RFE Template : 1. Proposed title of this feature request openscap-utils package should not be a dependency for 'spacewalk-oscap' 2. Who is the customer behind the request? Account: name (acct #) 781480 TAM customer: no/yes no SRM customer: no/yes yes Strategic: no/yes yes 3. What is the nature and description of the request? For integrating OpenSCAP with Satellite 5.x the 'spacewalk-oscap' package needs to be installed. However, the "openscap-utils" package is a dependent package and in turns install the "rpm-build " and "rpmdevtools" packages. The requirement is to split the 'spacewalk-oscap' and "openscap-utils" package. i.e The "openscap-utils" should not be a dependency for 'spacewalk-oscap' 4. Why does the customer need this? (List the business requirements here) The problem is that the openscap-utils package contains the scap-as-rpm utility, which in turn depends on rpm-build which depends on /usr/bin/gdb-add-index, thus installs gdb. As per the security guidelines it is not allowed to install the gdb and other rpm build/devel packages such as scap-as-rpm, rpmdevtools, rpm-build on their production environment. 5. How would the customer like to achieve this? (List the functional requirements here) The 'spacewalk-oscap' package should be an independent package without having dependency on the "openscap-utils". 6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented. Installation of the 'spacewalk-oscap' package should not install packages like gdb, rpm-build, rpmdevtools. 7. Is there already an existing RFE upstream or in Red Hat Bugzilla? There is bugzilla to split openscap, openscap-utils, openscap-scanner packages, the bugzilla ID is #1115114. 8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)? RHEL6 9. Is the sales team involved in this request and do they have any additional input? No 10. Would the customer be able to assist in testing this functionality if implemented? Yes
POSTED patch upstream. https://github.com/spacewalkproject/spacewalk/pull/273
Moving to MODIFIED, as the PR was accepted to upstream.
one more commit ... spacewalk.git: db3287fe19df204a3c9841eb915bdce8ecf37da6 (openscap-utils is still needed on RHEL5, as openscap-scanner is not available)
commit from Comment 8 cherry-picked into spacewalk.git(SPACEWALK-2.4): 1a42d158568b588673a77850081b77fd212ad5ba
Unfortunately this can not be fixed due to support of older RHEL 6.x z stream channels where package openscap-scanner is not available. As long as these RHEL 6.x channels are supported there's nothing we can do about this.