File redis.spec of Package redis.28794

#
# spec file for package redis
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%define _data_dir       %{_localstatedir}/lib/%{name}
%define _log_dir        %{_localstatedir}/log/%{name}
%define _conf_dir       %{_sysconfdir}/%{name}
Name:           redis
Version:        6.2.6
Release:        0
Summary:        Persistent key-value database
License:        BSD-3-Clause
URL:            https://redis.io
Source0:        https://download.redis.io/releases/%{name}-%{version}.tar.gz
Source1:        %{name}.logrotate
Source2:        %{name}.target
Source3:        %{name}@.service
Source4:        %{name}.tmpfiles.d
Source5:        README.SUSE
Source6:        %{name}.sysctl
Source7:        %{name}-sentinel@.service
Source8:        %{name}-sentinel.target
Source9:        %{name}-user.conf
Source10:       https://raw.githubusercontent.com/redis/redis-hashes/master/README#/redis.hashes
# PATCH-MISSING-TAG -- See https://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch0:         %{name}-conf.patch
Patch1:         getMcontextEip-return-value.patch
Patch3:         reproducible.patch
Patch4:         ppc-atomic.patch
# PATCH-FIX-UPSTREAM bsc#1198952 danilo.spinella@suse.com CVE-2022-24736, CVE-2022-24735
# Add support for readonly tables on Lua to prevent security vulnerabilities
Patch5:         bsc1198952-1.patch
Patch6:         bsc1198952-2.patch
Patch7:         bsc1198952-3.patch
Patch8:         bsc1198952-4.patch
# PATCH-FIX-UPSTREAm bsc#1204633 danilo.spinella@suse.com CVE-2022-3647
# crash in sigsegvHandler debug function
Patch9:        cve-2022-3647.patch
# CVE-2022-35977 [bsc#1207202], Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands can drive Redis to OOM panic
Patch10:        redis-CVE-2022-35977.patch
# CVE-2023-22458 [bsc#1207203], Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands can lead to denial-of-service
Patch11:        redis-CVE-2023-22458.patch
# PATCH-FIX-UPSTREAM CVE-2023-28856 [bsc#1210548], HINCRBYFLOAT invalid key crash
Patch12:        redis-CVE-2023-28856.patch
# PATCH-FIX-UPSTREAM bsc#1208790 CVE-2022-36021
# Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow
Patch13:        redis-CVE-2022-36021.patch
# PATCH-FIX-UPSTREAM bsc#1208793 CVE-2023-25155
# Integer Overflow in RAND commands can lead to assertion
Patch14:        redis-CVE-2023-25155.patch
BuildRequires:  libopenssl-devel >= 1.1.1
BuildRequires:  pkgconfig
BuildRequires:  procps
BuildRequires:  sysuser-shadow
BuildRequires:  sysuser-tools
BuildRequires:  tcl
BuildRequires:  pkgconfig(libsystemd)
BuildRequires:  pkgconfig(systemd)
# there is no tcl-tls package yet, which is said to be needed for testing tls support
Recommends:     logrotate
%sysusers_requires

%description
%{name} is an advanced key-value store. It is similar to memcached but the dataset
is not volatile, and values can be strings, exactly like in memcached,
but also lists, sets, and ordered sets. All this data types can be manipulated
with atomic operations to push/pop elements, add/remove elements, perform server
side union, intersection, difference between sets, and so forth. Redis supports
different kind of sorting abilities.

%prep
echo "`grep -F %{name}-%{version}.tar.gz %{SOURCE10} | cut -d' ' -f4`  %{SOURCE0}" | sha256sum -c
%setup -q
%patch0
%patch1 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1

%build
export HOST=OBS # for reproducible builds
%make_build CFLAGS="%{optflags}" BUILD_WITH_SYSTEMD=yes BUILD_TLS=yes
%sysusers_generate_pre %{SOURCE9} %{name}

%install
install -pm0750 -d \
  %{buildroot}%{_sbindir} \
  %{buildroot}%{_log_dir} \
  %{buildroot}%{_data_dir} \
  %{buildroot}%{_conf_dir} \
  %{buildroot}%{_log_dir}/default \
  %{buildroot}%{_data_dir}/default

install -Dpm0755 src/%{name}-benchmark  %{buildroot}%{_bindir}/%{name}-benchmark
install -Dpm0755 src/%{name}-cli        %{buildroot}%{_bindir}/%{name}-cli

install -Dpm0755 src/%{name}-server     %{buildroot}%{_sbindir}/%{name}-server

ln -sfv ../sbin/redis-server            %{buildroot}%{_bindir}/%{name}-check-aof
ln -sfv ../sbin/redis-server            %{buildroot}%{_bindir}/%{name}-check-rdb
ln -sfv ../sbin/redis-server            %{buildroot}%{_sbindir}/%{name}-check-aof
ln -sfv ../sbin/redis-server            %{buildroot}%{_sbindir}/%{name}-check-rdb
ln -sfv ../sbin/redis-server            %{buildroot}%{_sbindir}/%{name}-sentinel

perl -p -i -e 's|daemonize yes|daemonize no|g' %{name}.conf
install -Dpm0640 redis.conf             %{buildroot}%{_conf_dir}/default.conf.example
install -Dpm0660 sentinel.conf          %{buildroot}%{_conf_dir}/sentinel.conf.example

# some sysctl stuff
install -Dpm0644 %{SOURCE6} %{buildroot}/%{_prefix}/lib/sysctl.d/00-%{name}.conf
install -Dpm0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
install -Dpm0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.target
install -Dpm0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}@.service
install -Dpm0644 %{SOURCE4} %{buildroot}%{_tmpfilesdir}/%{name}.conf
install -Dpm0644 %{SOURCE7} %{buildroot}%{_unitdir}/%{name}-sentinel@.service
install -Dpm0644 %{SOURCE8} %{buildroot}%{_unitdir}/%{name}-sentinel.target

ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
cp %{SOURCE5} README.SUSE

mkdir -p %{buildroot}%{_sysusersdir}
install -pm0644 %{SOURCE9} %{buildroot}%{_sysusersdir}/

%check
cat <<EOF
---------------------------------------------------
The test suite often fails to start a server, with
'child process exited abnormally' -- sometimes it works.
---------------------------------------------------
EOF
# Variable assignments need to match in all make invocations, otherwise it might recomplie. See https://github.com/redis/redis/issues/7337
%make_build test CFLAGS="%{optflags}" BUILD_WITH_SYSTEMD=yes BUILD_TLS=yes || true

%pre -f %{name}.pre
%service_add_pre %{name}.target %{name}@.service %{name}-sentinel.target %{name}-sentinel@.service

%post
%tmpfiles_create %{_tmpfilesdir}/%{name}.conf
%service_add_post %{name}.target %{name}@.service %{name}-sentinel.target %{name}-sentinel@.service
echo "See %{_docdir}/%{name}/README.SUSE to continue"

%preun
%service_del_preun %{name}.target %{name}@.service %{name}-sentinel.target %{name}-sentinel@.service

%postun
%service_del_postun %{name}.target %{name}@.service %{name}-sentinel.target %{name}-sentinel@.service

%files
%license COPYING
%doc 00-RELEASENOTES BUGS CONTRIBUTING README.md
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%{_prefix}/lib/sysctl.d/00-%{name}.conf
%{_bindir}/%{name}-*
%{_sbindir}/%{name}-*
%{_sbindir}/rc%{name}
%{_tmpfilesdir}/%{name}.conf
%{_sysusersdir}/%{name}-user.conf
%{_unitdir}/%{name}@.service
%{_unitdir}/%{name}.target
%{_unitdir}/%{name}-sentinel@.service
%{_unitdir}/%{name}-sentinel.target
%doc README.SUSE
%config(noreplace) %attr(-,root,%{name}) %{_conf_dir}/
%dir %attr(0750,%{name},%{name}) %{_data_dir}
%dir %attr(0750,%{name},%{name}) %{_data_dir}/default
%dir %attr(0750,%{name},%{name}) %{_log_dir}
%ghost %dir /run/%{name}

%changelog