Witam, niedawno mielismy problem z wylaczonymi diffami w commits.log przez glena, przez co security.pld-linux.org nie dzialalo. Powodem wylaczenia tych diffow bylo to ze plik rosnie dosc szybko i na dzien dzisiejszy ma prawie 4GB. Obecnie diffy zostaly znowu wlaczone, ale mialbym rozwiazanie ktore pozwoliloby jak mniamam wylaczyc diffowanie, a mimo to uchowac funkcjonalnosc security.pld.
napisalem na szybko skrypcik: #!/usr/bin/python import os import sys import re import readline # Changes go here CVSLOG = "/home/bartek/commits.log" SIZEFILE = "/home/bartek/size.txt" SECURITY = "/home/bartek/security.log" # Main parse function def CVSlogparse(): lines = [] # Seek where we last ended parsing # Read info about old size if os.path.isfile(SIZEFILE): f = open(SIZEFILE, 'r') oldsize = f.read().split('L') oldsize = long(oldsize[0]) f.close() else: oldsize = 0 f = open(CVSLOG) f.seek(oldsize) # end seeking read = f.xreadlines() for l in read: l = l.strip() lines.append(l) i = 0 while(i < len(lines)): # Extract spec name if re.match('^Index\:.*\.spec', lines[i]): spec = lines[i] #print spec fs = open(SECURITY, "a") fs.write(spec) fs.write("\n") fs.close() # Next 5 lines have nothing interesting (like "$Log$" string) i = i + 5 continue if lines[i] == "$Log$": cvslog = 1 diff = [] while (i + cvslog < len(lines) and not re.match('^Index\:.*\.spec', lines[i + cvslog])): if re.match('^\+.*', lines[i+cvslog]): diff.append(lines[i+cvslog]) cvslog = cvslog + 1 fs = open(SECURITY, "a") for d in range(len(diff)): #print diff[d] fs.write(diff[d]) fs.write("\n") fs.close() # Don't check already checked lines i = i + cvslog - 1 continue # Increase i i = i + 1 # Write new CVSLOG file size size = os.fstat(f.fileno()) size = str(size).split(", ") fs = open(SIZEFILE, "w") fs.write(size[6]) fs.close() CVSlogparse() ktory z przykladowego komita hawka (przypadkowo wybralem z komit listy): Index: SPECS/kernel-bare-grsecurity.spec diff -u SPECS/kernel-bare-grsecurity.spec:1.1.2.23 SPECS/kernel-bare-grsecurity.spec:1.1.2.24 --- SPECS/kernel-bare-grsecurity.spec:1.1.2.23 Sat Apr 19 17:15:27 2008 +++ SPECS/kernel-bare-grsecurity.spec Mon Apr 21 08:49:36 2008 @@ -28,12 +28,10 @@ %define _postver .5 %define _rel 1 -# for rc kernels basever is the version patch (source1) should be applied to #%define _ver 2.6.20 -#%define _rc rc4 -# for non rc-kernels these should be %{nil} +#%define _rc rc4 %define _ver %{nil} -%define _rc %{nil} +%define _rc %{nil} Summary: The Linux kernel (the core of the Linux operating system) Summary(de): Der Linux-Kernel (Kern des Linux-Betriebssystems) @@ -66,16 +64,15 @@ # from http://www.grsecurity.net/~spender/ Patch100: linux-2.6-grsecurity.patch -# from squashfs: http://dl.sourceforge.net/sourceforge/squashfs/squashfs3.3.tar.gz for linux-2.6.23 +# from squashfs: http://dl.sourceforge.net/sourceforge/squashfs/squashfs3.3.tar.gz Patch101: linux-2.6.24-squashfs.patch -# official vendor driver for Marvell Yukon gigabit adapters, v10.22.4.3 +# official vendor driver for Marvell Yukon gigabit adapters Patch102: linux-2.6.24-sk98lin.patch URL: http://www.kernel.org/ BuildRequires: binutils >= 3:2.14.90.0.7 BuildRequires: gcc >= 5:3.2 BuildRequires: module-init-tools -# for hostname command BuildRequires: net-tools BuildRequires: perl-base BuildRequires: rpmbuild(macros) >= 1.217 @@ -120,8 +117,8 @@ # modules will be looked from /lib/modules/%{kernel_release} # _localversion is just that without version for "> localversion" %define _localversion %{release} -%define kernel_release %{version}_%{alt_kernel}-%{_localversion} -%define _kernelsrcdir /usr/src/linux-%{version}_%{alt_kernel} +%define kernel_release %{version}-%{alt_kernel}-%{_localversion} +%define _kernelsrcdir /usr/src/linux-%{version}-%{alt_kernel} %define CommonOpts HOSTCC="%{__cc}" HOSTCFLAGS="-Wall -Wstrict-prototypes %{rpmcflags} -fomit-frame-pointer" %if "%{_target_base_arch}" != "%{_arch}" @@ -141,7 +138,6 @@ %define __features Enabled features:\ %{?debug: - DEBUG}\ %define Features %(echo "%{__features}" | sed '/^$/d') -# vim: " %description This package contains the Linux kernel that is used to boot and run @@ -379,7 +375,7 @@ %patch102 -p1 # Fix EXTRAVERSION in main Makefile -sed -i 's#EXTRAVERSION =.*#EXTRAVERSION = %{_postver}_%{alt_kernel}#g' Makefile +sed -i 's#EXTRAVERSION =.*#EXTRAVERSION = %{_postver}-%{alt_kernel}#g' Makefile sed -i -e '/select INPUT/d' net/bluetooth/hidp/Kconfig @@ -619,23 +615,12 @@ fi %post -mv -f /boot/vmlinuz-%{alt_kernel} /boot/vmlinuz-%{alt_kernel}.old 2> /dev/null > /dev/null -mv -f /boot/System.map-%{alt_kernel} /boot/System.map-%{alt_kernel}.old 2> /dev/null > /dev/null ln -sf vmlinuz-%{kernel_release} /boot/vmlinuz-%{alt_kernel} ln -sf System.map-%{kernel_release} /boot/System.map-%{alt_kernel} -if [ ! -e /boot/vmlinuz ]; then - mv -f /boot/vmlinuz /boot/vmlinuz.old 2> /dev/null > /dev/null - mv -f /boot/System.map /boot/System.map.old 2> /dev/null > /dev/null - ln -sf vmlinuz-%{kernel_release} /boot/vmlinuz - ln -sf System.map-%{alt_kernel} /boot/System.map - mv -f %{initrd_dir}/initrd %{initrd_dir}/initrd.old 2> /dev/null > /dev/null - ln -sf initrd-%{alt_kernel} %{initrd_dir}/initrd -fi %depmod %{kernel_release} /sbin/geninitrd -f --initrdfs=rom %{initrd_dir}/initrd-%{kernel_release}.gz %{kernel_release} -mv -f %{initrd_dir}/initrd-%{alt_kernel} %{initrd_dir}/initrd-%{alt_kernel}.old 2> /dev/null > /dev/null ln -sf initrd-%{kernel_release}.gz %{initrd_dir}/initrd-%{alt_kernel} if [ -x /sbin/new-kernel-pkg ]; then @@ -653,7 +638,6 @@ fi %post vmlinux -mv -f /boot/vmlinux-%{alt_kernel} /boot/vmlinux-%{alt_kernel}.old 2> /dev/null > /dev/null ln -sf vmlinux-%{kernel_release} /boot/vmlinux-%{alt_kernel} %post drm @@ -687,7 +671,7 @@ %postun headers if [ "$1" = "0" ]; then if [ -L %{_prefix}/src/linux-%{alt_kernel} ]; then - if [ "$(readlink %{_prefix}/src/linux-%{alt_kernel})" = "linux-%{version}_%{alt_kernel}" ]; then + if [ "$(readlink %{_prefix}/src/linux-%{alt_kernel})" = "linux-%{version}-%{alt_kernel}" ]; then rm -f %{_prefix}/src/linux-%{alt_kernel} fi fi @@ -703,14 +687,10 @@ /lib/modules/%{kernel_release}/kernel/arch /lib/modules/%{kernel_release}/kernel/crypto /lib/modules/%{kernel_release}/kernel/drivers -#%if %{have_oss} && %{have_isa} -#%exclude /lib/modules/%{kernel_release}/kernel/drivers/media/radio/miropcm20*.ko* -#%endif /lib/modules/%{kernel_release}/kernel/fs /lib/modules/%{kernel_release}/kernel/kernel /lib/modules/%{kernel_release}/kernel/lib /lib/modules/%{kernel_release}/kernel/net -#/lib/modules/%{kernel_release}/kernel/security %dir /lib/modules/%{kernel_release}/kernel/sound /lib/modules/%{kernel_release}/kernel/sound/soundcore.* %if %{have_sound} @@ -777,9 +757,6 @@ %files sound-oss %defattr(644,root,root,755) /lib/modules/%{kernel_release}/kernel/sound/oss -#%if %{have_isa} -#/lib/modules/%{kernel_release}/kernel/drivers/media/radio/miropcm20*.ko* -#%endif %endif # %{have_oss} %endif # %{have_sound} @@ -858,6 +835,10 @@ All persons listed below can be reached at <cvs_login>@pld-linux.org $Log$ +Revision 1.1.2.24 2008-04-21 06:49:36 hawk +- /boot symlinks fix, dropped creating *.old file +- cleanup, cosmetics + Revision 1.1.2.23 2008-04-19 15:15:27 hawk - killed version macros ================================================================ Index: SPECS/kernel-bare-vserver.spec diff -u SPECS/kernel-bare-vserver.spec:1.1.2.22 SPECS/kernel-bare-vserver.spec:1.1.2.23 --- SPECS/kernel-bare-vserver.spec:1.1.2.22 Sat Apr 19 17:15:27 2008 +++ SPECS/kernel-bare-vserver.spec Mon Apr 21 08:49:36 2008 @@ -22,12 +22,10 @@ %define _postver .5 %define _rel 1 -# for rc kernels basever is the version patch (source1) should be applied to #%define _ver 2.6.20 -#%define _rc rc4 -# for non rc-kernels these should be %{nil} +#%define _rc rc4 %define _ver %{nil} -%define _rc %{nil} +%define _rc %{nil} Summary: The Linux kernel (the core of the Linux operating system) Summary(de): Der Linux-Kernel (Kern des Linux-Betriebssystems) @@ -63,14 +61,13 @@ Patch101: linux-2.6-grsec-vs-minimal.patch # from squashfs: http://dl.sourceforge.net/sourceforge/squashfs/squashfs3.3.tar.gz Patch102: linux-2.6.24-squashfs.patch -# official vendor driver for Marvell Yukon gigabit adapters, v10.50.1.3 +# official vendor driver for Marvell Yukon gigabit adapters Patch103: linux-2.6.24-sk98lin.patch URL: http://www.kernel.org/ BuildRequires: binutils >= 3:2.14.90.0.7 BuildRequires: gcc >= 5:3.2 BuildRequires: module-init-tools -# for hostname command BuildRequires: net-tools BuildRequires: perl-base BuildRequires: rpmbuild(macros) >= 1.217 @@ -114,8 +111,8 @@ # modules will be looked from /lib/modules/%{kernel_release} # _localversion is just that without version for "> localversion" %define _localversion %{release} -%define kernel_release %{version}_%{alt_kernel}-%{_localversion} -%define _kernelsrcdir /usr/src/linux-%{version}_%{alt_kernel} +%define kernel_release %{version}-%{alt_kernel}-%{_localversion} +%define _kernelsrcdir /usr/src/linux-%{version}-%{alt_kernel} %define CommonOpts HOSTCC="%{__cc}" HOSTCFLAGS="-Wall -Wstrict-prototypes %{rpmcflags} -fomit-frame-pointer" %if "%{_target_base_arch}" != "%{_arch}" @@ -135,7 +132,6 @@ %define __features Enabled features:\ %{?debug: - DEBUG}\ %define Features %(echo "%{__features}" | sed '/^$/d') -# vim: " %description This package contains the Linux kernel that is used to boot and run @@ -375,7 +371,7 @@ %patch103 -p1 # Fix EXTRAVERSION in main Makefile -sed -i 's#EXTRAVERSION =.*#EXTRAVERSION = %{_postver}_%{alt_kernel}#g' Makefile +sed -i 's#EXTRAVERSION =.*#EXTRAVERSION = %{_postver}-%{alt_kernel}#g' Makefile sed -i -e '/select INPUT/d' net/bluetooth/hidp/Kconfig @@ -594,23 +590,12 @@ fi %post -mv -f /boot/vmlinuz-%{alt_kernel} /boot/vmlinuz-%{alt_kernel}.old 2> /dev/null > /dev/null -mv -f /boot/System.map-%{alt_kernel} /boot/System.map-%{alt_kernel}.old 2> /dev/null > /dev/null ln -sf vmlinuz-%{kernel_release} /boot/vmlinuz-%{alt_kernel} ln -sf System.map-%{kernel_release} /boot/System.map-%{alt_kernel} -if [ ! -e /boot/vmlinuz ]; then - mv -f /boot/vmlinuz /boot/vmlinuz.old 2> /dev/null > /dev/null - mv -f /boot/System.map /boot/System.map.old 2> /dev/null > /dev/null - ln -sf vmlinuz-%{kernel_release} /boot/vmlinuz - ln -sf System.map-%{alt_kernel} /boot/System.map - mv -f %{initrd_dir}/initrd %{initrd_dir}/initrd.old 2> /dev/null > /dev/null - ln -sf initrd-%{alt_kernel} %{initrd_dir}/initrd -fi %depmod %{kernel_release} /sbin/geninitrd -f --initrdfs=rom %{initrd_dir}/initrd-%{kernel_release}.gz %{kernel_release} -mv -f %{initrd_dir}/initrd-%{alt_kernel} %{initrd_dir}/initrd-%{alt_kernel}.old 2> /dev/null > /dev/null ln -sf initrd-%{kernel_release}.gz %{initrd_dir}/initrd-%{alt_kernel} if [ -x /sbin/new-kernel-pkg ]; then @@ -628,7 +613,6 @@ fi %post vmlinux -mv -f /boot/vmlinux-%{alt_kernel} /boot/vmlinux-%{alt_kernel}.old 2> /dev/null > /dev/null ln -sf vmlinux-%{kernel_release} /boot/vmlinux-%{alt_kernel} %post drm @@ -662,7 +646,7 @@ %postun headers if [ "$1" = "0" ]; then if [ -L %{_prefix}/src/linux-%{alt_kernel} ]; then - if [ "$(readlink %{_prefix}/src/linux-%{alt_kernel})" = "linux-%{version}_%{alt_kernel}" ]; then + if [ "$(readlink %{_prefix}/src/linux-%{alt_kernel})" = "linux-%{version}-%{alt_kernel}" ]; then rm -f %{_prefix}/src/linux-%{alt_kernel} fi fi @@ -678,9 +662,6 @@ /lib/modules/%{kernel_release}/kernel/arch /lib/modules/%{kernel_release}/kernel/crypto /lib/modules/%{kernel_release}/kernel/drivers -#%if %{have_oss} && %{have_isa} -#%exclude /lib/modules/%{kernel_release}/kernel/drivers/media/radio/miropcm20*.ko* -#%endif /lib/modules/%{kernel_release}/kernel/fs /lib/modules/%{kernel_release}/kernel/kernel /lib/modules/%{kernel_release}/kernel/lib @@ -752,9 +733,6 @@ %files sound-oss %defattr(644,root,root,755) /lib/modules/%{kernel_release}/kernel/sound/oss -#%if %{have_isa} -#/lib/modules/%{kernel_release}/kernel/drivers/media/radio/miropcm20*.ko* -#%endif %endif # %{have_oss} %endif # %{have_sound} @@ -832,6 +810,10 @@ All persons listed below can be reached at <cvs_login>@pld-linux.org $Log$ +Revision 1.1.2.23 2008-04-21 06:49:36 hawk +- /boot symlinks fix, dropped creating *.old file +- cleanup, cosmetics + Revision 1.1.2.22 2008-04-19 15:15:27 hawk - killed version macros wydobywa krytyczne dla security.pld informacje w postaci: Index: SPECS/kernel-bare-grsecurity.spec +Revision 1.1.2.24 2008-04-21 06:49:36 hawk +- /boot symlinks fix, dropped creating *.old file +- cleanup, cosmetics + Index: SPECS/kernel-bare-vserver.spec +Revision 1.1.2.23 2008-04-21 06:49:36 hawk +- /boot symlinks fix, dropped creating *.old file +- cleanup, cosmetics + i zapisuje do pliku security.log. Ten plik bylby parsowany przez security.pld a commits.log bylby wolny od diffow i nie roslby az tak szybko. Problem tylko taki by ten skrypt dostosowac do pobierania danych z stdin a nie z pliku (ktos wie jak to w pythonie napisac? zeby jakos via pipe to przetwarzac lub jakos inaczej) i dopisac do wykonywania jako postscript w cvsie (do czego ja nie mam ACLi). O komentarze prosze ludzi zainteresowanych, a niezainteresowanych o przemilczenie tematu jesli nie maja nic konstruktywnego do wniesienia. Dzieki, shadzik _______________________________________________ pld-devel-pl mailing list pld-devel-pl@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-pl