Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

twoliter: avoid duplicate macro declaration #392

Merged
merged 1 commit into from
Oct 9, 2024
Merged

twoliter: avoid duplicate macro declaration #392

merged 1 commit into from
Oct 9, 2024

Conversation

bcressey
Copy link
Contributor

@bcressey bcressey commented Oct 9, 2024

Issue number:

Closes #388

Description of changes:
Processes that run as root need the target's macros in order to parse spec files. Copy the macros to root's home directory rather than to the system-wide /etc/rpm location, to avoid defining macros twice for other users, such as the unprivileged builder user. Otherwise, the redundant definition forces macros to be undefined twice to clear them from the per-user and the system-level scopes.

Testing done:
Built core kits for both targets.

Verified that I could %undefine cross_check_fips just once - as intended - to suppress the FIPS check:

diff --git a/packages/runc/runc.spec b/packages/runc/runc.spec
index 8c695be6..adad32ae 100644
--- a/packages/runc/runc.spec
+++ b/packages/runc/runc.spec
@@ -1,3 +1,5 @@
+%undefine cross_check_fips
+
 %global goproject github.com/opencontainers
 %global gorepo runc
 %global goimport %{goproject}/%{gorepo}
@@ -65,7 +67,7 @@ install -d %{buildroot}%{_cross_bindir}
 install -p -m 0755 bin/runc %{buildroot}%{_cross_bindir}

 install -d %{buildroot}%{_cross_fips_bindir}
-install -p -m 0755 fips/bin/runc %{buildroot}%{_cross_fips_bindir}
+%dnl install -p -m 0755 fips/bin/runc %{buildroot}%{_cross_fips_bindir}

 %cross_scan_attribution go-vendor vendor

@@ -78,6 +80,6 @@ install -p -m 0755 fips/bin/runc %{buildroot}%{_cross_fips_bindir}
 %{_cross_bindir}/runc

 %files fips-bin
-%{_cross_fips_bindir}/runc
+%dnl %{_cross_fips_bindir}/runc

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

@bcressey
twoliter: avoid duplicate macro declaration
829f4e9 
Processes that run as root need the target's macros in order to parse
spec files. Copy the macros to root's home directory rather than to
the system-wide `/etc/rpm` location, to avoid defining macros twice
for other users, such as the unprivileged builder user. Otherwise,
the redundant definition forces macros to be undefined twice to clear
them from the per-user and the system-level scopes.

Signed-off-by: Ben Cressey <[email protected]>
@bcressey bcressey requested review from cbgbt and arnaldo2792 October 9, 2024 00:11
@bcressey bcressey merged commit 14996d9 into bottlerocket-os:develop Oct 9, 2024
1 check passed
@bcressey bcressey deleted the undouble-macros branch October 9, 2024 15:45
@bcressey bcressey mentioned this pull request Oct 18, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arnaldo2792 arnaldo2792 arnaldo2792 approved these changes

@cbgbt cbgbt cbgbt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

RPM macros defined twice
3 participants
@bcressey @cbgbt @arnaldo2792