strepsirrhini/libreoffice-online
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
libreoffice-online/loolwsd.spec.in
Ashod Nakashian 5c9988f2e3 wsd: faster jail setup via bind-mount 
loolmount now works and supports mounting and
unmounting, plus numerous improvements,
refactoring, logging, etc..  When enabled,
binding improves the jail setup time by anywhere
from 2x to orders of magnitude (in docker, f.e.).

A new config entry mount_jail_tree controls
whether mounting is used or the old method of
linking/copying of jail contents. It is set to
true by default and falls back to linking/copying.
A test mount is done when the setting is enabled,
and if mounting fails, it's disabled to avoid noise.

Temporarily disabled for unit-tests until we can
cleanup lingering mounts after Jenkins aborts our
build job. In a future patch we will have mount/jail
cleanup as part of make.

The network/system files in /etc that need frequent
refreshing are now updated in systemplate to make
their most recent version available in the jails.
These files can change during the course of loolwsd
lifetime, and are unlikely to be updated in
systemplate after installation at all. We link to
them in the systemplate/etc directory, and if that
fails, we copy them before forking each kit
instance to have the latest.

This reworks the approach used to bind-mount the
jails and the templates such that the total is
now down to only three mounts: systemplate, lo, tmp.

As now systemplate and lotemplate are shared, they
must be mounted as readonly, this means that user/
must now be moved into tmp/user/ which is writable.

The mount-points must be recursive, because we mount
lo/ within the mount-point of systemplate (which is
the root of the jail). But because we (re)bind
recursively, and because both systemplate and
lotemplate are mounted for each jails, we need to
make them unbindable, so they wouldn't multiply the
mount-points for each jails (an explosive growth!)
Contrarywise, we don't want the mount-points to
be shared, because we don't expect to add/remove
mounts after a jail is created.

The random temp directory is now created and set
correctly, plus many logging and other improvements.

Change-Id: Iae3fda5e876cf47d2cae6669a87b5b826a8748df
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92829
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
2020-07-01 05:42:43 +02:00

195 lines
6.7 KiB
RPMSpec
Raw Blame History

# spec file for package loolwsd
#
# Copyright (c) 2015 Collabora
#
# This file is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
%if 0%{?name_suffix:1}
Name: loolwsd%{name_suffix}
%else
Name: loolwsd
%endif
Version: @PACKAGE_VERSION@
Release: 1%{?dist}
Vendor: %{vendor}
Summary: LibreOffice Online WebSocket Daemon
License: MPL
Source0: loolwsd-@PACKAGE_VERSION@.tar.gz
BuildRequires: libcap-devel libpng-devel poco-devel >= 1.7.5 m4
%if 0%{?fedora} || 0%{?rhel} >= 7
BuildRequires: libpcap kernel-headers
%else
%if 0%{?suse_version}
BuildRequires: libcap-progs linux-glibc-devel systemd-rpm-macros
%endif
%endif
Requires: %{lo_rpm_list}
Requires: systemd
Requires(post): coreutils grep sed
%if 0%{?fedora} || 0%{?rhel} >= 7
# loolwsd dependencies
Requires: expat keyutils-libs krb5-libs libattr libcap libcom_err libgcc libpng libselinux openssl-libs pcre xz-libs zlib
Requires: poco-crypto >= 1.7.5 poco-foundation >= 1.7.5 poco-json >= 1.7.5 poco-net >= 1.7.5 poco-netssl >= 1.7.5 poco-util >= 1.7.5 poco-xml >= 1.7.5
# LibreOffice dependencies (unfortunately upstream LibreOffice RPM packages (from TDF) do not have real dependencies)
Requires: atk avahi-glib avahi-libs bzip2-libs cairo cups-libs dbus-glib dbus-libs fontconfig freetype GConf2 gdk-pixbuf2 glib2 gnome-vfs2 graphite2 gstreamer gstreamer-plugins-base gtk2 harfbuzz libdrm libffi libICE libSM libuuid libX11 libXau libxcb libXcomposite libXcursor libXdamage libXext libXfixes libXi libXinerama libXrandr libXrender libxshmfence libXt libXxf86vm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi pango pixman
%else
%if 0%{?suse_version}
# loolwsd dependencies
Requires(post): libcap-progs
Requires: libcap2 libopenssl1_0_0 libpng12-0 libpcre1 libz1 %{?systemd_requires} %{fillup_prereq}
Requires: libPocoCrypto48 >= 1.7.8 libPocoFoundation48 >= 1.7.8 libPocoJSON48 >= 1.7.8 libPocoNet48 >= 1.7.8 libPocoNetSSL48 >= 1.7.8 libPocoUtil48 >= 1.7.8 libPocoXML48 >= 1.7.8
# LibreOffice dependencies (unfortunately upstream LibreOffice RPM packages (from TDF) do not have real dependencies)
Requires: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 cups-libs dbus-1-glib fontconfig libatk-1_0-0 libavahi-client3 libavahi-common3 libavahi-glib1 libbz2-1 libcairo2 libcom_err2 libdbus-1-3 libdrm2 libexpat1 libfreetype6 libgbm1 libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgraphite2-3 libgthread-2_0-0 libgtk-2_0-0 libharfbuzz0 libkeyutils1 liblzma5 libpixman-1-0 libpng16-16 libuuid1 libxml2 libffi4 libgbm1 libICE6 libselinux1 libSM6 libwayland-client0 libwayland-server0 libX11-6 libX11-xcb1 libXau6 libxcb1 libxcb-dri2-0 libxcb-dri3-0 libxcb-glx0 libxcb-present0 libxcb-render0 libxcb-shm0 libxcb-sync1 libxcb-xfixes0 libXdamage1 libXext6 libXfixes3 libXrender1 libxshmfence1 libXxf86vm1
%endif
%endif
%if 0%{?name_suffix:1}
Provides: loleaflet = 1.5.8, loolwsd
%else
Provides: loleaflet = 1.5.8
%endif
Obsoletes: loleaflet <= 1.5.8
%description
%if 0%{?suse_version}
%debug_package
%endif
%prep
%setup -n loolwsd-@PACKAGE_VERSION@
%build
%configure \
--enable-silent-rules \
--with-lokit-path=bundled/include \
--with-lo-path=%{loroot} \
--disable-setcap \
%if 0%{?config_options:1}
%{config_options}
%endif
make %{?_smp_mflags}
%check
#make check
%install
make install DESTDIR=%{buildroot}
%__install -D -m 444 loolwsd.service %{buildroot}%{_unitdir}/loolwsd.service
install -d -m 755 %{buildroot}/var/adm/fillup-templates
%if 0%{?fedora} || 0%{?rhel} >= 7
install -D -m 644 sysconfig.loolwsd %{buildroot}/etc/sysconfig/loolwsd
%else
%if 0%{?suse_version}
install -D -m 644 sysconfig.loolwsd %{buildroot}/var/adm/fillup-templates
%endif
%endif
mkdir -p %{buildroot}/etc/cron.d
echo "#Remove old tiles once every 10 days at midnight" > %{buildroot}/etc/cron.d/loolwsd.cron
echo "0 0 */1 * * root find /var/cache/loolwsd -type f -a -atime +10 -exec rm {} \;" >> %{buildroot}/etc/cron.d/loolwsd.cron
mkdir -p %{buildroot}/etc/pam.d
echo "auth required pam_unix.so" > %{buildroot}/etc/pam.d/loolwsd
echo "account required pam_unix.so" >> %{buildroot}/etc/pam.d/loolwsd
%files
/usr/bin/loolwsd
/usr/bin/loolwsd-systemplate-setup
/usr/bin/loolwsd-generate-proof-key
/usr/bin/loolforkit
/usr/bin/loolconvert
/usr/bin/loolconfig
/usr/bin/loolmount
/usr/share/loolwsd/discovery.xml
/usr/share/loolwsd/favicon.ico
/usr/share/loolwsd/loleaflet
/usr/share/doc/loolwsd/README
/usr/share/doc/loolwsd/README.vars
/usr/share/doc/loolwsd/protocol.txt
/usr/share/doc/loolwsd/reference.md
/usr/share/doc/loolwsd/metrics.txt
/usr/share/man/man1/loolwsd.1
/usr/share/man/man1/loolforkit.1
/usr/share/man/man1/loolconvert.1
/usr/share/man/man1/loolconfig.1
/usr/share/man/man1/loolwsd-systemplate-setup.1
/usr/share/man/man1/loolwsd-generate-proof-key.1
%{_unitdir}/loolwsd.service
%if 0%{?fedora} || 0%{?rhel} >= 7
%config(noreplace) /etc/sysconfig/loolwsd
%else
%if 0%{?suse_version}
/var/adm/fillup-templates/sysconfig.loolwsd
%endif
%endif
%config(noreplace) /etc/cron.d/loolwsd.cron
%config(noreplace) /etc/pam.d/loolwsd
%config(noreplace) %attr(640, lool, root) /etc/loolwsd/loolwsd.xml
%config /etc/loolwsd/loolkitconfig.xcu
%doc README
%pre
%if 0%{?suse_version}
%service_add_pre loolwsd.service
%endif
getent group lool >/dev/null || groupadd -r lool
getent passwd lool >/dev/null || useradd -g lool -r lool
%post
setcap cap_fowner,cap_mknod,cap_sys_chroot=ep /usr/bin/loolforkit
setcap cap_sys_admin=ep /usr/bin/loolmount
mkdir -p /var/cache/loolwsd && chown lool:lool /var/cache/loolwsd
rm -rf /var/cache/loolwsd/*
# Figure out where LO is installed, let's hope it is not a mount point
# Create a directory for loolwsd on the same file system
loroot=%{loroot}
loolparent=`cd ${loroot} && cd .. && /bin/pwd`
rm -rf ${loolparent}/lool
mkdir -p ${loolparent}/lool/child-roots
chown lool:lool ${loolparent}/lool
chown lool:lool ${loolparent}/lool/child-roots
fc-cache ${loroot}/share/fonts/truetype
loolwsd-systemplate-setup ${loolparent}/lool/systemplate ${loroot} >/dev/null 2>&1
loolwsd-generate-proof-key >/dev/null 2>&1
%if 0%{?fedora} || 0%{?rhel} >= 7
%systemd_post loolwsd.service
%else
%if 0%{?suse_version}
%service_add_post loolwsd.service
%{fillup_only -n loolwsd}
%endif
%endif
%preun
%if 0%{?fedora} || 0%{?rhel} >= 7
%systemd_preun loolwsd.service
%else
%if 0%{?suse_version}
%service_del_preun loolwsd.service
%endif
%endif
%postun
%if 0%{?fedora} || 0%{?rhel} >= 7
%systemd_postun loolwsd.service
%else
%if 0%{?suse_version}
%service_del_postun loolwsd.service
%endif
%endif
%changelog
* Mon Aug 03 2015 Mihai Varga
- added the cronjob
* Tue May 19 2015 Tor Lillqvist
- Initial RPM release
Reference in a new issue View git blame Copy permalink