Merge pull request #115 from matejak/updated_rhel8

Update the rhel8-branch with master commits

README.md

@@ -2,6 +2,6 @@ OSCAP Anaconda addon is an addon for the Anaconda installer that integrates
 OpenSCAP to the installation process and allows installation of system following
 some SCAP-defined restrictions and recommendations.
 
-The addon is compatible with Anaconda version >= 29.19.x.
+The addon is compatible with Anaconda version >= 32
 
 For testing and other development information, see the [OSCAP Anaconda Addon Developer Guide](https://github.com/OpenSCAP/oscap-anaconda-addon/blob/master/docs/manual/developer_guide.adoc).

org_fedora_oscap/common.py

@@ -29,7 +29,6 @@
 import subprocess
 import zipfile
 import tarfile
-from _ast import Sub
 
 import cpioarchive
 import re
@@ -39,7 +38,7 @@
 import gettext
 from functools import wraps
 from pyanaconda.core import constants
-from pyanaconda import nm
+from pyanaconda.modules.common.constants.services import NETWORK
 from pyanaconda.threading import threadMgr, AnacondaThread
 from org_fedora_oscap import utils
 from org_fedora_oscap.data_fetch import fetch_data
@@ -295,7 +294,8 @@ def wait_and_fetch_net_data(url, out_file, ca_certs=None):
         # NM still connecting, wait for it to finish
         nm_conn_thread.join()
 
-    if not nm.nm_is_connected():
+    network_proxy = NETWORK.get_proxy()
+    if not network_proxy.Connected:
         raise OSCAPaddonNetworkError("Network connection needed to fetch data.")
 
     fetch_data_thread = AnacondaThread(name=THREAD_FETCH_DATA,

org_fedora_oscap/data_fetch.py

@@ -9,7 +9,7 @@
 import os.path
 import pycurl
 
-from pyanaconda.flags import flags as ana_flags
+from pyanaconda.core.configuration.anaconda import conf
 
 from org_fedora_oscap import utils
 
@@ -178,7 +178,7 @@ def _curl_fetch(url, out_file, ca_certs=None):
         curl.setopt(pycurl.CAINFO, ca_certs)
 
     # may be turned off by flags (specified on command line, take precedence)
-    if ana_flags.noverifyssl:
+    if not conf.payload.verify_ssl:
         log.warning("Disabling SSL verification due to the noverifyssl flag")
         curl.setopt(pycurl.SSL_VERIFYHOST, 0)
         curl.setopt(pycurl.SSL_VERIFYPEER, 0)

org_fedora_oscap/gui/spokes/oscap.glade

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!-- Generated with glade 3.18.3 -->
+<!-- Generated with glade 3.22.2 -->
 <interface domain="oscap-anaconda-addon">
   <requires lib="gtk+" version="3.0"/>
   <requires lib="AnacondaWidgets" version="1.0"/>
@@ -97,8 +97,8 @@
                       <object class="GtkLabel" id="applyLabel">
                         <property name="visible">True</property>
                         <property name="can_focus">False</property>
-                        <property name="xalign">0.85000002384185791</property>
                         <property name="label" translatable="yes">Apply security policy:</property>
+                        <property name="xalign">0.85000002384185791</property>
                       </object>
                       <packing>
                         <property name="expand">False</property>
@@ -253,8 +253,8 @@
                           <object class="GtkLabel" id="chooseProfileLabel">
                             <property name="visible">True</property>
                             <property name="can_focus">False</property>
-                            <property name="xalign">0</property>
                             <property name="label" translatable="yes">Choose profile below:</property>
+                            <property name="xalign">0</property>
                           </object>
                           <packing>
                             <property name="expand">False</property>
@@ -267,6 +267,7 @@
                             <property name="visible">True</property>
                             <property name="can_focus">True</property>
                             <property name="shadow_type">in</property>
+                            <property name="min_content_height">160</property>
                             <child>
                               <object class="GtkTreeView" id="profilesView">
                                 <property name="visible">True</property>
@@ -340,8 +341,8 @@
                             <property name="visible">True</property>
                             <property name="can_focus">False</property>
                             <property name="margin_top">20</property>
-                            <property name="xalign">0</property>
                             <property name="label" translatable="yes">Changes that were done or need to be done:</property>
+                            <property name="xalign">0</property>
                           </object>
                           <packing>
                             <property name="expand">False</property>
@@ -354,6 +355,7 @@
                             <property name="visible">True</property>
                             <property name="can_focus">True</property>
                             <property name="shadow_type">in</property>
+                            <property name="min_content_height">140</property>
                             <child>
                               <object class="GtkTreeView" id="changesView">
                                 <property name="visible">True</property>
@@ -444,9 +446,9 @@
                               <object class="GtkLabel" id="noContentLabel">
                                 <property name="visible">True</property>
                                 <property name="can_focus">False</property>
-                                <property name="xalign">0</property>
-                                <property name="label" translatable="no">No content found. Please enter data stream content or archive URL below:</property>
+                                <property name="label" translatable="yes">No content found. Please enter data stream content or archive URI below:</property>
                                 <property name="wrap">True</property>
+                                <property name="xalign">0</property>
                               </object>
                               <packing>
                                 <property name="expand">False</property>

org_fedora_oscap/gui/spokes/oscap.py

@@ -198,7 +198,7 @@ class OSCAPSpoke(NormalSpoke):
     title = N_("_Security Policy")
 
     # methods defined by API and helper methods #
-    def __init__(self, data, storage, payload, instclass):
+    def __init__(self, data, storage, payload):
         """
         :see: pyanaconda.ui.common.Spoke.__init__
         :param data: data object passed to every spoke to load/store data
@@ -209,12 +209,10 @@ def __init__(self, data, storage, payload, instclass):
         :type storage: blivet.Blivet
         :param payload: object storing packaging-related information
         :type payload: pyanaconda.packaging.Payload
-        :param instclass: distribution-specific information
-        :type instclass: pyanaconda.installclass.BaseInstallClass
 
         """
 
-        NormalSpoke.__init__(self, data, storage, payload, instclass)
+        NormalSpoke.__init__(self, data, storage, payload)
         self._addon_data = self.data.addons.org_fedora_oscap
         # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1673071
         self.title = _(self.title)

org_fedora_oscap/ks/oscap.py

@@ -27,7 +27,7 @@
 import logging
 
 from pyanaconda.addons import AddonData
-from pyanaconda.core.util import getSysroot
+from pyanaconda.core.configuration.anaconda import conf
 from pyanaconda.progress import progressQ
 from pyanaconda import errors
 from pyanaconda.core import util
@@ -390,7 +390,7 @@ def _fetch_content_and_initialize(self):
         for rule in rules.splitlines():
             self.rule_data.new_rule(rule)
 
-    def setup(self, storage, ksdata, instclass, payload):
+    def setup(self, storage, ksdata, payload):
         """
         The setup method that should make changes to the runtime environment
         according to the data stored in this object.
@@ -401,8 +401,6 @@ def setup(self, storage, ksdata, instclass, payload):
         :param ksdata: data parsed from the kickstart file and set in the
                        installation process
         :type ksdata: pykickstart.base.BaseHandler instance
-        :param instclass: distribution-specific information
-        :type instclass: pyanaconda.installclass.BaseInstallClass
 
         """
 
@@ -501,7 +499,7 @@ def setup(self, storage, ksdata, instclass, payload):
             if pkg not in ksdata.packages.packageList:
                 ksdata.packages.packageList.append(pkg)
 
-    def execute(self, storage, ksdata, instclass, users, payload):
+    def execute(self, storage, ksdata, users, payload):
         """
         The execute method that should make changes to the installed system. It
         is called only once in the post-install setup phase.
@@ -517,7 +515,7 @@ def execute(self, storage, ksdata, instclass, users, payload):
             # selected
             return
 
-        target_content_dir = utils.join_paths(getSysroot(),
+        target_content_dir = utils.join_paths(conf.target.system_root,
                                               common.TARGET_CONTENT_DIR)
         utils.ensure_dir_exists(target_content_dir)
 
@@ -546,7 +544,7 @@ def execute(self, storage, ksdata, instclass, users, payload):
         common.run_oscap_remediate(self.profile_id, self.postinst_content_path,
                                    self.datastream_id, self.xccdf_id,
                                    self.postinst_tailoring_path,
-                                   chroot=getSysroot())
+                                   chroot=conf.target.system_root)
 
     def clear_all(self):
         """Clear all the stored values."""

org_fedora_oscap/rule_handling.py

@@ -30,7 +30,7 @@
 from pyanaconda.pwpolicy import F22_PwPolicyData
 from pyanaconda.core.constants import (
     FIREWALL_ENABLED, FIREWALL_DISABLED, FIREWALL_USE_SYSTEM_DEFAULTS)
-from pyanaconda.modules.common.constants.objects import FIREWALL, BOOTLOADER
+from pyanaconda.modules.common.constants.objects import FIREWALL, BOOTLOADER, DEVICE_TREE
 from pyanaconda.modules.common.constants.services import NETWORK, STORAGE, USERS
 
 from org_fedora_oscap import common
@@ -392,9 +392,11 @@ def add_mount_options(self, mount_options):
 
     def eval_rules(self, ksdata, storage, report_only=False):
         """:see: RuleHandler.eval_rules"""
-
+        device_tree = STORAGE.get_proxy(DEVICE_TREE)
+        mount_points = device_tree.GetMountPoints()
         messages = []
-        if self._mount_point not in storage.mountpoints:
+
+        if self._mount_point not in mount_points:
             msg = _("{0} must be on a separate partition or logical "
                     "volume and has to be created in the "
                     "partitioning layout before installation can occur "
@@ -417,11 +419,12 @@ def eval_rules(self, ksdata, storage, report_only=False):
                                         common.MESSAGE_TYPE_INFO, msg))
 
         # mount point to be created during installation
-        target_mount_point = storage.mountpoints[self._mount_point]
+        target_name = mount_points[self._mount_point]
+        mount_options = device_tree.GetDeviceMountOptions(target_name)
 
         # generator for the new options that should be added
         new_opts = (opt for opt in self._mount_options
-                    if opt not in target_mount_point.format.options.split(","))
+                    if opt not in mount_options.split(","))
 
         # add message for every mount option added
         for opt in new_opts:
@@ -434,9 +437,12 @@ def eval_rules(self, ksdata, storage, report_only=False):
 
             # add new options to the target mount point if not reporting only
             if not report_only:
-                target_mount_point.format.options += ",%s" % opt
+                mount_options += ",%s" % opt
                 self._added_mount_options.append(opt)
 
+        if new_opts and not report_only:
+            device_tree.SetDeviceMountOptions(target_name, mount_options)
+
         return messages
 
     def revert_changes(self, ksdata, storage):
@@ -447,23 +453,26 @@ def revert_changes(self, ksdata, storage):
         :see: RuleHandler.revert_changes
 
         """
+        device_tree = STORAGE.get_proxy(DEVICE_TREE)
+        mount_points = device_tree.GetMountPoints()
 
-        if self._mount_point not in storage.mountpoints:
+        if self._mount_point not in mount_points:
             # mount point doesn't exist, nothing can be reverted
             return
 
         # mount point to be created during installation
-        target_mount_point = storage.mountpoints[self._mount_point]
+        target_name = mount_points[self._mount_point]
 
         # mount options to be defined for the created mount point
-        tgt_mount_options = target_mount_point.format.options
+        mount_options = device_tree.GetDeviceMountOptions(target_name)
 
         # generator of the options that should remain
-        result_opts = (opt for opt in tgt_mount_options.split(",")
+        result_opts = (opt for opt in mount_options.split(",")
                        if opt not in self._added_mount_options)
 
         # set the new list of options
-        target_mount_point.format.options = ",".join(result_opts)
+        mount_options = ",".join(result_opts)
+        device_tree.SetDeviceMountOptions(target_name, mount_options)
 
         # reset the remembered added mount options
         self._added_mount_options = []

oscap-anaconda-addon.spec

@@ -22,8 +22,8 @@ BuildRequires:  python3-mock
 BuildRequires:  python3-nose
 BuildRequires:  python3-cpio
 BuildRequires:  openscap openscap-utils openscap-python3
-BuildRequires:  anaconda >= 28.22
-Requires:       anaconda >= 28.22
+BuildRequires:  anaconda >= 32.25
+Requires:       anaconda >= 32.25
 Requires:       python3-cpio
 Requires:       openscap openscap-utils openscap-python3