rpms/oscap-anaconda-addon
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import oscap-anaconda-addon-1.2.1-12.el8

Browse Source
This commit is contained in:
CentOS Sources 2023-03-28 12:24:43 +00:00 committed by Stepan Oksanichenko
parent 2d228ce38a
commit 76b5bacfe5
6 changed files with 1007 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

291
SOURCES/lang.patch
View File

@ -1,9 +1,9 @@
diff -U3 -N -r a/po/de.po b/po/de.po
--- a/po/de.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/de.po 2022-07-20 13:28:31.143478128 +0200
+++ b/po/de.po 2023-02-08 14:33:27.481666055 +0100
@@ -1,11 +1,12 @@
# Ludek Janda <ljanda@redhat.com>, 2019. #zanata, 2021.
+# Ettore Atalan <atalanttore@googlemail.com>, 2021.
+# Ettore Atalan <atalanttore@googlemail.com>, 2021, 2022.
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
@ -11,7 +11,7 @@ diff -U3 -N -r a/po/de.po b/po/de.po
"POT-Creation-Date: 2021-06-21 11:51+0200\n"
-"PO-Revision-Date: 2021-07-13 13:04+0000\n"
-"Last-Translator: Ludek Janda <ljanda@redhat.com>\n"
+"PO-Revision-Date: 2021-12-28 22:16+0000\n"
+"PO-Revision-Date: 2022-12-24 15:19+0000\n"
+"Last-Translator: Ettore Atalan <atalanttore@googlemail.com>\n"
"Language-Team: German <https://translate.fedoraproject.org/projects/"
"oscap-anaconda-addon/rhel8-branch/de/>\n"
@ -21,7 +21,7 @@ diff -U3 -N -r a/po/de.po b/po/de.po
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 4.7.1\n"
+"X-Generator: Weblate 4.10.1\n"
+"X-Generator: Weblate 4.15\n"
#: ../org_fedora_oscap/common.py:326
#, python-brace-format
@ -34,9 +34,64 @@ diff -U3 -N -r a/po/de.po b/po/de.po
#: ../org_fedora_oscap/data_fetch.py:262
#, python-brace-format
@@ -328,12 +329,10 @@
msgstr "Wählen Sie unten ein Profil:"
#: tmp/oscap.glade.h:7
-#, fuzzy
msgid "Profile"
msgstr "Profil"
#: tmp/oscap.glade.h:8
-#, fuzzy
msgid "Selected"
msgstr "Ausgewählt"
diff -U3 -N -r a/po/fi.po b/po/fi.po
--- a/po/fi.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/fi.po 2023-02-08 14:33:27.483666070 +0100
@@ -1,7 +1,7 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the PACKAGE package.
-# Ricky Tigg <ricky.tigg@gmail.com>, 2021.
+# Ricky Tigg <ricky.tigg@gmail.com>, 2021, 2022.
# Robin Lahtinen <robin.lahtinen@gmail.com>, 2021.
# Jan Kuparinen <copper_fin@hotmail.com>, 2021.
msgid ""
@@ -9,8 +9,8 @@
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-06-21 11:51+0200\n"
-"PO-Revision-Date: 2021-07-02 12:16+0000\n"
-"Last-Translator: Jan Kuparinen <copper_fin@hotmail.com>\n"
+"PO-Revision-Date: 2022-11-10 17:19+0000\n"
+"Last-Translator: Ricky Tigg <ricky.tigg@gmail.com>\n"
"Language-Team: Finnish <https://translate.fedoraproject.org/projects/"
"oscap-anaconda-addon/rhel8-branch/fi/>\n"
"Language: fi\n"
@@ -18,7 +18,7 @@
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 4.7.1\n"
+"X-Generator: Weblate 4.14.2\n"
#: ../org_fedora_oscap/common.py:326
#, python-brace-format
@@ -61,7 +61,8 @@
#, python-format
msgid ""
"mount option '%(mount_option)s' added for the mount point %(mount_point)s"
-msgstr "Liitoskohta '%(mount_option)s' lisätty liitoskohtaan %(mount_point)s"
+msgstr ""
+"Liitosvaihtoehto '%(mount_option)s' lisätty liitospisteeseen %(mount_point)s"
#. root password was not set
#: ../org_fedora_oscap/rule_handling.py:554
diff -U3 -N -r a/po/fr.po b/po/fr.po
--- a/po/fr.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/fr.po 2022-07-20 13:28:31.143478128 +0200
+++ b/po/fr.po 2023-02-08 14:33:27.483666070 +0100
@@ -8,45 +8,47 @@
# Ludek Janda <ljanda@redhat.com>, 2018. #zanata
# Ludek Janda <ljanda@redhat.com>, 2019. #zanata
@ -144,7 +199,7 @@ diff -U3 -N -r a/po/fr.po b/po/fr.po
#: ../org_fedora_oscap/gui/spokes/oscap.py:201
diff -U3 -N -r a/po/hr.po b/po/hr.po
--- a/po/hr.po 1970-01-01 01:00:00.000000000 +0100
+++ b/po/hr.po 2022-07-20 13:28:31.143478128 +0200
+++ b/po/hr.po 2023-02-08 14:33:27.483666070 +0100
@@ -0,0 +1,329 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
@ -475,20 +530,80 @@ diff -U3 -N -r a/po/hr.po b/po/hr.po
+#: tmp/oscap.glade.h:13
+msgid "_Fetch"
+msgstr "_Preuzmi"
diff -U3 -N -r a/po/hu.po b/po/hu.po
--- a/po/hu.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/hu.po 2023-02-08 14:33:27.483666070 +0100
@@ -7,21 +7,22 @@
# Teknős Ferenc <teknos.ferenc@gmail.com>, 2018. #zanata
# Teknős Ferenc <teknos.ferenc@gmail.com>, 2019. #zanata
# Teknős Ferenc <teknos.ferenc@gmail.com>, 2020. #zanata
+# Hoppár Zoltán <hopparz@gmail.com>, 2022.
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-06-21 11:51+0200\n"
-"PO-Revision-Date: 2020-03-29 01:40-0400\n"
-"Last-Translator: Teknős Ferenc <teknos.ferenc@gmail.com>\n"
-"Language-Team: Hungarian (http://www.transifex.com/projects/p/oscap-anaconda-"
-"addon/language/hu/)\n"
+"PO-Revision-Date: 2022-09-25 07:19+0000\n"
+"Last-Translator: Hoppár Zoltán <hopparz@gmail.com>\n"
+"Language-Team: Hungarian <https://translate.fedoraproject.org/projects/"
+"oscap-anaconda-addon/rhel8-branch/hu/>\n"
"Language: hu\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Zanata 4.6.2\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Weblate 4.14.1\n"
#: ../org_fedora_oscap/common.py:326
#, python-brace-format
@@ -129,7 +130,7 @@
"service '%s' has been added to the list of services to be added to the "
"firewall"
msgstr ""
-"szolgáltatás \"%s\" lett hozzáadva a tűzfalhoz hozzáadandó szolgáltatások "
+"\"%s\" szolgáltatás lett hozzáadva a tűzfalhoz hozzáadandó szolgáltatások "
"listájához"
#: ../org_fedora_oscap/rule_handling.py:1010
@@ -137,7 +138,7 @@
#, python-format
msgid ""
"port '%s' has been added to the list of ports to be added to the firewall"
-msgstr "port \"%s\" lett hozzáadva a tűzfalhoz hozzáadandó portok listájához"
+msgstr "\"%s\" port lett hozzáadva a tűzfalhoz hozzáadandó portok listájához"
#: ../org_fedora_oscap/rule_handling.py:1017
#: ../org_fedora_oscap/rule_handling.py:1068
@@ -220,8 +221,7 @@
#: ../org_fedora_oscap/gui/spokes/oscap.py:790
msgid "Invalid or unsupported content URL, please enter a different one."
-msgstr ""
-"Érvénytelen vagy nem támogatott tartalom URL, kérjük, írjon be másikat."
+msgstr "Érvénytelen vagy nem támogatott URL tartalom, kérjük, írjon be másikat."
#: ../org_fedora_oscap/gui/spokes/oscap.py:798
msgid "Failed to fetch content. Enter a different URL, please."
diff -U3 -N -r a/po/ja.po b/po/ja.po
--- a/po/ja.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/ja.po 2022-07-20 13:28:31.143478128 +0200
+++ b/po/ja.po 2023-02-08 14:33:27.483666070 +0100
@@ -1,6 +1,6 @@
-# Ludek Janda <ljanda@redhat.com>, 2017. #zanata
-# Ludek Janda <ljanda@redhat.com>, 2018. #zanata
-# Ludek Janda <ljanda@redhat.com>, 2020. #zanata
+# Ludek Janda <ljanda@redhat.com>, 2017. #zanata, 2021.
+# Ludek Janda <ljanda@redhat.com>, 2018. #zanata, 2021.
+# Ludek Janda <ljanda@redhat.com>, 2020. #zanata, 2021.
+# Ludek Janda <ljanda@redhat.com>, 2017. #zanata, 2021, 2022.
+# Ludek Janda <ljanda@redhat.com>, 2018. #zanata, 2021, 2022.
+# Ludek Janda <ljanda@redhat.com>, 2020. #zanata, 2021, 2022.
# Sundeep Anand <suanand@redhat.com>, 2021.
# simmon <simmon@nplob.com>, 2021.
msgid ""
@@ -8,38 +8,37 @@
@@ -8,38 +8,38 @@
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-06-21 11:51+0200\n"
@ -496,8 +611,8 @@ diff -U3 -N -r a/po/ja.po b/po/ja.po
-"Last-Translator: simmon <simmon@nplob.com>\n"
-"Language-Team: Japanese <https://translate.fedoraproject.org/projects/oscap-"
-"anaconda-addon/rhel8-branch/ja/>\n"
+"PO-Revision-Date: 2021-08-20 09:04+0000\n"
+"Last-Translator: Sundeep Anand <suanand@redhat.com>\n"
+"PO-Revision-Date: 2022-11-02 07:19+0000\n"
+"Last-Translator: Ludek Janda <ljanda@redhat.com>\n"
+"Language-Team: Japanese <https://translate.fedoraproject.org/projects/"
+"oscap-anaconda-addon/rhel8-branch/ja/>\n"
"Language: ja\n"
@ -506,7 +621,7 @@ diff -U3 -N -r a/po/ja.po b/po/ja.po
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Weblate 4.5.3\n"
+"X-Generator: Weblate 4.7.2\n"
+"X-Generator: Weblate 4.14.1\n"
#: ../org_fedora_oscap/common.py:326
#, python-brace-format
@ -521,7 +636,8 @@ diff -U3 -N -r a/po/ja.po b/po/ja.po
msgid ""
"Integrity check of the content failed - {hash_obj.name} hash didn't match"
-msgstr "コンテンツの整合性チェックに失敗しました。コンテンツを使用できません。"
+msgstr "コンテンツの整合性チェックに失敗しました。{hash_obj.name} ハッシュが一致しませんでした"
+msgstr "コンテンツの整合性チェックに失敗しました。{hash_obj.name} "
+"ハッシュが一致しませんでした"
#: ../org_fedora_oscap/data_fetch.py:117
msgid "Network connection needed to fetch data."
@ -537,7 +653,68 @@ diff -U3 -N -r a/po/ja.po b/po/ja.po
#: ../org_fedora_oscap/rule_handling.py:434
#, python-brace-format
@@ -152,39 +151,33 @@
@@ -48,18 +48,17 @@
"in the partitioning layout before installation can occur with a security "
"profile"
msgstr ""
-"{0} は、別のパーティションもしくは論理ボリューム上になければなりません。ま"
-"た、セキュリティープロファイルがインストールされる前にパーティションレイアウ"
-"トに作成されなければなりません"
+"{0} は、別のパーティションもしくは論理ボリューム上になければなりません。また"
+"、セキュリティープロファイルがインストールされる前にパーティションレイアウト"
+"に作成されなければなりません"
#. template for the message
#: ../org_fedora_oscap/rule_handling.py:445
#, python-format
msgid ""
"mount option '%(mount_option)s' added for the mount point %(mount_point)s"
-msgstr ""
-"マウントオプション '%(mount_option)s' が、マウントポイント %(mount_point)s に"
-"追加されました"
+msgstr "マウントオプション '%(mount_option)s' が、マウントポイント %(mount_point)s "
+"に追加されました"
#. root password was not set
#: ../org_fedora_oscap/rule_handling.py:554
@@ -92,8 +91,8 @@
"can't be removed from the current software selection without breaking the "
"installation."
msgstr ""
-"パッケージ ' {package}' が除外パッケージのリストに追加されましたが、インス"
-"トールを中断せずに現在のソフトウェアの選択から削除することはできません。"
+"パッケージ ' {package}' が除外パッケージのリストに追加されましたが、インスト"
+"ールを中断せずに現在のソフトウェアの選択から削除することはできません。"
#: ../org_fedora_oscap/rule_handling.py:717
#: ../org_fedora_oscap/rule_handling.py:732
@@ -123,8 +122,7 @@
msgid ""
"service '%s' has been added to the list of services to be added to the "
"firewall"
-msgstr ""
-"サービス '%s' が、ファイアウォールに追加予定のサービス一覧に追加されました"
+msgstr "サービス '%s' が、ファイアウォールに追加予定のサービス一覧に追加されました"
#: ../org_fedora_oscap/rule_handling.py:1010
#: ../org_fedora_oscap/rule_handling.py:1055
@@ -138,8 +136,7 @@
#, python-format
msgid ""
"trust '%s' has been added to the list of trusts to be added to the firewall"
-msgstr ""
-"トラスト '%s' が、ファイアウォールに追加予定のトラスト一覧に追加されました"
+msgstr "トラスト '%s' が、ファイアウォールに追加予定のトラスト一覧に追加されました"
#: ../org_fedora_oscap/rule_handling.py:1080
#: ../org_fedora_oscap/rule_handling.py:1095
@@ -147,44 +144,37 @@
msgid ""
"service '%s' has been added to the list of services to be removed from the "
"firewall"
-msgstr ""
-"サービス '%s' が、ファイアウォールから削除予定のサービス一覧に追加されました"
+msgstr "サービス '%s' が、ファイアウォールから削除予定のサービス一覧に追加されました"
#: ../org_fedora_oscap/ks/oscap.py:376
msgid "The installation should be aborted."
@ -584,9 +761,64 @@ diff -U3 -N -r a/po/ja.po b/po/ja.po
#. the first status provided
#: ../org_fedora_oscap/gui/spokes/oscap.py:229
@@ -210,9 +200,8 @@
#: ../org_fedora_oscap/gui/spokes/oscap.py:790
msgid "Invalid or unsupported content URL, please enter a different one."
-msgstr ""
-"コンテンツ URL が無効またはサポートされていません。別の URL を入力していませ"
-"ん。"
+msgstr "コンテンツ URL が無効またはサポートされていません。別の URL "
+"を入力していません。"
#: ../org_fedora_oscap/gui/spokes/oscap.py:798
msgid "Failed to fetch content. Enter a different URL, please."
@@ -222,8 +211,7 @@
msgid ""
"Network error encountered when fetching data. Please check that network is "
"setup and working."
-msgstr ""
-"データの取得時にネットワークエラーが発生しました。ネットワークが設定されてお"
+msgstr "データの取得時にネットワークエラーが発生しました。ネットワークが設定されてお"
"り、動作していることを確認してください。"
#: ../org_fedora_oscap/gui/spokes/oscap.py:815
@@ -240,9 +228,8 @@
msgid ""
"Profile with ID '%s' not defined in the content. Select a different profile, "
"please"
-msgstr ""
-"コンテンツで ID が '%s' のプロファイルが定義されていません。別のプロファイル"
-"を選択してください"
+msgstr "コンテンツで ID が '%s' "
+"のプロファイルが定義されていません。別のプロファイルを選択してください"
#: ../org_fedora_oscap/gui/spokes/oscap.py:856
msgid "Not applying security policy"
@@ -252,16 +239,14 @@
#. available
#: ../org_fedora_oscap/gui/spokes/oscap.py:887
msgid " or enter data stream content or archive URL below:"
-msgstr ""
-" または、以下にデータストリームコンテンツもしくはアーカイブの URL を入力しま"
-"す:"
+msgstr " または、以下にデータストリームコンテンツもしくはアーカイブの URL "
+"を入力します:"
#: ../org_fedora_oscap/gui/spokes/oscap.py:891 tmp/oscap.glade.h:12
msgid ""
"No content found. Please enter data stream content or archive URL below:"
-msgstr ""
-"コンテンツが見つかりませんでした。以下にデータストリームコンテンツもしくは"
-"アーカイブの URL を入力してください:"
+msgstr "コンテンツが見つかりませんでした。"
+"以下にデータストリームコンテンツもしくはアーカイブの URL を入力してください:"
#: ../org_fedora_oscap/gui/spokes/oscap.py:1029
msgid "Error fetching and loading content"
diff -U3 -N -r a/po/ko.po b/po/ko.po
--- a/po/ko.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/ko.po 2022-07-20 13:28:31.143478128 +0200
+++ b/po/ko.po 2023-02-08 14:33:27.483666070 +0100
@@ -1,13 +1,14 @@
# Ludek Janda <ljanda@redhat.com>, 2018. #zanata
# Ludek Janda <ljanda@redhat.com>, 2020. #zanata
@ -635,7 +867,7 @@ diff -U3 -N -r a/po/ko.po b/po/ko.po
msgid "The integrity check of the security content failed."
diff -U3 -N -r a/po/si.po b/po/si.po
--- a/po/si.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/si.po 2022-07-20 13:28:31.143478128 +0200
+++ b/po/si.po 2023-02-08 14:33:27.484666077 +0100
@@ -7,13 +7,16 @@
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
@ -667,7 +899,7 @@ diff -U3 -N -r a/po/si.po b/po/si.po
msgid "Fetching content data"
diff -U3 -N -r a/po/sv.po b/po/sv.po
--- a/po/sv.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/sv.po 2022-07-20 13:28:31.144478135 +0200
+++ b/po/sv.po 2023-02-08 14:33:27.484666077 +0100
@@ -1,12 +1,12 @@
-# Göran Uddeborg <goeran@uddeborg.se>, 2019. #zanata, 2020.
+# Göran Uddeborg <goeran@uddeborg.se>, 2019. #zanata, 2020, 2021.
@ -748,12 +980,12 @@ diff -U3 -N -r a/po/sv.po b/po/sv.po
msgid "Fetching content data"
diff -U3 -N -r a/po/zh_CN.po b/po/zh_CN.po
--- a/po/zh_CN.po 2021-07-30 15:17:14.000000000 +0200
+++ b/po/zh_CN.po 2022-07-20 13:28:31.144478135 +0200
+++ b/po/zh_CN.po 2023-02-08 14:33:27.484666077 +0100
@@ -1,41 +1,43 @@
-# Ludek Janda <ljanda@redhat.com>, 2018. #zanata
-# Ludek Janda <ljanda@redhat.com>, 2020. #zanata
+# Ludek Janda <ljanda@redhat.com>, 2018. #zanata, 2021.
+# Ludek Janda <ljanda@redhat.com>, 2020. #zanata, 2021.
+# Ludek Janda <ljanda@redhat.com>, 2018. #zanata, 2021, 2022.
+# Ludek Janda <ljanda@redhat.com>, 2020. #zanata, 2021, 2022.
+# Sundeep Anand <suanand@redhat.com>, 2021.
+# Transtats <suanand@redhat.com>, 2022.
msgid ""
@ -764,8 +996,8 @@ diff -U3 -N -r a/po/zh_CN.po b/po/zh_CN.po
-"PO-Revision-Date: 2020-06-26 04:26-0400\n"
-"Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n"
-"Language-Team: Chinese (Simplified)\n"
+"PO-Revision-Date: 2022-05-07 06:18+0000\n"
+"Last-Translator: Transtats <suanand@redhat.com>\n"
+"PO-Revision-Date: 2022-11-02 07:19+0000\n"
+"Last-Translator: Ludek Janda <ljanda@redhat.com>\n"
+"Language-Team: Chinese (Simplified) <https://translate.fedoraproject.org/"
+"projects/oscap-anaconda-addon/rhel8-branch/zh_CN/>\n"
"Language: zh_CN\n"
@ -775,7 +1007,7 @@ diff -U3 -N -r a/po/zh_CN.po b/po/zh_CN.po
-"Plural-Forms: nplurals=1; plural=0\n"
-"X-Generator: Zanata 4.6.2\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Weblate 4.12.1\n"
+"X-Generator: Weblate 4.14.1\n"
#: ../org_fedora_oscap/common.py:326
#, python-brace-format
@ -874,6 +1106,15 @@ diff -U3 -N -r a/po/zh_CN.po b/po/zh_CN.po
#: tmp/oscap.glade.h:3
msgid "Apply security policy:"
@@ -293,7 +289,7 @@
#: tmp/oscap.glade.h:6
msgid "Choose profile below:"
-msgstr "选择档案:"
+msgstr "选择下面的配置文件:"
#: tmp/oscap.glade.h:7
msgid "Profile"
@@ -305,7 +301,7 @@
#: tmp/oscap.glade.h:9

372
SOURCES/oscap-anaconda-addon-1.3.0-better_archive_handling-PR_220.patch Normal file
View File

@ -0,0 +1,372 @@
From e8e303aa3ca9db564ea52258de15a81851c3b265 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Wed, 12 Oct 2022 11:37:04 +0200
Subject: [PATCH 1/5] Add capability to preselect content from archives
Users can specify content path and tailoring path in kickstarts,
and the addon should be able to assure that those files are available,
and that they have precedence over other files.
---
org_fedora_oscap/content_discovery.py | 35 +++++++++++++++++++
tests/test_content_discovery.py | 48 +++++++++++++++++++++++++++
2 files changed, 83 insertions(+)
create mode 100644 tests/test_content_discovery.py
diff --git a/org_fedora_oscap/content_discovery.py b/org_fedora_oscap/content_discovery.py
index 5fc7343..f654449 100644
--- a/org_fedora_oscap/content_discovery.py
+++ b/org_fedora_oscap/content_discovery.py
@@ -11,6 +11,7 @@
from org_fedora_oscap import data_fetch, utils
from org_fedora_oscap import common
from org_fedora_oscap import content_handling
+from org_fedora_oscap.content_handling import CONTENT_TYPES
from org_fedora_oscap.common import _
@@ -167,6 +168,38 @@ def _verify_fingerprint(self, dest_filename, fingerprint=""):
msg = _(f"Integrity check of the content failed - {hash_obj.name} hash didn't match")
raise content_handling.ContentCheckError(msg)
+ def filter_discovered_content(self, labelled_files):
+ expected_path = self._addon_data.content_path
+ categories = (CONTENT_TYPES["DATASTREAM"], CONTENT_TYPES["XCCDF_CHECKLIST"])
+ if expected_path:
+ labelled_files = self.reduce_files(labelled_files, expected_path, categories)
+
+ expected_path = self._addon_data.tailoring_path
+ categories = (CONTENT_TYPES["TAILORING"], )
+ if expected_path:
+ labelled_files = self.reduce_files(labelled_files, expected_path, categories)
+
+ expected_path = self._addon_data.cpe_path
+ categories = (CONTENT_TYPES["CPE_DICT"], )
+ if expected_path:
+ labelled_files = self.reduce_files(labelled_files, expected_path, categories)
+
+ return labelled_files
+
+ def reduce_files(self, labelled_files, expected_path, categories):
+ reduced_files = dict()
+ if expected_path not in labelled_files:
+ msg = (
+ f"Expected a file {expected_path} to be part of the supplied content, "
+ f"but it was not the case, got only {list(labelled_files.keys())}"
+ )
+ raise RuntimeError(msg)
+ for path, label in labelled_files.items():
+ if label in categories and path != expected_path:
+ continue
+ reduced_files[path] = label
+ return reduced_files
+
def _finish_actual_fetch(self, wait_for, fingerprint, report_callback, dest_filename):
threadMgr.wait(wait_for)
actually_fetched_content = wait_for is not None
@@ -182,6 +215,8 @@ def _finish_actual_fetch(self, wait_for, fingerprint, report_callback, dest_file
structured_content.add_content_archive(dest_filename)
labelled_files = content_handling.identify_files(fpaths)
+ labelled_files = self.filter_discovered_content(labelled_files)
+
for fname, label in labelled_files.items():
structured_content.add_file(fname, label)
diff --git a/tests/test_content_discovery.py b/tests/test_content_discovery.py
new file mode 100644
index 0000000..5463c9a
--- /dev/null
+++ b/tests/test_content_discovery.py
@@ -0,0 +1,48 @@
+import pytest
+
+import org_fedora_oscap.content_discovery as tested_module
+
+
+@pytest.fixture
+def labelled_files():
+ return {
+ "dir/datastream": "D",
+ "dir/datastream2": "D",
+ "dir/dir/datastream3": "D",
+ "dir/dir/datastream3": "D",
+ "dir/XCCDF": "X",
+ "XCCDF2": "X",
+ "cpe": "C",
+ "t1": "T",
+ "dir3/t2": "T",
+ }
+
+
+def test_reduce(labelled_files):
+ bringer = tested_module.ContentBringer(None)
+
+ d_count = 0
+ x_count = 0
+ for l in labelled_files.values():
+ if l == "D":
+ d_count += 1
+ elif l == "X":
+ x_count += 1
+
+ reduced = bringer.reduce_files(labelled_files, "dir/datastream", ["D"])
+ assert len(reduced) == len(labelled_files) - d_count + 1
+ assert "dir/datastream" in reduced
+
+ reduced = bringer.reduce_files(labelled_files, "dir/datastream", ["D", "X"])
+ assert len(reduced) == len(labelled_files) - d_count - x_count + 1
+ assert "dir/datastream" in reduced
+
+ reduced = bringer.reduce_files(labelled_files, "dir/XCCDF", ["D", "X"])
+ assert len(reduced) == len(labelled_files) - d_count - x_count + 1
+ assert "dir/XCCDF" in reduced
+
+ with pytest.raises(RuntimeError, match="dir/datastream4"):
+ bringer.reduce_files(labelled_files, "dir/datastream4", ["D"])
+
+ reduced = bringer.reduce_files(labelled_files, "cpe", ["C"])
+ assert reduced == labelled_files
From 82c1950903fcce079cd71f021c1fde25f75f9521 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Wed, 12 Oct 2022 11:40:11 +0200
Subject: [PATCH 2/5] Handle changes in content identification
The code is able to handle changes in the way how oscap identifies
content much more gracefully.
---
org_fedora_oscap/content_discovery.py | 13 +++++++++----
org_fedora_oscap/content_handling.py | 5 +++++
2 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/org_fedora_oscap/content_discovery.py b/org_fedora_oscap/content_discovery.py
index f654449..b20f3a6 100644
--- a/org_fedora_oscap/content_discovery.py
+++ b/org_fedora_oscap/content_discovery.py
@@ -2,6 +2,7 @@
import logging
import pathlib
import shutil
+import os
from glob import glob
from pyanaconda.core import constants
@@ -214,11 +215,15 @@ def _finish_actual_fetch(self, wait_for, fingerprint, report_callback, dest_file
if content_type in ("archive", "rpm"):
structured_content.add_content_archive(dest_filename)
- labelled_files = content_handling.identify_files(fpaths)
- labelled_files = self.filter_discovered_content(labelled_files)
+ labelled_filenames = content_handling.identify_files(fpaths)
+ labelled_relative_filenames = {
+ os.path.relpath(path, self.CONTENT_DOWNLOAD_LOCATION): label
+ for path, label in labelled_filenames.items()}
+ labelled_relative_filenames = self.filter_discovered_content(labelled_relative_filenames)
- for fname, label in labelled_files.items():
- structured_content.add_file(fname, label)
+ for rel_fname, label in labelled_relative_filenames.items():
+ fname = self.CONTENT_DOWNLOAD_LOCATION / rel_fname
+ structured_content.add_file(str(fname), label)
if fingerprint and dest_filename:
structured_content.record_verification(dest_filename)
diff --git a/org_fedora_oscap/content_handling.py b/org_fedora_oscap/content_handling.py
index 65d5a28..3e2ecae 100644
--- a/org_fedora_oscap/content_handling.py
+++ b/org_fedora_oscap/content_handling.py
@@ -122,6 +122,11 @@ def get_doc_type(file_path):
if line.startswith("Document type:"):
_prefix, _sep, type_info = line.partition(":")
content_type = type_info.strip()
+ if content_type not in CONTENT_TYPES.values():
+ log.info(
+ f"File {file_path} labelled by oscap as {content_type}, "
+ "which is an unexpected type.")
+ content_type = f"unknown - {content_type}"
break
except OSError:
# 'oscap info' exitted with a non-zero exit code -> unknown doc
From b6bf5a6c96f5dbbd78043455802ebc0033cf1a6a Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Wed, 12 Oct 2022 11:38:51 +0200
Subject: [PATCH 3/5] Remove unused code
The function is not referenced anywhere in the project
---
org_fedora_oscap/content_handling.py | 40 ----------------------------
1 file changed, 40 deletions(-)
diff --git a/org_fedora_oscap/content_handling.py b/org_fedora_oscap/content_handling.py
index 3e2ecae..5096bab 100644
--- a/org_fedora_oscap/content_handling.py
+++ b/org_fedora_oscap/content_handling.py
@@ -141,43 +141,3 @@ def get_doc_type(file_path):
log.info("OSCAP addon: Identified {file_path} as {content_type}"
.format(file_path=file_path, content_type=content_type))
return content_type
-
-
-def explore_content_files(fpaths):
- """
- Function for finding content files in a list of file paths. SIMPLY PICKS
- THE FIRST USABLE CONTENT FILE OF A PARTICULAR TYPE AND JUST PREFERS DATA
- STREAMS OVER STANDALONE BENCHMARKS.
-
- :param fpaths: a list of file paths to search for content files in
- :type fpaths: [str]
- :return: ContentFiles instance containing the file names of the XCCDF file,
- CPE dictionary and tailoring file or "" in place of those items
- if not found
- :rtype: ContentFiles
-
- """
- xccdf_file = ""
- cpe_file = ""
- tailoring_file = ""
- found_ds = False
-
- for fpath in fpaths:
- doc_type = get_doc_type(fpath)
- if not doc_type:
- continue
-
- # prefer DS over standalone XCCDF
- if doc_type == "Source Data Stream" and (not xccdf_file or not found_ds):
- xccdf_file = fpath
- found_ds = True
- elif doc_type == "XCCDF Checklist" and not xccdf_file:
- xccdf_file = fpath
- elif doc_type == "CPE Dictionary" and not cpe_file:
- cpe_file = fpath
- elif doc_type == "XCCDF Tailoring" and not tailoring_file:
- tailoring_file = fpath
-
- # TODO: raise exception if no xccdf_file is found?
- files = ContentFiles(xccdf_file, cpe_file, tailoring_file)
- return files
From a990568ccddb2864c8daeae91fdc1f6588b3c6f3 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Thu, 13 Oct 2022 14:11:25 +0200
Subject: [PATCH 4/5] Dont use tailoring if it is not expected
Take tailorings into account only if it is specified in the kickstart.
Compulsive usage of tailoring may be unwanted.
---
org_fedora_oscap/content_discovery.py | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/org_fedora_oscap/content_discovery.py b/org_fedora_oscap/content_discovery.py
index b20f3a6..e9cf34a 100644
--- a/org_fedora_oscap/content_discovery.py
+++ b/org_fedora_oscap/content_discovery.py
@@ -169,16 +169,25 @@ def _verify_fingerprint(self, dest_filename, fingerprint=""):
msg = _(f"Integrity check of the content failed - {hash_obj.name} hash didn't match")
raise content_handling.ContentCheckError(msg)
+ def allow_one_expected_tailoring_or_no_tailoring(self, labelled_files):
+ expected_tailoring = self._addon_data.tailoring_path
+ tailoring_label = CONTENT_TYPES["TAILORING"]
+ if expected_tailoring:
+ labelled_files = self.reduce_files(labelled_files, expected_tailoring, [tailoring_label])
+ else:
+ labelled_files = {
+ path: label for path, label in labelled_files.items()
+ if label != tailoring_label
+ }
+ return labelled_files
+
def filter_discovered_content(self, labelled_files):
expected_path = self._addon_data.content_path
categories = (CONTENT_TYPES["DATASTREAM"], CONTENT_TYPES["XCCDF_CHECKLIST"])
if expected_path:
labelled_files = self.reduce_files(labelled_files, expected_path, categories)
- expected_path = self._addon_data.tailoring_path
- categories = (CONTENT_TYPES["TAILORING"], )
- if expected_path:
- labelled_files = self.reduce_files(labelled_files, expected_path, categories)
+ labelled_files = self.allow_one_expected_tailoring_or_no_tailoring(labelled_files)
expected_path = self._addon_data.cpe_path
categories = (CONTENT_TYPES["CPE_DICT"], )
From c4cb296ca3838a0967c8258b9ed5221691884a36 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Tue, 8 Nov 2022 10:46:59 +0100
Subject: [PATCH 5/5] Make the content RPM installation robust
If a package manager fails to install the package,
use the rpm command directly and skip deps.
---
org_fedora_oscap/ks/oscap.py | 41 ++++++++++++++++++++++++++++--------
1 file changed, 32 insertions(+), 9 deletions(-)
diff --git a/org_fedora_oscap/ks/oscap.py b/org_fedora_oscap/ks/oscap.py
index e47d6ba..dac273d 100644
--- a/org_fedora_oscap/ks/oscap.py
+++ b/org_fedora_oscap/ks/oscap.py
@@ -23,6 +23,7 @@
import shutil
import re
import os
+import io
import time
import logging
import pathlib
@@ -473,6 +474,33 @@ def setup(self, storage, ksdata, payload):
if pkg not in ksdata.packages.packageList:
ksdata.packages.packageList.append(pkg)
+ def _attempt_rpm_installation(self):
+ log.info("OSCAP addon: Installing the security content RPM to the installed system.")
+ stdout = io.StringIO()
+ ret = util.execWithRedirect(
+ "yum", ["-y", "--nogpg", "install", self.raw_postinst_content_path],
+ stdout=stdout, root=conf.target.system_root)
+ stdout.seek(0)
+ if ret != 0:
+ log.error(
+ "OSCAP addon: Error installing security content RPM using yum: {0}",
+ stdout.read())
+
+ stdout = io.StringIO()
+ ret = util.execWithRedirect(
+ "rpm", ["--install", "--nodeps", self.raw_postinst_content_path],
+ stdout=stdout, root=conf.target.system_root)
+ if ret != 0:
+ log.error(
+ "OSCAP addon: Error installing security content RPM using rpm: {0}",
+ stdout.read())
+ msg = _(f"Failed to install content RPM to the target system.")
+ raise RuntimeError(msg)
+
+ def _copy_rpm_to_target_and_install(self, target_content_dir):
+ shutil.copy2(self.raw_preinst_content_path, target_content_dir)
+ self._attempt_rpm_installation()
+
def execute(self, storage, ksdata, users, payload):
"""
The execute method that should make changes to the installed system. It
@@ -507,15 +535,10 @@ def execute(self, storage, ksdata, users, payload):
if self.content_type == "datastream":
shutil.copy2(self.preinst_content_path, target_content_dir)
elif self.content_type == "rpm":
- # copy the RPM to the target system
- shutil.copy2(self.raw_preinst_content_path, target_content_dir)
-
- # and install it with yum
- ret = util.execInSysroot("yum", ["-y", "--nogpg", "install",
- self.raw_postinst_content_path])
- if ret != 0:
- msg = _(f"Failed to install content RPM to the target system.")
- self._terminate(msg)
+ try:
+ self._copy_rpm_to_target_and_install(target_content_dir)
+ except Exception as exc:
+ self._terminate(str(exc))
return
elif self.content_type == "scap-security-guide":
# nothing needed

74
SOURCES/oscap-anaconda-addon-1.3.0-clicking_nocrash-PR_221.patch Normal file
View File

@ -0,0 +1,74 @@
From 55cc3b685dd5a9ca6059459f41876dd9f19f900d Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Tue, 11 Oct 2022 17:07:28 +0200
Subject: [PATCH 1/2] Remove redundant message
The send_ready already performs what the removed call
could aim to accomplish.
---
org_fedora_oscap/gui/spokes/oscap.py | 1 -
1 file changed, 1 deletion(-)
diff --git a/org_fedora_oscap/gui/spokes/oscap.py b/org_fedora_oscap/gui/spokes/oscap.py
index c57b1cd..4f8702a 100644
--- a/org_fedora_oscap/gui/spokes/oscap.py
+++ b/org_fedora_oscap/gui/spokes/oscap.py
@@ -150,7 +150,6 @@ def decorated(self, *args, **kwargs):
self._ready = True
# pylint: disable-msg=E1101
hubQ.send_ready(self.__class__.__name__, True)
- hubQ.send_message(self.__class__.__name__, self.status)
return ret
From 3f7c560947a17d1696899857e70ebcc8cba44019 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Thu, 13 Oct 2022 17:19:17 +0200
Subject: [PATCH 2/2] Increase robustness of fetching state detection
It is not completely practical to rely on locks alone,
and we can elliminate some corner cases by looking
whether well-known UI threads exist.
---
org_fedora_oscap/gui/spokes/oscap.py | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/org_fedora_oscap/gui/spokes/oscap.py b/org_fedora_oscap/gui/spokes/oscap.py
index 4f8702a..d8e6ce2 100644
--- a/org_fedora_oscap/gui/spokes/oscap.py
+++ b/org_fedora_oscap/gui/spokes/oscap.py
@@ -363,11 +363,14 @@ def _render_selected(self, column, renderer, model, itr, user_data=None):
else:
renderer.set_property("stock-id", None)
+ def _still_fetching(self):
+ return self._fetching or threadMgr.get('OSCAPguiWaitForDataFetchThread')
+
def _fetch_data_and_initialize(self):
"""Fetch data from a specified URL and initialize everything."""
with self._fetch_flag_lock:
- if self._fetching:
+ if self._still_fetching():
# prevent multiple fetches running simultaneously
return
self._fetching = True
@@ -894,7 +897,7 @@ def refresh(self):
# hide the progress box, no progress now
with self._fetch_flag_lock:
- if not self._fetching:
+ if not self._still_fetching():
really_hide(self._progress_box)
self._content_url_entry.set_sensitive(True)
@@ -1117,7 +1120,7 @@ def on_fetch_button_clicked(self, *args):
"""Handler for the Fetch button"""
with self._fetch_flag_lock:
- if self._fetching:
+ if self._still_fetching():
# some other fetching/pre-processing running, give up
log.warn("Clicked the fetch button, although the GUI is in the fetching mode.")
return

202
SOURCES/oscap-anaconda-addon-1.3.0-fix_content_paths-PR_225.patch Normal file
View File

@ -0,0 +1,202 @@
From 08d3da5640e5c16cda4e79cc13ac7921f1ebd964 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Tue, 15 Nov 2022 15:37:28 +0100
Subject: [PATCH 1/2] Fix handling of content paths
Archives and ready-to-use content use paths differently.
Archives get unpacked into a directory, where they need to be unpacked,
analyzed, and cross-checked with e.g. the supplied content path,
whereas ready-to-use content can be used directly.
As the current codebase doesn't untangle all possible ways how to obtain
existing content in a way of decomposing those into layers, this change
just makes the current code working at the expense of making it worse to
maintain.
---
org_fedora_oscap/content_discovery.py | 34 ++++++++++++++++++---------
org_fedora_oscap/ks/oscap.py | 6 ++++-
tests/test_content_discovery.py | 21 +++++++++++++++++
3 files changed, 49 insertions(+), 12 deletions(-)
diff --git a/org_fedora_oscap/content_discovery.py b/org_fedora_oscap/content_discovery.py
index e9cf34a..2b71b1f 100644
--- a/org_fedora_oscap/content_discovery.py
+++ b/org_fedora_oscap/content_discovery.py
@@ -25,6 +25,14 @@ def is_network(scheme):
for net_prefix in data_fetch.NET_URL_PREFIXES)
+def path_is_present_among_paths(path, paths):
+ absolute_path = os.path.abspath(path)
+ for second_path in paths:
+ if absolute_path == os.path.abspath(second_path):
+ return True
+ return False
+
+
class ContentBringer:
CONTENT_DOWNLOAD_LOCATION = pathlib.Path(common.INSTALLATION_CONTENT_DIR)
DEFAULT_SSG_DATA_STREAM_PATH = f"{common.SSG_DIR}/{common.SSG_CONTENT}"
@@ -170,7 +178,7 @@ def _verify_fingerprint(self, dest_filename, fingerprint=""):
raise content_handling.ContentCheckError(msg)
def allow_one_expected_tailoring_or_no_tailoring(self, labelled_files):
- expected_tailoring = self._addon_data.tailoring_path
+ expected_tailoring = self._addon_data.preinst_tailoring_path
tailoring_label = CONTENT_TYPES["TAILORING"]
if expected_tailoring:
labelled_files = self.reduce_files(labelled_files, expected_tailoring, [tailoring_label])
@@ -182,7 +190,7 @@ def allow_one_expected_tailoring_or_no_tailoring(self, labelled_files):
return labelled_files
def filter_discovered_content(self, labelled_files):
- expected_path = self._addon_data.content_path
+ expected_path = self._addon_data.preinst_content_path
categories = (CONTENT_TYPES["DATASTREAM"], CONTENT_TYPES["XCCDF_CHECKLIST"])
if expected_path:
labelled_files = self.reduce_files(labelled_files, expected_path, categories)
@@ -198,7 +206,7 @@ def filter_discovered_content(self, labelled_files):
def reduce_files(self, labelled_files, expected_path, categories):
reduced_files = dict()
- if expected_path not in labelled_files:
+ if not path_is_present_among_paths(expected_path, labelled_files.keys()):
msg = (
f"Expected a file {expected_path} to be part of the supplied content, "
f"but it was not the case, got only {list(labelled_files.keys())}"
@@ -225,13 +233,9 @@ def _finish_actual_fetch(self, wait_for, fingerprint, report_callback, dest_file
structured_content.add_content_archive(dest_filename)
labelled_filenames = content_handling.identify_files(fpaths)
- labelled_relative_filenames = {
- os.path.relpath(path, self.CONTENT_DOWNLOAD_LOCATION): label
- for path, label in labelled_filenames.items()}
- labelled_relative_filenames = self.filter_discovered_content(labelled_relative_filenames)
+ labelled_filenames = self.filter_discovered_content(labelled_filenames)
- for rel_fname, label in labelled_relative_filenames.items():
- fname = self.CONTENT_DOWNLOAD_LOCATION / rel_fname
+ for fname, label in labelled_filenames.items():
structured_content.add_file(str(fname), label)
if fingerprint and dest_filename:
@@ -274,11 +278,18 @@ def use_downloaded_content(self, content):
# We know that we have ended up with a datastream-like content,
# but if we can't convert an archive to a datastream.
# self._addon_data.content_type = "datastream"
- self._addon_data.content_path = str(preferred_content.relative_to(content.root))
+ content_type = self._addon_data.content_type
+ if content_type in ("archive", "rpm"):
+ self._addon_data.content_path = str(preferred_content.relative_to(content.root))
+ else:
+ self._addon_data.content_path = str(preferred_content)
preferred_tailoring = self.get_preferred_tailoring(content)
if content.tailoring:
- self._addon_data.tailoring_path = str(preferred_tailoring.relative_to(content.root))
+ if content_type in ("archive", "rpm"):
+ self._addon_data.tailoring_path = str(preferred_tailoring.relative_to(content.root))
+ else:
+ self._addon_data.tailoring_path = str(preferred_tailoring)
def use_system_content(self, content=None):
self._addon_data.clear_all()
@@ -372,6 +383,7 @@ def _xccdf_content(self):
def find_expected_usable_content(self, relative_expected_content_path):
content_path = self.root / relative_expected_content_path
+ content_path = content_path.resolve()
eligible_main_content = (self._datastream_content(), self._xccdf_content())
if content_path in eligible_main_content:
diff --git a/org_fedora_oscap/ks/oscap.py b/org_fedora_oscap/ks/oscap.py
index dac273d..7d4a131 100644
--- a/org_fedora_oscap/ks/oscap.py
+++ b/org_fedora_oscap/ks/oscap.py
@@ -179,7 +179,11 @@ def _parse_profile_id(self, value):
self.profile_id = value
def _parse_content_path(self, value):
- # need to be checked?
+ if self.content_type in ("archive", "rpm") and os.path.isabs(self.content_path):
+ msg = (
+ "When using archives-like content input, the corresponding content path "
+ "has to be relative, but got '{self.content_path}'.")
+ raise KickstartValueError(msg)
self.content_path = value
def _parse_cpe_path(self, value):
diff --git a/tests/test_content_discovery.py b/tests/test_content_discovery.py
index 5463c9a..d6e14d9 100644
--- a/tests/test_content_discovery.py
+++ b/tests/test_content_discovery.py
@@ -1,3 +1,5 @@
+import os
+
import pytest
import org_fedora_oscap.content_discovery as tested_module
@@ -46,3 +48,22 @@ def test_reduce(labelled_files):
reduced = bringer.reduce_files(labelled_files, "cpe", ["C"])
assert reduced == labelled_files
+
+
+def test_path_presence_detection():
+ list_of_paths = ["file1", os.path.abspath("file2"), os.path.abspath("dir///file3")]
+
+ list_of_paths_in_list = [
+ "file1", os.path.abspath("file1"), "./file1",
+ "file2", "dir/..//file2",
+ "dir/../dir/file3", "dir/file3",
+ ]
+ list_of_paths_not_in_list = [
+ "../file1", "file3"
+ ]
+
+ for path in list_of_paths_in_list:
+ assert tested_module.path_is_present_among_paths(path, list_of_paths)
+
+ for path in list_of_paths_not_in_list:
+ assert not tested_module.path_is_present_among_paths(path, list_of_paths)
From 786ec5d90d12a1321fbff86f5d8d4a534059ad22 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Wed, 16 Nov 2022 15:35:09 +0100
Subject: [PATCH 2/2] Compare paths according to their equivalence
not according their arbitrary string form
---
org_fedora_oscap/content_discovery.py | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/org_fedora_oscap/content_discovery.py b/org_fedora_oscap/content_discovery.py
index 2b71b1f..42c61e0 100644
--- a/org_fedora_oscap/content_discovery.py
+++ b/org_fedora_oscap/content_discovery.py
@@ -25,10 +25,14 @@ def is_network(scheme):
for net_prefix in data_fetch.NET_URL_PREFIXES)
+def paths_are_equivalent(p1, p2):
+ return os.path.abspath(p1) == os.path.abspath(p2)
+
+
def path_is_present_among_paths(path, paths):
absolute_path = os.path.abspath(path)
for second_path in paths:
- if absolute_path == os.path.abspath(second_path):
+ if paths_are_equivalent(path, second_path):
return True
return False
@@ -213,7 +217,7 @@ def reduce_files(self, labelled_files, expected_path, categories):
)
raise RuntimeError(msg)
for path, label in labelled_files.items():
- if label in categories and path != expected_path:
+ if label in categories and not paths_are_equivalent(path, expected_path):
continue
reduced_files[path] = label
return reduced_files

66
SOURCES/oscap-anaconda-addon-null-http_content_url-PR_232.patch Normal file
View File

@ -0,0 +1,66 @@
From 58d4847dc4b55b9d4982be9505127679beca87c6 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Wed, 18 Jan 2023 16:36:36 +0100
Subject: [PATCH 1/2] Handle the URL with missing ://
---
org_fedora_oscap/content_discovery.py | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/org_fedora_oscap/content_discovery.py b/org_fedora_oscap/content_discovery.py
index 42c61e0..23fdafd 100644
--- a/org_fedora_oscap/content_discovery.py
+++ b/org_fedora_oscap/content_discovery.py
@@ -67,9 +67,14 @@ def content_uri(self):
@content_uri.setter
def content_uri(self, uri):
- scheme, path = uri.split("://", 1)
- self.content_uri_path = path
- self.content_uri_scheme = scheme
+ scheme_and_maybe_path = uri.split("://")
+ if len(scheme_and_maybe_path) == 1:
+ msg = (
+ f"Invalid supplied content URL '{uri}', "
+ "use the 'scheme://path' form.")
+ raise KickstartValueError(msg)
+ self.content_uri_path = scheme_and_maybe_path[1]
+ self.content_uri_scheme = scheme_and_maybe_path[0]
def fetch_content(self, what_if_fail, ca_certs_path=""):
"""
@@ -80,7 +85,10 @@ def fetch_content(self, what_if_fail, ca_certs_path=""):
should handle them in the calling layer.
ca_certs_path: Path to the HTTPS certificate file
"""
- self.content_uri = self._addon_data.content_url
+ try:
+ self.content_uri = self._addon_data.content_url
+ except Exception as exc:
+ what_if_fail(exc)
shutil.rmtree(self.CONTENT_DOWNLOAD_LOCATION, ignore_errors=True)
self.CONTENT_DOWNLOAD_LOCATION.mkdir(parents=True, exist_ok=True)
fetching_thread_name = self._fetch_files(
From cbfdae4f43ade3ef982a967f3e2844e66db3f9a0 Mon Sep 17 00:00:00 2001
From: Matej Tyc <matyc@redhat.com>
Date: Wed, 18 Jan 2023 16:36:53 +0100
Subject: [PATCH 2/2] Stop fetching when there is an invalid profile
---
org_fedora_oscap/gui/spokes/oscap.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/org_fedora_oscap/gui/spokes/oscap.py b/org_fedora_oscap/gui/spokes/oscap.py
index d8e6ce2..54eae1e 100644
--- a/org_fedora_oscap/gui/spokes/oscap.py
+++ b/org_fedora_oscap/gui/spokes/oscap.py
@@ -469,6 +469,8 @@ def update_progress_label(msg):
if self._addon_data.profile_id and not selected:
# profile ID given, but it was impossible to select it -> invalid
# profile ID given
+ with self._fetch_flag_lock:
+ self._fetching = False
self._invalid_profile_id()
return

28
SPECS/oscap-anaconda-addon.spec
View File

@ -3,7 +3,7 @@
Name: oscap-anaconda-addon
Version: 1.2.1
Release: 8%{?dist}
Release: 12%{?dist}
Summary: Anaconda addon integrating OpenSCAP to the installation process
License: GPLv2+
@ -22,6 +22,10 @@ Patch1: lang.patch
Patch2: oscap-anaconda-addon-1.2.2-content_ident-PR_167.patch
Patch3: oscap-anaconda-addon-1.2.2-deep_archives-PR_168.patch
Patch4: oscap-anaconda-addon-1.2.2-absent_appstream-PR_184.patch
Patch5: oscap-anaconda-addon-1.3.0-better_archive_handling-PR_220.patch
Patch6: oscap-anaconda-addon-1.3.0-clicking_nocrash-PR_221.patch
Patch7: oscap-anaconda-addon-1.3.0-fix_content_paths-PR_225.patch
Patch8: oscap-anaconda-addon-null-http_content_url-PR_232.patch
BuildArch: noarch
BuildRequires: make
@ -51,6 +55,10 @@ content.
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
# NOTE CONCERNING TRANSLATION PATCHES
# When preparing translation patches, don't consider that some languages are unsupported -
# we aim to include all applicable translation texts to the appropriate patch.
@ -72,6 +80,24 @@ make install DESTDIR=%{buildroot}
%doc COPYING ChangeLog README.md
%changelog
* Wed Feb 08 2023 Matej Tyc <matyc@redhat.com> - 1.2.1-12
- Update translations
Resolves: rhbz#2139743
* Mon Jan 23 2023 Matej Tyc <matyc@redhat.com> - 1.2.1-11
- Fix a reaction to invalid content URI
Resolves: rhbz#2148509
* Wed Nov 23 2022 Matej Tyc <matyc@redhat.com> - 1.2.1-10
- Fix regression introduced when fixing content archive input
Resolves: rhbz#2129008
* Thu Nov 10 2022 Matej Tyc <matyc@redhat.com> - 1.2.1-9
- Fix problems with handling multi-datastream archives
Resolves: rhbz#2129008
- Fix a crash when compulsively clicking in the GUI
Resolves: rhbz#2000998
* Wed Jul 20 2022 Matej Tyc <matyc@redhat.com> - 1.2.1-8
- Update translations
Resolves: rhbz#2062707