From 555b79df5f53813386496b6d99259832d019d399 Mon Sep 17 00:00:00 2001 From: "meiyou.hr" Date: Thu, 5 Jan 2023 20:53:45 +0800 Subject: [PATCH 1/2] Add check on device mounted as readonly filesystem --- 0035-Add-Inhibitwhenreadonly-actor.patch | 94 ++++++++++++++++++++++++ leapp-repository.spec | 6 +- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 0035-Add-Inhibitwhenreadonly-actor.patch diff --git a/0035-Add-Inhibitwhenreadonly-actor.patch b/0035-Add-Inhibitwhenreadonly-actor.patch new file mode 100644 index 0000000..03c0d04 --- /dev/null +++ b/0035-Add-Inhibitwhenreadonly-actor.patch @@ -0,0 +1,94 @@ +From 7ebc3b65188224fed799ac145042ec5257bea468 Mon Sep 17 00:00:00 2001 +From: "meiyou.hr" +Date: Thu, 5 Jan 2023 20:26:28 +0800 +Subject: [PATCH] Add Inhibitwhenreadonly actor + +--- + .../el7toel8/actors/inhibitwhenreadonly/actor.py | 30 +++++++++++++++++++ + .../tests/test_inhibitwhenreadonly.py | 35 ++++++++++++++++++++++ + 2 files changed, 65 insertions(+) + create mode 100644 repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py + create mode 100644 repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py + +diff --git a/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py +new file mode 100644 +index 0000000..24acd2a +--- /dev/null ++++ b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py +@@ -0,0 +1,30 @@ ++from leapp.actors import Actor ++from leapp.models import StorageInfo ++from leapp.reporting import Report, create_report ++from leapp import reporting ++from leapp.tags import ChecksPhaseTag, IPUWorkflowTag ++ ++class Inhibitwhenreadonly(Actor): ++ """ ++ Check if any device mounted as readonly filesystem is in use. If yes, inhibit the upgrade process. ++ ++ Upgrading system with readonly filesystem is not supported. ++ """ ++ ++ name = 'inhibitwhenreadonly' ++ consumes = (StorageInfo,) ++ produces = (Report,) ++ tags = (ChecksPhaseTag, IPUWorkflowTag) ++ ++ def process(self): ++ for storage_info in self.consume(StorageInfo): ++ for mnt in storage_info.mount: ++ if "/dev" in mnt.name and mnt.options.startswith(('(ro','ro')): ++ create_report([ ++ reporting.Title('Device mounted as readonly filesystem detected'), ++ reporting.Summary('Upgrading system with readonly filesystem is not supported, {} has been mounted on {} as readonly'.format(mnt.name, mnt.mount)), ++ reporting.Severity(reporting.Severity.HIGH), ++ reporting.Tags([reporting.Tags.FILESYSTEM]), ++ reporting.Flags([reporting.Flags.INHIBITOR]), ++ ]) ++ break +\ No newline at end of file +diff --git a/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py +new file mode 100644 +index 0000000..17cdba8 +--- /dev/null ++++ b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py +@@ -0,0 +1,35 @@ ++from leapp.snactor.fixture import current_actor_context ++from leapp.models import StorageInfo, MountEntry ++from leapp.reporting import Report ++ ++ ++def test_actor_with_readonly(current_actor_context): ++ with_readonly = [MountEntry(name='/dev/loop0', mount='/mnt', tp='efi', ++ options='ro,nosuid,nodev,noexec,mode=755' ++ )] ++ ++ current_actor_context.feed(StorageInfo(mount=with_readonly)) ++ current_actor_context.run() ++ assert current_actor_context.consume(Report) ++ report_fields = current_actor_context.consume(Report)[0].report ++ assert 'inhibitor' in report_fields['flags'] ++ ++ ++def test_actor_without_readonly(current_actor_context): ++ without_readonly = [MountEntry(name='/dev/vda1', mount='/', tp='ext4', ++ options='rw,relatime,data=ordered' ++ )] ++ ++ current_actor_context.feed(StorageInfo(mount=without_readonly)) ++ current_actor_context.run() ++ assert not current_actor_context.consume(Report) ++ ++ ++def test_actor_without_dev(current_actor_context): ++ without_dev = [MountEntry(name='tmpfs', mount='/sys/fs/cgroup', tp='tmpfs', ++ options='ro,nosuid,nodev,noexec,mode=755' ++ )] ++ ++ current_actor_context.feed(StorageInfo(mount=without_dev)) ++ current_actor_context.run() ++ assert not current_actor_context.consume(Report) +\ No newline at end of file +-- +1.8.3.1 + diff --git a/leapp-repository.spec b/leapp-repository.spec index 7b74666..0d0b502 100644 --- a/leapp-repository.spec +++ b/leapp-repository.spec @@ -11,7 +11,7 @@ }\ py2_byte_compile "%1" "%2"} -%define anolis_release 11 +%define anolis_release 12 Name: leapp-repository Version: 0.13.0 @@ -60,6 +60,7 @@ Patch31: 0031-Deal-with-EPEL-repositories-create-by-user-mannally.patch Patch32: 0032-Keep-PermitRootLogin-authentication-behavior-after-m.patch Patch33: 0033-Read-the-driver-list-supported-by-ANCK.patch Patch34: 0034-migrear-grub2-entry-recovery.patch +Patch35: 0035-Add-Inhibitwhenreadonly-actor.patch BuildArch: noarch BuildRequires: python-devel @@ -182,6 +183,9 @@ done; # no files here %changelog +* Thu Jau 5 2023 meiyou.hr - 0.13.0-2.12 +- Add check on device mounted as readonly filesystem. + * Mon Dec 12 2022 Weisson - 0.13.0-2.11 - Migrear grub2 entry recovery is supported. -- Gitee From fc195872c16baf1fab8a7957462555c6d4f645be Mon Sep 17 00:00:00 2001 From: "meiyou.hr" Date: Thu, 5 Jan 2023 20:53:45 +0800 Subject: [PATCH 2/2] correct Jan spelling mistakes --- 0035-Add-Inhibitwhenreadonly-actor.patch | 94 ++++++++++++++++++++++++ leapp-repository.spec | 6 +- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 0035-Add-Inhibitwhenreadonly-actor.patch diff --git a/0035-Add-Inhibitwhenreadonly-actor.patch b/0035-Add-Inhibitwhenreadonly-actor.patch new file mode 100644 index 0000000..03c0d04 --- /dev/null +++ b/0035-Add-Inhibitwhenreadonly-actor.patch @@ -0,0 +1,94 @@ +From 7ebc3b65188224fed799ac145042ec5257bea468 Mon Sep 17 00:00:00 2001 +From: "meiyou.hr" +Date: Thu, 5 Jan 2023 20:26:28 +0800 +Subject: [PATCH] Add Inhibitwhenreadonly actor + +--- + .../el7toel8/actors/inhibitwhenreadonly/actor.py | 30 +++++++++++++++++++ + .../tests/test_inhibitwhenreadonly.py | 35 ++++++++++++++++++++++ + 2 files changed, 65 insertions(+) + create mode 100644 repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py + create mode 100644 repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py + +diff --git a/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py +new file mode 100644 +index 0000000..24acd2a +--- /dev/null ++++ b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/actor.py +@@ -0,0 +1,30 @@ ++from leapp.actors import Actor ++from leapp.models import StorageInfo ++from leapp.reporting import Report, create_report ++from leapp import reporting ++from leapp.tags import ChecksPhaseTag, IPUWorkflowTag ++ ++class Inhibitwhenreadonly(Actor): ++ """ ++ Check if any device mounted as readonly filesystem is in use. If yes, inhibit the upgrade process. ++ ++ Upgrading system with readonly filesystem is not supported. ++ """ ++ ++ name = 'inhibitwhenreadonly' ++ consumes = (StorageInfo,) ++ produces = (Report,) ++ tags = (ChecksPhaseTag, IPUWorkflowTag) ++ ++ def process(self): ++ for storage_info in self.consume(StorageInfo): ++ for mnt in storage_info.mount: ++ if "/dev" in mnt.name and mnt.options.startswith(('(ro','ro')): ++ create_report([ ++ reporting.Title('Device mounted as readonly filesystem detected'), ++ reporting.Summary('Upgrading system with readonly filesystem is not supported, {} has been mounted on {} as readonly'.format(mnt.name, mnt.mount)), ++ reporting.Severity(reporting.Severity.HIGH), ++ reporting.Tags([reporting.Tags.FILESYSTEM]), ++ reporting.Flags([reporting.Flags.INHIBITOR]), ++ ]) ++ break +\ No newline at end of file +diff --git a/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py +new file mode 100644 +index 0000000..17cdba8 +--- /dev/null ++++ b/repos/system_upgrade/el7toel8/actors/inhibitwhenreadonly/tests/test_inhibitwhenreadonly.py +@@ -0,0 +1,35 @@ ++from leapp.snactor.fixture import current_actor_context ++from leapp.models import StorageInfo, MountEntry ++from leapp.reporting import Report ++ ++ ++def test_actor_with_readonly(current_actor_context): ++ with_readonly = [MountEntry(name='/dev/loop0', mount='/mnt', tp='efi', ++ options='ro,nosuid,nodev,noexec,mode=755' ++ )] ++ ++ current_actor_context.feed(StorageInfo(mount=with_readonly)) ++ current_actor_context.run() ++ assert current_actor_context.consume(Report) ++ report_fields = current_actor_context.consume(Report)[0].report ++ assert 'inhibitor' in report_fields['flags'] ++ ++ ++def test_actor_without_readonly(current_actor_context): ++ without_readonly = [MountEntry(name='/dev/vda1', mount='/', tp='ext4', ++ options='rw,relatime,data=ordered' ++ )] ++ ++ current_actor_context.feed(StorageInfo(mount=without_readonly)) ++ current_actor_context.run() ++ assert not current_actor_context.consume(Report) ++ ++ ++def test_actor_without_dev(current_actor_context): ++ without_dev = [MountEntry(name='tmpfs', mount='/sys/fs/cgroup', tp='tmpfs', ++ options='ro,nosuid,nodev,noexec,mode=755' ++ )] ++ ++ current_actor_context.feed(StorageInfo(mount=without_dev)) ++ current_actor_context.run() ++ assert not current_actor_context.consume(Report) +\ No newline at end of file +-- +1.8.3.1 + diff --git a/leapp-repository.spec b/leapp-repository.spec index 7b74666..a96887e 100644 --- a/leapp-repository.spec +++ b/leapp-repository.spec @@ -11,7 +11,7 @@ }\ py2_byte_compile "%1" "%2"} -%define anolis_release 11 +%define anolis_release 12 Name: leapp-repository Version: 0.13.0 @@ -60,6 +60,7 @@ Patch31: 0031-Deal-with-EPEL-repositories-create-by-user-mannally.patch Patch32: 0032-Keep-PermitRootLogin-authentication-behavior-after-m.patch Patch33: 0033-Read-the-driver-list-supported-by-ANCK.patch Patch34: 0034-migrear-grub2-entry-recovery.patch +Patch35: 0035-Add-Inhibitwhenreadonly-actor.patch BuildArch: noarch BuildRequires: python-devel @@ -182,6 +183,9 @@ done; # no files here %changelog +* Thu Jan 5 2023 meiyou.hr - 0.13.0-2.12 +- Add check on device mounted as readonly filesystem. + * Mon Dec 12 2022 Weisson - 0.13.0-2.11 - Migrear grub2 entry recovery is supported. -- Gitee