This patch fixes Fedora scap-security-guide
RPM package review comments / objections
as raised in:
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1018905
Since it changes mainly content of Fedora/
scap-security-guide.spec (and doesn't add new
SCAP content) I am going to push it immediately
to be able to submit new version for another round
of review.
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
From 2c029580b5926b3859eab456b6fa9dba0aea4bd6 Mon Sep 17 00:00:00 2001
From: Jan Lieskovsky <[email protected]>
Date: Tue, 15 Oct 2013 17:30:01 +0200
Subject: [PATCH] [Fedora] Fixes for scap-security-guide Fedora RPM review
request (RH BZ#1018905)
Signed-off-by: Jan Lieskovsky <[email protected]>
---
Fedora/LICENSE | 27 ++++++++++++++++
Fedora/input/auxiliary/scap-security-guide.8 | 10 +++---
Fedora/scap-security-guide.spec | 47 ++++++++++++++--------------
3 files changed, 56 insertions(+), 28 deletions(-)
create mode 100644 Fedora/LICENSE
diff --git a/Fedora/LICENSE b/Fedora/LICENSE
new file mode 100644
index 0000000..20b8639
--- /dev/null
+++ b/Fedora/LICENSE
@@ -0,0 +1,27 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to:
+http://fedoraproject.org/wiki/Legal:Fedora_Project_Contributor_Agreement
+http://www.cendi.gov/publications/04-8copyright.html#toc30
+http://unlicense.org
diff --git a/Fedora/input/auxiliary/scap-security-guide.8 b/Fedora/input/auxiliary/scap-security-guide.8
index 525258a..ec46ca8 100644
--- a/Fedora/input/auxiliary/scap-security-guide.8
+++ b/Fedora/input/auxiliary/scap-security-guide.8
@@ -39,15 +39,15 @@ common profile, run:
$ oscap xccdf eval --profile common \
--results /tmp/`hostname`-ssg-results.xml \
--report /tmp/`hostname`-ssg-results.html \
---cpe /usr/share/xml/scap/ssg/fedora/19/content/ssg-fedora19-cpe-dictionary.xml \
-/usr/share/xml/scap/ssg/fedora/19/content/ssg-fedora19-xccdf.xml
+--cpe /usr/share/xml/scap/ssg/fedora/content/ssg-fedora19-cpe-dictionary.xml \
+/usr/share/xml/scap/ssg/fedora/content/ssg-fedora19-xccdf.xml
To scan your system utilizing the scap-workbench systems compliance evaluation
GUI tool against the common profile, run:
$ scap-workbench
-tool, select /usr/share/xml/scap/ssg/fedora/19/content/ssg-fedora19-xccdf.xml
+tool, select /usr/share/xml/scap/ssg/fedora/content/ssg-fedora19-xccdf.xml
as input file, and 'Common Profile for General-Purpose Fedora Systems' as the
profile file.
@@ -57,7 +57,7 @@ https://fedorahosted.org/scap-security-guide/wiki/usageguide
.SH FILES
-.I /usr/share/xml/scap/ssg/fedora/19/content/
+.I /usr/share/xml/scap/ssg/fedora/content/
.RS
Houses SCAP content utilizing the following naming conventions:
@@ -74,7 +74,7 @@ ssg-fedora19-oval.xml
ssg-fedora19-xccdf.xml
.RE
-.I /usr/share/xml/scap/ssg/fedora/19/guide/
+.I /usr/share/xml/scap/ssg/fedora/guide/
.RS
HTML version of SSG profile.
.RE
diff --git a/Fedora/scap-security-guide.spec b/Fedora/scap-security-guide.spec
index b2f0972..f59e45a 100644
--- a/Fedora/scap-security-guide.spec
+++ b/Fedora/scap-security-guide.spec
@@ -5,7 +5,7 @@
# file one level up - in the main scap-security-guide directory (instead of
# this one).
-%global fedorassgrelease 2
+%global fedorassgrelease 3.rc1
Name: scap-security-guide
Version: 0.1
@@ -15,47 +15,48 @@ Group: Applications/System
License: Public Domain
URL: https://fedorahosted.org/scap-security-guide/
Source0: http://fedorapeople.org/~jlieskov/%{name}-%{version}-%{fedorassgrelease}.tar.gz
-BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
BuildArch: noarch
-BuildRequires: coreutils, libxslt, expat, python, openscap-utils >= 0.9.1, python-lxml
-Requires: filesystem, openscap-utils >= 0.9.1
+BuildRequires: libxslt, expat, python, openscap-utils >= 0.9.1, python-lxml
+Requires: openscap-utils >= 0.9.1
%description
-The scap-security-guide project provides security configuration guidance in
-formats of the Security Content Automation Protocol (SCAP). It provides a
-catalog of practical hardening advice and links it to government requirements
+The scap-security-guide project provides guide for configuration of the
+system from final system's security point of view. The guidance is specified
+in the Security Content Automation Protocol (SCAP) format and consitutes
+a catalog of practical hardening advice linked to government requirements
where applicable. The project bridges the gap between generalized policy
-requirements and specific implementation guidance.
+requirements and specific implementation guidelines.
+
%prep
%setup -q -n %{name}-%{version}-%{fedorassgrelease}
-
%build
cd Fedora && make dist
-
%install
-rm -rf $RPM_BUILD_ROOT
-mkdir -p $RPM_BUILD_ROOT%{_datadir}/xml/scap/ssg/fedora/19
-mkdir -p $RPM_BUILD_ROOT%{_mandir}/en/man8/
+mkdir -p %{buildroot}%{_datadir}/xml/scap/ssg/fedora
+mkdir -p %{buildroot}%{_mandir}/en/man8/
# Add in core content (SCAP, guide)
-cp -a Fedora/dist/* $RPM_BUILD_ROOT%{_datadir}/xml/scap/ssg/fedora/19
+cp -a Fedora/dist/* %{buildroot}%{_datadir}/xml/scap/ssg/fedora
# Add in manpage
-gzip -c Fedora/input/auxiliary/scap-security-guide.8 > $RPM_BUILD_ROOT%{_mandir}/en/man8/scap-security-guide.8.gz
-chcon -u system_u $RPM_BUILD_ROOT%{_mandir}/en/man8/scap-security-guide.8.gz
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
+cp -a Fedora/input/auxiliary/scap-security-guide.8 %{buildroot}%{_mandir}/en/man8/scap-security-guide.8
%files
-%defattr(-,root,root,-)
-%{_datadir}/xml/scap/ssg/fedora/19/*
-%lang(en) %{_mandir}/en/man8/scap-security-guide.8.gz
+%{_datadir}/xml/scap/ssg/fedora/*
+%lang(en) %{_mandir}/en/man8/scap-security-guide.8.*
+%doc Fedora/LICENSE
%changelog
+* Tue Oct 15 2013 Jan iankko Lieskovsky <[email protected]> 0.1-3.rc1
+- Fixes for scap-security-guide Fedora RPM review request (RH BZ#1018905):
+ * drop Fedora release from package provided files' final path (c#5),
+ * drop BuildRoot, selected Requires:, clean section, drop chcon for
+ manual page, don't gzip man page (c#4),
+ * change package's description (c#4),
+ * include PD license text (#c4).
+
* Mon Oct 14 2013 Jan iankko Lieskovsky <[email protected]> 0.1-2
- Provide manual page for scap-security-guide
- Remove percent sign from spec's changelog to silence rpmlint warning
--
1.7.11.7
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
