13 changed files with 578 additions and 89 deletions
--- a/.cockpit.metadata
+++ b/.cockpit.metadata
@ -1 +1 @@
-4784445989c80518644267f01483afc962b10d03 SOURCES/cockpit-323.1.tar.xz
+c24d50c29aef687b03f60888cbfd983040c195d7  SOURCES/cockpit-311.2.tar.xz
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/cockpit-323.1.tar.xz
+SOURCES/cockpit-311.2.tar.xz
--- a/SOURCES/0001-Added-support-GOST-and-PAM-GOST-profiles-for-crypto-.patch
+++ b/SOURCES/0001-Added-support-GOST-and-PAM-GOST-profiles-for-crypto-.patch
@ -0,0 +1,71 @@
 From 383c67ef13d6a7060b3ed249804f0948e667510f Mon Sep 17 00:00:00 2001
 From: tigro <tigro@msvsphere-os.ru>
 Date: Tue, 2 Apr 2024 16:50:30 +0300
 Subject: [PATCH] Added support GOST and PAM-GOST profiles for crypto-policies
 in the UI interface
 ---
 pkg/systemd/overview-cards/cryptoPolicies.jsx |  7 +++++
 po/ru.po                                      | 28 +++++++++++++++++++
 2 files changed, 35 insertions(+)
 diff --git a/pkg/systemd/overview-cards/cryptoPolicies.jsx b/pkg/systemd/overview-cards/cryptoPolicies.jsx
 index 4da83868b..acbfaef3f 100644
 --- a/pkg/systemd/overview-cards/cryptoPolicies.jsx
 +++ b/pkg/systemd/overview-cards/cryptoPolicies.jsx
@@ -121,6 +121,13 @@ const CryptoPolicyDialog = ({
         </Flex>),
         "FIPS:OSPP": _("FIPS with further Common Criteria restrictions."),
         FUTURE: _("Protects from anticipated near-term future attacks at the expense of interoperability."),
 +        "DEFAULT:GOST": _("DEFAULT with GOST algorithms enabled."),
 +        "DEFAULT:PAM-GOST": _("DEFAULT with GOST password hashing based on minimal auth profile."),
 +        "DEFAULT:GOST:PAM-GOST": _("DEFAULT with GOST and GOST password hashing based on minimal auth profile."),
 +        "DEFAULT:GOST:SSSD-PAM-GOST": _("DEFAULT with GOST and GOST password hashing based on sssd auth profile."),
 +        "DEFAULT:PATCH-PAM-GOST": _("DEFAULT with GOST password hashing based on patch for custom configs."),
 +        "GOST-ONLY": _("GOST algorithms allowed only."),
 +        "GOST-ONLY-PAM": _("GOST algorithms allowed only with GOST pass hashing."),
     };
     const policies = Object.keys(cryptopolicies)
 diff --git a/po/ru.po b/po/ru.po
 index df7e755b5..2ceb4d063 100644
 --- a/po/ru.po
 +++ b/po/ru.po
@@ -2438,6 +2438,34 @@ msgstr "Настраиваемые зоны"
 msgid "DEFAULT with SHA-1 signature verification allowed."
 msgstr ""
 +#: pkg/systemd/overview-cards/cryptoPolicies.jsx:124
 +msgid "DEFAULT with GOST algorithms enabled."
 +msgstr "Профиль по умолчанию, с добавлением поддержки ГОСТ алгоритмов"
 +
 +#: pkg/systemd/overview-cards/cryptoPolicies.jsx:125
 +msgid "DEFAULT with GOST password hashing based on minimal auth profile."
 +msgstr "Профиль по умолчанию, с добавлением поддержки хэшей паролей по ГОСТ 34.11-2012 на базе профиля авторизации minimal"
 +
 +#: pkg/systemd/overview-cards/cryptoPolicies.jsx:126
 +msgid "DEFAULT with GOST and GOST password hashing based on minimal auth profile."
 +msgstr "Профиль по умолчанию, с добавлением поддержки ГОСТ и хэшей паролей по ГОСТ 34.11-2012 на базе профиля авторизации minimal"
 +
 +#: pkg/systemd/overview-cards/cryptoPolicies.jsx:127
 +msgid "DEFAULT with GOST and GOST password hashing based on sssd auth profile."
 +msgstr "Профиль по умолчанию, с добавлением поддержки ГОСТ и хэшей паролей по ГОСТ 34.11-2012 на базе профиля авторизации sssd"
 +
 +#: pkg/systemd/overview-cards/cryptoPolicies.jsx:128
 +msgid "DEFAULT with GOST password hashing based on patch for custom configs."
 +msgstr "Профиль по умолчанию, с добавлением хэшей паролей по ГОСТ 34.11-2012 модификацией файлов авторизации. Для пользовательских конфигураций"
 +
 +#: pkg/systemd/overview-cards/cryptoPolicies.jsx:129
 +msgid "GOST algorithms allowed only."
 +msgstr "Профиль ГОСТ с запретом всего остального"
 +
 +#: pkg/systemd/overview-cards/cryptoPolicies.jsx:130
 +msgid "GOST algorithms allowed only with GOST pass hashing."
 +msgstr "Профиль ГОСТ(+хэш паролей по ГОСТ 34.11-2012) с запретом всего остального"
 +
 #: pkg/networkmanager/ip-settings.jsx:237
 msgid "DNS"
 msgstr "DNS"
 -- 
 2.44.0
--- a/SOURCES/0001-Adds-MSVSphere-branding-directory.patch
+++ b/SOURCES/0001-Adds-MSVSphere-branding-directory.patch
@ -0,0 +1,87 @@
 From fc676ccfa2932d62c09d6e47300147ab69aec6c0 Mon Sep 17 00:00:00 2001
 From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
 Date: Mon, 20 Nov 2023 21:15:12 +0300
 Subject: [PATCH 1/6] Adds MSVSphere branding directory
 ---
 Makefile.am                         |  1 +
 src/branding/msvsphere/Makefile.am  | 11 +++++++++
 src/branding/msvsphere/branding.css | 36 +++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 src/branding/msvsphere/Makefile.am
 create mode 100644 src/branding/msvsphere/branding.css
 diff --git a/Makefile.am b/Makefile.am
 index 7901fcc0d..5f2696062 100644
 --- a/Makefile.am
 +++ b/Makefile.am
@@ -174,6 +174,7 @@ include src/branding/debian/Makefile.am
 include src/branding/default/Makefile.am
 include src/branding/fedora/Makefile.am
 include src/branding/kubernetes/Makefile.am
 +include src/branding/msvsphere/Makefile.am
 include src/branding/opensuse/Makefile.am
 include src/branding/registry/Makefile.am
 include src/branding/rhel/Makefile.am
 diff --git a/src/branding/msvsphere/Makefile.am b/src/branding/msvsphere/Makefile.am
 new file mode 100644
 index 000000000..7425bdd0f
 --- /dev/null
 +++ b/src/branding/msvsphere/Makefile.am
@@ -0,0 +1,11 @@
 +msvspherebrandingdir = $(datadir)/cockpit/branding/msvsphere
 +
 +dist_msvspherebranding_DATA = \
 +	src/branding/msvsphere/branding.css \
 +	$(NULL)
 +
 +# Opportunistically use sphere-logos ... yes they're called 'fedora'
 +install-data-hook::
 +	ln -sTfr $(DESTDIR)/usr/share/pixmaps/system-logo-white.png $(DESTDIR)$(msvspherebrandingdir)/logo.png
 +	ln -sTfr $(DESTDIR)/usr/share/pixmaps/fedora-logo-sprite.png $(DESTDIR)$(msvspherebrandingdir)/apple-touch-icon.png
 +	ln -sTfr $(DESTDIR)/etc/favicon.png $(DESTDIR)$(msvspherebrandingdir)/favicon.ico
 diff --git a/src/branding/msvsphere/branding.css b/src/branding/msvsphere/branding.css
 new file mode 100644
 index 000000000..2b87b42bc
 --- /dev/null
 +++ b/src/branding/msvsphere/branding.css
@@ -0,0 +1,36 @@
 +/* MSVSphere Branding */
 +
 +:root {
 +    --ct-color-host-accent: #cc0000 !important;
 +}
 +
 +body.login-pf {
 +    background: url("bg-plain.jpg") no-repeat 50% 0;
 +    background-size: cover;
 +    background-color: #101010;
 +}
 +
 +#badge {
 +    width: 225px;
 +    height: 80px;
 +    background-image: url("logo.png");
 +    background-size: contain;
 +    background-repeat: no-repeat;
 +}
 +
 +#brand {
 +    font-size: 18pt;
 +    text-transform: uppercase;
 +}
 +
 +#brand:before {
 +    content: "${NAME}";
 +}
 +
 +#index-brand {
 +    font-weight: bold;
 +}
 +
 +#index-brand:before {
 +    content: "${NAME}";
 +}
 -- 
 2.43.0
--- a/SOURCES/0002-Show-MSVSPHERE_PRETTY_NAME-instead-of-NAME-on-login-.patch
+++ b/SOURCES/0002-Show-MSVSPHERE_PRETTY_NAME-instead-of-NAME-on-login-.patch
@ -0,0 +1,46 @@
 From 2e1149a465911f292a94a21d012198a009b1403f Mon Sep 17 00:00:00 2001
 From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
 Date: Mon, 20 Nov 2023 21:25:21 +0300
 Subject: [PATCH 2/6] Show MSVSPHERE_PRETTY_NAME instead of NAME on login page
 ---
 src/branding/msvsphere/branding.css | 4 ++--
 src/ws/cockpithandlers.c            | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)
 diff --git a/src/branding/msvsphere/branding.css b/src/branding/msvsphere/branding.css
 index 2b87b42bc..67faf6d4b 100644
 --- a/src/branding/msvsphere/branding.css
 +++ b/src/branding/msvsphere/branding.css
@@ -24,7 +24,7 @@ body.login-pf {
 }
 #brand:before {
 -    content: "${NAME}";
 +    content: "${MSVSPHERE_PRETTY_NAME}";
 }
 #index-brand {
@@ -32,5 +32,5 @@ body.login-pf {
 }
 #index-brand:before {
 -    content: "${NAME}";
 +    content: "${MSVSPHERE_PRETTY_NAME}";
 }
 diff --git a/src/ws/cockpithandlers.c b/src/ws/cockpithandlers.c
 index c866e1c15..b1b914ffa 100644
 --- a/src/ws/cockpithandlers.c
 +++ b/src/ws/cockpithandlers.c
@@ -287,7 +287,7 @@ build_environment (GHashTable *os_release)
    * the corresponding information is not a leak.
    */
   static const gchar *release_fields[] = {
 -    "NAME", "ID", "PRETTY_NAME", "VARIANT", "VARIANT_ID", "CPE_NAME", "ID_LIKE", "DOCUMENTATION_URL"
 +    "NAME", "ID", "PRETTY_NAME", "VARIANT", "VARIANT_ID", "CPE_NAME", "ID_LIKE", "DOCUMENTATION_URL", "MSVSPHERE_PRETTY_NAME"
   };
   static const gchar *prefix = "\n    <script>\nvar environment = ";
 -- 
 2.43.0
--- a/SOURCES/0003-Show-MSVSPHERE_PRETTY_NAME-instead-of-NAME-for-docum.patch
+++ b/SOURCES/0003-Show-MSVSPHERE_PRETTY_NAME-instead-of-NAME-for-docum.patch
@ -0,0 +1,26 @@
 From c1e377389f4e613e9707de8ea09bd5fc9179f8d4 Mon Sep 17 00:00:00 2001
 From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
 Date: Mon, 20 Nov 2023 21:46:51 +0300
 Subject: [PATCH 3/6] Show MSVSPHERE_PRETTY_NAME instead of NAME for
 documentation link
 ---
 pkg/shell/topnav.jsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/pkg/shell/topnav.jsx b/pkg/shell/topnav.jsx
 index 1ad8c3dcb..e1a8e4c66 100644
 --- a/pkg/shell/topnav.jsx
 +++ b/pkg/shell/topnav.jsx
@@ -149,7 +149,7 @@ export class TopNav extends React.Component {
         if (this.state.osRelease.DOCUMENTATION_URL)
             docItems.push(<DropdownItem key="os-doc" href={this.state.osRelease.DOCUMENTATION_URL} target="blank" rel="noopener noreferrer" icon={<ExternalLinkAltIcon />}>
 -                {cockpit.format(_("$0 documentation"), this.state.osRelease.NAME)}
 +                {cockpit.format(_("$0 documentation"), this.state.osRelease.MSVSPHERE_PRETTY_NAME)}
             </DropdownItem>);
         // global documentation for cockpit as a whole
 -- 
 2.43.0
--- a/SOURCES/0004-Include-pkg-shell-module-translations-in-other-modul.patch
+++ b/SOURCES/0004-Include-pkg-shell-module-translations-in-other-modul.patch
@ -0,0 +1,28 @@
 From 6beacc90bdaa4fc3af4f5ae6b627de59aa08fb55 Mon Sep 17 00:00:00 2001
 From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
 Date: Tue, 21 Nov 2023 00:04:04 +0300
 Subject: [PATCH 4/6] Include pkg/shell module translations in other modules
 This is required to fix the sudo button translation which is
 located in pkg/shell/superuser.jsx but used in different places
 like pkg/sosreport module.
 ---
 pkg/lib/cockpit-po-plugin.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/pkg/lib/cockpit-po-plugin.js b/pkg/lib/cockpit-po-plugin.js
 index a7f31ca64..c3594d0ce 100644
 --- a/pkg/lib/cockpit-po-plugin.js
 +++ b/pkg/lib/cockpit-po-plugin.js
@@ -70,7 +70,7 @@ function buildFile(po_file, subdir, webpack_module, webpack_compilation) {
             for (const [msgid, translation] of Object.entries(context)) {
                 /* Only include msgids which appear in this source directory */
                 const references = translation.comments.reference.split(/\s/);
 -                if (!references.some(str => str.startsWith(`pkg/${subdir}`) || str.startsWith(config.src_directory) || str.startsWith(`pkg/lib`)))
 +                if (!references.some(str => str.startsWith(`pkg/${subdir}`) || str.startsWith(config.src_directory) || str.startsWith(`pkg/lib`) || str.startsWith(`pkg/shell`)))
                     continue;
                 if (translation.comments.flag?.match(/\bfuzzy\b/))
 -- 
 2.43.0
--- a/SOURCES/0005-Show-MSVSPHERE_PRETTY_NAME-instead-of-PRETTY_NAME-in.patch
+++ b/SOURCES/0005-Show-MSVSPHERE_PRETTY_NAME-instead-of-PRETTY_NAME-in.patch
@ -0,0 +1,56 @@
 From a62c5236b9b660803c98da943f2fdbca5faaf588 Mon Sep 17 00:00:00 2001
 From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
 Date: Tue, 21 Nov 2023 00:36:55 +0300
 Subject: [PATCH 5/6] Show MSVSPHERE_PRETTY_NAME instead of PRETTY_NAME in
 overview
 ---
 pkg/systemd/overview.jsx | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)
 diff --git a/pkg/systemd/overview.jsx b/pkg/systemd/overview.jsx
 index e780a1c5d..3527b02b6 100644
 --- a/pkg/systemd/overview.jsx
 +++ b/pkg/systemd/overview.jsx
@@ -28,6 +28,7 @@ import { Page, PageSection, PageSectionVariants } from "@patternfly/react-core/d
 import { Gallery } from "@patternfly/react-core/dist/esm/layouts/Gallery/index.js";
 import { Dropdown, DropdownItem, DropdownPosition, DropdownToggle, DropdownToggleAction } from '@patternfly/react-core/dist/esm/deprecated/components/Dropdown/index.js';
 +import { read_os_release } from "os-release.js";
 import { superuser } from "superuser";
 import { SystemInformationCard } from './overview-cards/systemInformationCard.jsx';
@@ -53,11 +54,14 @@ class OverviewPage extends React.Component {
         this.state = {
             actionIsOpen: false,
             privileged: true,
 +            osRelease: {},
         };
         this.hostnameMonitor = this.hostnameMonitor.bind(this);
         this.onPermissionChanged = this.onPermissionChanged.bind(this);
         this.superuser = cockpit.dbus(null, { bus: "internal" }).proxy("cockpit.Superuser", "/superuser");
 +
 +        read_os_release().then(os => this.setState({ osRelease: os || {} }));
     }
     componentDidMount() {
@@ -154,9 +158,12 @@ class OverviewPage extends React.Component {
                         <h1>
                             {this.hostname_text()}
                         </h1>
 -                        {this.state.hostnameData &&
 -                         this.state.hostnameData.OperatingSystemPrettyName &&
 -                         <div className="ct-overview-header-subheading" id="system_information_os_text">{cockpit.format(_("running $0"), this.state.hostnameData.OperatingSystemPrettyName)}</div>}
 +                        {this.state.osRelease && this.state.osRelease.MSVSPHERE_PRETTY_NAME ? (
 +                            <div className="ct-overview-header-subheading" id="system_information_os_text">{cockpit.format(_("running $0"), this.state.osRelease.MSVSPHERE_PRETTY_NAME)}</div>
 +                        ) : (
 +                         this.state.hostnameData && this.state.hostnameData.OperatingSystemPrettyName &&
 +                            <div className="ct-overview-header-subheading" id="system_information_os_text">{cockpit.format(_("running $0"), this.state.hostnameData.OperatingSystemPrettyName)}</div>
 +                        )}
                     </div>
                     <div className='ct-overview-header-actions'>
                         { show_superuser && <SuperuserIndicator proxy={this.superuser} /> }
 -- 
 2.43.0
--- a/SOURCES/0006-Disable-upstream-documentation-links.patch
+++ b/SOURCES/0006-Disable-upstream-documentation-links.patch
@ -0,0 +1,39 @@
 From a0a076d4b2b5770c35c63fff4e5ed80abd5fade9 Mon Sep 17 00:00:00 2001
 From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
 Date: Tue, 21 Nov 2023 00:48:25 +0300
 Subject: [PATCH 6/6] Disable upstream documentation links
 ---
 pkg/shell/topnav.jsx | 16 ----------------
 1 file changed, 16 deletions(-)
 diff --git a/pkg/shell/topnav.jsx b/pkg/shell/topnav.jsx
 index e1a8e4c66..111563118 100644
 --- a/pkg/shell/topnav.jsx
 +++ b/pkg/shell/topnav.jsx
@@ -152,22 +152,6 @@ export class TopNav extends React.Component {
                 {cockpit.format(_("$0 documentation"), this.state.osRelease.MSVSPHERE_PRETTY_NAME)}
             </DropdownItem>);
 -        // global documentation for cockpit as a whole
 -        (cockpit.manifests.shell?.docs ?? []).forEach(doc => {
 -            docItems.push(<DropdownItem key={doc.label} href={doc.url} target="blank" rel="noopener noreferrer" icon={<ExternalLinkAltIcon />}>
 -                {doc.label}
 -            </DropdownItem>);
 -        });
 -
 -        if (docs.length > 0)
 -            docItems.push(<DropdownSeparator key="separator" />);
 -
 -        docs.forEach(e => {
 -            docItems.push(<DropdownItem key={e.label} href={e.url} target="blank" rel="noopener noreferrer" icon={<ExternalLinkAltIcon />}>
 -                {_(e.label)}
 -            </DropdownItem>);
 -        });
 -
         docItems.push(<DropdownSeparator key="separator1" />);
         docItems.push(<DropdownItem key="about" component="button"
                                     onClick={() => Dialogs.show(<AboutCockpitModal />)}>
 -- 
 2.43.0
--- a/SOURCES/0007-Update-Russian-translation.patch
+++ b/SOURCES/0007-Update-Russian-translation.patch
@ -0,0 +1,25 @@
 From 65cc5eae0c57b7df4b710258718fb2c6821d23d2 Mon Sep 17 00:00:00 2001
 From: tigro <tigro@msvsphere-os.ru>
 Date: Mon, 5 Feb 2024 20:09:15 +0300
 Subject: [PATCH] Update Russian translation
 ---
 po/ru.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/po/ru.po b/po/ru.po
 index 41b461f..34ab2f9 100644
 --- a/po/ru.po
 +++ b/po/ru.po
@@ -1684,7 +1684,7 @@ msgstr "Закрыть выделенные страницы"
 #: src/ws/cockpit.appdata.xml.in:7
 msgid "Cockpit"
 -msgstr "Cockpit"
 +msgstr "Панель управления Cockpit"
 #: pkg/static/login.js:452
 msgid "Cockpit authentication is configured incorrectly."
 -- 
 2.43.0
--- a/SOURCES/0009-Change-chpasswd-to-passwd-to-support-PAM-crypto-algo.patch
+++ b/SOURCES/0009-Change-chpasswd-to-passwd-to-support-PAM-crypto-algo.patch
@ -0,0 +1,27 @@
 From c0f6c3e6c1a8abc1dff900669e1743f78f2543b4 Mon Sep 17 00:00:00 2001
 From: tigro <tigro@msvsphere-os.ru>
 Date: Sat, 10 Feb 2024 23:55:52 +0300
 Subject: [PATCH] Change chpasswd to passwd to support PAM crypto algorithms
 ---
 pkg/users/password-dialogs.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/pkg/users/password-dialogs.js b/pkg/users/password-dialogs.js
 index 089abac41..5589e79f0 100644
 --- a/pkg/users/password-dialogs.js
 +++ b/pkg/users/password-dialogs.js
@@ -111,8 +111,8 @@ function passwd_self(old_pass, new_pass) {
 export function passwd_change(user, new_pass) {
     return new Promise((resolve, reject) => {
 -        cockpit.spawn(["chpasswd"], { superuser: "require", err: "out" })
 -                .input(user + ":" + new_pass)
 +        cockpit.spawn(["passwd", user, "--stdin"], { superuser: "require", err: "out" })
 +                .input(new_pass)
                 .done(function() {
                     resolve();
                 })
 -- 
 2.43.0
--- a/SOURCES/cockpit-inferit-patch.sh
+++ b/SOURCES/cockpit-inferit-patch.sh
@ -0,0 +1,35 @@
 #!/bin/sh -e
 _version="$1"
 echo "Clean up sources"
 rm -rf cockpit
 echo "Cloning cockpit.git"
 git clone https://github.com/cockpit-project/cockpit.git
 cd cockpit
 echo -n "Checking tag ${_version}... "
 if ! git tag | grep -w ${_version}; then
    echo "fail"
    exit 1
 else
    echo "ok"
 fi
 echo "Checkout tag ${_version}"
 git checkout ${_version}
 echo "Patching souurces"
 git am ../000*.patch
 echo "Fix version in tools/make-dist"
 sed -i "s@VERSION=\"\$(git describe.*@VERSION=${_version}@" tools/make-dist
 echo "Make dist"
 tools/make-dist
 cd ..
 cp cockpit/tmp/build-dist/cockpit-${_version}.tar.xz .
 sha1sum cockpit-${_version}.tar.xz
--- a/SPECS/cockpit.spec
+++ b/SPECS/cockpit.spec
@ -12,7 +12,7 @@
 # Lesser General Public License for more details.
 #
 # You should have received a copy of the GNU Lesser General Public License
-# along with Cockpit; If not, see <https://www.gnu.org/licenses/>.
+# along with Cockpit; If not, see <http://www.gnu.org/licenses/>.
 #
 # This file is maintained at the following location:
@ -49,27 +49,33 @@ Summary:        Web Console for Linux servers
 License:        LGPL-2.1-or-later
 URL:            https://cockpit-project.org/
-Version:        323.1
+Version:        311.2
-Release:        1%{?dist}
+Release:        1%{?dist}.inferit
-Source0:        https://github.com/cockpit-project/cockpit/releases/download/%{version}/cockpit-%{version}.tar.xz
+# We need to patch official source (000* patches in SOURCE) and
-
+# repack tarball to recompile javascript.
-%if 0%{?fedora} >= 41 || 0%{?rhel}
+# Use script cockpit-inferit-patch.sh <version> to create
-ExcludeArch: %{ix86}
+# tarball
-%endif
+Source0:        cockpit-%{version}.tar.xz
-
+Source1:	cockpit-inferit-patch.sh
-# pcp stopped building on ix86 in Fedora 40+, and broke hard on 39: https://bugzilla.redhat.com/show_bug.cgi?id=2284431
+# Do not apply these patches
 Patch0:		0001-Adds-MSVSphere-branding-directory.patch
 Patch1:		0002-Show-MSVSPHERE_PRETTY_NAME-instead-of-NAME-on-login-.patch
 Patch2:		0003-Show-MSVSPHERE_PRETTY_NAME-instead-of-NAME-for-docum.patch
 Patch3:		0004-Include-pkg-shell-module-translations-in-other-modul.patch
 Patch4:		0005-Show-MSVSPHERE_PRETTY_NAME-instead-of-PRETTY_NAME-in.patch
 Patch5:		0006-Disable-upstream-documentation-links.patch
 Patch6:		0001-Added-support-GOST-and-PAM-GOST-profiles-for-crypto-.patch
 Patch7:     0007-Update-Russian-translation.patch
 Patch9:     0009-Change-chpasswd-to-passwd-to-support-PAM-crypto-algo.patch
 # pcp stopped building on ix86
 %define build_pcp 1
-%if 0%{?fedora} >= 39 || 0%{?rhel} >= 10
+%if 0%{?fedora} >= 40 || 0%{?rhel} >= 10
 %ifarch %ix86
 %define build_pcp 0
 %endif
 %endif
 %define enable_multihost 1
 %if 0%{?fedora} >= 41 || 0%{?rhel} >= 10
 %define enable_multihost 0
 %endif
 # Ship custom SELinux policy
 %define selinuxtype targeted
 %define selinux_configure_arg --enable-selinux-policy=%{selinuxtype}
@ -147,7 +153,7 @@ Requires: subscription-manager-cockpit
 BuildRequires:  python3-devel
 BuildRequires:  python3-pip
-%if 0%{?rhel} == 0 && !0%{?suse_version}
+%if 0%{?rhel} == 0
 # All of these are only required for running pytest (which we only do on Fedora)
 BuildRequires:  procps-ng
 BuildRequires:  pyproject-rpm-macros
@ -163,6 +169,8 @@ BuildRequires:  python3-tox-current-env
 %build
 %configure \
    %{?selinux_configure_arg} \
    --with-cockpit-user=cockpit-ws \
    --with-cockpit-ws-instance-user=cockpit-wsinstance \
 %if 0%{?suse_version}
    --docdir=%_defaultdocdir/%{name} \
 %endif
@ -170,9 +178,6 @@ BuildRequires:  python3-tox-current-env
 %if %{build_pcp} == 0
    --disable-pcp \
 %endif
 %if %{enable_multihost}
    --enable-multihost \
 %endif
 %make_build
@ -340,11 +345,11 @@ Provides: cockpit-users = %{version}-%{release}
 Obsoletes: cockpit-dashboard < %{version}-%{release}
 %if 0%{?rhel}
 Requires: NetworkManager >= 1.6
 Requires: kexec-tools
 Requires: sos
 Requires: sudo
 Recommends: PackageKit
 Recommends: setroubleshoot-server >= 3.3.3
 Recommends: /usr/bin/kdumpctl
 Suggests: NetworkManager-team
 Provides: cockpit-kdump = %{version}-%{release}
 Provides: cockpit-networkmanager = %{version}-%{release}
@ -355,20 +360,55 @@ Provides: cockpit-sosreport = %{version}-%{release}
 Recommends: (reportd if abrt)
 %endif
-Provides: bundled(npm(@patternfly/patternfly)) = 5.3.1
+Provides: bundled(npm(@patternfly/patternfly)) = 5.1.0
-Provides: bundled(npm(@patternfly/react-core)) = 5.3.4
+Provides: bundled(npm(@patternfly/react-core)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-icons)) = 5.3.2
+Provides: bundled(npm(@patternfly/react-icons)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-styles)) = 5.3.1
+Provides: bundled(npm(@patternfly/react-styles)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-table)) = 5.3.4
+Provides: bundled(npm(@patternfly/react-table)) = 5.1.2
-Provides: bundled(npm(@patternfly/react-tokens)) = 5.3.1
+Provides: bundled(npm(@patternfly/react-tokens)) = 5.1.2
 Provides: bundled(npm(@xterm/addon-canvas)) = 0.7.0
 Provides: bundled(npm(@xterm/xterm)) = 5.5.0
 Provides: bundled(npm(argparse)) = 1.0.10
 Provides: bundled(npm(array-buffer-byte-length)) = 1.0.1
 Provides: bundled(npm(attr-accept)) = 2.2.2
 Provides: bundled(npm(autolinker)) = 3.16.2
-Provides: bundled(npm(dequal)) = 2.0.3
+Provides: bundled(npm(available-typed-arrays)) = 1.0.6
 Provides: bundled(npm(call-bind)) = 1.0.7
 Provides: bundled(npm(date-fns)) = 3.3.1
 Provides: bundled(npm(deep-equal)) = 2.2.3
 Provides: bundled(npm(define-data-property)) = 1.1.4
 Provides: bundled(npm(define-properties)) = 1.2.1
 Provides: bundled(npm(es-define-property)) = 1.0.0
 Provides: bundled(npm(es-errors)) = 1.3.0
 Provides: bundled(npm(es-get-iterator)) = 1.1.3
 Provides: bundled(npm(file-selector)) = 0.6.0
 Provides: bundled(npm(focus-trap)) = 7.5.2
 Provides: bundled(npm(for-each)) = 0.3.3
 Provides: bundled(npm(function-bind)) = 1.1.2
 Provides: bundled(npm(functions-have-names)) = 1.2.3
 Provides: bundled(npm(get-intrinsic)) = 1.2.4
 Provides: bundled(npm(gopd)) = 1.0.1
 Provides: bundled(npm(has-bigints)) = 1.0.2
 Provides: bundled(npm(has-property-descriptors)) = 1.0.2
 Provides: bundled(npm(has-proto)) = 1.0.1
 Provides: bundled(npm(has-symbols)) = 1.0.3
 Provides: bundled(npm(has-tostringtag)) = 1.0.2
 Provides: bundled(npm(hasown)) = 2.0.1
 Provides: bundled(npm(internal-slot)) = 1.0.7
 Provides: bundled(npm(is-arguments)) = 1.1.1
 Provides: bundled(npm(is-array-buffer)) = 3.0.4
 Provides: bundled(npm(is-bigint)) = 1.0.4
 Provides: bundled(npm(is-boolean-object)) = 1.1.2
 Provides: bundled(npm(is-callable)) = 1.2.7
 Provides: bundled(npm(is-date-object)) = 1.0.5
 Provides: bundled(npm(is-map)) = 2.0.2
 Provides: bundled(npm(is-number-object)) = 1.0.7
 Provides: bundled(npm(is-regex)) = 1.1.4
 Provides: bundled(npm(is-set)) = 2.0.2
 Provides: bundled(npm(is-shared-array-buffer)) = 1.0.2
 Provides: bundled(npm(is-string)) = 1.0.7
 Provides: bundled(npm(is-symbol)) = 1.0.4
 Provides: bundled(npm(is-weakmap)) = 2.0.1
 Provides: bundled(npm(is-weakset)) = 2.0.2
 Provides: bundled(npm(isarray)) = 2.0.5
 Provides: bundled(npm(js-sha1)) = 0.7.0
 Provides: bundled(npm(js-sha256)) = 0.11.0
 Provides: bundled(npm(js-tokens)) = 4.0.0
@ -376,18 +416,32 @@ Provides: bundled(npm(json-stable-stringify-without-jsonify)) = 1.0.1
 Provides: bundled(npm(lodash)) = 4.17.21
 Provides: bundled(npm(loose-envify)) = 1.4.0
 Provides: bundled(npm(object-assign)) = 4.1.1
 Provides: bundled(npm(object-inspect)) = 1.13.1
 Provides: bundled(npm(object-is)) = 1.1.5
 Provides: bundled(npm(object-keys)) = 1.1.1
 Provides: bundled(npm(object.assign)) = 4.1.5
 Provides: bundled(npm(prop-types)) = 15.8.1
-Provides: bundled(npm(react-dom)) = 18.3.1
+Provides: bundled(npm(react-dom)) = 18.2.0
 Provides: bundled(npm(react-dropzone)) = 14.2.3
 Provides: bundled(npm(react-is)) = 16.13.1
-Provides: bundled(npm(react)) = 18.3.1
+Provides: bundled(npm(react)) = 18.2.0
 Provides: bundled(npm(regexp.prototype.flags)) = 1.5.2
 Provides: bundled(npm(remarkable)) = 2.0.1
-Provides: bundled(npm(scheduler)) = 0.23.2
+Provides: bundled(npm(scheduler)) = 0.23.0
 Provides: bundled(npm(set-function-length)) = 1.2.1
 Provides: bundled(npm(set-function-name)) = 2.0.1
 Provides: bundled(npm(side-channel)) = 1.0.5
 Provides: bundled(npm(sprintf-js)) = 1.0.3
 Provides: bundled(npm(stop-iteration-iterator)) = 1.0.0
 Provides: bundled(npm(tabbable)) = 6.2.0
-Provides: bundled(npm(throttle-debounce)) = 5.0.2
+Provides: bundled(npm(throttle-debounce)) = 5.0.0
-Provides: bundled(npm(tslib)) = 2.6.3
+Provides: bundled(npm(tslib)) = 2.6.2
-Provides: bundled(npm(uuid)) = 10.0.0
+Provides: bundled(npm(uuid)) = 9.0.1
 Provides: bundled(npm(which-boxed-primitive)) = 1.0.2
 Provides: bundled(npm(which-collection)) = 1.0.1
 Provides: bundled(npm(which-typed-array)) = 1.1.14
 Provides: bundled(npm(xterm-addon-canvas)) = 0.5.0
 Provides: bundled(npm(xterm)) = 5.3.0
 %description system
 This package contains the Cockpit shell and system configuration interfaces.
@ -437,7 +491,6 @@ authentication via sssd/FreeIPA.
 %{_unitdir}/cockpit.service
 %{_unitdir}/cockpit-motd.service
 %{_unitdir}/cockpit.socket
 %{_unitdir}/cockpit-ws-user.service
 %{_unitdir}/cockpit-wsinstance-http.socket
 %{_unitdir}/cockpit-wsinstance-http.service
 %{_unitdir}/cockpit-wsinstance-https-factory.socket
@ -445,8 +498,7 @@ authentication via sssd/FreeIPA.
 %{_unitdir}/cockpit-wsinstance-https@.socket
 %{_unitdir}/cockpit-wsinstance-https@.service
 %{_unitdir}/system-cockpithttps.slice
-%{_prefix}/%{__lib}/tmpfiles.d/cockpit-ws.conf
+%{_prefix}/%{__lib}/tmpfiles.d/cockpit-tempfiles.conf
 %{_sysusersdir}/cockpit-wsinstance.conf
 %{pamdir}/pam_ssh_add.so
 %{pamdir}/pam_cockpit_cert.so
 %{_libexecdir}/cockpit-ws
@ -465,8 +517,8 @@ authentication via sssd/FreeIPA.
 %ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}
 %pre ws
-# HACK: old RPM and even Fedora's current RPM don't properly support sysusers
+getent group cockpit-ws >/dev/null || groupadd -r cockpit-ws
-# https://github.com/rpm-software-management/rpm/issues/3073
+getent passwd cockpit-ws >/dev/null || useradd -r -g cockpit-ws -d /nonexisting -s /sbin/nologin -c "User for cockpit web service" cockpit-ws
 getent group cockpit-wsinstance >/dev/null || groupadd -r cockpit-wsinstance
 getent passwd cockpit-wsinstance >/dev/null || useradd -r -g cockpit-wsinstance -d /nonexisting -s /sbin/nologin -c "User for cockpit-ws instances" cockpit-wsinstance
@ -491,7 +543,7 @@ if [ "$1" = 1 ]; then
    chmod 644 /etc/cockpit/disallowed-users
 fi
-%tmpfiles_create cockpit-ws.conf
+%tmpfiles_create cockpit-tempfiles.conf
 %systemd_post cockpit.socket cockpit.service
 # firewalld only partially picks up changes to its services files without this
 test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet || true
@ -523,7 +575,7 @@ fi
 Summary: Cockpit user interface for kernel crash dumping
 Requires: cockpit-bridge >= %{required_base}
 Requires: cockpit-shell >= %{required_base}
-Requires: /usr/bin/kdumpctl
+Requires: kexec-tools
 BuildArch: noarch
 %description kdump
@ -659,60 +711,54 @@ via PackageKit.
 # The changelog is automatically generated and merged
 %changelog
-* Tue Aug 20 2024 Packit <hello@packit.dev> - 323-1
+* Tue Apr 02 2024 Martin Pitt <mpitt@redhat.com> - 311.2-1
- metrics: Install valkey instead of redis on RHEL/CentOS 10
+- sosreport: Fix command injection with crafted report names [CVE-2024-2947]
- login: Prevent multiple logins in a single browser session
+  (jira#RHEL-31074)
- Update documentation links
+
-
+* Mon Apr  1 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 311.1-1.inferit.1
-* Thu Aug 08 2024 Packit <hello@packit.dev> - 322-1
+- Change chpasswd to passwd to support PAM crypto algorithms
- shell: Deprecate host switcher
+- Update Russian translation
-
+- Added support GOST and PAM-GOST profiles for crypto-policies in the UI interface
-* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 321-2
+- Replace Source0 archive with MSVSphere OS-specific one
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+- Add MSVSphere OS branding
 - Use MSVSPHERE_PRETTY_NAME instead of PRETTY_NAME and NAME in UI
 - Fix sudo button translation issue
 - Remove upstream documentation links from UI
-* Wed Jul 10 2024 Packit <hello@packit.dev> - 321-1
+* Tue Feb 20 2024 Packit <hello@packit.dev> - 311.1-1
- Bug fixes and performance improvements
+- Update documentation links to RHEL 9 (RHEL-3954)
-
+- Storage: Various bug fixes
 * Wed Jul 03 2024 Packit <hello@packit.dev> - 320-1
 - pam-ssh-add: Fix insecure killing of session ssh-agent [CVE-2024-6126]
 - sosreport: Read report directory from sos config (fix page on Debian/Ubuntu)
 * Wed Jun 26 2024 Packit <hello@packit.dev> - 319-1
 - List btrfs snapshots in subvolume detail view
-* Mon Jun 17 2024 Martin Pitt <mpitt@redhat.com> - 318-2
+* Wed Feb 14 2024 Packit <hello@packit.dev> - 311-1
- Rebuilt for Python 3.13
+- Bug fixes and stability improvements
-* Wed Jun 12 2024 Packit <hello@packit.dev> - 318-1
+* Wed Feb 07 2024 Packit <hello@packit.dev> - 310.2-1
- Storage: Extra confirmation before deleting non-empty partitions in Anaconda's Web UI
+- selinux: Cover migration to /run
- Discontinue Intel 32-bit support in Fedora, CentOS, and RHEL
+- ws: Handle HEAD requests correctly, for curl 8.6.0
 - cockpit.js: Get user primary group ID
-* Sun Jun 09 2024 Python Maint <python-maint@redhat.com> - 317-2
+* Fri Feb 02 2024 Packit <hello@packit.dev> - 310.1-1
- Rebuilt for Python 3.13
+- bridge: Fix race condition/crash in file watching channels
-* Wed May 29 2024 Packit <hello@packit.dev> - 317-1
+* Wed Jan 31 2024 Packit <hello@packit.dev> - 310-1
- webserver: System user changes
+- Storage: support for btrfs
- metrics: Prefer valkey over redis on Fedora
+- Storage: improved support for swap
-* Thu Apr 25 2024 Packit <hello@packit.dev> - 316-1
+* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 309-3
- cockpit.js API: Fix format_bytes() units
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-* Wed Apr 10 2024 Packit <hello@packit.dev> - 315-1
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 309-2
- systemd: Check proper ssh service unit on Debian/Ubuntu
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 - Translation updates
-* Thu Mar 28 2024 Packit <hello@packit.dev> - 314-1
+* Thu Jan 18 2024 Packit <hello@packit.dev> - 309-1
- Diagnostic reports: Fix command injection vulnerability with crafted report names
+- Storage: Introduce btrfs support
 - Storage: Improvements to read-only encrypted filesystems
-* Wed Mar 13 2024 Packit <hello@packit.dev> - 313-1
+* Wed Jan 03 2024 Packit <hello@packit.dev> - 308-1
- assorted bug fixes and improvements
+- Fix connecting to remote hosts with OpenSSH 0.9.6
-* Wed Feb 28 2024 Packit <hello@packit.dev> - 312-1
+* Mon Dec 18 2023 Martin Pitt <mpitt@redhat.com> - 300.4-1.inferit
- Accounts: support lastlog2 and make the page faster
+- client: Provide fallback for GLib.get_user_state_dir() (RHEL-18989)
- Storage: Various Anaconda mode fixes
+- bridge: Add back menu/tool names to cockpit-bridge --packages (RHEL-19004)
- Fix package build if cockpit-bridge package is installed
+- bridge: Add back support for x.min.js files (RHEL-19005)
 * Tue Feb 20 2024 Packit <hello@packit.dev> - 311.1-1
 - Update documentation links to RHEL 9 (RHEL-3954)
@ -839,6 +885,9 @@ Storage: Support for RAID layouts with LVM2
 - API removal: Remove cockpit.dbus.publish() and .meta()
 - Development: Cockpit now supports the esbuild bundler
 * Wed Mar 15 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 287-1
 - Rebuilt for MSVSphere 9.1.
 * Thu Mar 09 2023 Packit <hello@packit.dev> - 287-1
 - Metrics: Column visiblity
 - Services: Pinned units need to be re-done
`@ -1 +1 @@`
	`4784445989c80518644267f01483afc962b10d03 SOURCES/cockpit-323.1.tar.xz`	`c24d50c29aef687b03f60888cbfd983040c195d7 SOURCES/cockpit-311.2.tar.xz`
`@ -1 +1 @@`
	`SOURCES/cockpit-323.1.tar.xz`	`SOURCES/cockpit-311.2.tar.xz`