From 200d11382cd603363878521a66dc6c06e0b4253b Mon Sep 17 00:00:00 2001 From: Zhao Hang Date: Tue, 27 Aug 2024 10:23:26 +0800 Subject: [PATCH 1/3] update to scap-security-guide-0.1.74-3.src.rpm Signed-off-by: Zhao Hang --- download | 3 +- scap-security-guide.spec | 59 +++++++++++++++++++++------------------- 2 files changed, 33 insertions(+), 29 deletions(-) diff --git a/download b/download index db0e0a4..e15f417 100644 --- a/download +++ b/download @@ -1,2 +1,3 @@ 219c992603514558e5f6f3d29adaa534 scap-security-guide-0.1.52-2.el7_9-rhel6.tar.bz2 -6fbaea66cae3aa3148ad98578dcc603d scap-security-guide-0.1.73.tar.bz2 +8cf987028930d5baf17214fb65ad8b6b scap-security-guide-0.1.73-1.el7_9-rhel7.tar.bz2 +70e27d8bb68eb1f11c93c75e1b49f7c7 scap-security-guide-0.1.74.tar.bz2 diff --git a/scap-security-guide.spec b/scap-security-guide.spec index c8a312a..c9c7b35 100644 --- a/scap-security-guide.spec +++ b/scap-security-guide.spec @@ -1,13 +1,14 @@ -%define anolis_release .0.1 # Base name of static rhel6 content tarball %global _static_rhel6_content %{name}-0.1.52-2.el7_9-rhel6 +# Base name of static rhel7 content tarball +%global _static_rhel7_content %{name}-0.1.73-1.el7_9-rhel7 # https://fedoraproject.org/wiki/Changes/CMake_to_do_out-of-source_builds %global _vpath_builddir build # global _default_patch_fuzz 2 # Normally shouldn't be needed as patches should apply cleanly Name: scap-security-guide -Version: 0.1.73 -Release: 1%{anolis_release}%{?dist} +Version: 0.1.74 +Release: 3%{?dist} Summary: Security guidance and baselines in SCAP formats License: BSD-3-Clause Group: Applications/System @@ -15,6 +16,8 @@ URL: https://github.com/ComplianceAsCode/content/ Source0: https://github.com/ComplianceAsCode/content/releases/download/v%{version}/scap-security-guide-%{version}.tar.bz2 # Include tarball with last released rhel6 content Source1: %{_static_rhel6_content}.tar.bz2 +# Include tarball with last released rhel7 content +Source2: %{_static_rhel7_content}.tar.bz2 BuildArch: noarch @@ -52,14 +55,6 @@ The %{name}-doc package contains HTML formatted documents containing hardening guidances that have been generated from XCCDF benchmarks present in %{name} package. -%package extra -Summary: Extra files package -Group: System Environment/Base -Requires: %{name} = %{version}-%{release} - -%description extra -The %{name}-extra package contains various situation guidebooks - %if ( %{defined rhel} && (! %{defined centos}) ) %package rule-playbooks Summary: Ansible playbooks per each rule. @@ -71,7 +66,7 @@ The %{name}-rule-playbooks package contains individual ansible playbooks per rul %endif %prep -%autosetup -p1 -b1 +%setup -q -b1 -b2 %build mkdir -p build @@ -82,7 +77,6 @@ cd build -DSSG_PRODUCT_RHEL8:BOOLEAN=TRUE \ -DSSG_PRODUCT_FIREFOX:BOOLEAN=TRUE \ -DSSG_PRODUCT_JRE:BOOLEAN=TRUE \ --DSSG_PRODUCT_ANOLIS8:BOOLEAN=TRUE \ %if %{defined centos} -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON \ %else @@ -104,12 +98,17 @@ cp -r %{_builddir}/%{_static_rhel6_content}/usr %{buildroot} cp -r %{_builddir}/%{_static_rhel6_content}/tables %{buildroot}%{_docdir}/%{name} cp -r %{_builddir}/%{_static_rhel6_content}/guides %{buildroot}%{_docdir}/%{name} +# Manually install pre-built rhel7 content +cp -r %{_builddir}/%{_static_rhel7_content}/usr %{buildroot} +cp -r %{_builddir}/%{_static_rhel7_content}/tables %{buildroot}%{_docdir}/%{name} +cp -r %{_builddir}/%{_static_rhel7_content}/guides %{buildroot}%{_docdir}/%{name} + +# create symlinks for ssg--ds-1.2.xml to ssg--ds.xml +# this is for backward compatibility +ln -s ssg-rhel8-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-rhel8-ds-1.2.xml +ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefox-ds-1.2.xml + %files -%exclude %{_datadir}/%{name}/ansible/rhel* -%exclude %{_datadir}/%{name}/bash/rhel* -%exclude %{_datadir}/%{name}/kickstart/ssg-rhel* -%exclude %{_datadir}/%{name}/tailoring/rhel* -%exclude %{_datadir}/xml/scap/ssg/content/ssg-rhel* %{_datadir}/xml/scap/ssg/content %{_datadir}/%{name}/kickstart %{_datadir}/%{name}/ansible @@ -127,13 +126,6 @@ cp -r %{_builddir}/%{_static_rhel6_content}/guides %{buildroot}%{_docdir}/%{name %doc %{_docdir}/%{name}/guides/*.html %doc %{_docdir}/%{name}/tables/*.html -%files extra -%{_datadir}/%{name}/ansible/rhel* -%{_datadir}/%{name}/bash/rhel* -%{_datadir}/%{name}/kickstart/ssg-rhel* -%{_datadir}/%{name}/tailoring/rhel* -%{_datadir}/xml/scap/ssg/content/ssg-rhel* - %if ( %{defined rhel} && (! %{defined centos}) ) %files rule-playbooks %defattr(-,root,root,-) @@ -141,9 +133,20 @@ cp -r %{_builddir}/%{_static_rhel6_content}/guides %{buildroot}%{_docdir}/%{name %endif %changelog -* Mon Jul 22 2024 Chang Gao - 0.1.73-1.0.1 -- Add extra package -- Add product for Anolis8 (#9770)(Yuqing) +* Mon Aug 19 2024 Vojtech Polasek - 0.1.74-3 +- fix build +- keep firefox and rhel8 ds-1.2 files in the package in form of symbolic links to regular ds files + +* Fri Aug 16 2024 Vojtech Polasek - 0.1.74-2 +- include RHEL 7 artifacts from the last RHEL 7 build + +* Fri Aug 09 2024 Matthew Burket - 0.1.74-1 +- Rebase to a new upstream release 0.1.74 (RHEL-53913) +- Improve Rsyslog rules to support RainerScript syntax (RHEL-1816) +- Update password hashing settings for ANSSI-BP-028 (RHEL-54390) + +* Wed Aug 07 2024 Milan Lysonek - 0.1.73-2 +- Switch gating to tmt plan (RHEL-43242) * Tue May 21 2024 Jan Černý - 0.1.73-1 - Rebase scap-security-guide package to version 0.1.73 (RHEL-36733) -- Gitee From 2ebf157b77efc37b6d018e11fea1f95d32b1a526 Mon Sep 17 00:00:00 2001 From: "taifu.gc" Date: Thu, 10 Nov 2022 02:22:35 +0800 Subject: [PATCH 2/3] Add extra package --- scap-security-guide.spec | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/scap-security-guide.spec b/scap-security-guide.spec index c9c7b35..b6c0e2a 100644 --- a/scap-security-guide.spec +++ b/scap-security-guide.spec @@ -1,3 +1,4 @@ +%define anolis_release .0.1 # Base name of static rhel6 content tarball %global _static_rhel6_content %{name}-0.1.52-2.el7_9-rhel6 # Base name of static rhel7 content tarball @@ -8,7 +9,7 @@ Name: scap-security-guide Version: 0.1.74 -Release: 3%{?dist} +Release: 3%{anolis_release}%{?dist} Summary: Security guidance and baselines in SCAP formats License: BSD-3-Clause Group: Applications/System @@ -55,6 +56,14 @@ The %{name}-doc package contains HTML formatted documents containing hardening guidances that have been generated from XCCDF benchmarks present in %{name} package. +%package extra +Summary: Extra files package +Group: System Environment/Base +Requires: %{name} = %{version}-%{release} + +%description extra +The %{name}-extra package contains various situation guidebooks + %if ( %{defined rhel} && (! %{defined centos}) ) %package rule-playbooks Summary: Ansible playbooks per each rule. @@ -109,6 +118,11 @@ ln -s ssg-rhel8-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-rhel8-ds ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefox-ds-1.2.xml %files +%exclude %{_datadir}/%{name}/ansible/rhel* +%exclude %{_datadir}/%{name}/bash/rhel* +%exclude %{_datadir}/%{name}/kickstart/ssg-rhel* +%exclude %{_datadir}/%{name}/tailoring/rhel* +%exclude %{_datadir}/xml/scap/ssg/content/ssg-rhel* %{_datadir}/xml/scap/ssg/content %{_datadir}/%{name}/kickstart %{_datadir}/%{name}/ansible @@ -126,6 +140,13 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo %doc %{_docdir}/%{name}/guides/*.html %doc %{_docdir}/%{name}/tables/*.html +%files extra +%{_datadir}/%{name}/ansible/rhel* +%{_datadir}/%{name}/bash/rhel* +%{_datadir}/%{name}/kickstart/ssg-rhel* +%{_datadir}/%{name}/tailoring/rhel* +%{_datadir}/xml/scap/ssg/content/ssg-rhel* + %if ( %{defined rhel} && (! %{defined centos}) ) %files rule-playbooks %defattr(-,root,root,-) @@ -133,6 +154,9 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo %endif %changelog +* Tue Aug 27 2024 Chang Gao - 0.1.74-3.0.1 +- Add extra package + * Mon Aug 19 2024 Vojtech Polasek - 0.1.74-3 - fix build - keep firefox and rhel8 ds-1.2 files in the package in form of symbolic links to regular ds files -- Gitee From c9fd28fe36a7447c1c5f56a6ba0091d86eba5022 Mon Sep 17 00:00:00 2001 From: qhw01063182 Date: Thu, 23 Feb 2023 16:49:16 +0800 Subject: [PATCH 3/3] Add product for Anolis8 Signed-off-by: qhw01063182 --- scap-security-guide.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scap-security-guide.spec b/scap-security-guide.spec index b6c0e2a..b9d8464 100644 --- a/scap-security-guide.spec +++ b/scap-security-guide.spec @@ -86,6 +86,7 @@ cd build -DSSG_PRODUCT_RHEL8:BOOLEAN=TRUE \ -DSSG_PRODUCT_FIREFOX:BOOLEAN=TRUE \ -DSSG_PRODUCT_JRE:BOOLEAN=TRUE \ +-DSSG_PRODUCT_ANOLIS8:BOOLEAN=TRUE \ %if %{defined centos} -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON \ %else @@ -156,6 +157,7 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo %changelog * Tue Aug 27 2024 Chang Gao - 0.1.74-3.0.1 - Add extra package +- Add product for Anolis8 (#9770)(Yuqing) * Mon Aug 19 2024 Vojtech Polasek - 0.1.74-3 - fix build -- Gitee