v.ims.1 - Bump version

nhrp: configure strongswan vici path
Improving the %post scriptlet in frr-selinux
2025-08-03 20:22:37 +02:00 · 2025-08-03 20:22:37 +02:00 · 2025-07-29 11:44:30 +02:00 · 2025-07-28 14:07:39 +02:00 · 2025-07-23 20:50:05 +00:00 · 2025-06-03 11:20:55 +02:00
6 changed files with 62 additions and 56 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -22,3 +22,6 @@
 /frr-10.0.1.tar.gz
 /frr-10.1.tar.gz
 /frr-10.2.tar.gz
 /frr-10.2.1.tar.gz
 /frr-10.3.tar.gz
 /frr-10.4.0.tar.gz
--- a/0002-enable-openssl.patch
+++ b/0002-enable-openssl.patch
@@ -24,8 +24,8 @@ index 0b7af18..0533e24 100644
 	lib/log_vty.h \
 -	lib/md5.h \
 	lib/memory.h \
 	lib/mgmt.pb-c.h \
 	lib/mgmt_be_client.h \
 	lib/mgmt_defines.h \
@@ -191,7 +190,6 @@ pkginclude_HEADERS += \
 	lib/route_opaque.h \
 	lib/sbuf.h \
--- a/0006-autorp-segfault.patch
+++ b/0006-autorp-segfault.patch
@@ -1,41 +0,0 @@
 From 37b88191fb4736ff0a1e565fc22003d0ab853ea2 Mon Sep 17 00:00:00 2001
 From: Donald Sharp <sharpd@nvidia.com>
 Date: Wed, 4 Dec 2024 10:47:33 -0500
 Subject: [PATCH] pimd: Prevent crash of pim when auto-rp's socket is not
 initialized
 If the socket associated with the auto-rp fails to initialize then
 the memory for the auto-rp is just dropped on the floor.  Additionally
 any type of attempt at using the feature will just cause pimd to crash,
 when the pointer is derefed.  Since it is derefed all over the place
 without checking.
 Clearly if you cannot bind/use the socket let's allow continuation.
 Fixes: #17540
 Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 ---
 pimd/pim_autorp.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
 diff --git a/pimd/pim_autorp.c b/pimd/pim_autorp.c
 index 3fb10f4..91ed005 100644
 --- a/pimd/pim_autorp.c
 +++ b/pimd/pim_autorp.c
@@ -1014,12 +1014,14 @@ void pim_autorp_init(struct pim_instance *pim)
 	autorp->announce_interval = DEFAULT_ANNOUNCE_INTERVAL;
 	autorp->announce_holdtime = DEFAULT_ANNOUNCE_HOLDTIME;
 +	pim->autorp = autorp;
 +
 	if (!pim_autorp_socket_enable(autorp)) {
 -		zlog_err("%s: AutoRP failed to initialize", __func__);
 +		zlog_err("%s: AutoRP failed to initialize, feature will not work correctly",
 +				__func__);
 		return;
 	}
 -	pim->autorp = autorp;
 	if (PIM_DEBUG_AUTORP)
 		zlog_debug("%s: AutoRP Initialized", __func__);
--- a/frr.spec
+++ b/frr.spec
@@ -10,7 +10,7 @@
 %bcond selinux 1
 Name:           frr
-Version:        10.2
+Version:        10.4.0
 Release:        2%{?dist}
 Summary:        Routing daemon
 License:        GPL-2.0-or-later AND ISC AND LGPL-2.0-or-later AND BSD-2-Clause AND BSD-3-Clause AND (GPL-2.0-or-later  OR ISC) AND MIT
@@ -28,7 +28,11 @@ Patch0002:      0002-enable-openssl.patch
 Patch0003:      0003-disable-eigrp-crypto.patch
 Patch0004:      0004-fips-mode.patch
 Patch0005:      0005-remove-grpc-test.patch
-Patch0006:      0006-autorp-segfault.patch
+
 # https://fedoraproject.org/wiki/Changes/EncourageI686LeafRemoval
 %if %{undefined fc40} && %{undefined fc41}
 ExcludeArch:       %{ix86}
 %endif
 BuildRequires:  autoconf
 BuildRequires:  automake
@@ -46,13 +50,15 @@ BuildRequires:  grpc-plugins
 BuildRequires:  json-c-devel
 BuildRequires:  libcap-devel
 BuildRequires:  libtool
-BuildRequires:  libyang-devel >= 2.0.0
+BuildRequires:  libxcrypt-devel
 BuildRequires:  libyang-devel >= 2.1.128
 BuildRequires:  make
 BuildRequires:  ncurses
 BuildRequires:  ncurses-devel
 BuildRequires:  net-snmp-devel
 BuildRequires:  pam-devel
 BuildRequires:  patch
 BuildRequires:  pcre2-devel
 BuildRequires:  perl-XML-LibXML
 BuildRequires:  perl-generators
 BuildRequires:  python3-devel
@@ -67,7 +73,6 @@ BuildRequires:  protobuf-c-devel
 Requires:       ncurses
 Requires:       net-snmp
 Requires(post): hostname
 %{?sysusers_requires_compat}
 Requires(post): systemd
 Requires(postun): systemd
 Requires(preun): systemd
@@ -112,11 +117,14 @@ cp -p %{SOURCE3} %{SOURCE4} %{SOURCE5} selinux
 sed -r -i 's/(AX_CXX_COMPILE_STDCXX\(\[)11(\])/\117\2/' configure.ac
 %build
 #hopefully just temporary due to rhbz#2327314
 export LDFLAGS="%{build_ldflags} -Wl,-z,noseparate-code"
 export CFLAGS="%{optflags} -DINET_NTOP_NO_OVERRIDE"
 autoreconf -ivf
 %configure \
    --sbindir=%{frr_libdir} \
-    --sysconfdir=%{_sysconfdir}/frr \
+    --sysconfdir=%{_sysconfdir} \
    --libdir=%{_libdir}/frr \
    --libexecdir=%{_libexecdir}/frr \
    --localstatedir=/var \
@@ -129,8 +137,6 @@ autoreconf -ivf
    --enable-group=frr \
    --enable-vty-group=frrvty \
    --enable-rtadv \
    --disable-exampledir \
    --enable-systemd=yes \
    --enable-static=no \
    --disable-ldpd \
    --disable-babeld \
@@ -139,6 +145,7 @@ autoreconf -ivf
    --with-crypto=openssl \
    --with-vici-socket=/run/strongswan/charon.vici \
    --enable-fpm \
    --enable-pcre2posix \
    %{?with_grpc:--enable-grpc}
 %make_build MAKEINFO="makeinfo --no-split" PYTHON=%{__python3}
@@ -154,8 +161,8 @@ bzip2 -9 selinux/%{name}.pp
 %install
 mkdir -p %{buildroot}%{_sysconfdir}/{frr,rc.d/init.d,sysconfig,logrotate.d,pam.d,default} \
-         %{buildroot}%{_localstatedir}/log/frr %{buildroot}%{_infodir} \
+         %{buildroot}%{_localstatedir}/log/frr %{buildroot}%{_localstatedir}/lib/frr \
-         %{buildroot}%{_unitdir}
+         %{buildroot}%{_infodir} %{buildroot}%{_unitdir}
 mkdir -p -m 0755 %{buildroot}%{_libdir}/frr
 mkdir -p %{buildroot}%{_tmpfilesdir}
@@ -191,8 +198,6 @@ find %{buildroot} -type f -name "*.la" -delete -print
 rm %{buildroot}%{_libdir}/frr/*.so
 rm -r %{buildroot}%{_includedir}/frr/
 %pre
 %sysusers_create_compat %{SOURCE2}
 %post
 %systemd_post frr.service
@@ -227,8 +232,8 @@ fi
 %selinux_relabel_post -s %{selinuxtype}
 #/var/tmp and /var/run need to be relabeled as well if FRR is running before upgrade
 if [ $1 == 2 ]; then
-    %{_sbindir}/restorecon -R /var/tmp/frr &> /dev/null
+    %{_sbindir}/restorecon -R /var/tmp/frr &> /dev/null || :
-    %{_sbindir}/restorecon -R /var/run/frr &> /dev/null
+    %{_sbindir}/restorecon -R /var/run/frr &> /dev/null || :
 fi
 %postun selinux
@@ -248,6 +253,7 @@ rm tests/lib/*grpc*
 %license COPYING
 %doc doc/mpls
 %dir %attr(750,frr,frr) %{_sysconfdir}/frr
 %dir %attr(755,frr,frr) %{_localstatedir}/lib/frr
 %dir %attr(755,frr,frr) %{_localstatedir}/log/frr
 %dir %attr(755,frr,frr) /run/frr
 %{_infodir}/*info*
@@ -280,6 +286,43 @@ rm tests/lib/*grpc*
 %endif
 %changelog
 * Tue Jul 29 2025 Michal Ruprich <mruprich@redhat.com> - 10.4.0-2
 - Improving the %post scriptlet in frr-selinux
 * Mon Jul 28 2025 Michal Ruprich <mruprich@redhat.com> - 10.4.0-1
 - New version 10.4.0
 * Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 10.3-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
 * Mon Jun 02 2025 Michal Ruprich <mruprich@redhat.com> - 10.3
 - New version 10.3
 * Tue Feb 25 2025 Benjamin A. Beasley <code@musicinmybrain.net> - 10.2.1-5
 - Rebuilt for abseil-cpp-20250127.0
 * Thu Feb 13 2025 Alexey Kurov <nucleo@fedoraproject.org> - 10.2.1-4
 - Removed unrecognized options enable-systemd and disable-exampledir
 - Fixed sysconfdir option warning
 - Added option for support of PCRE2
 - Own local state file dir
 - Minimum libyang version 2.1.128
 * Tue Feb 11 2025 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 10.2.1-3
 - Drop call to %sysusers_create_compat
 * Sat Feb 01 2025 Björn Esser <besser82@fedoraproject.org> - 10.2.1-2
 - Add explicit BR: libxcrypt-devel
 * Thu Jan 30 2025 Michal Ruprich <mruprich@redhat.com> - 10.2.1-1
 - New version 10.2.1
 * Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 10.2-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
 * Sat Jan 04 2025 Benjamin A. Beasley <code@musicinmybrain.net> - 10.2-3
 - Drop i686 support (leaf package)
 * Thu Dec 05 2024 Michal Ruprich <mruprich@redhat.com> - 10.2-2
 - Resolves: rhbz#2329643 - upgrading frr to 10.2 causes pimd crashes
--- a/frr.te
+++ b/frr.te
@@ -98,6 +98,7 @@ corenet_tcp_bind_cmadmin_port(frr_t)
 corenet_udp_bind_cmadmin_port(frr_t)
 corenet_tcp_bind_firepower_port(frr_t)
 corenet_tcp_bind_generic_port(frr_t)
 corenet_udp_bind_generic_port(frr_t)
 corenet_tcp_bind_priority_e_com_port(frr_t)
 corenet_udp_bind_router_port(frr_t)
 corenet_tcp_bind_qpasa_agent_port(frr_t)
--- a/2
+++ b/2
@@ -1,2 +1,2 @@
 SHA512 (frr-10.2.tar.gz) = 40a0e1f1a7f2cc137aac6e838b2f865b93fdc1cd6bd0f6c5b15b4507cbff87cb60092682e45aca68633cb053fb2ce663386edb78e5d3c5f890f4666e871ab8c5
 SHA512 (remove-babeld-ldpd.sh) = a5bf67a3722cb20d43cef1dac28f839db68df73a1b7d34d8438e4f9366da3b67d85c1f44281f93434e8dd8ebcb2d3dc258b77eaa5627475b7395d207f020839d
 SHA512 (frr-10.4.0.tar.gz) = 705cde41c6ce882fda5044133cf053047a6f9f9c4e7c511d965f62669ccf6776409b2dcda98d23dd297d5679b4475c3efeb50be042f059210d2ec453a7cce7bc
Author	SHA1	Message	Date
Zoran Peričić	5e496b07b9	v.ims.1 - Bump version	2025-08-03 20:22:37 +02:00
Zoran Peričić	89009a56fa	nhrp: configure strongswan vici path	2025-08-03 20:22:37 +02:00
Michal Ruprich	825d1088db	Improving the %post scriptlet in frr-selinux	2025-07-29 11:44:30 +02:00
Michal Ruprich	e8b6134e76	New version 10.4.0	2025-07-28 14:07:39 +02:00
Fedora Release Engineering	2fed00033d	Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild	2025-07-23 20:50:05 +00:00
Michal Ruprich	9690049b20	Adding name_bind for BFD UDP port	2025-06-03 11:20:55 +02:00
Michal Ruprich	a0bf431987	New version 10.3	2025-06-02 22:15:34 +02:00
Benjamin A. Beasley	395d9c9277	Rebuilt for abseil-cpp-20250127.0	2025-02-25 16:05:27 -05:00
nucleo	d07161d0b3	Fixed configure options and directory ownership	2025-02-13 02:16:47 +02:00
Zbigniew Jędrzejewski-Szmek	8685391e39	Drop call to %sysusers_create_compat After https://fedoraproject.org/wiki/Changes/RPMSuportForSystemdSysusers, rpm will handle account creation automatically.	2025-02-11 17:03:17 +01:00
Björn Esser	e6b9b78718	Add explicit BR: libxcrypt-devel Signed-off-by: Björn Esser <besser82@fedoraproject.org>	2025-02-01 19:54:11 +01:00
Michal Ruprich	a6947d365d	New version 10.2.1	2025-01-31 09:00:29 +01:00
Fedora Release Engineering	fd2546a2e0	Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild	2025-01-16 18:54:24 +00:00
Benjamin A. Beasley	d6654e0df9	Drop i686 support (leaf package)	2025-01-04 10:25:59 -05:00
Michal Ruprich	a07c716d0b	Resolves: rhbz#2329643 - upgrading frr to 10.2 causes pimd crashes	2024-12-05 18:07:21 +01:00
Michal Ruprich	5afc216343	New version 10.2	2024-11-22 10:37:48 +01:00
Michal Ruprich	200b4b5d79	Resolves: #2311119 - Multiple AVCs for accessing lib_t in FRR-10.1 Resolves: #2311120 - AVCs for using a netlink socket in FRR	2024-09-10 14:40:58 +02:00
Benjamin A. Beasley	c9eb844b76	Rebuilt for abseil-cpp-20240722.0	2024-08-25 17:53:51 -04:00
Michal Ruprich	c34de6afce	libre soname bump	2024-08-15 09:04:28 +02:00