pool/scap-security-guide
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1146536 from security

Browse Source 
- updated to 0.1.72 (jsc#ECO-3319)
  - ANSSI BP 028 profile for debian12 (#11368)
  - Building on Windows (#11406)
  - Control for BSI APP.4.4 (#11342)
  - update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks
  - various fixes to SLE profiles
- add openeuler to -redhat package
- removed ssg-fix-journald.patch: fixed upstream

OBS-URL: https://build.opensuse.org/request/show/1146536
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=34
This commit is contained in:
Ana Guerrero 2024-02-14 22:19:01 +00:00 committed by Git OBS Bridge
commit 96d81ca268
5 changed files with 19 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
scap-security-guide.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Tue Feb 13 16:02:47 UTC 2024 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.72 (jsc#ECO-3319)
- ANSSI BP 028 profile for debian12 (#11368)
- Building on Windows (#11406)
- Control for BSI APP.4.4 (#11342)
- update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks
- various fixes to SLE profiles
- add openeuler to -redhat package
- removed ssg-fix-journald.patch: fixed upstream
-------------------------------------------------------------------
Tue Dec 19 11:04:09 UTC 2023 - Marcus Meissner <meissner@suse.com>

7
scap-security-guide.spec
View File

@ -42,7 +42,7 @@
%endif
Name: scap-security-guide
Version: 0.1.71
Version: 0.1.72
Release: 0
Summary: XCCDF files for SUSE Linux and openSUSE
License: BSD-3-Clause
@ -52,7 +52,6 @@ URL: https://github.com/ComplianceAsCode/content
Packager: SUSE Security Team <security@suse.de>
%endif
Source: https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
Patch0: ssg-fix-journald.patch
# explicit require what is needed by the detection logic in the scripts
Requires: coreutils
@ -191,7 +190,6 @@ Note that the included profiles are community supplied and not officially suppor
%prep
%setup -q -n content-%version
%autopatch -p1
%build
cd build
@ -277,6 +275,7 @@ make install DESTDIR=%buildroot
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-cs9*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-fedora*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-ol*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-openeuler*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-rh*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-sl7*
%dir %{_datadir}/doc/scap-security-guide/tables/
@ -292,6 +291,7 @@ make install DESTDIR=%buildroot
%{_datadir}/scap-security-guide/*/*cs9*
%{_datadir}/scap-security-guide/*/*fedora*
%{_datadir}/scap-security-guide/*/*ol*
%{_datadir}/scap-security-guide/*/*openeuler*
%{_datadir}/scap-security-guide/*/*rh*
%{_datadir}/scap-security-guide/*/*sl7*
%dir %{_datadir}/xml/scap/
@ -301,6 +301,7 @@ make install DESTDIR=%buildroot
%{_datadir}/xml/scap/ssg/content/*-cs9*
%{_datadir}/xml/scap/ssg/content/*-fedora*
%{_datadir}/xml/scap/ssg/content/*-ol*
%{_datadir}/xml/scap/ssg/content/*-openeuler*
%{_datadir}/xml/scap/ssg/content/*-rh*
%{_datadir}/xml/scap/ssg/content/*-sl7*

78
ssg-fix-journald.patch
View File

@ -1,78 +0,0 @@
Index: content-0.1.70/linux_os/guide/system/logging/journald/journald_compress/rule.yml
===================================================================
--- content-0.1.70.orig/linux_os/guide/system/logging/journald/journald_compress/rule.yml
+++ content-0.1.70/linux_os/guide/system/logging/journald/journald_compress/rule.yml
@@ -43,16 +43,6 @@ ocil: |-
<pre>
Compress=yes
</pre>
-{{%- if product == "sle15" %}}
-template:
- name: systemd_dropin_configuration
- vars:
- component: journald
- master_cfg_file: /etc/systemd/journald.conf
- dropin_dir: /etc/systemd/journal.d/
- param: Compress
- value: yes
-{{% else %}}
template:
name: shell_lineinfile
vars:
@@ -60,4 +50,3 @@ template:
parameter: Compress
value: yes
no_quotes: 'true'
-{{% endif -%}}
Index: content-0.1.70/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
===================================================================
--- content-0.1.70.orig/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
+++ content-0.1.70/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
@@ -44,16 +44,6 @@ ocil: |-
ForwardToSyslog=yes
</pre>
-{{%- if product == "sle15" %}}
-template:
- name: systemd_dropin_configuration
- vars:
- component: journald
- master_cfg_file: /etc/systemd/journald.conf
- dropin_dir: /etc/systemd/journal.d/
- param: ForwardToSyslog
- value: yes
-{{% else %}}
template:
name: shell_lineinfile
vars:
@@ -61,4 +51,3 @@ template:
parameter: ForwardToSyslog
value: yes
no_quotes: 'true'
-{{% endif -%}}
Index: content-0.1.70/linux_os/guide/system/logging/journald/journald_storage/rule.yml
===================================================================
--- content-0.1.70.orig/linux_os/guide/system/logging/journald/journald_storage/rule.yml
+++ content-0.1.70/linux_os/guide/system/logging/journald/journald_storage/rule.yml
@@ -43,16 +43,6 @@ ocil: |-
Storage=persistent
</pre>
-{{%- if product == "sle15" %}}
-template:
- name: systemd_dropin_configuration
- vars:
- component: journald
- master_cfg_file: /etc/systemd/journald.conf
- dropin_dir: /etc/systemd/journal.d/
- param: Storage
- value: persistent
-{{% else %}}
template:
name: shell_lineinfile
vars:
@@ -60,4 +50,3 @@ template:
parameter: Storage
value: persistent
no_quotes: 'true'
-{{% endif -%}}

3
v0.1.71.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f8a71930c5ce2da1ec1fa8ec94dfe63e5809448fa5b27bcb14efd2ffdae93ddd
size 8771631

3
v0.1.72.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:830ffde477f2db60fde1b47159bdd071a118298396a9739c840fe7e7c5018641
size 10182588