rpms
/
subscription-manager
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI subscription-manager-1.29.38-1.el9_3

This commit is contained in:
eabdullin 2023-11-07 11:35:39 +00:00
parent 9678559405
commit af2ef5ffd3
4 changed files with 105 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/subscription-manager-1.29.33.1.tar.gz
SOURCES/subscription-manager-1.29.38.tar.gz

2
.subscription-manager.metadata
View File

@ -1 +1 @@
38881af878868368653d5998ce98adc45e82b7cf SOURCES/subscription-manager-1.29.33.1.tar.gz
711306cb958fd5b645191e8e35aebc432818501d SOURCES/subscription-manager-1.29.38.tar.gz

99
SOURCES/00001-fix-dbus-policy.patch
View File

@ -1,99 +0,0 @@
diff --git a/etc-conf/dbus/system.d/com.redhat.RHSM1.conf b/etc-conf/dbus/system.d/com.redhat.RHSM1.conf
index e21c57263..11adf1d79 100644
--- a/etc-conf/dbus/system.d/com.redhat.RHSM1.conf
+++ b/etc-conf/dbus/system.d/com.redhat.RHSM1.conf
@@ -7,23 +7,9 @@
<policy user="root">
<allow own="com.redhat.RHSM1"/>
- <!-- Basic D-Bus API stuff -->
- <allow send_destination="com.redhat.RHSM1"
- send_interface="org.freedesktop.DBus.Introspectable"/>
- <allow send_destination="com.redhat.RHSM1"
- send_interface="org.freedesktop.DBus.Properties"/>
- <allow send_destination="com.redhat.RHSM1"
- send_interface="org.freedesktop.DBus.ObjectManager"/>
-
- <!-- allow Config.Set from root -->
- <allow send_destination="com.redhat.RHSM1"
- send_interface="com.redhat.RHSM1.Config"
- send_member="Set"/>
- </policy>
-
-
- <policy context="default">
- <!-- TODO: make these read-only by default -->
+ <!--
+ Lock down the objects to root access only
+ -->
<allow send_destination="com.redhat.RHSM1"
send_interface="com.redhat.RHSM1"/>
@@ -37,11 +23,6 @@
<allow send_destination="com.redhat.RHSM1"
send_interface="com.redhat.RHSM1.Config"/>
- <!-- deny Config.Set by default -->
- <deny send_destination="com.redhat.RHSM1"
- send_interface="com.redhat.RHSM1.Config"
- send_member="Set"/>
-
<allow send_destination="com.redhat.RHSM1"
send_interface="com.redhat.RHSM1.RegisterServer"/>
@@ -65,5 +46,54 @@
<allow send_destination="com.redhat.RHSM1"
send_interface="org.freedesktop.DBus.ObjectManager"/>
</policy>
-</busconfig>
+
+ <policy context="default">
+
+ <!--
+ Non-root users can execute only methods providing
+ information from files readable by non-root users.
+ -->
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Entitlement"
+ send_member="GetStatus"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Products"
+ send_member="ListInstalledProducts"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Syspurpose"
+ send_member="GetSyspurpose"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Syspurpose"
+ send_member="GetSyspurposeStatus"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Config"
+ send_member="GetAll"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Config"
+ send_member="Get"/>
+
+ <!--
+ The UUID returned by following method is read
+ from consumer cert. Only this file is not
+ readable by non-root users.
+ -->
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Consumer"
+ send_member="GetUuid"/>
+
+ <!-- Basic D-Bus API stuff -->
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="org.freedesktop.DBus.Properties"/>
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="org.freedesktop.DBus.ObjectManager"/>
+ </policy>
+</busconfig>

119
SPECS/subscription-manager.spec
View File

@ -95,14 +95,14 @@
%global exclude_packages %{exclude_packages}"
Name: subscription-manager
Version: 1.29.33.1
Release: 2%{?dist}
Version: 1.29.38
Release: 1%{?dist}
Summary: Tools and libraries for subscription and repository management
%if 0%{?suse_version}
Group: Productivity/Networking/System
License: GPL-2.0
%else
License: GPLv2
License: GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later
%endif
URL: http://www.candlepinproject.org/
@ -130,7 +130,7 @@ Source2: subscription-manager-rpmlintrc
# nesting is required since RPM requires the various preamble directives to be
# at the start of a line making meaningful indentation impossible.
Requires: %{py_package_prefix}-ethtool
Requires: iproute
Requires: %{py_package_prefix}-iniparse
Requires: %{py_package_prefix}-decorator
Requires: virt-what
@ -164,7 +164,7 @@ Requires: %{py_package_prefix}-setuptools
%if %{use_dnf}
%if %{create_libdnf_rpm}
Requires: dnf >= 1.0.0
Requires: python3-dnf
Requires: python3-dnf-plugins-core
Requires: python3-librepo
%else
@ -201,6 +201,8 @@ BuildRequires: %{py_package_prefix}-dateutil
BuildRequires: systemd
Obsoletes: subscription-manager-migration <= %{version}-%{release}
Obsoletes: subscription-manager-initial-setup-addon <= %{version}-%{release}
Obsoletes: rhsm-gtk <= %{version}-%{release}
@ -222,8 +224,6 @@ Obsoletes: dnf-plugin-subscription-manager < 1.29.0
Obsoletes: %{py_package_prefix}-syspurpose <= %{version}
Patch00001: 00001-fix-dbus-policy.patch
%description
The Subscription Manager package provides programs and libraries to allow users
to manage subscriptions and yum repositories from the Red Hat entitlement
@ -250,9 +250,6 @@ BuildRequires: cmake
BuildRequires: gcc
BuildRequires: json-c-devel
BuildRequires: libdnf-devel >= 0.22.5
Requires: json-c
Requires: libdnf >= 0.22.5
Requires: dnf >= 1.0.0
Obsoletes: dnf-plugin-subscription-manager < 1.29.0
@ -365,8 +362,6 @@ cloud metadata and signatures.
%prep
%setup -q
%autopatch -p1
%build
make -f Makefile VERSION=%{version}-%{release} CFLAGS="%{optflags}" \
LDFLAGS="%{__global_ldflags}" OS_DIST="%{dist}" PYTHON="%{__python}" \
@ -740,12 +735,104 @@ rmdir %{python_sitearch}/subscription_manager-*-*.egg-info --ignore-fail-on-non-
rm -f /var/lib/rhsm/cache/rhsm_icon.json
%changelog
* Mon Aug 07 2023 Jiri Hnidek <jhnidek@redhat.com> 1.29.33.1-2
- 2225445: Fix D-Bus policy (jhnidek@redhat.com)
* Thu Sep 14 2023 Pino Toscano <ptoscano@redhat.com> 1.29.38-1
- Translated using Weblate (Chinese (Simplified) (zh_CN)) (ptoscano@redhat.com)
- ci: bump actions/checkout from 3 to 4
(49699333+dependabot[bot]@users.noreply.github.com)
- ENT-5603: Fix a typo in a comment (mhorky@redhat.com)
* Thu Mar 02 2023 Pino Toscano <ptoscano@redhat.com> 1.29.33.1-1
- tito: add rhel 9.2 releaser (ptoscano@redhat.com)
* Wed Aug 23 2023 Pino Toscano <ptoscano@redhat.com> 1.29.37-1
- Translated using Weblate (Korean) (simmon@nplob.com)
- Update translation files (noreply@weblate.org)
- 2225446: Hotfix of D-Bus policy (jhnidek@redhat.com)
- TESTING: Update testing requirements (mhorky@redhat.com)
- Use Fedora registry to pull container images (mhorky@redhat.com)
- 2232316: dbus: check "force" again from the registration option
(ptoscano@redhat.com)
- dbus: run EntCertActionInvoker on PoolAttach (ptoscano@redhat.com)
- ENT-5624: Properly translate error strings (mhorky@redhat.com)
- Mock IOError for Insights fact collection tests (mhorky@redhat.com)
- New extraction for translatable strings (ptoscano@redhat.com)
* Wed Aug 02 2023 Pino Toscano <ptoscano@redhat.com> 1.29.36-1
- Translated using Weblate (Korean) (simmon@nplob.com)
- ENT-5581: Update messaging around the "container mode" (mhorky@redhat.com)
- Remove 'dbus' marker for pytest (mhorky@redhat.com)
- Rewrite D-Bus tests to be testable without pytest-forked (mhorky@redhat.com)
- Drop further ethtool dependency mentions (mhorky@redhat.com)
- tests: fix test_file_monitor without pyinotify (ptoscano@redhat.com)
- tests: switch from imp to importlib (ptoscano@redhat.com)
- Fix the order of user env var checking for translations.
(tkuratom@redhat.com)
- 2215974: Collect network facts using 'ip' (mhorky@redhat.com)
- ENT-5582: Remove container detection envvar overwrite (mhorky@redhat.com)
- ENT-5603: Explicitly check for provided entitlement certificates
(mhorky@redhat.com)
- fix test case (chambrid@redhat.com)
- Collect GCP Project information as cloud facts (chambrid@redhat.com)
- Collect Azure Subscription ID as a cloud fact (#3285) (chambrid@redhat.com)
- ENT-5580: Disable the proper container detection (mhorky@redhat.com)
- spec: convert License to SPDX (ptoscano@redhat.com)
- 2093291: Make reading of cache file more reliable (jhnidek@redhat.com)
- 2093291: Make code of DNF plugins testable (jhnidek@redhat.com)
- spec: change subscription-manager dnf dep (ptoscano@redhat.com)
- spec: update libdnf-plugin-subscription-manager deps (ptoscano@redhat.com)
- tests: repair attach cases in SCA mode (ptoscano@redhat.com)
* Tue May 16 2023 Pino Toscano <ptoscano@redhat.com> 1.29.35-1
- Translated using Weblate (Italian) (toscano.pino@tiscali.it)
- Clean up tests using Cloud What detectors properly (mhorky@redhat.com)
- spec: Obsolete subscription-manager-migration (ptoscano@redhat.com)
- Translated using Weblate (Chinese (Simplified) (zh_CN)) (ljanda@redhat.com)
- Translated using Weblate (Korean) (simmon@nplob.com)
- Translated using Weblate (Georgian) (temuri.doghonadze@gmail.com)
- Translated using Weblate (Italian) (toscano.pino@tiscali.it)
- Update translation files (noreply@weblate.org)
- New extraction for translatable strings (ptoscano@redhat.com)
- Translated using Weblate (Italian) (toscano.pino@tiscali.it)
- Typo fixes (ptoscano@redhat.com)
- Avoid string puzzle (ptoscano@redhat.com)
- Properly use ungettext for plural forms (ptoscano@redhat.com)
- 2189664: cache: fix SyspurposeComplianceStatusCache on failed load
(ptoscano@redhat.com)
- dbus: don't catch exceptions in DomainSocketServer.run()
(ptoscano@redhat.com)
- cli: directly exit on InvalidCLIOptionError (ptoscano@redhat.com)
- Revert "ENT-5549: Fix return code handling of CLI" (ptoscano@redhat.com)
- ci: add dependabot config for GitHub Actions (ptoscano@redhat.com)
- Update .git-blame-ignore-revs (mhorky@redhat.com)
- Format code with black==23.3.0 (mhorky@redhat.com)
- ENT-5535: Update black to version 23.3.0 (mhorky@redhat.com)
* Wed Apr 12 2023 Pino Toscano <ptoscano@redhat.com> 1.29.34-1
- Update TESTING.md (mhorky@redhat.com)
- Improved debug print of http traffic, when proxy is used (jhnidek@redhat.com)
- ENT-5544: Remove Jenkins jobs, Containers (mhorky@redhat.com)
- ENT-5549: Remove unused code from entcertlib (mhorky@redhat.com)
- ENT-5549: Fix issues found when type-hinting (mhorky@redhat.com)
- ENT-5549: Fix return code handling of CLI (mhorky@redhat.com)
- ENT-5549: Fix found type hint issues (mhorky@redhat.com)
- ENT-5549: Fix object instantiation in EntitlementDirectory
(mhorky@redhat.com)
- ENT-5549: Refactor ProductDirectory (mhorky@redhat.com)
- ENT-5549: Change internal implementation for some Cache methods
(mhorky@redhat.com)
- ENT-5549: Clean up _sync_with_server arguments of cache objects
(mhorky@redhat.com)
- ENT-5549: Remove 'autoheal' argument from Action clients (mhorky@redhat.com)
- Refactored code a little bit (jhnidek@redhat.com)
- 2093291: Make locking more reliable (jhnidek@redhat.com)
- test: add simple test for 2178610 (ptoscano@redhat.com)
- Small improvement of debugging of http traffic (jhnidek@redhat.com)
- 2093883: Fix issue with race condition in rhsm.service (jhnidek@redhat.com)
- 2178610: do not collect unentitled products in SCA mode (ptoscano@redhat.com)
- 2174297: register: do a simple strip() on environment(s) input
(ptoscano@redhat.com)
- Stop subclassing 'object' (ptoscano@redhat.com)
- Remove pytest arguments for CentOS 9 Stream image (mhorky@redhat.com)
- tests: Install dnf-plugins-core every time (mhorky@redhat.com)
- 2169251: connection: restore UEPConnection.getJob() (ptoscano@redhat.com)
- ENT-5106: Type-hint subscription_manager/ files (mhorky@redhat.com)
* Thu Feb 16 2023 Pino Toscano <ptoscano@redhat.com> 1.29.33-1
- Translated using Weblate (French) (ljanda@redhat.com)