CBL-Mariner/SPECS/filesystem/filesystem.spec

839 строки
24 KiB
Plaintext

Summary: Default file system
Name: filesystem
Version: 1.1
Release: 20%{?dist}
License: GPLv3
Group: System Environment/Base
Vendor: Microsoft Corporation
URL: http://www.linuxfromscratch.org
Distribution: Mariner
%description
The filesystem package is one of the basic packages that is installed
on a Linux system. Filesystem contains the basic directory
layout for a Linux operating system, including the correct permissions
for the directories. This version is for a system configured with systemd.
%package asc
Summary: Provide with config files needed for Azure Security Baseline
Requires: %{name} = %{version}-%{release}
%description asc
Provide with multiple configuration files in /etc/modprobe.d/ to meet Azure Security Baseline
%prep
%build
%install
#
# 6.5. Creating Directories
#
install -vdm 755 %{buildroot}/{dev,run/{media/{floppy,cdrom},lock}}
install -vdm 755 %{buildroot}/{etc/{opt,sysconfig},home,mnt}
install -vdm 700 %{buildroot}/boot
install -vdm 755 %{buildroot}/{var}
install -vdm 755 %{buildroot}/opt
install -vdm 755 %{buildroot}/media
install -dv -m 0750 %{buildroot}/root
install -dv -m 1777 %{buildroot}/tmp %{buildroot}/var/tmp
install -vdm 755 %{buildroot}/usr/{,local/}{bin,include,lib,sbin,src}
install -vdm 755 %{buildroot}/usr/{,local/}share/{color,dict,doc,info,locale,man}
install -vdm 755 %{buildroot}/usr/{,local/}share/{misc,terminfo,zoneinfo}
install -vdm 755 %{buildroot}/usr/libexec
install -vdm 755 %{buildroot}/usr/{,local/}share/man/man{1..8}
install -vdm 755 %{buildroot}/etc/profile.d
install -vdm 755 %{buildroot}/usr/lib/debug/{lib,bin,sbin,usr,.dwz}
ln -svfn usr/lib %{buildroot}/lib
ln -svfn usr/bin %{buildroot}/bin
ln -svfn usr/sbin %{buildroot}/sbin
ln -svfn ../bin %{buildroot}/usr/lib/debug/usr/bin
ln -svfn ../sbin %{buildroot}/usr/lib/debug/usr/sbin
ln -svfn ../lib %{buildroot}/usr/lib/debug/usr/lib
ln -svfn usr/lib %{buildroot}/lib64
ln -svfn lib %{buildroot}/usr/lib64
ln -svfn lib %{buildroot}/usr/local/lib64
ln -svfn lib %{buildroot}/usr/lib/debug/lib64
ln -svfn ../lib %{buildroot}/usr/lib/debug/usr/lib64
ln -svfn ../.dwz %{buildroot}/usr/lib/debug/usr/.dwz
install -vdm 755 %{buildroot}/var/{log,mail,spool,mnt,srv}
ln -svfn var/srv %{buildroot}/srv
ln -svfn ../run %{buildroot}/var/run
ln -svfn ../run/lock %{buildroot}/var/lock
install -vdm 755 %{buildroot}/var/{opt,cache,lib/{color,misc,locate},local}
install -vdm 755 %{buildroot}/mnt/cdrom
install -vdm 755 %{buildroot}/mnt/hgfs
#
# 6.6. Creating Essential Files and Symlinks
#
ln -svfn /proc/self/mounts %{buildroot}/etc/mtab
#touch -f %{buildroot}/etc/mtab
touch %{buildroot}/var/log/{btmp,lastlog,wtmp}
#
# Configuration files
#
cat > %{buildroot}/etc/passwd <<- "EOF"
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/dev/null:/bin/false
daemon:x:6:6:Daemon User:/dev/null:/bin/false
messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false
systemd-bus-proxy:x:72:72:systemd Bus Proxy:/:/bin/false
systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/bin/false
systemd-journal-remote:x:74:74:systemd Journal Remote:/:/bin/false
systemd-journal-upload:x:75:75:systemd Journal Upload:/:/bin/false
systemd-network:x:76:76:systemd Network Management:/:/bin/false
systemd-resolve:x:77:77:systemd Resolver:/:/bin/false
systemd-timesync:x:78:78:systemd Time Synchronization:/:/bin/false
systemd-coredump:x:79:79:systemd Core Dumper:/:/usr/bin/false
systemd-oom:x:80:80:systemd Userspace OOM Killer:/:/usr/bin/false
nobody:x:65534:65533:Unprivileged User:/dev/null:/bin/false
EOF
cat > %{buildroot}/etc/group <<- "EOF"
root:x:0:
bin:x:1:daemon
sys:x:2:
kmem:x:3:
tape:x:4:
tty:x:5:
daemon:x:6:
floppy:x:7:
disk:x:8:
lp:x:9:
dialout:x:10:
audio:x:11:
video:x:12:
utmp:x:13:
usb:x:14:
cdrom:x:15:
adm:x:16:
messagebus:x:18:
systemd-journal:x:23:
input:x:24:
mail:x:34:
lock:x:54:
dip:x:30:
render:x:31:
kvm:x:32:
systemd-bus-proxy:x:72:
systemd-journal-gateway:x:73:
systemd-journal-remote:x:74:
systemd-journal-upload:x:75:
systemd-network:x:76:
systemd-resolve:x:77:
systemd-timesync:x:78:
systemd-coredump:x:79:
systemd-oom:x:80:
nogroup:x:65533:
users:x:100:
sudo:x:27:
wheel:x:28:
EOF
#
# Creating Proxy Configuration"
#
cat > %{buildroot}/etc/sysconfig/proxy <<- "EOF"
# Enable a generation of the proxy settings to the profile.
# This setting allows to turn the proxy on and off while
# preserving the particular proxy setup.
#
PROXY_ENABLED="no"
# Some programs (e.g. wget) support proxies, if set in
# the environment.
# Example: HTTP_PROXY="http://proxy.provider.de:3128/"
HTTP_PROXY=""
# Example: HTTPS_PROXY="https://proxy.provider.de:3128/"
HTTPS_PROXY=""
# Example: FTP_PROXY="http://proxy.provider.de:3128/"
FTP_PROXY=""
# Example: GOPHER_PROXY="http://proxy.provider.de:3128/"
GOPHER_PROXY=""
# Example: SOCKS_PROXY="socks://proxy.example.com:8080"
SOCKS_PROXY=""
# Example: SOCKS5_SERVER="office-proxy.example.com:8881"
SOCKS5_SERVER=""
# Example: NO_PROXY="www.me.de, do.main, localhost"
NO_PROXY="localhost, 127.0.0.1"
EOF
#
# 7.3. Customizing the /etc/hosts File"
#
cat > %{buildroot}/etc/hosts <<- "EOF"
# Begin /etc/hosts (network card version)
::1 ipv6-localhost ipv6-loopback
127.0.0.1 localhost.localdomain
127.0.0.1 localhost
# End /etc/hosts (network card version)
EOF
#
# 7.9. Configuring the setclock Script"
#
cat > %{buildroot}/etc/sysconfig/clock <<- "EOF"
# Begin /etc/sysconfig/clock
UTC=1
# Set this to any options you might need to give to hwclock,
# such as machine hardware clock type for Alphas.
CLOCKPARAMS=
# End /etc/sysconfig/clock
EOF
#
# 7.10. Configuring the Linux Console"
#
cat > %{buildroot}/etc/sysconfig/console <<- "EOF"
# Begin /etc/sysconfig/console
# Begin /etc/sysconfig/console
# KEYMAP="us"
# FONT="lat1-16 -m utf8"
# FONT="lat1-16 -m 8859-1"
# KEYMAP_CORRECTIONS="euro2"
# UNICODE="1"
# LEGACY_CHARSET="iso-8859-1"
# End /etc/sysconfig/console
EOF
#
# 7.13. The Bash Shell Startup Files
#
cat > %{buildroot}/etc/profile <<- "EOF"
# Begin /etc/profile
# Written for Beyond Linux From Scratch
# by James Robertson <jameswrobertson@earthlink.net>
# modifications by Dagmar d'Surreal <rivyqntzne@pbzpnfg.arg>
# System wide environment variables and startup programs.
# System wide aliases and functions should go in /etc/bashrc. Personal
# environment variables and startup programs should go into
# ~/.bash_profile. Personal aliases and functions should go into
# ~/.bashrc.
# Functions to help us manage paths. Second argument is the name of the
# path variable to be modified (default: PATH)
pathremove () {
local IFS=':'
local NEWPATH
local DIR
local PATHVARIABLE=${2:-PATH}
for DIR in ${!PATHVARIABLE} ; do
if [ "$DIR" != "$1" ] ; then
NEWPATH=${NEWPATH:+$NEWPATH:}$DIR
fi
done
export $PATHVARIABLE="$NEWPATH"
}
pathprepend () {
pathremove $1 $2
local PATHVARIABLE=${2:-PATH}
export $PATHVARIABLE="$1${!PATHVARIABLE:+:${!PATHVARIABLE}}"
}
pathappend () {
pathremove $1 $2
local PATHVARIABLE=${2:-PATH}
export $PATHVARIABLE="${!PATHVARIABLE:+${!PATHVARIABLE}:}$1"
}
export -f pathremove pathprepend pathappend
# Set the initial path
# Block unnessary as this is set elsewhere.
# export PATH=$PATH:/bin:/usr/bin
# if [ $EUID -eq 0 ] ; then
# pathappend /sbin:/usr/sbin
# unset HISTFILE
# fi
# Setup some environment variables.
export HISTSIZE=1000
export HISTIGNORE="&:[bf]g:exit"
# Set some defaults for graphical systems
export XDG_DATA_DIRS=/usr/share/
export XDG_CONFIG_DIRS=/etc/xdg/
# Setup a red prompt for root and a green one for users.
NORMAL="\[\e[0m\]"
RED="\[\e[1;31m\]"
GREEN="\[\e[1;32m\]"
if [[ $EUID == 0 ]] ; then
PS1="$RED\u@\h [ $NORMAL\w$RED ]# $NORMAL"
else
PS1="$GREEN\u@\h [ $NORMAL\w$GREEN ]\$ $NORMAL"
fi
for script in /etc/profile.d/*.sh ; do
if [ -r $script ] ; then
. $script
fi
done
unset script RED GREEN NORMAL
umask 027
# End /etc/profile
EOF
#
# The Proxy Bash Shell Startup File
#
cat > %{buildroot}/etc/profile.d/proxy.sh <<- "EOF"
#
# proxy.sh: Set proxy environment
#
sys=/etc/sysconfig/proxy
test -s $sys || exit 0
while read line ; do
case "$line" in
\#*|"") continue ;;
esac
eval val=${line#*=}
case "$line" in
PROXY_ENABLED=*)
PROXY_ENABLED="${val}"
;;
HTTP_PROXY=*)
test "$PROXY_ENABLED" = "yes" || continue
http_proxy="${val}"
export http_proxy
;;
HTTPS_PROXY=*)
test "$PROXY_ENABLED" = "yes" || continue
https_proxy="${val}"
export https_proxy
;;
FTP_PROXY=*)
test "$PROXY_ENABLED" = "yes" || continue
ftp_proxy="${val}"
export ftp_proxy
;;
GOPHER_PROXY=*)
test "$PROXY_ENABLED" = "yes" || continue
gopher_proxy="${val}"
export gopher_proxy
;;
SOCKS_PROXY=*)
test "$PROXY_ENABLED" = "yes" || continue
socks_proxy="${val}"
export socks_proxy
SOCKS_PROXY="${val}"
export SOCKS_PROXY
;;
SOCKS5_SERVER=*)
test "$PROXY_ENABLED" = "yes" || continue
SOCKS5_SERVER="${val}"
export SOCKS5_SERVER
;;
NO_PROXY=*)
test "$PROXY_ENABLED" = "yes" || continue
no_proxy="${val}"
export no_proxy
NO_PROXY="${val}"
export NO_PROXY
esac
done < $sys
unset sys line val
if test "$PROXY_ENABLED" != "yes" ; then
unset http_proxy https_proxy ftp_proxy gopher_proxy no_proxy NO_PROXY socks_proxy SOCKS_PROXY SOCKS5_SERVER
fi
unset PROXY_ENABLED
#
# end of proxy.sh
EOF
#
# 7.14. Creating the /etc/inputrc File
#
cat > %{buildroot}/etc/inputrc <<- "EOF"
# Begin /etc/inputrc
# Modified by Chris Lynn <roryo@roryo.dynup.net>
# Allow the command prompt to wrap to the next line
set horizontal-scroll-mode Off
# Enable 8bit input
set meta-flag On
set input-meta On
# Turns off 8th bit stripping
set convert-meta Off
# Keep the 8th bit for display
set output-meta On
# none, visible or audible
set bell-style none
# All of the following map the escape sequence of the value
# contained in the 1st argument to the readline specific functions
"\eOd": backward-word
"\eOc": forward-word
# for linux console
"\e[1~": beginning-of-line
"\e[4~": end-of-line
# page up - history search backward
"\e[5~": history-search-backward
# page down - history search forward
"\e[6~": history-search-forward
"\e[3~": delete-char
"\e[2~": quoted-insert
# for xterm
"\eOH": beginning-of-line
"\eOF": end-of-line
# for Konsole
"\e[H": beginning-of-line
"\e[F": end-of-line
# ctrl + left/right arrow to jump words
"\e[1;5C": forward-word
"\e[1;5D": backward-word
# End /etc/inputrc
EOF
#
# 8.2. Creating the /etc/fstab File
#
touch %{buildroot}/etc/fstab
#
# 8.3.2. Configuring Linux Module Load Order
#
install -vdm 755 %{buildroot}/etc/modprobe.d
cat > %{buildroot}/etc/modprobe.d/usb.conf <<- "EOF"
# Begin /etc/modprobe.d/usb.conf
install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
# End /etc/modprobe.d/usb.conf
EOF
# Security patch for CCE-14118-4, msid: 6.6
# Disable the installation and use of file systems that are not required (squashfs)
cat > %{buildroot}/etc/modprobe.d/squashfs.conf <<- "EOF"
# Begin /etc/modprobe.d/squashfs.conf
install squashfs /bin/true
# End /etc/modprobe.d/squashfs.conf
EOF
# Security patch for msid: 1.1.21.1
# Ensure mounting of USB storage devices is disabled
cat > %{buildroot}/etc/modprobe.d/usb-storage.conf <<- "EOF"
# Begin /etc/modprobe.d/usb-storage.conf
install usb-storage /bin/true
# End /etc/modprobe.d/usb-storage.conf
EOF
# Security patch for msid: 6.1
# Disable the installation and use of file systems that are not required (cramfs)
cat > %{buildroot}/etc/modprobe.d/cramfs.conf <<- "EOF"
# Begin /etc/modprobe.d/cramfs.conf
install cramfs /bin/true
# End /etc/modprobe.d/cramfs.conf
EOF
# Security patch for msid: 6.2
# Disable the installation and use of file systems that are not required (freevxfs)
cat > %{buildroot}/etc/modprobe.d/freevxfs.conf <<- "EOF"
# Begin /etc/modprobe.d/freevxfs.conf
install freevxfs /bin/true
# End /etc/modprobe.d/freevxfs.conf
EOF
# Security patch for msid: 6.3
# Disable the installation and use of file systems that are not required (hfs)
cat > %{buildroot}/etc/modprobe.d/hfs.conf <<- "EOF"
# Begin /etc/modprobe.d/hfs.conf
install hfs /bin/true
# End /etc/modprobe.d/hfs.conf
EOF
# Security patch for msid: 6.4
# Disable the installation and use of file systems that are not required (hfsplus)
cat > %{buildroot}/etc/modprobe.d/hfsplus.conf <<- "EOF"
# Begin /etc/modprobe.d/hfsplus.conf
install hfsplus /bin/true
# End /etc/modprobe.d/hfsplus.conf
EOF
# Security patch for msid: 6.5
# Disable the installation and use of file systems that are not required (jffs2)
cat > %{buildroot}/etc/modprobe.d/jffs2.conf <<- "EOF"
# Begin /etc/modprobe.d/jffs2.conf
install jffs2 /bin/true
# End /etc/modprobe.d/jffs2.conf
EOF
# Security patch for msid: 54
# Ensure DCCP is disabled
cat > %{buildroot}/etc/modprobe.d/dccp.conf <<- "EOF"
# Begin /etc/modprobe.d/dccp.conf
install dccp /bin/true
# End /etc/modprobe.d/dccp.conf
EOF
# Security patch for msid: 55
# Ensure SCTP is disabled
cat > %{buildroot}/etc/modprobe.d/sctp.conf <<- "EOF"
# Begin /etc/modprobe.d/sctp.conf
install sctp /bin/true
# End /etc/modprobe.d/sctp.conf
EOF
# Security patch for msid: 56
# Disable support for RDS
cat > %{buildroot}/etc/modprobe.d/rds.conf <<- "EOF"
# Begin /etc/modprobe.d/rds.conf
install rds /bin/true
# End /etc/modprobe.d/rds.conf
EOF
# Security patch for msid: 57
# Ensure TIPC is disabled
cat > %{buildroot}/etc/modprobe.d/tipc.conf <<- "EOF"
# Begin /etc/modprobe.d/tipc.conf
install tipc /bin/true
# End /etc/modprobe.d/tipc.conf
EOF
#
# chapter 9.1. The End
#
# Since these following symlinks are ghosted entries, create them manually upon
# package installation.
# Use Lua to achieve this since when filesystem installs, there may not be any
# other packages installed if this is a new environment.
%post -p <lua>
posix.symlink("lib", "/usr/lib/debug/lib64")
posix.symlink("../bin", "/usr/lib/debug/usr/bin")
posix.symlink("../sbin", "/usr/lib/debug/usr/sbin")
posix.symlink("../lib", "/usr/lib/debug/usr/lib")
posix.symlink("../lib", "/usr/lib/debug/usr/lib64")
posix.symlink("../.dwz", "/usr/lib/debug/usr/.dwz")
return 0
%pretrans -p <lua>
posix.mkdir("/proc")
posix.mkdir("/sys")
posix.chmod("/proc", 0555)
posix.chmod("/sys", 0555)
-- Prior to filesystem-1.1-16, /media used to be a symlink to /run/media but this was
-- replaced with a directory. The RPM upgrade operation generally worked when the /media
-- symlink is a dangling link, which is commonly the case, however not always the case.
--
-- And when the /media symlink is indeed properly pointing to a real /run/media, RPM has a
-- known limitation where it is not possible to replace an active symlink with a directory,
-- and thus the RPM transaction fails.
--
-- To workaround this, a %pretrans scriptlet must run to test and remove the symlink
-- before RPM attempts to install the new directory.
--
-- https://docs.fedoraproject.org/en-US/packaging-guidelines/Directory_Replacement
path = "/media"
st = posix.stat(path)
if st and st.type == "link" then
os.remove(path)
end
return 0
%files
%defattr(-,root,root)
# Root filesystem
/bin
%dir /boot
%dir /dev
%dir /etc
%dir /home
/lib
%dir /opt
/media
%dir /mnt
%ghost %attr(555,root,root) /proc
%dir /root
%dir /run
/sbin
/srv
%ghost %attr(555,root,root) /sys
%dir /tmp
%dir /usr
%dir /var
# etc fileystem
%dir /etc/opt
%config(noreplace) /etc/fstab
%config(noreplace) /etc/group
%config(noreplace) /etc/hosts
%config(noreplace) /etc/inputrc
%config(noreplace) /etc/mtab
%config(noreplace) /etc/passwd
%config(noreplace) /etc/profile
%dir /etc/modprobe.d
%config(noreplace) /etc/modprobe.d/usb.conf
%dir /etc/sysconfig
%config(noreplace) /etc/sysconfig/clock
%config(noreplace) /etc/sysconfig/console
%config(noreplace) /etc/sysconfig/proxy
%dir /etc/profile.d
%config(noreplace) /etc/profile.d/proxy.sh
# media filesystem
%dir /run/media/cdrom
%dir /run/media/floppy
# run filesystem
%dir /run/lock
# usr filesystem
%dir /mnt/cdrom
%dir /mnt/hgfs
%dir /usr/bin
%dir /usr/include
%dir /usr/lib
%dir /usr/lib/debug
%dir /usr/lib/debug/bin
%dir /usr/lib/debug/lib
%dir /usr/lib/debug/sbin
%dir /usr/lib/debug/usr
%dir /usr/lib/debug/.dwz
%dir /usr/libexec
%dir /usr/local
%dir /usr/local/bin
%dir /usr/local/include
%dir /usr/local/lib
%dir /usr/local/sbin
%dir /usr/local/share
%dir /usr/local/share/color
%dir /usr/local/share/dict
%dir /usr/local/share/doc
%dir /usr/local/share/info
%dir /usr/local/share/locale
%dir /usr/local/share/man
%dir /usr/local/share/man/man1
%dir /usr/local/share/man/man2
%dir /usr/local/share/man/man3
%dir /usr/local/share/man/man4
%dir /usr/local/share/man/man5
%dir /usr/local/share/man/man6
%dir /usr/local/share/man/man7
%dir /usr/local/share/man/man8
%dir /usr/local/share/misc
%dir /usr/local/share/terminfo
%dir /usr/local/share/zoneinfo
%dir /usr/local/src
%dir /usr/sbin
%dir /usr/share
%dir /usr/share/color
%dir /usr/share/dict
%dir /usr/share/doc
%dir /usr/share/info
%dir /usr/share/locale
%dir /usr/share/man
%dir /usr/share/man/man1
%dir /usr/share/man/man2
%dir /usr/share/man/man3
%dir /usr/share/man/man4
%dir /usr/share/man/man5
%dir /usr/share/man/man6
%dir /usr/share/man/man7
%dir /usr/share/man/man8
%dir /usr/share/misc
%dir /usr/share/terminfo
%dir /usr/share/zoneinfo
%dir /usr/src
# ghosted /usr/lib/debug symlinks.
#
# Ghost them to allow others packages to create/provide files
# inside the symlinks without conflicting with this package.
%ghost /usr/lib/debug/lib64
%ghost /usr/lib/debug/usr/bin
%ghost /usr/lib/debug/usr/lib
%ghost /usr/lib/debug/usr/lib64
%ghost /usr/lib/debug/usr/sbin
%ghost /usr/lib/debug/usr/.dwz
# var filesystem
%dir /var/cache
%dir /var/lib
%dir /var/lib/color
%dir /var/lib/locate
%dir /var/lib/misc
%dir /var/local
%dir /var/log
%dir /var/mail
%dir /var/mnt
%dir /var/srv
%dir /var/opt
%dir /var/spool
%dir /var/tmp
%attr(-,root,root) /var/log/wtmp
%attr(664,root,utmp) /var/log/lastlog
%attr(600,root,root) /var/log/btmp
/var/lock
/var/run
/lib64
/usr/lib64
/usr/local/lib64
%files asc
%config(noreplace) /etc/modprobe.d/squashfs.conf
%config(noreplace) /etc/modprobe.d/usb-storage.conf
%config(noreplace) /etc/modprobe.d/cramfs.conf
%config(noreplace) /etc/modprobe.d/freevxfs.conf
%config(noreplace) /etc/modprobe.d/hfs.conf
%config(noreplace) /etc/modprobe.d/hfsplus.conf
%config(noreplace) /etc/modprobe.d/jffs2.conf
%config(noreplace) /etc/modprobe.d/dccp.conf
%config(noreplace) /etc/modprobe.d/sctp.conf
%config(noreplace) /etc/modprobe.d/rds.conf
%config(noreplace) /etc/modprobe.d/tipc.conf
%changelog
* Mon Jan 22 2024 Henry Beberman <henry.beberman@microsoft.com> - 1.1-20
- Remove /etc/host.conf due to unintended impact on the base container
* Fri Dec 08 2023 Chris Co <chrco@microsoft.com> - 1.1-19
- Add scriptlet to handle /media symlink failed upgrade issue
* Thu Dec 07 2023 Dan Streetman <ddstreet@ieee.org> - 1.1-18
- Add /etc/host.conf with multi enabled
* Thu Oct 12 2023 Chris PeBenito <chpebeni@microsoft.com> - 1.1-17
- Restore the /opt directory.
* Mon Oct 09 2023 Chris Co <chrco@microsoft.com> - 1.1-16
- Make /media a proper directory
* Thu Jun 29 2023 Tobias Brick <tobiasb@microsoft.com> - 1.1-15
- Revert: Remove setting umask from /etc/profile and add it to a separate file in /etc/profile.d
* Tue Jun 13 2023 Andy Zaugg <azaugg@linkedin.com> - 1.1-14
- Adding /usr/local/sbin as per FHS
* Thu May 18 2023 Tobias Brick <tobiasb@microsoft.com> - 1.1-13
- Remove setting umask from /etc/profile and add it to a separate file in /etc/profile.d
* Thu Sep 14 2022 Thara Gopinath <tgopinath@microsoft.com> - 1.1-12
- Add the 'systemd-coredump' and 'systemd-oom' user and group accounts.
* Mon Jul 18 2022 Minghe Ren <mingheren@microsoft.com> - 1.1-11
- Update etc/modprobe.d/ folder to include new multiple config files and improve security
- Add subpackage asc to include all the new config files
* Thu Jun 16 2022 Olivia Crain <oliviacrain@microsoft.com> - 1.1-10
- Mark /proc and /sys as %%ghost
- Create /proc and /sys as a pretransaction step
* Wed May 18 2022 Brendan Kerrigan <bkerrigan@microsoft.com> 1.1-9
- Update /etc/inputrc to enable Ctrl+LeftArrow and Ctrl+RightArrow word jumping binds.
- License Verified.
* Mon Sep 28 2020 Ruying Chen <v-ruyche@microsoft.com> 1.1-8
- Add folders and symlinks for .dwz files.
* Mon Jun 15 2020 Joe Schmitt <joschmit@microsoft.com> 1.1-7
- Use ghost directive for /usr/lib/debug/* symlinks to avoid conflicting with debuginfo packages.
* Wed May 20 2020 Emre Girgin <mrgirgin@microsoft.com> 1.1-6
- Change /boot directory permissions to 600.
* Wed May 20 2020 Joe Schmitt <joschmit@microsoft.com> 1.1-5
- Add render and kvm group by default.
* Tue Sep 03 2019 Mateusz Malisz <mamalisz@microsoft.com> 1.1-4
- Initial CBL-Mariner import from Photon (license: Apache2).
* Wed May 8 2019 Alexey Makhalov <amakhalov@vmware.com> 1.1-3
- Set 'x' as a root password placeholder
* Tue Nov 14 2017 Alexey Makhalov <amakhalov@vmware.com> 1.1-2
- Aarch64 support
* Fri Sep 15 2017 Anish Swaminathan <anishs@vmware.com> 1.1-1
- Move network file from filesystem package
* Fri Apr 21 2017 Alexey Makhalov <amakhalov@vmware.com> 1.0-13
- make /var/run symlink to /run and keep it in rpm
* Thu Apr 20 2017 Bo Gan <ganb@vmware.com> 1.0-12
- Fix /usr/local/lib64 symlink
* Wed Mar 08 2017 Vinay Kulkarni <kulkarniv@vmware.com> 1.0-11
- Create default DHCP net config in 99-dhcp-en.network instead of 10-dhcp-en.network
* Wed Aug 24 2016 Alexey Makhalov <amakhalov@vmware.com> 1.0-10
- /etc/inputrc PgUp/PgDown for history search
* Tue Jul 12 2016 Divya Thaluru <dthaluru@vmware.com> 1.0-9
- Added filesystem for debug libraries and binaries
* Fri Jul 8 2016 Divya Thaluru <dthaluru@vmware.com> 1.0-8
- Removing multiple entries of localhost in /etc/hosts file
* Fri May 27 2016 Divya Thaluru <dthaluru@vmware.com> 1.0-7
- Fixed nobody user uid and group gid
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 1.0-6
- GA - Bump release of all rpms
* Wed May 4 2016 Divya Thaluru <dthaluru@vmware.com> 1.0-5
- Removing non-existent users from /etc/group file
* Fri Apr 29 2016 Mahmoud Bassiouny <mbassiouny@vmware.com> 1.0-4
- Updating the /etc/hosts file
* Fri Apr 22 2016 Divya Thaluru <dthaluru@vmware.com> 1.0-3
- Setting default umask value to 027
* Thu Apr 21 2016 Anish Swaminathan <anishs@vmware.com> 1.0-2
- Version update for network file change
* Mon Jan 18 2016 Anish Swaminathan <anishs@vmware.com> 1.0-1
- Reset version to match with Photon version
* Wed Jan 13 2016 Mahmoud Bassiouny <mbassiouny@vmware.com> 7.5-13
- Support to set proxy configuration file - SLES proxy configuration implementation.
* Thu Jan 7 2016 Mahmoud Bassiouny <mbassiouny@vmware.com> 7.5-12
- Removing /etc/sysconfig/network file.
* Mon Nov 16 2015 Mahmoud Bassiouny <mbassiouny@vmware.com> 7.5-11
- Removing /etc/fstab mount entries.
* Mon Nov 16 2015 Sharath George <sharathg@vmware.com> 7.5-10
- Removint /opt from filesystem.
* Fri Oct 02 2015 Vinay Kulkarni <kulkarniv@vmware.com> 7.5-9
- Dump build-number and release version from macros.
* Fri Aug 14 2015 Sharath George <sharathg@vmware.com> 7.5-8
- upgrading release to TP2
* Tue Jun 30 2015 Alexey Makhalov <amakhalov@vmware.com> 7.5-7
- /etc/profile.d permission fix
* Tue Jun 23 2015 Divya Thaluru <dthaluru@vmware.com> 7.5-6
- Adding group dip
* Mon Jun 22 2015 Divya Thaluru <dthaluru@vmware.com> 7.5-5
- Fixing lsb-release file
* Tue Jun 16 2015 Alexey Makhalov <amakhalov@vmware.com> 7.5-4
- Change users group id to 100.
- Add audio group to users group.
* Mon Jun 15 2015 Sharath George <sharathg@vmware.com> 7.5-3
- Change the network match for dhcp.
* Mon May 18 2015 Touseef Liaqat <tliaqat@vmware.com> 7.5-2
- Update according to UsrMove.
* Wed Nov 5 2014 Divya Thaluru <dthaluru@vmware.com> 7.5-1
- Initial build. First version