import oscap-anaconda-addon-1.1.1-7.el8

2021-05-18 03:01:06 -04:00 · 2021-05-18 03:01:06 -04:00 · 13c62bbafe
commit 13c62bbafe
parent ec32b32bd4
3 changed files with 255 additions and 450 deletions
--- a/SOURCES/lang.patch
+++ b/SOURCES/lang.patch
--- a/SOURCES/oscap-anaconda-addon-1.2-new_package_groups-PR_128.patch
+++ b/SOURCES/oscap-anaconda-addon-1.2-new_package_groups-PR_128.patch
@ -0,0 +1,50 @@
 From 1de759e8bcf1caddddfdda59496473ed9b525365 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Mat=C4=9Bj=20T=C3=BD=C4=8D?= <matyc@redhat.com>
 Date: Wed, 4 Nov 2020 17:48:35 +0100
 Subject: [PATCH] Expanded group data to detect more package collisions.
 This should cover RHEL8 OSPP and CIS profiles.
 ---
 org_fedora_oscap/rule_handling.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)
 diff --git a/org_fedora_oscap/rule_handling.py b/org_fedora_oscap/rule_handling.py
 index 6a3a04e..80d86c7 100644
 --- a/org_fedora_oscap/rule_handling.py
 +++ b/org_fedora_oscap/rule_handling.py
@@ -40,12 +40,26 @@
 __all__ = ["RuleData"]
 +# Mapping of packages to package environments and/or groups that depends on them
 +# See also https://access.redhat.com/solutions/1201413 how to get group IDs.
 +# on RHEL8, use e.g. grep -R "<id>" /var/cache/dnf/*
 ESSENTIAL_PACKAGES = {
     "xorg-x11-server-common": {
         "env": ["graphical-server-environment", "workstation-product-environment"],
 +        "groups": ["workstation-product-environment"],
     },
     "nfs-utils": {
         "env": ["graphical-server-environment", "workstation-product-environment"],
 +        "groups": ["workstation-product-environment"],
 +    },
 +    "tftp": {
 +        "groups": ["network-server"],
 +    },
 +    "abrt": {
 +        "groups": ["debugging"],
 +    },
 +    "gssproxy": {
 +        "groups": ["file-server"],
     },
 }
@@ -642,7 +656,7 @@ def _package_is_essential(self, package_name, ksdata_packages):
         if package_name in ksdata_packages.packageList:
             return True
         selected_install_env = ksdata_packages.environment
 -        if selected_install_env in ESSENTIAL_PACKAGES[package_name].get("env"):
 +        if selected_install_env in ESSENTIAL_PACKAGES[package_name].get("env", []):
             return True
         selected_install_groups_names = {g.name for g in ksdata_packages.groupList}
         for g in ESSENTIAL_PACKAGES[package_name].get("groups", []):
--- a/SPECS/oscap-anaconda-addon.spec
+++ b/SPECS/oscap-anaconda-addon.spec
@ -3,7 +3,7 @@
 Name:           oscap-anaconda-addon
 Version:        1.1.1
-Release:        5%{?dist}
+Release:        7%{?dist}
 Summary:        Anaconda addon integrating OpenSCAP to the installation process
 License:        GPLv2+
@ -24,10 +24,12 @@ Patch3: 	oaa-1.2_warn-nfs-utils.patch
 Patch4: 	oaa-1.2_lang-streamline.patch
 Patch5: 	oaa-1.2_spoke-window_PR122.patch
 Patch6: 	oaa-1.2-unicode_issues_PR124.patch
 Patch7: 	oscap-anaconda-addon-1.2-new_package_groups-PR_128.patch
 BuildArch:      noarch
 BuildRequires:  make
 BuildRequires:  gettext
-BuildRequires:	python3-devel
+BuildRequires:  python3-devel
 BuildRequires:  python3-pycurl
 BuildRequires:  openscap openscap-utils openscap-python3
 BuildRequires:  anaconda-core >= 33
@ -51,6 +53,7 @@ content.
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
 # As patches may translates the strings that are updated by later patches,
 # Patch1 needs to be aplied last.
@ -76,6 +79,12 @@ make install DESTDIR=%{buildroot}
 %doc COPYING ChangeLog README.md
 %changelog
 * Mon Feb 15 2021 Matej Tyc <matyc@redhat.com> - 1.1.1-7
 - Updated translations.
 * Wed Nov 11 11:46:56 CET 2020 Matej Tyc <matyc@redhat.com> - 1.1.1-6
 - Improved handling of conflicts between packages removed vs software wanted to be installed - rhbz#1892310
 * Tue Aug 18 2020 Matěj Týč <matyc@redhat.com> - 1.1.1-5
 - Fixed issues with encountering filenames with weird encoding during scans - rhbz#1867960