committing changes in /etc made by "-bash"
Package changes:
This commit is contained in:
34
.etckeeper
34
.etckeeper
@@ -995,23 +995,23 @@ maybe chmod 0644 'issue.rpmnew'
|
|||||||
maybe chmod 0644 'issue.rpmsave'
|
maybe chmod 0644 'issue.rpmsave'
|
||||||
maybe chmod 0755 'java'
|
maybe chmod 0755 'java'
|
||||||
maybe chmod 0755 'java/java-1.8.0-openjdk'
|
maybe chmod 0755 'java/java-1.8.0-openjdk'
|
||||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64'
|
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64'
|
||||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib'
|
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/calendars.properties'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/calendars.properties'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/logging.properties'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/logging.properties'
|
||||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security'
|
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/blacklisted.certs'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/blacklisted.certs'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/java.policy'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/java.policy'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/java.security'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/java.security'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/nss.cfg'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/nss.cfg'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/nss.fips.cfg'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/nss.fips.cfg'
|
||||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy'
|
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy'
|
||||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/limited'
|
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/limited'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/limited/US_export_policy.jar'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/limited/US_export_policy.jar'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/limited/local_policy.jar'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/limited/local_policy.jar'
|
||||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/unlimited'
|
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/unlimited'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/unlimited/US_export_policy.jar'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/unlimited/US_export_policy.jar'
|
||||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/unlimited/local_policy.jar'
|
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/unlimited/local_policy.jar'
|
||||||
maybe chmod 0755 'java/security'
|
maybe chmod 0755 'java/security'
|
||||||
maybe chmod 0755 'java/security/security.d'
|
maybe chmod 0755 'java/security/security.d'
|
||||||
maybe chmod 0755 'jvm'
|
maybe chmod 0755 'jvm'
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/alt-java
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/alt-java
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/alt-java-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/alt-java-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/java
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/java
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/java-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/java-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/jjs
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/jjs
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/jjs-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/jjs-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64
|
/usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/keytool
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/keytool
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/keytool-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/keytool-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/orbd
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/orbd
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/orbd-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/orbd-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/pack200
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/pack200
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/pack200-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/pack200-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/policytool
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/policytool
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/policytool-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/policytool-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/rmid
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/rmid
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/rmid-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/rmid-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/rmiregistry
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/rmiregistry
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/rmiregistry-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/rmiregistry-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/servertool
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/servertool
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/servertool-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/servertool-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/tnameserv
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/tnameserv
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/tnameserv-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/tnameserv-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/unpack200
|
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/unpack200
|
||||||
@@ -1 +1 @@
|
|||||||
/usr/share/man/man1/unpack200-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
/usr/share/man/man1/unpack200-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||||
@@ -25,7 +25,7 @@
|
|||||||
# non-null value:
|
# non-null value:
|
||||||
# autoinstall_all_kernels=""
|
# autoinstall_all_kernels=""
|
||||||
|
|
||||||
# Location of the sign-file kernel binary (default: depends on distributioin):
|
# Location of the sign-file kernel binary (default: depends on distribution):
|
||||||
# sign_file="/path/to/sign-file"
|
# sign_file="/path/to/sign-file"
|
||||||
|
|
||||||
# Location of the key and certificate used for Secure boot (default: /var/lib/dkms):
|
# Location of the key and certificate used for Secure boot (default: /var/lib/dkms):
|
||||||
|
|||||||
@@ -77,7 +77,7 @@ security.provider.9=sun.security.smartcardio.SunPCSC
|
|||||||
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
|
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
|
||||||
|
|
||||||
#
|
#
|
||||||
# Security providers used when global crypto-policies are set to FIPS.
|
# Security providers used when FIPS mode support is active
|
||||||
#
|
#
|
||||||
fips.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.fips.cfg
|
fips.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.fips.cfg
|
||||||
fips.provider.2=sun.security.provider.Sun
|
fips.provider.2=sun.security.provider.Sun
|
||||||
@@ -1114,6 +1114,77 @@ jdk.xml.dsig.secureValidationPolicy=\
|
|||||||
jceks.key.serialFilter = java.lang.Enum;java.security.KeyRep;\
|
jceks.key.serialFilter = java.lang.Enum;java.security.KeyRep;\
|
||||||
java.security.KeyRep$Type;javax.crypto.spec.SecretKeySpec;!*
|
java.security.KeyRep$Type;javax.crypto.spec.SecretKeySpec;!*
|
||||||
|
|
||||||
|
#
|
||||||
|
# PKCS12 KeyStore properties
|
||||||
|
#
|
||||||
|
# The following properties, if configured, are used by the PKCS12 KeyStore
|
||||||
|
# implementation during the creation of a new keystore. Several of the
|
||||||
|
# properties may also be used when modifying an existing keystore. The
|
||||||
|
# properties can be overridden by a KeyStore API that specifies its own
|
||||||
|
# algorithms and parameters.
|
||||||
|
#
|
||||||
|
# If an existing PKCS12 keystore is loaded and then stored, the algorithm and
|
||||||
|
# parameter used to generate the existing Mac will be reused. If the existing
|
||||||
|
# keystore does not have a Mac, no Mac will be created while storing. If there
|
||||||
|
# is at least one certificate in the existing keystore, the algorithm and
|
||||||
|
# parameters used to encrypt the last certificate in the existing keystore will
|
||||||
|
# be reused to encrypt all certificates while storing. If the last certificate
|
||||||
|
# in the existing keystore is not encrypted, all certificates will be stored
|
||||||
|
# unencrypted. If there is no certificate in the existing keystore, any newly
|
||||||
|
# added certificate will be encrypted (or stored unencrypted if algorithm
|
||||||
|
# value is "NONE") using the "keystore.pkcs12.certProtectionAlgorithm" and
|
||||||
|
# "keystore.pkcs12.certPbeIterationCount" values defined here. Existing private
|
||||||
|
# and secret key(s) are not changed. Newly set private and secret key(s) will
|
||||||
|
# be encrypted using the "keystore.pkcs12.keyProtectionAlgorithm" and
|
||||||
|
# "keystore.pkcs12.keyPbeIterationCount" values defined here.
|
||||||
|
#
|
||||||
|
# In order to apply new algorithms and parameters to all entries in an
|
||||||
|
# existing keystore, one can create a new keystore and add entries in the
|
||||||
|
# existing keystore into the new keystore. This can be achieved by calling the
|
||||||
|
# "keytool -importkeystore" command.
|
||||||
|
#
|
||||||
|
# If a system property of the same name is also specified, it supersedes the
|
||||||
|
# security property value defined here.
|
||||||
|
#
|
||||||
|
# If the property is set to an illegal value,
|
||||||
|
# an iteration count that is not a positive integer, or an unknown algorithm
|
||||||
|
# name, an exception will be thrown when the property is used.
|
||||||
|
# If the property is not set or empty, a default value will be used.
|
||||||
|
#
|
||||||
|
# Note: These properties are currently used by the JDK Reference implementation.
|
||||||
|
# They are not guaranteed to be examined and used by other implementations.
|
||||||
|
|
||||||
|
# The algorithm used to encrypt a certificate. This can be any non-Hmac PBE
|
||||||
|
# algorithm defined in the Cipher section of the Java Security Standard
|
||||||
|
# Algorithm Names Specification. When set to "NONE", the certificate
|
||||||
|
# is not encrypted. The default value is "PBEWithSHA1AndRC2_40".
|
||||||
|
#keystore.pkcs12.certProtectionAlgorithm = PBEWithSHA1AndRC2_40
|
||||||
|
|
||||||
|
# The iteration count used by the PBE algorithm when encrypting a certificate.
|
||||||
|
# This value must be a positive integer. The default value is 50000.
|
||||||
|
#keystore.pkcs12.certPbeIterationCount = 50000
|
||||||
|
|
||||||
|
# The algorithm used to encrypt a private key or secret key. This can be
|
||||||
|
# any non-Hmac PBE algorithm defined in the Cipher section of the Java
|
||||||
|
# Security Standard Algorithm Names Specification. The value must not be "NONE".
|
||||||
|
# The default value is "PBEWithSHA1AndDESede".
|
||||||
|
#keystore.pkcs12.keyProtectionAlgorithm = PBEWithSHA1AndDESede
|
||||||
|
|
||||||
|
# The iteration count used by the PBE algorithm when encrypting a private key
|
||||||
|
# or a secret key. This value must be a positive integer. The default value
|
||||||
|
# is 50000.
|
||||||
|
#keystore.pkcs12.keyPbeIterationCount = 50000
|
||||||
|
|
||||||
|
# The algorithm used to calculate the optional MacData at the end of a PKCS12
|
||||||
|
# file. This can be any HmacPBE algorithm defined in the Mac section of the
|
||||||
|
# Java Security Standard Algorithm Names Specification. When set to "NONE",
|
||||||
|
# no Mac is generated. The default value is "HmacPBESHA1".
|
||||||
|
#keystore.pkcs12.macAlgorithm = HmacPBESHA1
|
||||||
|
|
||||||
|
# The iteration count used by the MacData algorithm. This value must be a
|
||||||
|
# positive integer. The default value is 100000.
|
||||||
|
#keystore.pkcs12.macIterationCount = 100000
|
||||||
|
|
||||||
# The iteration count used for password-based encryption (PBE) in JCEKS
|
# The iteration count used for password-based encryption (PBE) in JCEKS
|
||||||
# keystores. Values in the range 10000 to 5000000 are considered valid.
|
# keystores. Values in the range 10000 to 5000000 are considered valid.
|
||||||
# If the value is out of this range, or is not a number, or is unspecified;
|
# If the value is out of this range, or is not a number, or is unspecified;
|
||||||
@@ -4,3 +4,5 @@ nssSecmodDirectory = sql:/etc/pki/nssdb
|
|||||||
nssDbMode = readOnly
|
nssDbMode = readOnly
|
||||||
nssModule = fips
|
nssModule = fips
|
||||||
|
|
||||||
|
attributes(*,CKO_SECRET_KEY,CKK_GENERIC_SECRET)={ CKA_SIGN=true }
|
||||||
|
|
||||||
Reference in New Issue
Block a user