From ac7f697b0cde1385885b25c4dcfce4591204ebf9 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Wed, 9 Nov 2022 23:10:50 +0100
Subject: [PATCH 1/9] Add stream dnf variable for CentOS SIG repos
 compatibility

---
 almalinux-release.spec | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/almalinux-release.spec b/almalinux-release.spec
index 1d05fb8..ad6a569 100644
--- a/almalinux-release.spec
+++ b/almalinux-release.spec
@@ -240,7 +240,7 @@ install -p -m 0644 %{SOURCE511} %{buildroot}%{_sysconfdir}/yum.repos.d/
 
 # dnf variables
 install -d -m 0755 %{buildroot}%{_sysconfdir}/dnf/vars
-# echo "%{major}-stream" > %{buildroot}%{_sysconfdir}/dnf/vars/stream
+echo "%{major}-stream" > %{buildroot}%{_sysconfdir}/dnf/vars/stream
 
 # copy GPG keys
 install -d -m 0755 %{buildroot}%{_sysconfdir}/pki/rpm-gpg
@@ -289,6 +289,7 @@ install -p -m 0644 %{SOURCE600} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/
 %config(noreplace) %{_sysconfdir}/yum.repos.d/almalinux-nfv.repo
 %config(noreplace) %{_sysconfdir}/yum.repos.d/almalinux-rt.repo
 %endif
+%config(noreplace) %{_sysconfdir}/dnf/vars/stream
 
 %files -n almalinux-gpg-keys
 %{_sysconfdir}/pki/rpm-gpg

From 68979167fc612deee2cbf4143d25e59b5a30224d Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Tue, 15 Nov 2022 08:30:59 +0100
Subject: [PATCH 2/9] 9.1 stable release

---
 90-default.preset      | 5 +++++
 almalinux-release.spec | 9 ++++++---
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/90-default.preset b/90-default.preset
index e147857..d8b4122 100644
--- a/90-default.preset
+++ b/90-default.preset
@@ -213,9 +213,14 @@ enable greenboot-status.service
 enable greenboot-task-runner.service
 enable redboot-auto-reboot.service
 enable redboot-task-runner.service
+# https://bugzilla.redhat.com/show_bug.cgi?id=2108625
+enable greenboot-service-monitor.service
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=2013299
 enable low-memory-monitor.service
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=2049627
 enable switcheroo-control.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2106811
+enable clevis-luks-askpass.path
diff --git a/almalinux-release.spec b/almalinux-release.spec
index ad6a569..3512c0b 100644
--- a/almalinux-release.spec
+++ b/almalinux-release.spec
@@ -1,11 +1,11 @@
 %global distro  AlmaLinux
-%global release_name Emerald Puma
+%global release_name Lime Lynx
 %global major   9
-%global minor   0
+%global minor   1
 
 Name:           almalinux-release
 Version:        %{major}.%{minor}
-Release:        4%{?dist}
+Release:        1.9%{?dist}
 Summary:        %{distro} release files
 License:        GPLv2
 URL:            https://almalinux.org
@@ -296,6 +296,9 @@ install -p -m 0644 %{SOURCE600} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/
 
 
 %changelog
+* Tue Nov 15 2022 Andrew Lukoshko <alukoshko@almalinux.org> - 9.1-1.9
+- 9.1 stable
+
 * Wed Jun 22 2022 Andrew Lukoshko <alukoshko@almalinux.org> - 9.0-4
 - Fix AlmaLinux version in EULA
 

From 82b35648adb89f67ba7dced6264236bc435a1497 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Wed, 19 Apr 2023 18:34:03 +0200
Subject: [PATCH 3/9] Adjust debuginfo RPM repo names to -debuginfo

https://gitlab.com/redhat/centos-stream/rpms/centos-release/-/commit/217a44675f1b789868ae0f8d326577c06b75745d
---
 almalinux-appstream.repo        | 2 +-
 almalinux-baseos.repo           | 2 +-
 almalinux-crb.repo              | 2 +-
 almalinux-extras.repo           | 2 +-
 almalinux-highavailability.repo | 2 +-
 almalinux-nfv.repo              | 2 +-
 almalinux-plus.repo             | 2 +-
 almalinux-resilientstorage.repo | 2 +-
 almalinux-rt.repo               | 2 +-
 almalinux-sap.repo              | 2 +-
 almalinux-saphana.repo          | 2 +-
 11 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/almalinux-appstream.repo b/almalinux-appstream.repo
index 311ee69..6b3a22c 100644
--- a/almalinux-appstream.repo
+++ b/almalinux-appstream.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=1
 
-[appstream-debug]
+[appstream-debuginfo]
 name=AlmaLinux $releasever - AppStream - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/appstream-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/AppStream/debug/$basearch/
diff --git a/almalinux-baseos.repo b/almalinux-baseos.repo
index 0e6d0c2..a01e525 100644
--- a/almalinux-baseos.repo
+++ b/almalinux-baseos.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=1
 
-[baseos-debug]
+[baseos-debuginfo]
 name=AlmaLinux $releasever - BaseOS - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/baseos-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/BaseOS/debug/$basearch/
diff --git a/almalinux-crb.repo b/almalinux-crb.repo
index 8186c7f..4bfe526 100644
--- a/almalinux-crb.repo
+++ b/almalinux-crb.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[crb-debug]
+[crb-debuginfo]
 name=AlmaLinux $releasever - CRB - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/crb-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/CRB/debug/$basearch/
diff --git a/almalinux-extras.repo b/almalinux-extras.repo
index 62b72ed..6347a04 100644
--- a/almalinux-extras.repo
+++ b/almalinux-extras.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[extras-debug]
+[extras-debuginfo]
 name=AlmaLinux $releasever - Extras - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/extras-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/extras/debug/$basearch/
diff --git a/almalinux-highavailability.repo b/almalinux-highavailability.repo
index d489012..d21afb8 100644
--- a/almalinux-highavailability.repo
+++ b/almalinux-highavailability.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[highavailability-debug]
+[highavailability-debuginfo]
 name=AlmaLinux $releasever - HighAvailability - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/highavailability-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/HighAvailability/debug/$basearch/
diff --git a/almalinux-nfv.repo b/almalinux-nfv.repo
index 9c22693..2a70187 100644
--- a/almalinux-nfv.repo
+++ b/almalinux-nfv.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[nfv-debug]
+[nfv-debuginfo]
 name=AlmaLinux $releasever - NFV - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/nfv-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/NFV/debug/$basearch/
diff --git a/almalinux-plus.repo b/almalinux-plus.repo
index 45c7929..4bb9e13 100644
--- a/almalinux-plus.repo
+++ b/almalinux-plus.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[plus-debug]
+[plus-debuginfo]
 name=AlmaLinux $releasever - Plus - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/plus-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/plus/debug/$basearch/
diff --git a/almalinux-resilientstorage.repo b/almalinux-resilientstorage.repo
index 8cc965f..1b0b1ce 100644
--- a/almalinux-resilientstorage.repo
+++ b/almalinux-resilientstorage.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[resilientstorage-debug]
+[resilientstorage-debuginfo]
 name=AlmaLinux $releasever - ResilientStorage - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/resilientstorage-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/ResilientStorage/debug/$basearch/
diff --git a/almalinux-rt.repo b/almalinux-rt.repo
index 1a4b30e..44c4a62 100644
--- a/almalinux-rt.repo
+++ b/almalinux-rt.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[rt-debug]
+[rt-debuginfo]
 name=AlmaLinux $releasever - RT - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/rt-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/RT/debug/$basearch/
diff --git a/almalinux-sap.repo b/almalinux-sap.repo
index 06f84a7..52f6ea6 100644
--- a/almalinux-sap.repo
+++ b/almalinux-sap.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[sap-debug]
+[sap-debuginfo]
 name=AlmaLinux $releasever - SAP - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/sap-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/SAP/debug/$basearch/
diff --git a/almalinux-saphana.repo b/almalinux-saphana.repo
index 666e046..cccbd89 100644
--- a/almalinux-saphana.repo
+++ b/almalinux-saphana.repo
@@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 metadata_expire=86400
 enabled_metadata=0
 
-[saphana-debug]
+[saphana-debuginfo]
 name=AlmaLinux $releasever - SAPHANA - Debug
 mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/saphana-debug
 # baseurl=https://repo.almalinux.org/vault/$releasever/SAPHANA/debug/$basearch/

From 3a50cf4e21f2428622426eca1a7e2a04fbb19d3c Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Tue, 9 May 2023 16:08:40 +0200
Subject: [PATCH 4/9] 9.2 stable release

---
 90-default.preset      |   1 +
 almalinux-release.spec |  76 ++++++++++++++++++++++++++++-------------
 alsecureboot001.cer    | Bin 0 -> 1787 bytes
 3 files changed, 54 insertions(+), 23 deletions(-)
 create mode 100644 alsecureboot001.cer

diff --git a/90-default.preset b/90-default.preset
index d8b4122..92129c2 100644
--- a/90-default.preset
+++ b/90-default.preset
@@ -224,3 +224,4 @@ enable switcheroo-control.service
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=2106811
 enable clevis-luks-askpass.path
+
diff --git a/almalinux-release.spec b/almalinux-release.spec
index 3512c0b..22f29a1 100644
--- a/almalinux-release.spec
+++ b/almalinux-release.spec
@@ -1,11 +1,11 @@
 %global distro  AlmaLinux
-%global release_name Lime Lynx
+%global release_name Turquoise Kodkod
 %global major   9
-%global minor   1
+%global minor   2
 
 Name:           almalinux-release
 Version:        %{major}.%{minor}
-Release:        1.9%{?dist}
+Release:        1%{?dist}
 Summary:        %{distro} release files
 License:        GPLv2
 URL:            https://almalinux.org
@@ -38,13 +38,13 @@ Source302:      90-default-user.preset
 Source303:      99-default-disable.preset
 Source304:      50-redhat.conf
 
-Source400:      clsecureboot001.cer
+Source400:      alsecureboot001.cer
 # kernel signing certificate
-Source401:      clsecureboot001.cer
+Source401:      alsecureboot001.cer
 # grub2 signing certificate
-Source402:      clsecureboot001.cer
+Source402:      alsecureboot001.cer
 # Fwupd signing certificate
-Source403:      clsecureboot001.cer
+Source403:      alsecureboot001.cer
 
 Source500:      almalinux-appstream.repo
 Source501:      almalinux-baseos.repo
@@ -100,11 +100,34 @@ echo "%{distro} release %{major}.%{minor}%{?beta: %{beta}} (%{release_name})" >
 ln -s almalinux-release %{buildroot}%{_sysconfdir}/system-release
 ln -s almalinux-release %{buildroot}%{_sysconfdir}/redhat-release
 
+# -------------------------------------------------------------------------
+# Definitions for /etc/os-release and for macros in macros.dist.  These
+# macros are useful for spec files where distribution-specific identifiers
+# are used to customize packages.
+
+# Name of vendor / name of distribution. Typically used to identify where
+# the binary comes from in --help or --version messages of programs.
+# Examples: gdb.spec, clang.spec
+%global dist_vendor AlmaLinux OS Foundation
+%global dist_name   %{distro}
+
+# URL of the homepage of the distribution
+# Example: gstreamer1-plugins-base.spec
+%global dist_home_url https://almalinux.org/
+
+# Bugzilla / bug reporting URLs shown to users.
+# Examples: gcc.spec
+%global dist_bug_report_url https://bugs.almalinux.org/
+
+# debuginfod server, as used in elfutils.spec.
+# %global dist_debuginfod_url %{nil}
+# -------------------------------------------------------------------------
+
 # Create the os-release file
 install -d -m 0755 %{buildroot}%{_prefix}/lib
 cat > %{buildroot}%{_prefix}/lib/os-release << EOF
 NAME="%{distro}"
-VERSION="%{major}.%{minor}%{?beta: %{beta}} (%{release_name})"
+VERSION="%{major}.%{minor} (%{release_name})"
 ID="almalinux"
 ID_LIKE="rhel centos fedora"
 VERSION_ID="%{major}.%{minor}"
@@ -113,9 +136,9 @@ PRETTY_NAME="%{distro} %{major}.%{minor}%{?beta: %{beta}} (%{release_name})"
 ANSI_COLOR="0;34"
 LOGO="fedora-logo-icon"
 CPE_NAME="cpe:/o:almalinux:almalinux:%{major}::baseos"
-HOME_URL="https://almalinux.org/"
+HOME_URL="%{dist_home_url}"
 DOCUMENTATION_URL="https://wiki.almalinux.org/"
-BUG_REPORT_URL="https://bugs.almalinux.org/"
+BUG_REPORT_URL="%{dist_bug_report_url}"
 
 ALMALINUX_MANTISBT_PROJECT="AlmaLinux-%{major}"
 ALMALINUX_MANTISBT_PROJECT_VERSION="%{major}.%{minor}"
@@ -149,6 +172,10 @@ cat > %{buildroot}%{_rpmmacrodir}/macros.dist << EOF
 %%rhel %{major}
 %%dist %%{!?distprefix0:%%{?distprefix}}%%{expand:%%{lua:for i=0,9999 do print("%%{?distprefix" .. i .."}") end}}.el%{major}%%{?with_bootstrap:%{__bootstrap}}
 %%el%{major} 1
+%%dist_vendor         %{dist_vendor}
+%%dist_name           %{dist_name}
+%%dist_home_url       %{dist_home_url}
+%%dist_bug_report_url %{dist_bug_report_url}
 EOF
 
 # use unbranded datadir
@@ -201,25 +228,25 @@ install -m 644 %{SOURCE400} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-s
 install -m 644 %{SOURCE401} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-s390x.cer
 
 # Link x86_64 certs
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-ca-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-x86_64.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-kernel-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-x86_64.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-grub2-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-x86_64.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-fwupd-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-fwupd-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-fwupd-x86_64.cer
 
 # Link aarch64 certs
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-ca-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-aarch64.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-kernel-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-aarch64.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-grub2-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-aarch64.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-fwupd-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-fwupd-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-fwupd-aarch64.cer
 
 # Link ppc64le certs
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-ca-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-ppc64le.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-kernel-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-ppc64le.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-grub2-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-ppc64le.cer
 
 # Link s390x certs
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-ca-s390x.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-s390x.cer
-ln -sr %{buildroot}%{_datadir}%{_datadir}/pki/sb-certs/secureboot-kernel-s390x.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-s390x.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-s390x.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-s390x.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-s390x.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-s390x.cer
 
 # copy yum repos
 install -d -m 0755 %{buildroot}%{_sysconfdir}/yum.repos.d
@@ -296,6 +323,9 @@ install -p -m 0644 %{SOURCE600} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/
 
 
 %changelog
+* Tue May 02 2023 Andrew Lukoshko <alukoshko@almalinux.org> - 9.2-1
+- 9.2 stable
+
 * Tue Nov 15 2022 Andrew Lukoshko <alukoshko@almalinux.org> - 9.1-1.9
 - 9.1 stable
 
diff --git a/alsecureboot001.cer b/alsecureboot001.cer
new file mode 100644
index 0000000000000000000000000000000000000000..6a4e99b9ed921c4af3db55a619260f1ab76110dc
GIT binary patch
literal 1787
zcmb7Edpy%?9NzEu+YQ4qp+X~z$h<!#p$oRjtthe5I<;n4v1uk{onoRAK8{FoFx^gc
z)hd-rIu)nr?ozG9NGF_fI7Am`6X*En{BeH&J@5N`pZ9&<&+mDF3_l2DxOH*_hG3YC
zc63{K)Mc`VR1X->NhS)Qi`TME^-dksg&-Xq2Cz{bpoK?*v3Lr+#1l0EMjD_^(GTMD
zB!UPL)n5=TknqD$I+(55K`6BGoxr#aQ34*7AqwMDg9H&mfiQx~@Sw6ns4M2o1LnrM
zj*bAGgM!g7R1KZf5ID|pa&dAA1xdG2GSJgV;wS_sr+Fwqoly#ygx9gdLs&@Wya0v}
z3LG4SP65Uf7hwvK$&cd3bH#kr3{2A~=u->>#eywd37;Auj^GLf30#RlB%EMPEi-l+
zkwox{5{U(2T$BpTN6nIqJ))wy{sLj#R%$>H)k_p74EruH#z6j)0c5b{#3zMt7(@o^
zW7O-~undMU6>I1J?%P(;)EDT<J`&<=PqZm?Eh+Gdc^{X>d~@7#vAD%qZ-ufkhh?j~
zapii8FZ6l4l2j4>$6Kvd%=FCfQ#Hi8bqZPzauDLVg0k(jF6nNqtfiz|Wxur8bX2ad
zdVcV5sacnCY_nO@_S&kodX}Gu=_h9qjw-&C&Q?YW8|~hwL@-lYMZxo*mT|n_rq!Dq
zNO?Kr*Z&ajuCl*+CptA}bH}3+sZUn7lNIOqU@O10Y8v~wWKcZqMh{nDsrrHAqC?Fn
zC5Od?^TaPN9vZwE>ENKiT9WIkzve%`+%Pg-+wtWhW?EoI?ykMo1m;;krtqoqrdY(Z
z>AG~nTPIVAdtr9e$os^OcI}Pat4B7uw#bZr_Ev0CoO20G4yS!W8C%*eNtWAYpL#d*
zedparl{a8zs7XrL79O+)cgO3rRq(Xe?bv+=_YavC&C0sI{5@^Is<rr7Q~oQL=9Ko_
zd&TbxFV50?)oW08?yPU9{?yXi;q$0tf$3uhOWxNtF#$EN9$(nj61mrZXRg<?fO5Aq
z{IFK_+_a`mJHJLPzOu2$``0#6NiXkuM_k_1)xDklhX*R_Aot#YOpZ%PWJx`Hvwv(+
zUSn91q<LmM;ZwJ8FJ8nt5r4k_e%;mzeMQkS+dKS(UD8v&r=*?B&+x(vVcja{*!1E*
zR`nr|@2-+JzzBqaj>w>gKnC3h)7Af**$k{YWr>DKj@ce|HuYY$w-4X7busAnE?sO0
z%rpc&tP$2Q5p}pRNtx`QBY$$Hy}hi^EzC7xG%sfQ5Hy0tA}}ElkTi6P2EzaYC>lh=
zl7Kdzs16YhM?esDptRPfdPAw7JRwLkg(U+Y4UdZT1n$5IPa2Kec@%;nJOpT9#`r7@
z85u`PBr&nB4i2&3%Ye=kMLRG8g8%`Ki%23t2=LQLO~*2UT1>u3z97|AGoqg0iKFNf
zr^ZU-duM1WW2`Y49;^^`UC`BhARRwieNz#L243SBz!P*O|5I1;uO$Gbj#^URPsEFj
znJ5J48Yh#m)_^Ae=Lv|2+!#zIQG$c)nJj+~w#N#V{a95^486KX5gC+(`LS(LuYLx&
zmK=g#7W3C{btC1qgXHu|&hAt1mVpg9@qz7)LQjirTbE=%tB>VaJ{w|W+SRlqtM=qq
z`BZ#(0JZP>i7X28yp;YFwn*+V^|hB(LiOc)PaARBXXK%~jS_tFjUyY$QX;*+r0V45
zkE=pT=tBm1C+#j}43w`s`%TdlzpX-LE<>U=F6|4*<{yn&V-xIkW##-D?u9_i{=os1
zQ~fq=HHqcUdPH1KbNZa$#kq3WF+jPXnVa;%`a)vjg(LknHdCYpovzocJ`VZSGQKX%
z9VuvTNmoc+L-8N(4b3q2QAF;sQhj@I<v<*0Ht?VN<knFg<}yq{?haG<fv+xMZkq1G
zfMeB!j>*nzv-=TicK8=0<z{!5STDIQowYE}{M!p%v*XagiZ@#a*rpBp-pFlw$j1cA
zMbdL^7Fn6pu1Ds+4F;K(`~A_^c|ytX^;TAfXxKtf>_FUZQQx>WuhjaYMX_P|t&zHv
TseG#v;Fg#3=RT@0&At3@_pP4Z

literal 0
HcmV?d00001


From 67e638a0a4afcd2cbb1eebb5f17d5b21afe17c55 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Wed, 10 May 2023 16:59:01 +0000
Subject: [PATCH 5/9] Delete no longer necessary clsecureboot001.cer

---
 clsecureboot001.cer | Bin 1561 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 clsecureboot001.cer

diff --git a/clsecureboot001.cer b/clsecureboot001.cer
deleted file mode 100644
index ca9ce5d92a13320a2995ed90f173ea719a132d8f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1561
zcmZ`(Yfuwc6wXbS1jzzo5X>OBh=_zHxtj+9!bnI+p+=zweAJF{O%_-i65K3=V6`P`
zg!+Oiw$+NM3{cvRbwp7M<Fi^Fr&c?izU+V&99!x@6`xhd?qX>9<FB1_&iCE(?RW0E
z&?}q_y~s1afDicmiPrXi7P+NN-Rg^uj^4IR2t$PvWWGG#!%zUkK|ENy6Bok?LP0Si
zl<*5p_;iSIK?o`>c2G4W<HU+cYnj7oca~D53o|Qp3OorWau_ihrzdHqvK-?+R0(Az
z7|Q9ubd^k*lcpFCo(5Anpa4|{fVtHS>9CPDY!P9nY%kz?r;WtSRH=h<lwx`vX3o>8
zU|e*l3WsV{DvoP4TGbnDs9{5GAcS5Z!6h(4C{7Uq1bAm>@_|6YFE-;+7(G78M}rNd
zop2L0iATV2PECX)*l5Dk>U3O<$HA#wY63bL*TU2^EXQ6+VmX8d(^It7PU5jJhO385
zA`5A%ieN~rfG#CiV@9QqDqzb&l8`jD9Hy((P@^7aCo5+n4C4+6Mny(D>xqpR<A~4@
zqmyQ^`5uyXjdNXZcUIak6XmF^#>~zVhEx6umhZ5RVFal3r5M(h>Ej0sf_MTi2<Nf+
z5WW`xUfsxU^u*bvD~p;BZT`ZlS{`kb44-UksA{RrQuYYu^$hfNSXL8{z3Jxm_5F?=
z<~F*2-+9$rbMCAi1d`_Zr}s=-r<7cKDqWaAboR!y?hlMv-_7Y>%d}hSB1Z;Kc<pEI
zo~_rU(~Ubq_aFXn;F5XqA%9oLTJwXR?&~1GwLE>x_Vo?>QeGcGz_P@TPE#k$jU}t{
z=C4WMHPazOp*1PT3fm+ruI6lS_~q`^8L{y-bu+Gf%@__g=3FU^|HN|Z8E=KQmHrw0
zI*CrQY%Us>cb>W=8$P+bYg<Ipp*uG-uRY9I)=;lh+*`M_f1Y7^OmN1n@88dtY`TB&
z&A#Sjt$r(C0C=Fq3;I|`u0fO?O{@ff=LjG2poWX4A##`kll@8lL|;M~!&GD_l~&rW
zu#R4IMTK2SR#{zE!c|776l?)j3WM1z7!)J|0HI(hl#j&__~HWxjH5WMt_peJFsrki
z-H!kr@_n)ZoF*%rE{bu|o|m*GX*i7&n}AG#QSV0XKPQV|<lQM6!;${WwM^NW&&X&P
z%K^fWC?s;@w!OA)=U3-;uM`$-Z10+y`}^@nFZh!<er@Fc^0NQ?P52te#}GZ#L6I=1
zv=#*dR;*aIp$zyQxcNaq1i5D*pq>w+q?~#eYnR*Y9;aJhXnxTwk!v=F7YKwQfz8bV
zV01@f!?{5q0>0>7n9VhhK+@rCzjllgEbu48Bs8(uEH~tubc=NhbLDzdL9qcd<u52+
zf|(19MO>0ymIeCpOTfNz>=FRp+_ZMjPwTEfKR;4G<Kvk*tA=j<{X^%7$o0qY(8gE4
zMR%(wK0mdkX;<}ikJ4&txj4N+v2)2|^j_8;%~IJBH?iv*pQS1Da&~s<<tNF1ZV-ox
zd5=;=BDJQ)G#DRaNUixX;k_%f4n#+mdpdf2_P0BAXx(kGW6*Q}bZ)=>dG@D`O}rr^
zO(!d6#<-~YhKw(p3S9X|dM{X}bRc<Q#{En72-1ke-=gM9=k_)XXUto3bVId`h?NYq
z5|?y&!&kM(x-dNSru2cWcW+$X;r_TP*<X5nNp2-D%e0u4Vj3;N<42<pz7yr&M!6Ax
W>;161eWzPCUA!^tNx{O73;zPg)%xE6


From 3dbcc69913a5a31538b0ac594c06515324d553a8 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Tue, 7 Nov 2023 19:45:52 +0000
Subject: [PATCH 6/9] 9.3 stable release

---
 90-default-user.preset |  3 +++
 almalinux-release.spec | 17 +++++++++++++++--
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/90-default-user.preset b/90-default-user.preset
index be8a5d7..4990671 100644
--- a/90-default-user.preset
+++ b/90-default-user.preset
@@ -20,3 +20,6 @@ enable pipewire-media-session.service
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=2022717
 enable wireplumber.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2181984
+enable obex.service
diff --git a/almalinux-release.spec b/almalinux-release.spec
index 22f29a1..41cfdc7 100644
--- a/almalinux-release.spec
+++ b/almalinux-release.spec
@@ -1,7 +1,7 @@
 %global distro  AlmaLinux
-%global release_name Turquoise Kodkod
+%global release_name Shamrock Pampas Cat
 %global major   9
-%global minor   2
+%global minor   3
 
 Name:           almalinux-release
 Version:        %{major}.%{minor}
@@ -45,6 +45,8 @@ Source401:      alsecureboot001.cer
 Source402:      alsecureboot001.cer
 # Fwupd signing certificate
 Source403:      alsecureboot001.cer
+# UKI signing certificate
+Source404:      alsecureboot001.cer
 
 Source500:      almalinux-appstream.repo
 Source501:      almalinux-baseos.repo
@@ -211,42 +213,50 @@ install -m 644 %{SOURCE400} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-a
 install -m 644 %{SOURCE401} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-aarch64.cer
 install -m 644 %{SOURCE402} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-aarch64.cer
 install -m 644 %{SOURCE403} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-aarch64.cer
+install -m 644 %{SOURCE404} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-aarch64.cer
 
 # Install x86_64 certs
 install -m 644 %{SOURCE400} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-x86_64.cer
 install -m 644 %{SOURCE401} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-x86_64.cer
 install -m 644 %{SOURCE402} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-x86_64.cer
 install -m 644 %{SOURCE403} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-x86_64.cer
+install -m 644 %{SOURCE404} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-x86_64.cer
 
 # Install ppc64le certs
 install -m 644 %{SOURCE400} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-ppc64le.cer
 install -m 644 %{SOURCE401} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-ppc64le.cer
 install -m 644 %{SOURCE402} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-ppc64le.cer
+install -m 644 %{SOURCE404} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-ppc64le.cer
 
 # Install s390x certs
 install -m 644 %{SOURCE400} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-s390x.cer
 install -m 644 %{SOURCE401} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-s390x.cer
+install -m 644 %{SOURCE404} %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-s390x.cer
 
 # Link x86_64 certs
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-x86_64.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-x86_64.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-x86_64.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-fwupd-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-x86_64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-uki-virt-x86_64.cer
 
 # Link aarch64 certs
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-aarch64.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-aarch64.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-aarch64.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-fwupd-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-aarch64.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-uki-virt-aarch64.cer
 
 # Link ppc64le certs
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-ppc64le.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-ppc64le.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-grub2-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-ppc64le.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-uki-virt-ppc64le.cer
 
 # Link s390x certs
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-s390x.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-ca-s390x.cer
 ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-s390x.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-kernel-s390x.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/secureboot-uki-virt-s390x.cer %{buildroot}%{_sysconfdir}/pki/sb-certs/secureboot-uki-virt-s390x.cer
 
 # copy yum repos
 install -d -m 0755 %{buildroot}%{_sysconfdir}/yum.repos.d
@@ -323,6 +333,9 @@ install -p -m 0644 %{SOURCE600} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/
 
 
 %changelog
+* Tue Nov 07 2023 Andrew Lukoshko <alukoshko@almalinux.org> - 9.3-1
+- 9.3 stable
+
 * Tue May 02 2023 Andrew Lukoshko <alukoshko@almalinux.org> - 9.2-1
 - 9.2 stable
 

From 0bba30e03d84e3eed7feb9d4993dcbb723cc5f1e Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <alukoshko@almalinux.org>
Date: Tue, 30 Apr 2024 17:39:35 +0000
Subject: [PATCH 7/9] 9.4 stable release

---
 90-default.preset      | 39 ++++++++++++++++++++++++++++++++++++---
 almalinux-release.spec |  7 +++++--
 2 files changed, 41 insertions(+), 5 deletions(-)

diff --git a/90-default.preset b/90-default.preset
index 92129c2..b798587 100644
--- a/90-default.preset
+++ b/90-default.preset
@@ -37,17 +37,46 @@ enable ladvd.service
 # autostart, but shutdown after 2 mins and socket activated thereafter
 enable virtqemud.service
 
-# Compatibility with libvirtd sockets for old clients and expose TCP sockets
+# Sockets for the services listed above, to support socket activation
+# after the initial timeout
+enable virtqemud.socket
+enable virtqemud-ro.socket
+enable virtqemud-admin.socket
+
+# Compatibility with libvirtd sockets for old clients (socket activated
+# only when required). Note that the -tcp and -tls sockets are kept disabled
+# by default, as they require additional configuration before they can work
 enable virtproxyd.socket
+enable virtproxyd-ro.socket
+enable virtproxyd-admin.socket
 
 # Secondary drivers providing supporting functionality to main virtualization
-# drivers, socket activated only when required
+# drivers (socket activated only when required)
 enable virtinterfaced.socket
+enable virtinterfaced-ro.socket
+enable virtinterfaced-admin.socket
 enable virtnetworkd.socket
+enable virtnetworkd-ro.socket
+enable virtnetworkd-admin.socket
 enable virtnodedevd.socket
+enable virtnodedevd-ro.socket
+enable virtnodedevd-admin.socket
 enable virtnwfilterd.socket
+enable virtnwfilterd-ro.socket
+enable virtnwfilterd-admin.socket
 enable virtsecretd.socket
+enable virtsecretd-ro.socket
+enable virtsecretd-admin.socket
 enable virtstoraged.socket
+enable virtstoraged-ro.socket
+enable virtstoraged-admin.socket
+
+# Non-driver support services (socket activated only when required, no
+# read-only socket)
+enable virtlogd.socket
+enable virtlogd-admin.socket
+enable virtlockd.socket
+enable virtlockd-admin.socket
 
 # Storage
 enable multipathd.service
@@ -201,7 +230,7 @@ enable iscsi-onboot.service
 
 # Enable logrotate.timer
 # https://bugzilla.redhat.com/show_bug.cgi?id=1977865
-enable logrotate.timer 
+enable logrotate.timer
 
 # Enable greenboot
 # https://bugzilla.redhat.com/show_bug.cgi?id=2005552
@@ -222,6 +251,10 @@ enable low-memory-monitor.service
 # https://bugzilla.redhat.com/show_bug.cgi?id=2049627
 enable switcheroo-control.service
 
+# Enable clevis-luks-askpass.path
 # https://bugzilla.redhat.com/show_bug.cgi?id=2106811
 enable clevis-luks-askpass.path
 
+# Enable kernel-bootcfg-boot-successful.service
+# RHEL-21816
+enable kernel-bootcfg-boot-successful.service
diff --git a/almalinux-release.spec b/almalinux-release.spec
index 41cfdc7..10b02bd 100644
--- a/almalinux-release.spec
+++ b/almalinux-release.spec
@@ -1,7 +1,7 @@
 %global distro  AlmaLinux
-%global release_name Shamrock Pampas Cat
+%global release_name Seafoam Ocelot
 %global major   9
-%global minor   3
+%global minor   4
 
 Name:           almalinux-release
 Version:        %{major}.%{minor}
@@ -333,6 +333,9 @@ install -p -m 0644 %{SOURCE600} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/
 
 
 %changelog
+* Tue Apr 30 2024 Andrew Lukoshko <alukoshko@almalinux.org> - 9.4-1
+- 9.4 stable
+
 * Tue Nov 07 2023 Andrew Lukoshko <alukoshko@almalinux.org> - 9.3-1
 - 9.3 stable
 

From 3a9205dbfedc3dd046af3fc2a71377384259b868 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <alukoshko@almalinux.org>
Date: Tue, 30 Apr 2024 21:30:28 +0000
Subject: [PATCH 8/9] Provide centos-sb-certs

---
 almalinux-release.spec | 1 +
 1 file changed, 1 insertion(+)

diff --git a/almalinux-release.spec b/almalinux-release.spec
index 10b02bd..01e56a4 100644
--- a/almalinux-release.spec
+++ b/almalinux-release.spec
@@ -68,6 +68,7 @@ Summary: %{distro} public secureboot certificates
 Group: System Environment/Base
 Provides: system-sb-certs = %{version}-%{release}
 Provides: redhat-sb-certs = %{version}-%{release}
+Provides: centos-sb-certs = %{version}-%{release}
 
 %package -n almalinux-repos
 Summary:        %{distro} package repositories

From 0568ec6f853adcf73ff8f41b4b9611424904d554 Mon Sep 17 00:00:00 2001
From: Pat Riehecky <riehecky@fnal.gov>
Date: Wed, 1 May 2024 15:27:40 -0500
Subject: [PATCH 9/9] start using os-release SUPPORT_END=YYYY-MM-DD

---
 almalinux-release.spec | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/almalinux-release.spec b/almalinux-release.spec
index 01e56a4..f0550a5 100644
--- a/almalinux-release.spec
+++ b/almalinux-release.spec
@@ -2,6 +2,7 @@
 %global release_name Seafoam Ocelot
 %global major   9
 %global minor   4
+%global eol_date 2032-06-01
 
 Name:           almalinux-release
 Version:        %{major}.%{minor}
@@ -147,6 +148,7 @@ ALMALINUX_MANTISBT_PROJECT="AlmaLinux-%{major}"
 ALMALINUX_MANTISBT_PROJECT_VERSION="%{major}.%{minor}"
 REDHAT_SUPPORT_PRODUCT="%{distro}"
 REDHAT_SUPPORT_PRODUCT_VERSION="%{major}.%{minor}%{?beta: %{beta}}"
+SUPPORT_END=%{eol_date}
 EOF
 
 # Create the symlink for /etc/os-release