GitLab

When a user tries to view a project's meta config, the rails
application actually recreates the XML from the database contents
using the project model.

It does this with the user id set in its context and applies normal
ACL rules.

This means that any data relating to a project the user does not have
at least read access to is missing from the model's internal data
structures, so <path…> elements that refer to unreadable projects
result in a method call on nil and a 500 error in the web UI.

This patch ameliorates that by checking that the relevant object
actually exists in the model before calling an accessor method on it,
and substituting 'HIDDEN' for the project's name if it does not.

This does mean that the user SHOULD NOT try and save said meta config
but that restriction is not enforced here.

Move patch to publish asc files out of the collabora folder

See merge request !12

Backport the autopkgtests added to the Debian OBS package

See merge request !14

Do not depend on deb-src to download the hello source package while
executing the smoke test

Use this Debian 9 DoD project config in the autopkgtest smoke test.

Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

Drop part of the patch which is not related to CVE and causes
obsworker regression, as it cannot fetch worker code from server.
Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

T13997 Upgrading from OBS 2.7.1 to 2.7.4

See merge request !13

The rb_sysopen runs as www-data that needs to access to production.log,
backend_access.log and database.yml.

Revert the group owner to www-data to avoid following errors:

 Rails Error: Unable to access log file. Please ensure that
 /usr/share/obs/api/log/production.log exists and is writable (ie, make
 it writable for user and group: chmod 0664
 /usr/share/obs/api/log/production.log). The log level has been raised
 to WARN and the output directed to STDERR until the problem is fixed.
 rake aborted!
 Errno::EACCES: Cannot load `Rails.application.database_configuration`:
 Permission denied @ rb_sysopen - /usr/share/obs/api/config/database.yml
 /usr/share/obs/api/config/environment.rb:30:in `<top (required)>'
 Errno::EACCES: Permission denied @ rb_sysopen -
 /usr/share/obs/api/config/database.yml
 /usr/share/obs/api/config/environment.rb:30:in `<top (required)>'
 Tasks: TOP => environment
 (See full trace by running task with --trace)
 Errno::EACCES: Permission denied @ rb_sysopen -
 /usr/share/obs/api/log/backend_access.log
 /usr/share/obs/api/lib/opensuse/backend.rb:14:in `new'
 /usr/share/obs/api/lib/opensuse/backend.rb:14:in `<class:Backend>'
 /usr/share/obs/api/lib/opensuse/backend.rb:6:in `<module:Suse>'
 /usr/share/obs/api/lib/opensuse/backend.rb:5:in `<top (required)>'
 /usr/share/obs/api/app/models/project.rb:1:in `<top (required)>'
 /usr/share/obs/api/app/indices/project_index.rb:2:in `block in <top
 (required)>'
 Tasks: TOP => ts:index
 (See full trace by running task with --trace)
Signed-off-by: Andrew Lee (李健秋) <ajqlee@debian.org>

Passenger's default user is nobody:
 https://www.phusionpassenger.com/library/config/nginx/reference/#passenger_default_user

So that we got Passenger and the RubyApp runs as nobody. However,
according to Debian's SystemGroup usage:
  https://wiki.debian.org/SystemGroups

nogroup (user: nobody): Daemons that need not own any files run as user
nobody and group nogroup. Thus, no files on a system should be owned by
this user or group.

So that we should create a new user call 'obapi' and force passenger app
to run as obs-api instead.

And config files should be readable by that obsapi user but usually not
writable.
Signed-off-by: Andrew Lee (李健秋) <ajqlee@debian.org>
Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

It is an upstream-able patch (it was already submitted upstream),
so there is no collabora specifics here.

Publish ddeb files

See merge request !11

Backport upstream udeb support

See merge request !7

This patch is upstream-able, then I moved it out from the collabora
directory and put it near the top of the patch series.

worker: override DefaultTasksMax

See merge request !10

The following error
```
[   67s] Unpacking gcc-7 (7.3.0-16ubuntu3) ...
[   67s] dpkg-deb: unrecoverable fatal error, aborting:
[   67s]  fork failed: Resource temporarily unavailable
[   67s] dpkg: error processing archive /var/cache/apt/archives/gcc-7_7.3.0-16ubuntu3_i386.deb (--unpack):
[   67s]  dpkg-deb --fsys-tarfile subprocess returned error exit status 2
[   67s] dpkg: unrecoverable fatal error, aborting:
[   67s]  fork failed: Resource temporarily unavailable
[   67s] /usr/sbin/debootstrap: 996: /usr/sbin/debootstrap: Cannot fork
[...]
```

happens since all builds happen in the same cgroup which is limited to 4915,
while builds have NPROC rlimits (just over 64000). If it reaches a total of
4915 tasks (processes and threads) calls like `fork()`, `clone()`,
`pthread_create()` will fail.

This is a short term fix proposed by Simon McVittie, while the long term
solution should place each `bs_worker` instance in its own systemd-managed
cgroup. The default task limit of 4915 might then be adequated.
Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

Signed-off-by: Héctor Orón Martínez <hector.oron@collabora.com>

Revert "Merge branch 'T13142-TasksMax' into 'collabora/master'"

See merge request !9

This reverts merge request !8

Added obsworker.service.d/tasks.conf to override DefaultTasksMax.

See merge request !8

Publish Ubuntu ddeb files to the repos

See merge request !6

Signed-off-by: Andrew Lee (李健秋) <ajqlee@debian.org>

Publish Debian upstream tarball signatures to the repos

See merge request !5

Merge debian master

See merge request !4

Signed-off-by: Andrew Lee (李健秋) <ajqlee@debian.org>

Ship our patches in a collabora subdir so it's more obvoius which ones
are collabora obs packaging and not in debian yet.
Signed-off-by: Andrew Lee (李健秋) <andrew.lee@collabora.co.uk>

Signed-off-by: Andrew Lee (李健秋) <andrew.lee@collabora.co.uk>

Sync debian master

See merge request !3

Handle links properly when doing backend build operations

See merge request ruby-team/open-build-service!6

# Conflicts:
#   debian/patches/series

fix-kiwitree-symlink.patch: cherry-pick bad code fix from upstream.

See merge request ruby-team/open-build-service!5