Accepting request 1198315 from home:rchikov

- updated to 0.1.74 (jsc#ECO-3319)
  - Add Amazon Linux 2023 product (#12006)
  - Introduce new remediation type Kickstart (#12144)
  - Make PAM macros more flexible to variables (#12133)
  - Remove Debian 10 Product (#12205)
  - Remove Red Hat Enterprise Linux 7 product (#12093)
  - Update CIS RHEL9 control file to v2.0.0 (#12067)

OBS-URL: https://build.opensuse.org/request/show/1198315
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=112
This commit is contained in:
Marcus Meissner 2024-09-02 14:26:03 +00:00 committed by Git OBS Bridge
commit af74b29b13
7 changed files with 727 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

7
_constraints Normal file
View File

@ -0,0 +1,7 @@
<constraints>
<hardware>
<disk>
<size unit="G">7</size>
</disk>
</hardware>
</constraints>

342
scap-security-guide.changes Normal file
View File

@ -0,0 +1,342 @@
-------------------------------------------------------------------
Mon Sep 2 13:58:50 UTC 2024 - Rumen Chikov <rumen.chikov@suse.com>
- updated to 0.1.74 (jsc#ECO-3319)
- Add Amazon Linux 2023 product (#12006)
- Introduce new remediation type Kickstart (#12144)
- Make PAM macros more flexible to variables (#12133)
- Remove Debian 10 Product (#12205)
- Remove Red Hat Enterprise Linux 7 product (#12093)
- Update CIS RHEL9 control file to v2.0.0 (#12067)
-------------------------------------------------------------------
Fri May 31 07:52:33 UTC 2024 - Rumen Chikov <rumen.chikov@suse.com>
- updated to 0.1.73 (jsc#ECO-3319)
- CMP 2417: Implement PCI-DSS v4.0 outline for OpenShift (#11651)
- Update all RHEL ANSSI BP028 profiles to be aligned with configuration recommendations version 2.0
- Generate rule references from control files (#11540)
- Initial implementation of STIG V1R1 profile for Ubuntu 22.04 LTS (#11820)
-------------------------------------------------------------------
Tue Feb 13 16:02:47 UTC 2024 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.72 (jsc#ECO-3319)
- ANSSI BP 028 profile for debian12 (#11368)
- Building on Windows (#11406)
- Control for BSI APP.4.4 (#11342)
- update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks
- various fixes to SLE profiles
- add openeuler to -redhat package
- removed ssg-fix-journald.patch: fixed upstream
-------------------------------------------------------------------
Tue Dec 19 11:04:09 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.71 (jsc#ECO-3319)
- Add RHEL 9 STIG
- Add support for Debian 12
- Update PCI-DSS profile for RHEL
- lots of bugfixes and improvements for SLE
- removed left over file
0001-Revert-fix-aide-remediations-add-crontabs.patch upstreamed in 0.1.69
-------------------------------------------------------------------
Wed Dec 6 12:21:53 UTC 2023 - Marcus Meissner <meissner@suse.com>
- ssg-fix-journald.patch: switch buggy journald plugindir remediation
to write into journald.conf. (bsc#1217832)
-------------------------------------------------------------------
Tue Oct 17 14:44:03 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.70 (jsc#ECO-3319)
- Add openembedded distro support (#10793)
- Remove DRAFT wording for OpenShift STIG (#11100)
- Remove test-function-check_playbook_file_removed_and_added test (#10982)
- scap-security-guide: Add Poky support (#11046)
-------------------------------------------------------------------
Wed Aug 2 13:49:20 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.69 (jsc#ECO-3319)
- Introduce a JSON build manifest (#10761)
- Introduce a script to compare ComplianceAsCode versions (#10768)
- Introduce CCN profiles for RHEL9 (#10860)
- Map rules to components (#10609)
- products/anolis23: supports Anolis OS 23 (#10548)
- Render components to HTML (#10709)
- Store rendered control files (#10656)
- Test and use rules to components mapping (#10693)
- Use distributed product properties (#10554)
- 0001-Revert-fix-aide-remediations-add-crontabs.patch: removed, upstream
-------------------------------------------------------------------
Thu Jul 27 06:58:41 UTC 2023 - Marcus Meissner <meissner@suse.com>
- 0001-Revert-fix-aide-remediations-add-crontabs.patch:
revert patch that breaks the SLE hardening (bsc#1213691)
-------------------------------------------------------------------
Thu Jun 15 15:40:16 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.68 (jsc#ECO-3319)
- Bump OL8 STIG version to V1R6
- Introduce a Product class, make the project work with it
- Introduce Fedora and Firefox CaC profiles for common workstation users
- OL7 DISA STIG v2r11 update
- Publish rendered policy artifacts
- Update ANSSI BP-028 to version 2.0
- updated to 0.1.67 (jsc#ECO-3319)
- Add utils/controlrefcheck.py
- RHEL 9 STIG Update Q1 2023
- Include warning for NetworkManager keyfiles in RHEL9
- OL7 stig v2r10 update
- Bump version of OL8 STIG to V1R5
- various enhancements to SLE profiles
- scap-security-guide-UnicodeEncodeError-character-fix.patch: fixed upstream
-------------------------------------------------------------------
Mon Feb 6 15:03:31 UTC 2023 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.66 (jsc#ECO-3319)
 - Ubuntu 22.04 CIS
 - OL7 stig v2r9 update
 - Bump OL8 STIG version to V1R4
 - Update RHEL7 STIG to V3R10
 - Update RHEL8 STIG to V1R9
 - Introduce CIS RHEL9 profiles
- also various SUSE profile fixes were done
-------------------------------------------------------------------
Mon Dec 5 10:44:15 UTC 2022 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.65 (jsc#ECO-3319)
- Introduce cui profile for OL9
- Remove Support for OVAL 5.10
- Rename account_passwords_pam_faillock_audit
- CI ansible hardening and rename of existing Bash hardening
- Update contributors list for v0.1.65 release
- various SUSE profile specific fixes
-------------------------------------------------------------------
Fri Nov 25 13:16:15 UTC 2022 - Marcus Meissner <meissner@suse.com>
- require sudo, as remediations touch sudo config or use sudo.
-------------------------------------------------------------------
Wed Oct 5 09:21:53 UTC 2022 - Marcus Meissner <meissner@suse.com>
- enable ubuntu 2204 build
-------------------------------------------------------------------
Sat Oct 1 08:56:49 UTC 2022 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.64 (jsc#ECO-3319)
- Introduce ol9 stig profile
- Introduce Ol9 anssi profiles
- Update RHEL8 STIG to V1R7
- Introduce e8 profile for OL9
- Update RHEL7 STIG to V3R8
- some SUSE profile fixes
-------------------------------------------------------------------
Wed Sep 21 08:24:30 UTC 2022 - Marcus Meissner <meissner@suse.com>
- Added several RPM requires that are needed by the SUSE remediation
scripts. (e.g. awk is not necessary installed)
-------------------------------------------------------------------
Sat Jul 30 13:59:29 UTC 2022 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.63 (jsc#ECO-3319)
- multiple bugfixes in SUSE profiles
- Expand project guidelines
- Add Draft OCP4 STIG profile
- Add anssi_bp28_intermediary profile
- add products/uos20 to support UnionTech OS Server 20
- products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
- Remove WRLinux Products
- Update CIS RHEL8 Benchmark for v2.0.0
- removed fix-bash-template.patch: fixed upstream
- Fixed: stig: /etc/shadow group owner should not be root but shadow (bsc#1200149)
- Fixed: sles15_script-stig.sh: remediation_functions: No such file or directory (bsc#1200163)
- Fixed: SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity (bsc#1200122)
-------------------------------------------------------------------
Fri Jul 15 11:57:43 UTC 2022 - Julio González Gil <jgonzalez@suse.com>
- Fix the build for RHEL 7 and clones (python-setuptools is used)
-------------------------------------------------------------------
Wed Jul 6 09:26:15 UTC 2022 - Julio González Gil <jgonzalez@suse.com>
- Fix the build for RHEL 9 and clones
-------------------------------------------------------------------
Mon Jun 27 12:59:21 UTC 2022 - Marcus Meissner <meissner@suse.com>
- fix-bash-template.patch: convert one bash emitter to new jinja method.
(bsc#1200163)
-------------------------------------------------------------------
Thu Jun 9 15:31:50 UTC 2022 - Marcus Meissner <meissner@suse.com>
- add python3-setuptools for all builds (so it is also used on debian
and centos flavors)
-------------------------------------------------------------------
Mon May 30 12:48:54 UTC 2022 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.62 (jsc#ECO-3319)
- Update rhel8 stig to v1r6
- OL7 STIG v2r7 update
- Initial definition of ANSSI BP28 minmal profile for SLE
-------------------------------------------------------------------
Mon Apr 4 08:40:40 UTC 2022 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.61 (jsc#ECO-3319)
- Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
- Introduce OL9 product
- Implement handling of logical expressions in platform definitions
-------------------------------------------------------------------
Tue Feb 22 15:19:07 UTC 2022 - Marcus Meissner <meissner@suse.com>
- bump disk size constraints to 7gb to avoid occasional disk fulls failures.
-------------------------------------------------------------------
Thu Jan 27 13:43:18 UTC 2022 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.60 (jsc#ECO-3319)
- New draft stig profile v1r1 for OL8
- New product Amazon EKS platform and initial CIS profiles
- New product CentOS Stream 9, as a derivative from RHEL9 product
-------------------------------------------------------------------
Sat Nov 27 15:39:12 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.59 release (jsc#ECO-3319)
- Support for Debian 11
- NERC CIP profiles for OCP4 and RHCOS
- HIPAA profile for SLE15
- Delta Tailoring Files for STIG profiles
-------------------------------------------------------------------
Wed Oct 6 09:00:15 UTC 2021 - Alexander Bergmann <abergmann@suse.com>
- Fix SLE-12 build issue caused by '\xb0' character (bsc#1191431).
- Add scap-security-guide-UnicodeEncodeError-character-fix.patch
-------------------------------------------------------------------
Fri Sep 24 15:16:30 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.58 release (jsc#ECO-3319)
- Support for Script Checking Engine (SCE)
- Split RHEL 8 CIS profile using new controls file format
- CIS Profiles for SLE12
- Initial Ubuntu 20.04 STIG Profiles
- Addition of an automated CCE adder
-------------------------------------------------------------------
Tue Jul 13 14:41:16 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.57 release (jsc#ECO-3319)
- CIS profile for RHEL 7 is updated
- initial CIS profiles for Ubuntu 20.04
- Major improvement of RHEL 9 content
- new release process implemented using Github actions
-------------------------------------------------------------------
Wed Jun 2 15:03:42 UTC 2021 - Julio González Gil <jgonzalez@suse.com>
- Specify the maintainer, for deb packages.
-------------------------------------------------------------------
Wed May 26 15:19:40 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.56 release (jsc#ECO-3319)
- Align ism_o profile with latest ISM SSP (#6878)
- Align RHEL 7 STIG profile with DISA STIG V3R3
- Creating new RHEL 7 STIG GUI profile (#6863)
- Creating new RHEL 8 STIG GUI profile (#6862)
- Add the RHEL9 product (#6801)
- Initial support for SUSE SLE-15 (#6666)
- add support for osbuild blueprint remediations (#6970)
-------------------------------------------------------------------
Wed Mar 24 13:25:26 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to a intermediate GIT snapshot of 20210323 (jsc#ECO-3319)
- initial SLES15 STIG added
- more SLES 12 STIG work
- correct tables and cross references for SLES 12 and 15 STIG
-------------------------------------------------------------------
Fri Mar 19 15:08:35 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.55 release (jsc#ECO-3319)
- big update of rules used in SLES-12 STIG profile
- Render policy to HTML (#6532)
- Add variable support to yamlfile_value template (#6563)
- Introduce new template for dconf configuration files (#6118)
- avoid some non sles12 sp2 available macros.
-------------------------------------------------------------------
Fri Mar 12 14:14:10 UTC 2021 - Julio González Gil <jgonzalez@suse.com>
- Add the redhat conflict for packages built on redhat clones
or Fedora
-------------------------------------------------------------------
Fri Feb 26 08:45:24 UTC 2021 - Marcus Meissner <meissner@suse.com>
- remove redhat conflict.
-------------------------------------------------------------------
Sun Feb 7 10:42:34 UTC 2021 - Marcus Meissner <meissner@suse.com>
- added Redhat, Debian, Ubuntu products, split off into seperate
packages for size.
-------------------------------------------------------------------
Wed Feb 3 23:55:30 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update descriptions, modernize specfile constructs.
-------------------------------------------------------------------
Wed Feb 3 14:07:22 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.54 version
-------------------------------------------------------------------
Wed Feb 3 10:23:50 UTC 2021 - Marcus Meissner <meissner@suse.com>
- updated to 0.1.53 version, adjusted some things.
-------------------------------------------------------------------
Tue May 14 11:55:47 UTC 2019 - Brice DEKANY <brice.dekany@suse.com>
- New specfile
- build for openSUSE + Backport
-------------------------------------------------------------------
Tue May 14 11:27:26 UTC 2019 - Brice DEKANY <brice.dekany@suse.com>
- Switch to new formating from ComplianceAsCode
- Project is now hosted by github.com/openSUSE
-------------------------------------------------------------------
Fri Mar 16 12:12:56 UTC 2018 - brice.dekany@suse.com
- Add a first batch of SEVERITY CAT II Rules
-------------------------------------------------------------------
Wed Jan 17 10:14:09 UTC 2018 - brice.dekany@suse.com
- Add fixes for SEVERITY CAT I
-------------------------------------------------------------------
Thu Jan 4 21:05:16 UTC 2018 - brice.dekany@suse.com
- Initial version of xccdf for Severty CAT I

348
scap-security-guide.spec Normal file
View File

@ -0,0 +1,348 @@
#
# spec file for package scap-security-guide
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%if ! (0%{?fedora} || 0%{?rhel} > 5)
%if "%{_vendor}" == "debbuild"
%global __python /usr/bin/python3
%endif
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
%endif
%if 0%{?fedora} || 0%{?rhel} >= 8
%{!?pylint_check: %global pylint_check 0}
%endif
%if 0%{?fedora} || 0%{?suse_version} > 1320 || 0%{?rhel} >= 8 || "%{_vendor}" == "debbuild"
%global build_py3 1
%if "%{_vendor}" != "debbuild"
%global python_sitelib %{python3_sitelib}
%endif
%endif
%if 0%{?fedora} || 0%{?rhel} >= 8
%global python2prefix python2
%else
%global python2prefix python
%endif
Name: scap-security-guide
Version: 0.1.74
Release: 0
Summary: XCCDF files for SUSE Linux and openSUSE
License: BSD-3-Clause
Group: Productivity/Security
URL: https://github.com/ComplianceAsCode/content
%if "%{_vendor}" == "debbuild"
Packager: SUSE Security Team <security@suse.de>
%endif
Source: https://github.com/ComplianceAsCode/content/archive/v%{version}.tar.gz
# explicit require what is needed by the detection logic in the scripts
Requires: coreutils
Requires: findutils
Requires: gawk
Requires: grep
Requires: sed
Requires: sudo
Requires: zypper
BuildRequires: cmake
%if "%{_vendor}" == "debbuild"
%{!?_licensedir:%global license %%doc}
BuildRequires: libopenscap8
BuildRequires: libxml2-utils
BuildRequires: libxslt1.1
BuildRequires: xsltproc
%else
BuildRequires: libxslt
BuildRequires: openscap-utils
%endif
%if 0%{?rhel} == 7
BuildRequires: python-setuptools
%else
BuildRequires: python3-setuptools
%endif
%if 0%{?rhel} == 8
BuildRequires: python3
%endif
%if 0%{?suse_version}
BuildRequires: python3-xml
%endif
%if 0%{?rhel} == 7
BuildRequires: PyYAML
%else
%if 0%{?rhel} == 8
BuildRequires: python3-pyyaml
%else
%if "%{_vendor}" == "debbuild"
BuildRequires: python3-yaml
%else
BuildRequires: python3-PyYAML
%endif
%endif
%endif
%if 0%{?rhel} == 7
BuildRequires: python-jinja2
%else
%if 0%{?rhel} >= 8
BuildRequires: python3-jinja2
%else
%if "%{_vendor}" == "debbuild"
BuildRequires: python3-jinja2
%else
BuildRequires: python3-Jinja2
%endif
%endif
%endif
BuildRequires: expat
BuildRequires: libxml2
# not on SLES currently
%if 0%{?is_opensuse} || 0%{?fedora} || "%{_vendor}" == "debbuild"
BuildRequires: ansible
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
%description
Security Content Automation Protocol (SCAP) Security Guide for SUSE Linux.
This package contains XCCDF (Extensible Configuration Checklist
Description Format), OVAL (Open Vulnerability and Assessment
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on SLE12, SLE15 and openSUSE
SUSE supported in this version of scap-security-guide:
- DISA STIG profile for SUSE Linux Enterprise Server 12 and 15
- ANSSI-BP-028 profile for SUSE Linux Enterprise Server 12 and 15
- PCI-DSS profile for SUSE Linux Enterprise Server 12 and 15
- HIPAA profile for SUSE Linux Enterprise Server 12 and 15
- CIS profile for SUSE Linux Enterprise Server 12 and 15
- Hardening for Public Cloud Image of SUSE Linux Enterprise Server for SAP Applications 15
- Public Cloud Hardening for SUSE Linux Enterprise 15
Other profiles, like the Standard System Security Profile for SUSE Linux Enterprise 12 and 15,
are community supplied and not officially supported by SUSE.
%package redhat
Summary: XCCDF files for RHEL, CentOS, Fedora and ScientificLinux
Group: Productivity/Security
%if 0%{?fedora} || 0%{?rhel}
Conflicts: scap-security-guide
%endif
%description redhat
Security Content Automation Protocol (SCAP) Security Guide for Redhat/Fedora/CentOS/OracleLinux/ScientificLinux.
This package contains XCCDF (Extensible Configuration Checklist
Description Format), OVAL (Open Vulnerability and Assessment
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on various Redhat products, CentOS, Oracle Linux, Fedora and ScientificLinux.
Note that the included profiles are community supplied and not officially supported by SUSE..
%package debian
Summary: XCCDF files for Debian
Group: Productivity/Security
%description debian
Security Content Automation Protocol (SCAP) Security Guide for Debian.
This package contains XCCDF (Extensible Configuration Checklist
Description Format), OVAL (Open Vulnerability and Assessment
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on Debian.
Note that the included profiles are community supplied and not officially supported by SUSE..
%package ubuntu
Summary: XCCDF files for Ubuntu
Group: Productivity/Security
%description ubuntu
Security Content Automation Protocol (SCAP) Security Guide for Ubuntu.
This package contains XCCDF (Extensible Configuration Checklist
Description Format), OVAL (Open Vulnerability and Assessment
Language), CPE (Common Platform Enumeration) and DS (Data Stream)
files to run a compliance test on Ubuntu.
Note that the included profiles are community supplied and not officially supported by SUSE..
%prep
%setup -q -n content-%version
%build
cd build
cmake -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DCMAKE_INSTALL_MANDIR=%{_mandir} \
-DSSG_PRODUCT_CHROMIUM=OFF \
-DSSG_PRODUCT_ALINUX2=OFF \
-DSSG_PRODUCT_ALINUX3=OFF \
-DSSG_PRODUCT_DEBIAN9=ON \
-DSSG_PRODUCT_DEBIAN10=ON \
-DSSG_PRODUCT_DEFAULT=ON \
-DSSG_PRODUCT_EXAMPLE=OFF \
-DSSG_PRODUCT_FEDORA=ON \
-DSSG_PRODUCT_FIREFOX=OFF \
-DSSG_PRODUCT_FUSE6=OFF \
-DSSG_PRODUCT_JRE=OFF \
-DSSG_PRODUCT_MACOS1015=OFF \
-DSSG_PRODUCT_OCP4=OFF \
-DSSG_PRODUCT_OL7=ON \
-DSSG_PRODUCT_OL8=ON \
-DSSG_PRODUCT_OL9=ON \
-DSSG_PRODUCT_OPENSUSE=ON \
-DSSG_PRODUCT_OPENEMBEDDED=OFF \
-DSSG_PRODUCT_RHCOS4=ON \
-DSSG_PRODUCT_RHEL7=ON \
-DSSG_PRODUCT_RHEL8=ON \
-DSSG_PRODUCT_RHEL9=ON \
-DSSG_PRODUCT_RHOSP10=ON \
-DSSG_PRODUCT_RHOSP13=ON \
-DSSG_PRODUCT_RHV4=ON \
-DSSG_PRODUCT_SLE12=ON \
-DSSG_PRODUCT_SLE15=ON \
-DSSG_PRODUCT_UBUNTU1604=ON \
-DSSG_PRODUCT_UBUNTU1804=ON \
-DSSG_PRODUCT_UBUNTU2004=ON \
-DSSG_PRODUCT_UBUNTU2204=ON \
-DSSG_PRODUCT_UOS20=OFF \
-DSSG_PRODUCT_VSEL=OFF \
-DSSG_PRODUCT_EKS=OFF \
-DSSG_PRODUCT_WRLINUX8=OFF \
-DSSG_PRODUCT_WRLINUX1019=OFF \
-DSSG_PRODUCT_ANOLIS8=OFF \
-DSSG_PRODUCT_ANOLIS23=OFF \
../
make
%install
cd build/
make install DESTDIR=%buildroot
%files
%if "%{_vendor}" != "debbuild"
%license LICENSE
%endif
%dir %{_datadir}/doc/scap-security-guide/
%{_datadir}/doc/scap-security-guide/Contributors.md
%{_datadir}/doc/scap-security-guide/README.md
%{_datadir}/doc/scap-security-guide/LICENSE
%dir %{_datadir}/doc/scap-security-guide/guides/
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-sle*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-opensuse*
%dir %{_datadir}/doc/scap-security-guide/tables/
%doc %{_datadir}/doc/scap-security-guide/tables/table-sle*
%doc %{_mandir}/man8/scap-security-guide.8.gz
%dir %{_datadir}/scap-security-guide/
%dir %{_datadir}/scap-security-guide/ansible/
%dir %{_datadir}/scap-security-guide/bash/
%dir %{_datadir}/scap-security-guide/kickstart/
%{_datadir}/scap-security-guide/*/opensuse*
%{_datadir}/scap-security-guide/*/sle*
%dir %{_datadir}/xml/scap/
%dir %{_datadir}/xml/scap/ssg/
%dir %{_datadir}/xml/scap/ssg/content/
%{_datadir}/xml/scap/ssg/content/*-sle*
%{_datadir}/xml/scap/ssg/content/*-opensuse*
%files redhat
%if "%{_vendor}" != "debbuild"
%license LICENSE
%endif
%dir %{_datadir}/doc/scap-security-guide/guides/
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-centos*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-cs9*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-fedora*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-ol*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-openeuler*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-rh*
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-sl7*
%dir %{_datadir}/doc/scap-security-guide/tables/
%doc %{_datadir}/doc/scap-security-guide/tables/table-ol*
%doc %{_datadir}/doc/scap-security-guide/tables/table-rh*
%dir %{_datadir}/doc/scap-security-guide/
%dir %{_datadir}/scap-security-guide/
%dir %{_datadir}/scap-security-guide/ansible/
%dir %{_datadir}/scap-security-guide/tailoring/
%dir %{_datadir}/scap-security-guide/bash/
%dir %{_datadir}/scap-security-guide/kickstart/
%{_datadir}/scap-security-guide/*/*centos*
%{_datadir}/scap-security-guide/*/*cs9*
%{_datadir}/scap-security-guide/*/*fedora*
%{_datadir}/scap-security-guide/*/*ol*
%{_datadir}/scap-security-guide/*/*openeuler*
%{_datadir}/scap-security-guide/*/*rh*
%{_datadir}/scap-security-guide/*/*sl7*
%dir %{_datadir}/xml/scap/
%dir %{_datadir}/xml/scap/ssg/
%dir %{_datadir}/xml/scap/ssg/content/
%{_datadir}/xml/scap/ssg/content/*-centos*
%{_datadir}/xml/scap/ssg/content/*-cs9*
%{_datadir}/xml/scap/ssg/content/*-fedora*
%{_datadir}/xml/scap/ssg/content/*-ol*
%{_datadir}/xml/scap/ssg/content/*-openeuler*
%{_datadir}/xml/scap/ssg/content/*-rh*
%{_datadir}/xml/scap/ssg/content/*-sl7*
%files debian
%if "%{_vendor}" != "debbuild"
%license LICENSE
%endif
%dir %{_datadir}/doc/scap-security-guide/guides/
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-debian*
%dir %{_datadir}/doc/scap-security-guide/tables/
%dir %{_datadir}/doc/scap-security-guide/
%dir %{_datadir}/scap-security-guide/
%dir %{_datadir}/scap-security-guide/ansible/
%dir %{_datadir}/scap-security-guide/bash/
%dir %{_datadir}/scap-security-guide/kickstart/
%{_datadir}/scap-security-guide/*/*debian*
%dir %{_datadir}/xml/scap/
%dir %{_datadir}/xml/scap/ssg/
%dir %{_datadir}/xml/scap/ssg/content/
%{_datadir}/xml/scap/ssg/content/*-debian*
%files ubuntu
%if "%{_vendor}" != "debbuild"
%license LICENSE
%endif
%dir %{_datadir}/doc/scap-security-guide/guides/
%doc %{_datadir}/doc/scap-security-guide/guides/ssg-ubuntu*
%dir %{_datadir}/doc/scap-security-guide/tables/
%dir %{_datadir}/doc/scap-security-guide/
%dir %{_datadir}/scap-security-guide/
%dir %{_datadir}/scap-security-guide/ansible/
%dir %{_datadir}/scap-security-guide/bash/
%dir %{_datadir}/scap-security-guide/kickstart/
%{_datadir}/scap-security-guide/*/*ubuntu*
%dir %{_datadir}/xml/scap/
%dir %{_datadir}/xml/scap/ssg/
%dir %{_datadir}/xml/scap/ssg/content/
%{_datadir}/xml/scap/ssg/content/*-ubuntu*
%changelog

3
v0.1.73.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4775f07e279f52e069bf2bc152c28d915a36f0d6ade7c01b498a85f96c285fa4
size 10550630

3
v0.1.74.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a88612e3f7b609fae910f4bce0c6362df80aa396ec533aab868f5c155f86239b
size 10518768