GitLab

Since libarchive 3.2.1-2 bsdtar has been provided by libarchive-tools,
while 3.4.0-1 dropped bsdtar transitional package completely.
Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>

Added as an external patch in c4a04440
This reverts commit 4a9a792c.

Added as an external patch in c4a04440
This reverts commit 7bb95b09.

Added as an external patch in c4a04440
This reverts commit 309e5a9e.

Added as an external patch in c4a04440
This reverts commit e220e271.

Wip/ritesh/clean up obs packaging

See merge request !17

# Conflicts:
#   debian/changelog

Signed-off-by: Ritesh Raj Sarraf <ritesh.sarraf@collabora.com>

For details, please see task: APERTIS-5645
Signed-off-by: Ritesh Raj Sarraf <ritesh.sarraf@collabora.com>

Acl hacks

See merge request !15

The project model code path for this invalidates the cache before
returning.

Users now have different views of project meta config (references to
inaccessible projects, which were not permitted at all before, are now
elided to "HIDDEN" for users with insufficient access): This means
that the code path which provides the meta config to osc must also
invalidate the cache.

It's not clear that this particular config should be cached at all.
Possibly it should include the user context in the cache key instead
but in any case this is the least invasive way to make sure osc
returns the correct information for now.

Allow projects mentioned as <allowbuilddep name="accessing-project"/>
entries in the meta config of another project to fetch build
dependencies from that project unconditionally.

These patches merely add the new element which has no effect as of
this commit.

The new element is added to:
• the RNG xml declarations
• BSXML.pm (which serves a similar purpose for the back end code)
• bs_srcserver which supplies the parsed metadata to backend services
• the database
  ◦ initial schema (structure.sql)
  ◦ migration file
• the rails model(s)
  ◦ the project,rb model
  ◦ a new allowbuilddep.rb model for the element iteslf
  ◦ _project.xml.builder which generates XML from the database

When a user tries to view a project's meta config, the rails
application actually recreates the XML from the database contents
using the project model.

It does this with the user id set in its context and applies normal
ACL rules.

This means that any data relating to a project the user does not have
at least read access to is missing from the model's internal data
structures, so <path…> elements that refer to unreadable projects
result in a method call on nil and a 500 error in the web UI.

This patch ameliorates that by checking that the relevant object
actually exists in the model before calling an accessor method on it,
and substituting 'HIDDEN' for the project's name if it does not.

This does mean that the user SHOULD NOT try and save said meta config
but that restriction is not enforced here.

Move patch to publish asc files out of the collabora folder

See merge request !12

Backport the autopkgtests added to the Debian OBS package

See merge request !14

Do not depend on deb-src to download the hello source package while
executing the smoke test

Use this Debian 9 DoD project config in the autopkgtest smoke test.

Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

Drop part of the patch which is not related to CVE and causes
obsworker regression, as it cannot fetch worker code from server.
Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

T13997 Upgrading from OBS 2.7.1 to 2.7.4

See merge request !13

The rb_sysopen runs as www-data that needs to access to production.log,
backend_access.log and database.yml.

Revert the group owner to www-data to avoid following errors:

 Rails Error: Unable to access log file. Please ensure that
 /usr/share/obs/api/log/production.log exists and is writable (ie, make
 it writable for user and group: chmod 0664
 /usr/share/obs/api/log/production.log). The log level has been raised
 to WARN and the output directed to STDERR until the problem is fixed.
 rake aborted!
 Errno::EACCES: Cannot load `Rails.application.database_configuration`:
 Permission denied @ rb_sysopen - /usr/share/obs/api/config/database.yml
 /usr/share/obs/api/config/environment.rb:30:in `<top (required)>'
 Errno::EACCES: Permission denied @ rb_sysopen -
 /usr/share/obs/api/config/database.yml
 /usr/share/obs/api/config/environment.rb:30:in `<top (required)>'
 Tasks: TOP => environment
 (See full trace by running task with --trace)
 Errno::EACCES: Permission denied @ rb_sysopen -
 /usr/share/obs/api/log/backend_access.log
 /usr/share/obs/api/lib/opensuse/backend.rb:14:in `new'
 /usr/share/obs/api/lib/opensuse/backend.rb:14:in `<class:Backend>'
 /usr/share/obs/api/lib/opensuse/backend.rb:6:in `<module:Suse>'
 /usr/share/obs/api/lib/opensuse/backend.rb:5:in `<top (required)>'
 /usr/share/obs/api/app/models/project.rb:1:in `<top (required)>'
 /usr/share/obs/api/app/indices/project_index.rb:2:in `block in <top
 (required)>'
 Tasks: TOP => ts:index
 (See full trace by running task with --trace)
Signed-off-by: Andrew Lee (李健秋) <ajqlee@debian.org>

Passenger's default user is nobody:
 https://www.phusionpassenger.com/library/config/nginx/reference/#passenger_default_user

So that we got Passenger and the RubyApp runs as nobody. However,
according to Debian's SystemGroup usage:
  https://wiki.debian.org/SystemGroups

nogroup (user: nobody): Daemons that need not own any files run as user
nobody and group nogroup. Thus, no files on a system should be owned by
this user or group.

So that we should create a new user call 'obapi' and force passenger app
to run as obs-api instead.

And config files should be readable by that obsapi user but usually not
writable.
Signed-off-by: Andrew Lee (李健秋) <ajqlee@debian.org>
Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

It is an upstream-able patch (it was already submitted upstream),
so there is no collabora specifics here.

Publish ddeb files

See merge request !11

Backport upstream udeb support

See merge request !7

This patch is upstream-able, then I moved it out from the collabora
directory and put it near the top of the patch series.

worker: override DefaultTasksMax

See merge request !10

The following error
```
[   67s] Unpacking gcc-7 (7.3.0-16ubuntu3) ...
[   67s] dpkg-deb: unrecoverable fatal error, aborting:
[   67s]  fork failed: Resource temporarily unavailable
[   67s] dpkg: error processing archive /var/cache/apt/archives/gcc-7_7.3.0-16ubuntu3_i386.deb (--unpack):
[   67s]  dpkg-deb --fsys-tarfile subprocess returned error exit status 2
[   67s] dpkg: unrecoverable fatal error, aborting:
[   67s]  fork failed: Resource temporarily unavailable
[   67s] /usr/sbin/debootstrap: 996: /usr/sbin/debootstrap: Cannot fork
[...]
```

happens since all builds happen in the same cgroup which is limited to 4915,
while builds have NPROC rlimits (just over 64000). If it reaches a total of
4915 tasks (processes and threads) calls like `fork()`, `clone()`,
`pthread_create()` will fail.

This is a short term fix proposed by Simon McVittie, while the long term
solution should place each `bs_worker` instance in its own systemd-managed
cgroup. The default task limit of 4915 might then be adequated.
Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

Revert "Merge branch 'T13142-TasksMax' into 'collabora/master'"

See merge request !9