Automatic update for crypto-policies-20240715-1.gitf8b6a29.fc41.
* Mon Jul 15 2024 Alexander Sosedkin <asosedkin@redhat.com> - 20240715-1.gitf8b6a29
- BSI: Update BSI policy for new 2024 minimum recommendations
- java: use and include jdk.disabled.namedCurves
- ec_min_size: introduce and use in java, default to 256
- java: stop specifying jdk.tls.namedGroups in javasystem
- java: drop unused javasystem backend
Please log in to add feedback.
This update was automatically created
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'failed'.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'failed'.
This failed because in several tests, the new %pre script failed, e.g. https://openqa.fedoraproject.org/tests/2732229 . I believe this is because the script calls
rm, but it does not make surermis there when it runs;rmis part of coreutils, and crypto-policies can be ordered for installation before coreutils. The script also does not ensure it always exits 0, which it should, per the package guidelines: "All scriptlets MUST exit with the zero exit status." - https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax .It looks like it's fine for the script to 'fail' if this is a fresh install - the thing it's trying to remove wouldn't exist there anyway - so you should be able to fix this just by making the script exit 0 even if the command doesn't work:
as recommended in the guidelines.
Wow, thanks for the detailed analysis and the recommendation! Definitely an oversight from my side (thought -f was enough), will follow-up with a fix...
This update has been obsoleted by crypto-policies-20240715-2.gitf8b6a29.fc41.