sig_core/wiki
7
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity

add changes patch, change patching section
All checks were successful
mkdocs build / build (push) Successful in 30s
Details

Browse Source
This commit is contained in:
Louis Abel 2024-07-10 21:44:00 -07:00
parent 77c238b1b3
commit fa714ecd56
Signed by: label
GPG Key ID: 2A6975660E424560
8 changed files with 216 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/documentation/.pages
View File

@ -2,7 +2,7 @@
nav:
- ... | index.md
- Guidelines: guidelines
- Debranding and Patching: debranding
- Package Patching: patching
- Composing Releases: compose
- Empanadas: empanadas.md
- Peridot: peridot.md

33
docs/documentation/debranding/index.md
View File

@ -1,33 +0,0 @@
---
title: Intro to Debranding with Rocky Linux
---
## What is Debranding?
Certain packages in the upstream RHEL/CentOS have logos, trademarks, and other specific text, images, or multimedia that other entities (like the Rocky Enterprise Software Foundation) are not allowed to redistribute.
A visible, simple example is the Apache web server (package httpd). If you've ever installed it and visited the default web server page, you will see a test page specific to your Linux distro, complete with a "powered by" logo and distro-specific information. While we are allowed to compile and redistribute the Apache web server software, Rocky Linux is NOT allowed to include these trademarked images or distro-specific text.
We must have an automated process that will strip these assets out and replace them with our own branding upon import into our Git.
## How Rocky Debranding Works
Rocky's method for importing packages from the upstream is a tool called **srpmproc**.
Srpmproc's purpose in life is to:
- Clone PACKAGE from our upstream source: gitlab.com/redhat or a relevant source RPM
- Check if Rocky Linux has any debranding patches available for PACKAGE (under https://git.rockylinux.org/patch/PACKAGE)
- If patch/PACKAGE exists, then read the configuration and patches from that repository and apply them
- Commit the results (patched or not) to https://git.rockylinux.org/rpms/PACKAGE
- Do this for every package until we have a full repository of packages in our Git
## Helping with Debrands
There are 2 tasks involved with debranding: Identifying packages that require debranding and developing patches+configs to debrand the necessary packages.
If you want to help with the latter, please see the [patching guide](patching.md) for examples and a case study. If you find something that you suspect is missing branding, you can also file a [bug report](https://bugs.rockylinux.org) instead.
## Debrand Packages Tracking
A list of packages that need debranding is located in the a metadata file in our git [here](https://git.rockylinux.org/rocky/metadata/-/blob/main/patch.yml). This generally does not track status and is simply a reference on what is debranded, if it's no longer debranded (aka Rocky Linux is upstreamed), and other notes.

2
docs/documentation/debranding/.pages → docs/documentation/patching/.pages
View File

@ -1,5 +1,5 @@
---
nav:
- ... | index.md
- Debranding Information: debrand_info.md
- Package Changes: changes.md
- Patching Guide: patching.md

15
docs/documentation/patching/changes.md Normal file
View File

@ -0,0 +1,15 @@
---
title: Rocky Linux Package Changes
---
In Rocky Linux, some packages can be patched or even self-managed. Below is a table of each package that we may modify to address branding or self-management. Click the appropriate Rocky Linux version that is of interest to you.
{% include "mod_table.md" %}
### Terminology
| Term | Definition |
|--------------|------------------------------------------------------------------------------------|
| Self-managed | A package that Release Engineering manages rather than using srpmproc to patch |
| Patch | A patch done either in the source code or the spec file |
| Branding | A branding patch done to ensure Rocky Linux assets are in use rather than upstream |

0
docs/documentation/debranding/debrand_info.md → docs/documentation/patching/debrand_info.md
View File

44
docs/documentation/patching/index.md Normal file
View File

@ -0,0 +1,44 @@
---
title: Rocky Linux Package Patching
---
In Rocky Linux, some packages are patched either for build issues or removing Red Hat references. Some packages are completely self-managed by Release Engineering. Some packages have Red Hat or CentOS assets that cannot be shipped (for obvious reasons). Performing these types of changes are necessary for Rocky Linux to exist.
## What is Debranding?
Debranding is for the case of removing Red Hat or CentOS assets from a package and either A) Using Rocky Linux or RESF assets or B) Forcing the use of generic assets. The former is the most common and the latter happens once in a blue moon. A debrand can come in the following forms:
* Changing "Red Hat" to "Rocky"
* Changing "RHEL" or "Red Hat Enterprise Linux" to "Rocky Linux"
* Changing some "Red Hat" or "RHEL" wording to be agnostic, such as "Enterprise Linux"
* Changing bug tracker URL's to our project's specific bug tracker site
* Replacing appropriate assets (e.g. the logos packages)
The most obvious example would be httpd or nginx. While these rely on `rocky-logos-httpd` for specific pages, some assets are also replaced. This is particularly obvious with the test pages with distribution specific information.
## How are packages "debranded"?
Debrands are done using the `srpmproc` utility. The utility source code is [here](https://github.com/rocky-linux/srpmproc).
## What are "self-managed" packages?
Rocky Linux may have packages that are self-managed. Self-managed packages are packages that Red Hat may ship themselves, but it's simply easier for Release Engineering to manage them, thus reducing srpmproc headaches.
## What are "build issues"?
Some packages have to be patched, either a source code patch or a spec file change, to address a build issue. A build issue can come in multiple forms:
* Failing tests that should not fail in normal circumstances
* OOM issues for heavy packages
* Build issues where a package cannot be built properly in a container
These do not happen often. These types of changes do not affect the compatibility of the packages to our upstream.
## What type of other changes can be done?
There are very rare cases where Red Hat completely disables a package from being built or even being provided. In these very rare cases, if there is user demand, we may ensure these packages are built or provided in some way. A very common example is `openldap-servers`, which is no longer built by default. However, we enable this and provide it in our `plus` repository.
## Can I get a list of changes?
Of course, head to the [changes](changes.md) page for a list of known and documented changes that we make to our packages.

5
docs/documentation/debranding/patching.md → docs/documentation/patching/patching.md
View File

@ -1,7 +1,10 @@
---
title: Rocky Patching Guide
title: Rocky Linux Patching Guide
---
!!! note
This page is kept here as a historical reference and may be out of date.
This explains how to debrand/patch a package for the Rocky Linux distribution.
## General Instructions

151
docs/include/mod_table.md Normal file
View File

@ -0,0 +1,151 @@
=== "Rocky Linux 8"
| Package Name | Change Type | Comment |
|-----------------------|-----------------|-----------------------------------------------------|
| shim-unsigned-x64 | Self-managed | Secure Boot |
| shim-unsigned-aarch64 | Self-managed | Secure Boot |
| shim | Self-managed | Secure Boot |
| fwupd | Patch | Secure Boot |
| grub2 | Patch | Secure Boot |
| kernel | Patch, Branding | Secure Boot |
| kernel-rt | Patch, Branding | Secure Boot |
| rocky-release | Self-managed | Required for Rocky Linux to be itself |
| rocky-logos | Self-managed | Required for Rocky Linux assets |
| rocky-indexhtml | Self-managed | Required for Rocky Linux default index |
| rocky-bookmarks | Self-managed | Required for Rocky Linux default browser bookmarks |
| abrt | Branding | Add Rocky Support |
| anaconda | Patch, Branding | Turn off Red Hat specific options |
| anaconda-user-help | Branding | Ensure documenation references Rocky Linux |
| cockpit-composer | Branding | Replace RHEL with Enterprise Linux |
| cloud-init | Patch | Ensure the managed user is cloud-user like upstream |
| crash | Patch | Replace Red Hat with Rocky |
| dhcp | Patch | Change bug tracker URL |
| dnf | Patch | Change bug tracker URL |
| dotnet | Branding | Add Rocky Support |
| dotnet3.0 | Branding | Add Rocky Support |
| firefox | Patch | Replace Red Hat settings with Rocky Linux settings |
| gcc | Patch | Change bug tracker URL |
| gdb | Patch | Replace Red Hat with Rocky Linux |
| gnome-boxes | Patch | Add Rocky Support |
| gnome-settings-daemon | Patch | Remove subscription manager patch |
| initial-setup | Branding | Replace Red Hat with Rocky Linux |
| java-1.8.0-openjdk* | Patch | Ensure portables are buildable on all releases |
| java-11-openjdk* | Patch | Ensure portables are buildable on all releases |
| java-17-openjdk* | Patch | Ensure portables are buildable on all releases |
| java-21-openjdk* | Patch | Ensure portables are buildable on all releases |
| libdnf | Patch | Change bug tracker URL |
| libguestfs | Patch | Add Rocky Support |
| libreoffice | Branding | Remove Red Hat branding to generic branding |
| libreport | Patch | Ensure Rocky Bug Tracker (mantis) is supported |
| lorax-templates-rocky | Self-managed | Replacement for lorax-templates-rhel |
| nginx | Branding | Replace Red Hat with Rocky Linux |
| openscap | Patch | Ensure Rocky Linux is supported as a derivative |
| osbuild | Patch | Ensure Rocky Linux is supported |
| osbuild-composer | Patch | Ensure Rocky Linux is supported |
| oscap-anaconda-addon | Branding | Replace "Red Hat" with "Rocky" |
| PackageKit | Patch | Change support URL's to Rocky Linux wiki |
| pcs | Branding | Replace "Red Hat" logo |
| plymouth | Branding | Replace "Red Hat Enterprise Linux" |
| python2 | Patch | Add Rocky Support |
| python3 | Patch | Add Rocky Support |
| python-pip | Patch | Add Rocky Support |
| redhat-rpm-config | Patch | Add Rocky Support |
| scap-security-guide | Patch | Ensure Rocky Linux is supported as a derivative |
| subscription-manager* | Patch | Remove Red Hat references |
| systemd | Patch | Change support URL's to Rocky Linux |
| thunderbird | Patch | Replace Red Hat settings with Rocky Linux settings |
| toolbox | Patch | Ensure Rocky Linux image is the default |
| WALinuxAgent | Patch | Ensure Rocky Linux is supported |
=== "Rocky Linux 9"
| Package Name | Change Type | Comment |
|-----------------------|-----------------|---------------------------------------------------------|
| shim-unsigned-x64 | Self-managed | Secure Boot |
| shim-unsigned-aarch64 | Self-managed | Secure Boot |
| shim | Self-managed | Secure Boot |
| fwupd | Patch | Secure Boot |
| grub2 | Patch | Secure Boot |
| rocky-release | Self-managed | Required for Rocky Linux to be itself |
| rocky-logos | Self-managed | Required for Rocky Linux assets |
| rocky-indexhtml | Self-managed | Required for Rocky Linux default index |
| rocky-bookmarks | Self-managed | Required for Rocky Linux default browser bookmarks |
| anaconda | Patch, Branding | Turn off Red Hat specific options |
| anaconda-user-help | Branding | Ensure documenation references Rocky Linux |
| cloud-init | Patch | Ensure the managed user is cloud-user like upstream |
| cockpit-composer | Branding | Replace RHEL with Enterprise Linux |
| crash | Patch | Replace Red Hat with Rocky |
| dhcp | Patch | Change bug tracker URL |
| dnf | Patch | Change bug tracker URL |
| firefox | Patch | Replace Red Hat settings with Rocky Linux settings |
| gcc | Patch | Change bug tracker URL |
| gdb | Patch | Replace Red Hat with Rocky Linux |
| gnome-settings-daemon | Patch | Remove subscription manager patch |
| initial-setup | Branding | Replace Red Hat with Rocky Linux |
| java-1.8.0-openjdk* | Patch | Ensure portables are buildable on all releases |
| java-11-openjdk* | Patch | Ensure portables are buildable on all releases |
| java-17-openjdk* | Patch | Ensure portables are buildable on all releases |
| java-21-openjdk* | Patch | Ensure portables are buildable on all releases |
| kernel | Patch, Branding | Secure Boot |
| kernel-rt | Patch, Branding | Secure Boot |
| libdnf | Patch | Change bug tracker URL |
| libreoffice | Branding | Remove Red Hat branding to generic branding |
| libreport | Patch | Ensure Rocky Bug Tracker (mantis) is supported |
| lorax-templates-rocky | Self-managed | Replacement for lorax-templates-rhel |
| nginx | Branding | Replace Red Hat with Rocky Linux |
| openldap | Patch | Ensure openldap-servers is available in plus repo |
| openscap | Patch | Ensure Rocky Linux is supported as a derivative |
| osbuild | Patch | Ensure Rocky Linux is supported |
| osbuild-composer | Patch | Ensure Rocky Linux is supported |
| PackageKit | Patch | Change support URL's to Rocky Linux wiki |
| python-pip | Patch | Add Rocky Support |
| redhat-rpm-config | Patch | Add Rocky Support |
| rust | Patch | Ensure that aarch64 and s390x can build rust (OOM) |
| scap-security-guide | Patch | Ensure Rocky Linux is supported as a derivative |
| subscription-manager* | Patch | Remove Red Hat references |
| systemd | Patch | Change support URL's to Rocky Linux |
| thunderbird | Patch | Replace Red Hat settings with Rocky Linux settings |
| toolbox | Patch | Ensure Rocky Linux image is the default |
| WALinuxAgent | Patch | Ensure Rocky Linux is supported |
=== "Rocky Linux 10"
| Package Name | Change Type | Comment |
|-----------------------|-----------------|-------------------------------------------------------------|
| shim-unsigned-x64 | Self-managed | Secure Boot |
| shim-unsigned-aarch64 | Self-managed | Secure Boot |
| shim | Self-managed | Secure Boot |
| fwupd-efi | Patch | Secure Boot |
| grub2 | Patch | Secure Boot |
| kernel | Patch, Branding | Secure Boot and Branding |
| kernel-rt | Patch, Branding | Secure Boot and Branding |
| rocky-release | Self-managed | Required for Rocky Linux to be itself |
| rocky-logos | Self-managed | Required for Rocky Linux assets |
| rocky-indexhtml | Self-managed | Required for Rocky Linux default index |
| rocky-bookmarks | Self-managed | Required for Rocky Linux default browser bookmarks |
| anaconda | Patch, Branding | Turn off Red Hat specific options |
| anaconda-user-help | Branding | Ensure documenation references Rocky Linux |
| cloud-init | Patch | Ensure the managed user is cloud-user like upstream |
| cockpit-composer | Branding | Replace RHEL with Enterprise Linux |
| crash | Patch | Replace Red Hat with Rocky |
| dnf | Patch | Change bug tracker URL |
| firefox | Patch | Replace Red Hat settings with Rocky Linux settings |
| gcc | Patch | Change bug tracker URL |
| gdb | Patch | Replace Red Hat with Rocky Linux |
| java-17-openjdk* | Patch | Ensure portables are buildable on all releases |
| java-21-openjdk* | Patch | Ensure portables are buildable on all releases |
| libdnf | Patch | Change bug tracker URL |
| lorax-templates-rocky | Self-managed | Replacement for lorax-templates-rhel |
| nginx | Branding | Replace Red Hat with Rocky Linux |
| openldap | Patch | Ensure openldap-servers is built and available in plus repo |
| openscap | Patch | Ensure Rocky Linux is supported as a derivative |
| osbuild | Patch | Ensure Rocky Linux is supported |
| osbuild-composer | Patch | Ensure Rocky Linux is supported |
| PackageKit | Patch | Change support URL's to Rocky Linux wiki |
| redhat-rpm-config | Patch | Add Rocky Support |
| rust | Patch | Ensure that aarch64 and s390x can build rust (OOM) |
| scap-security-guide | Patch | Ensure Rocky Linux is supported as a derivative |
| subscription-manager* | Patch | Remove Red Hat references |
| systemd | Patch | Change support URL's to Rocky Linux |
| thunderbird | Patch | Replace Red Hat settings with Rocky Linux settings |
| toolbox | Patch | Ensure Rocky Linux image is the default |