From 02b8afa68a861248cb5e873c4c404aa85afcad85 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 22 Jul 2025 21:54:59 +0200 Subject: [PATCH 01/21] Add RPM packaging --- packaging/.gitignore | 3 + packaging/openvox-server.service | 31 +++++++++ packaging/openvox-server.spec | 102 ++++++++++++++++++++++++++++++ packaging/openvox-server.sysusers | 1 + 4 files changed, 137 insertions(+) create mode 100644 packaging/.gitignore create mode 100644 packaging/openvox-server.service create mode 100644 packaging/openvox-server.spec create mode 100644 packaging/openvox-server.sysusers diff --git a/packaging/.gitignore b/packaging/.gitignore new file mode 100644 index 000000000..0178bf2ef --- /dev/null +++ b/packaging/.gitignore @@ -0,0 +1,3 @@ +*.tar.gz +*.rpm +/results_openvox-server diff --git a/packaging/openvox-server.service b/packaging/openvox-server.service new file mode 100644 index 000000000..b6831acc2 --- /dev/null +++ b/packaging/openvox-server.service @@ -0,0 +1,31 @@ +[Unit] +Description=puppetserver Service +After=network.target nss-lookup.target + +[Service] +Type=exec +User=puppet +TimeoutStartSec=300 +TimeoutStopSec=60 +Restart=on-failure +StartLimitBurst=5 + +PrivateTmp=true +ConfigurationDirectory=puppetserver +LogsDirectory=puppetserver +RuntimeDirectory=puppetserver +StateDirectory=puppetserver + +# set default privileges to -rw-r----- +UMask=027 + +Environment="JAVA_BIN=/usr/lib/jvm/jre-17/bin/java" +Environment="TK_ARGS=" +Environment="JAVA_ARGS=-Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger" + +ExecStart=/usr/libexec/puppetserver/puppetserver + +SuccessExitStatus=143 + +[Install] +WantedBy=multi-user.target diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec new file mode 100644 index 000000000..332172262 --- /dev/null +++ b/packaging/openvox-server.spec @@ -0,0 +1,102 @@ +%global serverdir /opt/puppetlabs/server +# TODO use name +%global etcdir %{_sysconfdir}/puppetlabs/puppetserver + +Name: openvox-server +Version: 8.9.0 +Release: 1%{?dist} +Summary: Server component for OpenVox agents +License: Apache-2.0 +URL: https://voxpupuli.org +Source0: https://artifacts.voxpupuli.org/%{name}/%{version}/%{name}-%{version}.tar.gz +Source1: openvox-server.service +Source2: openvox-server.sysusers + +BuildArch: noarch + +BuildRequires: systemd-rpm-macros +# For the ruby_vendorlibdir +BuildRequires: ruby-devel +%{?sysusers_requires_compat} + +Requires: jre-17-headless +Requires: openvox-agent >= 8 +# Requires: rubygem(puppetserver-ca) + +%description +Server component + +# inside the tarball there's still puppetserver +%prep +%setup -n puppetserver-%{version} + +%install +install -p -D -m 0644 puppet-server-release.jar %{buildroot}%{_datadir}/%{name}/puppet-server-release.jar +install -p -D -m 0644 ext/system-config/services.d/bootstrap.cfg %{buildroot}%{_datadir}/%{name}/services.d/bootstrap.cfg + +install -p -D -m 0644 ext/ezbake.manifest %{buildroot}%{_docdir}/%{name}/ezbake.manifest + +# TODO: should rubygem-puppetserver-ca actually ship this file? +install -p -D -m 0755 ext/cli/ca %{buildroot}%{serverdir}/apps/ca +# official packages also ship: foreground, irb, gem, reload, ruby, start, stop + +install -p -D -m 0644 %{SOURCE2} %{buildroot}%{_sysusersdir}/%{name}.conf +install -p -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service + +mkdir -p -m 0755 %{buildroot}%{etcdir}/ca +install -p -D -m 0644 ext/config/conf.d/auth.conf %{buildroot}%{etcdir}/conf.d/auth.conf +install -p -D -m 0644 ext/config/conf.d/ca.conf %{buildroot}%{etcdir}/conf.d/ca.conf +install -p -D -m 0644 ext/config/conf.d/global.conf %{buildroot}%{etcdir}/conf.d/global.conf +install -p -D -m 0644 ext/config/conf.d/metrics.conf %{buildroot}%{etcdir}/conf.d/metrics.conf +install -p -D -m 0644 ext/config/conf.d/puppetserver.conf %{buildroot}%{etcdir}/conf.d/puppetserver.conf +install -p -D -m 0644 ext/config/conf.d/web-routes.conf %{buildroot}%{etcdir}/conf.d/web-routes.conf +install -p -D -m 0644 ext/config/conf.d/webserver.conf %{buildroot}%{etcdir}/conf.d/webserver.conf + +install -p -D -m 0644 ext/config/request-logging.xml %{buildroot}%{etcdir}/request-logging.xml +install -p -D -m 0644 ext/config/logback.xml %{buildroot}%{etcdir}/logback.xml + +install -p -D -m 0644 ext/config/services.d/ca.cfg %{buildroot}%{etcdir}/services.d/ca.cfg + +mkdir -p -m 0755 %{buildroot}%{_sharedstatedir}/%{name} + +%pre +%sysusers_create_compat %{SOURCE2} + +%post +%systemd_post %{name}.service + +%preun +%systemd_preun %{name}.service + +%postun +%systemd_postun_with_restart %{name}.service + +%files +%{_datadir}/%{name}/puppet-server-release.jar +%{_datadir}/%{name}/services.d/bootstrap.cfg + +# TODO: LICENSE +%{_docdir}/%{name}/ezbake.manifest + +%{_bindir}/%{name} +#%{_libexecdir}/%{name}/apps/ca + +%{_sysusersdir}/%{name}.conf +%{_unitdir}/%{name}.service + +%dir %attr(0750,puppet,puppet) %{_sharedstatedir}/%{name} + +%dir %attr(0750,puppet,puppet) %{etcdir}/ca +%config(noreplace) %{etcdir}/conf.d/auth.conf +%config(noreplace) %{etcdir}/conf.d/ca.conf +%config(noreplace) %{etcdir}/conf.d/global.conf +%config(noreplace) %{etcdir}/conf.d/metrics.conf +%config(noreplace) %{etcdir}/conf.d/puppetserver.conf +%config(noreplace) %{etcdir}/conf.d/web-routes.conf +%config(noreplace) %{etcdir}/conf.d/webserver.conf +%config(noreplace) %{etcdir}/logback.xml +%config(noreplace) %{etcdir}/request-logging.xml +%config(noreplace) %{etcdir}/services.d/ca.cfg + +%changelog +%autochangelog diff --git a/packaging/openvox-server.sysusers b/packaging/openvox-server.sysusers new file mode 100644 index 000000000..6f82b39c4 --- /dev/null +++ b/packaging/openvox-server.sysusers @@ -0,0 +1 @@ +u puppet 52 "Puppet" /var/lib/puppetserver /usr/sbin/nologin From d8fb8d6bfa01b3b56169931f61c0a5b1ed30fb0e Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 22 Jul 2025 23:48:11 +0200 Subject: [PATCH 02/21] Further improvements --- packaging/.gitignore | 1 + packaging/openvox-server.service | 31 --------- packaging/openvox-server.spec | 110 ++++++++++++++++++++++-------- packaging/openvox-server.sysusers | 2 +- 4 files changed, 85 insertions(+), 59 deletions(-) delete mode 100644 packaging/openvox-server.service diff --git a/packaging/.gitignore b/packaging/.gitignore index 0178bf2ef..c20bebf54 100644 --- a/packaging/.gitignore +++ b/packaging/.gitignore @@ -1,3 +1,4 @@ *.tar.gz *.rpm /results_openvox-server +/puppetserver-* diff --git a/packaging/openvox-server.service b/packaging/openvox-server.service deleted file mode 100644 index b6831acc2..000000000 --- a/packaging/openvox-server.service +++ /dev/null @@ -1,31 +0,0 @@ -[Unit] -Description=puppetserver Service -After=network.target nss-lookup.target - -[Service] -Type=exec -User=puppet -TimeoutStartSec=300 -TimeoutStopSec=60 -Restart=on-failure -StartLimitBurst=5 - -PrivateTmp=true -ConfigurationDirectory=puppetserver -LogsDirectory=puppetserver -RuntimeDirectory=puppetserver -StateDirectory=puppetserver - -# set default privileges to -rw-r----- -UMask=027 - -Environment="JAVA_BIN=/usr/lib/jvm/jre-17/bin/java" -Environment="TK_ARGS=" -Environment="JAVA_ARGS=-Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger" - -ExecStart=/usr/libexec/puppetserver/puppetserver - -SuccessExitStatus=143 - -[Install] -WantedBy=multi-user.target diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 332172262..4bcf38b97 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -1,6 +1,9 @@ %global serverdir /opt/puppetlabs/server -# TODO use name +# TODO use datadir variable? +%global appdir %{serverdir}/apps/puppetserver +# TODO use name variable? %global etcdir %{_sysconfdir}/puppetlabs/puppetserver +%global service puppetserver Name: openvox-server Version: 8.9.0 @@ -9,39 +12,69 @@ Summary: Server component for OpenVox agents License: Apache-2.0 URL: https://voxpupuli.org Source0: https://artifacts.voxpupuli.org/%{name}/%{version}/%{name}-%{version}.tar.gz -Source1: openvox-server.service -Source2: openvox-server.sysusers +Source1: openvox-server.sysusers BuildArch: noarch BuildRequires: systemd-rpm-macros -# For the ruby_vendorlibdir -BuildRequires: ruby-devel %{?sysusers_requires_compat} -Requires: jre-17-headless +%if 0%{?rhel} >= 10 || 0%{?fedora} +%global java jre-21-headless +%global java_bin /usr/lib/jvm/jre-21/bin/java +%elif 0%{?rhel} >= 8 +%global java jre-17-headless +%global java_bin /usr/lib/jvm/jre-17/bin/java +%elif 0%{?rhel} +%global java jre-11-headless +%global java_bin /usr/lib/jvm/jre-11/bin/java +%elif 0%{?suse_version} +%global java java-11-openjdk-headless +%elif 0%{?amzn} +# TODO: also a build requirement? +Requires: tzdata-java +%global java (java-17-amazon-corretto-headless or java-11-amazon-corretto-headless) +%else +# TODO: probably wrong +%global java java-1.8.0-openjdk-headless +%endif +BuildRequires: %{java} + +Requires: %{java} Requires: openvox-agent >= 8 -# Requires: rubygem(puppetserver-ca) + +# TODO obsolete puppetserver %description Server component -# inside the tarball there's still puppetserver %prep +# inside the tarball there's still puppetserver %setup -n puppetserver-%{version} +%build +# TODO: this needs internet access +DESTDIR=%{buildroot} bash ext/build-scripts/install-vendored-gems.sh + +%if 0%{?rhel} || 0%{?fedora} +sed -i 's|/usr/bin/java|%{java_bin}|' ext/redhat/puppetserver.service +%endif + %install -install -p -D -m 0644 puppet-server-release.jar %{buildroot}%{_datadir}/%{name}/puppet-server-release.jar -install -p -D -m 0644 ext/system-config/services.d/bootstrap.cfg %{buildroot}%{_datadir}/%{name}/services.d/bootstrap.cfg +install -p -D -m 0644 puppet-server-release.jar %{buildroot}%{appdir}/puppet-server-release.jar +install -p -D -m 0644 ext/system-config/services.d/bootstrap.cfg %{buildroot}%{appdir}/config/services.d/bootstrap.cfg install -p -D -m 0644 ext/ezbake.manifest %{buildroot}%{_docdir}/%{name}/ezbake.manifest # TODO: should rubygem-puppetserver-ca actually ship this file? -install -p -D -m 0755 ext/cli/ca %{buildroot}%{serverdir}/apps/ca -# official packages also ship: foreground, irb, gem, reload, ruby, start, stop +install -p -D -m 0755 ext/cli/ca %{buildroot}%{appdir}/cli/apps/ca +install -p -D -m 0755 ext/cli/irb %{buildroot}%{appdir}/cli/apps/irb +install -p -D -m 0755 ext/cli/gem %{buildroot}%{appdir}/cli/apps/gem +install -p -D -m 0755 ext/cli/prune %{buildroot}%{appdir}/cli/apps/prune +install -p -D -m 0755 ext/cli/ruby %{buildroot}%{appdir}/cli/apps/ruby -install -p -D -m 0644 %{SOURCE2} %{buildroot}%{_sysusersdir}/%{name}.conf -install -p -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service +install -p -D -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/%{name}.conf +install -p -D -m 0644 ext/redhat/puppetserver.service %{buildroot}%{_unitdir}/%{service}.service mkdir -p -m 0755 %{buildroot}%{etcdir}/ca install -p -D -m 0644 ext/config/conf.d/auth.conf %{buildroot}%{etcdir}/conf.d/auth.conf @@ -57,35 +90,58 @@ install -p -D -m 0644 ext/config/logback.xml %{buildroot}%{etcdir}/logback.xml install -p -D -m 0644 ext/config/services.d/ca.cfg %{buildroot}%{etcdir}/services.d/ca.cfg -mkdir -p -m 0755 %{buildroot}%{_sharedstatedir}/%{name} +mkdir -p -m 0755 %{buildroot}%{serverdir}/data/puppetserver/{yaml,jars} %pre -%sysusers_create_compat %{SOURCE2} +%if 0%{?rhel} >= 9 || 0%{?fedora} > 0 +%sysusers_create_compat %{SOURCE1} +%elif 0%{?rhel} > 0 +# TODO sysusers +%elif 0{?sles_version} > 0 +# TODO sysusers +%service_add_pre %{service}.service +%endif %post -%systemd_post %{name}.service +%if 0%{?rhel} > 0 || 0%{?fedora} > 0 +%systemd_post %{service}.service +%elif 0{?sles_version} > 0 +%service_add_post %{service}.service +%endif %preun -%systemd_preun %{name}.service +%if 0%{?rhel} > 0 || 0%{?fedora} > 0 +%systemd_preun %{service}.service +%elif 0{?sles_version} > 0 +%service_del_preun %{service}.service +%endif %postun -%systemd_postun_with_restart %{name}.service +%if 0%{?rhel} > 0 || 0%{?fedora} > 0 +%systemd_postun_with_restart %{service}.service +%elif 0{?sles_version} > 0 +%service_del_postun %{service}.service +%endif %files -%{_datadir}/%{name}/puppet-server-release.jar -%{_datadir}/%{name}/services.d/bootstrap.cfg +%{appdir}/cli/apps +%{appdir}/config/services.d/bootstrap.cfg +%{appdir}/puppet-server-release.jar +%dir %attr(0700,puppet,puppet) %{serverdir}/data/puppetserver/jars +%dir %attr(0700,puppet,puppet) %{serverdir}/data/puppetserver/yaml # TODO: LICENSE -%{_docdir}/%{name}/ezbake.manifest +%doc %{_docdir}/%{name}/ezbake.manifest -%{_bindir}/%{name} -#%{_libexecdir}/%{name}/apps/ca +# TODO: why don't the gems install? +#/opt/puppetlabs/puppet/lib/ruby/vendor_gems +#/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems %{_sysusersdir}/%{name}.conf -%{_unitdir}/%{name}.service - -%dir %attr(0750,puppet,puppet) %{_sharedstatedir}/%{name} +%{_unitdir}/%{service}.service +# TODO: sysconfig +# TODO: why owned by puppet? %dir %attr(0750,puppet,puppet) %{etcdir}/ca %config(noreplace) %{etcdir}/conf.d/auth.conf %config(noreplace) %{etcdir}/conf.d/ca.conf diff --git a/packaging/openvox-server.sysusers b/packaging/openvox-server.sysusers index 6f82b39c4..3ef55b9db 100644 --- a/packaging/openvox-server.sysusers +++ b/packaging/openvox-server.sysusers @@ -1 +1 @@ -u puppet 52 "Puppet" /var/lib/puppetserver /usr/sbin/nologin +u puppet 52 "Puppet" /opt/puppetlabs/server/data /usr/sbin/nologin From e183e5fcd15721d32c6eb47b6b3a2dae9dbea8a2 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 23 Jul 2025 00:12:38 +0200 Subject: [PATCH 03/21] More work --- packaging/openvox-server.spec | 40 ++++++++++++++++++++++++------- packaging/openvox-server.sysusers | 2 +- 2 files changed, 33 insertions(+), 9 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 4bcf38b97..b74a58a68 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -5,6 +5,10 @@ %global etcdir %{_sysconfdir}/puppetlabs/puppetserver %global service puppetserver +# TODO shebang expands /usr/bin/java +# TODO replace shebang +%global __requires_exclude_from .+/(vendor_gems|vendored-jruby-gems)/bin/.*$ + Name: openvox-server Version: 8.9.0 Release: 1%{?dist} @@ -16,7 +20,11 @@ Source1: openvox-server.sysusers BuildArch: noarch +%if 0%{?rhel} == 8 +BuildRequires: systemd +%else BuildRequires: systemd-rpm-macros +%endif %{?sysusers_requires_compat} %if 0%{?rhel} >= 10 || 0%{?fedora} @@ -28,7 +36,7 @@ BuildRequires: systemd-rpm-macros %elif 0%{?rhel} %global java jre-11-headless %global java_bin /usr/lib/jvm/jre-11/bin/java -%elif 0%{?suse_version} +%elif 0%{?sles_version} %global java java-11-openjdk-headless %elif 0%{?amzn} # TODO: also a build requirement? @@ -53,14 +61,14 @@ Server component %setup -n puppetserver-%{version} %build -# TODO: this needs internet access -DESTDIR=%{buildroot} bash ext/build-scripts/install-vendored-gems.sh - %if 0%{?rhel} || 0%{?fedora} sed -i 's|/usr/bin/java|%{java_bin}|' ext/redhat/puppetserver.service %endif %install +# TODO: this needs internet access +DESTDIR=%{buildroot} bash ext/build-scripts/install-vendored-gems.sh + install -p -D -m 0644 puppet-server-release.jar %{buildroot}%{appdir}/puppet-server-release.jar install -p -D -m 0644 ext/system-config/services.d/bootstrap.cfg %{buildroot}%{appdir}/config/services.d/bootstrap.cfg @@ -75,6 +83,7 @@ install -p -D -m 0755 ext/cli/ruby %{buildroot}%{appdir}/cli/apps/ruby install -p -D -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/%{name}.conf install -p -D -m 0644 ext/redhat/puppetserver.service %{buildroot}%{_unitdir}/%{service}.service +install -p -D -m 0644 ext/default %{buildroot}%{_sysconfdir}/sysconfig/%{service} mkdir -p -m 0755 %{buildroot}%{etcdir}/ca install -p -D -m 0644 ext/config/conf.d/auth.conf %{buildroot}%{etcdir}/conf.d/auth.conf @@ -109,6 +118,19 @@ mkdir -p -m 0755 %{buildroot}%{serverdir}/data/puppetserver/{yaml,jars} %service_add_post %{service}.service %endif +%postinstall +if [ "$1" = "1" ]; then + : # Null command in case additional_postinst_install is empty + #/opt/puppetlabs/puppet/bin/puppet config set --section master vardir /opt/puppetlabs/server/data/puppetserver + #/opt/puppetlabs/puppet/bin/puppet config set --section master logdir /var/log/puppetlabs/puppetserver + #/opt/puppetlabs/puppet/bin/puppet config set --section master rundir /var/run/puppetlabs/puppetserver + #/opt/puppetlabs/puppet/bin/puppet config set --section master pidfile /var/run/puppetlabs/puppetserver/puppetserver.pid + #/opt/puppetlabs/puppet/bin/puppet config set --section master codedir /etc/puppetlabs/code + #install --directory /etc/puppetlabs/puppet/ssl + #chown -R puppet:puppet /etc/puppetlabs/puppet/ssl + #find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 +fi + %preun %if 0%{?rhel} > 0 || 0%{?fedora} > 0 %systemd_preun %{service}.service @@ -127,19 +149,21 @@ mkdir -p -m 0755 %{buildroot}%{serverdir}/data/puppetserver/{yaml,jars} %{appdir}/cli/apps %{appdir}/config/services.d/bootstrap.cfg %{appdir}/puppet-server-release.jar +# TODO why owned by puppet? +%dir %attr(0775,puppet,puppet) %{serverdir}/data %dir %attr(0700,puppet,puppet) %{serverdir}/data/puppetserver/jars %dir %attr(0700,puppet,puppet) %{serverdir}/data/puppetserver/yaml # TODO: LICENSE %doc %{_docdir}/%{name}/ezbake.manifest -# TODO: why don't the gems install? -#/opt/puppetlabs/puppet/lib/ruby/vendor_gems -#/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems +# vendored gems +/opt/puppetlabs/puppet/lib/ruby/vendor_gems +%attr(0755,puppet,puppet) %{serverdir}/data/puppetserver/vendored-jruby-gems %{_sysusersdir}/%{name}.conf %{_unitdir}/%{service}.service -# TODO: sysconfig +%{_sysconfdir}/sysconfig/%{service} # TODO: why owned by puppet? %dir %attr(0750,puppet,puppet) %{etcdir}/ca diff --git a/packaging/openvox-server.sysusers b/packaging/openvox-server.sysusers index 3ef55b9db..b7f9bde20 100644 --- a/packaging/openvox-server.sysusers +++ b/packaging/openvox-server.sysusers @@ -1 +1 @@ -u puppet 52 "Puppet" /opt/puppetlabs/server/data /usr/sbin/nologin +u puppet 52 "Puppet" /opt/puppetlabs/server/data/puppetserver /sbin/nologin From 15eec5f214cf792436fa27fce8ad52ab04765c4f Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 23 Jul 2025 01:28:07 +0200 Subject: [PATCH 04/21] Deal with RPM 4 not having %elif --- packaging/openvox-server.spec | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index b74a58a68..ae9d30b56 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -30,21 +30,18 @@ BuildRequires: systemd-rpm-macros %if 0%{?rhel} >= 10 || 0%{?fedora} %global java jre-21-headless %global java_bin /usr/lib/jvm/jre-21/bin/java -%elif 0%{?rhel} >= 8 -%global java jre-17-headless -%global java_bin /usr/lib/jvm/jre-17/bin/java -%elif 0%{?rhel} -%global java jre-11-headless -%global java_bin /usr/lib/jvm/jre-11/bin/java -%elif 0%{?sles_version} -%global java java-11-openjdk-headless %elif 0%{?amzn} # TODO: also a build requirement? Requires: tzdata-java %global java (java-17-amazon-corretto-headless or java-11-amazon-corretto-headless) %else -# TODO: probably wrong -%global java java-1.8.0-openjdk-headless +# RPM 4 doesn't support elif +%if 0%{?sles_version} +%global java java-11-openjdk-headless +%else +%global java jre-17-headless +%global java_bin /usr/lib/jvm/jre-17/bin/java +%endif %endif BuildRequires: %{java} From 3ea5b6601cb69bf7f430eb9b2cd2eaea0394fd5e Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 23 Jul 2025 01:52:19 +0200 Subject: [PATCH 05/21] Iterate! --- packaging/openvox-server.spec | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index ae9d30b56..1ad262e72 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -71,6 +71,7 @@ install -p -D -m 0644 ext/system-config/services.d/bootstrap.cfg %{buildroot}%{a install -p -D -m 0644 ext/ezbake.manifest %{buildroot}%{_docdir}/%{name}/ezbake.manifest +install -p -D -m 0755 ext/bin/puppetserver %{buildroot}/opt/puppetlabs/bin/puppetserver # TODO: should rubygem-puppetserver-ca actually ship this file? install -p -D -m 0755 ext/cli/ca %{buildroot}%{appdir}/cli/apps/ca install -p -D -m 0755 ext/cli/irb %{buildroot}%{appdir}/cli/apps/irb @@ -143,9 +144,14 @@ fi %endif %files +# apps +/opt/puppetlabs/bin/puppetserver %{appdir}/cli/apps + +# service %{appdir}/config/services.d/bootstrap.cfg %{appdir}/puppet-server-release.jar + # TODO why owned by puppet? %dir %attr(0775,puppet,puppet) %{serverdir}/data %dir %attr(0700,puppet,puppet) %{serverdir}/data/puppetserver/jars @@ -158,10 +164,12 @@ fi /opt/puppetlabs/puppet/lib/ruby/vendor_gems %attr(0755,puppet,puppet) %{serverdir}/data/puppetserver/vendored-jruby-gems +# systemd %{_sysusersdir}/%{name}.conf %{_unitdir}/%{service}.service -%{_sysconfdir}/sysconfig/%{service} +%config(noreplace) %{_sysconfdir}/sysconfig/%{service} +# configs # TODO: why owned by puppet? %dir %attr(0750,puppet,puppet) %{etcdir}/ca %config(noreplace) %{etcdir}/conf.d/auth.conf From 9c6362a41c6f5813a02a5053879f5301933bf8ad Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 23 Jul 2025 11:36:11 +0200 Subject: [PATCH 06/21] Permission fixes --- packaging/openvox-server.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 1ad262e72..0f5400fd1 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -152,10 +152,10 @@ fi %{appdir}/config/services.d/bootstrap.cfg %{appdir}/puppet-server-release.jar -# TODO why owned by puppet? %dir %attr(0775,puppet,puppet) %{serverdir}/data +%dir %attr(0775,puppet,puppet) %{serverdir}/data/puppetserver %dir %attr(0700,puppet,puppet) %{serverdir}/data/puppetserver/jars -%dir %attr(0700,puppet,puppet) %{serverdir}/data/puppetserver/yaml +%dir %attr(0750,puppet,puppet) %{serverdir}/data/puppetserver/yaml # TODO: LICENSE %doc %{_docdir}/%{name}/ezbake.manifest From 5d8f794053c4130339bec6edcb0fbea8cb1ef0a4 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 23 Jul 2025 11:38:49 +0200 Subject: [PATCH 07/21] Require openvox-agent 8.21.0 for openfact & obsolete puppetserver --- packaging/openvox-server.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 0f5400fd1..7ba904b04 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -46,9 +46,11 @@ Requires: tzdata-java BuildRequires: %{java} Requires: %{java} -Requires: openvox-agent >= 8 +# TODO: 8.21.0 introduces a regression +Requires: openvox-agent >= 8.21.0 -# TODO obsolete puppetserver +Provides: puppetserver +Obsoletes: puppetserver < 9 %description Server component From 690f0e38285c07170bc70fdddc0dda7dd1f5aba5 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 23 Jul 2025 17:28:27 +0200 Subject: [PATCH 08/21] Restore EL7 --- packaging/openvox-server.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 7ba904b04..363e17fb6 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -20,7 +20,7 @@ Source1: openvox-server.sysusers BuildArch: noarch -%if 0%{?rhel} == 8 +%if 0%{?rhel} && 0%{?rhel} < 9 BuildRequires: systemd %else BuildRequires: systemd-rpm-macros @@ -39,10 +39,15 @@ Requires: tzdata-java %if 0%{?sles_version} %global java java-11-openjdk-headless %else +%if 0%{?rhel} == 7 +%global java jre-11-headless +%global java_bin /usr/lib/jvm/jre-11/bin/java +%else %global java jre-17-headless %global java_bin /usr/lib/jvm/jre-17/bin/java %endif %endif +%endif BuildRequires: %{java} Requires: %{java} From 51656817be87294e4eb13d3b57bc29d22d1571c5 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 23 Jul 2025 18:40:05 +0200 Subject: [PATCH 09/21] More packaging --- packaging/openvox-server.spec | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 363e17fb6..eb6279820 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -51,8 +51,7 @@ Requires: tzdata-java BuildRequires: %{java} Requires: %{java} -# TODO: 8.21.0 introduces a regression -Requires: openvox-agent >= 8.21.0 +Requires: openvox-agent >= 8.21.1 Provides: puppetserver Obsoletes: puppetserver < 9 @@ -107,19 +106,19 @@ install -p -D -m 0644 ext/config/services.d/ca.cfg %{buildroot}%{etcdir}/service mkdir -p -m 0755 %{buildroot}%{serverdir}/data/puppetserver/{yaml,jars} %pre -%if 0%{?rhel} >= 9 || 0%{?fedora} > 0 +%if 0%{?rhel} >= 9 || 0%{?fedora} %sysusers_create_compat %{SOURCE1} -%elif 0%{?rhel} > 0 -# TODO sysusers -%elif 0{?sles_version} > 0 +%elif 0{?sles_version} # TODO sysusers %service_add_pre %{service}.service +%else +%sysusers_create_package %{name} %{SOURCE1} %endif %post -%if 0%{?rhel} > 0 || 0%{?fedora} > 0 +%if 0%{?rhel} || 0%{?fedora} %systemd_post %{service}.service -%elif 0{?sles_version} > 0 +%elif 0{?sles_version} %service_add_post %{service}.service %endif @@ -137,16 +136,16 @@ if [ "$1" = "1" ]; then fi %preun -%if 0%{?rhel} > 0 || 0%{?fedora} > 0 +%if 0%{?rhel} || 0%{?fedora} %systemd_preun %{service}.service -%elif 0{?sles_version} > 0 +%elif 0{?sles_version} %service_del_preun %{service}.service %endif %postun -%if 0%{?rhel} > 0 || 0%{?fedora} > 0 +%if 0%{?rhel} || 0%{?fedora} %systemd_postun_with_restart %{service}.service -%elif 0{?sles_version} > 0 +%elif 0{?sles_version} %service_del_postun %{service}.service %endif From e9fa777f505dd25c46c066ad498f386af0471107 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Fri, 25 Jul 2025 19:30:27 +0200 Subject: [PATCH 10/21] [WIP] suse user packaging --- packaging/openvox-server.spec | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index eb6279820..9283291ee 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -25,7 +25,13 @@ BuildRequires: systemd %else BuildRequires: systemd-rpm-macros %endif + +%if 0%{?sles_version} +BuildRequires: sysuser-tools +%sysusers_requires +%else %{?sysusers_requires_compat} +%endif %if 0%{?rhel} >= 10 || 0%{?fedora} %global java jre-21-headless @@ -68,6 +74,10 @@ Server component sed -i 's|/usr/bin/java|%{java_bin}|' ext/redhat/puppetserver.service %endif +%if 0%{sles_version} +%sysusers_generate_pre %{SOURCE1} puppet %{name}.conf +%endif + %install # TODO: this needs internet access DESTDIR=%{buildroot} bash ext/build-scripts/install-vendored-gems.sh @@ -109,7 +119,7 @@ mkdir -p -m 0755 %{buildroot}%{serverdir}/data/puppetserver/{yaml,jars} %if 0%{?rhel} >= 9 || 0%{?fedora} %sysusers_create_compat %{SOURCE1} %elif 0{?sles_version} -# TODO sysusers +%{name}.pre %service_add_pre %{service}.service %else %sysusers_create_package %{name} %{SOURCE1} From d36ec303192ed8a2439121343a233df2fb253c98 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 30 Jul 2025 20:57:19 +0200 Subject: [PATCH 11/21] Always use Java 17 on Amazon Linux --- packaging/openvox-server.spec | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 9283291ee..5ea8a16cb 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -36,10 +36,6 @@ BuildRequires: sysuser-tools %if 0%{?rhel} >= 10 || 0%{?fedora} %global java jre-21-headless %global java_bin /usr/lib/jvm/jre-21/bin/java -%elif 0%{?amzn} -# TODO: also a build requirement? -Requires: tzdata-java -%global java (java-17-amazon-corretto-headless or java-11-amazon-corretto-headless) %else # RPM 4 doesn't support elif %if 0%{?sles_version} @@ -56,6 +52,10 @@ Requires: tzdata-java %endif BuildRequires: %{java} +%if 0%{?amzn} +Requires: tzdata-java +%endif + Requires: %{java} Requires: openvox-agent >= 8.21.1 From 7d66714ce0087fac347ca77714f02fd42557d424 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 30 Jul 2025 20:59:23 +0200 Subject: [PATCH 12/21] Reorder conditionals to skip 1 if --- packaging/openvox-server.spec | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 5ea8a16cb..f52d3006f 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -33,13 +33,11 @@ BuildRequires: sysuser-tools %{?sysusers_requires_compat} %endif -%if 0%{?rhel} >= 10 || 0%{?fedora} -%global java jre-21-headless -%global java_bin /usr/lib/jvm/jre-21/bin/java -%else -# RPM 4 doesn't support elif %if 0%{?sles_version} %global java java-11-openjdk-headless +%elif 0%{?rhel} >= 10 || 0%{?fedora} +%global java jre-21-headless +%global java_bin /usr/lib/jvm/jre-21/bin/java %else %if 0%{?rhel} == 7 %global java jre-11-headless @@ -49,7 +47,6 @@ BuildRequires: sysuser-tools %global java_bin /usr/lib/jvm/jre-17/bin/java %endif %endif -%endif BuildRequires: %{java} %if 0%{?amzn} From 30849cc26f3132865ce46c03706fc8ed5d474475 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Wed, 30 Jul 2025 21:01:02 +0200 Subject: [PATCH 13/21] Document why we need openvox-agent 8.21.1+ --- packaging/openvox-server.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index f52d3006f..fe30f8a7d 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -54,6 +54,7 @@ Requires: tzdata-java %endif Requires: %{java} +# First version to include OpenFact Requires: openvox-agent >= 8.21.1 Provides: puppetserver From c1fd3298085a839a7d3288f82f002b47b3ad93ab Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 13:30:31 +0200 Subject: [PATCH 14/21] Bump to 8.10.0 --- packaging/openvox-server.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index fe30f8a7d..a742018a7 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -10,7 +10,7 @@ %global __requires_exclude_from .+/(vendor_gems|vendored-jruby-gems)/bin/.*$ Name: openvox-server -Version: 8.9.0 +Version: 8.10.0 Release: 1%{?dist} Summary: Server component for OpenVox agents License: Apache-2.0 From 30f6cc0b11e15671109b00c83d7e19caeca88a36 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 13:30:38 +0200 Subject: [PATCH 15/21] Work on postinstall --- packaging/openvox-server.spec | 6 ------ 1 file changed, 6 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index a742018a7..4c4562c25 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -130,14 +130,8 @@ mkdir -p -m 0755 %{buildroot}%{serverdir}/data/puppetserver/{yaml,jars} %service_add_post %{service}.service %endif -%postinstall if [ "$1" = "1" ]; then : # Null command in case additional_postinst_install is empty - #/opt/puppetlabs/puppet/bin/puppet config set --section master vardir /opt/puppetlabs/server/data/puppetserver - #/opt/puppetlabs/puppet/bin/puppet config set --section master logdir /var/log/puppetlabs/puppetserver - #/opt/puppetlabs/puppet/bin/puppet config set --section master rundir /var/run/puppetlabs/puppetserver - #/opt/puppetlabs/puppet/bin/puppet config set --section master pidfile /var/run/puppetlabs/puppetserver/puppetserver.pid - #/opt/puppetlabs/puppet/bin/puppet config set --section master codedir /etc/puppetlabs/code #install --directory /etc/puppetlabs/puppet/ssl #chown -R puppet:puppet /etc/puppetlabs/puppet/ssl #find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 From 8b7b17d865aa0cfc2abaeaca71e2dd56f6931e79 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 13:31:15 +0200 Subject: [PATCH 16/21] Fix conditional --- packaging/openvox-server.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 4c4562c25..30381db86 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -72,7 +72,7 @@ Server component sed -i 's|/usr/bin/java|%{java_bin}|' ext/redhat/puppetserver.service %endif -%if 0%{sles_version} +%if 0%{?sles_version} %sysusers_generate_pre %{SOURCE1} puppet %{name}.conf %endif From ff093944fc8ea12040a1c423c0264f9ed69af5bc Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 15:03:21 +0200 Subject: [PATCH 17/21] Add a README --- packaging/README.md | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 packaging/README.md diff --git a/packaging/README.md b/packaging/README.md new file mode 100644 index 000000000..84560ce9c --- /dev/null +++ b/packaging/README.md @@ -0,0 +1,42 @@ +# Building RPM packaging + +This layout is compatible with [fedpkg](https://pagure.io/fedpkg/). + +## Creating an SRPM + +First you need the source files + +```sh +spectool -g openvox-server.spec +``` + +Then you can use fedpkg to create the SRPM: + +```sh +fedpkg srpm +``` + +## Building locally + +Using mock it's easy to build locally. + +```sh +fedpkg mockbuild --enable-network +``` + +Now you can find your files in `results_openvox-server`. + +By default the above builds using Fedora Rawhide, but the release can be specified: + +```sh +fedpkg --release epel10 mockbuild --enable-network +``` + +## Building in COPR + +This again relies on having the source present. +It is needed to enable network access during the build. + +```sh +fedpkg copr-build ekohl/openvox8 -- --enable-net on +``` From 0eae3188da24bebfad7db1cbb966c33078fd90a6 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 15:40:34 +0200 Subject: [PATCH 18/21] Clean up useless files in vendored gems --- packaging/openvox-server.spec | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 30381db86..bc4e7a71f 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -80,6 +80,10 @@ sed -i 's|/usr/bin/java|%{java_bin}|' ext/redhat/puppetserver.service # TODO: this needs internet access DESTDIR=%{buildroot} bash ext/build-scripts/install-vendored-gems.sh +# Clean up vendored gems +rm -rf %{buildroot}%{serverdir}/data/puppetserver/vendored-jruby-gems/gems/*/.github +rm -rf %{buildroot}%{serverdir}/data/puppetserver/vendored-jruby-gems/gems/gettext-*/samples + install -p -D -m 0644 puppet-server-release.jar %{buildroot}%{appdir}/puppet-server-release.jar install -p -D -m 0644 ext/system-config/services.d/bootstrap.cfg %{buildroot}%{appdir}/config/services.d/bootstrap.cfg @@ -171,6 +175,7 @@ fi # vendored gems /opt/puppetlabs/puppet/lib/ruby/vendor_gems %attr(0755,puppet,puppet) %{serverdir}/data/puppetserver/vendored-jruby-gems +%exclude %{serverdir}/data/puppetserver/vendored-jruby-gems/cache # systemd %{_sysusersdir}/%{name}.conf From 540e556f5c0712436e1a7a4f2fa6a644aecd8cb0 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 15:58:14 +0200 Subject: [PATCH 19/21] Correctly check fo existance of java_bin macro --- packaging/openvox-server.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index bc4e7a71f..4f3c34448 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -68,7 +68,7 @@ Server component %setup -n puppetserver-%{version} %build -%if 0%{?rhel} || 0%{?fedora} +%if 0%{?java_bin:1} sed -i 's|/usr/bin/java|%{java_bin}|' ext/redhat/puppetserver.service %endif From 27fdaf95a7d4d6b202eaf574fded4570801c8e52 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 15:58:32 +0200 Subject: [PATCH 20/21] Fix up shebangs --- packaging/openvox-server.spec | 82 ++++++++++++++++++++++++++++++++++- 1 file changed, 80 insertions(+), 2 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 4f3c34448..4fab032d9 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -5,8 +5,6 @@ %global etcdir %{_sysconfdir}/puppetlabs/puppetserver %global service puppetserver -# TODO shebang expands /usr/bin/java -# TODO replace shebang %global __requires_exclude_from .+/(vendor_gems|vendored-jruby-gems)/bin/.*$ Name: openvox-server @@ -83,6 +81,86 @@ DESTDIR=%{buildroot} bash ext/build-scripts/install-vendored-gems.sh # Clean up vendored gems rm -rf %{buildroot}%{serverdir}/data/puppetserver/vendored-jruby-gems/gems/*/.github rm -rf %{buildroot}%{serverdir}/data/puppetserver/vendored-jruby-gems/gems/gettext-*/samples +rm -rf %{buildroot}%{serverdir}/data/puppetserver/vendored-jruby-gems/gems/locale-*/samples + +# Clean up shebangs - based on brp-mangle-shebangs +java_shebang=$(realpath /usr/bin/java) +find -executable -type f ! -path '*:*' ! -path $'*\n*' \ +| file -N --mime-type -f - \ +| grep -P ".+(?=: (text/|application/javascript))" \ +| { +while IFS= read -r line; do + f=${line%%:*} + + # Remove the dot + path="${f#.}" + + + if ! read shebang_line < "$f"; then + echo >&2 "*** WARNING: Cannot read the first line from $f, removing executable bit" + ts=$(stat -c %y "$f") + chmod -x "$f" + touch -d "$ts" "$f" + continue + fi + + orig_shebang="${shebang_line#\#!}" + if [ "$orig_shebang" = "$shebang_line" ]; then + echo >&2 "*** WARNING: $f is executable but has no shebang, removing executable bit" + ts=$(stat -c %y "$f") + chmod -x "$f" + touch -d "$ts" "$f" + continue + fi + + # Trim spaces + while shebang="${orig_shebang// / }"; [ "$shebang" != "$orig_shebang" ]; do + orig_shebang="$shebang" + done + # Treat "#! /path/to " as "#!/path/to" + orig_shebang="${orig_shebang# }" + + shebang="$orig_shebang" + + if [ -z "$shebang" ]; then + echo >&2 "*** WARNING: $f is executable but has empty shebang, removing executable bit" + ts=$(stat -c %y "$f") + chmod -x "$f" + touch -d "$ts" "$f" + continue + fi + if [ -n "${shebang##/*}" ]; then + echo >&2 "*** ERROR: $f has shebang which doesn't start with '/' ($shebang)" + continue + fi + + if ! { echo "$shebang" | grep -q -P "^/(?:usr/)?(?:bin|sbin)/"; }; then + continue + fi + + # Replace "special" env shebang: + # /whatsoever/env -whatever /whatever/foo → /whatever/foo + shebang=$(echo "$shebang" | sed -r -e 's@^(.+)/env( -[^ ]+)* /(.+)$@/\3@') + # /whatsoever/env -whatever foo → /whatsoever/foo + shebang=$(echo "$shebang" | sed -r -e 's@^(.+/)env( -[^ ]+)* (.+)$@\1\3@') + + if [ "$shebang" = "/usr/bin/ruby" ] ; then + shebang=/opt/puppetlabs/puppet/bin/ruby +%if 0%{?java_bin:1} + elif [ "$shebang" = "$java" ] ; then + shebang=%{java_bin} +%endif + fi + + if [ "#!$shebang" != "#!$orig_shebang" ]; then + echo "mangling shebang in $path from $orig_shebang to #!$shebang" + ts=$(stat -c %y "$f") + sed -i -e "1c #!$shebang" "$f" + touch -d "$ts" "$f" + fi + +done +} install -p -D -m 0644 puppet-server-release.jar %{buildroot}%{appdir}/puppet-server-release.jar install -p -D -m 0644 ext/system-config/services.d/bootstrap.cfg %{buildroot}%{appdir}/config/services.d/bootstrap.cfg From 255f887e89f11541a696bd18da6788b69fcb5158 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 2 Aug 2025 18:59:57 +0200 Subject: [PATCH 21/21] Shebang fixing --- packaging/openvox-server.spec | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/packaging/openvox-server.spec b/packaging/openvox-server.spec index 4fab032d9..7a4dba4e4 100644 --- a/packaging/openvox-server.spec +++ b/packaging/openvox-server.spec @@ -1,3 +1,4 @@ +%global agentvendordir /opt/puppetlabs/puppet/lib/ruby/vendor_gems %global serverdir /opt/puppetlabs/server # TODO use datadir variable? %global appdir %{serverdir}/apps/puppetserver @@ -5,7 +6,7 @@ %global etcdir %{_sysconfdir}/puppetlabs/puppetserver %global service puppetserver -%global __requires_exclude_from .+/(vendor_gems|vendored-jruby-gems)/bin/.*$ +%global __requires_exclude_from .+/vendored-jruby-gems/bin/.*$ Name: openvox-server Version: 8.10.0 @@ -68,6 +69,7 @@ Server component %build %if 0%{?java_bin:1} sed -i 's|/usr/bin/java|%{java_bin}|' ext/redhat/puppetserver.service +sed -i 's|java|%{java_bin}|' ext/build-scripts/install-vendored-gems.sh %endif %if 0%{?sles_version} @@ -84,8 +86,12 @@ rm -rf %{buildroot}%{serverdir}/data/puppetserver/vendored-jruby-gems/gems/gette rm -rf %{buildroot}%{serverdir}/data/puppetserver/vendored-jruby-gems/gems/locale-*/samples # Clean up shebangs - based on brp-mangle-shebangs +%if 0%{?java_bin:1} +java_shebang=$(realpath %{java_bin}) +%else java_shebang=$(realpath /usr/bin/java) -find -executable -type f ! -path '*:*' ! -path $'*\n*' \ +%endif +find %{buildroot}%{serverdir} %{buildroot}%{agentvendordir} -executable -type f ! -path '*:*' ! -path $'*\n*' \ | file -N --mime-type -f - \ | grep -P ".+(?=: (text/|application/javascript))" \ | { @@ -134,9 +140,10 @@ while IFS= read -r line; do continue fi - if ! { echo "$shebang" | grep -q -P "^/(?:usr/)?(?:bin|sbin)/"; }; then - continue - fi + # TODO: look at $java_shebang + #if ! { echo "$shebang" | grep -q -P "^/(?:usr/)?(?:bin|sbin)/"; }; then + # continue + #fi # Replace "special" env shebang: # /whatsoever/env -whatever /whatever/foo → /whatever/foo @@ -146,10 +153,9 @@ while IFS= read -r line; do if [ "$shebang" = "/usr/bin/ruby" ] ; then shebang=/opt/puppetlabs/puppet/bin/ruby -%if 0%{?java_bin:1} - elif [ "$shebang" = "$java" ] ; then - shebang=%{java_bin} -%endif + elif [[ "$shebang" == "${java_shebang}"* ]] ; then + # Something looks for the realpath but we want to use the symlink + shebang="%{java_bin}${shebang#${java_shebang}}" fi if [ "#!$shebang" != "#!$orig_shebang" ]; then @@ -251,7 +257,7 @@ fi %doc %{_docdir}/%{name}/ezbake.manifest # vendored gems -/opt/puppetlabs/puppet/lib/ruby/vendor_gems +%agentvendordir %attr(0755,puppet,puppet) %{serverdir}/data/puppetserver/vendored-jruby-gems %exclude %{serverdir}/data/puppetserver/vendored-jruby-gems/cache