rpms/java-25-openjdk
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Remove /usr/lib/jvm/java-25-openjdk/conf/security/redhat/fips.properties

Browse Source 
Resolves: RHEL-131897
This commit is contained in:
Thomas Fitzsimmons 2025-11-27 11:53:55 -05:00 committed by Andrew Hughes
parent 56758378c2
commit 6d8e60887f
2 changed files with 5 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
create-redhat-properties-files.bash
View File

@ -109,16 +109,6 @@ security.provider.8=
keystore.type=pkcs12
EOF
# /usr/lib/jvm/java-25-openjdk/conf/security/redhat/fips.properties
# For now, this prevents an include cycle on JDKs that do not support
# ${__redhat_fips__}. In the future the goal is for it be overwritten
# (based on /proc/sys/crypto/fips_enabled) at FIPS configuration time
# (by fips-mode-setup or by grubby), at RPM install time by a
# post-install hook, and/or during boot by a systemd oneshot service.
install --mode 644 /dev/stdin "${VENDOR}"/fips.properties <<'EOF'
include false/fips.properties
EOF
cat >> "${SECURITY}"/java.security <<'EOF'
#

7
java-25-openjdk.spec
View File

@ -349,7 +349,7 @@
%global top_level_dir_name %{vcstag}
%global top_level_dir_name_backup %{top_level_dir_name}-backup
%global buildver 8
%global rpmrelease 5
%global rpmrelease 6
# Settings used by the portable build
%global portablerelease 2
# Portable suffix differs between RHEL and CentOS
@ -887,7 +887,6 @@ fi
# are implementation details -- so leave them as not config-noreplace
%config %{etcjavadir -- %{?1}}/conf/security/redhat/false/crypto-policies.properties
%config %{etcjavadir -- %{?1}}/conf/security/redhat/true/crypto-policies.properties
%config %{etcjavadir -- %{?1}}/conf/security/redhat/fips.properties
%config %{etcjavadir -- %{?1}}/conf/security/redhat/false/fips.properties
%config %{etcjavadir -- %{?1}}/conf/security/redhat/true/fips.properties
%config(noreplace) %{etcjavadir -- %{?1}}/conf/management/jmxremote.access
@ -2627,6 +2626,10 @@ exit 0
%endif
%changelog
* Thu Dec 04 2025 Thomas Fitzsimmons <fitzsim@redhat.com> - 1:25.0.1.0.8-6
- Remove /usr/lib/jvm/java-25-openjdk/conf/security/redhat/fips.properties
- Resolves: RHEL-131897
* Thu Dec 04 2025 Andrew Hughes <gnu.andrew@redhat.com> - 1:25.0.1.0.8-5
- Incorporate new FIPS patch for 25u
- Drop static libjvm.a following adjusted build target for portable build