diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | macros.redis | 2 | ||||
| -rw-r--r-- | redis-conf.patch | 69 | ||||
| -rw-r--r-- | redis-limit-systemd | 14 | ||||
| -rw-r--r-- | redis-loadmod.patch | 252 | ||||
| -rw-r--r-- | redis-sentinel.service | 13 | ||||
| -rw-r--r-- | redis.service | 13 | ||||
| -rw-r--r-- | redis.spec | 157 | ||||
| -rw-r--r-- | redis.sysusers | 1 | ||||
| -rw-r--r-- | redis.tmpfiles | 4 |
10 files changed, 474 insertions, 53 deletions
@@ -1,4 +1,4 @@ SRCDIR := $(shell pwd) NAME := $(shell basename $(SRCDIR)) -include ../common/Makefile +include ../../common/Makefile diff --git a/macros.redis b/macros.redis deleted file mode 100644 index 439cc2c..0000000 --- a/macros.redis +++ /dev/null @@ -1,2 +0,0 @@ -%redis_modules_abi 1 -%redis_modules_dir %{_libdir}/redis/modules diff --git a/redis-conf.patch b/redis-conf.patch new file mode 100644 index 0000000..96664ff --- /dev/null +++ b/redis-conf.patch @@ -0,0 +1,69 @@ +diff -up ./redis.conf.old ./redis.conf +--- ./redis.conf.old 2025-07-06 13:59:42.000000000 +0200 ++++ ./redis.conf 2025-07-23 14:21:49.223387091 +0200 +@@ -43,6 +43,8 @@ + # include /path/to/other.conf + # include /path/to/fragments/*.conf + # ++# Module configuration files ++include /etc/redis/modules/*.conf + + ################################## MODULES ##################################### + +@@ -153,7 +155,7 @@ tcp-backlog 511 + # incoming connections. There is no default, so Redis will not listen + # on a unix socket when not specified. + # +-# unixsocket /run/redis.sock ++unixsocket /run/redis/redis.sock + # unixsocketperm 700 + + # Close the connection after a client is idle for N seconds (0 to disable) +@@ -339,7 +341,7 @@ daemonize no + # + # Note that on modern Linux systems "/run/redis.pid" is more conforming + # and should be used instead. +-pidfile /var/run/redis_6379.pid ++pidfile /run/redis/redis.pid + + # Specify the server verbosity level. + # This can be one of: +@@ -353,7 +355,7 @@ loglevel notice + # Specify the log file name. Also the empty string can be used to force + # Redis to log on the standard output. Note that if you use standard + # output for logging but daemonize, logs will be sent to /dev/null +-logfile "" ++logfile /var/log/redis/redis.log + + # To enable logging to the system logger, just set 'syslog-enabled' to yes, + # and optionally update the other syslog parameters to suit your needs. +@@ -513,7 +515,7 @@ rdb-del-sync-files no + # The Append Only File will also be created inside this directory. + # + # Note that you must specify a directory here, not a file name. +-dir ./ ++dir /var/lib/redis + + ################################# REPLICATION ################################# + +diff -up ./sentinel.conf.old ./sentinel.conf +--- ./sentinel.conf.old 2025-07-06 13:59:42.000000000 +0200 ++++ ./sentinel.conf 2025-07-23 14:20:34.526056727 +0200 +@@ -17,7 +17,7 @@ daemonize no + # When running daemonized, Redis Sentinel writes a pid file in + # /var/run/redis-sentinel.pid by default. You can specify a custom pid file + # location here. +-pidfile /var/run/redis-sentinel.pid ++pidfile /run/redis/sentinel.pid + + # Specify the server verbosity level. + # This can be one of: +@@ -31,7 +31,7 @@ loglevel notice + # Specify the log file name. Also the empty string can be used to force + # Sentinel to log on the standard output. Note that if you use standard + # output for logging but daemonize, logs will be sent to /dev/null +-logfile "" ++logfile /var/log/redis/sentinel.log + + # To enable logging to the system logger, just set 'syslog-enabled' to yes, + # and optionally update the other syslog parameters to suit your needs. diff --git a/redis-limit-systemd b/redis-limit-systemd deleted file mode 100644 index a792937..0000000 --- a/redis-limit-systemd +++ /dev/null @@ -1,14 +0,0 @@ -# If you need to change max open file limit -# for example, when you change maxclient in configuration -# you can change the LimitNOFILE value below. -# See "man systemd.exec" for more information. - -# Slave nodes on large system may take lot of time to start. -# You may need to uncomment TimeoutStartSec and TimeoutStopSec -# directives below and raise their value. -# See "man systemd.service" for more information. - -[Service] -LimitNOFILE=10240 -#TimeoutStartSec=90s -#TimeoutStopSec=90s diff --git a/redis-loadmod.patch b/redis-loadmod.patch new file mode 100644 index 0000000..d84a0b2 --- /dev/null +++ b/redis-loadmod.patch @@ -0,0 +1,252 @@ +From 7ef0383905b75f070a0d9cbfc1bd47d773a44d3d Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Sat, 4 Oct 2025 11:02:35 +0200 +Subject: [PATCH 1/2] Fix #14404 don't add loadmodule when from config + +--- + src/config.c | 3 +++ + src/module.c | 16 +++++++++------- + src/server.h | 5 +++-- + 3 files changed, 15 insertions(+), 9 deletions(-) + +diff --git a/src/config.c b/src/config.c +index 2606d065027..973a31a5100 100644 +--- a/src/config.c ++++ b/src/config.c +@@ -362,6 +362,7 @@ void queueLoadModule(sds path, sds *argv, int argc) { + loadmod->argv = argc ? zmalloc(sizeof(robj*)*argc) : NULL; + loadmod->path = sdsnew(path); + loadmod->argc = argc; ++ loadmod->conf = 1; + for (i = 0; i < argc; i++) { + loadmod->argv[i] = createRawStringObject(argv[i],sdslen(argv[i])); + } +@@ -1570,6 +1571,8 @@ void rewriteConfigLoadmoduleOption(struct rewriteConfigState *state) { + struct RedisModule *module = dictGetVal(de); + /* Internal modules doesn't have path and are not part of the configuration file */ + if (sdslen(module->loadmod->path) == 0) continue; ++ /* ignore when loaded from config */ ++ if (module->loadmod->conf) continue; + + line = sdsnew("loadmodule "); + line = sdscatsds(line, module->loadmod->path); +diff --git a/src/module.c b/src/module.c +index ab8cafb191a..2d3b8a4eb3e 100644 +--- a/src/module.c ++++ b/src/module.c +@@ -12333,7 +12333,7 @@ int VectorSets_OnLoad(RedisModuleCtx *ctx, RedisModuleString **argv, int argc); + /* Load internal data types that bundled as modules */ + void moduleLoadInternalModules(void) { + #ifdef INCLUDE_VEC_SETS +- int retval = moduleOnLoad((int (*)(void *, void **, int)) VectorSets_OnLoad, NULL, NULL, NULL, 0, 0); ++ int retval = moduleOnLoad((int (*)(void *, void **, int)) VectorSets_OnLoad, NULL, NULL, NULL, 0, 0, 1); + serverAssert(retval == C_OK); + #endif + } +@@ -12354,7 +12354,7 @@ void moduleLoadFromQueue(void) { + listRewind(server.loadmodule_queue,&li); + while((ln = listNext(&li))) { + struct moduleLoadQueueEntry *loadmod = ln->value; +- if (moduleLoad(loadmod->path,(void **)loadmod->argv,loadmod->argc, 0) ++ if (moduleLoad(loadmod->path,(void **)loadmod->argv, loadmod->argc, 0, loadmod->conf) + == C_ERR) + { + serverLog(LL_WARNING, +@@ -12543,7 +12543,7 @@ void moduleUnregisterCleanup(RedisModule *module) { + + /* Load a module by path and initialize it. On success C_OK is returned, otherwise + * C_ERR is returned. */ +-int moduleLoad(const char *path, void **module_argv, int module_argc, int is_loadex) { ++int moduleLoad(const char *path, void **module_argv, int module_argc, int is_loadex, int is_config) { + int (*onload)(void *, void **, int); + void *handle; + +@@ -12570,12 +12570,12 @@ int moduleLoad(const char *path, void **module_argv, int module_argc, int is_loa + return C_ERR; + } + +- return moduleOnLoad(onload, path, handle, module_argv, module_argc, is_loadex); ++ return moduleOnLoad(onload, path, handle, module_argv, module_argc, is_loadex, is_config); + } + + /* Load a module by its 'onload' callback and initialize it. On success C_OK is returned, otherwise + * C_ERR is returned. */ +-int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex) { ++int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex, int is_config) { + RedisModuleCtx ctx; + moduleCreateContext(&ctx, NULL, REDISMODULE_CTX_TEMP_CLIENT); /* We pass NULL since we don't have a module yet. */ + if (onload((void*)&ctx,module_argv,module_argc) == REDISMODULE_ERR) { +@@ -12599,6 +12599,8 @@ int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *ha + ctx.module->loadmod->path = sdsnew(path); + ctx.module->loadmod->argv = module_argc ? zmalloc(sizeof(robj*)*module_argc) : NULL; + ctx.module->loadmod->argc = module_argc; ++ ctx.module->loadmod->conf = is_config; ++ + for (int i = 0; i < module_argc; i++) { + ctx.module->loadmod->argv[i] = module_argv[i]; + incrRefCount(ctx.module->loadmod->argv[i]); +@@ -13910,7 +13912,7 @@ NULL + argv = &c->argv[3]; + } + +- if (moduleLoad(c->argv[2]->ptr,(void **)argv,argc, 0) == C_OK) ++ if (moduleLoad(c->argv[2]->ptr,(void **)argv,argc, 0, 0) == C_OK) + addReply(c,shared.ok); + else + addReplyError(c, +@@ -13926,7 +13928,7 @@ NULL + /* If this is a loadex command we want to populate server.module_configs_queue with + * sds NAME VALUE pairs. We also want to increment argv to just after ARGS, if supplied. */ + if (parseLoadexArguments((RedisModuleString ***) &argv, &argc) == REDISMODULE_OK && +- moduleLoad(c->argv[2]->ptr, (void **)argv, argc, 1) == C_OK) ++ moduleLoad(c->argv[2]->ptr, (void **)argv, argc, 1, 0) == C_OK) + addReply(c,shared.ok); + else { + dictEmpty(server.module_configs_queue, NULL); +diff --git a/src/server.h b/src/server.h +index a5cf8a73fe0..d724f09e193 100644 +--- a/src/server.h ++++ b/src/server.h +@@ -1499,6 +1499,7 @@ struct saveparam { + + struct moduleLoadQueueEntry { + sds path; ++ int conf; + int argc; + robj **argv; + }; +@@ -2745,8 +2746,8 @@ void populateCommandLegacyRangeSpec(struct redisCommand *c); + void moduleInitModulesSystem(void); + void moduleInitModulesSystemLast(void); + void modulesCron(void); +-int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex); +-int moduleLoad(const char *path, void **argv, int argc, int is_loadex); ++int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex, int is_config); ++int moduleLoad(const char *path, void **argv, int argc, int is_loadex, int is_config); + int moduleUnload(sds name, const char **errmsg, int forced_unload); + void moduleLoadInternalModules(void); + void moduleLoadFromQueue(void); + +From 92d7e87872db47edc07e6349fcdadacde9a1d8ef Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Mon, 6 Oct 2025 02:52:16 +0200 +Subject: [PATCH 2/2] only protect loadmodule from include files + +--- + src/config.c | 9 +++++++-- + src/module.c | 10 +++++----- + src/server.h | 6 +++--- + 3 files changed, 15 insertions(+), 10 deletions(-) + +diff --git a/src/config.c b/src/config.c +index 973a31a5100..ea8b8dab55b 100644 +--- a/src/config.c ++++ b/src/config.c +@@ -354,6 +354,9 @@ void resetServerSaveParams(void) { + server.saveparamslen = 0; + } + ++/* support detecting include vs main config file */ ++static int reading_include_file = 0; ++ + void queueLoadModule(sds path, sds *argv, int argc) { + int i; + struct moduleLoadQueueEntry *loadmod; +@@ -362,7 +365,7 @@ void queueLoadModule(sds path, sds *argv, int argc) { + loadmod->argv = argc ? zmalloc(sizeof(robj*)*argc) : NULL; + loadmod->path = sdsnew(path); + loadmod->argc = argc; +- loadmod->conf = 1; ++ loadmod->from_include = reading_include_file;; + for (i = 0; i < argc; i++) { + loadmod->argv[i] = createRawStringObject(argv[i],sdslen(argv[i])); + } +@@ -522,7 +525,9 @@ void loadServerConfigFromString(char *config) { + + /* Execute config directives */ + if (!strcasecmp(argv[0],"include") && argc == 2) { ++ reading_include_file = 1; + loadServerConfig(argv[1], 0, NULL); ++ reading_include_file = 0; + } else if (!strcasecmp(argv[0],"rename-command") && argc == 3) { + struct redisCommand *cmd = lookupCommandBySds(argv[1]); + int retval; +@@ -1572,7 +1577,7 @@ void rewriteConfigLoadmoduleOption(struct rewriteConfigState *state) { + /* Internal modules doesn't have path and are not part of the configuration file */ + if (sdslen(module->loadmod->path) == 0) continue; + /* ignore when loaded from config */ +- if (module->loadmod->conf) continue; ++ if (module->loadmod->from_include) continue; + + line = sdsnew("loadmodule "); + line = sdscatsds(line, module->loadmod->path); +diff --git a/src/module.c b/src/module.c +index 2d3b8a4eb3e..d8c887fcdbf 100644 +--- a/src/module.c ++++ b/src/module.c +@@ -12354,7 +12354,7 @@ void moduleLoadFromQueue(void) { + listRewind(server.loadmodule_queue,&li); + while((ln = listNext(&li))) { + struct moduleLoadQueueEntry *loadmod = ln->value; +- if (moduleLoad(loadmod->path,(void **)loadmod->argv, loadmod->argc, 0, loadmod->conf) ++ if (moduleLoad(loadmod->path,(void **)loadmod->argv, loadmod->argc, 0, loadmod->from_include) + == C_ERR) + { + serverLog(LL_WARNING, +@@ -12543,7 +12543,7 @@ void moduleUnregisterCleanup(RedisModule *module) { + + /* Load a module by path and initialize it. On success C_OK is returned, otherwise + * C_ERR is returned. */ +-int moduleLoad(const char *path, void **module_argv, int module_argc, int is_loadex, int is_config) { ++int moduleLoad(const char *path, void **module_argv, int module_argc, int is_loadex, int from_include) { + int (*onload)(void *, void **, int); + void *handle; + +@@ -12570,12 +12570,12 @@ int moduleLoad(const char *path, void **module_argv, int module_argc, int is_loa + return C_ERR; + } + +- return moduleOnLoad(onload, path, handle, module_argv, module_argc, is_loadex, is_config); ++ return moduleOnLoad(onload, path, handle, module_argv, module_argc, is_loadex, from_include); + } + + /* Load a module by its 'onload' callback and initialize it. On success C_OK is returned, otherwise + * C_ERR is returned. */ +-int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex, int is_config) { ++int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex, int from_include) { + RedisModuleCtx ctx; + moduleCreateContext(&ctx, NULL, REDISMODULE_CTX_TEMP_CLIENT); /* We pass NULL since we don't have a module yet. */ + if (onload((void*)&ctx,module_argv,module_argc) == REDISMODULE_ERR) { +@@ -12599,7 +12599,7 @@ int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *ha + ctx.module->loadmod->path = sdsnew(path); + ctx.module->loadmod->argv = module_argc ? zmalloc(sizeof(robj*)*module_argc) : NULL; + ctx.module->loadmod->argc = module_argc; +- ctx.module->loadmod->conf = is_config; ++ ctx.module->loadmod->from_include = from_include; + + for (int i = 0; i < module_argc; i++) { + ctx.module->loadmod->argv[i] = module_argv[i]; +diff --git a/src/server.h b/src/server.h +index d724f09e193..f3c836c9edc 100644 +--- a/src/server.h ++++ b/src/server.h +@@ -1499,7 +1499,7 @@ struct saveparam { + + struct moduleLoadQueueEntry { + sds path; +- int conf; ++ int from_include; + int argc; + robj **argv; + }; +@@ -2746,8 +2746,8 @@ void populateCommandLegacyRangeSpec(struct redisCommand *c); + void moduleInitModulesSystem(void); + void moduleInitModulesSystemLast(void); + void modulesCron(void); +-int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex, int is_config); +-int moduleLoad(const char *path, void **argv, int argc, int is_loadex, int is_config); ++int moduleOnLoad(int (*onload)(void *, void **, int), const char *path, void *handle, void **module_argv, int module_argc, int is_loadex, int from_include); ++int moduleLoad(const char *path, void **argv, int argc, int is_loadex, int from_include); + int moduleUnload(sds name, const char **errmsg, int forced_unload); + void moduleLoadInternalModules(void); + void moduleLoadFromQueue(void); diff --git a/redis-sentinel.service b/redis-sentinel.service index 0bcc990..ffb748a 100644 --- a/redis-sentinel.service +++ b/redis-sentinel.service @@ -12,6 +12,19 @@ Group=redis RuntimeDirectory=redis RuntimeDirectoryMode=0755 +# If you need to change max open file limit +# for example, when you change maxclient in configuration +# you can change the LimitNOFILE value below. +# See "man systemd.exec" for more information. +LimitNOFILE=10240 + +# Slave nodes on large system may take lot of time to start. +# You may need to uncomment TimeoutStartSec and TimeoutStopSec +# directives below and raise their value. +# See "man systemd.service" for more information. +#TimeoutStartSec=90s +#TimeoutStopSec=90s + [Install] WantedBy=multi-user.target diff --git a/redis.service b/redis.service index a577c83..093cfd4 100644 --- a/redis.service +++ b/redis.service @@ -12,6 +12,19 @@ Group=redis RuntimeDirectory=redis RuntimeDirectoryMode=0755 +# If you need to change max open file limit +# for example, when you change maxclient in configuration +# you can change the LimitNOFILE value below. +# See "man systemd.exec" for more information. +LimitNOFILE=10240 + +# Slave nodes on large system may take lot of time to start. +# You may need to uncomment TimeoutStartSec and TimeoutStopSec +# directives below and raise their value. +# See "man systemd.service" for more information. +#TimeoutStartSec=90s +#TimeoutStopSec=90s + [Install] WantedBy=multi-user.target @@ -18,28 +18,38 @@ # Tests fail in mock, not in local build. %bcond_with tests -%global upstream_ver 8.0.1 +%global upstream_ver 8.4.0 +#global upstream_pre rc1 +#global upstream_intver 8.3.240 + Name: redis -Version: %{upstream_ver} +Version: %{upstream_ver}%{?upstream_pre:~%{upstream_pre}} Release: 1%{?dist} Summary: A persistent key-value database # redis: RSALv2 or SSPLv1 or AGPLv3 (only AGPLv3 is OSS) # hiredis: BSD-3-Clause -# hdrhistogram, jemalloc, lzf, linenoise: BSD-2-Clause +# hdrhistogram, jemalloc, lzf, linenoise, xxhash: BSD-2-Clause # lua, fast_float: MIT # fpconv: BSL-1.0 License: AGPL-3.0-only AND BSD-3-Clause AND BSD-2-Clause AND MIT AND BSL-1.0 URL: http://redis.io #ource0: https://download.redis.io/releases/%%{name}-%%{upstream_ver}.tar.gz -Source0: https://github.com/redis/redis/archive/refs/tags/%{version}.tar.gz +Source0: https://github.com/redis/redis/archive/refs/tags/%{upstream_ver}%{?upstream_pre:-%{upstream_pre}}.tar.gz Source1: %{name}.logrotate Source2: %{name}-sentinel.service Source3: %{name}.service -Source7: %{name}-limit-systemd -Source9: macros.%{name} +Source4: %{name}.sysusers +Source5: %{name}.tmpfiles + +# Fix default paths in configuration files for RPM layout +Patch0: %{name}-conf.patch +# Workaround to https://github.com/redis/redis/issues/14404 +Patch1: %{name}-loadmod.patch BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: libstdc++-devel %if %{with jemalloc} BuildRequires: jemalloc-devel %else @@ -52,13 +62,14 @@ BuildRequires: tcl %endif BuildRequires: pkgconfig(libsystemd) BuildRequires: systemd +%sysusers_requires_compat +BuildRequires: systemd-rpm-macros BuildRequires: openssl-devel >= 1.0.2 Obsoletes: redis-trib < 8 Obsoletes: redis-doc < 8 Requires: logrotate -Requires(pre): shadow-utils Requires(post): systemd Requires(preun): systemd Requires(postun): systemd @@ -74,13 +85,24 @@ Provides: bundled(lzf) Provides: bundled(hdr_histogram) = 0.11.0 # from deps/fast_float/README.md Provides: bundled(fast_float) = 6.1.4 +# from deps/xxhash/xxhash.h +Provides: bundled(xxhash) = 0.8.3 # no version Provides: bundled(fpconv) +# Static modules +Provides: redis-vectorset = %{upstream_ver} +Provides: redis-vectorset%{?_isa} = %{upstream_ver} +# Internal version for pre-release +%if 0%{?upstream_intver:1} +Provides: redis = %{upstream_intver} +Provides: redis%{?_isa} = %{upstream_intver} +%endif Conflicts: valkey-compat-redis %global redis_modules_abi 1 %global redis_modules_dir %{_libdir}/%{name}/modules +%global redis_modules_cfg %{_sysconfdir}/redis/modules Provides: redis(modules_abi)%{?_isa} = %{redis_modules_abi} %description @@ -120,7 +142,9 @@ API documentation is available in the redis-doc package. %prep -%setup -q -n %{name}-%{upstream_ver} +%setup -q -n %{name}-%{upstream_ver}%{?upstream_pre:-%{upstream_pre}} +%patch -P0 -p1 -b .old +%patch -P1 -p1 -b .loadmod %if %{with jemalloc} rm -frv deps/jemalloc @@ -136,11 +160,7 @@ mv deps/hiredis/COPYING COPYING-hiredis mv deps/hdr_histogram/LICENSE.txt LICENSE-hdrhistogram mv deps/hdr_histogram/COPYING.txt COPYING-hdrhistogram mv deps/fpconv/LICENSE.txt LICENSE-fpconv - -# Configuration file changes -sed -i -e 's|^logfile .*$|logfile /var/log/redis/redis.log|g' redis.conf -sed -i -e 's|^logfile .*$|logfile /var/log/redis/sentinel.log|g' sentinel.conf -sed -i -e 's|^dir .*$|dir /var/lib/redis|g' redis.conf +mv deps/xxhash/LICENSE LICENSE-xxhash # See https://bugzilla.redhat.com/2240293 # See https://src.fedoraproject.org/rpms/jemalloc/blob/rawhide/f/jemalloc.spec#_34 @@ -155,7 +175,7 @@ sed -e 's/--with-lg-quantum/--with-lg-page=16 --with-lg-quantum/' -i deps/Makefi api=`sed -n -e 's/#define REDISMODULE_APIVER_[0-9][0-9]* //p' src/redismodule.h` if test "$api" != "%{redis_modules_abi}"; then : Error: Upstream API version is now ${api}, expecting %%{redis_modules_abi}. - : Update the redis_modules_abi macro, the rpmmacros file, and rebuild. + : Update the redis_modules_abi macro, and rebuild. exit 1 fi @@ -166,6 +186,17 @@ fi %global make_flags DEBUG="" V="echo" LDFLAGS="%{?__global_ldflags}" CFLAGS+="%{optflags} -fPIC" INSTALL="install -p" PREFIX=%{buildroot}%{_prefix} %{?malloc_flags} %{?tls_flags} %{?sysd_flags} : %{make_flags} +# Generates macro file +cat << 'EOF' | tee macros.redis +%%redis_version %{?upstream_intver}%{!?upstream_intver:%{upstream_ver}} +%%redis_modules_abi %redis_modules_abi +%%redis_modules_dir %redis_modules_dir +%%redis_modules_cfg %redis_modules_cfg +EOF + +: List bundled modules +grep MODULE_VERSION modules/*/Makefile + %build make %{?_smp_mflags} %{make_flags} all @@ -174,11 +205,19 @@ make %{?_smp_mflags} %{make_flags} all %install make %{make_flags} install +# System user +install -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysusersdir}/%{name}.conf + +# Install tmpfiles.d file +install -p -D -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/%{name}.conf + # Filesystem. install -d %{buildroot}%{_sharedstatedir}/%{name} install -d %{buildroot}%{_localstatedir}/log/%{name} install -d %{buildroot}%{_localstatedir}/run/%{name} install -d %{buildroot}%{redis_modules_dir} +install -d %{buildroot}%{_sysconfdir}/systemd/system/%{name}.service.d +install -d %{buildroot}%{_sysconfdir}/systemd/system/%{name}-sentinel.service.d # Install logrotate file. install -pDm644 %{S:1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} @@ -186,30 +225,22 @@ install -pDm644 %{S:1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} # Install configuration files. install -pDm640 %{name}.conf %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf install -pDm640 sentinel.conf %{buildroot}%{_sysconfdir}/%{name}/sentinel.conf +install -dm750 %{buildroot}%{redis_modules_cfg} # Install systemd unit files. mkdir -p %{buildroot}%{_unitdir} install -pm644 %{S:3} %{buildroot}%{_unitdir} install -pm644 %{S:2} %{buildroot}%{_unitdir} -# Install systemd limit files (requires systemd >= 204) -install -p -D -m 644 %{S:7} %{buildroot}%{_sysconfdir}/systemd/system/%{name}.service.d/limit.conf -install -p -D -m 644 %{S:7} %{buildroot}%{_sysconfdir}/systemd/system/%{name}-sentinel.service.d/limit.conf - # Fix non-standard-executable-perm error. chmod 755 %{buildroot}%{_bindir}/%{name}-* # Install redis module header install -pDm644 src/%{name}module.h %{buildroot}%{_includedir}/%{name}module.h -%if %{with redistrib} -# Install redis-trib -install -pDm755 src/%{name}-trib.rb %{buildroot}%{_bindir}/%{name}-trib -%endif - # Install rpm macros for redis modules mkdir -p %{buildroot}%{_rpmmacrodir} -install -pDm644 %{S:9} %{buildroot}%{_rpmmacrodir}/macros.%{name} +install -pDm644 macros.redis %{buildroot}%{_rpmmacrodir}/macros.%{name} %check %if %{with tests} @@ -227,11 +258,7 @@ make %{make_flags} test-sentinel %endif %pre -getent group %{name} &> /dev/null || \ -groupadd -r %{name} &> /dev/null -getent passwd %{name} &> /dev/null || \ -useradd -r -g %{name} -d %{_sharedstatedir}/%{name} -s /sbin/nologin \ --c 'Redis Database Server' %{name} &> /dev/null +%sysusers_create_compat %{SOURCE4} exit 0 %if 0%{?fedora} < 34 && 0%{?rhel} < 9 @@ -286,31 +313,29 @@ fi %license LICENSE-hdrhistogram %license COPYING-hdrhistogram %license LICENSE-fpconv +%license LICENSE-xxhash %if %{without jemalloc} %license COPYING-jemalloc %endif %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %attr(0750, redis, root) %dir %{_sysconfdir}/%{name} +%attr(0750, redis, root) %dir %{redis_modules_cfg} %attr(0640, redis, root) %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf %attr(0640, redis, root) %config(noreplace) %{_sysconfdir}/%{name}/sentinel.conf %dir %{_libdir}/%{name} %dir %{redis_modules_dir} %dir %attr(0750, redis, redis) %{_sharedstatedir}/%{name} %dir %attr(0750, redis, redis) %{_localstatedir}/log/%{name} -%if %{with redistrib} -%exclude %{_bindir}/%{name}-trib -%endif %exclude %{_rpmmacrodir} %exclude %{_includedir} -%exclude %{_docdir}/%{name}/* %{_bindir}/%{name}-* %{_unitdir}/%{name}.service %{_unitdir}/%{name}-sentinel.service %dir %{_sysconfdir}/systemd/system/%{name}.service.d -%config(noreplace) %{_sysconfdir}/systemd/system/%{name}.service.d/limit.conf %dir %{_sysconfdir}/systemd/system/%{name}-sentinel.service.d -%config(noreplace) %{_sysconfdir}/systemd/system/%{name}-sentinel.service.d/limit.conf %dir %attr(0755, redis, redis) %ghost %{_localstatedir}/run/%{name} +%{_sysusersdir}/%{name}.conf +%{_tmpfilesdir}/%{name}.conf %files devel %license LICENSE.txt @@ -319,8 +344,68 @@ fi %changelog +* Fri Nov 7 2025 Remi Collet <remi@remirepo.net> - 8.4.0-1 +- Redis 8.4 GA (v8.4.0) Released Tue 18 Nov 2025 15:00:00 IST + +* Fri Nov 7 2025 Remi Collet <remi@remirepo.net> - 8.4~rc1-2 +- add provide for internal version +- add provide for static module vertorset +- add %%redis_version macro + +* Tue Nov 4 2025 Remi Collet <remi@remirepo.net> - 8.4~rc1-1 +- Redis 8.4-RC1 (v8.3.240) Released Tue 4 Nov 2025 10:00:00 IST + +* Mon Nov 3 2025 Remi Collet <remi@remirepo.net> - 8.2.3-1 +- Redis 8.2.3 Released Sun 2 Nov 2025 10:00:00 IST +- Update urgency: SECURITY: + CVE-2025-62507 + +* Mon Oct 6 2025 Remi Collet <remi@fedoraproject.org> - 8.2.2-3 +- improve the patch for loadmodule directive + +* Sun Oct 5 2025 Remi Collet <remi@remirepo.net> - 8.2.2-2 +- fix CONFIG REWRITE breaks configuration + reported as https://github.com/redis/redis/issues/14404 + using patch from https://github.com/redis/redis/pull/14407 + +* Fri Oct 3 2025 Remi Collet <remi@remirepo.net> - 8.2.2-1 +- Redis 8.2.2 Released Fri 3 Oct 2025 10:00:00 IST +- Update urgency: SECURITY: + CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 + +* Tue Aug 19 2025 Remi Collet <remi@remirepo.net> - 8.2.1-1 +- Redis 8.2.1 (v8.2.1) Released Mon 18 Aug 2025 12:00:00 IST +- Update urgency: MODERATE: Program an upgrade of the server, but it's not urgent. + +* Mon Aug 4 2025 Remi Collet <remi@remirepo.net> - 8.2.0-1 +- Redis 8.2 GA (v8.2.0) Released Mon 4 Aug 2025 15:00:00 IST + +* Mon Jul 28 2025 Remi Collet <remi@remirepo.net> - 8.0.3-4 +- add sysusers.d file for user management +- add tmpfiles.d file for temporary dir management + +* Wed Jul 23 2025 Remi Collet <remi@remirepo.net> - 8.0.3-3 +- add /etc/redis/modules drop-in directory for module configuration files + +* Thu Jul 10 2025 Remi Collet <remi@remirepo.net> - 8.0.3-2 +- add missing build requirements +- use patch for config instead of sed +- fix pidfile path in /run/redis +- set unixsocket + +* Mon Jul 7 2025 Remi Collet <remi@remirepo.net> - 8.0.3-1 +- Redis 8.0.3 Released Sun 6 Jul 2025 12:00:00 IST +- Update urgency: SECURITY: CVE-2025-32023 and CVE-2025-48367 + +* Thu Jun 19 2025 Remi Collet <remi@remirepo.net> - 8.0.2-2 +- remove limit.conf config files + +* Wed May 28 2025 Remi Collet <remi@remirepo.net> - 8.0.2-1 +- Redis 8.0.2 Released Tue 27 May 2025 12:00:00 IST +- Update urgency: SECURITY: CVE-2025-27151 + * Tue May 13 2025 Remi Collet <remi@remirepo.net> - 8.0.1-1 -- Redis 8.0.1 Released Sun 13 May 2025 16:00:00 IST +- Redis 8.0.1 Released Tue 13 May 2025 16:00:00 IST - Update urgency: MODERATE * Mon May 5 2025 Remi Collet <remi@remirepo.net> - 8.0.0-1 diff --git a/redis.sysusers b/redis.sysusers new file mode 100644 index 0000000..0494785 --- /dev/null +++ b/redis.sysusers @@ -0,0 +1 @@ +u redis - "Redis Database Server" /var/lib/redis /sbin/nologin diff --git a/redis.tmpfiles b/redis.tmpfiles new file mode 100644 index 0000000..75ba125 --- /dev/null +++ b/redis.tmpfiles @@ -0,0 +1,4 @@ +Z /etc/redis ~0750 redis root - +D /run/redis 0755 redis redis - +d /var/lib/redis 0750 redis redis - +d /var/log/redis 0750 redis redis - |