diff --git a/client-android b/client-android index 3cd47552abe15136aea8b2ed54b16b4f9b1f3fb1..9a738735a863d1f747fe4f7d677ad2662802f9bf 160000 --- a/client-android +++ b/client-android @@ -1 +1 @@ -Subproject commit 3cd47552abe15136aea8b2ed54b16b4f9b1f3fb1 +Subproject commit 9a738735a863d1f747fe4f7d677ad2662802f9bf diff --git a/client-gnome b/client-gnome index 3924b39c7e2c1d36f7428e0e243fb3fd8e46717d..83b35589fc1912342e17ed6ed366fcb214e77d44 160000 --- a/client-gnome +++ b/client-gnome @@ -1 +1 @@ -Subproject commit 3924b39c7e2c1d36f7428e0e243fb3fd8e46717d +Subproject commit 83b35589fc1912342e17ed6ed366fcb214e77d44 diff --git a/daemon b/daemon index 6cfe94325b195c500885c585b268bc215c5d0346..ad8909f0cbf1c18dd1cd12d79857ecd70287aa1d 160000 --- a/daemon +++ b/daemon @@ -1 +1 @@ -Subproject commit 6cfe94325b195c500885c585b268bc215c5d0346 +Subproject commit ad8909f0cbf1c18dd1cd12d79857ecd70287aa1d diff --git a/packaging/rules/fedora/jami-all.postinst b/packaging/rules/fedora/jami-all.postinst index 4e59d7890162653f39b065369232cb93af53923c..af1d4c3af125a7024347b1f578d99495b034069c 100755 --- a/packaging/rules/fedora/jami-all.postinst +++ b/packaging/rules/fedora/jami-all.postinst @@ -14,11 +14,6 @@ # [1] Configuration # ############################################################################### -# All package repo urls are expected to start with this string, regardless -# of the distribution or version. The end tag is automatically appended, -# depending on the system the postinst script is run on. -# -# To update the appended end tags, modify the switch in [2]. JAMI_REPO_BASE="https://dl.jami.net/nightly" # Jami release key. @@ -68,66 +63,60 @@ HUFCGSHO3/kzxSlkE1PBUX3IZ8PSFijyopBnWUhlSXuyRjte8OR7Fl/Rlf0IaOD1 # postrm paths should be modified as well YUM_FILE="/etc/yum.repos.d/jami-main.repo" GPG_FILE="/etc/pki/rpm-gpg/RPM-GPG-KEY-JAMI" -JAMI_UPDATE_MANAGER_ID="jami" -JAMI_UPDATE_MANAGER_CFG="${JAMI_UPDATE_MANAGER_ID}.cfg" -############################################################################### -# [2] Set package repo url depending on distribution and version # -############################################################################### +is_distribution_supported() { -CAN_ADD_YUM_SOURCE=true + # Detect currently running system using /etc/os-release + # Redhat-based systems are supposed to provide /etc/os-release so + # if it's not the case then we simply don't want to provide + # automatic updates. + if ! [ -f /etc/os-release ]; then + return 1 + fi -# Detect currently running system using /etc/os-release -# Redhat-based systems are supposed to provide /etc/os-release so if it's not -# the case then we simply don't want to provide automatic updates -if [ -f /etc/os-release ]; then + # This defines variables such as NAME, ID, VERSION_ID, etc. . /etc/os-release -JAMI_REPO=' -[jami] -name='"${NAME}"' $releasever - $basearch - Jami -baseurl='"${JAMI_REPO_BASE}"/"${ID}"'_$releasever -gpgcheck=1 -gpgkey=https://dl.jami.net/jami.pub.key -enabled=1' - - # Set-up Jami repository end tag - if [ "${PLATFORM_ID}" = "platform:el8" ] || [ "${ID}_${VERSION_ID%.*}" = "rhel_8" ]; then - ENDTAG="rhel_8" - elif [ "${PLATFORM_ID}" = "platform:f32" ] || [ "${ID}_${VERSION_ID}" = "fedora_32" ]; then - ENDTAG="fedora_32" - elif [ "${PLATFORM_ID}" = "platform:f33" ] || [ "${ID}_${VERSION_ID}" = "fedora_33" ]; then - ENDTAG="fedora_33" - else - # Distribution is not supported. Don't provide automatic updates. - CAN_ADD_YUM_SOURCE=false - fi -else - CAN_ADD_YUM_SOURCE=false -fi + case ${ID}_${VERSION_ID%.*} in + rhel_8|fedora_32|fedora_33) + return 0;; + esac + return 1 +} ############################################################################### # [3] Maintainer script main switch # ############################################################################### - if [ "`command -v rpm`" = "" ]; then - # we can only add key if rpm is present - CAN_ADD_YUM_SOURCE=false - fi +if is_distribution_supported; then + CAN_ADD_YUM_SOURCE=true +else + CAN_ADD_YUM_SOURCE=false +fi + +if command -v rpm > /dev/null; then + # RPM is required to add the key. + CAN_ADD_YUM_SOURCE=false +fi - if [ "${CAN_ADD_YUM_SOURCE}" = "true" ]; then -# # We first add the key to the trusted keyring. - cat > $GPG_FILE <<EOF - -$JAMI_KEY -EOF - /usr/bin/rm -f /var/lib/rpm/.rpm.lock > /dev/null 2>&1 - /usr/bin/rpm --import $GPG_FILE > /dev/null 2>&1 +if [ "${CAN_ADD_YUM_SOURCE}" = "true" ]; then + # Add the key to the trusted keyring. + echo "$JAMI_KEY" > "$GPG_FILE" - # Add an entry for the package repository to the trusted package - cat > $YUM_FILE <<EOF -$JAMI_REPO + rm -f /var/lib/rpm/.rpm.lock > /dev/null 2>&1 + rpm --import "$GPG_FILE" > /dev/null 2>&1 + + # Add an entry for the package repository to the trusted package. + # XXX: The NAME and ID variables are set as a side-effect of + # sourcing the /etc/os-release file in the above + # is_distribution_supported call. + cat > "$YUM_FILE" <<EOF +[jami] +name=$NAME \$releasever - \$basearch - Jami +baseurl=${JAMI_REPO_BASE}/${ID}_\$releasever +gpgcheck=1 +gpgkey=https://dl.jami.net/jami.pub.key +enabled=1 EOF - fi -exit 0 +fi diff --git a/scripts/make-packaging-target.py b/scripts/make-packaging-target.py index 37bcf94be786b976dee312eeb5804e8422fc7f4e..396de955fb82b0d5a828fffb46538a39ee81c900 100755 --- a/scripts/make-packaging-target.py +++ b/scripts/make-packaging-target.py @@ -63,7 +63,7 @@ PACKAGE_%(distribution)s_DOCKER_RUN_COMMAND = docker run \\ $(PACKAGE_%(distribution)s_DOCKER_IMAGE_FILE): docker/Dockerfile_%(docker_image)s docker build \\ -t $(PACKAGE_%(distribution)s_DOCKER_IMAGE_NAME) \\ - -f docker/Dockerfile_%(docker_image)s %(password_rhel8)s \\ + -f docker/Dockerfile_%(docker_image)s %(docker_build_args)s \\ $(CURDIR) touch $(PACKAGE_%(distribution)s_DOCKER_IMAGE_FILE) @@ -85,11 +85,14 @@ package-%(distribution)s-interactive: $(RELEASE_TARBALL_FILENAME) packages/%(dis """ -def generate_target(distribution, debian_packaging_override, output_file, options='', docker_image='', version='', password_rhel8 = ''): +RPM_BASED_SYSTEMS_DOCKER_RUN_OPTIONS = ( + '--security-opt seccomp=./docker/profile-seccomp-fedora_28.json ' + '--privileged') + + +def generate_target(distribution, debian_packaging_override, output_file, options='', docker_image='', version='', docker_build_args = ''): if (docker_image == ''): docker_image = distribution - if (docker_image == 'rhel_8'): - password_rhel8 = password_rhel8 if (version == ''): version = "$(DEBIAN_VERSION)" return target_template % { @@ -99,7 +102,7 @@ def generate_target(distribution, debian_packaging_override, output_file, option "output_file": output_file, "options": options, "version": version, - "password_rhel8": password_rhel8, + "docker_build_args": docker_build_args, } @@ -247,33 +250,33 @@ def run_generate_all(parsed_args): "distribution": "fedora_32", "debian_packaging_override": "", "output_file": ".packages-built", - "options": "--security-opt seccomp=./docker/profile-seccomp-fedora_28.json --privileged", + "options": RPM_BASED_SYSTEMS_DOCKER_RUN_OPTIONS }, { "distribution": "fedora_33", "debian_packaging_override": "", "output_file": ".packages-built", - "options": "--security-opt seccomp=./docker/profile-seccomp-fedora_28.json --privileged", + "options": RPM_BASED_SYSTEMS_DOCKER_RUN_OPTIONS }, { "distribution": "rhel_8", "debian_packaging_override": "", "output_file": ".packages-built", - "options": "--security-opt seccomp=./docker/profile-seccomp-fedora_28.json --privileged", - "password_rhel8": "--build-arg PASS=${PASS}" + "options": RPM_BASED_SYSTEMS_DOCKER_RUN_OPTIONS, + "docker_build_args": "--build-arg PASS=${PASS}" }, # OpenSUSE { "distribution": "opensuse-leap_15.2", "debian_packaging_override": "", "output_file": ".packages-built", - "options": "--security-opt seccomp=./docker/profile-seccomp-fedora_28.json --privileged" + "options": RPM_BASED_SYSTEMS_DOCKER_RUN_OPTIONS }, { "distribution": "opensuse-tumbleweed", "debian_packaging_override": "", "output_file": ".packages-built", - "options": "--security-opt seccomp=./docker/profile-seccomp-fedora_28.json --privileged" + "options": RPM_BASED_SYSTEMS_DOCKER_RUN_OPTIONS }, # Snap {