Name:           oscap-anaconda-addon

Version:        0.7

Release:        8%{?dist}

Summary:        Anaconda addon integrating OpenSCAP to the installation process

License:        GPLv2+

URL:            https://git.fedorahosted.org/cgit/oscap-anaconda-addon.git

# This is a Red Hat maintained package which is specific to

# our distribution.

#

# The source is thus available only from within this SRPM

# or via direct git checkout:

# git clone https://github.com/OpenSCAP/oscap-anaconda-addon.git

Source0:        %{name}-%{version}.tar.gz

Patch0:         change_ssg_paths.patch

Patch1:         word_wrap_profile_desc_1236644.patch

Patch2:         newline_after_addon_section_1238267.patch

Patch3:         no_profile_handling_1235750.patch

Patch4:         use_openscap_scanner_1240249.patch

Patch5:         default_profile_desc_1238080.patch

Patch6:         network_issues_handling_1236657.patch

Patch7:         unsup_url_handling_1232631.patch

Patch8:         ssg_ks_output_1240285.patch

Patch9:         tui_fetch_and_process_1240625.patch

Patch10:        download_issues_react_1240710.patch

Patch11:        integrity_check_fail_react_1240710.patch

Patch12:        no_profile_no_ks_section_1241395.patch

Patch13:        cpio_entries_paths_1241064.patch

Patch14:        gui_actions_main_thread_1240967.patch

Patch15:        better_error_handling_1241064.patch

Patch16:        gtk_thread_issues_1240967.patch

Patch17:        invalid_profile_id_1247677.patch

Patch18:        clear_errors_1247677.patch

Patch19:        ssg_usage_ks_or_gui_switch_1249937.patch

Patch20:        early_ds_validation_1247654.patch

Patch21:        ds_xccdf_id_selection_1249951.patch

Patch22:        oscap-anaconda-addon/ds_xccdf_id_refresh_1240946.patch

Patch23:        help_file_name_1254884.patch

Patch24:        oscap_info_continue_1255075.patch

Patch25:        ds_xccdf_ids_hide_1254876.patch

Patch26:        no_profile_no_data_dir_1254973.patch

Patch27:        short_root_pw_1263254.patch

BuildArch:      noarch

BuildRequires:  gettext

BuildRequires:	python2-devel

#BuildRequires:  python-mock

#BuildRequires:  python-nose

#BuildRequires:  python-cpio

#BuildRequires:  anaconda >= 21.35

Requires:       anaconda >= 21.35

Requires:       openscap openscap-utils openscap-python

Requires:       python-cpio

Requires:       scap-security-guide

%description

This is an addon that integrates OpenSCAP utilities with the Anaconda installer

and allows installation of systems following restrictions given by a SCAP

content.

%prep

%setup -q -n %{name}-%{version}

%patch0

%patch1 -p1

%patch2 -p1

%patch3 -p1

%patch4 -p1

%patch5 -p1

%patch6 -p1

%patch7 -p1

%patch8 -p1

%patch9 -p1

%patch10 -p1

%patch11 -p1

%patch12 -p1

%patch13 -p1

%patch14 -p1

%patch15 -p1

%patch16 -p1

%patch17 -p1

%patch18 -p1

%patch19 -p1

%patch20 -p1

%patch21 -p1

%patch22 -p1

%patch23 -p1

%patch24 -p1

%patch25 -p1

%patch26 -p1

%patch27 -p1

%build

#%check

#make test

%install

make install DESTDIR=%{buildroot}

%find_lang %{name}

%files -f %{name}.lang

%{_datadir}/anaconda/addons/org_fedora_oscap

%doc COPYING ChangeLog README

%changelog

* Wed Sep 16 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-8

- Do not remove the root password behind user's back

  Resolves: rhbz#1263254

* Mon Sep 7 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-7

- Completely skip the execute() part if no profile is selected

  Resolves: rhbz#1254973

* Mon Aug 24 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-6

- Specify the name of the help content file

  Resolves: rhbz#1254884

- Skip files unrecognized by the 'oscap info' command

  Resolves: rhbz#1255075

- Only allow DS and XCCDF ID selection if it makes sense

  Resolves: rhbz#1254876

* Tue Aug 4 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-5

- Make sure DS and XCCDF ID lists are correctly refreshed

  Resolves: rhbz#1240946

- Make sure the DS and XCCDF ID combo boxes are visible for DS content

  Resolves: rhbz#1249951

- Try to load the OSCAP session early for DS content

  Resolves: rhbz#1247654

- Test preinst_content_path before raw_preinst_content_path

  Resolves: rhbz#1249937

- Clear any error if switching to the dry-run mode

  Related: rhbz#1247677

- Do not continue with and invalid profile ID

  Resolves: rhbz#1247677

- Cover all potential places with a non-main thread changing Gtk stuff

  Resolves: rhbz#1240967

* Thu Jul 23 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-4

- Better handle and report erroneous states

  Resolves: rhbz#1241064

- Make sure (some more) GUI actions run in the main thread

  Resolves: rhbz#1240967

- Beware of RPM->cpio entries' paths having absolute paths

  Related: rhbz#1241064

- Only output the kickstart section with content and profile set

  Resolves: rhbz#1241395

- Just report integrity check failure instead of traceback

  Resolves: rhbz#1240710

- Properly react on download/loading issues in text+kickstart mode

  Related: rhbz#1240710

- Fetch and process the content even if GUI doesn't take care of it

  Resolves: rhbz#1240625

* Tue Jul 7 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-3

- Do not output redundant/invalid fields for the SSG content (vpodzime)

  Resolves: rhbz#1240285

- Better handle unsupported URL types (vpodzime)

  Resolves: rhbz#1232631

- React better on network issues (vpodzime)

  Resolves: rhbz#1236657

- Improve the description of the default profile (vpodzime)

  Resolves: rhbz#1238080

- Use the openscap-scanner package instead of openscap-utils (vpodzime)

  Resolves: rhbz#1240249

- Better handle the case with no profile selected (vpodzime)

  Resolves: rhbz#1235750

- Add newline and one blank line after the %%addon section (vpodzime)

  Resolves: rhbz#1238267

- Word-wrap profile descriptions (vpodzime)

  Resolves: rhbz#1236644

* Wed Jun 17 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-2

- Add gettext to BuildRequires (vpodzime)

  Related: rhbz#1204640

* Tue Jun 16 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.7-1

- Rebase to the upstream version 0.7

  Related: rhbz#1204640

* Tue Apr 28 2015 Vratislav Podzimek <vpodzime@redhat.com> - 0.6-1

- Rebase to the upstream version 0.6

  Resolves: rhbz#1204640

* Mon Aug 04 2014 Vratislav Podzimek <vpodzime@redhat.com> - 0.4-3

- Don't distribute backup files

  Resolves: rhbz#1065906

* Wed Jan 15 2014 Vratislav Podizmek <vpodzime@redhat.com> - 0.4-2

- Skip running tests on RHEL builds

  Related: rhbz#1035662

* Tue Jan 14 2014 Vratislav Podzimek <vpodzime@redhat.com> - 0.4-1

- Beware of running Gtk actions from a non-main thread

- Fix path to the tailoring file when getting rules

- A git hook for running tests when pushing

- Inform user if no profile is selected

- Visually mark the selected profile

- Better UX with content URL entry and progress label

- React on invalid content properly (#1032846)

- Stop spinner when data fetching is finished

- Make the data fetching thread non-fatal (#1049989)

- Exit code 2 from the oscap tool is not an error for us (#1050913)

- Be ready to work with archives/RPMs containing data streams

- Add unit tests for the keep_type_map function

- Add support for namedtuples to keep_type_map

- Add target for running pylint check

- Add target for running just unittests

- On the way to tailoring

- Tests for kickstart XCCDF tailoring handling

- Kickstart support for XCCDF tailoring

- Check session validity also when using XCCDF benchmark

* Tue Dec 10 2013 Vratislav Podzimek <vpodzime@redhat.com> - 0.3-1

- Implement and use our own better function for joining paths

- The content entry should have focus if there is no content

- RPM is just a weird archive in the pre-installation phase

- Ignore RPM files as well

- Adapt tests to dir constants now ending with "/"

- CpioArchive cannot be created from a piped output

- Fix namespace definitions in the testing XCCDF file

- Prevent putting None into xccdf_session_is_sds

- Fix the __all__ variable in the common module

- Strip content dir prefix when setting xccdf/cpe paths

- Inform user we now support archive URLs as well

- Ignore various file types in the git repository

- Try to find content files in the fetched archive or RPM

- Run pylint -E as part of the test target

- Return list of extracted files/directories when extracting archive

- Do not try to search for empty file paths in archives

- Properly set the content type based on the URL's suffix

- Switch profiles on double-click

- Hook urlEntry's activate signal to fetchButton click

- Save the spoke's glade file with a new Glade

- The addon now requires the python-cpio package

- Use really_hide for the UI elements for datastream-id and xccdf-id

- Support for RPM content in the GUI spoke

- RPM content support for kickstart processing

- Add property for the raw post-installation content path

- Make content type case insensitive

- Rest of the code needed for RPM extraction

- Actually look for the file path in entry names

- Basic stuff needed for the RPM content support

- Run tests in paralel

- Specify files in a better way in spec

* Mon Oct 21 2013 Vratislav Podzimek <vpodzime@redhat.com> - 0.2-1

- Initial RPM for the oscap-anaconda-addon