Merge branch 'main' into feature/thousands-separator-df

Author: sylvestre

.devcontainer/Dockerfile

@@ -12,12 +12,12 @@ RUN apt-get update \
        gcc \
        gdb \
        gperf \
-       jq \
        libacl1-dev \
        libattr1-dev \
        libcap-dev \
        libexpect-perl \
        libselinux1-dev \
+       libsystemd-dev \
        python3-pyinotify \
        quilt \
        texinfo \

.github/workflows/CICD.yml

@@ -29,7 +29,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           persist-credentials: false
       - name: Run ShellCheck
@@ -47,7 +47,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           persist-credentials: false
       - name: Setup shfmt

.github/workflows/CheckScripts.yml

@@ -26,7 +26,7 @@ jobs:
         job:
           - { os: ubuntu-latest , features: feat_os_unix }
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
       with:
         persist-credentials: false
     - name: Initialize job variables

.github/workflows/FixPR.yml

@@ -2,10 +2,11 @@ name: GnuTests
 
 # spell-checker:ignore (abbrev/names) CodeCov gnulib GnuTests Swatinem
 # spell-checker:ignore (jargon) submodules devel
-# spell-checker:ignore (libs/utils) autopoint chksum getenforce gperf lcov libexpect limactl pyinotify setenforce shopt texinfo valgrind libattr libcap taiki-e
+# spell-checker:ignore (libs/utils) autopoint chksum dpkg getenforce getlimits gperf lcov libexpect limactl pyinotify setenforce shopt texinfo valgrind libattr libcap taiki-e
 # spell-checker:ignore (options) Ccodegen Coverflow Cpanic Zpanic
 # spell-checker:ignore (people) Dawid Dziurla * dawidd dtolnay
 # spell-checker:ignore (vars) FILESET SUBDIRS XPASS
+# spell-checker:ignore userns
 
 # * note: to run a single test => `REPO/util/run-gnu-test.sh PATH/TO/TEST/SCRIPT`
 
@@ -27,9 +28,9 @@ env:
   DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
   TEST_FULL_SUMMARY_FILE: 'gnu-full-result.json'
   TEST_ROOT_FULL_SUMMARY_FILE: 'gnu-root-full-result.json'
+  TEST_STTY_FULL_SUMMARY_FILE: 'gnu-stty-full-result.json'
   TEST_SELINUX_FULL_SUMMARY_FILE: 'selinux-gnu-full-result.json'
   TEST_SELINUX_ROOT_FULL_SUMMARY_FILE: 'selinux-root-gnu-full-result.json'
-  REPO_GNU_REF: "v9.8"
 
 jobs:
   native:
@@ -38,7 +39,7 @@ jobs:
     steps:
     #### Get the code, setup cache
     - name: Checkout code (uutils)
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
         path: 'uutils'
         persist-credentials: false
@@ -50,28 +51,26 @@ jobs:
       with:
         workspaces: "./uutils -> target"
     - name: Checkout code (GNU coreutils)
-      uses: actions/checkout@v5
+      run: (mkdir -p gnu && cd gnu && bash ../uutils/util/fetch-gnu.sh)
+    - name: Restore files for faster configure and skipping make
+      uses: actions/cache@v5
+      id: cache-config-gnu
       with:
-        repository: 'coreutils/coreutils'
-        path: 'gnu'
-        ref: ${{ env.REPO_GNU_REF }}
-        submodules: false
-        persist-credentials: false
-    - name: Override submodule URL and initialize submodules
-      # Use github instead of upstream git server
-      run: |
-        git submodule sync --recursive
-        git config submodule.gnulib.url https://github.com/coreutils/gnulib.git
-        git submodule update --init --recursive --depth 1
-      working-directory: gnu
+        path: |
+          gnu/config.cache
+          gnu/src/getlimits
+        key: ${{ runner.os }}-gnu-config-${{ hashFiles('gnu/NEWS') }}-${{ hashFiles('uutils/util/build-gnu.sh') }} # use build-gnu.sh for extremely safe caching
 
     #### Build environment setup
     - name: Install dependencies
       shell: bash
       run: |
         ## Install dependencies
         sudo apt-get update
-        sudo apt-get install -y autoconf autopoint bison texinfo gperf gcc g++ gdb python3-pyinotify jq valgrind libexpect-perl libacl1-dev libattr1-dev libcap-dev libselinux1-dev attr quilt
+        ## Check that build-gnu.sh works on the non SELinux system by installing libselinux only on lima
+        sudo apt-get install -y autopoint gperf gdb python3-pyinotify valgrind libexpect-perl libacl1-dev libattr1-dev libcap-dev attr quilt
+        curl http://launchpadlibrarian.net/831710181/automake_1.18.1-3_all.deb > automake-1.18.deb
+        sudo dpkg -i --force-depends automake-1.18.deb
     - name: Add various locales
       shell: bash
       run: |
@@ -89,6 +88,10 @@ jobs:
         sudo locale-gen --keep-existing en_US
         sudo locale-gen --keep-existing en_US.UTF-8
         sudo locale-gen --keep-existing ru_RU.KOI8-R
+        sudo locale-gen --keep-existing fa_IR.UTF-8 # Iran
+        sudo locale-gen --keep-existing am_ET.UTF-8 # Ethiopia
+        sudo locale-gen --keep-existing th_TH.UTF-8 # Thailand
+        sudo locale-gen --keep-existing zh_CN.GB18030 # China
 
         sudo update-locale
         echo "After:"
@@ -100,12 +103,24 @@ jobs:
       run: |
         ## Build binaries
         cd 'uutils'
-        bash util/build-gnu.sh --release-build
+        env PROFILE=release-small bash util/build-gnu.sh
+        
+    - name: Save files for faster configure and skipping make
+      uses: actions/cache/save@v5
+      if: always() && steps.cache-config-gnu.outputs.cache-hit != 'true'
+      with:
+        path: |
+          gnu/config.cache
+          gnu/src/getlimits
+        key: ${{ runner.os }}-gnu-config-${{ hashFiles('gnu/NEWS') }}-${{ hashFiles('uutils/util/build-gnu.sh') }}
 
     ### Run tests as user
     - name: Run GNU tests
       shell: bash
       run: |
+        ## Use unshare
+        sudo sysctl -w kernel.unprivileged_userns_clone=1
+        sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
         ## Run GNU tests
         path_GNU='gnu'
         path_UUTILS='uutils'
@@ -124,30 +139,58 @@ jobs:
         path_GNU='gnu'
         path_UUTILS='uutils'
         bash "uutils/util/run-gnu-test.sh" run-root
+
     - name: Extract testing info from individual logs (run as root) into JSON
       shell: bash
       run : |
         path_UUTILS='uutils'
         python uutils/util/gnu-json-result.py gnu/tests > ${{ env.TEST_ROOT_FULL_SUMMARY_FILE }}
 
+    ### This shell has been changed from "bash" to this command
+    ### "script" will start a pty and the -q command removes the "script" initiation log
+    ### the -e flag makes it propagate the error code and -c runs the command in a pty
+    ### the primary purpose of this change is to run the tty GNU tests
+    ### The reason its separated from the rest of the tests is because one test can corrupt the other
+    ### tests through the use of the shared terminal and it changes the environment that the other
+    ### tests are run in, which can cause different results.
+    - name: Run GNU stty tests
+      shell: 'script -q -e -c "bash {0}"'
+      run: |
+        ## Run GNU root tests
+        path_GNU='gnu'
+        path_UUTILS='uutils'
+        bash "uutils/util/run-gnu-test.sh" run-tty
+
+    - name: Extract testing info from individual logs (stty) into JSON
+      shell: bash
+      run : |
+        path_UUTILS='uutils'
+        python uutils/util/gnu-json-result.py gnu/tests > ${{ env.TEST_STTY_FULL_SUMMARY_FILE }}
+
     ### Upload artifacts
     - name: Upload full json results
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: gnu-full-result
         path: ${{ env.TEST_FULL_SUMMARY_FILE }}
     - name: Upload root json results
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: gnu-root-full-result
         path: ${{ env.TEST_ROOT_FULL_SUMMARY_FILE }}
+    - name: Upload stty json results
+      uses: actions/upload-artifact@v6
+      with:
+        name: gnu-stty-full-result
+        path: ${{ env.TEST_STTY_FULL_SUMMARY_FILE }}
+
     - name: Compress test logs
       shell: bash
       run : |
         # Compress logs before upload (fails otherwise)
         gzip gnu/tests/*/*.log
     - name: Upload test logs
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: test-logs
         path: |
@@ -160,7 +203,7 @@ jobs:
     steps:
     #### Get the code, setup cache
     - name: Checkout code (uutils)
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
         path: 'uutils'
         persist-credentials: false
@@ -172,32 +215,19 @@ jobs:
       with:
         workspaces: "./uutils -> target"
     - name: Checkout code (GNU coreutils)
-      uses: actions/checkout@v5
-      with:
-        repository: 'coreutils/coreutils'
-        path: 'gnu'
-        ref: ${{ env.REPO_GNU_REF }}
-        submodules: false
-        persist-credentials: false
-    - name: Override submodule URL and initialize submodules
-      # Use github instead of upstream git server
-      run: |
-        git submodule sync --recursive
-        git config submodule.gnulib.url https://github.com/coreutils/gnulib.git
-        git submodule update --init --recursive --depth 1
-      working-directory: gnu
+      run: (mkdir -p gnu && cd gnu && bash ../uutils/util/fetch-gnu.sh)
 
     #### Lima build environment setup
     - name: Setup Lima
       uses: lima-vm/lima-actions/setup@v1
       id: lima-actions-setup
     - name: Cache ~/.cache/lima
-      uses: actions/cache@v4
+      uses: actions/cache@v5
       with:
         path: ~/.cache/lima
         key: lima-${{ steps.lima-actions-setup.outputs.version }}
     - name: Start Fedora VM with SELinux
-      run: limactl start --plain --name=default --cpus=4 --disk=40 --memory=8 --network=lima:user-v2 template://fedora
+      run: limactl start --plain --name=default --cpus=4 --disk=40 --memory=8 --network=lima:user-v2 template:fedora
     - name: Verify SELinux Status and Configuration
       run: |
         lima getenforce
@@ -216,7 +246,7 @@ jobs:
     - name: Install dependencies in VM
       run: |
         lima sudo dnf -y update
-        lima sudo dnf -y install git autoconf autopoint bison texinfo gperf gcc g++ gdb jq libacl-devel libattr-devel libcap-devel libselinux-devel attr rustup clang-devel texinfo-tex wget automake patch quilt
+        lima sudo dnf -y install git autoconf autopoint bison texinfo gperf gcc gdb jq libacl-devel libattr-devel libcap-devel libselinux-devel attr rustup clang-devel texinfo-tex automake patch quilt
         lima rustup-init -y --default-toolchain stable
     - name: Copy the sources to VM
       run: |
@@ -225,7 +255,7 @@ jobs:
     ### Build
     - name: Build binaries
       run: |
-        lima bash -c "cd ~/work/uutils/ && bash util/build-gnu.sh --release-build"
+        lima bash -c "cd ~/work/uutils/ && SELINUX_ENABLED=1 PROFILE=release-small bash util/build-gnu.sh"
 
     ### Run tests as user
     - name: Generate SELinux tests list
@@ -266,12 +296,12 @@ jobs:
         # Copy the test directory now
         rsync -v -a -e ssh lima-default:~/work/gnu/tests/ ./gnu/tests-selinux/
     - name: Upload SELinux json results
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: selinux-gnu-full-result
         path: ${{ env.TEST_SELINUX_FULL_SUMMARY_FILE }}
     - name: Upload SELinux root json results
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: selinux-root-gnu-full-result
         path: ${{ env.TEST_SELINUX_ROOT_FULL_SUMMARY_FILE }}
@@ -281,7 +311,7 @@ jobs:
         # Compress logs before upload (fails otherwise)
         gzip gnu/tests-selinux/*/*.log
     - name: Upload SELinux test logs
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: selinux-test-logs
         path: |
@@ -309,12 +339,12 @@ jobs:
 
         outputs TEST_SUMMARY_FILE AGGREGATED_SUMMARY_FILE
     - name: Checkout code (uutils)
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
         path: 'uutils'
         persist-credentials: false
     - name: Retrieve reference artifacts
-      uses: dawidd6/action-download-artifact@v11
+      uses: dawidd6/action-download-artifact@v12
       # ref: <https://github.com/dawidd6/action-download-artifact>
       continue-on-error: true ## don't break the build for missing reference artifacts (may be expired or just not generated yet)
       with:
@@ -324,25 +354,32 @@ jobs:
         workflow_conclusion: completed ## continually recalibrates to last commit of default branch with a successful GnuTests (ie, "self-heals" from GnuTest regressions, but needs more supervision for/of regressions)
         path: "reference"
     - name: Download full json results
-      uses: actions/download-artifact@v6
+      uses: actions/download-artifact@v7
       with:
         name: gnu-full-result
         path: results
         merge-multiple: true
     - name: Download root json results
-      uses: actions/download-artifact@v6
+      uses: actions/download-artifact@v7
       with:
         name: gnu-root-full-result
         path: results
         merge-multiple: true
+    - name: Download stty json results
+      uses: actions/download-artifact@v7
+      with:
+        name: gnu-stty-full-result
+        path: results
+        merge-multiple: true
+
     - name: Download selinux json results
-      uses: actions/download-artifact@v6
+      uses: actions/download-artifact@v7
       with:
         name: selinux-gnu-full-result
         path: results
         merge-multiple: true
     - name: Download selinux root json results
-      uses: actions/download-artifact@v6
+      uses: actions/download-artifact@v7
       with:
         name: selinux-root-gnu-full-result
         path: results
@@ -357,7 +394,7 @@ jobs:
         path_UUTILS='uutils'
 
         json_count=$(ls -l results/*.json | wc -l)
-        if [[ "$json_count" -ne 4 ]]; then
+        if [[ "$json_count" -ne 5 ]]; then
           echo "::error ::Failed to download all results json files (expected 4 files, found $json_count); failing early"
           ls -lR results || true
           exit 1
@@ -391,17 +428,17 @@ jobs:
         HASH=$(sha1sum '${{ steps.vars.outputs.TEST_SUMMARY_FILE }}' | cut --delim=" " -f 1)
         outputs HASH
     - name: Upload SHA1/ID of 'test-summary'
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: "${{ steps.summary.outputs.HASH }}"
         path: "${{ steps.vars.outputs.TEST_SUMMARY_FILE }}"
     - name: Upload test results summary
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: test-summary
         path: "${{ steps.vars.outputs.TEST_SUMMARY_FILE }}"
     - name: Upload aggregated json results
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: aggregated-result
         path: ${{ steps.vars.outputs.AGGREGATED_SUMMARY_FILE }}
@@ -453,7 +490,7 @@ jobs:
         fi
     - name: Upload comparison log (for GnuComment workflow)
       if: success() || failure() # run regardless of prior step success/failure
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v6
       with:
         name: comment
         path: reference/comment/