Add AlmaLinux support
This commit is contained in:
root
commit
dd6cccd154
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,3 +1,3 @@
|
||||
SOURCES/scap-security-guide-0.1.52-2.el7_9-rhel6.tar.bz2
|
||||
SOURCES/scap-security-guide-0.1.73-1.el7_9-rhel7.tar.bz2
|
||||
SOURCES/scap-security-guide-0.1.76.tar.bz2
|
||||
SOURCES/scap-security-guide-0.1.77.tar.bz2
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
b22b45d29ad5a97020516230a6ef3140a91d050a SOURCES/scap-security-guide-0.1.52-2.el7_9-rhel6.tar.bz2
|
||||
17274daaa588330aa4df9a4d8df5ef448e40a696 SOURCES/scap-security-guide-0.1.73-1.el7_9-rhel7.tar.bz2
|
||||
f4e1956b455a4c66160229334046efbe297fb001 SOURCES/scap-security-guide-0.1.76.tar.bz2
|
||||
3422596a0d3e3c2b68aa33683819b20b9a0c3ab0 SOURCES/scap-security-guide-0.1.77.tar.bz2
|
||||
|
||||
@ -9,15 +9,15 @@ Subject: create_delta_scap_tailoring: pass path to build_config.yml explicitly
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake
|
||||
index 337067c215..170ae3d39f 100644
|
||||
index c5c2f0d55d..81ff323b82 100644
|
||||
--- a/cmake/SSGCommon.cmake
|
||||
+++ b/cmake/SSGCommon.cmake
|
||||
@@ -658,7 +658,7 @@ macro(ssg_build_disa_delta PRODUCT PROFILE)
|
||||
add_custom_command(
|
||||
OUTPUT "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml"
|
||||
COMMAND ${CMAKE_COMMAND} -E make_directory "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring"
|
||||
- COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir
|
||||
+ COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir -c ${CMAKE_BINARY_DIR}/build_config.yml
|
||||
- COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${Python_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir
|
||||
+ COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${Python_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir -c ${CMAKE_BINARY_DIR}/build_config.yml
|
||||
DEPENDS "${PRODUCT}-content"
|
||||
COMMENT "[${PRODUCT}-generate-ssg-delta] generating disa tailoring file"
|
||||
)
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -5,7 +5,7 @@
|
||||
# global _default_patch_fuzz 2 # Normally shouldn't be needed as patches should apply cleanly
|
||||
|
||||
Name: scap-security-guide
|
||||
Version: 0.1.76
|
||||
Version: 0.1.77
|
||||
Release: 1%{?dist}.alma.1
|
||||
Summary: Security guidance and baselines in SCAP formats
|
||||
License: BSD-3-Clause
|
||||
@ -18,9 +18,8 @@ Source1: %{_static_rhel6_content}.tar.bz2
|
||||
Source2: %{_static_rhel7_content}.tar.bz2
|
||||
Patch0: fix_scap_delta_tailoring.patch
|
||||
|
||||
|
||||
# AlmaLinux patches
|
||||
Patch1001: 0001-Add-AlmaLinux-8-support.patch
|
||||
# AlmaLinux Patch
|
||||
Patch1001: scap-security-guide-add-almalinux8-product.patch
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
@ -69,6 +68,9 @@ The %{name}-rule-playbooks package contains individual ansible playbooks per rul
|
||||
%setup -q -b1 -b2
|
||||
%patch -P 0 -p1
|
||||
|
||||
# Applying AlmaLinux Patch
|
||||
%patch -P 1001 -p1 -b .scap-security-guide-add-almalinux8-product
|
||||
|
||||
%define cmake_defines_common -DSSG_SEPARATE_SCAP_FILES_ENABLED=OFF -DSSG_BASH_SCRIPTS_ENABLED=OFF -DSSG_PRODUCT_FIREFOX:BOOLEAN=true -DSSG_PRODUCT_JRE:BOOLEAN=TRUE
|
||||
%define cmake_defines_specific %{nil}
|
||||
%if 0%{?rhel}
|
||||
@ -78,11 +80,9 @@ The %{name}-rule-playbooks package contains individual ansible playbooks per rul
|
||||
%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{centos}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON
|
||||
%endif
|
||||
%if 0%{?almalinux}
|
||||
%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_ALMALINUX%{rhel}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED:BOOL=ON
|
||||
%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_ALMALINUX%{almalinux}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED:BOOL=ON
|
||||
%endif
|
||||
|
||||
%patch1001 -p1
|
||||
|
||||
%build
|
||||
mkdir -p %{_vpath_builddir}
|
||||
cd %{_vpath_builddir}
|
||||
@ -114,6 +114,7 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
|
||||
%{_datadir}/xml/scap/ssg/content
|
||||
%{_datadir}/%{name}/kickstart
|
||||
%{_datadir}/%{name}/ansible
|
||||
%{_datadir}/%{name}/bash
|
||||
%{_datadir}/%{name}/tailoring
|
||||
%lang(en) %{_mandir}/man8/scap-security-guide.8.*
|
||||
%doc %{_docdir}/%{name}/LICENSE
|
||||
@ -130,9 +131,13 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
|
||||
%{_datadir}/%{name}/ansible/rule_playbooks
|
||||
|
||||
%changelog
|
||||
* Thu Apr 24 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 0.1.76-1.alma.1
|
||||
* Tue Jul 15 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 0.1.77-1.alma.1
|
||||
- Add AlmaLinux support
|
||||
|
||||
* Tue Jun 03 2025 Matthew Burket <mburket@redhat.com> - 0.1.77-1
|
||||
- Rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-94802)
|
||||
- STIG: do not remediate rule disabling user namespaces (RHEL-76750)
|
||||
|
||||
* Tue Feb 25 2025 Vojtech Polasek <vpolasek@redhat.com> - 0.1.76-1
|
||||
- rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-74241)
|
||||
|
||||
@ -164,6 +169,7 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
|
||||
|
||||
* Fri Feb 16 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-2
|
||||
- Unlist profiles no longer maintained in RHEL8.
|
||||
|
||||
* Wed Feb 14 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1
|
||||
- Rebase to a new upstream release 0.1.72 (RHEL-25250)
|
||||
- Increase CIS standards coverage regarding SSH and cron (RHEL-1314)
|
||||
@ -227,6 +233,7 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
|
||||
|
||||
* Wed Aug 17 2022 Watson Sato <wsato@redhat.com> - 0.1.63-4
|
||||
- Fix check of enable_fips_mode on s390x (RHBZ#2070564)
|
||||
|
||||
* Mon Aug 15 2022 Watson Sato <wsato@redhat.com> - 0.1.63-3
|
||||
- Fix Ansible partition conditional (RHBZ#2032403)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user