yast2-security-4.5.7-150500.3.3.1<>,_TeCp9|`6qLzկ@_]#49B'D ZRe*bG|rpI bU2ʣH#Z@w:"d-!Oc,- F@d Hav(6;PK~VrV0:se'3+}ERy RM| }voysy״ﮖ&sQ:8b Qs`*AiMd4⃦#GG2/rl8>FT?Td $ C| %,S4S S S S S tSS_S(St @ t K (8H9H:"H>ABAFAWGAlSHBSIDSXDX YD| ZD[D\DS]ES^J!bNpcOdOeOfOlOuOSvQ wQSxRSyT@zTPT`TdTwTxT|TTCyast2-security4.5.7150500.3.3.1YaST2 - Security ConfigurationThe YaST2 component for security settings configuration.eCh01-ch4c;@SUSE Linux Enterprise 15SUSE LLC GPL-2.0-onlyhttps://www.suse.com/System/YaSThttps://github.com/yast/yast-securitylinuxnoarch# remove broken entry in /etc/login.defs, introduced during installation (bnc#807099) if [ -f /etc/login.defs ] ; then sed -e '/^[ \t]*LASTLOG_ENAB[ \t]*\"\"/d' -i /etc/login.defs fi!|U !qIpV 7~#k X )3x_P E7'< [ 7 -6 6 H&u%FA큤AA큤AA큤AA큤A큤AA큤A큤A큤A큤A큤A큤AAA큤A큤A큤A큤AAAA큤A큤A큤eCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeCeBIeCeCf7cc42a3531e622e6cfcadd5ae35ddfc4923cc9dd58d46a1a154db494abdc937680fd8a28cc0b733b83e2df58abe528ea2c203f77d7aa0689af8a7586b23b575cc90f61ccc61b0c485c7b3cce5ea4bf8868a78648d74749dba993d80f88f442b83d64c53c15fdf4d639844624d2d84cf074ef8504948bff46aa316871762be186350fbb1400d929b78b5a82371629f0924289d024bf57cbe969fb7a4e663a85285c377e2d394855207b3b6a584cb1cd1df486414e275cb5241fcbb6a881652765f6fcb8e20f9f44d09b5b9c8d9cfbeab3abdfe5e3b842a8beb0d2541a8d8cd218f220caaaaf2083d49ced111a4d07ee735ca026e8b0cf04c7c01ce47baf10928d9cea6b6f33a9873717a0f671b9d91e95c255cbf95ef297f93b6578d0f6d2aa4dd7281f17c58057fea80ee349f8891e830783abdbb32fb46b7cec775678a23b8d5bb73896597fbd92810e1a40f022e66697ab291575d5608407c0be149d07ec99bd4f237b02cedc4944a867a7139d7e153b1911844035069abb85efb1cdbd9ae0ec96d7d7cc3a9d0e1f7163b8e637e9f02f005c288551a674546e814cd9add9c0047ce49dc9e5dfbf15a1a7d5662bd3a8ce59923a6f104022d6e17c0e544b387874b3acdb1c58f3fcf63e96b8cce7a26e3fe319bb365689542af3e7028e75b5b6b19fd29cbed0c4b31fcbdfba1bfc24a4277aa9538ee011a7e3c009cd6cfa093f7bb064bb8635d4895a2d844e6350205e1b30ef0ab84664df6d90d7d019b6df7b770185503ca11b38ad56767e2fc84f0d3d96c1f848527c3929269ac20ba00118f033866351e1423863ff2d7fb46f323fc1a5d86ea097db2223cfc563bee47035552389234c984d460ad20b7b80d341a4e750ee212533b3962d339138504e347276749de59fccdd8cb98bcd937925f836e2b018b42d4fac8d5b9d4d086e4125d6a4e71fd26f09a8b4f2264c0f89929c38a55ce9de6e99e3d8bd559e193347ddbf64fdc509fe69d6f9106546e0253765b869cc882d2ea6853a79454ddfd09a140bf188c2e2e5df6f0e2e4c6b82aabe64b8cf6834e2a04afa5ab5dee76f815a30cd11b3225c026ccc5377620678113f4843bf57ed2271a3d53c2351553ed4659ab098c12d02c79209a58fbcce21ca15c980dc2744fa52933d02c35fe8898afae0a15d4be91022fc7b6206430d2ef4162292a13f76645118af643dab32b0149e7b7296b6b3b54b5ecaddd866b0d07279197a2ee38fb6c35ba6fcd953499454fcfb61a2f18ef006d14c50979b5d71d32daf84ca849b545c93933a39ce194393169c6618544b8df9635a5dbb90b97b28b77955370e2d25fe8f949b6379e650afbbf1bfe362f9c846f1195247f2b7a73373fc571149e6a42aed700a0ee11ed2197813626a51c46c59ffb3a64ec0dadc36e79cd2b790ec7b1f11bbd25ade5c229fd4c1c21e5b2c7349baacebdd479bfa387818f667c6bd14d67d37558b560814a33fbf9a28fbe52c627e9f74fd6ccb20aeaee606348edb4587a33f433daa6c1b47f684ea1e8e4cb8c44bbf71badd046b8f833bdba8397a3a734aebe5cd7769252b1f50b13a1d44564ff968754976eb7e6d8f85dd23991c479308c7347ddd2f11c26cd4d232cc7f557be56f2cb546f6c7f682228e2bbf0945b4fa0888c259b0c40c891d9cdc2c31d0460922a0a80d9b393409c220a38b94b7c01540058e207f433926d45c4a05d3eda96b4af6779a2deeff4eaf875591d915094fda41a7b12464af0500894eea0741a7078605409267750975196b760c035e42ab3dc6c0027c05049d31e497473fa0aa6802c6d6297c146f1153698888725d0437ec6e9206ddd7a41cb034fff705ae56c3178e5f90df20053fac546f4db91476bb23c2c69fc1bc9ef29b4cfa62c53125e0e77aea7c0aeecdc82feb6589cc6395e1a7f3806549be081602351ff5607ee6673325858fb850425690887ecd5ab58bd1d7b92bdcdde37815c421df8a08d06e6e61fd1817b5b46d56cbe8dc85d554d2d6a34b0444a95fa72e75c01d1f83ee1669b7f51097f960c8fffbc122d883e5b2024d9222b9e15a63faf87497a246de2428fe0e95aaa6b26389c5d2413ca3b5b2e5d58a4e089e9683ef0ba93145f31e4e9ca7b9f9ca36d4b667a69af06d9ec7bccdd1a51dac136545dd6d0ee27f78de55c53e8948a1778b5d8833533435cfc7df9833b53e68ad3ba521f9c24e728f910f42e58a5793a70a319de867af2927382af7526fc22e03c96de9a06adc7e419d07b0f3090a5381f1b21c857b0515994eb871b1057560ad86aec0ea929aa39a8fa76559527d6245a470456d44a44b47ea3d479e9f5652ae372c1f9b44ec1b6c5c655f4e19b6a9180ea725162098aeef56e73ce29f7472e97525b669e39330aaa398eb3012e3c47dd8bbcd41d26800f74cf7863098622ddc92cd5dde38177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b8806433af1c996e756caaca777371ba5a14b37c630ad3dab4ceaf95232ea7577d3ac80rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootyast2-security-4.5.7-150500.3.3.1.src.rpmapplication()application(YaST2/org.opensuse.yast.Security.desktop)metainfo()metainfo(org.opensuse.yast.Security.metainfo.xml)y2c_secy2t_secyast2-config-securityyast2-securityyast2-trans-security    /bin/shaugeas-lensesrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)yast2yast2-bootloaderyast2-networkyast2-pamyast2-pamyast2-ruby-bindingsyast2-storage-ng3.0.4-14.6.0-14.0-15.2-14.4.472.14.04.3.11.0.04.14.3e?ccc@cjDcb[c@bMb+9b@a@a7a@aaq@aa+@a6aMa@``~@`S@`?z@`>(`>(`<@`<@`4@`+`*b@_إ@_S__@_ _5+@_16_ @^^0^8 @^)^[]+]@]]@]]]p]^\@[@[<@[[~[z@Za@WVm@V>@VUoU@U~@UzUyx@TTq@TTLTN3kanderssen@suse.commfilka@suse.comigonzalezsosa@suse.comshundhammer@suse.comigonzalezsosa@suse.commvidner@suse.comdgonzalez@suse.comlslezak@suse.czigonzalezsosa@suse.comdgonzalez@suse.comkanderssen@suse.comkanderssen@suse.comigonzalezsosa@suse.comkanderssen@suse.comkanderssen@suse.comkanderssen@suse.comkanderssen@suse.comkanderssen@suse.comkanderssen@suse.comkanderssen@suse.comjlopez@suse.comlslezak@suse.czdgonzalez@suse.comdgonzalez@suse.comdgonzalez@suse.comdgonzalez@suse.comdgonzalez@suse.comjreidinger@suse.comdgonzalez@suse.comdgonzalez@suse.comjreidinger@suse.comschubi@localhostschubi@internschubi@localhostschubi@suse.delslezak@suse.czschubi@suse.deaschnell@suse.comjreidinger@localhostkanderssen@suse.comschubi@suse.desnwint@suse.comjreidinger@suse.comschubi@suse.deigonzalezsosa@suse.comigonzalezsosa@suse.comschubi@suse.deigonzalezsosa@suse.comschubi@suse.deschubi@suse.deschubi@suse.dehellcp@mailbox.orgnoahadvs@gmail.comschubi@suse.deschubi@suse.dedgonzalez@suse.comschubi@suse.demfilka@suse.comjreidinger@suse.comknut.anderssen@suse.comknut.anderssen@suse.comancor@suse.comancor@suse.comancor@suse.comancor@suse.comancor@suse.comancor@suse.comancor@suse.comjsuchome@suse.czancor@suse.comjreidinger@suse.commvidner@suse.com- Do not load the security settings from the security policy until needed (bsc#1216615). - 4.5.7- bsc#1208492 - do not store empty values in CFA login.defs empty value to avoid crash when parsing according to login.defs lens - 4.5.6- AutoYaST: export security policy settings (related to jsc#SLE-24764). - Always write the ssg-apply configuration if a security policy is enabled, even if the action is 'none' (related to jsc#SLE-24764). - 4.5.5- Fixed wrong steps count causing a crash during saving (bsc#1205918) - 4.5.4- Add support for DISA STIG security policy validation (jsc#SLE-24764). - Disable the ssg-apply service if the selected SCAP action is "do nothing" (related to jsc#SLE-24764). - 4.5.3- Fix hash vs keyword arguments in RSpec expectations (bsc#1204871) - 4.5.2- Do not crash when reading active LSM modules returns nil (related to jsc#SLE-22069) - 4.5.1- Bump version to 4.5.0 (bsc#1198109)- Always check for the package in the underlying system when trying to detect if running on systemd (bsc#1196963). - 4.4.13- Stop using 'lsm' kernel boot parameter even for the "None" Major Linux Security Module (bsc#1194332, bsc#1196274). - 4.4.12- Fixed Export unit test (related to jsc#SLE-22069). - 4.4.11Related to jsc#SLE-22069: - AutoYaST LSM: only allow to select the desired LSM and the SELinux mode. - 4.4.10- Use Package module instead of PackageSystem (bsc#1194886). - 4.4.9- Related to jsc#SLE-22069: - Fix import of 'none' and 'apparmor' options from the profile when declared - 4.4.8Related to jsc#SLE-22069: - Autoyast LSM section: added "none" section in order to mark it as not selectable during the installation. - 4.4.7- Fix security_auto client selinux requirement (bsc#1194449) - 4.4.6- Do not use the 'lsm' kernel boot parameter by now as it could need other modules to be pecified like the integrity one (bsc#1194332). - 4.4.5- Related to jsc#SLE-22069: - Autoyast LSM section: added "selectable" option to the section - Do not propose a default LSM configuration when it is declared as not configurable in the control file or AutoYaST - 4.4.4- Added back the selinux boot parameter when selinux is selected and not disabled in order to switch on SELinux (jsc#SLE-22069) - 4.4.3- Add support for selecting and configuring the desired Linux Security Module (jsc#SLE-22069) - 4.4.2- Add Security#SafeRead to allow detecting read errors when calling it from perl modules (related to bsc#1177183). - 4.4.1- 4.4.0 (bsc#1185510)- Do not set SELinux mode when it is not configurable (bsc#1182940) - 4.3.16- Make SELinux not configurable when running on WSL (bsc#1182940) - 4.3.15- Ensure defined SELinux patterns are set (bsc#1182543). - 4.3.14- Do not write bootloader in insts-sys (bsc#1182894). - 4.3.13- Change the SELinux resolvable unique id used in auto-installation to be consistent with the one used by normal installation (related to jsc#SLE-17342). - 4.3.12- Move security_finish client to yast2-installation (bsc#1182821) - 4.3.11- Move SELinux .autorelabel file from / to /etc/selinux if root filesystem will be mounted as read only (jsc#SLE-17307). - 4.3.10- jsc#SMO-20, jsc#SLE-17342: - Add class for managing SELinux configuration. - AutoYaST: add support for SELinux configuration. - 4.3.9- Adapted unit test to recent changes in Yast::Report (related to bsc#1179893). - 4.3.8- Removed old code for sysvinit configuration (bsc#1175494). - 4.3.7- Removed obsolete setting DISPLAYMANAGER_SHUTDOWN from /etc/sysconfig/displaymanager (bsc#1175495). - 4.3.6- Removed handling of obsolete entry SYSTOHC in /etc/sysconfig/clock (bsc#1175496) - 4.3.5- AY-Import: Translate setting to with the correct value format (bsc#1177720). - 4.3.4- Fixed randomly failing unit tests, do not query the installed PAM modules in the testing system (related to bsc#1171318) - 4.3.3- AutoYaST: Added supplements: autoyast(security) into the spec file in order to install this packages if the section has been defined in the AY configuration file (bsc#1146494). - 4.3.2- Use pam_pwquality instead of pam_cracklib depending on availability (bsc#1171318) - Fix setting dictpath for pam_pwquality (bsc#1174619) - 4.3.1- Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0- Apply sysctl changes to the running system when the YaST sysctl configuration file is modified (bsc#1167234) - 4.2.12- Using SysctlConfig class: Handle sysctl entries in different directories (bsc#1151649). - 4.2.11- don't use /bin/systemctl compat symlink (bsc#1160890) - 4.2.10- convert old init.d to systemd (jsc#SLE-10976) - 4.2.9- Added to rnc file: sys_gid_max, sys_gid_min, sys_uid_max, sys_uid_min, hibernate_system, kernel.sysrq, mandatory_services, net.ipv4.ip_forward, net.ipv4.tcp_syncookies, net.ipv6.conf.all.forwarding (bsc#1158301). - 4.2.8- bsc#1155735, bsc#1157541: - Read /usr/etc/login.defs. - Write login.defs configuration to /etc/login.defs.d/. - 4.2.7- Change default encryption method from DES to SHA512 (bsc#1157541, CVE-2019-3700). - 4.2.6- Added extra_services to security.rnc file (bsc#1153623). - 4.2.5- Place sysctl settings in /etc/sysctl.d/ (jsc#SLE-9077). - 4.2.4- AY: Settings have not been exported. "console_shutdown" entry has not been evaluated (bsc#1150821). - 4.2.3- AY: Supporting user defined permission files like "/etc/permissions.ultra". (bsc#1147173) - 4.2.2- Using rb_default_ruby_abi tag in the spec file in order to handle several ruby versions (bsc#1146403). - 4.2.1- Add metainfo (fate#319035) - Revamp spec - Replace GenericName with Comment - 4.2.0- Provide icon with module (boo#1109310) - 4.1.2- Writing security settings in first AY installation stage. So other modules (e.g. users) can rely on these settings now. (bnc#1112769) - 4.1.1- Added license file to spec.- Upate calls to YaST2 systemd classes (related to fate#319428) - 4.1.0- Switched license in spec file from SPDX2 to SPDX3 format.- bnc#1087957 - version bump - 4.0.0- mark string "Security" translatable (bnc#988764) - 3.2.3- Added support for multiple display managers (bnc#946889). - Replaced testsuite tests by rspec tests. - Removed autotools. - Updated yast2 dependency for cfg_mail.scr - 3.2.2- Removed "Boot permissions - Interpretation of Ctrl + Alt + Del" combo box "Reboot" entry for s390 architecture. (fate#319711) - 3.2.1- Bumped version number in order to branch the SLE version due to different display manager behavior (bnc#946889). - 3.2.0- Added some entries to the list of optional services (bnc#942379) - 3.1.11- Settings of security levels moved to YAML files - Redefined security levels (last part of fate#318425) - 3.1.10- Updated list of mandatory and optional services (part of fate#318425) - 3.1.9- When checking services, systemd aliases are now taken into account (so, for example, rsyslog is accounted as syslog).- Removed references to runlevels (obsolete). Only current systemd target is analyzed. (fate#318425, bnc#941620) - List of mandatory and optional services moved to a YAML file.- Fixed an error setting the shutdown behaviour of KDM (bnc#907907) - YaST agents moved to the right location in the source tree - 3.1.8- fix paths for systemd target links (bnc#911523) - 3.1.7- Fixed the interface to show and process correctly values from sysctl.conf. - Source code cleanup, including some minor fixes and new tests.- remove X-KDE-Library from desktop file (bnc#899104)- Removed CWD_IN_ROOT_PATH, CWD_IN_USER_PATH also from the UI where they showed as empty lines in the overview (FATE#100011, boo#900829), by Antoine Belvire. - 3.1.5/bin/shy2c_secy2t_secyast2-config-securityyast2-trans-securityh01-ch4c 1698924037  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRS4.5.7-150500.3.3.1  clientssecurity.rbsecurity_auto.rbsecurity_policy_proposal.rbsecurity_summary.rbdatasecuritylevel1.ymllevel2.ymllevel3.ymlservices.ymlincludesecuritycomplex.rbdialogs.rbhelps.rblevels.rbroutines.rbusers.rbwidgets.rbwizards.rblibcfaselinux.rbssg_apply.rbsecurityctrl_alt_del_config.rbdisplay_manager.rby2securityautoinstlsm_config_reader.rbautoinst_profileautoinst_profile.rbsecurity_policy_section.rbsecurity_section.rbclientssecurity_policy_proposal.rblsmlsm.rbapp_armor.rbbase.rbconfig.rbnone.rbselinux.rbsecurity_policiessecurity_policies.rbbootloader_password_rule.rbdisa_stig_policy.rbencrypted_filesystems_rule.rbfilesystem_size_rule.rbfirewall_enabled_rule.rbmanager.rbno_wireless_rule.rbpolicy.rbrule.rbrule_presenter.rbseparate_filesystem_rule.rbseparate_mount_point_rule.rbtarget_config.rbunknown_rule.rbmodulesSecurity.rbschemaautoyastrncsecurity.rncscrconfcfg_locate.scretc_polkit-default-privs_local.scrkde4_kdmrc.scrYaST2org.opensuse.yast.Security.desktopyast2-securityREADME.mdiconshicolorscalableappsyast-security.svgyast2-securityCOPYINGmetainfoorg.opensuse.yast.Security.metainfo.xml/usr/share/YaST2//usr/share/YaST2/clients//usr/share/YaST2/data//usr/share/YaST2/data/security//usr/share/YaST2/include//usr/share/YaST2/include/security//usr/share/YaST2/lib//usr/share/YaST2/lib/cfa//usr/share/YaST2/lib/security//usr/share/YaST2/lib/y2security//usr/share/YaST2/lib/y2security/autoinst//usr/share/YaST2/lib/y2security/autoinst_profile//usr/share/YaST2/lib/y2security/clients//usr/share/YaST2/lib/y2security/lsm//usr/share/YaST2/lib/y2security/security_policies//usr/share/YaST2/modules//usr/share/YaST2/schema//usr/share/YaST2/schema/autoyast//usr/share/YaST2/schema/autoyast/rnc//usr/share/YaST2/scrconf//usr/share/applications//usr/share/applications/YaST2//usr/share/doc/packages//usr/share/doc/packages/yast2-security//usr/share//usr/share/icons//usr/share/icons/hicolor//usr/share/icons/hicolor/scalable//usr/share/icons/hicolor/scalable/apps//usr/share/licenses//usr/share/licenses/yast2-security//usr/share//usr/share/metainfo/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31376/SUSE_SLE-15-SP5_Update/d39112714591b2938ef0350164a7b737-yast2-security.SUSE_SLE-15-SP5_Updatedrpmxz5noarch-suse-linuxdirectoryRuby script, ASCII textASCII textASCII text, with very long linesUTF-8 Unicode textSVG Scalable Vector Graphics imageXML 1.0 document textPPPPS9듡1Aautoyast(security)utf-833f8a33de1ea709658aa4bbc0bc611b0057e733e0ca38f1725b5a6b68c57b2f5?7zXZ !t/]"k%\)%K ffdS!G-TiY;H@>ӖS?Zc+na$K2$m¾:d87?EޯDfOt OSVD;33}x}XmK3mŵqϠmp8s:nK>l/87"ҭP:~{[RQ . lX MҀ#Jmc<\D /E}̻S rx>J~uÝZ7'+]%{)MY\{S̥ !xvlj@ϯٍJv_9Fε ](K]#"0)}iOâd;`j㧬 6Fֶnw-Fc.f~a (3,[80.wSIW$ %8={!$UoO}kzvQFgfP Q_k"ovzDmɂ/u:ߙs{44UJD;cCc ;opo`uZ8d"Nم2 ATYY{Y5ֺVzX}࿳g Kb~܌)-$sHDȆ<:j* Ůk-O-?E:v@ طEǨMdmIv/VpZs)?D&ZskYJ0zYUsyB4o} Awk|6 v`qaqgDmΘp֬lsQ@p}ES|ԭpIgÒzHtb GCv_N>4D郍Xv^s*Kys P &4ɓE%1 ε"7@ Qܑ۩> sE_]nZj5}^ PLjVM2[8.Wz1ZQ,I.Κp$g]"/p;a+mgF.HȽ{2Q =~r^Zz{VK} 2*Y:=л& B Y"U`./Zd i٢زE4Y,+?@~u‘& bOƲKpM=¹RV%|_8>E8@$s* t^GT)kG;=Os:aN&ΑQoQ MZt+VĿBIB -d YZ