Hello community, here is the log from the commit of package librepo for openSUSE:Factory checked in at 2019-12-16 15:19:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/librepo (Old) and /work/SRC/openSUSE:Factory/.librepo.new.4691 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "librepo" Mon Dec 16 15:19:23 2019 rev:10 rq:757110 version:1.11.1 Changes: -------- --- /work/SRC/openSUSE:Factory/librepo/librepo.changes 2019-12-03 15:20:00.830571850 +0100 +++ /work/SRC/openSUSE:Factory/.librepo.new.4691/librepo.changes 2019-12-16 15:19:25.575162709 +0100 @@ -1,0 +2,7 @@ +Sat Dec 14 22:17:03 UTC 2019 - Neal Gompa <ngomp...@gmail.com> + +- Upgrade to 1.1.1 + + Create a directory for gpg sockets in /run/user/ (rh#1769831, rh#1771012) +- Fix bcond declaration for zchunk so defaults are always declared + +------------------------------------------------------------------- Old: ---- librepo-1.11.0.tar.gz New: ---- librepo-1.11.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ librepo.spec ++++++ --- /var/tmp/diff_new_pack.jeeHZE/_old 2019-12-16 15:19:26.143162472 +0100 +++ /var/tmp/diff_new_pack.jeeHZE/_new 2019-12-16 15:19:26.143162472 +0100 @@ -28,6 +28,8 @@ # zchunk is only available in Leap 15.1 and newer %if 0%{?sle_version} >= 150100 || 0%{?suse_version} >= 1550 %bcond_without zchunk +%else +%bcond_with zchunk %endif %define major 0 @@ -35,7 +37,7 @@ %define devname %{name}-devel Name: librepo -Version: 1.11.0 +Version: 1.11.1 Release: 0 Summary: Repodata downloading library License: LGPL-2.0-or-later ++++++ librepo-1.11.0.tar.gz -> librepo-1.11.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librepo-1.11.0/VERSION.cmake new/librepo-1.11.1/VERSION.cmake --- old/librepo-1.11.0/VERSION.cmake 2019-10-16 17:12:10.000000000 +0200 +++ new/librepo-1.11.1/VERSION.cmake 2019-12-09 11:25:59.000000000 +0100 @@ -1,3 +1,3 @@ SET(LIBREPO_MAJOR "1") SET(LIBREPO_MINOR "11") -SET(LIBREPO_PATCH "0") +SET(LIBREPO_PATCH "1") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librepo-1.11.0/librepo/gpg.c new/librepo-1.11.1/librepo/gpg.c --- old/librepo-1.11.0/librepo/gpg.c 2019-10-16 17:12:10.000000000 +0200 +++ new/librepo-1.11.1/librepo/gpg.c 2019-12-09 11:25:59.000000000 +0100 @@ -32,28 +32,33 @@ #include "util.h" #include "gpg.h" -static void -kill_gpg_agent(gpgme_ctx_t context, const char *home_dir) -{ - gpgme_error_t gpgerr; - - gpgerr = gpgme_set_protocol(context, GPGME_PROTOCOL_ASSUAN); - if (gpgerr != GPG_ERR_NO_ERROR) { - g_warning("%s: gpgme_set_protocol: %s", __func__, gpgme_strerror(gpgerr)); - return; - } - if (home_dir) { - gchar * gpg_agent_sock = g_build_filename(home_dir, "S.gpg-agent", NULL); - gpgerr = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_ASSUAN, gpg_agent_sock, home_dir); - g_free(gpg_agent_sock); - if (gpgerr != GPG_ERR_NO_ERROR) { - g_warning("%s: gpgme_ctx_set_engine_info: %s", __func__, gpgme_strerror(gpgerr)); - return; - } +/* + * Creates the '/run/user/$UID' directory if it doesn't exist. If this + * directory exists, gpgagent will create its sockets under + * '/run/user/$UID/gnupg'. + * + * If this directory doesn't exist, gpgagent will create its sockets in gpg + * home directory, which is under '/var/cache/yum/metadata/' and this was + * causing trouble with container images, see [1]. + * + * Previous solution was to send the agent a "KILLAGENT" message, but that + * would cause a race condition with calling gpgme_release(), see [2], [3]. + * + * Since the agent doesn't clean up its sockets properly, by creating this + * directory we make sure they are in a place that is not causing trouble with + * container images. + * + * [1] https://bugzilla.redhat.com/show_bug.cgi?id=1650266 + * [2] https://bugzilla.redhat.com/show_bug.cgi?id=1769831 + * [3] https://github.com/rpm-software-management/microdnf/issues/50 + */ +void ensure_socket_dir_exists() { + char dirname[32]; + snprintf(dirname, sizeof(dirname), "/run/user/%u", getuid()); + int res = mkdir(dirname, 0700); + if (res != 0 && errno != EEXIST) { + g_debug("Failed to create \"%s\": %d - %s\n", dirname, errno, strerror(errno)); } - gpgerr = gpgme_op_assuan_transact_ext(context, "KILLAGENT", NULL, NULL, NULL, NULL, NULL, NULL, NULL); - if (gpgerr != GPG_ERR_NO_ERROR) - g_debug("%s: gpgme_op_assuan_transact_ext: %s", __func__, gpgme_strerror(gpgerr)); } gboolean @@ -239,6 +244,8 @@ assert(!err || *err == NULL); + ensure_socket_dir_exists(); + // Initialization gpgme_check_version(NULL); gpgerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); @@ -320,13 +327,6 @@ close(key_fd); - // Running gpg-agent kept opened sockets on the system. - // It tries to exit gpg-agent. Path to the communication socket is derived from homedir. - // The gpg-agent automaticaly removes all its socket before exit. - // Newer gpg-agent creates sockets under [/var]/run/user/{pid}/... if directory exists. - // In this case gpg-agent will not be exited. - kill_gpg_agent(context, home_dir); - gpgme_release(context); return TRUE; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librepo-1.11.0/librepo.spec new/librepo-1.11.1/librepo.spec --- old/librepo-1.11.0/librepo.spec 2019-10-16 17:12:10.000000000 +0200 +++ new/librepo-1.11.1/librepo.spec 2019-12-09 11:25:59.000000000 +0100 @@ -26,7 +26,7 @@ %global dnf_conflict 2.8.8 Name: librepo -Version: 1.11.0 +Version: 1.11.1 Release: 1%{?dist} Summary: Repodata downloading library