Hello community, here is the log from the commit of package kiwi for openSUSE:Factory checked in at 2014-09-28 19:58:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kiwi (Old) and /work/SRC/openSUSE:Factory/.kiwi.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kiwi" Changes: -------- --- /work/SRC/openSUSE:Factory/kiwi/kiwi.changes 2014-09-25 08:42:31.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.kiwi.new/kiwi.changes 2014-09-28 19:58:49.000000000 +0200 @@ -1,0 +2,44 @@ +Fri Sep 26 10:16:52 CEST 2014 - m...@suse.de + +- v5.06.165 released + +------------------------------------------------------------------- +Fri Sep 26 09:00:35 CEST 2014 - m...@suse.de + +- Make sure to wait for nic link up (bnc #898505) + +------------------------------------------------------------------- +Thu Sep 25 17:48:18 CEST 2014 - m...@suse.de + +- Fixed double encoded luks system (bnc #898249) + + when kiwi builds a disk image it can either dump a filesystem + image onto a raw partition or it rsync a tree of files onto + a partition which has a filesystem created on top of a subsystem + or a subsystem stack like lvm, luks, etc. In kiwi this is + controlled by the value of the $treeAccess variable. If + treeAccess is disabled but the support for syncing a tree in + the given configuration is implemented this results in + duplicate preparation of the filesystem and the subsystems + which results in an unbootable mess. + +------------------------------------------------------------------- +Thu Sep 25 15:42:50 CEST 2014 - m...@suse.de + +- Fixed passthrough of luks cipher (bnc #898249) + + kiwi passed the ciper using a shell echo command which is + bad because the shell evaluates the contents of this information + and might break the cipher if it contains shell meta characters. + This patch fixes this by using a simple pipe stream to the + cryptsetup process without invoking a shell command + +------------------------------------------------------------------- +Thu Sep 25 15:09:38 CEST 2014 - m...@suse.de + +- Fixed URI credentials setup + + Make sure the ?credentials=kiwiRepoCredentials flag is only added + to the url if the appropriate credentials file exists + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kiwi.spec ++++++ --- /var/tmp/diff_new_pack.wA4Hfa/_old 2014-09-28 19:58:50.000000000 +0200 +++ /var/tmp/diff_new_pack.wA4Hfa/_new 2014-09-28 19:58:50.000000000 +0200 @@ -26,7 +26,7 @@ Group: System/Management Url: http://github.com/openSUSE/kiwi Name: kiwi -Version: 5.06.164 +Version: 5.06.165 Release: 0 Provides: kiwi-image:lxc Provides: kiwi-image:tbz ++++++ kiwi-docu.tar.bz2 ++++++ ++++++ kiwi-repo.tar.bz2 ++++++ ++++++ kiwi.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kiwi/.revision new/kiwi/.revision --- old/kiwi/.revision 2014-09-17 16:25:06.000000000 +0200 +++ new/kiwi/.revision 2014-09-17 16:25:06.000000000 +0200 @@ -1 +1 @@ -f4d771186d69107fa3962967635f028b541d3ade +6a1c9d1ec096f8734d3408625513abf1607a8615 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kiwi/modules/KIWIBoot.pm new/kiwi/modules/KIWIBoot.pm --- old/kiwi/modules/KIWIBoot.pm 2014-09-16 11:42:36.000000000 +0200 +++ new/kiwi/modules/KIWIBoot.pm 2014-09-26 10:22:22.000000000 +0200 @@ -6667,21 +6667,19 @@ return; } $kiwi -> info ("--> Creating LUKS encoding\n"); - $data = KIWIQX::qxx ( - "echo $cipher | cryptsetup -q $opts luksFormat $device 2>&1" + $code = KIWIGlobals -> instance() -> cryptsetup ( + $cipher, "-q $opts luksFormat $device" ); - $code = $? >> 8; if ($code != 0) { $kiwi -> error ("Couldn't setup luks format: $device"); $kiwi -> failed (); return; } - $data = KIWIQX::qxx ( - "echo $cipher | cryptsetup luksOpen $device $name 2>&1" + $code = KIWIGlobals -> instance() -> cryptsetup ( + $cipher, "luksOpen $device $name" ); - $code = $? >> 8; if ($code != 0) { - $kiwi -> error ("Couldn't open luks device: $data"); + $kiwi -> error ("Couldn't open luks device: $device"); $kiwi -> failed (); $this -> cleanStack (); return; @@ -6939,16 +6937,16 @@ # open luks device #------------------------------------------ if ($cipher) { - $status = KIWIQX::qxx ( - "echo $cipher | cryptsetup luksOpen $source $name 2>&1" + $result = KIWIGlobals -> instance() -> cryptsetup( + $cipher, "luksOpen $source $name" ); } else { - $status = KIWIQX::qxx ("cryptsetup luksOpen $source $name 2>&1"); + KIWIQX::qxx ("cryptsetup luksOpen $source $name 2>&1"); + $result = $? >> 8; } - $result = $? >> 8; if ($result != 0) { $kiwi -> failed (); - $kiwi -> error ("Couldn't open luks device: $status"); + $kiwi -> error ("Couldn't open luks device: $source"); $kiwi -> failed (); return; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kiwi/modules/KIWIGlobals.pm new/kiwi/modules/KIWIGlobals.pm --- old/kiwi/modules/KIWIGlobals.pm 2014-09-23 13:18:28.000000000 +0200 +++ new/kiwi/modules/KIWIGlobals.pm 2014-09-26 10:22:22.000000000 +0200 @@ -159,6 +159,7 @@ my $salt = int (rand(20)); my $cipher = $this->{data}->{LuksCipher}; my @UmountStack = @{$this->{UmountStack}}; + my $global = KIWIGlobals -> instance(); my $status; my $result; my %fsattr; @@ -298,17 +299,15 @@ $this->{UmountStack} = \@UmountStack; } if ($cipher) { - $status = KIWIQX::qxx ( - "echo $cipher | cryptsetup luksOpen $source luks-$salt 2>&1" + $result = $global -> cryptsetup ( + $cipher, "luksOpen $source luks-$salt" ); } else { - $status = KIWIQX::qxx ( - "cryptsetup luksOpen $source luks-$salt 2>&1" - ); + KIWIQX::qxx ("cryptsetup luksOpen $source luks-$salt"); + $result = $? >> 8; } - $result = $? >> 8; if ($result != 0) { - $kiwi -> error ("Couldn't open luks device: $status"); + $kiwi -> error ("Couldn't open luks device: $source"); $kiwi -> failed (); $this -> umount(); return; @@ -1832,7 +1831,7 @@ # Globals (generic) #------------------------------------------ my %data; - $data{Version} = "5.06.164"; + $data{Version} = "5.06.165"; $data{Publisher} = "SUSE LINUX GmbH"; $data{Preparer} = "KIWI - http://opensuse.github.com/kiwi";; $data{ConfigName} = "config.xml"; @@ -2013,4 +2012,26 @@ return 1; } +#========================================== +# cryptsetup +#------------------------------------------ +sub cryptsetup { + # ... + # Calls cryptsetup with the given options and expects + # an input blob on stdin as the credentials + # --- + my $this = shift; + my $kiwi = $this->{kiwi}; + my $cipher = shift; + my $copts = shift; + $kiwi -> loginfo("EXEC [cryptsetup $copts]\n"); + my $C = FileHandle -> new(); + if ($C -> open ("|cryptsetup $copts")) { + print $C $cipher; + $C -> close(); + return 0; + } + return 1; +} + 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kiwi/modules/KIWIImage.pm new/kiwi/modules/KIWIImage.pm --- old/kiwi/modules/KIWIImage.pm 2014-09-12 12:41:26.000000000 +0200 +++ new/kiwi/modules/KIWIImage.pm 2014-09-26 10:22:22.000000000 +0200 @@ -877,14 +877,9 @@ #========================================== # Check for direct tree access #------------------------------------------ - my $luks = $xmltype -> getLuksPass(); - if (($text ne 'VMX') || ($luks)) { + if ($text eq 'PXE') { $treeAccess = 0; } - my $lvm = KIWIGlobals -> instance() -> useLVM($xml); - if ($lvm) { - $treeAccess = 1; - } #========================================== # Walk through the types #------------------------------------------ @@ -3739,19 +3734,19 @@ $kiwi -> failed (); return; } - $data = KIWIQX::qxx ( - "echo $cipher | cryptsetup -q $opts luksFormat $loop 2>&1" + $code = KIWIGlobals -> instance() -> cryptsetup ( + $cipher, "-q $opts luksFormat $loop" ); - $code = $? >> 8; if ($code != 0) { $kiwi -> error ("Couldn't setup luks format: $loop"); $kiwi -> failed (); return; } - $data = KIWIQX::qxx ("echo $cipher | cryptsetup luksOpen $loop $name 2>&1"); - $code = $? >> 8; + $code = KIWIGlobals -> instance() -> cryptsetup ( + $cipher, "luksOpen $loop $name" + ); if ($code != 0) { - $kiwi -> error ("Couldn't open luks device: $data"); + $kiwi -> error ("Couldn't open luks device: $loop"); $kiwi -> failed (); $this -> cleanLuks (); return; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kiwi/modules/KIWILinuxRC.sh new/kiwi/modules/KIWILinuxRC.sh --- old/kiwi/modules/KIWILinuxRC.sh 2014-09-21 11:04:32.000000000 +0200 +++ new/kiwi/modules/KIWILinuxRC.sh 2014-09-26 10:22:22.000000000 +0200 @@ -4734,8 +4734,7 @@ if [ $try_iface = "lo" ];then continue fi - Echo "Waiting for link up on $try_iface..." - sleep 1 + waitForLinkUp $try_iface dhcp_info=/var/run/wicked/wicked-${try_iface}.info $wicked_dhcp4 --debug all \ --test --test-output $dhcp_info $try_iface @@ -6857,7 +6856,29 @@ sleep 2 done } - +#====================================== +# waitForLinkUp +#-------------------------------------- +function waitForLinkUp { + # /.../ + # wait for the network link to enter UP state + # ---- + local IFS=$IFS_ORIG + local dev=$1 + local check=0 + while true;do + ip link ls $dev | grep -qi "state UP" + if [ $? = 0 ];then + sleep 1; return 0 + fi + if [ $check -eq 30 ];then + return 1 + fi + Echo "Waiting for link up on ${dev}..." + check=$((check + 1)) + sleep 2 + done +} #====================================== # waitForBlockDevice #-------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kiwi/modules/KIWIManagerZypper.pm new/kiwi/modules/KIWIManagerZypper.pm --- old/kiwi/modules/KIWIManagerZypper.pm 2014-08-29 22:30:36.000000000 +0200 +++ new/kiwi/modules/KIWIManagerZypper.pm 2014-09-26 10:22:22.000000000 +0200 @@ -322,8 +322,11 @@ if ($val =~ /^'\//) { $val =~ s/^'(.*)'$/"file:\/\/$1"/ } - if ($val =~ /^'https:/ && ! ($val =~ /credentials=\w/)) { - chop $val; + my $credFile = "$dataDir/credentials.d/kiwiRepoCredentials"; + if ((-e $credFile) && + ($val =~ /^'https:/) && ($val !~ /credentials=\w/) + ) { + chop $val; $val .= "?credentials=kiwiRepoCredentials'"; } push (@zopts,$val); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kiwi/modules/KIWIProfileFile.pm new/kiwi/modules/KIWIProfileFile.pm --- old/kiwi/modules/KIWIProfileFile.pm 2014-09-12 12:41:26.000000000 +0200 +++ new/kiwi/modules/KIWIProfileFile.pm 2014-09-26 10:22:22.000000000 +0200 @@ -82,7 +82,6 @@ kiwi_keytable kiwi_language kiwi_loader_theme - kiwi_luks kiwi_lvm kiwi_lvmgroup kiwi_oemataraid_scan -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
