From 25379925998e135ceba813c2e68aeb2c865d7a7c Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Thu, 21 Nov 2024 14:22:30 +0100 Subject: [PATCH] Don't run plugins on src.rpm unpacking (RhBug:2316785) Source packages aren't really "installed", just unpacked, and plugins operate on real transactions by design, so disable the tsm/psm/fsm and scriptlet hooks for those. This doesn't include the init and cleanup hooks but those should be harmless and only do non-destructive actions anyway. Do this by simply replacing the plugins list with an empty one for the duration of src.rpm unpacking. This also is in line with what we do for --noplugins. This fixes, in particular, src.rpm installations done by a regular user (a fairly common case) on systems equipped with a plugin that needs root privileges (e.g. the ima plugin), which would otherwise cause a spurious warning or even failure (see RhBug:2316785). Reuse the plugin development test, we don't have anything better at the moment and it does the job well. --- lib/psm.cc | 9 +++++++++ tests/rpmdevel.at | 16 ++++++++++++++-- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/lib/psm.cc b/lib/psm.cc index 655e5b9a4f..5b930465a5 100644 --- a/lib/psm.cc +++ b/lib/psm.cc @@ -150,6 +150,7 @@ rpmRC rpmInstallSourcePackage(rpmts ts, FD_t fd, Header h = NULL; rpmpsm psm = NULL; rpmte te = NULL; + rpmPlugins origplugins = NULL; rpmRC rpmrc; int specix = -1; @@ -204,6 +205,10 @@ rpmRC rpmInstallSourcePackage(rpmts ts, FD_t fd, rpmfsSetAction(fs, i, FA_CREATE); } + /* Don't run any plugins */ + origplugins = ts->plugins; + ts->plugins = rpmpluginsNew(ts); + psm = rpmpsmNew(ts, te, PKG_INSTALL); if (rpmpsmUnpack(psm) == RPMRC_OK) @@ -211,6 +216,10 @@ rpmRC rpmInstallSourcePackage(rpmts ts, FD_t fd, rpmpsmFree(psm); + /* Restore plugins */ + rpmpluginsFree(ts->plugins); + ts->plugins = origplugins; + exit: if (rpmrc == RPMRC_OK && specix >= 0) { if (cookie) diff --git a/tests/rpmdevel.at b/tests/rpmdevel.at index 03908c88d6..83cf324c47 100644 --- a/tests/rpmdevel.at +++ b/tests/rpmdevel.at @@ -43,12 +43,15 @@ runroot rpmbuild --quiet -bb \ /data/SPECS/simple.spec \ /data/SPECS/fakeshell.spec +runroot rpmbuild --quiet -bs \ + /data/SPECS/simple.spec + runroot rpm -U /build/RPMS/noarch/fakeshell-1.0-1.noarch.rpm cmake /data/debugplugin && make && make install DESTDIR=${RPMTEST} RPMTEST_CHECK([ -runroot rpm -U /build/RPMS/noarch/simple-1.0-1.noarch.rpm +runroot rpm -U /build/RPMS/noarch/simple-1.0-1.noarch.rpm /build/SRPMS/simple-1.0-1.src.rpm ], [0], [], @@ -70,5 +73,14 @@ debug_psm_post: simple-1.0-1.noarch:0 debug_tsm_post: 0 debug_cleanup ]) -RPMTEST_CLEANUP +RPMTEST_CHECK([ +runroot rpm -i /build/SRPMS/simple-1.0-1.src.rpm +], +[0], +[], +[debug_init +debug_cleanup +]) + +RPMTEST_CLEANUP