rocky-linux/rocky-tools
4
0
Fork 0
mirror of https://github.com/rocky-linux/rocky-tools.git synced 2024-09-18 08:52:37 +00:00
Code Issues Projects Releases Activity

Fix: remove openssl-fips-provider (#219)

Browse Source 
* Fix: remove openssl-fips-provider

* Check fips-mode-setup if enabled and stop if it is

* add fips-mode-setup to bin list; use --is-enabled
This commit is contained in:
Louis 2024-08-05 01:36:56 -07:00 committed by GitHub
parent 21491cf161
commit bccfbf6c7c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
migrate2rocky/migrate2rocky9.sh
View File

@ -273,6 +273,12 @@ pre_check () {
'migrate2rocky9. See the README file for details.' 'migrate2rocky9. See the README file for details.'
fi fi
if fips-mode-setup --is-enabled; then
exit_message \
'Migration from a system that has FIPS mode enabled is not supported by '\
'migrate2rocky9. Please disable FIPS mode before running migrate2rocky9.'
fi
dnf -y check || exit_message \ dnf -y check || exit_message \
'Errors found in dnf/rpm database. Please correct before running '\ 'Errors found in dnf/rpm database. Please correct before running '\
'migrate2rocky9.' 'migrate2rocky9.'
@ -326,6 +332,7 @@ bin_check() {
bins=( bins=(
rpm dnf awk column tee tput mkdir cat arch sort uniq rmdir df rpm dnf awk column tee tput mkdir cat arch sort uniq rmdir df
rm head curl sha512sum mktemp systemd-detect-virt sed grep rm head curl sha512sum mktemp systemd-detect-virt sed grep
fips-mode-setup
) )
if [[ $update_efi ]]; then if [[ $update_efi ]]; then
bins+=(findmnt grub2-mkconfig efibootmgr mokutil lsblk) bins+=(findmnt grub2-mkconfig efibootmgr mokutil lsblk)
@ -718,6 +725,9 @@ collect_system_info () {
redhat-release redhat-release
redhat-release-eula redhat-release-eula
) )
addl_pkg_removes=(
openssl-fips-provider
)
# Check to make sure that we don't already have a full or partial # Check to make sure that we don't already have a full or partial
# RockyLinux install. # RockyLinux install.