Hello community,

here is the log from the commit of package openscap for openSUSE:Factory 
checked in at 2018-03-07 10:35:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openscap (Old)
 and      /work/SRC/openSUSE:Factory/.openscap.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "openscap"

Wed Mar  7 10:35:14 2018 rev:55 rq:583006 version:1.2.16

Changes:
--------
--- /work/SRC/openSUSE:Factory/openscap/openscap.changes        2018-02-23 
15:29:35.158982339 +0100
+++ /work/SRC/openSUSE:Factory/.openscap.new/openscap.changes   2018-03-07 
10:35:17.353154897 +0100
@@ -1,0 +2,11 @@
+Mon Mar  5 15:11:19 UTC 2018 - jeng...@inai.de
+
+- Replace old $RPM_* shell vars.
+
+-------------------------------------------------------------------
+Mon Mar  5 12:39:51 UTC 2018 - meiss...@suse.com
+
+- replace oscap-scan.init by oscap-scan.service, add a /usr/bin/oscap-scan
+  helper tool for this. (bsc#1083115)
+
+-------------------------------------------------------------------

Old:
----
  oscap-scan.init

New:
----
  oscap-scan.service
  oscap-scan.sh

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ openscap.spec ++++++
--- /var/tmp/diff_new_pack.PzLjo6/_old  2018-03-07 10:35:19.157089827 +0100
+++ /var/tmp/diff_new_pack.PzLjo6/_new  2018-03-07 10:35:19.165089539 +0100
@@ -28,13 +28,14 @@
 Version:        1.2.16
 Release:        1.0
 Source:         https://github.com/OpenSCAP/openscap/archive/%{version}.tar.gz
-Source1:        oscap-scan.init
 Source2:        sysconfig.oscap-scan
 # SUSE specific profile, based on yast2-security
 # checks.
 # Generated from http://gitorious.org/test-suite/scap
 Source3:        scap-yast2sec-xccdf.xml
 Source4:        scap-yast2sec-oval.xml
+Source5:        oscap-scan.service
+Source6:        oscap-scan.sh
 Url:            http://www.open-scap.org/
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  doxygen
@@ -62,8 +63,9 @@
 BuildRequires:  swig
 BuildRequires:  unixODBC-devel
 Summary:        A Set of Libraries for Integration with SCAP
-License:        LGPL-2.1+
+License:        LGPL-2.1-or-later
 Group:          Development/Tools/Other
+BuildRequires:  systemd-rpm-macros
 
 %description
 OpenSCAP is a set of open source libraries providing an easier path for
@@ -142,7 +144,8 @@
 Summary:        Openscap utilities
 Group:          System/Monitoring
 Requires:       %{name} = %{version}-%{release}
-PreReq:         %insserv_prereq %fillup_prereq
+PreReq:         %fillup_prereq
+%systemd_requires
 
 %description    utils
 The %{name}-utils package contains various utilities based on %{name} library.
@@ -195,17 +198,20 @@
 # last python2 user in oscap-utils ... needs porting to python3
 rm %{buildroot}/usr/bin/scap-as-rpm
 
-mkdir -p $RPM_BUILD_ROOT%{_fillupdir}
-install -d -m 755 $RPM_BUILD_ROOT%{_initrddir}
-install -p -m 755 %{SOURCE1} $RPM_BUILD_ROOT%{_initrddir}/oscap-scan
-install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_fillupdir}
+mkdir -p %{buildroot}/%{_fillupdir}
+install -m 644 %{SOURCE2} %{buildroot}/%{_fillupdir}
 
-install -m 644 %{SOURCE3}  $RPM_BUILD_ROOT/%{_datadir}/openscap
-install -m 644 %{SOURCE4}  $RPM_BUILD_ROOT/%{_datadir}/openscap
+install -m 644 %{SOURCE3} %{buildroot}/%{_datadir}/openscap
+install -m 644 %{SOURCE4} %{buildroot}/%{_datadir}/openscap
+
+# specific local scan during boot script
+mkdir -p %{buildroot}/%{_unitdir}
+install -m 644 %{SOURCE5} %{buildroot}/%{_unitdir}/oscap-scan.service
+install -m 755 %{SOURCE6} %{buildroot}/%{_bindir}/oscap-scan
 
 # create symlinks to default content
-ln -s  %{_datadir}/openscap/scap-yast2sec-oval.xml 
$RPM_BUILD_ROOT/%{_datadir}/openscap/scap-oval.xml
-ln -s  %{_datadir}/openscap/scap-yast2sec-xccdf.xml 
$RPM_BUILD_ROOT/%{_datadir}/openscap/scap-xccdf.xml
+ln -s  %{_datadir}/openscap/scap-yast2sec-oval.xml 
%{buildroot}/%{_datadir}/openscap/scap-oval.xml
+ln -s  %{_datadir}/openscap/scap-yast2sec-xccdf.xml 
%{buildroot}/%{_datadir}/openscap/scap-xccdf.xml
 
 %post -n libopenscap%{sover} -p /sbin/ldconfig
 %post -n libopenscap_sce%{sover} -p /sbin/ldconfig
@@ -214,14 +220,17 @@
 %postun -n libopenscap_sce%{sover} -p /sbin/ldconfig
 
 %preun utils
-%{stop_on_removal oscap-scan}
+%service_del_preun oscap-scan.service
 
 %post utils
-%{fillup_and_insserv -n oscap-scan}
+%service_add_post oscap-scan.service
+%{fillup_only -n oscap-scan}
 
 %postun utils
-%{restart_on_update oscap-scan}
-%{insserv_cleanup}
+%service_del_postun oscap-scan.service
+
+%pre utils
+%service_add_pre oscap-scan.service
 
 %files
 %defattr(-, root, root)
@@ -300,10 +309,11 @@
 %defattr(-,root,root,-)
 %{_fillupdir}/sysconfig.oscap-scan
 %doc docs/oscap-scan.cron
-%{_initrddir}/oscap-scan
 %{_mandir}/man8/*
+%{_unitdir}/oscap-scan.service
 %{_bindir}/oscap
 %{_bindir}/oscap-vm
+%{_bindir}/oscap-scan
 %{_bindir}/oscap-ssh
 %{_bindir}/oscap-chroot
 # currently not shipped as it is still python2

++++++ oscap-scan.service ++++++
[Unit]
Description=OpenSCAP security scanner
Wants=local-fs.target
After=local-fs.target

[Service]
Type=forking
EnvironmentFile=-/etc/sysconfig/oscap-scan
ExecStart=/usr/bin/oscap $OPTIONS

[Install]
WantedBy=multi-user.target
++++++ oscap-scan.sh ++++++
#!/bin/bash

PATH=/sbin:/bin:/usr/sbin:/usr/bin
prog="oscap"

# Check config
test -f /etc/sysconfig/oscap-scan && . /etc/sysconfig/oscap-scan

RETVAL=0

test -f /etc/sysconfig/oscap-scan || exit 6

test x"$OPTIONS" != "x" || exit 6

$prog $OPTIONS

ERR=$?
if [ $ERR -eq 0 ] ; then
        logger "OpenSCAP security scan: PASS"
elif [ $ERR -eq 1 ] ; then
        logger "OpenSCAP security scan: ERROR. Run oscap scan from command 
line."
else
        logger "OpenSCAP security scan: FAILED. See results in 
/var/log/oscap-scan.xml.log"
fi

exit 0

Reply via email to