Added patches and tarball generation script

Arkady L. Shane 11 months ago
parent d4baa51cdd
commit 2a1d7806c8
Signed by: tigro
GPG Key ID: 1EC08A25C9DB2503

@ -0,0 +1,61 @@
From 6a449e397af96aa5629e067a3f0a3580e9399581 Mon Sep 17 00:00:00 2001
From: Alexey Berezhok <aberezhok@msvsphere-os.ru>
Date: Mon, 29 Jan 2024 12:09:29 +0300
Subject: [PATCH] Added support GOST and PAM-GOST profiles for crypto-policies
in the UI interface
---
pkg/systemd/overview-cards/cryptoPolicies.jsx | 5 +++++
po/ru.po | 20 +++++++++++++++++++
2 files changed, 25 insertions(+)
diff --git a/pkg/systemd/overview-cards/cryptoPolicies.jsx b/pkg/systemd/overview-cards/cryptoPolicies.jsx
index 0b07c6f..27cf8be 100644
--- a/pkg/systemd/overview-cards/cryptoPolicies.jsx
+++ b/pkg/systemd/overview-cards/cryptoPolicies.jsx
@@ -121,6 +121,11 @@ const CryptoPolicyDialog = ({
</Flex>),
"FIPS:OSPP": _("FIPS with further Common Criteria restrictions."),
FUTURE: _("Protects from anticipated near-term future attacks at the expense of interoperability."),
+ "DEFAULT:GOST": _("DEFAULT with GOST algorithms enabled."),
+ "DEFAULT:PAM-GOST": _("DEFAULT with GOST password hashing."),
+ "DEFAULT:GOST:PAM-GOST": _("DEFAULT with GOST and GOST password hashing."),
+ "GOST-ONLY": _("GOST algorithms allowed only."),
+ "GOST-ONLY-PAM": _("GOST algorithms allowed only with GOST pass hashing."),
};
const policies = Object.keys(cryptopolicies)
diff --git a/po/ru.po b/po/ru.po
index 41b461f..d1c4748 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -2260,6 +2260,26 @@ msgstr "Настраиваемые зоны"
msgid "DEFAULT with SHA-1 signature verification allowed."
msgstr ""
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:124
+msgid "DEFAULT with GOST algorithms enabled."
+msgstr "Профиль по умолчанию, с добавлением поддержки ГОСТ алгоритмов"
+
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:125
+msgid "DEFAULT with GOST password hashing."
+msgstr "Профиль по умолчанию, с добавленим поддержки хэшей паролей по ГОСТ 34.11-2012"
+
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:126
+msgid "DEFAULT with GOST and GOST password hashing."
+msgstr "Профиль по умолчанию, с добавленим поддержки ГОСТ и хэшей паролей по ГОСТ 34.11-2012"
+
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:127
+msgid "GOST algorithms allowed only."
+msgstr "Профиль ГОСТ с запретом всего остального"
+
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:128
+msgid "GOST algorithms allowed only with GOST pass hashing."
+msgstr "Профиль ГОСТ(+хэш паролей по ГОСТ 34.11-2012) с запретом всего остального"
+
#: pkg/networkmanager/ip-settings.jsx:223
msgid "DNS"
msgstr "DNS"
--
2.43.0

@ -0,0 +1,87 @@
From fc676ccfa2932d62c09d6e47300147ab69aec6c0 Mon Sep 17 00:00:00 2001
From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
Date: Mon, 20 Nov 2023 21:15:12 +0300
Subject: [PATCH 1/6] Adds MSVSphere branding directory
---
Makefile.am | 1 +
src/branding/msvsphere/Makefile.am | 11 +++++++++
src/branding/msvsphere/branding.css | 36 +++++++++++++++++++++++++++++
3 files changed, 48 insertions(+)
create mode 100644 src/branding/msvsphere/Makefile.am
create mode 100644 src/branding/msvsphere/branding.css
diff --git a/Makefile.am b/Makefile.am
index 7901fcc0d..5f2696062 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -174,6 +174,7 @@ include src/branding/debian/Makefile.am
include src/branding/default/Makefile.am
include src/branding/fedora/Makefile.am
include src/branding/kubernetes/Makefile.am
+include src/branding/msvsphere/Makefile.am
include src/branding/opensuse/Makefile.am
include src/branding/registry/Makefile.am
include src/branding/rhel/Makefile.am
diff --git a/src/branding/msvsphere/Makefile.am b/src/branding/msvsphere/Makefile.am
new file mode 100644
index 000000000..7425bdd0f
--- /dev/null
+++ b/src/branding/msvsphere/Makefile.am
@@ -0,0 +1,11 @@
+msvspherebrandingdir = $(datadir)/cockpit/branding/msvsphere
+
+dist_msvspherebranding_DATA = \
+ src/branding/msvsphere/branding.css \
+ $(NULL)
+
+# Opportunistically use sphere-logos ... yes they're called 'fedora'
+install-data-hook::
+ ln -sTfr $(DESTDIR)/usr/share/pixmaps/system-logo-white.png $(DESTDIR)$(msvspherebrandingdir)/logo.png
+ ln -sTfr $(DESTDIR)/usr/share/pixmaps/fedora-logo-sprite.png $(DESTDIR)$(msvspherebrandingdir)/apple-touch-icon.png
+ ln -sTfr $(DESTDIR)/etc/favicon.png $(DESTDIR)$(msvspherebrandingdir)/favicon.ico
diff --git a/src/branding/msvsphere/branding.css b/src/branding/msvsphere/branding.css
new file mode 100644
index 000000000..2b87b42bc
--- /dev/null
+++ b/src/branding/msvsphere/branding.css
@@ -0,0 +1,36 @@
+/* MSVSphere Branding */
+
+:root {
+ --ct-color-host-accent: #cc0000 !important;
+}
+
+body.login-pf {
+ background: url("bg-plain.jpg") no-repeat 50% 0;
+ background-size: cover;
+ background-color: #101010;
+}
+
+#badge {
+ width: 225px;
+ height: 80px;
+ background-image: url("logo.png");
+ background-size: contain;
+ background-repeat: no-repeat;
+}
+
+#brand {
+ font-size: 18pt;
+ text-transform: uppercase;
+}
+
+#brand:before {
+ content: "${NAME}";
+}
+
+#index-brand {
+ font-weight: bold;
+}
+
+#index-brand:before {
+ content: "${NAME}";
+}
--
2.43.0

@ -0,0 +1,46 @@
From 2e1149a465911f292a94a21d012198a009b1403f Mon Sep 17 00:00:00 2001
From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
Date: Mon, 20 Nov 2023 21:25:21 +0300
Subject: [PATCH 2/6] Show MSVSPHERE_PRETTY_NAME instead of NAME on login page
---
src/branding/msvsphere/branding.css | 4 ++--
src/ws/cockpithandlers.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/branding/msvsphere/branding.css b/src/branding/msvsphere/branding.css
index 2b87b42bc..67faf6d4b 100644
--- a/src/branding/msvsphere/branding.css
+++ b/src/branding/msvsphere/branding.css
@@ -24,7 +24,7 @@ body.login-pf {
}
#brand:before {
- content: "${NAME}";
+ content: "${MSVSPHERE_PRETTY_NAME}";
}
#index-brand {
@@ -32,5 +32,5 @@ body.login-pf {
}
#index-brand:before {
- content: "${NAME}";
+ content: "${MSVSPHERE_PRETTY_NAME}";
}
diff --git a/src/ws/cockpithandlers.c b/src/ws/cockpithandlers.c
index c866e1c15..b1b914ffa 100644
--- a/src/ws/cockpithandlers.c
+++ b/src/ws/cockpithandlers.c
@@ -287,7 +287,7 @@ build_environment (GHashTable *os_release)
* the corresponding information is not a leak.
*/
static const gchar *release_fields[] = {
- "NAME", "ID", "PRETTY_NAME", "VARIANT", "VARIANT_ID", "CPE_NAME", "ID_LIKE", "DOCUMENTATION_URL"
+ "NAME", "ID", "PRETTY_NAME", "VARIANT", "VARIANT_ID", "CPE_NAME", "ID_LIKE", "DOCUMENTATION_URL", "MSVSPHERE_PRETTY_NAME"
};
static const gchar *prefix = "\n <script>\nvar environment = ";
--
2.43.0

@ -0,0 +1,26 @@
From c1e377389f4e613e9707de8ea09bd5fc9179f8d4 Mon Sep 17 00:00:00 2001
From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
Date: Mon, 20 Nov 2023 21:46:51 +0300
Subject: [PATCH 3/6] Show MSVSPHERE_PRETTY_NAME instead of NAME for
documentation link
---
pkg/shell/topnav.jsx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkg/shell/topnav.jsx b/pkg/shell/topnav.jsx
index 1ad8c3dcb..e1a8e4c66 100644
--- a/pkg/shell/topnav.jsx
+++ b/pkg/shell/topnav.jsx
@@ -149,7 +149,7 @@ export class TopNav extends React.Component {
if (this.state.osRelease.DOCUMENTATION_URL)
docItems.push(<DropdownItem key="os-doc" href={this.state.osRelease.DOCUMENTATION_URL} target="blank" rel="noopener noreferrer" icon={<ExternalLinkAltIcon />}>
- {cockpit.format(_("$0 documentation"), this.state.osRelease.NAME)}
+ {cockpit.format(_("$0 documentation"), this.state.osRelease.MSVSPHERE_PRETTY_NAME)}
</DropdownItem>);
// global documentation for cockpit as a whole
--
2.43.0

@ -0,0 +1,28 @@
From 6beacc90bdaa4fc3af4f5ae6b627de59aa08fb55 Mon Sep 17 00:00:00 2001
From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
Date: Tue, 21 Nov 2023 00:04:04 +0300
Subject: [PATCH 4/6] Include pkg/shell module translations in other modules
This is required to fix the sudo button translation which is
located in pkg/shell/superuser.jsx but used in different places
like pkg/sosreport module.
---
pkg/lib/cockpit-po-plugin.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkg/lib/cockpit-po-plugin.js b/pkg/lib/cockpit-po-plugin.js
index a7f31ca64..c3594d0ce 100644
--- a/pkg/lib/cockpit-po-plugin.js
+++ b/pkg/lib/cockpit-po-plugin.js
@@ -70,7 +70,7 @@ function buildFile(po_file, subdir, webpack_module, webpack_compilation) {
for (const [msgid, translation] of Object.entries(context)) {
/* Only include msgids which appear in this source directory */
const references = translation.comments.reference.split(/\s/);
- if (!references.some(str => str.startsWith(`pkg/${subdir}`) || str.startsWith(config.src_directory) || str.startsWith(`pkg/lib`)))
+ if (!references.some(str => str.startsWith(`pkg/${subdir}`) || str.startsWith(config.src_directory) || str.startsWith(`pkg/lib`) || str.startsWith(`pkg/shell`)))
continue;
if (translation.comments.flag?.match(/\bfuzzy\b/))
--
2.43.0

@ -0,0 +1,56 @@
From a62c5236b9b660803c98da943f2fdbca5faaf588 Mon Sep 17 00:00:00 2001
From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
Date: Tue, 21 Nov 2023 00:36:55 +0300
Subject: [PATCH 5/6] Show MSVSPHERE_PRETTY_NAME instead of PRETTY_NAME in
overview
---
pkg/systemd/overview.jsx | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/pkg/systemd/overview.jsx b/pkg/systemd/overview.jsx
index e780a1c5d..3527b02b6 100644
--- a/pkg/systemd/overview.jsx
+++ b/pkg/systemd/overview.jsx
@@ -28,6 +28,7 @@ import { Page, PageSection, PageSectionVariants } from "@patternfly/react-core/d
import { Gallery } from "@patternfly/react-core/dist/esm/layouts/Gallery/index.js";
import { Dropdown, DropdownItem, DropdownPosition, DropdownToggle, DropdownToggleAction } from '@patternfly/react-core/dist/esm/deprecated/components/Dropdown/index.js';
+import { read_os_release } from "os-release.js";
import { superuser } from "superuser";
import { SystemInformationCard } from './overview-cards/systemInformationCard.jsx';
@@ -53,11 +54,14 @@ class OverviewPage extends React.Component {
this.state = {
actionIsOpen: false,
privileged: true,
+ osRelease: {},
};
this.hostnameMonitor = this.hostnameMonitor.bind(this);
this.onPermissionChanged = this.onPermissionChanged.bind(this);
this.superuser = cockpit.dbus(null, { bus: "internal" }).proxy("cockpit.Superuser", "/superuser");
+
+ read_os_release().then(os => this.setState({ osRelease: os || {} }));
}
componentDidMount() {
@@ -154,9 +158,12 @@ class OverviewPage extends React.Component {
<h1>
{this.hostname_text()}
</h1>
- {this.state.hostnameData &&
- this.state.hostnameData.OperatingSystemPrettyName &&
- <div className="ct-overview-header-subheading" id="system_information_os_text">{cockpit.format(_("running $0"), this.state.hostnameData.OperatingSystemPrettyName)}</div>}
+ {this.state.osRelease && this.state.osRelease.MSVSPHERE_PRETTY_NAME ? (
+ <div className="ct-overview-header-subheading" id="system_information_os_text">{cockpit.format(_("running $0"), this.state.osRelease.MSVSPHERE_PRETTY_NAME)}</div>
+ ) : (
+ this.state.hostnameData && this.state.hostnameData.OperatingSystemPrettyName &&
+ <div className="ct-overview-header-subheading" id="system_information_os_text">{cockpit.format(_("running $0"), this.state.hostnameData.OperatingSystemPrettyName)}</div>
+ )}
</div>
<div className='ct-overview-header-actions'>
{ show_superuser && <SuperuserIndicator proxy={this.superuser} /> }
--
2.43.0

@ -0,0 +1,39 @@
From a0a076d4b2b5770c35c63fff4e5ed80abd5fade9 Mon Sep 17 00:00:00 2001
From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
Date: Tue, 21 Nov 2023 00:48:25 +0300
Subject: [PATCH 6/6] Disable upstream documentation links
---
pkg/shell/topnav.jsx | 16 ----------------
1 file changed, 16 deletions(-)
diff --git a/pkg/shell/topnav.jsx b/pkg/shell/topnav.jsx
index e1a8e4c66..111563118 100644
--- a/pkg/shell/topnav.jsx
+++ b/pkg/shell/topnav.jsx
@@ -152,22 +152,6 @@ export class TopNav extends React.Component {
{cockpit.format(_("$0 documentation"), this.state.osRelease.MSVSPHERE_PRETTY_NAME)}
</DropdownItem>);
- // global documentation for cockpit as a whole
- (cockpit.manifests.shell?.docs ?? []).forEach(doc => {
- docItems.push(<DropdownItem key={doc.label} href={doc.url} target="blank" rel="noopener noreferrer" icon={<ExternalLinkAltIcon />}>
- {doc.label}
- </DropdownItem>);
- });
-
- if (docs.length > 0)
- docItems.push(<DropdownSeparator key="separator" />);
-
- docs.forEach(e => {
- docItems.push(<DropdownItem key={e.label} href={e.url} target="blank" rel="noopener noreferrer" icon={<ExternalLinkAltIcon />}>
- {_(e.label)}
- </DropdownItem>);
- });
-
docItems.push(<DropdownSeparator key="separator1" />);
docItems.push(<DropdownItem key="about" component="button"
onClick={() => Dialogs.show(<AboutCockpitModal />)}>
--
2.43.0

@ -0,0 +1,25 @@
From 65cc5eae0c57b7df4b710258718fb2c6821d23d2 Mon Sep 17 00:00:00 2001
From: tigro <tigro@msvsphere-os.ru>
Date: Mon, 5 Feb 2024 20:09:15 +0300
Subject: [PATCH] Update Russian translation
---
po/ru.po | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/po/ru.po b/po/ru.po
index 41b461f..34ab2f9 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -1684,7 +1684,7 @@ msgstr "Закрыть выделенные страницы"
#: src/ws/cockpit.appdata.xml.in:7
msgid "Cockpit"
-msgstr "Cockpit"
+msgstr "Панель управления Cockpit"
#: pkg/static/login.js:452
msgid "Cockpit authentication is configured incorrectly."
--
2.43.0

@ -0,0 +1,66 @@
From 85017b1121480af708c61115c44051594881b6fe Mon Sep 17 00:00:00 2001
From: Alexey Berezhok <aberezhok@msvsphere-os.ru>
Date: Sat, 10 Feb 2024 20:10:19 +0300
Subject: [PATCH] Added new GOST profiles to UI
---
pkg/systemd/overview-cards/cryptoPolicies.jsx | 6 ++++--
po/ru.po | 18 +++++++++++++-----
2 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/pkg/systemd/overview-cards/cryptoPolicies.jsx b/pkg/systemd/overview-cards/cryptoPolicies.jsx
index 27cf8be..a8a8f12 100644
--- a/pkg/systemd/overview-cards/cryptoPolicies.jsx
+++ b/pkg/systemd/overview-cards/cryptoPolicies.jsx
@@ -122,8 +122,10 @@ const CryptoPolicyDialog = ({
"FIPS:OSPP": _("FIPS with further Common Criteria restrictions."),
FUTURE: _("Protects from anticipated near-term future attacks at the expense of interoperability."),
"DEFAULT:GOST": _("DEFAULT with GOST algorithms enabled."),
- "DEFAULT:PAM-GOST": _("DEFAULT with GOST password hashing."),
- "DEFAULT:GOST:PAM-GOST": _("DEFAULT with GOST and GOST password hashing."),
+ "DEFAULT:PAM-GOST": _("DEFAULT with GOST password hashing based on minimal auth profile."),
+ "DEFAULT:GOST:PAM-GOST": _("DEFAULT with GOST and GOST password hashing based on minimal auth profile."),
+ "DEFAULT:GOST:SSSD-PAM-GOST": _("DEFAULT with GOST and GOST password hashing based on sssd auth profile."),
+ "DEFAULT:PATCH-PAM-GOST": _("DEFAULT with GOST password hashing based on patch for custom configs."),
"GOST-ONLY": _("GOST algorithms allowed only."),
"GOST-ONLY-PAM": _("GOST algorithms allowed only with GOST pass hashing."),
};
diff --git a/po/ru.po b/po/ru.po
index b15714e..6110d02 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -2265,18 +2265,26 @@ msgid "DEFAULT with GOST algorithms enabled."
msgstr "Профиль по умолчанию, с добавлением поддержки ГОСТ алгоритмов"
#: pkg/systemd/overview-cards/cryptoPolicies.jsx:125
-msgid "DEFAULT with GOST password hashing."
-msgstr "Профиль по умолчанию, с добавленим поддержки хэшей паролей по ГОСТ 34.11-2012"
+msgid "DEFAULT with GOST password hashing based on minimal auth profile."
+msgstr "Профиль по умолчанию, с добавлением поддержки хэшей паролей по ГОСТ 34.11-2012 на базе профиля авторизации minimal"
#: pkg/systemd/overview-cards/cryptoPolicies.jsx:126
-msgid "DEFAULT with GOST and GOST password hashing."
-msgstr "Профиль по умолчанию, с добавленим поддержки ГОСТ и хэшей паролей по ГОСТ 34.11-2012"
+msgid "DEFAULT with GOST and GOST password hashing based on minimal auth profile."
+msgstr "Профиль по умолчанию, с добавлением поддержки ГОСТ и хэшей паролей по ГОСТ 34.11-2012 на базе профиля авторизации minimal"
#: pkg/systemd/overview-cards/cryptoPolicies.jsx:127
+msgid "DEFAULT with GOST and GOST password hashing based on sssd auth profile."
+msgstr "Профиль по умолчанию, с добавлением поддержки ГОСТ и хэшей паролей по ГОСТ 34.11-2012 на базе профиля авторизации sssd"
+
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:128
+msgid "DEFAULT with GOST password hashing based on patch for custom configs."
+msgstr "Профиль по умолчанию, с добавлением хэшей паролей по ГОСТ 34.11-2012 модификацией файлов авторизации. Для пользовательских конфигураций"
+
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:129
msgid "GOST algorithms allowed only."
msgstr "Профиль ГОСТ с запретом всего остального"
-#: pkg/systemd/overview-cards/cryptoPolicies.jsx:128
+#: pkg/systemd/overview-cards/cryptoPolicies.jsx:130
msgid "GOST algorithms allowed only with GOST pass hashing."
msgstr "Профиль ГОСТ(+хэш паролей по ГОСТ 34.11-2012) с запретом всего остального"
--
2.43.0

@ -0,0 +1,27 @@
From c0f6c3e6c1a8abc1dff900669e1743f78f2543b4 Mon Sep 17 00:00:00 2001
From: tigro <tigro@msvsphere-os.ru>
Date: Sat, 10 Feb 2024 23:55:52 +0300
Subject: [PATCH] Change chpasswd to passwd to support PAM crypto algorithms
---
pkg/users/password-dialogs.js | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkg/users/password-dialogs.js b/pkg/users/password-dialogs.js
index 089abac41..5589e79f0 100644
--- a/pkg/users/password-dialogs.js
+++ b/pkg/users/password-dialogs.js
@@ -111,8 +111,8 @@ function passwd_self(old_pass, new_pass) {
export function passwd_change(user, new_pass) {
return new Promise((resolve, reject) => {
- cockpit.spawn(["chpasswd"], { superuser: "require", err: "out" })
- .input(user + ":" + new_pass)
+ cockpit.spawn(["passwd", user, "--stdin"], { superuser: "require", err: "out" })
+ .input(new_pass)
.done(function() {
resolve();
})
--
2.43.0

@ -0,0 +1,35 @@
#!/bin/sh -e
_version="$1"
echo "Clean up sources"
rm -rf cockpit
echo "Cloning cockpit.git"
git clone https://github.com/cockpit-project/cockpit.git
cd cockpit
echo -n "Checking tag ${_version}... "
if ! git tag | grep -w ${_version}; then
echo "fail"
exit 1
else
echo "ok"
fi
echo "Checkout tag ${_version}"
git checkout ${_version}
echo "Patching souurces"
git am ../000*.patch
echo "Fix version in tools/make-dist"
sed -i "s@VERSION=\"\$(git describe.*@VERSION=${_version}@" tools/make-dist
echo "Make dist"
tools/make-dist
cd ..
cp cockpit/tmp/build-dist/cockpit-${_version}.tar.xz .
sha1sum cockpit-${_version}.tar.xz
Loading…
Cancel
Save