[PATCH] [Fedora] Introduce SSG manual page. Fix previous changelog date typo. Create 0.1-2 version

Mon, 14 Oct 2013 08:27:16 -0700 

The following proposal performs:
* include manual page for scap-security-guide in Fedora too
  (fixes --w no-documentation rpmlint's warning),
* fixes previous date Fedora spec's typo,
* merge previous Fedora spec's changelog entries into
  one to create new upstream scap-security-guide-0.1-2 version
  (me to be able to schedule Fedora package review request).

Please review.

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
From c7f9a923c8bc383c139cc65a480b07f8a09cbfe1 Mon Sep 17 00:00:00 2001
From: Jan Lieskovsky <[email protected]>
Date: Mon, 14 Oct 2013 17:13:44 +0200
Subject: [PATCH] [Fedora] Introduce SSG manual page. Fix previous changelog
 date typo. Create 0.1-2 version


Signed-off-by: Jan Lieskovsky <[email protected]>
---
 Fedora/input/auxiliary/scap-security-guide.8 | 89 ++++++++++++++++++++++++++++
 Fedora/scap-security-guide.spec              | 31 ++++------
 2 files changed, 102 insertions(+), 18 deletions(-)
 create mode 100644 Fedora/input/auxiliary/scap-security-guide.8

diff --git a/Fedora/input/auxiliary/scap-security-guide.8 b/Fedora/input/auxiliary/scap-security-guide.8
new file mode 100644
index 0000000..3d6cf58
--- /dev/null
+++ b/Fedora/input/auxiliary/scap-security-guide.8
@@ -0,0 +1,89 @@
+.TH scap-security-guide 8 "26 Jan 2013" "version 1"
+
+.SH NAME
+SCAP Security Guide - Delivers security guidance, baselines, and associated
+validation mechanisms utilizing the Security Content Automation Protocol
+(SCAP).
+
+
+.SH DESCRIPTION
+The project provides practical security hardening advice for Red Hat and Fedora
+products, and also links it to compliance requirements in order to ease
+deployment activities, such as certification and accreditation. These include
+requirements in the U.S. government (Federal, Defense, and Intelligence
+Community) as well as of the financial services and health care industries. For
+example, high-level and widely-accepted policies such as NIST 800-53 provides
+prose stating that System Administrators must audit "privileged user actions,"
+but do not define what "privileged actions" are. The SSG bridges the gap
+between generalized policy requirements and specific implementation guidance,
+in SCAP formats to support automation whenever possible.
+
+The projects homepage is located at:
+https://fedorahosted.org/scap-security-guide/
+
+
+.SH PROFILES
+The SSG content is broken into 'profiles,' groupings of security settings that
+correlate to a known policy. Currently available profile:
+
+.I common
+.RS
+The common profile is intended to be used as a base, universal profile for
+scanning of general-purpose Fedora systems.
+
+
+.SH EXAMPLES
+To scan your system utilizing the OpenSCAP utility against the
+common profile, run:
+
+$ oscap  xccdf eval --profile common \ 
+--results /tmp/`hostname`-ssg-results.xml \
+--report /tmp/`hostname`-ssg-results.html \
+--cpe /usr/share/xml/scap/ssg/fedora/19/content/ssg-fedora19-cpe-dictionary.xml \
+/usr/share/xml/scap/ssg/fedora/19/content/ssg-fedora19-xccdf.xml
+
+To scan your system utilizing the scap-workbench systems compliance evaluation
+GUI tool against the common profile, run:
+
+$ scap-workbench
+
+tool, select /usr/share/xml/scap/ssg/fedora/19/content/ssg-fedora19-xccdf.xml
+as input file, and 'Common Profile for General-Purpose Fedora Systems' as the
+profile file.
+
+.PP
+Additional details can be found on the projects wiki page:
+https://fedorahosted.org/scap-security-guide/wiki/usageguide
+
+
+.SH FILES
+.I /usr/share/xml/scap/ssg/fedora/19/content/
+.RS
+Houses SCAP content utilizing the following naming conventions:
+
+.I CPE_Dictionaries:
+ssg-fedora19-cpe-dictionary.xml
+
+.I CPE_OVAL_Content:
+ssg-fedora19-cpe-oval.xml
+
+.I OVAL_Content:
+ssg-fedora19-oval.xml
+
+.I XCCDF_Content:
+ssg-fedora19-xccdf.xml
+.RE
+
+.I /usr/share/xml/scap/ssg/fedora/19/guide/
+.RS
+HTML version of SSG profile.
+.RE
+
+
+.SH SEE ALSO
+.B oscap(8)
+
+
+.SH AUTHOR
+Please direct all questions to the SSG mailing list:
+https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
diff --git a/Fedora/scap-security-guide.spec b/Fedora/scap-security-guide.spec
index 71ca51c..b2f0972 100644
--- a/Fedora/scap-security-guide.spec
+++ b/Fedora/scap-security-guide.spec
@@ -5,7 +5,7 @@
 # file one level up - in the main scap-security-guide directory (instead of
 # this one).
 
-%global	fedorassgrelease	2.rc5
+%global	fedorassgrelease	2
 
 Name:		scap-security-guide
 Version:	0.1
@@ -37,10 +37,15 @@ cd Fedora && make dist
 %install
 rm -rf $RPM_BUILD_ROOT
 mkdir -p $RPM_BUILD_ROOT%{_datadir}/xml/scap/ssg/fedora/19
+mkdir -p $RPM_BUILD_ROOT%{_mandir}/en/man8/
 
 # Add in core content (SCAP, guide)
 cp -a Fedora/dist/* $RPM_BUILD_ROOT%{_datadir}/xml/scap/ssg/fedora/19
 
+# Add in manpage
+gzip -c Fedora/input/auxiliary/scap-security-guide.8 > $RPM_BUILD_ROOT%{_mandir}/en/man8/scap-security-guide.8.gz
+chcon -u system_u $RPM_BUILD_ROOT%{_mandir}/en/man8/scap-security-guide.8.gz
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -48,29 +53,19 @@ rm -rf $RPM_BUILD_ROOT
 %files
 %defattr(-,root,root,-)
 %{_datadir}/xml/scap/ssg/fedora/19/*
+%lang(en) %{_mandir}/en/man8/scap-security-guide.8.gz
 
 %changelog
-* Mon Oct 12 2013 Jan iankko Lieskovsky <[email protected]> 0.1-2.rc5
+* Mon Oct 14 2013 Jan iankko Lieskovsky <[email protected]> 0.1-2
+- Provide manual page for scap-security-guide
 - Remove percent sign from spec's changelog to silence rpmlint warning
-
-* Fri Oct 11 2013 Jan iankko Lieskovsky <[email protected]> 0.1-2.rc4
 - Convert RHEL6 'Restrict Root Logins' section's rules to Fedora
-
-* Thu Oct 10 2013 Jan iankko Lieskovsky <[email protected]> 0.1-2.rc3
-- Convert four RHEL6 'Set Password Expiration Parameter' rules to Fedora
-
-* Thu Oct 10 2013 Jan iankko Lieskovsky <[email protected]> 0.1-2.rc2
+- Convert RHEL6 'Set Password Expiration Parameter' rules to Fedora
 - Introduce 'Account and Access Control' section
-- Convert following "Verify Proper Storage and Existence of Password Hashes" section
-  rules to Fedora:
-  * Prevent Log In to Accounts With Empty Password
-  * Verify All Account Password Hashes are Shadowed
-  * All GIDs referenced in /etc/passwd must be defined in /etc/group
-  * Verify No netrc Files Exist
-
-* Wed Oct 02 2013 Jan iankko Lieskovsky <[email protected]> 0.1-2.rc1
+- Convert RHEL6 'Verify Proper Storage and Existence of Password Hashes' section's
+  rules to Fedora
 - Set proper name of the build directory in the spec's setup macro.
-- Replace hard-wired paths with macros. Preserve attributes when copying files.
+- Replace hard-coded paths with macros. Preserve attributes when copying files.
 
 * Tue Sep 17 2013 Jan iankko Lieskovsky <[email protected]> 0.1-1
 - Initial Fedora SSG RPM.
-- 
1.7.11.7


_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide

Reply via email to