- 05 Nov, 2019 1 commit
-
-
Vivek Das Mohapatra authored
When a user tries to view a project's meta config, the rails application actually recreates the XML from the database contents using the project model. It does this with the user id set in its context and applies normal ACL rules. This means that any data relating to a project the user does not have at least read access to is missing from the model's internal data structures, so <path…> elements that refer to unreadable projects result in a method call on nil and a 500 error in the web UI. This patch ameliorates that by checking that the relevant object actually exists in the model before calling an accessor method on it, and substituting 'HIDDEN' for the project's name if it does not. This does mean that the user SHOULD NOT try and save said meta config but that restriction is not enforced here.
-
- 03 Apr, 2019 2 commits
-
-
Héctor Orón Martínez authored
Move patch to publish asc files out of the collabora folder See merge request !12
-
Héctor Orón Martínez authored
Backport the autopkgtests added to the Debian OBS package See merge request !14
-
- 02 Apr, 2019 1 commit
-
-
Lucas Kanashiro authored
-
- 01 Apr, 2019 6 commits
-
-
Lucas Kanashiro authored
-
Lucas Kanashiro authored
-
Lucas Kanashiro authored
-
Lucas Kanashiro authored
Do not depend on deb-src to download the hello source package while executing the smoke test
-
Lucas Kanashiro authored
Use this Debian 9 DoD project config in the autopkgtest smoke test.
-
Lucas Kanashiro authored
-
- 27 Mar, 2019 3 commits
-
-
Héctor Orón Martínez authored
Signed-off-by:
Héctor Orón Martínez <hector.oron@collabora.com>
-
Héctor Orón Martínez authored
Drop part of the patch which is not related to CVE and causes obsworker regression, as it cannot fetch worker code from server. Signed-off-by:
Héctor Orón Martínez <hector.oron@collabora.com>
-
Andrew Lee authored
T13997 Upgrading from OBS 2.7.1 to 2.7.4 See merge request !13
-
- 26 Mar, 2019 2 commits
-
-
Andrew Lee (李健秋) authored
The rb_sysopen runs as www-data that needs to access to production.log, backend_access.log and database.yml. Revert the group owner to www-data to avoid following errors: Rails Error: Unable to access log file. Please ensure that /usr/share/obs/api/log/production.log exists and is writable (ie, make it writable for user and group: chmod 0664 /usr/share/obs/api/log/production.log). The log level has been raised to WARN and the output directed to STDERR until the problem is fixed. rake aborted! Errno::EACCES: Cannot load `Rails.application.database_configuration`: Permission denied @ rb_sysopen - /usr/share/obs/api/config/database.yml /usr/share/obs/api/config/environment.rb:30:in `<top (required)>' Errno::EACCES: Permission denied @ rb_sysopen - /usr/share/obs/api/config/database.yml /usr/share/obs/api/config/environment.rb:30:in `<top (required)>' Tasks: TOP => environment (See full trace by running task with --trace) Errno::EACCES: Permission denied @ rb_sysopen - /usr/share/obs/api/log/backend_access.log /usr/share/obs/api/lib/opensuse/backend.rb:14:in `new' /usr/share/obs/api/lib/opensuse/backend.rb:14:in `<class:Backend>' /usr/share/obs/api/lib/opensuse/backend.rb:6:in `<module:Suse>' /usr/share/obs/api/lib/opensuse/backend.rb:5:in `<top (required)>' /usr/share/obs/api/app/models/project.rb:1:in `<top (required)>' /usr/share/obs/api/app/indices/project_index.rb:2:in `block in <top (required)>' Tasks: TOP => ts:index (See full trace by running task with --trace) Signed-off-by:
Andrew Lee (李健秋) <ajqlee@debian.org>
-
Andrew Lee (李健秋) authored
Passenger's default user is nobody: https://www.phusionpassenger.com/library/config/nginx/reference/#passenger_default_user So that we got Passenger and the RubyApp runs as nobody. However, according to Debian's SystemGroup usage: https://wiki.debian.org/SystemGroups nogroup (user: nobody): Daemons that need not own any files run as user nobody and group nogroup. Thus, no files on a system should be owned by this user or group. So that we should create a new user call 'obapi' and force passenger app to run as obs-api instead. And config files should be readable by that obsapi user but usually not writable. Signed-off-by:
Andrew Lee (李健秋) <ajqlee@debian.org> Signed-off-by:
Héctor Orón Martínez <hector.oron@collabora.com>
-
- 25 Mar, 2019 3 commits
-
-
Lucas Kanashiro authored
It is an upstream-able patch (it was already submitted upstream), so there is no collabora specifics here.
-
Héctor Orón Martínez authored
Publish ddeb files See merge request !11
-
Héctor Orón Martínez authored
Backport upstream udeb support See merge request !7
-
- 22 Mar, 2019 11 commits
-
-
Lucas Kanashiro authored
This patch is upstream-able, then I moved it out from the collabora directory and put it near the top of the patch series.
-
Lucas Kanashiro authored
-
Lucas Kanashiro authored
-
Héctor Orón Martínez authored
worker: override DefaultTasksMax See merge request !10
-
Héctor Orón Martínez authored
The following error ``` [ 67s] Unpacking gcc-7 (7.3.0-16ubuntu3) ... [ 67s] dpkg-deb: unrecoverable fatal error, aborting: [ 67s] fork failed: Resource temporarily unavailable [ 67s] dpkg: error processing archive /var/cache/apt/archives/gcc-7_7.3.0-16ubuntu3_i386.deb (--unpack): [ 67s] dpkg-deb --fsys-tarfile subprocess returned error exit status 2 [ 67s] dpkg: unrecoverable fatal error, aborting: [ 67s] fork failed: Resource temporarily unavailable [ 67s] /usr/sbin/debootstrap: 996: /usr/sbin/debootstrap: Cannot fork [...] ``` happens since all builds happen in the same cgroup which is limited to 4915, while builds have NPROC rlimits (just over 64000). If it reaches a total of 4915 tasks (processes and threads) calls like `fork()`, `clone()`, `pthread_create()` will fail. This is a short term fix proposed by Simon McVittie, while the long term solution should place each `bs_worker` instance in its own systemd-managed cgroup. The default task limit of 4915 might then be adequated. Signed-off-by:
Héctor Orón Martínez <hector.oron@collabora.com>
-
Héctor Orón Martínez authored
Signed-off-by:
Héctor Orón Martínez <hector.oron@collabora.com>
-
Héctor Orón Martínez authored
Revert "Merge branch 'T13142-TasksMax' into 'collabora/master'" See merge request !9
-
Héctor Orón Martínez authored
This reverts merge request !8
-
Héctor Orón Martínez authored
Added obsworker.service.d/tasks.conf to override DefaultTasksMax. See merge request !8
-
Héctor Orón Martínez authored
Publish Ubuntu ddeb files to the repos See merge request !6
-
Andrew Lee (李健秋) authored
Signed-off-by:
Andrew Lee (李健秋) <ajqlee@debian.org>
-
- 21 Mar, 2019 1 commit
-
-
Lucas Kanashiro authored
-
- 20 Mar, 2019 2 commits
-
-
Héctor Orón Martínez authored
Publish Debian upstream tarball signatures to the repos See merge request !5
-
Lucas Kanashiro authored
-
- 19 Sep, 2018 4 commits
-
-
Héctor Orón Martínez authored
Merge debian master See merge request !4
-
Andrew Lee (李健秋) authored
Signed-off-by:
Andrew Lee (李健秋) <ajqlee@debian.org>
-
Andrew Lee (李健秋) authored
Ship our patches in a collabora subdir so it's more obvoius which ones are collabora obs packaging and not in debian yet. Signed-off-by:
Andrew Lee (李健秋) <andrew.lee@collabora.co.uk>
-
Andrew Lee (李健秋) authored
Signed-off-by:
Andrew Lee (李健秋) <andrew.lee@collabora.co.uk>
-
- 14 Sep, 2018 1 commit
-
-
Héctor Orón Martínez authored
Sync debian master See merge request !3
-
- 12 Sep, 2018 3 commits
-
-
Héctor Orón Martínez authored
Handle links properly when doing backend build operations See merge request ruby-team/open-build-service!6
-
Héctor Orón Martínez authored
# Conflicts: # debian/patches/series
-
Héctor Orón Martínez authored
fix-kiwitree-symlink.patch: cherry-pick bad code fix from upstream. See merge request ruby-team/open-build-service!5
-