes of singularity to diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/CONTRIBUTORS.md new/apptainer-1.1.6/CONTRIBUTORS.md --- old/apptainer-1.1.5/CONTRIBUTORS.md 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/CONTRIBUTORS.md 2023-02-14 18:57:18.000000000 +0100 @@ -90,6 +90,7 @@ - Westley Kurtzer <west...@sylabs.io>, <westl...@nym.hush.com> - Yannick Cote <y...@sylabs.io>, <yhc...@gmail.com> - Yaroslav Halchenko <deb...@onerussian.com> +- Yoshiaki Senda <yoshi...@live.it> - Onur Yılmaz <csonuryil...@gmail.com> - Pranathi Locula <loc...@deshaw.com> - Pedro Alves Batista <pedro.pesquis...@gmail.com> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/INSTALL.md new/apptainer-1.1.6/INSTALL.md --- old/apptainer-1.1.5/INSTALL.md 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/INSTALL.md 2023-02-14 18:57:18.000000000 +0100 @@ -137,7 +137,7 @@ for example: ```sh -git checkout v1.1.5 +git checkout v1.1.6 ``` ## Compiling Apptainer @@ -259,7 +259,7 @@ <!-- markdownlint-disable MD013 --> ```sh -VERSION=1.1.5 # this is the apptainer version, change as you need +VERSION=1.1.6 # this is the apptainer version, change as you need # Fetch the source wget https://github.com/apptainer/apptainer/releases/download/v${VERSION}/apptainer-${VERSION}.tar.gz ``` @@ -308,7 +308,7 @@ <!-- markdownlint-disable MD013 --> ```sh -VERSION=1.1.5 # this is the latest apptainer version, change as you need +VERSION=1.1.6 # this is the latest apptainer version, change as you need ./mconfig make -C builddir rpm sudo rpm -ivh ~/rpmbuild/RPMS/x86_64/apptainer-$(echo $VERSION|tr - \~)*.x86_64.rpm diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/cmd/internal/cli/actions.go new/apptainer-1.1.6/cmd/internal/cli/actions.go --- old/apptainer-1.1.5/cmd/internal/cli/actions.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/cmd/internal/cli/actions.go 2023-02-14 18:57:18.000000000 +0100 @@ -207,6 +207,10 @@ Args: cobra.MinimumNArgs(1), PreRun: actionPreRun, Run: func(cmd *cobra.Command, args []string) { + if len(args) > 1 { + sylog.Warningf("Parameters to shell command are ignored") + } + a := []string{"/.singularity.d/actions/shell"} setVM(cmd) if VM { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/cmd/internal/cli/actions_linux.go new/apptainer-1.1.6/cmd/internal/cli/actions_linux.go --- old/apptainer-1.1.5/cmd/internal/cli/actions_linux.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/cmd/internal/cli/actions_linux.go 2023-02-14 18:57:18.000000000 +0100 @@ -442,8 +442,7 @@ } // First get binds from -B/--bind and env var - bindPaths := BindPaths - binds, err := apptainerConfig.ParseBindPath(bindPaths) + binds, err := apptainerConfig.ParseBindPath(BindPaths) if err != nil { sylog.Fatalf("while parsing bind path: %s", err) } @@ -465,7 +464,6 @@ if err != nil { sylog.Fatalf("while getting fakeroot bindpoints: %v", err) } - bindPaths = append(bindPaths, fakebindPaths...) fakebinds, err := apptainerConfig.ParseBindPath(fakebindPaths) if err != nil { sylog.Fatalf("while parsing fakeroot bind paths: %s", err) @@ -475,21 +473,10 @@ engineConfig.SetBindPath(binds) - for i, bindPath := range bindPaths { - splits := strings.Split(bindPath, ":") - if len(splits) > 1 { - // For nesting, change the source to the destination - // because this level is bound at the destination - if len(splits) > 2 { - // Replace the source with the destination - splits[0] = splits[1] - bindPath = strings.Join(splits, ":") - } else { - // leave only the destination - bindPath = splits[1] - } - bindPaths[i] = bindPath - } + // Pass only the destinations to nested binds + bindPaths := make([]string, len(binds)) + for i, bind := range binds { + bindPaths[i] = bind.Destination } generator.SetProcessEnvWithPrefixes(env.ApptainerPrefixes, "BIND", strings.Join(bindPaths, ",")) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/dist/debian/rules new/apptainer-1.1.6/dist/debian/rules --- old/apptainer-1.1.5/dist/debian/rules 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/dist/debian/rules 2023-02-14 18:57:18.000000000 +0100 @@ -23,6 +23,7 @@ # For locally compiled go MINGO_VERSION = $(shell scripts/get-min-go-version) GOROOT = $${TMPDIR:-/tmp}/appdebgo/go +GOCACHE = $${TMPDIR:-/tmp}/appdebgo/cache # get version via script SC_VERSION = $(shell scripts/get-version ) @@ -91,7 +92,8 @@ --mandir=/usr/share/man override_dh_auto_build: - @PATH=$(GOROOT)/bin:$$PATH dh_auto_build -Smakefile --parallel --max-parallel=$(MAKEPARALLEL) -D$(DEB_SC_BUILDDIR) + @mkdir -p $(GOCACHE) + @PATH=$(GOROOT)/bin:$$PATH GOCACHE=$(GOCACHE) dh_auto_build -Smakefile --parallel --max-parallel=$(MAKEPARALLEL) -D$(DEB_SC_BUILDDIR) override_dh_auto_install: @dh_auto_install -Smakefile -D$(DEB_SC_BUILDDIR) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/dist/rpm/apptainer.spec.in new/apptainer-1.1.6/dist/rpm/apptainer.spec.in --- old/apptainer-1.1.5/dist/rpm/apptainer.spec.in 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/dist/rpm/apptainer.spec.in 2023-02-14 18:57:18.000000000 +0100 @@ -79,6 +79,8 @@ Provides: sif-runtime Conflicts: sif-runtime +@BUNDLED_PROVIDES@ + %if "%{_target_vendor}" == "suse" BuildRequires: binutils-gold %endif @@ -122,6 +124,8 @@ # on this subpackage for greater compatibility after an update from the # old singularity. Obsoletes: singularity <= %{last_singularity_version} +# FESCo asked to have this form of Provides +Provides: alternative-for(singularity) %description suid Provides the optional setuid-root portion of Apptainer. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/docs/content.go new/apptainer-1.1.6/docs/content.go --- old/apptainer-1.1.5/docs/content.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/docs/content.go 2023-02-14 18:57:18.000000000 +0100 @@ -676,7 +676,7 @@ // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ // run // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - RunUse string = `run [run options...] <container>` + RunUse string = `run [run options...] <container> [args...]` RunShort string = `Run the user-defined default command within a container` RunLong string = ` This command will launch an Apptainer container and execute a runscript diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/go.mod new/apptainer-1.1.6/go.mod --- old/apptainer-1.1.5/go.mod 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/go.mod 2023-02-14 18:57:18.000000000 +0100 @@ -8,7 +8,7 @@ github.com/adigunhammedolalekan/registry-auth v0.0.0-20200730122110-8cde180a3a60 github.com/apex/log v1.9.0 github.com/apptainer/container-key-client v0.8.0 - github.com/apptainer/container-library-client v1.3.3 + github.com/apptainer/container-library-client v1.3.4 github.com/apptainer/sif/v2 v2.8.1 github.com/blang/semver/v4 v4.0.0 github.com/buger/jsonparser v1.1.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/go.sum new/apptainer-1.1.6/go.sum --- old/apptainer-1.1.5/go.sum 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/go.sum 2023-02-14 18:57:18.000000000 +0100 @@ -170,8 +170,8 @@ github.com/aphistic/sweet v0.2.0/go.mod h1:fWDlIh/isSE9n6EPsRmC0det+whmX6dJid3stzu0Xys= github.com/apptainer/container-key-client v0.8.0 h1:K181Zrejb53mR2YQZwCathSj8YReCen+Wi2YuBxGH60= github.com/apptainer/container-key-client v0.8.0/go.mod h1:wMeJdiMXlPRiwJfUyae2WRHsZlHG9Af6iPQ9TZcBnS8= -github.com/apptainer/container-library-client v1.3.3 h1:xd0/27nB8mAtyJAwG/7tTOoWAhjMiZPyZy4fzzQHMak= -github.com/apptainer/container-library-client v1.3.3/go.mod h1:B+ARx/+WaE/E2pkv2qZUQeoEBO89PUpmLKsTJmbM5eQ= +github.com/apptainer/container-library-client v1.3.4 h1:uykXR0AP/1K73WGJjmrMt+A+IrbCEc7CcCepi1AIU+E= +github.com/apptainer/container-library-client v1.3.4/go.mod h1:B+ARx/+WaE/E2pkv2qZUQeoEBO89PUpmLKsTJmbM5eQ= github.com/apptainer/sif/v2 v2.8.1 h1:c8WSyIZ/Jujf3GijgkCLNEvwusvNIGn8fUBgkCv/8F0= github.com/apptainer/sif/v2 v2.8.1/go.mod h1:ELUI9IzDd9fuNN099gwA0bUvoR2I5LSZWYcqCqvLw/0= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/build/sources/99-base.sh new/apptainer-1.1.6/internal/pkg/build/sources/99-base.sh --- old/apptainer-1.1.5/internal/pkg/build/sources/99-base.sh 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/build/sources/99-base.sh 2023-02-14 18:57:18.000000000 +0100 @@ -23,11 +23,13 @@ # perform publicly and display publicly, and to permit other to do so. # -if [ -z "$LD_LIBRARY_PATH" ]; then +if [ -z "${LD_LIBRARY_PATH:-}" ]; then LD_LIBRARY_PATH="/.singularity.d/libs" else LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/.singularity.d/libs" fi -PS1="Apptainer> " +if [ -z "${PS1:-}" ]; then + PS1="Apptainer> " +fi export LD_LIBRARY_PATH PS1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/buildcfg/confgen/gen.go new/apptainer-1.1.6/internal/pkg/buildcfg/confgen/gen.go --- old/apptainer-1.1.5/internal/pkg/buildcfg/confgen/gen.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/buildcfg/confgen/gen.go 2023-02-14 18:57:18.000000000 +0100 @@ -97,6 +97,14 @@ return } + _, err = os.Stat(executablePath) + if err != nil { + // Due to mount namespace issues, os.Executable may return a non-existing + // location + installPrefix = "{{.Prefix}}" + return + } + bin := filepath.Dir(executablePath) base := filepath.Base(executablePath) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/image/driver/imagedriver.go new/apptainer-1.1.6/internal/pkg/image/driver/imagedriver.go --- old/apptainer-1.1.5/internal/pkg/image/driver/imagedriver.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/image/driver/imagedriver.go 2023-02-14 18:57:18.000000000 +0100 @@ -296,7 +296,8 @@ } f.instances = append(f.instances, fuseappsInstance{cmd, params}) - maxTime := 2 * time.Second + maxTime := 10 * time.Second + infoTime := 2 * time.Second totTime := 0 * time.Second for totTime < maxTime { sleepTime := 25 * time.Millisecond @@ -332,7 +333,11 @@ // Haven't seen this happen, but just in case sylog.Infof("%v", msg) } - sylog.Debugf("%v mounted in %v", params.Target, totTime) + if totTime > infoTime { + sylog.Infof("%v mount took an unexpectedly long time: %v", f.binName, totTime) + } else { + sylog.Debugf("%v mounted in %v", params.Target, totTime) + } if params.Filesystem == "overlay" && os.Getuid() == 0 { // Look for unexpectedly readonly overlay hasUpper := false @@ -363,7 +368,11 @@ } } f.stop(params.Target, true) - return fmt.Errorf("%v failed to mount %v in %v: %v", f.binName, params.Target, maxTime, stderr.String()) + errmsg := stderr.String() + if errmsg != "" { + errmsg = ": " + errmsg + } + return fmt.Errorf("%v failed to mount %v in %v%v", f.binName, params.Target, maxTime, errmsg) } func (d *fuseappsDriver) Start(params *image.DriverParams, containerPid int) error { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/instance/instance_linux.go new/apptainer-1.1.6/internal/pkg/instance/instance_linux.go --- old/apptainer-1.1.5/internal/pkg/instance/instance_linux.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/instance/instance_linux.go 2023-02-14 18:57:18.000000000 +0100 @@ -21,6 +21,7 @@ "github.com/apptainer/apptainer/internal/pkg/util/user" "github.com/apptainer/apptainer/pkg/syfs" + "github.com/apptainer/apptainer/pkg/sylog" ) const ( @@ -199,6 +200,7 @@ if dir == "." { dir = "" } + sylog.Debugf("Deleting %v", dir) return os.RemoveAll(dir) } @@ -240,6 +242,7 @@ return err } + sylog.Debugf("Storing instance data to %s", i.Path) path := filepath.Dir(i.Path) oldumask := syscall.Umask(0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/remote/remote.go new/apptainer-1.1.6/internal/pkg/remote/remote.go --- old/apptainer-1.1.5/internal/pkg/remote/remote.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/remote/remote.go 2023-02-14 18:57:18.000000000 +0100 @@ -105,13 +105,12 @@ // SyncFrom updates c with the remotes specified in sys. Typically, this is used // to sync a globally-configured remote.Config into a user-specific remote.Config. -// Currently, SyncFrom will return a name-collision error if there is an EndPoint -// name which exists in both c & sys, and the EndPoint in c has System == false. func (c *Config) SyncFrom(sys *Config) error { for name, eSys := range sys.Remotes { eUsr, err := c.GetRemote(name) if err == nil && !eUsr.System { // usr & sys name collision - return fmt.Errorf("name collision while syncing: %s", name) + sylog.Infof("%s defined both globally and individually, using individual", name) + continue } else if err == nil { eUsr.URI = eSys.URI // update URI just in case eUsr.Exclusive = eSys.Exclusive diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/remote/remote_test.go new/apptainer-1.1.6/internal/pkg/remote/remote_test.go --- old/apptainer-1.1.5/internal/pkg/remote/remote_test.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/remote/remote_test.go 2023-02-14 18:57:18.000000000 +0100 @@ -346,39 +346,6 @@ } }) } - - testsFail := []syncTest{ - { - name: "sys endpoint collision", - sys: Config{ - Remotes: map[string]*endpoint.Config{ - "sylabs-global": { - URI: "cloud.sycloud.io", - Token: "fake-token", - }, - }, - }, - usr: Config{ - Remotes: map[string]*endpoint.Config{ - "sylabs": { - URI: "cloud.sycloud.io", - Token: "fake-token", - }, - "sylabs-global": { - URI: "cloud.sycloud.io", - }, - }, - }, - }, - } - - for _, test := range testsFail { - t.Run(test.name, func(t *testing.T) { - if err := test.usr.SyncFrom(&test.sys); err == nil { - t.Error("unexpected success calling SyncFrom") - } - }) - } } type remoteTest struct { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/util/env/create.go new/apptainer-1.1.6/internal/pkg/util/env/create.go --- old/apptainer-1.1.5/internal/pkg/util/env/create.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/util/env/create.go 2023-02-14 18:57:18.000000000 +0100 @@ -95,15 +95,29 @@ // warning if deprecated keys are set func warnDeprecatedEnvUsage(hostEnvs []string) { + envMap := make(map[string]string) + for _, env := range hostEnvs { + strs := strings.SplitN(env, "=", 2) + if len(strs) == 2 { + envMap[strs[0]] = strs[1] + } + } for _, env := range hostEnvs { if strings.HasPrefix(env, LegacySingularityEnvPrefix) { strs := strings.SplitN(env, "=", 2) if len(strs) == 2 { key := strs[0][len(LegacySingularityEnvPrefix):] + value := strs[1] if key != "" { legacyEnv := LegacySingularityEnvPrefix + key newEnv := ApptainerEnvPrefix + key - sylog.Infof("Environment variable %v is set, but %v is preferred", legacyEnv, newEnv) + if val, ok := envMap[newEnv]; ok { + if val != value { + sylog.Warningf("%s and %s have different values, using the latter", legacyEnv, newEnv) + } + } else { + sylog.Infof("Environment variable %v is set, but %v is preferred", legacyEnv, newEnv) + } } } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/util/env/create_test.go new/apptainer-1.1.6/internal/pkg/util/env/create_test.go --- old/apptainer-1.1.5/internal/pkg/util/env/create_test.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/util/env/create_test.go 2023-02-14 18:57:18.000000000 +0100 @@ -30,15 +30,16 @@ defer test.ResetPrivilege(t) tt := []struct { - name string - cleanEnv bool - homeDest string - env []string - processEnv map[string]string - resultEnv []string - apptainerEnv map[string]string - outputNeeded []string - disabled bool + name string + cleanEnv bool + homeDest string + env []string + processEnv map[string]string + resultEnv []string + apptainerEnv map[string]string + outputNeeded []string + outputNotNeeded []string + disabled bool }{ { name: "no APPTAINERENV_", @@ -652,6 +653,71 @@ "Forwarding PRECEDENCE environment variable", }, }, + { + name: "suppress the info message when both legecy and new env coexist", + cleanEnv: false, + homeDest: "/home/tester", + env: []string{ + "SINGULARITYENV_PS1=true", + "APPTAINERENV_PS1=true", + }, + resultEnv: []string{ + "HOME=/home/tester", + "PATH=" + DefaultPath, + }, + outputNotNeeded: []string{ + "Environment variable SINGULARITYENV_PS1 is set, but APPTAINERENV_PS1 is preferred", + }, + }, + { + name: "should print info message if only legecy env exists", + cleanEnv: false, + homeDest: "/home/tester", + env: []string{ + "SINGULARITYENV_PS1=true", + }, + resultEnv: []string{ + "HOME=/home/tester", + "PATH=" + DefaultPath, + }, + outputNeeded: []string{ + "Environment variable SINGULARITYENV_PS1 is set, but APPTAINERENV_PS1 is preferred", + }, + }, + { + name: "should not print info message if only new env exists", + cleanEnv: false, + homeDest: "/home/tester", + env: []string{ + "APPTAINERENV_PS1=true", + }, + resultEnv: []string{ + "HOME=/home/tester", + "PATH=" + DefaultPath, + }, + outputNotNeeded: []string{ + "Environment variable SINGULARITYENV_PS1 is set, but APPTAINERENV_PS1 is preferred", + }, + }, + { + name: "should print warning message if legacy and new env vars have different values", + cleanEnv: false, + homeDest: "/home/tester", + env: []string{ + "SINGULARITYENV_PS1=true", + "APPTAINERENV_PS1=false", + }, + resultEnv: []string{ + "HOME=/home/tester", + "PATH=" + DefaultPath, + }, + outputNeeded: []string{ + "SINGULARITYENV_PS1 and APPTAINERENV_PS1 have different values, using the latter", + }, + outputNotNeeded: []string{ + "Environment variable SINGULARITYENV_PS1 is set, but APPTAINERENV_PS1 is preferred", + }, + }, } for _, tc := range tt { if tc.disabled { @@ -682,10 +748,14 @@ }() for _, requiredOutput := range tc.outputNeeded { if !strings.Contains(output.String(), requiredOutput) { - t.Errorf(" --------------- %s", output.String()) t.Errorf("Did not find required output: [%s]", requiredOutput) } } + for _, notNeededOutput := range tc.outputNotNeeded { + if strings.Contains(output.String(), notNeededOutput) { + t.Errorf("[%s] should not exist in the output", notNeededOutput) + } + } if !equal(t, ociConfig.Process.Env, tc.resultEnv) { t.Fatalf("unexpected envs:\n want: %v\ngot: %v", tc.resultEnv, ociConfig.Process.Env) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/internal/pkg/util/starter/starter.go new/apptainer-1.1.6/internal/pkg/util/starter/starter.go --- old/apptainer-1.1.5/internal/pkg/util/starter/starter.go 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/internal/pkg/util/starter/starter.go 2023-02-14 18:57:18.000000000 +0100 @@ -108,7 +108,11 @@ cmd := exec.Command(c.path) cmd.Args = []string{name} - cmd.Env = c.env + // Add this variable in case there's a relocating wrapper script, + // because arg0 cannot get passed through a #!/bin/bash shebang + arg0 := "_WRAPPER_ARG0=" + name + sylog.Debugf("Adding to env: %s", arg0) + cmd.Env = append(c.env, arg0) cmd.Stdin = c.stdin cmd.Stdout = c.stdout cmd.Stderr = c.stderr diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/mconfig new/apptainer-1.1.6/mconfig --- old/apptainer-1.1.5/mconfig 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/mconfig 2023-02-14 18:57:18.000000000 +0100 @@ -881,7 +881,15 @@ -e "s/@PACKAGE_RPM_VERSION@/${package_rpm_version}/" \ -e "s/@PACKAGE_RELEASE@/${release_info}/" \ -e "s,@PACKAGE_GOLANG_SOURCE@,${package_golang_source}," \ - $sourcedir/dist/rpm/$RPMSPEC.in >$sourcedir/$RPMSPEC + $sourcedir/dist/rpm/$RPMSPEC.in | \ + while read -r; do + if [ "$REPLY" = "@BUNDLED_PROVIDES@" ]; then + # Calculate bundled provides + awk '{if (index($1, "/") != 0 && ($1 != "//")) {print "Provides: bundled(golang("$1")) = "$2}}' go.mod | sed -e 's/-/_/g' | sort | uniq + else + echo "$REPLY" + fi + done >$sourcedir/$RPMSPEC fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apptainer-1.1.5/tools/install-unprivileged.sh new/apptainer-1.1.6/tools/install-unprivileged.sh --- old/apptainer-1.1.5/tools/install-unprivileged.sh 2023-01-10 13:19:27.000000000 +0100 +++ new/apptainer-1.1.6/tools/install-unprivileged.sh 2023-02-14 18:57:18.000000000 +0100 @@ -291,14 +291,16 @@ mv tmp/usr/bin/fake*sysv utils/bin cat >utils/bin/.wrapper <<'!EOF!' #!/bin/bash -ME=${0##*/} +BASEME=${0##*/} HERE="${0%/*}" if [[ "$HERE" != /* ]]; then HERE="$PWD/$HERE" fi PARENT="${HERE%/*}" -#_WRAPPER_EXEC_CMD is sometimes used by apptainer -LD_LIBRARY_PATH=$PARENT/lib ${_WRAPPER_EXEC_CMD:-exec} $PARENT/libexec/$ME "$@" +#_WRAPPER_EXEC_CMD and _WRAPPER_ARG0 are sometimes used by apptainer +REALME=$PARENT/libexec/$BASEME +ARG0="${_WRAPPER_ARG0:-$REALME}" +LD_LIBRARY_PATH=$PARENT/lib ${_WRAPPER_EXEC_CMD:-exec -a "$ARG0"} $REALME "$@" !EOF! chmod +x utils/bin/.wrapper for TOOL in utils/libexec/*; do @@ -310,14 +312,16 @@ mkdir libexec/apptainer/libexec cat >libexec/apptainer/bin/.wrapper <<'!EOF!' #!/bin/bash -ME=${0##*/} +BASEME=${0##*/} HERE="${0%/*}" if [[ "$HERE" != /* ]]; then HERE="$PWD/$HERE" fi PARENT="${HERE%/*}" GGPARENT="${PARENT%/*/*}" -LD_LIBRARY_PATH=$GGPARENT/utils/lib ${_WRAPPER_EXEC_CMD:-exec} $PARENT/libexec/$ME "$@" +REALME=$PARENT/libexec/$BASEME +ARG0="${_WRAPPER_ARG0:-$REALME}" +LD_LIBRARY_PATH=$GGPARENT/utils/lib ${_WRAPPER_EXEC_CMD:-exec -a "$ARG0"} $REALME "$@" !EOF! chmod +x libexec/apptainer/bin/.wrapper for TOOL in libexec/apptainer/bin/*; do ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/apptainer/vendor.tar.gz /work/SRC/openSUSE:Factory/.apptainer.new.22824/vendor.tar.gz differ: char 5, line 1
