%global git_date 20200813 %global git_commit 66d4068e2e6340dfbe674cd13b23c57f29c97906 %{?git_commit:%global git_commit_hash %(c=%{git_commit}; echo ${c:0:7})} %global _python_bytecompile_extra 0 Name: crypto-policies Version: %{git_date} Release: %mkrel 1 Summary: System-wide crypto policies Group: System/Libraries License: LGPLv2+ URL: https://gitlab.com/redhat-crypto/fedora-crypto-policies Source0: https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/archive/%{git_commit_hash}/%{name}-git%{git_commit_hash}.tar.gz BuildArch: noarch BuildRequires: asciidoc BuildRequires: xsltproc BuildRequires: openssl BuildRequires: gnutls BuildRequires: java-1.8.0-openjdk-devel BuildRequires: perl(File::pushd) BuildRequires: perl(File::Temp) BuildRequires: perl(File::Copy) BuildRequires: perl(File::Which) BuildRequires: python3 # required during installation Requires(post): python3 %description This package provides update-crypto-policies, which is a tool that sets the policy applicable for the various cryptographic back-ends, such as SSL/TLS libraries. The policy set by the tool will be the default policy used by these back-ends unless the application user configures them otherwise. %prep %setup -q -n fedora-crypto-policies-%{git_commit_hash}-%{git_commit} perl -pi -e 's|/usr/share/asciidoc/docbook-xsl/manpage.xsl|/etc/asciidoc/docbook-xsl/manpage.xsl|' Makefile %build %make_build %install mkdir -p -m 755 %{buildroot}%{_datarootdir}/crypto-policies/ mkdir -p -m 755 %{buildroot}%{_datarootdir}/crypto-policies/back-ends/ mkdir -p -m 755 %{buildroot}%{_sysconfdir}/crypto-policies/back-ends/ mkdir -p -m 755 %{buildroot}%{_sysconfdir}/crypto-policies/state/ mkdir -p -m 755 %{buildroot}%{_sysconfdir}/crypto-policies/local.d/ mkdir -p -m 755 %{buildroot}%{_sysconfdir}/crypto-policies/policies/ mkdir -p -m 755 %{buildroot}%{_sysconfdir}/crypto-policies/policies/modules/ mkdir -p -m 755 %{buildroot}%{_bindir} make DESTDIR=%{buildroot} DIR=%{_datarootdir}/crypto-policies MANDIR=%{_mandir} %{?_smp_mflags} install install -p -m 644 default-config %{buildroot}%{_sysconfdir}/crypto-policies/config touch %{buildroot}%{_sysconfdir}/crypto-policies/state/current touch %{buildroot}%{_sysconfdir}/crypto-policies/state/CURRENT.pol # Create back-end configs for mounting with read-only /etc/ for d in LEGACY DEFAULT FUTURE FIPS ; do mkdir -p -m 755 %{buildroot}%{_datarootdir}/crypto-policies/back-ends/$d for f in %{buildroot}%{_datarootdir}/crypto-policies/$d/* ; do ln $f %{buildroot}%{_datarootdir}/crypto-policies/back-ends/$d/$(basename $f .txt).config done done %py_byte_compile %{__python3} %{buildroot}%{_datadir}/crypto-policies/python # not used atm rm -rf %{buildroot}%{_bindir}/fips* rm -rf %{buildroot}%{_mandir}/man8/fips* %check make check %{?_smp_mflags} %posttrans %{_bindir}/update-crypto-policies --no-check >/dev/null 2>/dev/null || : %files %dir %{_sysconfdir}/crypto-policies/ %dir %{_sysconfdir}/crypto-policies/back-ends/ %dir %{_sysconfdir}/crypto-policies/state/ %dir %{_sysconfdir}/crypto-policies/local.d/ %dir %{_sysconfdir}/crypto-policies/policies/ %dir %{_sysconfdir}/crypto-policies/policies/modules/ %dir %{_datarootdir}/crypto-policies/ %config(noreplace) %{_sysconfdir}/crypto-policies/config %ghost %{_sysconfdir}/crypto-policies/back-ends/gnutls.config %ghost %{_sysconfdir}/crypto-policies/back-ends/openssl.config %ghost %{_sysconfdir}/crypto-policies/back-ends/opensslcnf.config %ghost %{_sysconfdir}/crypto-policies/back-ends/openssh.config %ghost %{_sysconfdir}/crypto-policies/back-ends/opensshserver.config %ghost %{_sysconfdir}/crypto-policies/back-ends/nss.config %ghost %{_sysconfdir}/crypto-policies/back-ends/bind.config %ghost %{_sysconfdir}/crypto-policies/back-ends/java.config %ghost %{_sysconfdir}/crypto-policies/back-ends/krb5.config %ghost %{_sysconfdir}/crypto-policies/back-ends/openjdk.config %ghost %{_sysconfdir}/crypto-policies/back-ends/libreswan.config %ghost %{_sysconfdir}/crypto-policies/back-ends/libssh.config %ghost %{_sysconfdir}/crypto-policies/state/current %ghost %{_sysconfdir}/crypto-policies/state/CURRENT.pol %{_bindir}/update-crypto-policies %{_mandir}/man7/crypto-policies.7* %{_mandir}/man8/update-crypto-policies.8* %{_datarootdir}/crypto-policies/LEGACY %{_datarootdir}/crypto-policies/DEFAULT %{_datarootdir}/crypto-policies/FUTURE %{_datarootdir}/crypto-policies/FIPS %{_datarootdir}/crypto-policies/EMPTY %{_datarootdir}/crypto-policies/back-ends %{_datarootdir}/crypto-policies/default-config %{_datarootdir}/crypto-policies/reload-cmds.sh %{_datarootdir}/crypto-policies/policies %{_datarootdir}/crypto-policies/python %license COPYING.LESSER %changelog * Mon Sep 07 2020 luigiwalser <luigiwalser> 20200813-1.mga7 + Revision: 1623346 - 20200813 - 20200702 (sync with cauldron) * Sat Aug 26 2017 guillomovitch <guillomovitch> 20170606-2.mga7 + Revision: 1148067 - fix package installation while installing distribution * Wed Aug 02 2017 guillomovitch <guillomovitch> 20170606-1.mga7 + Revision: 1133908 - imported package crypto-policies