Bug 1984995

Summary: annobin: annocheck policy adjustments for PAC+BTI revert
Product: Red Hat Enterprise Linux 9 Reporter: Florian Weimer <fweimer>
Component: annobinAssignee: Nick Clifton <nickc>
Status: CLOSED CURRENTRELEASE QA Contact: Martin Cermak <mcermak>
Severity: high Docs Contact:
Priority: urgent    
Version: CentOS StreamCC: bstinson, fweimer, jwboyer, mcermak, nickc, tschelle
Target Milestone: betaKeywords: Bugfix, Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: annobin-9.83-2.el9 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-12-07 21:20:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1984652    
Bug Blocks: 1988950    

Description Florian Weimer 2021-07-22 15:35:57 UTC 
Bug 1984652 reverts PAC+BTI for Red Hat Enterprise Linux 9.

We need to change annocheck reporting so that detected PAC and BTI is treated as a failure, rather than treating missing PAC and BTI as a failure.

There should not be a recommendation that this will be turned on in the future. Package maintainers should not be encouraged to enable either feature ahead of time.
Comment 2 Nick Clifton 2021-07-23 13:44:02 UTC 
Fixed in annobin-9.83-1.el9
Comment 3 Florian Weimer 2021-08-02 06:59:06 UTC 
annobin-9.83-2.el9 with this change is in gating, via rhel-9.0.0-beta-build-sidetag-86604-stack-gate.