import imports/r9/rocky-release-8.6-2.el8

5ae3b7b5 · Rocky Automation · 5ae3b7b5 · 5ae3b7b5 · 5ae3b7b5 · 5ae3b7b5
Commit 5ae3b7b5 authored May 09, 2022 by Rocky Automation 📺
--- a/.rocky-release.metadata
+++ b/.rocky-release.metadata
--- a/SOURCES/50-redhat.conf
+++ b/SOURCES/50-redhat.conf
+# These defaults are from upstream and are not patched into systemd like in el8
+# https://bugzilla.redhat.com/show_bug.cgi?id=1689346
+kernel.kptr_restrict = 1
+
+# Source route verification
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.*.rp_filter = 1
+-net.ipv4.conf.all.rp_filter
--- a/SOURCES/50-redhat.conf.lh
+++ b/SOURCES/50-redhat.conf.lh
+# These defaults are from upstream and are not patched into systemd like in el8
+# https://bugzilla.redhat.com/show_bug.cgi?id=1689346
+kernel.kptr_restrict = 1
+
+# Source route verification
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.*.rp_filter = 1
+-net.ipv4.conf.all.rp_filter
--- a/SOURCES/85-display-manager.preset
+++ b/SOURCES/85-display-manager.preset
+# We enable all display managers by default. Since only one can
+# actually be enabled at the same time the one which is installed
+# first wins
+
+enable gdm.service
+enable lightdm.service
+enable slim.service
+enable lxdm.service
+enable sddm.service
+enable kdm.service
+enable xdm.service
--- a/SOURCES/85-display-manager.preset.lh
+++ b/SOURCES/85-display-manager.preset.lh
+# We enable all display managers by default. Since only one can
+# actually be enabled at the same time the one which is installed
+# first wins
+
+enable gdm.service
+enable lightdm.service
+enable slim.service
+enable lxdm.service
+enable sddm.service
+enable kdm.service
+enable xdm.service
--- a/SOURCES/90-default-user.preset
+++ b/SOURCES/90-default-user.preset
+# Enable the D-Bus service (including its socket for socket activation)
+# unconditionally. It is used throughout Fedora and required on all machines.
+# https://src.fedoraproject.org/rpms/fedora-release/pull-request/4
+# https://fedoraproject.org/w/index.php?title=Starting_services_by_default&oldid=377748
+enable dbus.socket
+enable dbus-broker.service
+
+# Socket-activated pipewire service for individual user sessions
+# https://bugzilla.redhat.com/show_bug.cgi?id=1592434
+enable pipewire.socket
+
+# Enable the PipeWire PulseAudio compatibility socket interface
+# https://bugzilla.redhat.com/show_bug.cgi?id=1904239
+# https://bugzilla.redhat.com/show_bug.cgi?id=1907906
+# https://fedoraproject.org/wiki/Changes/DefaultPipeWire
+enable pipewire-pulse.socket
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1976006
+enable pipewire-media-session.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2022717
+enable wireplumber.service
--- a/SOURCES/90-default-user.preset.lh
+++ b/SOURCES/90-default-user.preset.lh
+# Enable the D-Bus service (including its socket for socket activation)
+# unconditionally. It is used throughout Fedora and required on all machines.
+# https://src.fedoraproject.org/rpms/fedora-release/pull-request/4
+# https://fedoraproject.org/w/index.php?title=Starting_services_by_default&oldid=377748
+enable dbus.socket
+enable dbus-broker.service
+
+# Socket-activated pipewire service for individual user sessions
+# https://bugzilla.redhat.com/show_bug.cgi?id=1592434
+enable pipewire.socket
+
+# Enable the PipeWire PulseAudio compatibility socket interface
+# https://bugzilla.redhat.com/show_bug.cgi?id=1904239
+# https://bugzilla.redhat.com/show_bug.cgi?id=1907906
+# https://fedoraproject.org/wiki/Changes/DefaultPipeWire
+enable pipewire-pulse.socket
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1976006
+enable pipewire-media-session.service
+# https://bugzilla.redhat.com/show_bug.cgi?id=2022717
+enable wireplumber.service
--- a/SOURCES/90-default.preset
+++ b/SOURCES/90-default.preset
+# Also see:
+# https://fedoraproject.org/wiki/Starting_services_by_default
+
+disable systemd-timesyncd.service
+disable systemd-resolved.service
+
+# systemd
+enable remote-fs.target
+enable getty@tty1.service
+
+# System stuff
+enable sshd.service
+enable atd.*
+enable crond.*
+enable chronyd.service
+enable rpcbind.*
+enable NetworkManager.service
+enable NetworkManager-dispatcher.service
+enable ModemManager.service
+enable auditd.service
+enable restorecond.service
+enable bluetooth.*
+enable avahi-daemon.*
+enable cups.*
+
+# The various syslog implementations
+enable rsyslog.*
+enable syslog-ng.*
+enable sysklogd.*
+
+# Network facing
+enable firewalld.service
+enable xinetd.service
+enable ladvd.service
+
+# Virtualization driver specific daemons. Start by defalt at boot for VM
+# autostart, but shutdown after 2 mins and socket activated thereafter
+enable virtqemud.service
+
+# Compatibility with libvirtd sockets for old clients and expose TCP sockets
+enable virtproxyd.socket
+
+# Secondary drivers providing supporting functionality to main virtualization
+# drivers, socket activated only when required
+enable virtinterfaced.socket
+enable virtnetworkd.socket
+enable virtnodedevd.socket
+enable virtnwfilterd.socket
+enable virtsecretd.socket
+enable virtstoraged.socket
+
+# Storage
+enable multipathd.service
+enable libstoragemgmt.service
+enable lvm2-lvmpolld.socket
+enable lvm2-monitor.*
+enable lvm2-lvmetad.*
+enable dm-event.*
+enable dmraid-activation.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=855372
+enable mdmonitor.service
+enable mdmonitor-takeover.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=876237
+enable spice-vdagentd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=885406
+enable qemu-guest-agent.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=928726
+enable dnf-makecache.timer
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=957135
+enable vmtoolsd.service
+
+# mcelog is a utility that collects and decodes Machine Check Exception data
+# on x86-32 and x86-64 systems.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1302179
+enable mcelog.service
+
+#https://bugzilla.redhat.com/show_bug.cgi?id=995987
+enable kdump.service
+
+#https://bugzilla.redhat.com/show_bug.cgi?id=1009970
+enable tuned.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1215645
+enable unbound-anchor.timer
+
+# Enable SSSD Kerberos Credential Cache Server
+# https://bugzilla.redhat.com/show_bug.cgi?id=1558927
+enable sssd-kcm.socket
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1578833
+enable sssd.service
+
+# Hardware
+enable gpm.*
+enable gpsd.*
+enable irqbalance.service
+enable lm_sensors.service
+enable mcelog.*
+enable microcode.service
+enable smartd.service
+enable pcscd.socket
+enable rngd.service
+
+# Other stuff
+enable abrtd.service
+enable abrt-journal-core.service
+enable abrt-oops.service
+enable abrt-xorg.service
+enable abrt-vmcore.service
+enable lttng-sessiond.service
+enable ksm.service
+enable ksmtuned.service
+enable rootfs-resize.service
+enable sysstat.service
+enable uuidd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1193616
+enable hypervfcopyd.service
+enable hypervkvpd.service
+enable hypervvssd.service
+
+# Desktop stuff
+enable accounts-daemon.service
+enable rtkit-daemon.service
+enable upower.service
+enable udisks2.service
+enable packagekit-offline-update.service
+enable PackageKit.service
+# https://bugzilla.redhat.com/show_bug.cgi?id=2011240
+enable power-profiles-daemon.service
+
+# Initial Setup reconfiguration service
+enable initial-setup-reconfiguration.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1312446
+enable opal-prd.service
+
+# virtlog.service is sometimes used by VMs started by libvirt.service
+# Enable virtlog.socket to have it socket activated
+# https://bugzilla.redhat.com/show_bug.cgi?id=1325503
+enable virtlogd.socket
+
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1271839
+enable rhsmcertd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1359645
+enable brandbot.*
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1572550
+enable timedatex.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1578870
+enable selinux-autorelabel-mark.service
+enable rhel-configure.service
+enable rhel-dmesg.service
+
+# https://github.com/fedora-sysv/initscripts/commit/37109fdf9808
+enable nis-domainname.service
+enable import-state.service
+enable loadmodules.service
+enable readonly-root.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1630200
+# s390x specific services
+enable cpi.service
+enable device_cio_free.service
+
+# Enable the stratis daemon for managing stratis storage
+# https://bugzilla.redhat.com/show_bug.cgi?id=1632510
+enable stratisd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1817591
+enable mlocate-updatedb.timer
+
+# nvme auto connect
+# https://bugzilla.redhat.com/show_bug.cgi?id=1805466
+enable nvmefc-boot-connections.service
+
+# OSTree based systems need to remount /sysroot and
+# /var as rw via ostree-remount.service
+# ignored by non-OSTree based systems
+# https://bugzilla.redhat.com/show_bug.cgi?id=1848453
+enable ostree-remount.service
+
+# DBus needed by Anaconda
+enable dbus.socket
+enable dbus-broker.service
+
+# Enable iscsi service files
+# https://bugzilla.redhat.com/show_bug.cgi?id=1930458
+enable iscsi.service
+enable iscsid.socket
+enable iscsiuio.socket
+enable iscsi-onboot.service
+
+# Enable logrotate.timer
+# https://bugzilla.redhat.com/show_bug.cgi?id=1977865
+enable logrotate.timer
+
+# Enable greenboot
+# https://bugzilla.redhat.com/show_bug.cgi?id=2005552
+enable greenboot-grub2-set-counter.service
+enable greenboot-grub2-set-success.service
+enable greenboot-healthcheck.service
+enable greenboot-rpm-ostree-grub2-check-fallback.service
+enable greenboot-status.service
+enable greenboot-task-runner.service
+enable redboot-auto-reboot.service
+enable redboot-task-runner.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2013299
+enable low-memory-monitor.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2049627
+enable switcheroo-control.service
--- a/SOURCES/90-default.preset.lh
+++ b/SOURCES/90-default.preset.lh
+# Also see:
+# https://fedoraproject.org/wiki/Starting_services_by_default
+
+disable systemd-timesyncd.service
+disable systemd-resolved.service
+
+# systemd
+enable remote-fs.target
+enable getty@tty1.service
+
+# System stuff
+enable sshd.service
+enable atd.*
+enable crond.*
+enable chronyd.service
+enable rpcbind.*
+enable NetworkManager.service
+enable NetworkManager-dispatcher.service
+enable ModemManager.service
+enable auditd.service
+enable restorecond.service
+enable bluetooth.*
+enable avahi-daemon.*
+enable cups.*
+
+# The various syslog implementations
+enable rsyslog.*
+enable syslog-ng.*
+enable sysklogd.*
+
+# Network facing
+enable firewalld.service
+enable xinetd.service
+enable ladvd.service
+
+# Virtualization driver specific daemons. Start by defalt at boot for VM
+# autostart, but shutdown after 2 mins and socket activated thereafter
+enable virtqemud.service
+
+# Compatibility with libvirtd sockets for old clients and expose TCP sockets
+enable virtproxyd.socket
+
+# Secondary drivers providing supporting functionality to main virtualization
+# drivers, socket activated only when required
+enable virtinterfaced.socket
+enable virtnetworkd.socket
+enable virtnodedevd.socket
+enable virtnwfilterd.socket
+enable virtsecretd.socket
+enable virtstoraged.socket
+
+# Storage
+enable multipathd.service
+enable libstoragemgmt.service
+enable lvm2-lvmpolld.socket
+enable lvm2-monitor.*
+enable lvm2-lvmetad.*
+enable dm-event.*
+enable dmraid-activation.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=855372
+enable mdmonitor.service
+enable mdmonitor-takeover.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=876237
+enable spice-vdagentd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=885406
+enable qemu-guest-agent.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=928726
+enable dnf-makecache.timer
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=957135
+enable vmtoolsd.service
+
+# mcelog is a utility that collects and decodes Machine Check Exception data
+# on x86-32 and x86-64 systems.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1302179
+enable mcelog.service
+
+#https://bugzilla.redhat.com/show_bug.cgi?id=995987
+enable kdump.service
+
+#https://bugzilla.redhat.com/show_bug.cgi?id=1009970
+enable tuned.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1215645
+enable unbound-anchor.timer
+
+# Enable SSSD Kerberos Credential Cache Server
+# https://bugzilla.redhat.com/show_bug.cgi?id=1558927
+enable sssd-kcm.socket
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1578833
+enable sssd.service
+
+# Hardware
+enable gpm.*
+enable gpsd.*
+enable irqbalance.service
+enable lm_sensors.service
+enable mcelog.*
+enable microcode.service
+enable smartd.service
+enable pcscd.socket
+enable rngd.service
+
+# Other stuff
+enable abrtd.service
+enable abrt-journal-core.service
+enable abrt-oops.service
+enable abrt-xorg.service
+enable abrt-vmcore.service
+enable lttng-sessiond.service
+enable ksm.service
+enable ksmtuned.service
+enable rootfs-resize.service
+enable sysstat.service
+enable uuidd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1193616
+enable hypervfcopyd.service
+enable hypervkvpd.service
+enable hypervvssd.service
+
+# Desktop stuff
+enable accounts-daemon.service
+enable rtkit-daemon.service
+enable upower.service
+enable udisks2.service
+enable packagekit-offline-update.service
+enable PackageKit.service
+# https://bugzilla.redhat.com/show_bug.cgi?id=2011240
+enable power-profiles-daemon.service
+
+# Initial Setup reconfiguration service
+enable initial-setup-reconfiguration.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1312446
+enable opal-prd.service
+
+# virtlog.service is sometimes used by VMs started by libvirt.service
+# Enable virtlog.socket to have it socket activated
+# https://bugzilla.redhat.com/show_bug.cgi?id=1325503
+enable virtlogd.socket
+
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1271839
+enable rhsmcertd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1359645
+enable brandbot.*
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1572550
+enable timedatex.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1578870
+enable selinux-autorelabel-mark.service
+enable rhel-configure.service
+enable rhel-dmesg.service
+
+# https://github.com/fedora-sysv/initscripts/commit/37109fdf9808
+enable nis-domainname.service
+enable import-state.service
+enable loadmodules.service
+enable readonly-root.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1630200
+# s390x specific services
+enable cpi.service
+enable device_cio_free.service
+
+# Enable the stratis daemon for managing stratis storage
+# https://bugzilla.redhat.com/show_bug.cgi?id=1632510
+enable stratisd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1817591
+enable mlocate-updatedb.timer
+
+# nvme auto connect
+# https://bugzilla.redhat.com/show_bug.cgi?id=1805466
+enable nvmefc-boot-connections.service
+
+# OSTree based systems need to remount /sysroot and
+# /var as rw via ostree-remount.service
+# ignored by non-OSTree based systems
+# https://bugzilla.redhat.com/show_bug.cgi?id=1848453
+enable ostree-remount.service
+
+# DBus needed by Anaconda
+enable dbus.socket
+enable dbus-broker.service
+
+# Enable iscsi service files
+# https://bugzilla.redhat.com/show_bug.cgi?id=1930458
+enable iscsi.service
+enable iscsid.socket
+enable iscsiuio.socket
+enable iscsi-onboot.service
+
+# Enable greenboot
+# https://bugzilla.redhat.com/show_bug.cgi?id=2005552
+enable greenboot-grub2-set-counter.service
+enable greenboot-grub2-set-success.service
+enable greenboot-healthcheck.service
+enable greenboot-rpm-ostree-grub2-check-fallback.service
+enable greenboot-status.service
+enable greenboot-task-runner.service
+enable redboot-auto-reboot.service
+enable redboot-task-runner.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2013299
+enable low-memory-monitor.service
--- a/SOURCES/99-default-disable.preset
+++ b/SOURCES/99-default-disable.preset
+# Final disable all
+disable *
--- a/SOURCES/99-default-disable.preset.lh
+++ b/SOURCES/99-default-disable.preset.lh
+# Final disable all
+disable *
--- a/SOURCES/COMMUNITY-CHARTER
+++ b/SOURCES/COMMUNITY-CHARTER
+# Community Charter
+
+The Community Charter of the Rocky Enterprise Software Foundation
+
+### Preamble
+
+Enterprise organizations are becoming concerned with using open source software
+due to recent events where projects have changed licensing or pivoted to limit
+usage due to competition, business models, conflicts of interest, or other
+motivation.
+
+We do not assume the open source mindset lightly. It is not a marketing tool, or
+a business endeavor. Open source is a development model designed to engage and
+foster collaboration and usage. It is a decision which should be carefully
+considered, as it should be expected that others, including competitors, will
+make use of the technologies that are created by it.
+
+The Rocky Enterprise Software Foundation (RESF) has been created to organize a
+community around enterprise, research, academia, individuals, and other
+institutions to collaborate on building and maintaining the open source tools
+that these organizations need.
+
+Our mission is to provide the confidence and stability necessary to build on
+open source projects. Together, we can create a stable foundation of open source
+software that companies can use internally, or as the basis for their commercial
+needs.
+
+### Purpose
+
+The purpose of this document is to define the vision, mission, principles, and
+values of the Rocky Enterprise Software Foundation. We stand together,
+voluntarily accountable to this charter by our peers and the enterprise
+community at large.
+
+### Vision
+
+A community of individuals and organizations, committed to working together to
+provide a stable foundation of open source software within the enterprise.
+
+### Mission
+
+- Build a community of individuals and organizations to develop and foster
+enterprise-grade, open source solutions.  - Work together to provide for the
+needs of the enterprise community.  - The security, stability, and integrity of
+our projects are paramount.  - Enable knowledge sharing, inclusiveness,
+collaboration, and open communication.  - Coordinate with the commercial,
+research, academic, and public sectors to help bring their products,
+technologies, and support into enterprise environments.  - Always make decisions
+in the best interest of the enterprise community while being beholden to no
+specific organization(s)
+
+### Principles
+
+Principles are fundamental truths, immutable, and they guide the decisions we
+make and the goals that we set. No action can be made by us that is contrary to
+the following principles:
+
+- Community responsibility. The Rocky Enterprise Software Foundation is
+responsible and accountable only to the community that consumes its projects.
+RESF shall be structured and governed in a way that ensures that no single
+entity, organization, corporation, association, etc. will be permitted to have a
+controlling influence over the RESF or its projects. 
+
+- Our projects are free and open source. With few exceptions (branding, legal,
+etc.), the work generated by the RESF and its community will be released under
+an existing OSI permissive open source license (non-copyleft).
+
+- Trust is paramount. While decisions may sometimes need to be made that balance
+opposing perspectives, at all times we strive toward building and maintaining
+the overall trust such that the community feels confident in leveraging and
+standardizing on the resulting work of this organization for both commercial and
+internal usage.  - Remain transparent. To the degree that we are reasonably able,
+the RESF will remain transparent to the community as defined by our data security
+policy: https://forums.rockylinux.org/t/rfc-data-classification-policy/1513
+
+- Equality of Opportunity: The RESF will strive to build and maintain a
+collaborative and respectful environment that provides equal access to
+opportunities and resources for everyone within the community.
+
+### Values
+
+We derive our values from our principles. It is with these values in mind that
+we make decisions, always striving to make the best decision possible with the
+data we have at hand.
+
+- Be practical. As open source advocates, our inclination toward solving
+problems is to use tools that are themselves permissible open source, but the
+best practical solution to a problem may preclude that. We use the right tool
+for the right job.
+
+- Be reasonable. Respect is given and trust is earned. Input from all
+contributors are valued, and all perspectives are sought after and considered.
+Knowledge and righteousness does not follow seniority.
+
+- Team ahead of self. Sycophants are not valuable to an organization, but
+neither are contrarians. We respectfully vocalize our concerns but pull
+together to drive forward once a decision has been reached.
+- Enable the enterprise community.  While we are starting with creating a stable
+downstream enterprise distribution of Linux, our goals are much broader,
+including attention to the needs of special interests, project hosting,
+education, collaboration, workshops, meetups, and individuals.
+
+- Consider the human. Rocky Linux is developed and supported by a wide group of
+diverse individuals from all walks of life. We are strictly apolitical and will
+always assume the best intentions of others.
+
+### Get Involved
+
+We welcome feedback for this charter, and we encourage participation and