- Remove broken keactrl in favor of systemd unit files
- kea.spec: General cleanup and removal of lines that have no effect
- kea-msg-compiler was moved from kea to kea-devel
Resolves: RHEL-88832
- Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803
- kea.conf: Remove /tmp/ from socket-name for existing configurations
- kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention
- kea.conf: Restrict directory permissions
- Sync service files with upstream
- Fix leases ownership when switching from root to kea user
Resolves: RHEL-91447
Resolves: RHEL-92741
Resolves: RHEL-95234
Based on the Fedora patch:
https://src.fedoraproject.org/rpms/kea/c/c5373569c10
Resolves: RHEL-88916
Signed-off-by: David Abdurachmanov <davidlt@rivosinc.com>
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Right now autoreconf is called for Kea itself but not for
Keama.
Additionally, Keama includes an embedded copy of bind, which
also needs autoreconf to be called. If that doesn't happen,
since the copies of config.{sub,guess} included in the archive
are obsolete and don't know about the architecture, it won't
be possible to build on riscv64.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 82843cba33729559ea98c3eb767d4395a7a0c9dc)
- Remove _hardened_build variable as it is no longer needed
- Clean up numbering of sources
- Further %{name} changes to allow different package name
- Move documentation into sub-package
- Move tpmfiles.d configuration into separate file
- Start using %autorelease and %autochangelog
- Remove %license COPYING for devel due to lib dependency
kea.spec: do not use %{name} to allow different package name
kea.spec: do not use glob on %{_libdir}, %{_mandir} and %{_sbindir}
to conform with packaging guidelines
New build due to fc40 branching.
