Rebase to release 0.1.58
This commit is contained in:
Watson Sato
parent
1a4066dba6
commit
64a2d8e60f
|
|
@ -1,55 +0,0 @@
|
|||
From 460922d3b258ba5b437afc99b5b02d2690788db9 Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Scheel <alex.scheel@canonical.com>
|
||||
Date: Tue, 27 Jul 2021 15:20:08 -0400
|
||||
Subject: [PATCH] Remove FragmentPath check from service_disabled
|
||||
|
||||
In https://github.com/systemd/systemd/issues/582 it is documented that
|
||||
systemd could eventually replace FragmentPath=/dev/null (on masked
|
||||
services) with the actual service path -- not the fully (symlink)
|
||||
resolved path as is currently the case.
|
||||
|
||||
This matches the behavior currently seen in Ubuntu (all versions) and
|
||||
RHEL 9/Fedora 34.
|
||||
|
||||
Per discussion with Gabriel, Matej, Richard, and Matt, it is best to
|
||||
remove this check, especially since ActiveState=Masked suffices.
|
||||
|
||||
Resolves: #7280
|
||||
Resolves: #7248
|
||||
|
||||
Signed-off-by: Alexander Scheel <alex.scheel@canonical.com>
|
||||
---
|
||||
shared/templates/service_disabled/oval.template | 13 -------------
|
||||
1 file changed, 13 deletions(-)
|
||||
|
||||
diff --git a/shared/templates/service_disabled/oval.template b/shared/templates/service_disabled/oval.template
|
||||
index 33b52518307..e4ccb0566e7 100644
|
||||
--- a/shared/templates/service_disabled/oval.template
|
||||
+++ b/shared/templates/service_disabled/oval.template
|
||||
@@ -13,7 +13,6 @@
|
||||
<criteria operator="AND" comment="service {{{ SERVICENAME }}} is not configured to start">
|
||||
<criterion comment="{{{ SERVICENAME }}} is not running" test_ref="test_service_not_running_{{{ SERVICENAME }}}" />
|
||||
<criterion comment="Property LoadState of service {{{ SERVICENAME }}} is masked" test_ref="test_service_loadstate_is_masked_{{{ SERVICENAME }}}" />
|
||||
- <criterion comment="Property FragmentPath of service {{{ SERVICENAME }}} is set to /dev/null" test_ref="test_service_fragmentpath_is_dev_null_{{{ SERVICENAME }}}" />
|
||||
</criteria>
|
||||
</criteria>
|
||||
</definition>
|
||||
@@ -41,18 +40,6 @@
|
||||
<linux:value>masked</linux:value>
|
||||
</linux:systemdunitproperty_state>
|
||||
|
||||
- <linux:systemdunitproperty_test id="test_service_fragmentpath_is_dev_null_{{{ SERVICENAME }}}" check="all" check_existence="any_exist" comment="Test that the property FragmentPath from the service {{{ SERVICENAME }}} is set to /dev/null" version="1">
|
||||
- <linux:object object_ref="obj_service_fragmentpath_is_dev_null_{{{ SERVICENAME }}}"/>
|
||||
- <linux:state state_ref="state_service_fragmentpath_is_dev_null_{{{ SERVICENAME }}}"/>
|
||||
- </linux:systemdunitproperty_test>
|
||||
- <linux:systemdunitproperty_object id="obj_service_fragmentpath_is_dev_null_{{{ SERVICENAME }}}" comment="Retrieve the FragmentPath property of {{{ SERVICENAME }}}" version="1">
|
||||
- <linux:unit operation="pattern match">^{{{ SERVICENAME }}}\.(service|socket)$</linux:unit>
|
||||
- <linux:property>FragmentPath</linux:property>
|
||||
- </linux:systemdunitproperty_object>
|
||||
- <linux:systemdunitproperty_state id="state_service_fragmentpath_is_dev_null_{{{ SERVICENAME }}}" version="1" comment="FragmentPath is set to /dev/null">
|
||||
- <linux:value>/dev/null</linux:value>
|
||||
- </linux:systemdunitproperty_state>
|
||||
-
|
||||
{{% else %}}
|
||||
|
||||
{{% if init_system != "systemd" %}}
|
||||
|
|
@ -4,16 +4,14 @@
|
|||
%global _vpath_builddir build
|
||||
|
||||
Name: scap-security-guide
|
||||
Version: 0.1.57
|
||||
Version: 0.1.58
|
||||
Release: 1%{?dist}
|
||||
Summary: Security guidance and baselines in SCAP formats
|
||||
License: BSD-3-Clause
|
||||
License: BSD
|
||||
URL: https://github.com/ComplianceAsCode/content/
|
||||
Source0: https://github.com/ComplianceAsCode/content/releases/download/v%{version}/scap-security-guide-%{version}.tar.bz2
|
||||
BuildArch: noarch
|
||||
|
||||
Patch0: scap-security-guide-0.1.58-fix_service_disabled-PR_7296.patch
|
||||
|
||||
BuildRequires: libxslt
|
||||
BuildRequires: expat
|
||||
BuildRequires: openscap-scanner >= 1.2.5
|
||||
|
|
@ -99,6 +97,11 @@ rm %{buildroot}/%{_docdir}/%{name}/Contributors.md
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Sep 30 2021 Watson Sato <wsato@redhat.com> - 0.1.58-1
|
||||
- Update to latest upstream SCAP-Security-Guide-0.1.58 release:
|
||||
https://github.com/ComplianceAsCode/content/releases/tag/v0.1.58
|
||||
- Fix license warning.
|
||||
|
||||
* Thu Jul 29 2021 Matej Tyc <matyc@redhat.com> - 0.1.57-1
|
||||
- Update to latest upstream SCAP-Security-Guide-0.1.57 release:
|
||||
https://github.com/ComplianceAsCode/content/releases/tag/v0.1.57
|
||||
|
|
|
|||
Loading…
Reference in New Issue