diff --git a/SPECS/ruby/Avoid-another-race-condition-of-open-mode.patch b/SPECS/ruby/Avoid-another-race-condition-of-open-mode.patch new file mode 100644 index 0000000000..f8d52d1a9d --- /dev/null +++ b/SPECS/ruby/Avoid-another-race-condition-of-open-mode.patch @@ -0,0 +1,45 @@ +From 2daad257bee7a500e18ebe553e79487b267fb140 Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada +Date: Mon, 12 Aug 2024 20:18:34 +0900 +Subject: [PATCH] Avoid another race condition of open mode + +Instead, just open in CREATE and APPEND mode. +Also, move the workaround for old Solaris as fallback to retry. +--- + lib/rubygems.rb | 14 +++++--------- + 1 file changed, 5 insertions(+), 9 deletions(-) + +diff --git a/lib/rubygems.rb b/lib/rubygems.rb +index 2b52cde0a749..c51ba69203cb 100644 +--- a/lib/rubygems.rb ++++ b/lib/rubygems.rb +@@ -798,24 +798,20 @@ def self.open_file(path, flags, &block) + File.open(path, flags, &block) + end + ++ MODE_TO_FLOCK = IO::RDONLY | IO::APPEND | IO::CREAT # :nodoc: ++ + ## + # Open a file with given flags, and protect access with flock + + def self.open_file_with_flock(path, &block) +- flags = File.exist?(path) ? "r+" : "a+" +- +- File.open(path, flags) do |io| ++ File.open(path, MODE_TO_FLOCK) do |io| + begin + io.flock(File::LOCK_EX) + rescue Errno::ENOSYS, Errno::ENOTSUP ++ rescue Errno::ENOLCK # NFS ++ raise unless Thread.main == Thread.current + end + yield io +- rescue Errno::ENOLCK # NFS +- if Thread.main != Thread.current +- raise +- else +- open_file(path, flags, &block) +- end + end + end + diff --git a/SPECS/ruby/Remove-the-lock-file-for-binstubs.patch b/SPECS/ruby/Remove-the-lock-file-for-binstubs.patch new file mode 100644 index 0000000000..81b78251c0 --- /dev/null +++ b/SPECS/ruby/Remove-the-lock-file-for-binstubs.patch @@ -0,0 +1,99 @@ +From ace303c2d7bc0d98407e5e8b1ca77de07aa0eb75 Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada +Date: Tue, 13 Aug 2024 17:19:41 +0900 +Subject: [PATCH] Remove the lock file for binstubs + +https://github.com/rubygems/rubygems/pull/7806#issuecomment-2241662488 + +This patch is needed so other rubygems don't install unnecessary lock files per +https://src.fedoraproject.org/rpms/ruby/c/b7e197fb887200e4faaf8fae663a9df00bdc09d3?branch=rawhide + +--- + lib/rubygems.rb | 2 +- + lib/rubygems/installer.rb | 3 ++- + test/rubygems/test_gem_installer.rb | 10 ++++++++++ + 3 files changed, 13 insertions(+), 2 deletions(-) + +diff --git a/lib/rubygems.rb b/lib/rubygems.rb +index bd9f240e2091..7626ccfdf0d6 100644 +--- a/lib/rubygems.rb ++++ b/lib/rubygems.rb +@@ -794,7 +794,7 @@ def self.open_file(path, flags, &block) + File.open(path, flags, &block) + end + +- MODE_TO_FLOCK = IO::RDONLY | IO::APPEND | IO::CREAT # :nodoc: ++ MODE_TO_FLOCK = IO::RDONLY | IO::APPEND | IO::CREAT | IO::SHARE_DELETE | IO::BINARY # :nodoc: + + ## + # Open a file with given flags, and protect access with flock +diff --git a/lib/rubygems/installer.rb b/lib/rubygems/installer.rb +index d558c0be2bfa..8f95bab733f8 100644 +--- a/lib/rubygems/installer.rb ++++ b/lib/rubygems/installer.rb +@@ -538,7 +538,7 @@ def generate_plugins # :nodoc: + def generate_bin_script(filename, bindir) + bin_script_path = File.join bindir, formatted_program_filename(filename) + +- Gem.open_file_with_flock("#{bin_script_path}.lock") do ++ Gem.open_file_with_flock("#{bin_script_path}.lock") do |lock| + require "fileutils" + FileUtils.rm_f bin_script_path # prior install may have been --no-wrappers + +@@ -546,6 +546,7 @@ def generate_bin_script(filename, bindir) + file.write app_script_text(filename) + file.chmod(options[:prog_mode] || 0o755) + end ++ File.unlink(lock.path) + end + + verbose bin_script_path +diff --git a/test/rubygems/test_gem_installer.rb b/test/rubygems/test_gem_installer.rb +index a61d1b6fff28..2f4ff7349db4 100644 +--- a/test/rubygems/test_gem_installer.rb ++++ b/test/rubygems/test_gem_installer.rb +@@ -1083,6 +1083,8 @@ def test_install_creates_working_binstub + end + + assert_match(/ran executable/, e.message) ++ ++ assert_path_not_exist(File.join(installer.bin_dir, "executable.lock")) + end + + def test_conflicting_binstubs +@@ -1131,6 +1133,8 @@ def test_conflicting_binstubs + # We expect the bin stub to activate the version that actually contains + # the binstub. + assert_match("I have an executable", e.message) ++ ++ assert_path_not_exist(File.join(installer.bin_dir, "executable.lock")) + end + + def test_install_creates_binstub_that_understand_version +@@ -1160,6 +1164,8 @@ def test_install_creates_binstub_that_understand_version + end + + assert_includes(e.message, "can't find gem a (= 3.0)") ++ ++ assert_path_not_exist(File.join(installer.bin_dir, "executable.lock")) + end + + def test_install_creates_binstub_that_prefers_user_installed_gem_to_default +@@ -1192,6 +1198,8 @@ def test_install_creates_binstub_that_prefers_user_installed_gem_to_default + end + + assert_equal(e.message, "ran executable") ++ ++ assert_path_not_exist(File.join(installer.bin_dir, "executable.lock")) + end + + def test_install_creates_binstub_that_dont_trust_encoding +@@ -1222,6 +1230,8 @@ def test_install_creates_binstub_that_dont_trust_encoding + end + + assert_match(/ran executable/, e.message) ++ ++ assert_path_not_exist(File.join(installer.bin_dir, "executable.lock")) + end + + def test_install_with_no_prior_files diff --git a/SPECS/ruby/ruby.spec b/SPECS/ruby/ruby.spec index 0bdaa4a557..9e80cb45d1 100644 --- a/SPECS/ruby/ruby.spec +++ b/SPECS/ruby/ruby.spec @@ -102,7 +102,10 @@ Source5: rubygems.prov Source6: rubygems.req Source7: macros.rubygems Patch0: CVE-2024-49761.patch -# Updates default ruby-uri to 0.12.2 and vendored one to 0.10.3. Remove once ruby gets updated to a version that comes with both lib/uri/version.rb and lib/bundler/vendor/uri/lib/uri/version.rb versions >= 0.12.2 or == 0.10.3 +# patches below taken from https://src.fedoraproject.org/rpms/ruby/c/b7e197fb887200e4faaf8fae663a9df00bdc09d3?branch=rawhide +# to remove the lock file for binstubs and avoid race condition +Patch1: Avoid-another-race-condition-of-open-mode.patch +Patch2: Remove-the-lock-file-for-binstubs.patch BuildRequires: openssl-devel # Pkgconfig(yaml-0.1) is needed to build the 'psych' gem. BuildRequires: pkgconfig(yaml-0.1)