diff --git a/nextcloud-integritycheck-exclusion.patch b/nextcloud-integritycheck-exclusion.patch new file mode 100644 index 0000000..766cf1c --- /dev/null +++ b/nextcloud-integritycheck-exclusion.patch @@ -0,0 +1,34 @@ +From 9f38c6300712a23ccdc75e140143a1c461e15705 Mon Sep 17 00:00:00 2001 +From: Andrew Bauer +Date: Mon, 24 Jun 2024 10:11:23 -0500 +Subject: [PATCH] silence integrity check for excluded files + +--- + lib/private/IntegrityCheck/Checker.php | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php +index a6de3cf6030d7..3974483601b08 100644 +--- a/lib/private/IntegrityCheck/Checker.php ++++ b/lib/private/IntegrityCheck/Checker.php +@@ -337,7 +337,20 @@ private function verify(string $signaturePath, string $basePath, string $certifi + $differencesB = array_diff($currentInstanceHashes, $expectedHashes); + $differences = array_unique(array_merge($differencesA, $differencesB)); + $differenceArray = []; ++ ++ # Nasty hack to silence the integrity checker for files patched during the build process or files we simply don't care about ++ $excludedFilenames = [ ++//sedplaceholder ]; ++ + foreach ($differences as $filename => $hash) { ++ ++ # Skip if the file in question matches our exclusion list ++ foreach ($excludedFilenames as $excludedFilename) { ++ if (strpos($filename, $excludedFilename)!==false) { ++ break 2; ++ } ++ } ++ + // Check if file should not exist in the new signature table + if (!array_key_exists($filename, $expectedHashes)) { + $differenceArray['EXTRA_FILE'][$filename]['expected'] = ''; diff --git a/nextcloud.spec b/nextcloud.spec index 727c609..d71b993 100644 --- a/nextcloud.spec +++ b/nextcloud.spec @@ -42,6 +42,8 @@ Source303: %{name}-MIGRATION.fedora Patch0: 0000-disable-update-version-check.patch # Change occ shebang to /usr/bin/php Patch1: 0001-mangle-shebang.patch +# Add the ability to exclude files we specify from the nextcloud integrity checker +Patch2: nextcloud-integritycheck-exclusion.patch BuildArch: noarch BuildRequires: systemd-rpm-macros @@ -328,6 +330,39 @@ find -wholename "*/composer/LICENSE" -exec mv {} composer-LICENSE \; find . -mindepth 2 \( -name '*LICENSE*' -o -name '*LICENCE*' \) | { while read a ; do mv "$a" $(echo $a | sed "s_^./__" | tr "/ " "__" )-LICENSE ; done ; } find . -mindepth 2 -name '*COPYING*' | { while read a ; do mv "$a" $(echo $a | sed "s_^./__" | tr "/ " "__" )-COPYING ; done ; } +# case-sensitive list of partial matches to exclude from the nextcloud integrity checker +# include readme, license, other docs, and any files we move or patch during the build +excludedFilenames=" +README +readme +LICENSE +LICENCE +license +copying +COPYING +AUTHORS +htaccess +gitignore +user.ini +update.admin.php +Updater.php +occ +Checker.php +" + +# nextcloud source files use tabs rather than spaces, ew +tabs=" " +cr=" +" + +# Add quotes, commas, and escaped newlines +for f in $excludedFilenames; do + formattedlist="$formattedlist$tabs'$f',\\$cr" +done + +# look for our sed placeholder we patched in earlier, then insert our formatted list of keywords +sed -i "s|//sedplaceholder|${formattedlist}|" lib/private/IntegrityCheck/Checker.php + %check # Make sure there are no license files left over : Check for leftover license files