committing changes in /etc made by "-bash"
Package changes:
This commit is contained in:
34
.etckeeper
34
.etckeeper
@@ -995,23 +995,23 @@ maybe chmod 0644 'issue.rpmnew'
|
||||
maybe chmod 0644 'issue.rpmsave'
|
||||
maybe chmod 0755 'java'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/calendars.properties'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/logging.properties'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/blacklisted.certs'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/java.policy'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/java.security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/nss.cfg'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/nss.fips.cfg'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/limited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/limited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/limited/local_policy.jar'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/unlimited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/unlimited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/lib/security/policy/unlimited/local_policy.jar'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/calendars.properties'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/logging.properties'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/blacklisted.certs'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/java.policy'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/java.security'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/nss.cfg'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/nss.fips.cfg'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/limited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/limited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/limited/local_policy.jar'
|
||||
maybe chmod 0755 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/unlimited'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/unlimited/US_export_policy.jar'
|
||||
maybe chmod 0644 'java/java-1.8.0-openjdk/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/lib/security/policy/unlimited/local_policy.jar'
|
||||
maybe chmod 0755 'java/security'
|
||||
maybe chmod 0755 'java/security/security.d'
|
||||
maybe chmod 0755 'jvm'
|
||||
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/alt-java
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/alt-java
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/alt-java-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/alt-java-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/java
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/java
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/java-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/java-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/jjs
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/jjs
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/jjs-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/jjs-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64
|
||||
/usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/keytool
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/keytool
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/keytool-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/keytool-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/orbd
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/orbd
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/orbd-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/orbd-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/pack200
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/pack200
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/pack200-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/pack200-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/policytool
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/policytool
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/policytool-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/policytool-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/rmid
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/rmid
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/rmid-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/rmid-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/rmiregistry
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/rmiregistry
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/rmiregistry-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/rmiregistry-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/servertool
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/servertool
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/servertool-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/servertool-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/tnameserv
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/tnameserv
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/tnameserv-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/tnameserv-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -1 +1 @@
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64/jre/bin/unpack200
|
||||
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64/jre/bin/unpack200
|
||||
@@ -1 +1 @@
|
||||
/usr/share/man/man1/unpack200-java-1.8.0-openjdk-1.8.0.332.b09-2.el8_6.x86_64.1.gz
|
||||
/usr/share/man/man1/unpack200-java-1.8.0-openjdk-1.8.0.342.b07-2.el8_6.x86_64.1.gz
|
||||
@@ -25,7 +25,7 @@
|
||||
# non-null value:
|
||||
# autoinstall_all_kernels=""
|
||||
|
||||
# Location of the sign-file kernel binary (default: depends on distributioin):
|
||||
# Location of the sign-file kernel binary (default: depends on distribution):
|
||||
# sign_file="/path/to/sign-file"
|
||||
|
||||
# Location of the key and certificate used for Secure boot (default: /var/lib/dkms):
|
||||
|
||||
@@ -77,7 +77,7 @@ security.provider.9=sun.security.smartcardio.SunPCSC
|
||||
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
|
||||
|
||||
#
|
||||
# Security providers used when global crypto-policies are set to FIPS.
|
||||
# Security providers used when FIPS mode support is active
|
||||
#
|
||||
fips.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.fips.cfg
|
||||
fips.provider.2=sun.security.provider.Sun
|
||||
@@ -1114,6 +1114,77 @@ jdk.xml.dsig.secureValidationPolicy=\
|
||||
jceks.key.serialFilter = java.lang.Enum;java.security.KeyRep;\
|
||||
java.security.KeyRep$Type;javax.crypto.spec.SecretKeySpec;!*
|
||||
|
||||
#
|
||||
# PKCS12 KeyStore properties
|
||||
#
|
||||
# The following properties, if configured, are used by the PKCS12 KeyStore
|
||||
# implementation during the creation of a new keystore. Several of the
|
||||
# properties may also be used when modifying an existing keystore. The
|
||||
# properties can be overridden by a KeyStore API that specifies its own
|
||||
# algorithms and parameters.
|
||||
#
|
||||
# If an existing PKCS12 keystore is loaded and then stored, the algorithm and
|
||||
# parameter used to generate the existing Mac will be reused. If the existing
|
||||
# keystore does not have a Mac, no Mac will be created while storing. If there
|
||||
# is at least one certificate in the existing keystore, the algorithm and
|
||||
# parameters used to encrypt the last certificate in the existing keystore will
|
||||
# be reused to encrypt all certificates while storing. If the last certificate
|
||||
# in the existing keystore is not encrypted, all certificates will be stored
|
||||
# unencrypted. If there is no certificate in the existing keystore, any newly
|
||||
# added certificate will be encrypted (or stored unencrypted if algorithm
|
||||
# value is "NONE") using the "keystore.pkcs12.certProtectionAlgorithm" and
|
||||
# "keystore.pkcs12.certPbeIterationCount" values defined here. Existing private
|
||||
# and secret key(s) are not changed. Newly set private and secret key(s) will
|
||||
# be encrypted using the "keystore.pkcs12.keyProtectionAlgorithm" and
|
||||
# "keystore.pkcs12.keyPbeIterationCount" values defined here.
|
||||
#
|
||||
# In order to apply new algorithms and parameters to all entries in an
|
||||
# existing keystore, one can create a new keystore and add entries in the
|
||||
# existing keystore into the new keystore. This can be achieved by calling the
|
||||
# "keytool -importkeystore" command.
|
||||
#
|
||||
# If a system property of the same name is also specified, it supersedes the
|
||||
# security property value defined here.
|
||||
#
|
||||
# If the property is set to an illegal value,
|
||||
# an iteration count that is not a positive integer, or an unknown algorithm
|
||||
# name, an exception will be thrown when the property is used.
|
||||
# If the property is not set or empty, a default value will be used.
|
||||
#
|
||||
# Note: These properties are currently used by the JDK Reference implementation.
|
||||
# They are not guaranteed to be examined and used by other implementations.
|
||||
|
||||
# The algorithm used to encrypt a certificate. This can be any non-Hmac PBE
|
||||
# algorithm defined in the Cipher section of the Java Security Standard
|
||||
# Algorithm Names Specification. When set to "NONE", the certificate
|
||||
# is not encrypted. The default value is "PBEWithSHA1AndRC2_40".
|
||||
#keystore.pkcs12.certProtectionAlgorithm = PBEWithSHA1AndRC2_40
|
||||
|
||||
# The iteration count used by the PBE algorithm when encrypting a certificate.
|
||||
# This value must be a positive integer. The default value is 50000.
|
||||
#keystore.pkcs12.certPbeIterationCount = 50000
|
||||
|
||||
# The algorithm used to encrypt a private key or secret key. This can be
|
||||
# any non-Hmac PBE algorithm defined in the Cipher section of the Java
|
||||
# Security Standard Algorithm Names Specification. The value must not be "NONE".
|
||||
# The default value is "PBEWithSHA1AndDESede".
|
||||
#keystore.pkcs12.keyProtectionAlgorithm = PBEWithSHA1AndDESede
|
||||
|
||||
# The iteration count used by the PBE algorithm when encrypting a private key
|
||||
# or a secret key. This value must be a positive integer. The default value
|
||||
# is 50000.
|
||||
#keystore.pkcs12.keyPbeIterationCount = 50000
|
||||
|
||||
# The algorithm used to calculate the optional MacData at the end of a PKCS12
|
||||
# file. This can be any HmacPBE algorithm defined in the Mac section of the
|
||||
# Java Security Standard Algorithm Names Specification. When set to "NONE",
|
||||
# no Mac is generated. The default value is "HmacPBESHA1".
|
||||
#keystore.pkcs12.macAlgorithm = HmacPBESHA1
|
||||
|
||||
# The iteration count used by the MacData algorithm. This value must be a
|
||||
# positive integer. The default value is 100000.
|
||||
#keystore.pkcs12.macIterationCount = 100000
|
||||
|
||||
# The iteration count used for password-based encryption (PBE) in JCEKS
|
||||
# keystores. Values in the range 10000 to 5000000 are considered valid.
|
||||
# If the value is out of this range, or is not a number, or is unspecified;
|
||||
@@ -4,3 +4,5 @@ nssSecmodDirectory = sql:/etc/pki/nssdb
|
||||
nssDbMode = readOnly
|
||||
nssModule = fips
|
||||
|
||||
attributes(*,CKO_SECRET_KEY,CKK_GENERIC_SECRET)={ CKA_SIGN=true }
|
||||
|
||||
Reference in New Issue
Block a user