Remove FIPS .*.hmac files from the supermin appliance (RHBZ#654638).

author Richard W.M. Jones <rjones@redhat.com>

Thu, 18 Nov 2010 15:32:05 +0000 (15:32 +0000)

committer Richard W.M. Jones <rjones@redhat.com>

Thu, 18 Nov 2010 15:32:05 +0000 (15:32 +0000)
author Richard W.M. Jones <rjones@redhat.com>
Thu, 18 Nov 2010 15:32:05 +0000 (15:32 +0000)
committer Richard W.M. Jones <rjones@redhat.com>
Thu, 18 Nov 2010 15:32:05 +0000 (15:32 +0000)
diff --git a/appliance/make.sh.in b/appliance/make.sh.in

index 36bcd6c..64bcb5a 100755 (executable)
--- a/appliance/make.sh.in
+++ b/appliance/make.sh.in
@@ -128,6 +128,11 @@ if [ "@DIST@" = "REDHAT" ]; then
      /var/log/yum.log \
      $(cd initramfs && echo usr/sbin/glibc_post_upgrade.*)
  
      /var/log/yum.log \
      $(cd initramfs && echo usr/sbin/glibc_post_upgrade.*)
  
+  # Remove all .*.hmac files (RHBZ#654638).  These are not used unless
+  # you are using FIPS, and they cause hard dependencies on files
+  # which change whenever a library version is bumped.
+  @FEBOOTSTRAP_RUN@ initramfs -- rm -f $(cd initramfs && find -name '.*.hmac')
+
    # Kernel modules take up nearly half of the image.  Only include ones
    # which are on the whitelist.
    exec 5<appliance/kmod.whitelist
    # Kernel modules take up nearly half of the image.  Only include ones
    # which are on the whitelist.
    exec 5<appliance/kmod.whitelist
author	Richard W.M. Jones <rjones@redhat.com>
	Thu, 18 Nov 2010 15:32:05 +0000 (15:32 +0000)
committer	Richard W.M. Jones <rjones@redhat.com>
	Thu, 18 Nov 2010 15:32:05 +0000 (15:32 +0000)