import openscap-1.3.6-4.el8
This commit is contained in:
		
							parent
							
								
									b843c4abcb
								
							
						
					
					
						commit
						c8d7fd5549
					
				| @ -0,0 +1,22 @@ | ||||
| From 12f9c02a612bb1687676b74a4739126b1913b1fe Mon Sep 17 00:00:00 2001 | ||||
| From: Ajay Nair <ajaynair59@gmail.com> | ||||
| Date: Mon, 9 May 2022 13:31:47 -0400 | ||||
| Subject: [PATCH] Reset errno before call to strtoll | ||||
| 
 | ||||
| ---
 | ||||
|  src/common/memusage.c | 2 ++ | ||||
|  1 file changed, 2 insertions(+) | ||||
| 
 | ||||
| diff --git a/src/common/memusage.c b/src/common/memusage.c
 | ||||
| index c6755f21f1..ffa70b662b 100644
 | ||||
| --- a/src/common/memusage.c
 | ||||
| +++ b/src/common/memusage.c
 | ||||
| @@ -71,6 +71,8 @@ static int read_common_sizet(void *szp, char *strval)
 | ||||
|  		return (-1); | ||||
|   | ||||
|  	*end = '\0'; | ||||
| +
 | ||||
| +	errno = 0;
 | ||||
|  	*(size_t *)szp = strtoll(strval, NULL, 10); | ||||
|   | ||||
|  	if (errno == EINVAL || | ||||
							
								
								
									
										233
									
								
								SOURCES/openscap-1.3.7-PR-1874-unit-test-read-common-sizet.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										233
									
								
								SOURCES/openscap-1.3.7-PR-1874-unit-test-read-common-sizet.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,233 @@ | ||||
| From 07486e9033d8cc1fd03962994b3359cb611a9ac9 Mon Sep 17 00:00:00 2001 | ||||
| From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com> | ||||
| Date: Fri, 22 Jul 2022 16:50:01 +0200 | ||||
| Subject: [PATCH 1/3] Add unit test for read_common_sizet function | ||||
| 
 | ||||
| The unit test will cover the missing set errno | ||||
| to 0 which was the root cause of: | ||||
| https://github.com/OpenSCAP/openscap/issues/1867 | ||||
| 
 | ||||
| Therefore, this test can be used during verification of: | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2109485 | ||||
| ---
 | ||||
|  tests/API/probes/CMakeLists.txt   |  9 +++++ | ||||
|  tests/API/probes/test_memusage.c  | 67 +++++++++++++++++++++++++++++++ | ||||
|  tests/API/probes/test_memusage.sh |  9 +++++ | ||||
|  3 files changed, 85 insertions(+) | ||||
|  create mode 100644 tests/API/probes/test_memusage.c | ||||
|  create mode 100755 tests/API/probes/test_memusage.sh | ||||
| 
 | ||||
| diff --git a/tests/API/probes/CMakeLists.txt b/tests/API/probes/CMakeLists.txt
 | ||||
| index ae3c7212a0..2ac4081ac2 100644
 | ||||
| --- a/tests/API/probes/CMakeLists.txt
 | ||||
| +++ b/tests/API/probes/CMakeLists.txt
 | ||||
| @@ -38,3 +38,12 @@ target_include_directories(oval_fts_list PUBLIC
 | ||||
|  ) | ||||
|  target_link_libraries(oval_fts_list openscap) | ||||
|  add_oscap_test("fts.sh") | ||||
| +
 | ||||
| +add_oscap_test_executable(test_memusage
 | ||||
| +	"test_memusage.c"
 | ||||
| +	"${CMAKE_SOURCE_DIR}/src/common/bfind.c"
 | ||||
| +)
 | ||||
| +target_include_directories(test_memusage PUBLIC
 | ||||
| +	"${CMAKE_SOURCE_DIR}/src/common"
 | ||||
| +)
 | ||||
| +add_oscap_test("test_memusage.sh")
 | ||||
| diff --git a/tests/API/probes/test_memusage.c b/tests/API/probes/test_memusage.c
 | ||||
| new file mode 100644 | ||||
| index 0000000000..5dced98f03
 | ||||
| --- /dev/null
 | ||||
| +++ b/tests/API/probes/test_memusage.c
 | ||||
| @@ -0,0 +1,67 @@
 | ||||
| +/*
 | ||||
| + * Copyright 2022 Red Hat Inc., Durham, North Carolina.
 | ||||
| + * All Rights Reserved.
 | ||||
| + *
 | ||||
| + * This library is free software; you can redistribute it and/or
 | ||||
| + * modify it under the terms of the GNU Lesser General Public
 | ||||
| + * License as published by the Free Software Foundation; either
 | ||||
| + * version 2.1 of the License, or (at your option) any later version.
 | ||||
| + *
 | ||||
| + * This library is distributed in the hope that it will be useful,
 | ||||
| + * but WITHOUT ANY WARRANTY; without even the implied warranty of
 | ||||
| + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 | ||||
| + * Lesser General Public License for more details.
 | ||||
| + *
 | ||||
| + * You should have received a copy of the GNU Lesser General Public
 | ||||
| + * License along with this library; if not, write to the Free Software
 | ||||
| + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 | ||||
| + *
 | ||||
| + * Authors:
 | ||||
| + *      "Jan Černý" <jcerny@redhat.com>
 | ||||
| + */
 | ||||
| +
 | ||||
| +#ifdef HAVE_CONFIG_H
 | ||||
| +#include <config.h>
 | ||||
| +#endif
 | ||||
| +
 | ||||
| +#include <stdio.h>
 | ||||
| +#include "memusage.h"
 | ||||
| +#include "memusage.c"
 | ||||
| +#define OS_LINUX
 | ||||
| +
 | ||||
| +static int test_basic()
 | ||||
| +{
 | ||||
| +	size_t size;
 | ||||
| +	char *strval = strdup("17 MB");
 | ||||
| +	read_common_sizet(&size, strval);
 | ||||
| +	free(strval);
 | ||||
| +	return (size == 17);
 | ||||
| +}
 | ||||
| +
 | ||||
| +static int test_errno()
 | ||||
| +{
 | ||||
| +	size_t size;
 | ||||
| +	char *strval = strdup("17 MB");
 | ||||
| +
 | ||||
| +	/* Test that setting errno outside of the read_common_sizet function
 | ||||
| +	 * doesn't influence the function and doesn't make the function fail.
 | ||||
| +	 */
 | ||||
| +	errno = EINVAL;
 | ||||
| +
 | ||||
| +	int ret = read_common_sizet(&size, strval);
 | ||||
| +	free(strval);
 | ||||
| +	return (ret != -1);
 | ||||
| +}
 | ||||
| +
 | ||||
| +int main(int argc, char *argv[])
 | ||||
| +{
 | ||||
| +	if (!test_basic()) {
 | ||||
| +		fprintf(stderr, "test_basic has failed\n");
 | ||||
| +		return 1;
 | ||||
| +	}
 | ||||
| +	if (!test_errno()) {
 | ||||
| +		fprintf(stderr, "test_errno has failed\n");
 | ||||
| +		return 1;
 | ||||
| +	}
 | ||||
| +	return 0;
 | ||||
| +}
 | ||||
| diff --git a/tests/API/probes/test_memusage.sh b/tests/API/probes/test_memusage.sh
 | ||||
| new file mode 100755 | ||||
| index 0000000000..4c76bdc0ac
 | ||||
| --- /dev/null
 | ||||
| +++ b/tests/API/probes/test_memusage.sh
 | ||||
| @@ -0,0 +1,9 @@
 | ||||
| +#!/usr/bin/env bash
 | ||||
| +
 | ||||
| +. $builddir/tests/test_common.sh
 | ||||
| +
 | ||||
| +if [ -n "${CUSTOM_OSCAP+x}" ] ; then
 | ||||
| +    exit 255
 | ||||
| +fi
 | ||||
| +
 | ||||
| +./test_memusage
 | ||||
| 
 | ||||
| From 2cc649d5e9fbf337bbfca69c21313657a5b8a7cf Mon Sep 17 00:00:00 2001 | ||||
| From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com> | ||||
| Date: Mon, 25 Jul 2022 09:00:36 +0200 | ||||
| Subject: [PATCH 2/3] Replace license by SPDX ID | ||||
| 
 | ||||
| ---
 | ||||
|  tests/API/probes/test_memusage.c | 22 +--------------------- | ||||
|  1 file changed, 1 insertion(+), 21 deletions(-) | ||||
| 
 | ||||
| diff --git a/tests/API/probes/test_memusage.c b/tests/API/probes/test_memusage.c
 | ||||
| index 5dced98f03..db2915f6d5 100644
 | ||||
| --- a/tests/API/probes/test_memusage.c
 | ||||
| +++ b/tests/API/probes/test_memusage.c
 | ||||
| @@ -1,24 +1,4 @@
 | ||||
| -/*
 | ||||
| - * Copyright 2022 Red Hat Inc., Durham, North Carolina.
 | ||||
| - * All Rights Reserved.
 | ||||
| - *
 | ||||
| - * This library is free software; you can redistribute it and/or
 | ||||
| - * modify it under the terms of the GNU Lesser General Public
 | ||||
| - * License as published by the Free Software Foundation; either
 | ||||
| - * version 2.1 of the License, or (at your option) any later version.
 | ||||
| - *
 | ||||
| - * This library is distributed in the hope that it will be useful,
 | ||||
| - * but WITHOUT ANY WARRANTY; without even the implied warranty of
 | ||||
| - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 | ||||
| - * Lesser General Public License for more details.
 | ||||
| - *
 | ||||
| - * You should have received a copy of the GNU Lesser General Public
 | ||||
| - * License along with this library; if not, write to the Free Software
 | ||||
| - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 | ||||
| - *
 | ||||
| - * Authors:
 | ||||
| - *      "Jan Černý" <jcerny@redhat.com>
 | ||||
| - */
 | ||||
| +// SPDX-License-Identifier: LGPL-2.1-or-later
 | ||||
|   | ||||
|  #ifdef HAVE_CONFIG_H | ||||
|  #include <config.h> | ||||
| 
 | ||||
| From caadd89e61f5d70e251180055686a3b52c763c66 Mon Sep 17 00:00:00 2001 | ||||
| From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com> | ||||
| Date: Mon, 25 Jul 2022 09:00:45 +0200 | ||||
| Subject: [PATCH 3/3] Improve unit test for read_common_sizet | ||||
| 
 | ||||
| Check for multiple different situations. | ||||
| ---
 | ||||
|  tests/API/probes/test_memusage.c | 34 ++++++++++++++++++++++++++++---- | ||||
|  1 file changed, 30 insertions(+), 4 deletions(-) | ||||
| 
 | ||||
| diff --git a/tests/API/probes/test_memusage.c b/tests/API/probes/test_memusage.c
 | ||||
| index db2915f6d5..b9db865d45 100644
 | ||||
| --- a/tests/API/probes/test_memusage.c
 | ||||
| +++ b/tests/API/probes/test_memusage.c
 | ||||
| @@ -12,16 +12,34 @@
 | ||||
|  static int test_basic() | ||||
|  { | ||||
|  	size_t size; | ||||
| -	char *strval = strdup("17 MB");
 | ||||
| -	read_common_sizet(&size, strval);
 | ||||
| +	char *strval = strdup("17 kB\n");
 | ||||
| +	int ret = read_common_sizet(&size, strval);
 | ||||
|  	free(strval); | ||||
| -	return (size == 17);
 | ||||
| +	return (size == 17 && ret == 0);
 | ||||
| +}
 | ||||
| +
 | ||||
| +static int test_no_unit()
 | ||||
| +{
 | ||||
| +	size_t size;
 | ||||
| +	char *strval = strdup("42");
 | ||||
| +	int ret = read_common_sizet(&size, strval);
 | ||||
| +	free(strval);
 | ||||
| +	return (ret == -1);
 | ||||
| +}
 | ||||
| +
 | ||||
| +static int test_invalid_number()
 | ||||
| +{
 | ||||
| +	size_t size;
 | ||||
| +	char *strval = strdup("www kB\n");
 | ||||
| +	int ret = read_common_sizet(&size, strval);
 | ||||
| +	free(strval);
 | ||||
| +	return (size == 0 && ret == 0);
 | ||||
|  } | ||||
|   | ||||
|  static int test_errno() | ||||
|  { | ||||
|  	size_t size; | ||||
| -	char *strval = strdup("17 MB");
 | ||||
| +	char *strval = strdup("17 kB\n");
 | ||||
|   | ||||
|  	/* Test that setting errno outside of the read_common_sizet function | ||||
|  	 * doesn't influence the function and doesn't make the function fail. | ||||
| @@ -39,6 +57,14 @@ int main(int argc, char *argv[])
 | ||||
|  		fprintf(stderr, "test_basic has failed\n"); | ||||
|  		return 1; | ||||
|  	} | ||||
| +	if (!test_no_unit()) {
 | ||||
| +		fprintf(stderr, "test_no_unit has failed\n");
 | ||||
| +		return 1;
 | ||||
| +	}
 | ||||
| +	if (!test_invalid_number()) {
 | ||||
| +		fprintf(stderr, "test_invalid_number has failed\n");
 | ||||
| +		return 1;
 | ||||
| +	}
 | ||||
|  	if (!test_errno()) { | ||||
|  		fprintf(stderr, "test_errno has failed\n"); | ||||
|  		return 1; | ||||
							
								
								
									
										71
									
								
								SOURCES/openscap-1.3.7-PR-1875-reset-errno-strtol.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										71
									
								
								SOURCES/openscap-1.3.7-PR-1875-reset-errno-strtol.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,71 @@ | ||||
| From 55b09ba184c1803a5e1454c44e9e9a5c578dd741 Mon Sep 17 00:00:00 2001 | ||||
| From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com> | ||||
| Date: Mon, 25 Jul 2022 17:10:17 +0200 | ||||
| Subject: [PATCH] Reset errno before strtol | ||||
| 
 | ||||
| This sets errno to 0 before strotol calls after which the errno | ||||
| is being checked. | ||||
| 
 | ||||
| Per man 3 strtol: | ||||
| Since  strtol()  can  legitimately  return 0, LONG_MAX, or | ||||
| LONG_MIN (LLONG_MAX or LLONG_MIN for strtoll()) on both success and | ||||
| failure, the calling program should set errno to 0 before the call, and | ||||
| then determine if an error occurred by checking whether errno has a | ||||
| nonzero value after the call. | ||||
| 
 | ||||
| This is inspired by https://github.com/OpenSCAP/openscap/pull/1861. | ||||
| ---
 | ||||
|  src/OVAL/probes/independent/sql57_probe.c | 1 + | ||||
|  src/OVAL/probes/independent/sql_probe.c   | 1 + | ||||
|  src/OVAL/probes/oval_fts.c                | 1 + | ||||
|  src/OVAL/probes/unix/xinetd_probe.c       | 1 + | ||||
|  4 files changed, 4 insertions(+) | ||||
| 
 | ||||
| diff --git a/src/OVAL/probes/independent/sql57_probe.c b/src/OVAL/probes/independent/sql57_probe.c
 | ||||
| index ce1466635c..2b35750ee2 100644
 | ||||
| --- a/src/OVAL/probes/independent/sql57_probe.c
 | ||||
| +++ b/src/OVAL/probes/independent/sql57_probe.c
 | ||||
| @@ -216,6 +216,7 @@ static int dbURIInfo_parse(dbURIInfo_t *info, const char *conn)
 | ||||
|  			matchitem1(tok, 'c', | ||||
|  				   "onnecttimeout", tmp); | ||||
|  			if (tmp != NULL) { | ||||
| +				errno = 0;
 | ||||
|  				info->conn_timeout = strtol(tmp, NULL, 10); | ||||
|   | ||||
|  				if (errno == ERANGE || errno == EINVAL) | ||||
| diff --git a/src/OVAL/probes/independent/sql_probe.c b/src/OVAL/probes/independent/sql_probe.c
 | ||||
| index 2ede89d031..71ba3c08c3 100644
 | ||||
| --- a/src/OVAL/probes/independent/sql_probe.c
 | ||||
| +++ b/src/OVAL/probes/independent/sql_probe.c
 | ||||
| @@ -216,6 +216,7 @@ static int dbURIInfo_parse(dbURIInfo_t *info, const char *conn)
 | ||||
|  			matchitem1(tok, 'c', | ||||
|  				   "onnecttimeout", tmp); | ||||
|  			if (tmp != NULL) { | ||||
| +				errno = 0;
 | ||||
|  				info->conn_timeout = strtol(tmp, NULL, 10); | ||||
|   | ||||
|  				if (errno == ERANGE || errno == EINVAL) | ||||
| diff --git a/src/OVAL/probes/oval_fts.c b/src/OVAL/probes/oval_fts.c
 | ||||
| index 1364159c90..f9d0a0c1fd 100644
 | ||||
| --- a/src/OVAL/probes/oval_fts.c
 | ||||
| +++ b/src/OVAL/probes/oval_fts.c
 | ||||
| @@ -729,6 +729,7 @@ OVAL_FTS *oval_fts_open_prefixed(const char *prefix, SEXP_t *path, SEXP_t *filen
 | ||||
|  	/* max_depth */ | ||||
|  	PROBE_ENT_AREF(behaviors, r0, "max_depth", return NULL;); | ||||
|  	SEXP_string_cstr_r(r0, cstr_buff, sizeof cstr_buff - 1); | ||||
| +	errno = 0;
 | ||||
|  	max_depth = strtol(cstr_buff, NULL, 10); | ||||
|  	if (errno == EINVAL || errno == ERANGE) { | ||||
|  		dE("Invalid value of the `%s' attribute: %s", "recurse_direction", cstr_buff); | ||||
| diff --git a/src/OVAL/probes/unix/xinetd_probe.c b/src/OVAL/probes/unix/xinetd_probe.c
 | ||||
| index b3375500db..703a07f513 100644
 | ||||
| --- a/src/OVAL/probes/unix/xinetd_probe.c
 | ||||
| +++ b/src/OVAL/probes/unix/xinetd_probe.c
 | ||||
| @@ -1280,6 +1280,7 @@ int op_assign_bool(void *var, char *val)
 | ||||
|  		*((bool *)(var)) = false; | ||||
|  	} else { | ||||
|  		char *endptr = NULL; | ||||
| +		errno = 0;
 | ||||
|  		*((bool *)(var)) = (bool) strtol (val, &endptr, 2); | ||||
|  		if (errno == EINVAL || errno == ERANGE) { | ||||
|  			return -1; | ||||
							
								
								
									
										82
									
								
								SOURCES/openscap-1.3.7-PR-1876-disable-oscap-remediate.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										82
									
								
								SOURCES/openscap-1.3.7-PR-1876-disable-oscap-remediate.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,82 @@ | ||||
| From 140d60bc751e6c0e4138ab3a2e8e9b130264f905 Mon Sep 17 00:00:00 2001 | ||||
| From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com> | ||||
| Date: Wed, 27 Jul 2022 09:40:29 +0200 | ||||
| Subject: [PATCH] Add CMake option to disable oscap-remediate service | ||||
| 
 | ||||
| This patch introduces a new CMake build option | ||||
| ENABLE_OSCAP_REMEDIATE_SERVICE which can be used to disable the | ||||
| installation of the files related to the oscap-remediate systemd | ||||
| service. Downstream packagers can use this option to disable shipping | ||||
| the oscap-remediate service in their RPM spec files. | ||||
| 
 | ||||
| Resolves: rhbz#2111358 | ||||
| Resolves: rhbz#2111360 | ||||
| ---
 | ||||
|  CMakeLists.txt       | 15 +++++++++------ | ||||
|  utils/CMakeLists.txt | 20 +++++++++++--------- | ||||
|  2 files changed, 20 insertions(+), 15 deletions(-) | ||||
| 
 | ||||
| diff --git a/CMakeLists.txt b/CMakeLists.txt
 | ||||
| index 61c57d7a3e..48e19e5203 100644
 | ||||
| --- a/CMakeLists.txt
 | ||||
| +++ b/CMakeLists.txt
 | ||||
| @@ -327,6 +327,7 @@ cmake_dependent_option(ENABLE_OSCAP_UTIL_VM "enables the oscap-vm utility, this
 | ||||
|  cmake_dependent_option(ENABLE_OSCAP_UTIL_PODMAN "enables the oscap-podman utility, this lets you scan Podman containers and container images" ON "NOT WIN32" OFF) | ||||
|  cmake_dependent_option(ENABLE_OSCAP_UTIL_CHROOT "enables the oscap-chroot utility, this lets you scan entire chroots using offline scanning" ON "NOT WIN32" OFF) | ||||
|  option(ENABLE_OSCAP_UTIL_AUTOTAILOR "enables the autotailor utility that is able to perform command-line tailoring" TRUE) | ||||
| +option(ENABLE_OSCAP_REMEDIATE_SERVICE "enables the oscap-remediate service" TRUE)
 | ||||
|   | ||||
|  # ---------- TEST-SUITE SWITCHES | ||||
|   | ||||
| @@ -609,12 +610,14 @@ if(NOT WIN32)
 | ||||
|  		DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig | ||||
|  	) | ||||
|  	if(WITH_SYSTEMD) | ||||
| -		# systemd service for offline (boot-time) remediation
 | ||||
| -		configure_file("oscap-remediate.service.in" "oscap-remediate.service" @ONLY)
 | ||||
| -		install(FILES
 | ||||
| -			${CMAKE_CURRENT_BINARY_DIR}/oscap-remediate.service
 | ||||
| -			DESTINATION ${SYSTEMD_UNITDIR}
 | ||||
| -		)
 | ||||
| +		if(ENABLE_OSCAP_REMEDIATE_SERVICE)
 | ||||
| +			# systemd service for offline (boot-time) remediation
 | ||||
| +			configure_file("oscap-remediate.service.in" "oscap-remediate.service" @ONLY)
 | ||||
| +			install(FILES
 | ||||
| +				${CMAKE_CURRENT_BINARY_DIR}/oscap-remediate.service
 | ||||
| +				DESTINATION ${SYSTEMD_UNITDIR}
 | ||||
| +			)
 | ||||
| +		endif()
 | ||||
|  	endif() | ||||
|  endif() | ||||
|   | ||||
| diff --git a/utils/CMakeLists.txt b/utils/CMakeLists.txt
 | ||||
| index 3f199eaabc..93ce1f2a9d 100644
 | ||||
| --- a/utils/CMakeLists.txt
 | ||||
| +++ b/utils/CMakeLists.txt
 | ||||
| @@ -59,15 +59,17 @@ if(ENABLE_OSCAP_UTIL)
 | ||||
|  		) | ||||
|   | ||||
|  		if(WITH_SYSTEMD) | ||||
| -			install(PROGRAMS "oscap-remediate"
 | ||||
| -				DESTINATION ${CMAKE_INSTALL_LIBEXECDIR}
 | ||||
| -			)
 | ||||
| -			install(PROGRAMS "oscap-remediate-offline"
 | ||||
| -				DESTINATION ${CMAKE_INSTALL_BINDIR}
 | ||||
| -			)
 | ||||
| -			install(FILES "oscap-remediate-offline.8"
 | ||||
| -				DESTINATION "${CMAKE_INSTALL_MANDIR}/man8"
 | ||||
| -			)
 | ||||
| +			if (ENABLE_OSCAP_REMEDIATE_SERVICE)
 | ||||
| +				install(PROGRAMS "oscap-remediate"
 | ||||
| +					DESTINATION ${CMAKE_INSTALL_LIBEXECDIR}
 | ||||
| +				)
 | ||||
| +				install(PROGRAMS "oscap-remediate-offline"
 | ||||
| +					DESTINATION ${CMAKE_INSTALL_BINDIR}
 | ||||
| +				)
 | ||||
| +				install(FILES "oscap-remediate-offline.8"
 | ||||
| +					DESTINATION "${CMAKE_INSTALL_MANDIR}/man8"
 | ||||
| +				)
 | ||||
| +			endif()
 | ||||
|  		endif() | ||||
|  	endif() | ||||
|  endif() | ||||
| @ -1,6 +1,6 @@ | ||||
| Name:           openscap | ||||
| Version:        1.3.6 | ||||
| Release:        3%{?dist} | ||||
| Release:        4%{?dist} | ||||
| Summary:        Set of open source libraries enabling integration of the SCAP line of standards | ||||
| Group:          System Environment/Libraries | ||||
| License:        LGPLv2+ | ||||
| @ -9,6 +9,10 @@ Source0:        https://github.com/OpenSCAP/%{name}/releases/download/%{version} | ||||
| Patch1:         openscap-1.3.7-PR-1841-coverity.patch | ||||
| Patch2:         openscap-1.3.7-PR-1843-fix-test-ds-misc.patch | ||||
| Patch3:         openscap-1.3.7-PR-1844-fix-test-ds-misc-2.patch | ||||
| Patch4:         openscap-1.3.7-PR-1861-failed-to-check-available-memory.patch | ||||
| Patch5:         openscap-1.3.7-PR-1874-unit-test-read-common-sizet.patch | ||||
| Patch6:         openscap-1.3.7-PR-1875-reset-errno-strtol.patch | ||||
| Patch7:         openscap-1.3.7-PR-1876-disable-oscap-remediate.patch | ||||
| BuildRequires:  cmake >= 2.6 | ||||
| BuildRequires:  swig libxml2-devel libxslt-devel perl-generators perl-XML-Parser | ||||
| BuildRequires:  rpm-devel | ||||
| @ -140,6 +144,7 @@ cd build | ||||
|         -DENABLE_OSCAP_UTIL_CHROOT=ON \ | ||||
|         -DENABLE_OSCAP_UTIL_PODMAN=ON \ | ||||
|         -DENABLE_OSCAP_UTIL_VM=ON \ | ||||
|         -DENABLE_OSCAP_REMEDIATE_SERVICE=OFF \ | ||||
|         .. | ||||
| make %{?_smp_mflags} | ||||
| make docs | ||||
| @ -158,12 +163,6 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';' | ||||
| # fix python shebangs | ||||
| pathfix.py -i %{__python3} -p -n $RPM_BUILD_ROOT%{_bindir}/scap-as-rpm | ||||
| 
 | ||||
| # enable oscap-remediate.service here for now | ||||
| # https://github.com/hughsie/PackageKit/issues/401 | ||||
| # https://bugzilla.redhat.com/show_bug.cgi?id=1833176 | ||||
| mkdir -p %{buildroot}%{_unitdir}/system-update.target.wants/ | ||||
| ln -sf ../oscap-remediate.service %{buildroot}%{_unitdir}/system-update.target.wants/oscap-remediate.service | ||||
| 
 | ||||
| %clean | ||||
| rm -rf $RPM_BUILD_ROOT | ||||
| 
 | ||||
| @ -203,12 +202,7 @@ rm -rf $RPM_BUILD_ROOT | ||||
| %{_bindir}/oscap | ||||
| %{_mandir}/man8/oscap-chroot.8.gz | ||||
| %{_bindir}/oscap-chroot | ||||
| %{_mandir}/man8/oscap-remediate-offline.8.gz | ||||
| %{_bindir}/oscap-remediate-offline | ||||
| %{_sysconfdir}/bash_completion.d | ||||
| %{_libexecdir}/oscap-remediate | ||||
| %{_unitdir}/oscap-remediate.service | ||||
| %{_unitdir}/system-update.target.wants/ | ||||
| 
 | ||||
| %files utils | ||||
| %doc docs/oscap-scan.cron | ||||
| @ -228,6 +222,10 @@ rm -rf $RPM_BUILD_ROOT | ||||
| %{_bindir}/oscap-run-sce-script | ||||
| 
 | ||||
| %changelog | ||||
| * Thu Jul 21 2022 Jan Černý <jcerny@redhat.com> - 1.3.6-4 | ||||
| - Fix potential invalid scan results in OpenSCAP (rhbz#2111040) | ||||
| - Remove oscap-remediate service (rhbz#2111360) | ||||
| 
 | ||||
| * Wed Feb 02 2022 Jan Černý <jcerny@redhat.com> - 1.3.6-3 | ||||
| - Prevent fails of test_ds_misc.sh | ||||
| 
 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user