From 8ff9fd0f066b223e0a59ae71ab8c276315d2357d Mon Sep 17 00:00:00 2001 From: Chenxi Mao Date: Fri, 6 Jan 2023 15:22:38 +0800 Subject: [PATCH] Do not hard code vendor name in source code 1. Rename file name from openeuler-xx to custom-xx. 2. Mofify all openeuler string to @VENDOR@ and define it during building RPM. Change-Id: Ia55ce06194986bc86ed2c4f5328cf3c965ea9d04 Signed-off-by: Chenxi Mao (cherry picked from commit 1889cc183b9c0497850337a3520f5b660ff87b2d) --- ...hard-code-vendor-name-in-source-code.patch | 41 +++++++++++++++++++ security-tool.spec | 9 +++- 2 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 Do-not-hard-code-vendor-name-in-source-code.patch diff --git a/Do-not-hard-code-vendor-name-in-source-code.patch b/Do-not-hard-code-vendor-name-in-source-code.patch new file mode 100644 index 0000000..de4bf44 --- /dev/null +++ b/Do-not-hard-code-vendor-name-in-source-code.patch @@ -0,0 +1,41 @@ +From d9e61c144ba0988c4931d516f754673678a0b026 Mon Sep 17 00:00:00 2001 +From: Chenxi Mao +Date: Fri, 6 Jan 2023 15:04:13 +0800 +Subject: [PATCH 1/1] Do not hard code vendor name in source code + +Signed-off-by: Chenxi Mao +--- + openEuler-security.service => custom-security.service | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + rename openEuler-security.service => custom-security.service (81%) + +diff --git a/openEuler-security.service b/custom-security.service +similarity index 81% +rename from openEuler-security.service +rename to custom-security.service +index ab60920..0e15e5f 100644 +--- a/openEuler-security.service ++++ b/custom-security.service +@@ -14,7 +14,7 @@ + ####################################################################################### + + [Unit] +-Description=OpenEuler Security Tool ++Description=@VENDOR@ Security Tool + After=network.target sshd.service auditd.service crond.service tuned.service NetworkManager.service + Wants=sshd.service auditd.service rsyslog.service tuned.service NetworkManager.service + ConditionFileIsExecutable=/usr/sbin/security-tool.sh +@@ -22,8 +22,8 @@ ConditionFileIsExecutable=/usr/sbin/security-tool.sh + [Service] + Type=oneshot + RemainAfterExit=yes +-EnvironmentFile=/etc/openEuler_security/security +-ExecStart=/usr/sbin/security-tool.sh -d / -c /etc/openEuler_security/security.conf -u /etc/openEuler_security/usr-security.conf -l /var/log/openEuler-security.log -s ++EnvironmentFile=/etc/@VENDOR@_security/security ++ExecStart=/usr/sbin/security-tool.sh -d / -c /etc/@VENDOR@_security/security.conf -u /etc/@VENDOR@_security/usr-security.conf -l /var/log/@VENDOR@-security.log -s + TimeoutSec=0 + + [Install] +-- +2.33.0 + diff --git a/security-tool.spec b/security-tool.spec index 16d19f4..8818e9e 100644 --- a/security-tool.spec +++ b/security-tool.spec @@ -2,7 +2,7 @@ Summary: openEuler Security Tool Name : security-tool Version: 2.0 -Release: 1.85 +Release: 1.86 Source0: https://gitee.com/openeuler/security-tool/repository/archive/v2.0.tar.gz License: MulanPSL-2.0 URL: https://gitee.com/openeuler/security-tool @@ -19,6 +19,7 @@ Patch1: do-not-create-allow-file-while-the-command-does-not-.patch Patch2: remove-sha1-in-sshd-config.patch Patch3: fix-function-allow-rpm-q.patch Patch4: add-secure-hostKey-algorithms.patch +Patch5: Do-not-hard-code-vendor-name-in-source-code.patch %description %{vendor} Security Tool @@ -27,6 +28,7 @@ Patch4: add-secure-hostKey-algorithms.patch %prep %autosetup -n security-tool-v%{version} -p1 +sed -i 's|@VENDOR@|%{vendor}|g' custom-security.service %build @@ -39,7 +41,7 @@ install -m0600 security $RPM_BUILD_ROOT%{_sysconfdir}/%{vendor}_security/securit install -m0400 security.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{vendor}_security/security.conf install -m0600 usr-security.conf $RPM_BUILD_ROOT%{_sysconfdir}/%{vendor}_security/usr-security.conf install -d -m0755 $RPM_BUILD_ROOT/%{_unitdir} -install -m0644 %{vendor}-security.service $RPM_BUILD_ROOT/%{_unitdir}/%{vendor}-security.service +install -m0644 custom-security.service $RPM_BUILD_ROOT/%{_unitdir}/%{vendor}-security.service install -d -m0755 $RPM_BUILD_ROOT/%{_sbindir} install -m0500 security-tool.sh $RPM_BUILD_ROOT/%{_sbindir}/security-tool.sh install -m0644 security-tool-%{version}/csh.precmd $RPM_BUILD_ROOT%{_sysconfdir}/csh.precmd @@ -123,6 +125,9 @@ fi %attr(0500,root,root) %{_sbindir}/security-tool.sh %changelog +* Fri Jan 6 2023 Chenxi Mao - 2.0-1.86 +- Do not hard code vendor name in source code + * Sat Nov 26 2022 zhengxiaoxiao - 2.0-1.85 - replace openEuler to vendor -- Gitee