Please have a look at the patch.
On Fri, Feb 3, 2017 at 1:52 AM Johnny Hughes <johnny@xxxxxxxxxx> wrote:
> On 02/01/2017 10:15 AM, Michał Jankowski wrote:
> > Hello,
> >
> > I have noticed that pci-dss profile, ssg-centos7-xccdf.xml will always
> fail
> > on test and remediation for disable_prelink rule. That seem to be caused
> by
> > insufficient CentOS RPM customization of upstream code. Specifically
> this:
> >
> https://github.com/OpenSCAP/scap-security-guide/blob/master/shared/oval/disable_prelink.xml#L24-L35
> > <
> https://github.com/OpenSCAP/scap-security-guide/blob/master/shared/oval/disable_prelink.xml
> >
> >
> > That condition will always fail on CentOS because it misses:
> > <extend_definition comment="Installed OS is CentOS7" definition_ref="
> > installed_OS_is_centos7" />
> >
> > I was thinking about raising a bug on https://bugs.centos.org or
> committing
> > a fix in https://git.centos.org/summary/rpms!scap-security-guide but I
> am
> > unsure as to what action should I take.
>
> You can clone that git project from git.centos.org, then checkout the
> 'c7' branch and fix the issue on your branch .. then use the git
> --format-patch option as explained here:
>
> https://ariejan.net/2009/10/26/how-to-create-and-apply-a-patch-with-git/
>
> Then you can send your patch (attached to an email) to the CentOS-Devel
> mailing list (https://lists.centos.org/mailman/listinfo/centos-devel)
> and I will import it into the git repo and fix the package.
>
> <snip>
>
> Thanks,
> Johnny Hughes
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
