rpms
/
subscription-manager
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI subscription-manager-1.29.38-1.el9_3

This commit is contained in:
eabdullin 2023-11-07 11:35:39 +00:00
parent 9678559405
commit af2ef5ffd3
4 changed files with 105 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/subscription-manager-1.29.33.1.tar.gz SOURCES/subscription-manager-1.29.38.tar.gz

2
.subscription-manager.metadata
View File

@ -1 +1 @@
38881af878868368653d5998ce98adc45e82b7cf SOURCES/subscription-manager-1.29.33.1.tar.gz 711306cb958fd5b645191e8e35aebc432818501d SOURCES/subscription-manager-1.29.38.tar.gz

99
SOURCES/00001-fix-dbus-policy.patch
View File

@ -1,99 +0,0 @@
diff --git a/etc-conf/dbus/system.d/com.redhat.RHSM1.conf b/etc-conf/dbus/system.d/com.redhat.RHSM1.conf
index e21c57263..11adf1d79 100644
--- a/etc-conf/dbus/system.d/com.redhat.RHSM1.conf
+++ b/etc-conf/dbus/system.d/com.redhat.RHSM1.conf
@@ -7,23 +7,9 @@
<policy user="root">
<allow own="com.redhat.RHSM1"/>
- <!-- Basic D-Bus API stuff -->
- <allow send_destination="com.redhat.RHSM1"
- send_interface="org.freedesktop.DBus.Introspectable"/>
- <allow send_destination="com.redhat.RHSM1"
- send_interface="org.freedesktop.DBus.Properties"/>
- <allow send_destination="com.redhat.RHSM1"
- send_interface="org.freedesktop.DBus.ObjectManager"/>
-
- <!-- allow Config.Set from root -->
- <allow send_destination="com.redhat.RHSM1"
- send_interface="com.redhat.RHSM1.Config"
- send_member="Set"/>
- </policy>
-
-
- <policy context="default">
- <!-- TODO: make these read-only by default -->
+ <!--
+ Lock down the objects to root access only
+ -->
<allow send_destination="com.redhat.RHSM1"
send_interface="com.redhat.RHSM1"/>
@@ -37,11 +23,6 @@
<allow send_destination="com.redhat.RHSM1"
send_interface="com.redhat.RHSM1.Config"/>
- <!-- deny Config.Set by default -->
- <deny send_destination="com.redhat.RHSM1"
- send_interface="com.redhat.RHSM1.Config"
- send_member="Set"/>
-
<allow send_destination="com.redhat.RHSM1"
send_interface="com.redhat.RHSM1.RegisterServer"/>
@@ -65,5 +46,54 @@
<allow send_destination="com.redhat.RHSM1"
send_interface="org.freedesktop.DBus.ObjectManager"/>
</policy>
-</busconfig>
+
+ <policy context="default">
+
+ <!--
+ Non-root users can execute only methods providing
+ information from files readable by non-root users.
+ -->
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Entitlement"
+ send_member="GetStatus"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Products"
+ send_member="ListInstalledProducts"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Syspurpose"
+ send_member="GetSyspurpose"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Syspurpose"
+ send_member="GetSyspurposeStatus"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Config"
+ send_member="GetAll"/>
+
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Config"
+ send_member="Get"/>
+
+ <!--
+ The UUID returned by following method is read
+ from consumer cert. Only this file is not
+ readable by non-root users.
+ -->
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="com.redhat.RHSM1.Consumer"
+ send_member="GetUuid"/>
+
+ <!-- Basic D-Bus API stuff -->
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="org.freedesktop.DBus.Properties"/>
+ <allow send_destination="com.redhat.RHSM1"
+ send_interface="org.freedesktop.DBus.ObjectManager"/>
+ </policy>
+</busconfig>

119
SPECS/subscription-manager.spec
View File

@ -95,14 +95,14 @@
%global exclude_packages %{exclude_packages}" %global exclude_packages %{exclude_packages}"
Name: subscription-manager Name: subscription-manager
Version: 1.29.33.1 Version: 1.29.38
Release: 2%{?dist} Release: 1%{?dist}
Summary: Tools and libraries for subscription and repository management Summary: Tools and libraries for subscription and repository management
%if 0%{?suse_version} %if 0%{?suse_version}
Group: Productivity/Networking/System Group: Productivity/Networking/System
License: GPL-2.0 License: GPL-2.0
%else %else
License: GPLv2 License: GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later
%endif %endif
URL: http://www.candlepinproject.org/ URL: http://www.candlepinproject.org/
@ -130,7 +130,7 @@ Source2: subscription-manager-rpmlintrc
# nesting is required since RPM requires the various preamble directives to be # nesting is required since RPM requires the various preamble directives to be
# at the start of a line making meaningful indentation impossible. # at the start of a line making meaningful indentation impossible.
Requires: %{py_package_prefix}-ethtool Requires: iproute
Requires: %{py_package_prefix}-iniparse Requires: %{py_package_prefix}-iniparse
Requires: %{py_package_prefix}-decorator Requires: %{py_package_prefix}-decorator
Requires: virt-what Requires: virt-what
@ -164,7 +164,7 @@ Requires: %{py_package_prefix}-setuptools
%if %{use_dnf} %if %{use_dnf}
%if %{create_libdnf_rpm} %if %{create_libdnf_rpm}
Requires: dnf >= 1.0.0 Requires: python3-dnf
Requires: python3-dnf-plugins-core Requires: python3-dnf-plugins-core
Requires: python3-librepo Requires: python3-librepo
%else %else
@ -201,6 +201,8 @@ BuildRequires: %{py_package_prefix}-dateutil
BuildRequires: systemd BuildRequires: systemd
Obsoletes: subscription-manager-migration <= %{version}-%{release}
Obsoletes: subscription-manager-initial-setup-addon <= %{version}-%{release} Obsoletes: subscription-manager-initial-setup-addon <= %{version}-%{release}
Obsoletes: rhsm-gtk <= %{version}-%{release} Obsoletes: rhsm-gtk <= %{version}-%{release}
@ -222,8 +224,6 @@ Obsoletes: dnf-plugin-subscription-manager < 1.29.0
Obsoletes: %{py_package_prefix}-syspurpose <= %{version} Obsoletes: %{py_package_prefix}-syspurpose <= %{version}
Patch00001: 00001-fix-dbus-policy.patch
%description %description
The Subscription Manager package provides programs and libraries to allow users The Subscription Manager package provides programs and libraries to allow users
to manage subscriptions and yum repositories from the Red Hat entitlement to manage subscriptions and yum repositories from the Red Hat entitlement
@ -250,9 +250,6 @@ BuildRequires: cmake
BuildRequires: gcc BuildRequires: gcc
BuildRequires: json-c-devel BuildRequires: json-c-devel
BuildRequires: libdnf-devel >= 0.22.5 BuildRequires: libdnf-devel >= 0.22.5
Requires: json-c
Requires: libdnf >= 0.22.5
Requires: dnf >= 1.0.0
Obsoletes: dnf-plugin-subscription-manager < 1.29.0 Obsoletes: dnf-plugin-subscription-manager < 1.29.0
@ -365,8 +362,6 @@ cloud metadata and signatures.
%prep %prep
%setup -q %setup -q
%autopatch -p1
%build %build
make -f Makefile VERSION=%{version}-%{release} CFLAGS="%{optflags}" \ make -f Makefile VERSION=%{version}-%{release} CFLAGS="%{optflags}" \
LDFLAGS="%{__global_ldflags}" OS_DIST="%{dist}" PYTHON="%{__python}" \ LDFLAGS="%{__global_ldflags}" OS_DIST="%{dist}" PYTHON="%{__python}" \
@ -740,12 +735,104 @@ rmdir %{python_sitearch}/subscription_manager-*-*.egg-info --ignore-fail-on-non-
rm -f /var/lib/rhsm/cache/rhsm_icon.json rm -f /var/lib/rhsm/cache/rhsm_icon.json
%changelog %changelog
* Mon Aug 07 2023 Jiri Hnidek <jhnidek@redhat.com> 1.29.33.1-2 * Thu Sep 14 2023 Pino Toscano <ptoscano@redhat.com> 1.29.38-1
- 2225445: Fix D-Bus policy (jhnidek@redhat.com) - Translated using Weblate (Chinese (Simplified) (zh_CN)) (ptoscano@redhat.com)
- ci: bump actions/checkout from 3 to 4
(49699333+dependabot[bot]@users.noreply.github.com)
- ENT-5603: Fix a typo in a comment (mhorky@redhat.com)
* Thu Mar 02 2023 Pino Toscano <ptoscano@redhat.com> 1.29.33.1-1 * Wed Aug 23 2023 Pino Toscano <ptoscano@redhat.com> 1.29.37-1
- tito: add rhel 9.2 releaser (ptoscano@redhat.com) - Translated using Weblate (Korean) (simmon@nplob.com)
- Update translation files (noreply@weblate.org)
- 2225446: Hotfix of D-Bus policy (jhnidek@redhat.com)
- TESTING: Update testing requirements (mhorky@redhat.com)
- Use Fedora registry to pull container images (mhorky@redhat.com)
- 2232316: dbus: check "force" again from the registration option
(ptoscano@redhat.com)
- dbus: run EntCertActionInvoker on PoolAttach (ptoscano@redhat.com)
- ENT-5624: Properly translate error strings (mhorky@redhat.com)
- Mock IOError for Insights fact collection tests (mhorky@redhat.com)
- New extraction for translatable strings (ptoscano@redhat.com)
* Wed Aug 02 2023 Pino Toscano <ptoscano@redhat.com> 1.29.36-1
- Translated using Weblate (Korean) (simmon@nplob.com)
- ENT-5581: Update messaging around the "container mode" (mhorky@redhat.com)
- Remove 'dbus' marker for pytest (mhorky@redhat.com)
- Rewrite D-Bus tests to be testable without pytest-forked (mhorky@redhat.com)
- Drop further ethtool dependency mentions (mhorky@redhat.com)
- tests: fix test_file_monitor without pyinotify (ptoscano@redhat.com)
- tests: switch from imp to importlib (ptoscano@redhat.com)
- Fix the order of user env var checking for translations.
(tkuratom@redhat.com)
- 2215974: Collect network facts using 'ip' (mhorky@redhat.com)
- ENT-5582: Remove container detection envvar overwrite (mhorky@redhat.com)
- ENT-5603: Explicitly check for provided entitlement certificates
(mhorky@redhat.com)
- fix test case (chambrid@redhat.com)
- Collect GCP Project information as cloud facts (chambrid@redhat.com)
- Collect Azure Subscription ID as a cloud fact (#3285) (chambrid@redhat.com)
- ENT-5580: Disable the proper container detection (mhorky@redhat.com)
- spec: convert License to SPDX (ptoscano@redhat.com)
- 2093291: Make reading of cache file more reliable (jhnidek@redhat.com)
- 2093291: Make code of DNF plugins testable (jhnidek@redhat.com)
- spec: change subscription-manager dnf dep (ptoscano@redhat.com)
- spec: update libdnf-plugin-subscription-manager deps (ptoscano@redhat.com)
- tests: repair attach cases in SCA mode (ptoscano@redhat.com)
* Tue May 16 2023 Pino Toscano <ptoscano@redhat.com> 1.29.35-1
- Translated using Weblate (Italian) (toscano.pino@tiscali.it)
- Clean up tests using Cloud What detectors properly (mhorky@redhat.com)
- spec: Obsolete subscription-manager-migration (ptoscano@redhat.com)
- Translated using Weblate (Chinese (Simplified) (zh_CN)) (ljanda@redhat.com)
- Translated using Weblate (Korean) (simmon@nplob.com)
- Translated using Weblate (Georgian) (temuri.doghonadze@gmail.com)
- Translated using Weblate (Italian) (toscano.pino@tiscali.it)
- Update translation files (noreply@weblate.org)
- New extraction for translatable strings (ptoscano@redhat.com)
- Translated using Weblate (Italian) (toscano.pino@tiscali.it)
- Typo fixes (ptoscano@redhat.com)
- Avoid string puzzle (ptoscano@redhat.com)
- Properly use ungettext for plural forms (ptoscano@redhat.com)
- 2189664: cache: fix SyspurposeComplianceStatusCache on failed load
(ptoscano@redhat.com)
- dbus: don't catch exceptions in DomainSocketServer.run()
(ptoscano@redhat.com)
- cli: directly exit on InvalidCLIOptionError (ptoscano@redhat.com)
- Revert "ENT-5549: Fix return code handling of CLI" (ptoscano@redhat.com)
- ci: add dependabot config for GitHub Actions (ptoscano@redhat.com)
- Update .git-blame-ignore-revs (mhorky@redhat.com)
- Format code with black==23.3.0 (mhorky@redhat.com)
- ENT-5535: Update black to version 23.3.0 (mhorky@redhat.com)
* Wed Apr 12 2023 Pino Toscano <ptoscano@redhat.com> 1.29.34-1
- Update TESTING.md (mhorky@redhat.com)
- Improved debug print of http traffic, when proxy is used (jhnidek@redhat.com)
- ENT-5544: Remove Jenkins jobs, Containers (mhorky@redhat.com)
- ENT-5549: Remove unused code from entcertlib (mhorky@redhat.com)
- ENT-5549: Fix issues found when type-hinting (mhorky@redhat.com)
- ENT-5549: Fix return code handling of CLI (mhorky@redhat.com)
- ENT-5549: Fix found type hint issues (mhorky@redhat.com)
- ENT-5549: Fix object instantiation in EntitlementDirectory
(mhorky@redhat.com)
- ENT-5549: Refactor ProductDirectory (mhorky@redhat.com)
- ENT-5549: Change internal implementation for some Cache methods
(mhorky@redhat.com)
- ENT-5549: Clean up _sync_with_server arguments of cache objects
(mhorky@redhat.com)
- ENT-5549: Remove 'autoheal' argument from Action clients (mhorky@redhat.com)
- Refactored code a little bit (jhnidek@redhat.com)
- 2093291: Make locking more reliable (jhnidek@redhat.com)
- test: add simple test for 2178610 (ptoscano@redhat.com)
- Small improvement of debugging of http traffic (jhnidek@redhat.com)
- 2093883: Fix issue with race condition in rhsm.service (jhnidek@redhat.com)
- 2178610: do not collect unentitled products in SCA mode (ptoscano@redhat.com)
- 2174297: register: do a simple strip() on environment(s) input
(ptoscano@redhat.com)
- Stop subclassing 'object' (ptoscano@redhat.com)
- Remove pytest arguments for CentOS 9 Stream image (mhorky@redhat.com)
- tests: Install dnf-plugins-core every time (mhorky@redhat.com)
- 2169251: connection: restore UEPConnection.getJob() (ptoscano@redhat.com) - 2169251: connection: restore UEPConnection.getJob() (ptoscano@redhat.com)
- ENT-5106: Type-hint subscription_manager/ files (mhorky@redhat.com)
* Thu Feb 16 2023 Pino Toscano <ptoscano@redhat.com> 1.29.33-1 * Thu Feb 16 2023 Pino Toscano <ptoscano@redhat.com> 1.29.33-1
- Translated using Weblate (French) (ljanda@redhat.com) - Translated using Weblate (French) (ljanda@redhat.com)