commit e5e33929ac0f92dacf14a5a2a1ba9d8a18a9c9c2
Author: Louis Abel <label@rockylinux.org>
Date:   Sat Jun 17 10:30:37 2023 -0700

    init 10

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..99a05fd
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,9 @@
+BUILD/
+BUILDROOT/
+RPMS/
+SRPMS/
+SOURCES/*.xz
+SOURCES/*.bz2
+SOURCES/*.rpm
+SOURCES/*.orig
+SOURCES/*.sign
diff --git a/.rocky-release.metadata b/.rocky-release.metadata
new file mode 100644
index 0000000..e69de29
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..f0d141e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,45 @@
+Release package - All PR's should be against original/rpms/rocky-release
+
+## Notes for Packagers/Builders
+
+This package produces multiple variants of `rocky-release`:
+
+* Stable: `rocky-release`, `rocky-repos`, `rocky-gpg-keys`, etc
+* LookAhead: All packages appended with `-lookahead`
+* Beta: All packages appended with `-Beta`
+
+* If `--with=rllookahead` or `--with=rlbeta` are set in mock, those variants are built
+* If both are set the same time, build will fail
+
+When `--with=rllookahead` is set the minor version will typically be `y+1`. So if the current
+stable is `X.0`, the next would be `X.1`.
+
+For pre-releases/beta, both packages should produce `X.Y` until changed in the spec.
+
+The `rllh` macro may be versioned out for future use. It does not have to be explicitly set.
+
+A `rllh_minor` macro may be introduced in the future.
+
+### How does this benefit us?
+
+It allows us to track future minor releases from Stream and see how it will
+affect us going forward. When a minor release is being branched, the "lookahead"
+files can just be copied and a new "stable" release is made in preparation. The
+beta of each RHEL tends to stick around for a month before a release is done,
+which makes it easier to make sure everything "stays in line" for the most part.
+
+### What about after the five year mark?
+
+LookAhead will no longer be produced as the major version will then be in
+maintenance only mode.
+
+### What is the rloverride macro?
+
+This simply sets the dist tag to `.el%{major}.override` and changes the ID="..."
+tag in `/etc/os-release` to read as `rhel` rather than `rocky`. This helps us
+perform very specific builds that cannot otherwise be debranded properly, eg
+dotnet. This should also change the initial macros to only provide `%rhel` and
+not CentOS or any other derivative macro name, as some packages specifically
+look for these macros being set as well and *also* applies to those packages
+that cannot be properly debranded or when debranding has not visual or
+functional benefit.
diff --git a/SOURCES/50-redhat.conf b/SOURCES/50-redhat.conf
new file mode 100644
index 0000000..689ef5e
--- /dev/null
+++ b/SOURCES/50-redhat.conf
@@ -0,0 +1,8 @@
+# These defaults are from upstream and are not patched into systemd like in el8
+# https://bugzilla.redhat.com/show_bug.cgi?id=1689346
+kernel.kptr_restrict = 1
+
+# Source route verification
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.*.rp_filter = 1
+-net.ipv4.conf.all.rp_filter
diff --git a/SOURCES/85-display-manager.preset b/SOURCES/85-display-manager.preset
new file mode 100644
index 0000000..5a8fb36
--- /dev/null
+++ b/SOURCES/85-display-manager.preset
@@ -0,0 +1,12 @@
+# We enable all display managers by default. Since only one can
+# actually be enabled at the same time the one which is installed
+# first wins
+
+enable gdm.service
+enable lightdm.service
+enable slim.service
+enable lxdm.service
+enable sddm.service
+enable kdm.service
+enable xdm.service
+
diff --git a/SOURCES/90-default-user.preset b/SOURCES/90-default-user.preset
new file mode 100644
index 0000000..4990671
--- /dev/null
+++ b/SOURCES/90-default-user.preset
@@ -0,0 +1,25 @@
+# Enable the D-Bus service (including its socket for socket activation)
+# unconditionally. It is used throughout Fedora and required on all machines.
+# https://src.fedoraproject.org/rpms/fedora-release/pull-request/4
+# https://fedoraproject.org/w/index.php?title=Starting_services_by_default&oldid=377748
+enable dbus.socket
+enable dbus-broker.service
+
+# Socket-activated pipewire service for individual user sessions
+# https://bugzilla.redhat.com/show_bug.cgi?id=1592434
+enable pipewire.socket
+
+# Enable the PipeWire PulseAudio compatibility socket interface
+# https://bugzilla.redhat.com/show_bug.cgi?id=1904239
+# https://bugzilla.redhat.com/show_bug.cgi?id=1907906
+# https://fedoraproject.org/wiki/Changes/DefaultPipeWire
+enable pipewire-pulse.socket
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1976006
+enable pipewire-media-session.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2022717
+enable wireplumber.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2181984
+enable obex.service
diff --git a/SOURCES/90-default.preset b/SOURCES/90-default.preset
new file mode 100644
index 0000000..42117cf
--- /dev/null
+++ b/SOURCES/90-default.preset
@@ -0,0 +1,227 @@
+# Also see:
+# https://fedoraproject.org/wiki/Starting_services_by_default
+
+disable systemd-timesyncd.service
+disable systemd-resolved.service
+
+# systemd
+enable remote-fs.target
+enable getty@tty1.service
+
+# System stuff
+enable sshd.service
+enable atd.*
+enable crond.*
+enable chronyd.service
+enable rpcbind.*
+enable NetworkManager.service
+enable NetworkManager-dispatcher.service
+enable ModemManager.service
+enable auditd.service
+enable restorecond.service
+enable bluetooth.*
+enable avahi-daemon.*
+enable cups.*
+
+# The various syslog implementations
+enable rsyslog.*
+enable syslog-ng.*
+enable sysklogd.*
+
+# Network facing
+enable firewalld.service
+enable xinetd.service
+enable ladvd.service
+
+# Virtualization driver specific daemons. Start by defalt at boot for VM
+# autostart, but shutdown after 2 mins and socket activated thereafter
+enable virtqemud.service
+
+# Compatibility with libvirtd sockets for old clients and expose TCP sockets
+enable virtproxyd.socket
+
+# Secondary drivers providing supporting functionality to main virtualization
+# drivers, socket activated only when required
+enable virtinterfaced.socket
+enable virtnetworkd.socket
+enable virtnodedevd.socket
+enable virtnwfilterd.socket
+enable virtsecretd.socket
+enable virtstoraged.socket
+
+# Storage
+enable multipathd.service
+enable libstoragemgmt.service
+enable lvm2-lvmpolld.socket
+enable lvm2-monitor.*
+enable lvm2-lvmetad.*
+enable dm-event.*
+enable dmraid-activation.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=855372
+enable mdmonitor.service
+enable mdmonitor-takeover.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=876237
+enable spice-vdagentd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=885406
+enable qemu-guest-agent.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=928726
+enable dnf-makecache.timer
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=957135
+enable vmtoolsd.service
+
+# mcelog is a utility that collects and decodes Machine Check Exception data
+# on x86-32 and x86-64 systems.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1302179
+enable mcelog.service
+
+#https://bugzilla.redhat.com/show_bug.cgi?id=995987
+enable kdump.service
+
+#https://bugzilla.redhat.com/show_bug.cgi?id=1009970
+enable tuned.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1215645
+enable unbound-anchor.timer
+
+# Enable SSSD Kerberos Credential Cache Server
+# https://bugzilla.redhat.com/show_bug.cgi?id=1558927
+enable sssd-kcm.socket
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1578833
+enable sssd.service
+
+# Hardware
+enable gpm.*
+enable gpsd.*
+enable irqbalance.service
+enable lm_sensors.service
+enable mcelog.*
+enable microcode.service
+enable smartd.service
+enable pcscd.socket
+enable rngd.service
+
+# Other stuff
+enable abrtd.service
+enable abrt-journal-core.service
+enable abrt-oops.service
+enable abrt-xorg.service
+enable abrt-vmcore.service
+enable lttng-sessiond.service
+enable ksm.service
+enable ksmtuned.service
+enable rootfs-resize.service
+enable sysstat.service
+enable uuidd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1193616
+enable hypervfcopyd.service
+enable hypervkvpd.service
+enable hypervvssd.service
+
+# Desktop stuff
+enable accounts-daemon.service
+enable rtkit-daemon.service
+enable upower.service
+enable udisks2.service
+enable packagekit-offline-update.service
+enable PackageKit.service
+# https://bugzilla.redhat.com/show_bug.cgi?id=2011240
+enable power-profiles-daemon.service
+
+# Initial Setup reconfiguration service
+enable initial-setup-reconfiguration.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1312446
+enable opal-prd.service
+
+# virtlog.service is sometimes used by VMs started by libvirt.service
+# Enable virtlog.socket to have it socket activated
+# https://bugzilla.redhat.com/show_bug.cgi?id=1325503
+enable virtlogd.socket
+
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1271839
+enable rhsmcertd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1359645
+enable brandbot.*
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1572550
+enable timedatex.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1578870
+enable selinux-autorelabel-mark.service
+enable rhel-configure.service
+enable rhel-dmesg.service
+
+# https://github.com/fedora-sysv/initscripts/commit/37109fdf9808
+enable nis-domainname.service
+enable import-state.service
+enable loadmodules.service
+enable readonly-root.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1630200
+# s390x specific services
+enable cpi.service
+enable device_cio_free.service
+
+# Enable the stratis daemon for managing stratis storage
+# https://bugzilla.redhat.com/show_bug.cgi?id=1632510
+enable stratisd.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1817591
+enable mlocate-updatedb.timer
+
+# nvme auto connect
+# https://bugzilla.redhat.com/show_bug.cgi?id=1805466
+enable nvmefc-boot-connections.service
+
+# OSTree based systems need to remount /sysroot and
+# /var as rw via ostree-remount.service
+# ignored by non-OSTree based systems
+# https://bugzilla.redhat.com/show_bug.cgi?id=1848453
+enable ostree-remount.service
+
+# DBus needed by Anaconda
+enable dbus.socket
+enable dbus-broker.service
+
+# Enable iscsi service files
+# https://bugzilla.redhat.com/show_bug.cgi?id=1930458
+enable iscsi.service
+enable iscsid.socket
+enable iscsiuio.socket
+enable iscsi-onboot.service
+
+# Enable logrotate.timer
+# https://bugzilla.redhat.com/show_bug.cgi?id=1977865
+enable logrotate.timer
+
+# Enable greenboot
+# https://bugzilla.redhat.com/show_bug.cgi?id=2005552
+enable greenboot-grub2-set-counter.service
+enable greenboot-grub2-set-success.service
+enable greenboot-healthcheck.service
+enable greenboot-rpm-ostree-grub2-check-fallback.service
+enable greenboot-status.service
+enable greenboot-task-runner.service
+enable redboot-auto-reboot.service
+enable redboot-task-runner.service
+# https://bugzilla.redhat.com/show_bug.cgi?id=2108625
+enable greenboot-service-monitor.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2013299
+enable low-memory-monitor.service
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2049627
+enable switcheroo-control.service
+
+# Enable clevis-luks-askpass.path
+# https://bugzilla.redhat.com/show_bug.cgi?id=2106811
+enable clevis-luks-askpass.path
diff --git a/SOURCES/99-default-disable.preset b/SOURCES/99-default-disable.preset
new file mode 100644
index 0000000..6161454
--- /dev/null
+++ b/SOURCES/99-default-disable.preset
@@ -0,0 +1,2 @@
+# Final disable all
+disable *
diff --git a/SOURCES/COMMUNITY-CHARTER b/SOURCES/COMMUNITY-CHARTER
new file mode 100644
index 0000000..644bb87
--- /dev/null
+++ b/SOURCES/COMMUNITY-CHARTER
@@ -0,0 +1,113 @@
+# Community Charter
+
+The Community Charter of the Rocky Enterprise Software Foundation
+
+### Preamble
+
+Enterprise organizations are becoming concerned with using open source software
+due to recent events where projects have changed licensing or pivoted to limit
+usage due to competition, business models, conflicts of interest, or other
+motivation.
+
+We do not assume the open source mindset lightly. It is not a marketing tool, or
+a business endeavor. Open source is a development model designed to engage and
+foster collaboration and usage. It is a decision which should be carefully
+considered, as it should be expected that others, including competitors, will
+make use of the technologies that are created by it.
+
+The Rocky Enterprise Software Foundation (RESF) has been created to organize a
+community around enterprise, research, academia, individuals, and other
+institutions to collaborate on building and maintaining the open source tools
+that these organizations need.
+
+Our mission is to provide the confidence and stability necessary to build on
+open source projects. Together, we can create a stable foundation of open source
+software that companies can use internally, or as the basis for their commercial
+needs.
+
+### Purpose
+
+The purpose of this document is to define the vision, mission, principles, and
+values of the Rocky Enterprise Software Foundation. We stand together,
+voluntarily accountable to this charter by our peers and the enterprise
+community at large.
+
+### Vision
+
+A community of individuals and organizations, committed to working together to
+provide a stable foundation of open source software within the enterprise.
+
+### Mission
+
+- Build a community of individuals and organizations to develop and foster
+enterprise-grade, open source solutions.  - Work together to provide for the
+needs of the enterprise community.  - The security, stability, and integrity of
+our projects are paramount.  - Enable knowledge sharing, inclusiveness,
+collaboration, and open communication.  - Coordinate with the commercial,
+research, academic, and public sectors to help bring their products,
+technologies, and support into enterprise environments.  - Always make decisions
+in the best interest of the enterprise community while being beholden to no
+specific organization(s)
+
+### Principles
+
+Principles are fundamental truths, immutable, and they guide the decisions we
+make and the goals that we set. No action can be made by us that is contrary to
+the following principles:
+
+- Community responsibility. The Rocky Enterprise Software Foundation is
+responsible and accountable only to the community that consumes its projects.
+RESF shall be structured and governed in a way that ensures that no single
+entity, organization, corporation, association, etc. will be permitted to have a
+controlling influence over the RESF or its projects. 
+
+- Our projects are free and open source. With few exceptions (branding, legal,
+etc.), the work generated by the RESF and its community will be released under
+an existing OSI permissive open source license (non-copyleft).
+
+- Trust is paramount. While decisions may sometimes need to be made that balance
+opposing perspectives, at all times we strive toward building and maintaining
+the overall trust such that the community feels confident in leveraging and
+standardizing on the resulting work of this organization for both commercial and
+internal usage.  - Remain transparent. To the degree that we are reasonably able,
+the RESF will remain transparent to the community as defined by our data security
+policy: https://forums.rockylinux.org/t/rfc-data-classification-policy/1513
+
+- Equality of Opportunity: The RESF will strive to build and maintain a
+collaborative and respectful environment that provides equal access to
+opportunities and resources for everyone within the community.
+
+### Values
+
+We derive our values from our principles. It is with these values in mind that
+we make decisions, always striving to make the best decision possible with the
+data we have at hand.
+
+- Be practical. As open source advocates, our inclination toward solving
+problems is to use tools that are themselves permissible open source, but the
+best practical solution to a problem may preclude that. We use the right tool
+for the right job.
+
+- Be reasonable. Respect is given and trust is earned. Input from all
+contributors are valued, and all perspectives are sought after and considered.
+Knowledge and righteousness does not follow seniority.
+
+- Team ahead of self. Sycophants are not valuable to an organization, but
+neither are contrarians. We respectfully vocalize our concerns but pull
+together to drive forward once a decision has been reached.
+- Enable the enterprise community.  While we are starting with creating a stable
+downstream enterprise distribution of Linux, our goals are much broader,
+including attention to the needs of special interests, project hosting,
+education, collaboration, workshops, meetups, and individuals.
+
+- Consider the human. Rocky Linux is developed and supported by a wide group of
+diverse individuals from all walks of life. We are strictly apolitical and will
+always assume the best intentions of others.
+
+### Get Involved
+
+We welcome feedback for this charter, and we encourage participation and
+engagement from the community. As always, you can get in touch with us for this
+or other matters on our website (https://rockylinux.org), forums
+(https://forums.rockylinux.org), or through chat (https://chat.rockylinux.org).
+
diff --git a/SOURCES/Contributors b/SOURCES/Contributors
new file mode 100644
index 0000000..1ff6ae7
--- /dev/null
+++ b/SOURCES/Contributors
@@ -0,0 +1,74 @@
+# -*- coding: utf-8 -*-
+
+We want to thank you for installing Rocky Linux.
+
+The Rocky Linux OS Distribution would not be possible without the hard work and
+dedication of the community. Building a distribution is far from easy, but with
+unified visions and goals, anything is possible, and Rocky is one of many
+examples of this.
+
+The outpouring support from the community and the amount of people who to
+together to support us, we want to thank you for believing in us and giving us
+a chance. And as always, we hope you enjoy this release.
+
+Thank you.
+
+# Special Recognition #
+  Mustafa Gezen
+  Skip Grube
+  Sherif Nagy
+  Pablo Greco
+  Louis Abel
+  Neil Hanlon
+  Taylor Goodwill
+  Natalie Forde
+  Alejandro Ramallo
+  Wale Soyinka
+  Ezequiel Bruni
+  Trevor Cooper
+  Chris Stackpole
+  Steven Spencer
+  @NezSez
+  @alangm
+  @lumarel
+  Al Bowles (@raktajino)
+  Peter Ajamian (@pj)
+  Scott Shinn
+
+# Rocky Linux Teams and Operations #
+
+Leadership:
+  Gregory Kurtzer
+  Brian Clemens
+
+Infrastructure and Operations:
+  Taylor Goodwill
+  Neil Hanlon
+  Louis Abel
+  Randolh (@meltro)
+  Patric Roberts
+  Mustafa Gezen
+
+Release Engineering/Core:
+  Louis Abel
+  Mustafa Gezen
+  Skip Grube
+  Sherif Nagy
+  Pablo Greco
+  Neil Hanlon
+  Taylor Goodwill
+
+Security:
+  Rob Felsburg
+  Benjamin Agner
+  Scott Shinn
+
+Documentation:
+  Wale Soyinka
+
+Web/Design:
+  Michael Kinder
+
+Testing:
+  Trevor Cooper
+  Chris Stackpole
diff --git a/SOURCES/EULA b/SOURCES/EULA
new file mode 100644
index 0000000..7e154bb
--- /dev/null
+++ b/SOURCES/EULA
@@ -0,0 +1,9 @@
+Rocky Linux EULA
+
+Rocky Linux comes with no warranties or guarantees of any kind, written or
+implied.
+
+The Distribution is released as 3-Clause BSD. Individual packages in the
+distribution come with their own licenses which are available on install as well
+as the distribution git forge. A copy of the 3-Clause BSD license is included
+with the media of this distribution.
diff --git a/SOURCES/LICENSE b/SOURCES/LICENSE
new file mode 100644
index 0000000..622330a
--- /dev/null
+++ b/SOURCES/LICENSE
@@ -0,0 +1,44 @@
+All elements of the Rocky Linux operating system that are developed
+by Contributors to the Rocky Linux project are licensed and made
+available to you under the BSD 3-Clause license.
+
+## Begin 3-Clause BSD License
+
+Copyright 2021 Rocky Linux Project Authors.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice,
+this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its contributors
+may be used to endorse or promote products derived from this software without
+specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+## End 3-Clause BSD License
+
+Note: The Rocky Linux operating system includes a number of pre-existing
+software components, each of which is governed by its own open source
+license and is made available to you under the terms of such applicable
+license.  You are responsible for reviewing and complying with the terms
+of the licenses for those applicable software components. To obtain a
+list of applicable components and their corresponding software licenses,
+run the command:
+
+rpm -qa --qf '%{NAME} - %{LICENSE}\n'
diff --git a/SOURCES/RPM-GPG-KEY-Rocky-10 b/SOURCES/RPM-GPG-KEY-Rocky-10
new file mode 100644
index 0000000..e69de29
diff --git a/SOURCES/RPM-GPG-KEY-Rocky-10-Testing b/SOURCES/RPM-GPG-KEY-Rocky-10-Testing
new file mode 100644
index 0000000..e69de29
diff --git a/SOURCES/rocky-addons.repo b/SOURCES/rocky-addons.repo
new file mode 100644
index 0000000..2aabae5
--- /dev/null
+++ b/SOURCES/rocky-addons.repo
@@ -0,0 +1,177 @@
+# rocky-addons.repo
+#
+# The mirrorlist system uses the connecting IP address of the client and the
+# update status of each mirror to pick current mirrors that are geographically
+# close to the client.  You should use this for Rocky updates unless you are
+# manually picking other mirrors.
+#
+# If the mirrorlist does not work for you, you can try the commented out
+# baseurl line instead.
+
+[highavailability]
+name=Rocky Linux $releasever - High Availability
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=HighAvailability-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/HighAvailability/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[highavailability-debug]
+name=Rocky Linux $releasever - High Availability - Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=HighAvailability-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/HighAvailability/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[highavailability-source]
+name=Rocky Linux $releasever - High Availability - Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=HighAvailability-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/HighAvailability/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[resilientstorage]
+name=Rocky Linux $releasever - Resilient Storage
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=ResilientStorage-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/ResilientStorage/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[resilientstorage-debug]
+name=Rocky Linux $releasever - Resilient Storage - Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=ResilientStorage-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/ResilientStorage/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[resilientstorage-source]
+name=Rocky Linux $releasever - Resilient Storage - Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=ResilientStorage-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/ResilientStorage/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[nfv]
+name=Rocky Linux $releasever - NFV
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=NFV-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/NFV/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[nfv-debug]
+name=Rocky Linux $releasever - NFV Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/NFV/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[nfv-source]
+name=Rocky Linux $releasever - NFV Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/NFV/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[rt]
+name=Rocky Linux $releasever - Realtime
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/RT/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[rt-debug]
+name=Rocky Linux $releasever - Realtime Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/RT/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[rt-source]
+name=Rocky Linux $releasever - Realtime Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=RT-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/RT/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[sap]
+name=Rocky Linux $releasever - SAP
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAP-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/SAP/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[sap-debug]
+name=Rocky Linux $releasever - SAP Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAP-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/SAP/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[sap-source]
+name=Rocky Linux $releasever - SAP Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAP-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/SAP/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[saphana]
+name=Rocky Linux $releasever - SAPHANA
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAPHANA-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/SAPHANA/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[saphana-debug]
+name=Rocky Linux $releasever - SAPHANA Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAPHANA-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/SAPHANA/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[saphana-source]
+name=Rocky Linux $releasever - SAPHANA Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=SAPHANA-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/SAPHANA/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
diff --git a/SOURCES/rocky-devel.repo b/SOURCES/rocky-devel.repo
new file mode 100644
index 0000000..4b88022
--- /dev/null
+++ b/SOURCES/rocky-devel.repo
@@ -0,0 +1,30 @@
+# rocky-devel.repo
+#
+# devel and no-package-left-behind
+
+[devel]
+name=Rocky Linux $releasever - Devel WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=devel-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/devel/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[devel-debug]
+name=Rocky Linux $releasever - Devel Debug WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=devel-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/devel/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+countme=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[devel-source]
+name=Rocky Linux $releasever - Devel Source WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=devel-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/devel/source/tree/
+gpgcheck=1
+enabled=0
+countme=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
diff --git a/SOURCES/rocky-driver.cer b/SOURCES/rocky-driver.cer
new file mode 100644
index 0000000..559dcd0
--- /dev/null
+++ b/SOURCES/rocky-driver.cer
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFCTCCA/GgAwIBAgIBDjANBgkqhkiG9w0BAQsFADCB1DELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgMCERlbGF3YXJlMQ4wDAYDVQQHDAVEb3ZlcjEtMCsGA1UECgwkUm9j
+a3kgRW50ZXJwcmlzZSBTb2Z0d2FyZSBGb3VuZGF0aW9uMSEwHwYDVQQLDBhSZWxl
+YXNlIGVuZ2luZWVyaW5nIHRlYW0xKDAmBgNVBAMMH1JvY2t5IExpbnV4IFNlY3Vy
+ZSBCb290IFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5QHJvY2t5bGlu
+dXgub3JnMB4XDTIzMDQxMjE4NTEyMFoXDTI0MDQxMTE4NTEyMFowgdgxCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEOMAwGA1UEBwwFRG92ZXIxLTArBgNV
+BAoMJFJvY2t5IEVudGVycHJpc2UgU29mdHdhcmUgRm91bmRhdGlvbjEhMB8GA1UE
+CwwYUmVsZWFzZSBlbmdpbmVlcmluZyB0ZWFtMSwwKgYDVQQDDCNSb2NreSBMaW51
+eCBEcml2ZXIgU2lnbmluZyBDZXJ0IDEwMTEmMCQGCSqGSIb3DQEJARYXc2VjdXJp
+dHlAcm9ja3lsaW51eC5vcmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB
+gQDAvHcZPrCh2MNBAASPDI22IDhsvww8IEK5s1dipx80+o5ikJvaTpmbbCclIq2u
+yljNU4ACdzIijDqMzYC8kLMtXJHmJ2UqTUd4pT0ZKalbVt6xrhQaiTL1pdy0S3mJ
+0K3g91hahIu9uT0tYc2MZrrwhZh6ugCt+epSvk3UN6g1jVfBPWeQwzqazsDTrqbz
+8xEBfGNC4RcdmWVN6M2KNhoKUmIJ3y6Uz3jxcj8ke06r2872FJFr2OpoY8ti0bq3
+9uy+qQR+GhmPFwP0bgItAGYu3wwc5aAsandaF6tK77lefM/IyVNRQTUElOYt0ywv
+IALu0fDg9joHwYb9aaU4vCHhgddYtCqs491NIzoK6wEMa3lIKsW1qeKW6eeRWf/0
+/sLfCWGR8v5xarpFhJlC10bw0cQ+Ksn8xfQ/o4b/WPqy5sBpYg4UXPX4LBg1xjh4
+2f6kup3mBZYupayJMU3xtD7p849dJdPPTVJwcZUcRFRCXcAFPHKGfg1MtdhSrIRO
+TjMCAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0O
+BBYEFM5TfwxhXAOBFKy7ASM6W2K5OhlxMB8GA1UdIwQYMBaAFEwsa9fWTugVgcq4
+6YZmH2XiFm/EMA0GCSqGSIb3DQEBCwUAA4IBAQDF7D7WxEkEbTwZAmqtPFckBKGH
+EP6TOWeoTqEGQoqyv39EWrOuKbJiuvMXF+0xMfU9IN2s1c5KtGYe+JnbJGQx1lRb
+OG/syTdF2azAo+suTAR4YJy91d6Ivd55P8LmAISeg0Z6QkiSbsLrHGWbb/bNAATq
+GPr3xwFIT8IN9+jDHRbMIJsEVA+/i7JvNfD87zOG1/PJDc6JRMnDlH3Urccaujy3
+P+WpoGuMfqPqnI2tPrvUbJ2vwS+OnlVx5k50quKdQi83elyjdVpsxFPPSKfFzRTd
+x5t7mwCak9gNm5sKGLXiGlRi+gryJLk7K4CkqPsYWQ/5SGnwkocPNXwJFiUC
+-----END CERTIFICATE-----
diff --git a/SOURCES/rocky-extras.repo b/SOURCES/rocky-extras.repo
new file mode 100644
index 0000000..a71970b
--- /dev/null
+++ b/SOURCES/rocky-extras.repo
@@ -0,0 +1,65 @@
+# rocky-extras.repo
+#
+# The mirrorlist system uses the connecting IP address of the client and the
+# update status of each mirror to pick current mirrors that are geographically
+# close to the client.  You should use this for Rocky updates unless you are
+# manually picking other mirrors.
+#
+# If the mirrorlist does not work for you, you can try the commented out
+# baseurl line instead.
+
+[extras]
+name=Rocky Linux $releasever - Extras
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/extras/$basearch/os/
+gpgcheck=1
+enabled=1
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[extras-debug]
+name=Rocky Linux $releasever - Extras Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/extras/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[extras-source]
+name=Rocky Linux $releasever - Extras Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/extras/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[plus]
+name=Rocky Linux $releasever - Plus
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=plus-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/plus/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[plus-debug]
+name=Rocky Linux $releasever - Plus - Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=plus-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/plus/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[plus-source]
+name=Rocky Linux $releasever - Plus - Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=plus-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/plus/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
diff --git a/SOURCES/rocky-fwupd.cer b/SOURCES/rocky-fwupd.cer
new file mode 100644
index 0000000..bf248f2
--- /dev/null
+++ b/SOURCES/rocky-fwupd.cer
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFIDCCBAigAwIBAgIBDzANBgkqhkiG9w0BAQsFADCB1DELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgMCERlbGF3YXJlMQ4wDAYDVQQHDAVEb3ZlcjEtMCsGA1UECgwkUm9j
+a3kgRW50ZXJwcmlzZSBTb2Z0d2FyZSBGb3VuZGF0aW9uMSEwHwYDVQQLDBhSZWxl
+YXNlIGVuZ2luZWVyaW5nIHRlYW0xKDAmBgNVBAMMH1JvY2t5IExpbnV4IFNlY3Vy
+ZSBCb290IFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5QHJvY2t5bGlu
+dXgub3JnMB4XDTIzMDQxMjE4NTEzMVoXDTI0MDQxMTE4NTEzMVowgdcxCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEOMAwGA1UEBwwFRG92ZXIxLTArBgNV
+BAoMJFJvY2t5IEVudGVycHJpc2UgU29mdHdhcmUgRm91bmRhdGlvbjEhMB8GA1UE
+CwwYUmVsZWFzZSBlbmdpbmVlcmluZyB0ZWFtMSswKQYDVQQDDCJSb2NreSBMaW51
+eCBGd3VwZCBTaWduaW5nIENlcnQgMTAxMSYwJAYJKoZIhvcNAQkBFhdzZWN1cml0
+eUByb2NreWxpbnV4Lm9yZzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGB
+ALRGl+5WVDUwqFfaj7xdn+lpXg9huqtADwKYGlZQo5zAepxiYBDB7mzCI2lBOO6K
++sFGOwhYVS8XGEnFvw8uNDZuFjo1k4cwdqhBwmU93gSpVcrsmupdNdZRkSWelmJ5
+bDBz15DU9za4KMNCs1Ymn0EDI+Vr9QgX0igYUTKJu8ariMJWw+Rvej9D2T0EFVd5
+7pW/Se0cXns38A9yoqo5CH5CRSl2WydYotxj310/KCrwGi1QBlcvdyL1EGHOQcbJ
+gcnGsEyzrtsU1r8xUvYZQxpdXptQS90mkdhx7GfnNleMZD6BrQu7AANh0Gvn1n6n
+z2k3hp8LenfPeATIHxF/V60ts3j5dOv2KPwCEJ5wLSJ/IB/rZiHgmguCmaRzcxVC
+nzLnELeaO9zz6aXSxWf/1AWJm1kDoddFjQpgRNywzAwhBvrlM4/EteuF2Ytj/puK
+/mb/UQo3YCQLzocJc0Do2drDQXsJDivTbfy7QRZREhRyIXs3NTBvnQH/GYFMTouc
+ZwIDAQABo3gwdjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAWBgNVHSUB
+Af8EDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUpOlUSfT3so5OBpQSUKHO9o09344w
+HwYDVR0jBBgwFoAUTCxr19ZO6BWByrjphmYfZeIWb8QwDQYJKoZIhvcNAQELBQAD
+ggEBAKJZnLxppk8EVvaQ9QUaQSNfcozXn6CaRI+/e0kKRgkqplHO7G7Glw5hEIX5
+AUIQOviahgnM/vkYqrCT9yYXtw8XcV5jXlPaqae7xS/0kncw/RRiynWFbf8bJC2e
+D7UtpvMDL9vTqn7n394CQp085EaVueQTXJ2k2SibvYZ5zihGvIm42XUOcrsO2kdG
+dsAJu1UMOOBQ+T9BSz+50GEmEb1k7ZbBOJBSqBjFRntOU41zCszK/wlkqU7LuIjL
+vukGd3+v7wotuq5IeZbimXjdHQbBUMMkUXDxvNrs6dCYeIW2XSFiqyy7hZllUTTx
+uUNBz5/yyFciun26/HexvfXCgak=
+-----END CERTIFICATE-----
diff --git a/SOURCES/rocky-fwupd.der b/SOURCES/rocky-fwupd.der
new file mode 100644
index 0000000..bdfb2bd
Binary files /dev/null and b/SOURCES/rocky-fwupd.der differ
diff --git a/SOURCES/rocky-grub2.cer b/SOURCES/rocky-grub2.cer
new file mode 100644
index 0000000..d59b444
--- /dev/null
+++ b/SOURCES/rocky-grub2.cer
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFIDCCBAigAwIBAgIBEDANBgkqhkiG9w0BAQsFADCB1DELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgMCERlbGF3YXJlMQ4wDAYDVQQHDAVEb3ZlcjEtMCsGA1UECgwkUm9j
+a3kgRW50ZXJwcmlzZSBTb2Z0d2FyZSBGb3VuZGF0aW9uMSEwHwYDVQQLDBhSZWxl
+YXNlIGVuZ2luZWVyaW5nIHRlYW0xKDAmBgNVBAMMH1JvY2t5IExpbnV4IFNlY3Vy
+ZSBCb290IFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5QHJvY2t5bGlu
+dXgub3JnMB4XDTIzMDQxMjE4NTEzNVoXDTI0MDQxMTE4NTEzNVowgdcxCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEOMAwGA1UEBwwFRG92ZXIxLTArBgNV
+BAoMJFJvY2t5IEVudGVycHJpc2UgU29mdHdhcmUgRm91bmRhdGlvbjEhMB8GA1UE
+CwwYUmVsZWFzZSBlbmdpbmVlcmluZyB0ZWFtMSswKQYDVQQDDCJSb2NreSBMaW51
+eCBHcnViMiBTaWduaW5nIENlcnQgMTAxMSYwJAYJKoZIhvcNAQkBFhdzZWN1cml0
+eUByb2NreWxpbnV4Lm9yZzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGB
+AKEKwTtr/yXELMOB+o+6K7zN39wXDCyxHxIDLD2ykcdVkUAhfC2Du32dLl+R8A0D
+7x8EL1dpI6R2/zswS02LVmq+x3M9OdGfWSHm7UjBPcTe2p0BrGEYpjdMnwt56Eod
+x5hnxrYuNJS+bHaSzBvNzYYRlrSFX81MbUioIZR8GpNnQafZ4+jdjt1lunO7r3TS
+pAAjt1ufoPJKV0dbzdBLtS4ZbM1E3pvSfJWDq7zaT4mMzE4OmroxmA2J0kObhSgP
+7ZMwal6L9jqdO/HEYrFAn1tRI2SPpA4vHzykdUo5L+buFdvmv1kZN5klK9waR9Dt
+b4jeXNnKCxR1nj+yCvdgVfpswPaG7bx/oc5tUqjMwop4gRjcRCXdzbqjtXKL0enk
+KVpOd+SlqUPs++CSIhsq0TgzoUhlqDpXLvshm923iunQUgIpvqy9aadYIuykdG8G
+HjxKUATyQXp6PWkfcchw9ziB7y71QFqExCOM11XUPyofS1/7tDrwWiEjzTUJq03n
+BQIDAQABo3gwdjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAWBgNVHSUB
+Af8EDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUJ2TmruR7d3s5uJRoef2ecK9mVsEw
+HwYDVR0jBBgwFoAUTCxr19ZO6BWByrjphmYfZeIWb8QwDQYJKoZIhvcNAQELBQAD
+ggEBABon0rPo9bhkNeiIrbTECZs9Pb99EIUZvZV0uL2XKEoFRTmX1fSslR+24ZUp
+CLrf+q/VSL8OxrYorG0TrsbjeWp94ywicDS+3ro0z9hne3cKF+DYDRLJRS/ls0uo
+n/DK3UTBHa6uWO0akv9CSrWWVveiPX/Yf0SnUWpLFX8yPof8Jm2ggFrIpV9gy1ao
+j/AKG1b+MrUvmHc9pyNGlXlqtoHQq/cEv5yBv6Ntn5I3ve5IP3/YapqcLSa9Vide
+jkwEcKJHuew+825TCbNGTS04WMKxqYni3vZK/0sDhfa7Avlfg160CmmCGVBMnMU/
+v3/fdSLoITZrdgNRoZAexkAdVDM=
+-----END CERTIFICATE-----
diff --git a/SOURCES/rocky-grub2.der b/SOURCES/rocky-grub2.der
new file mode 100644
index 0000000..4e51864
Binary files /dev/null and b/SOURCES/rocky-grub2.der differ
diff --git a/SOURCES/rocky-kernel.cer b/SOURCES/rocky-kernel.cer
new file mode 100644
index 0000000..a05cb05
--- /dev/null
+++ b/SOURCES/rocky-kernel.cer
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFITCCBAmgAwIBAgIBETANBgkqhkiG9w0BAQsFADCB1DELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgMCERlbGF3YXJlMQ4wDAYDVQQHDAVEb3ZlcjEtMCsGA1UECgwkUm9j
+a3kgRW50ZXJwcmlzZSBTb2Z0d2FyZSBGb3VuZGF0aW9uMSEwHwYDVQQLDBhSZWxl
+YXNlIGVuZ2luZWVyaW5nIHRlYW0xKDAmBgNVBAMMH1JvY2t5IExpbnV4IFNlY3Vy
+ZSBCb290IFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5QHJvY2t5bGlu
+dXgub3JnMB4XDTIzMDQxMjE4NTEzOVoXDTI0MDQxMTE4NTEzOVowgdgxCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEOMAwGA1UEBwwFRG92ZXIxLTArBgNV
+BAoMJFJvY2t5IEVudGVycHJpc2UgU29mdHdhcmUgRm91bmRhdGlvbjEhMB8GA1UE
+CwwYUmVsZWFzZSBlbmdpbmVlcmluZyB0ZWFtMSwwKgYDVQQDDCNSb2NreSBMaW51
+eCBLZXJuZWwgU2lnbmluZyBDZXJ0IDEwMTEmMCQGCSqGSIb3DQEJARYXc2VjdXJp
+dHlAcm9ja3lsaW51eC5vcmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB
+gQDA27rW8p7tVaKJLHEsiRoEl3F7vpcGT5/PljpBeD3lasKZ+IJSd3QlflB5KZ7S
+t/IETA2ieo2CBsAe5HPcL4LIJTMjPz/w5s+SnDzmjQtH18kKqIyxXD8GZZFAJ/xK
+z/L5GF9UaUH7ZnE5TkKMz0HQp1B8Pmm/6Gw8d+3oNmjgksNIl1TszSklv1dhYwoD
+uoH8065ymIi55jwifu9rWByvpwL9HO8zHyxXHmdoSAYBe62mY1cn1OChT78uF2YJ
+4xDg9tVoOO/fEqanjzqDwmWXMsKII/H/qcj3ZbMMXqm7sScld2YanF3X2VvfQgi2
+guQKdfv8k0YHxeRwnRSGBxS9dDYNnz7Tl9Iz/8NwH996TEDu2erykQeJ+wpToLAG
+SggVHHGWvQ9w0jS4BWrZI49TJAgvRTplF1UiSiaVw5SzdHclYJ0smUD07IPCae+t
+MmkKmXLJ9YnZ0zp8u9Z++Jsw6URzBk/HBWd1Ll8sz6rLHYF5jHpN20a63iBUZ965
+k8MCAwEAAaN4MHYwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwFgYDVR0l
+AQH/BAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFAYFt/XYVERxhAFQEKNGpjaoDWUf
+MB8GA1UdIwQYMBaAFEwsa9fWTugVgcq46YZmH2XiFm/EMA0GCSqGSIb3DQEBCwUA
+A4IBAQAsh0wBFKwBM2E0ajmRZrZ4QZ1ACYha8653e1l+oqjxF7vVMpYYcYnNP0Ap
+xX6waYPU9skZUw9CAM3ayU4JnbF4TUfscxR1DSblreP3CHI0cKcYAn7EW8v1Y1Kp
+zWr+aZSxkrG0VQDPPR/mJaFdYoG603OAKnja3gRVTaBoga18C0URIl9MfXa2YChk
+YQNhXG22wMe7y7FEHwJI0mwPvnekVIa3g/iC/3DyfyffvlEoI0e9Ji9wQM5hVSxu
+8dZh5YyQi46V0xssBZcrrGXsPHrQICY7VoF/Jp8MQxdBT/swQvIypdtwz2pou1/R
+wPQEXvAjGz7n3vzHZkEA3kdnafFO
+-----END CERTIFICATE-----
diff --git a/SOURCES/rocky-kernel.der b/SOURCES/rocky-kernel.der
new file mode 100644
index 0000000..b1f1fe1
Binary files /dev/null and b/SOURCES/rocky-kernel.der differ
diff --git a/SOURCES/rocky-kpatch.cer b/SOURCES/rocky-kpatch.cer
new file mode 100644
index 0000000..b886ab7
--- /dev/null
+++ b/SOURCES/rocky-kpatch.cer
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFCTCCA/GgAwIBAgIBEjANBgkqhkiG9w0BAQsFADCB1DELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgMCERlbGF3YXJlMQ4wDAYDVQQHDAVEb3ZlcjEtMCsGA1UECgwkUm9j
+a3kgRW50ZXJwcmlzZSBTb2Z0d2FyZSBGb3VuZGF0aW9uMSEwHwYDVQQLDBhSZWxl
+YXNlIGVuZ2luZWVyaW5nIHRlYW0xKDAmBgNVBAMMH1JvY2t5IExpbnV4IFNlY3Vy
+ZSBCb290IFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5QHJvY2t5bGlu
+dXgub3JnMB4XDTIzMDQxMjE4NTE0MloXDTI0MDQxMTE4NTE0MlowgdgxCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEOMAwGA1UEBwwFRG92ZXIxLTArBgNV
+BAoMJFJvY2t5IEVudGVycHJpc2UgU29mdHdhcmUgRm91bmRhdGlvbjEhMB8GA1UE
+CwwYUmVsZWFzZSBlbmdpbmVlcmluZyB0ZWFtMSwwKgYDVQQDDCNSb2NreSBMaW51
+eCBLcGF0Y2ggU2lnbmluZyBDZXJ0IDEwMTEmMCQGCSqGSIb3DQEJARYXc2VjdXJp
+dHlAcm9ja3lsaW51eC5vcmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB
+gQC/k4GyJKctyXNB51dU3TTQ28S7j+OimjM4LmA3qQVNq4go/+DWnbT9NpRb248h
+T6Dl5HIQ9yKNdt9zPD6fjZG+V8lRpdLnpGUFMWfjyMlGx1JTjtRzZ0QquO8P3gl3
+JMfLj0uKH+pGXV7QSFA3YiczG2A1jwf2qfDUjQJw87xFT+DYI2GWKrQqOyLnwRRl
+OeyJkvDOyqh/RVOsVX42bamzmATRCOmixzRGrk3+Ksv/0FV/eVUoqd8yib2AGlMf
+vMqPBRbrIURbHO4/wgcjhcNl4JioGk2V5FLVwG83dLOfwkJd2zp6I8dR8m1shEbj
+3zxtqc59JpW7WWhqXbwqCvFSQijVdkui/xyPCCr6o0b9zQWRaBArYbSxds48dgO5
+ZVHvTTCfSTPYYhtepZYMINuaWIbX3DD3wMOEK2kmNU5Qjg459RDZMb0Rl/PhbGuS
+F/GbkOVQhllENKjAxsGFi+IfApB2Dvz+EyWouvQlKDRBw5G0KHqauy/aWkeWeRzp
+n3kCAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0O
+BBYEFLXuB8c35X7L6u1JOlE3l2OwYxLFMB8GA1UdIwQYMBaAFEwsa9fWTugVgcq4
+6YZmH2XiFm/EMA0GCSqGSIb3DQEBCwUAA4IBAQDN7zB5Kt9p1GJ9kftxgn22XueV
+YGDB0ct/28aUC7JK+xQQzvIwPDRXpSW7hHUfSfiau6U5xANRF0DCo6J69wFfcfmQ
+s+FsxsbCqYA6gdjpY2SV0G3H+KxujHlNLkR/TL6L9cS7w88H/2oxu9DpgZAJdGkV
+hNCzLWy8Om4KBY4EZgop4xTQ5YeaS5oGtzoK22f8iCPUhrTttry39SCn/7l5xn9K
+O1jadHWDuchS2sDabirES83+h1GMa/f3AMToyxfk1vHP3Mpke1Gy/VT6Cbo0aVSn
+cIghoSavIh9ME4XCn9ZbPesM5Zc92PBRLeTPwwBiERoxr14VDofFygnjgZHb
+-----END CERTIFICATE-----
diff --git a/SOURCES/rocky-root-ca.der b/SOURCES/rocky-root-ca.der
new file mode 100644
index 0000000..9d3a807
Binary files /dev/null and b/SOURCES/rocky-root-ca.der differ
diff --git a/SOURCES/rocky-shim.cer b/SOURCES/rocky-shim.cer
new file mode 100644
index 0000000..68ad726
--- /dev/null
+++ b/SOURCES/rocky-shim.cer
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFHzCCBAegAwIBAgIBEzANBgkqhkiG9w0BAQsFADCB1DELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgMCERlbGF3YXJlMQ4wDAYDVQQHDAVEb3ZlcjEtMCsGA1UECgwkUm9j
+a3kgRW50ZXJwcmlzZSBTb2Z0d2FyZSBGb3VuZGF0aW9uMSEwHwYDVQQLDBhSZWxl
+YXNlIGVuZ2luZWVyaW5nIHRlYW0xKDAmBgNVBAMMH1JvY2t5IExpbnV4IFNlY3Vy
+ZSBCb290IFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5QHJvY2t5bGlu
+dXgub3JnMB4XDTIzMDQxMjE4NTE0NloXDTI0MDQxMTE4NTE0NlowgdYxCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEOMAwGA1UEBwwFRG92ZXIxLTArBgNV
+BAoMJFJvY2t5IEVudGVycHJpc2UgU29mdHdhcmUgRm91bmRhdGlvbjEhMB8GA1UE
+CwwYUmVsZWFzZSBlbmdpbmVlcmluZyB0ZWFtMSowKAYDVQQDDCFSb2NreSBMaW51
+eCBTaGltIFNpZ25pbmcgQ2VydCAxMDExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5
+QHJvY2t5bGludXgub3JnMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA
+va6fzVp5Q9FPmdgpPkwoPxz/x6TalOz4xkBdL5OTEr3nJKG6HUWXEb22pTh9GVmU
+lq6EsdZd5KFHsAy00UTSgTwDD35ZxPDg4yevGRy5ArMY6xABST1QCyC9UdRU0pHo
+ORPZns/ycfvqOLmJ/4hQrS6O21Fexki29ruJe8bMUN/YcqrB6rcFH67U2HwZvihQ
+VquQFM6e7Ma1vQHKsM3Oo9Rl26TmDM6/D835QxlZzaBbXd+Pk4kpP7+wUHKYMUQb
+fDBd5/a4UHFM0hfc6qhBOFYWH1PqK2DKMCHr1Ba5H038XkruJnfX9V1u4LJLOwHc
+UdsWOE3Ab0Rp+cULz/aV18TgwAVs+vH9KWlERjwrP60wpbwxZ5gRUKJedctDcuA9
+nF4K28eH23wVZpANo95Rv9IVcqytchDK+gA89Dy36rkmrsxvvcPkTrenW9S03Ntw
+gtzxoA8mtPfp2lE9DbhShEIQKIhI6V2BJot5u2eW1aLrZy0P19HOdSDOYqAR96ON
+AgMBAAGjeDB2MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMBYGA1UdJQEB
+/wQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBS4omfxIr1D2Pa//WSUx7Q5Rlm8SjAf
+BgNVHSMEGDAWgBRMLGvX1k7oFYHKuOmGZh9l4hZvxDANBgkqhkiG9w0BAQsFAAOC
+AQEAWOZ77k0XIDa6AELFLyyKUHSw9uJ8svnF+CpQ7N6SJiYwe8gFtBuomDBRedVG
+s20LbdCN36rmklP/gTm4ILDjX/MvA+g6ExwPhqhIh8A/kIUdp0CHkmKPTUlGskLQ
+U95U36phasI0vZHTFEtaByQb35XHHbMUyTy346hbQugzah+pnfj7/vrq2EAL4M0e
+e2NQeMM6RNDIpncA848Hk8QM7E+FuS5xtvWxx6Zf50kQVrd4JMweKKNQCun0cJjz
+Xejn9bJ4gmDWBV/3n7q3zoG8S5ws09ma5anFzeCy4i8GzltPBvXAwzKddyGmVRvU
+r/6FWYLGuSOudzH6eQldyZRW2w==
+-----END CERTIFICATE-----
diff --git a/SOURCES/rocky-shim.der b/SOURCES/rocky-shim.der
new file mode 100644
index 0000000..d183199
Binary files /dev/null and b/SOURCES/rocky-shim.der differ
diff --git a/SOURCES/rocky-signing.der b/SOURCES/rocky-signing.der
new file mode 100644
index 0000000..9dc5eb5
Binary files /dev/null and b/SOURCES/rocky-signing.der differ
diff --git a/SOURCES/rocky.1.gz b/SOURCES/rocky.1.gz
new file mode 100644
index 0000000..165df80
Binary files /dev/null and b/SOURCES/rocky.1.gz differ
diff --git a/SOURCES/rocky.repo b/SOURCES/rocky.repo
new file mode 100644
index 0000000..fb24cfb
--- /dev/null
+++ b/SOURCES/rocky.repo
@@ -0,0 +1,93 @@
+# rocky.repo
+#
+# The mirrorlist system uses the connecting IP address of the client and the
+# update status of each mirror to pick current mirrors that are geographically
+# close to the client.  You should use this for Rocky updates unless you are
+# manually picking other mirrors.
+#
+# If the mirrorlist does not work for you, you can try the commented out
+# baseurl line instead.
+
+[baseos]
+name=Rocky Linux $releasever - BaseOS
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/BaseOS/$basearch/os/
+gpgcheck=1
+enabled=1
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[baseos-debug]
+name=Rocky Linux $releasever - BaseOS - Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/BaseOS/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[baseos-source]
+name=Rocky Linux $releasever - BaseOS - Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=BaseOS-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/BaseOS/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[appstream]
+name=Rocky Linux $releasever - AppStream
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=AppStream-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/AppStream/$basearch/os/
+gpgcheck=1
+enabled=1
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[appstream-debug]
+name=Rocky Linux $releasever - AppStream - Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=AppStream-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/AppStream/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[appstream-source]
+name=Rocky Linux $releasever - AppStream - Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=AppStream-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/AppStream/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[crb]
+name=Rocky Linux $releasever - CRB
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=CRB-$releasever$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/CRB/$basearch/os/
+gpgcheck=1
+enabled=0
+countme=1
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[crb-debug]
+name=Rocky Linux $releasever - CRB - Debug
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=CRB-$releasever-debug$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/CRB/$basearch/debug/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+[crb-source]
+name=Rocky Linux $releasever - CRB - Source
+mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=source&repo=CRB-$releasever-source$rltype
+#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/CRB/source/tree/
+gpgcheck=1
+enabled=0
+metadata_expire=6h
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
diff --git a/SOURCES/rockydup1.x509 b/SOURCES/rockydup1.x509
new file mode 100644
index 0000000..1c37228
Binary files /dev/null and b/SOURCES/rockydup1.x509 differ
diff --git a/SOURCES/rockykpatch1.x509 b/SOURCES/rockykpatch1.x509
new file mode 100644
index 0000000..6420ceb
Binary files /dev/null and b/SOURCES/rockykpatch1.x509 differ
diff --git a/SPECS/rocky-release.spec b/SPECS/rocky-release.spec
new file mode 100644
index 0000000..694320b
--- /dev/null
+++ b/SPECS/rocky-release.spec
@@ -0,0 +1,452 @@
+# Note to packagers/builders:
+#
+# If you wish to build the LookAhead or Beta variant of this package, make sure
+# that you are setting --with=rlbeta or --with=rllookahead on your mock
+# command. See the README for more information.
+
+%bcond_with rlbeta
+%bcond_with rllookahead
+%bcond_with rloverride
+
+%define debug_package %{nil}
+
+# Product information
+%define product_family Rocky Linux
+%define variant_titlecase Server
+%define variant_lowercase server
+
+# Distribution Name and Version
+%define distro_name  Rocky Linux
+%define distro       %{distro_name}
+%define distro_code  Smoky Quartz
+%define major        10
+%define minor        0
+%define rocky_rel    0%{?rllh:.%{rllh}}%{!?rllh:.1}
+%define rpm_license  BSD-3-Clause
+%define dist         .el%{major}
+%define home_url     https://rockylinux.org/
+%define bug_url      https://bugs.rockylinux.org/
+%define debug_url    https://debuginfod.rockylinux.org/
+%define dist_vendor  RESF
+
+%define contentdir   pub/rocky
+%define sigcontent   pub/sig
+%define rlosid       rocky
+
+%define os_bug_name  Rocky-Linux-%{major}
+
+################################################################################
+# Rocky LookAhead Section
+#
+# Reset defines for LookAhead variant. Default is stable if 0 or undefined.
+%if %{with rllookahead}
+%define minor        0
+%define contentdir   pub/rocky-lh
+%define rltype       -lookahead
+%define rlstatement  LookAhead
+%endif
+# End Rocky LookAhead Section
+################################################################################
+
+################################################################################
+# Rocky Beta Section
+#
+# Reset defines for Beta variant. Default is stable if 0 or undefined.
+# We do NOT override the minor version number here.
+%if %{with rlbeta}
+%define contentdir   pub/rocky-beta
+%define rltype       -beta
+%define rlstatement  Beta
+%endif
+# End Rocky Beta Section
+################################################################################
+
+################################################################################
+# Rocky Override Section
+#
+# Resets only the dist tag for the override package. All this does is ensure
+# that only the rhel macros and settings are provided - This is useful in the
+# case of a build that cannot be properly debranded (eg dotnet).
+%if %{with rloverride}
+%define dist         .el%{major}.override
+%define rlosid       rhel
+%endif
+# End Rocky Override Section
+################################################################################
+
+%define base_release_version %{major}
+%define dist_release_version %{major}
+%define full_release_version %{major}.%{minor}
+
+%ifarch ppc64le
+%define tuned_profile :server
+%endif
+
+# Avoids a weird anaconda problem
+%global __requires_exclude_from %{_libexecdir}
+
+# conditional section for future use
+
+Name:           rocky-release%{?rltype}
+Version:        %{full_release_version}
+Release:        %{rocky_rel}%{dist}
+Summary:        %{distro_name} release files
+Group:          System Environment/Base
+License:        %{rpm_license}
+URL:            https://rockylinux.org
+BuildArch:      noarch
+
+# What do we provide? Some of these needs are a necesity (think comps and
+# groups) and things like EPEL need it.
+Provides:       rocky-release = %{version}-%{release}
+Provides:       rocky-release(upstream) = %{full_release_version}
+Provides:       redhat-release = %{version}-%{release}
+Provides:       system-release = %{version}-%{release}
+Provides:       system-release(releasever) = %{major}
+Provides:       centos-release = %{version}-%{release}
+Provides:       centos-release(upstream) = %{full_release_version}
+
+## Required by libdnf
+Provides:       base-module(platform:el%{major})
+
+## This makes lorax/pungi/anaconda happy
+Provides:       rocky-release-eula  = %{version}-%{release}
+Provides:       redhat-release-eula = %{version}-%{release}
+Provides:       centos-release-eula = %{version}-%{release}
+
+# What are our requirements?
+Requires:       rocky-repos(%{major})
+
+# GPG Keys (100-199)
+Source101:      RPM-GPG-KEY-Rocky-%{major}
+Source102:      RPM-GPG-KEY-Rocky-%{major}-Testing
+
+# Release Sources (200-499)
+Source200:      EULA
+Source201:      LICENSE
+Source202:      Contributors
+Source203:      COMMUNITY-CHARTER
+
+# !! Stable !!
+Source300:      85-display-manager.preset
+Source301:      90-default.preset
+Source302:      90-default-user.preset
+Source303:      99-default-disable.preset
+Source304:      50-redhat.conf
+
+# !! LookAhead !!
+Source400:      85-display-manager.preset.lh
+Source401:      90-default.preset.lh
+Source402:      90-default-user.preset.lh
+Source403:      99-default-disable.preset.lh
+Source404:      50-redhat.conf.lh
+
+# Repo Sources (1200-1299)
+Source1200:     rocky.repo
+Source1201:     rocky-addons.repo
+Source1202:     rocky-extras.repo
+Source1203:     rocky-devel.repo
+
+# Add ons (1300-1399)
+Source1300:     rocky.1.gz
+
+# rocky secureboot certs placeholder (1400-1499)
+Source1400:     rockydup1.x509
+Source1401:     rockykpatch1.x509
+Source1402:     rocky-root-ca.der
+#
+Source1403:     rocky-fwupd.cer
+Source1404:     rocky-grub2.cer
+Source1405:     rocky-kernel.cer
+Source1406:     rocky-shim.cer
+# all certs in DER format
+Source1413:     rocky-fwupd.der
+Source1414:     rocky-grub2.der
+Source1415:     rocky-kernel.der
+Source1416:     rocky-shim.der
+
+%description
+%{distro_name} release files.
+
+%package     -n rocky-repos%{?rltype}
+Summary:        %{distro_name} Package Repositories
+License:        %{rpm_license}
+Provides:       system-repos = %{version}-%{release}
+Provides:       rocky-repos(%{major}) = %{full_release_version}
+Requires:       system-release = %{version}-%{release}
+Requires:       rocky-gpg-keys%{?rltype}
+Conflicts:      %{name} < 8.0
+
+%description -n rocky-repos%{?rltype}
+%{distro_name} package repository files for yum/dnf
+
+%package     -n rocky-gpg-keys%{?rltype}
+Summary:        Rocky RPM GPG Keys
+Conflicts:      %{name} < 8.0
+
+%description -n rocky-gpg-keys%{?rltype}
+This package provides the RPM signature keys for Rocky.
+
+%package     -n rocky-sb-certs%{?rltype}
+Summary:        %{distro_name} public secureboot certificates
+Group:          System Environment/Base
+Provides:       system-sb-certs = %{version}-%{release}
+
+%description -n rocky-sb-certs%{?rltype}
+This package contains the %{distro_name} secureboot public certificates.
+
+%prep
+%if %{with rllookahead} && %{with rlbeta}
+echo "!! WARNING !!"
+echo "Both LookAhead and Beta were enabled. This is not supported."
+echo "As a result: BUILD FAILED."
+exit 1
+%endif
+echo Good.
+
+%build
+echo Good.
+
+%install
+# docs dir for license and contributors
+mkdir ./docs
+cp %{SOURCE201} %{SOURCE202} %{SOURCE203} ./docs
+
+################################################################################
+# system-release data
+install -d -m 0755 %{buildroot}%{_sysconfdir}
+echo "%{distro_name} release %{full_release_version}%{?rlstatement: %{rlstatement}} (%{distro_code})" > %{buildroot}%{_sysconfdir}/rocky-release
+echo "Derived from Red Hat Enterprise Linux %{full_release_version}" > %{buildroot}%{_sysconfdir}/rocky-release-upstream
+ln -s rocky-release %{buildroot}%{_sysconfdir}/system-release
+ln -s rocky-release %{buildroot}%{_sysconfdir}/redhat-release
+mkdir -p %{buildroot}%{_mandir}/man1
+install -p -m 0644 %{SOURCE1300} %{buildroot}%{_mandir}/man1/
+
+# Create the os-release file
+install -d -m 0755 %{buildroot}%{_prefix}/lib
+cat > %{buildroot}%{_prefix}/lib/os-release << EOF
+NAME="%{distro_name}"
+VERSION="%{full_release_version} (%{distro_code})"
+ID="%{rlosid}"
+ID_LIKE="rhel centos fedora"
+VERSION_ID="%{full_release_version}"
+PLATFORM_ID="platform:el%{major}"
+PRETTY_NAME="%{distro_name} %{full_release_version}%{?rlstatement: %{rlstatement}} (%{distro_code})"
+ANSI_COLOR="0;32"
+LOGO="fedora-logo-icon"
+CPE_NAME="cpe:/o:rocky:rocky:%{major}::baseos"
+HOME_URL="%{home_url}"
+BUG_REPORT_URL="%{bug_url}"
+SUPPORT_END="2032-05-31"
+ROCKY_SUPPORT_PRODUCT="%{os_bug_name}"
+ROCKY_SUPPORT_PRODUCT_VERSION="%{full_release_version}%{?rlstatement:-%{rlstatement}}"
+REDHAT_SUPPORT_PRODUCT="%{distro_name}"
+REDHAT_SUPPORT_PRODUCT_VERSION="%{full_release_version}%{?rlstatement: %{rlstatement}}"
+EOF
+
+# Create the symlink for /etc/os-release
+ln -s ../usr/lib/os-release %{buildroot}%{_sysconfdir}/os-release
+
+# write cpe to /etc/system/release-cpe
+echo "cpe:/o:rocky:rocky:%{major}::baseos" > %{buildroot}%{_sysconfdir}/system-release-cpe
+
+# create /etc/issue and /etc/issue.net, /etc/issue.d
+echo '\S' > %{buildroot}%{_sysconfdir}/issue
+echo 'Kernel \r on an \m' >> %{buildroot}%{_sysconfdir}/issue
+cp %{buildroot}%{_sysconfdir}/issue{,.net}
+echo >> %{buildroot}%{_sysconfdir}/issue
+mkdir -p %{buildroot}%{_sysconfdir}/issue.d
+
+# set up the dist tag macros
+mkdir -p %{buildroot}%{_rpmmacrodir}
+cat > %{buildroot}%{_rpmmacrodir}/macros.dist << EOF
+# dist macros.
+
+%%__bootstrap ~bootstrap
+%%rocky_ver %{major}
+%%rocky %{major}
+%%centos_ver %{major}
+%%centos %{major}
+%%rhel %{major}
+%%dist %%{!?distprefix0:%%{?distprefix}}%%{expand:%%{lua:for i=0,9999 do print("%%{?distprefix" .. i .."}") end}}.el%{major}%%{?distsuffix}%%{?with_bootstrap:%{__bootstrap}}
+%%el%{major} 1
+
+%%dist_vendor         %{dist_vendor}
+%%dist_name           %{distro}
+%%dist_home_url       %{home_url}
+%%dist_bug_report_url %{bug_url}
+%%dist_debuginfod_url %{debug_url}
+EOF
+
+# Data directory
+install -d -m 0755 %{buildroot}%{_datadir}/rocky-release
+ln -s rocky-release %{buildroot}%{_datadir}/redhat-release
+install -p -m 0644 %{SOURCE200} %{buildroot}%{_datadir}/rocky-release/
+
+# end system-release data
+################################################################################
+
+################################################################################
+# systemd section
+install -d -m 0755 %{buildroot}%{_prefix}/lib/systemd/system-preset/
+install -d -m 0755 %{buildroot}%{_prefix}/lib/systemd/user-preset/
+
+install -m 0644 %{SOURCE300} %{buildroot}/%{_prefix}/lib/systemd/system-preset/
+install -m 0644 %{SOURCE301} %{buildroot}/%{_prefix}/lib/systemd/system-preset/
+install -m 0644 %{SOURCE302} %{buildroot}/%{_prefix}/lib/systemd/user-preset/
+
+# same behavior for both presets
+install -m 0644 %{SOURCE303} %{buildroot}/%{_prefix}/lib/systemd/system-preset/
+install -m 0644 %{SOURCE303} %{buildroot}/%{_prefix}/lib/systemd/user-preset/
+
+# sysctl presets
+install -d -m 0755 %{buildroot}%{_prefix}/lib/sysctl.d/
+install -m 0644 %{SOURCE304} %{buildroot}/%{_prefix}/lib/sysctl.d/
+# systemd section
+################################################################################
+
+################################################################################
+# start secureboot section
+install -d -m 0755 %{buildroot}%{_sysconfdir}/pki/sb-certs/
+install -d -m 0755 %{buildroot}%{_datadir}/pki/sb-certs/
+
+# Backported certs for now
+install -m 0644 %{SOURCE1400} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1401} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1402} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1403} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1404} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1405} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1406} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1413} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1414} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1415} %{buildroot}%{_datadir}/pki/sb-certs/
+install -m 0644 %{SOURCE1416} %{buildroot}%{_datadir}/pki/sb-certs/
+
+# Placeholders
+# x86_64
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-root-ca.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-kernel.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-grub2.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-fwupd.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-x86_64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-shim.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-shim-x86_64.cer
+
+# aarch64
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-root-ca.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-kernel.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-grub2.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-fwupd.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-aarch64.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-shim.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-shim-aarch64.cer
+
+# ppc64le
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-root-ca.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-kernel.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-grub2.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-fwupd.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-ppc64le.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-shim.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-shim-ppc64le.cer
+
+# armhfp
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-root-ca.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-armhfp.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-kernel.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-armhfp.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-grub2.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-armhfp.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-fwupd.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-armhfp.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-shim.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-shim-armhfp.cer
+
+# s390x
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-root-ca.der %{buildroot}%{_datadir}/pki/sb-certs/secureboot-ca-s390x.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-kernel.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-kernel-s390x.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-grub2.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-grub2-s390x.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-fwupd.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-fwupd-s390x.cer
+ln -sr %{buildroot}%{_datadir}/pki/sb-certs/rocky-shim.cer %{buildroot}%{_datadir}/pki/sb-certs/secureboot-shim-s390x.cer
+
+# symlinks for everybody
+for x in $(ls %{buildroot}%{_datadir}/pki/sb-certs); do
+  ln -sr %{buildroot}%{_datadir}/pki/sb-certs/${x} %{buildroot}%{_sysconfdir}/pki/sb-certs/${x}
+done
+
+# end secureboot section
+################################################################################
+
+################################################################################
+# dnf repo section
+install -d -m 0755 %{buildroot}%{_sysconfdir}/yum.repos.d
+install -p -m 0644 %{SOURCE1200} %{buildroot}%{_sysconfdir}/yum.repos.d/
+install -p -m 0644 %{SOURCE1201} %{buildroot}%{_sysconfdir}/yum.repos.d/
+install -p -m 0644 %{SOURCE1202} %{buildroot}%{_sysconfdir}/yum.repos.d/
+install -p -m 0644 %{SOURCE1203} %{buildroot}%{_sysconfdir}/yum.repos.d/
+
+# dnf stuff
+install -d -m 0755 %{buildroot}%{_sysconfdir}/dnf/vars
+echo "%{contentdir}" > %{buildroot}%{_sysconfdir}/dnf/vars/contentdir
+echo "%{sigcontent}" > %{buildroot}%{_sysconfdir}/dnf/vars/sigcontentdir
+echo "%{?rltype}" > %{buildroot}%{_sysconfdir}/dnf/vars/rltype
+echo "%{major}-stream" > %{buildroot}%{_sysconfdir}/dnf/vars/stream
+
+# Copy out GPG keys
+install -d -m 0755 %{buildroot}%{_sysconfdir}/pki/rpm-gpg
+install -p -m 0644 %{SOURCE101} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/
+install -p -m 0644 %{SOURCE102} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/
+# end dnf repo section
+################################################################################
+
+################################################################################
+# lookahead overrides
+# TODO: Is there a cleaner way? 
+%if %{with rllookahead}
+install -m 0644 %{SOURCE400} %{buildroot}/%{_prefix}/lib/systemd/system-preset/85-display-manager.preset
+install -m 0644 %{SOURCE401} %{buildroot}/%{_prefix}/lib/systemd/system-preset/90-default.preset
+install -m 0644 %{SOURCE402} %{buildroot}/%{_prefix}/lib/systemd/user-preset/90-default-user.preset
+
+install -m 0644 %{SOURCE403} %{buildroot}/%{_prefix}/lib/systemd/system-preset/99-default-disable.preset
+install -m 0644 %{SOURCE403} %{buildroot}/%{_prefix}/lib/systemd/user-preset/99-default-disable.preset
+install -m 0644 %{SOURCE404} %{buildroot}/%{_prefix}/lib/sysctl.d/50-redhat.conf
+%endif
+# lookahead replacements
+################################################################################
+
+%files
+%license docs/LICENSE
+%doc docs/Contributors docs/COMMUNITY-CHARTER
+%dir %{_sysconfdir}/yum.repos.d
+%{_sysconfdir}/redhat-release
+%{_sysconfdir}/system-release
+%{_sysconfdir}/rocky-release
+%{_sysconfdir}/rocky-release-upstream
+%config(noreplace) %{_sysconfdir}/os-release
+%config %{_sysconfdir}/system-release-cpe
+%config(noreplace) %{_sysconfdir}/issue
+%config(noreplace) %{_sysconfdir}/issue.net
+%dir %{_sysconfdir}/issue.d
+%{_rpmmacrodir}/macros.dist
+%{_datadir}/redhat-release
+%{_datadir}/rocky-release
+%{_prefix}/lib/os-release
+%{_prefix}/lib/systemd/system-preset/*
+%{_prefix}/lib/systemd/user-preset/*
+%{_prefix}/lib/sysctl.d/50-redhat.conf
+%{_mandir}/man1/rocky.1.gz
+
+%files -n rocky-repos%{?rltype}
+%license docs/LICENSE
+%config(noreplace) %{_sysconfdir}/yum.repos.d/rocky.repo
+%config(noreplace) %{_sysconfdir}/yum.repos.d/rocky-addons.repo
+%config(noreplace) %{_sysconfdir}/yum.repos.d/rocky-extras.repo
+%config(noreplace) %{_sysconfdir}/yum.repos.d/rocky-devel.repo
+%config(noreplace) %{_sysconfdir}/dnf/vars/contentdir
+%config(noreplace) %{_sysconfdir}/dnf/vars/sigcontentdir
+%config(noreplace) %{_sysconfdir}/dnf/vars/rltype
+%config(noreplace) %{_sysconfdir}/dnf/vars/stream
+
+%files -n rocky-gpg-keys%{?rltype}
+%{_sysconfdir}/pki/rpm-gpg/
+
+%files -n rocky-sb-certs%{?rltype}
+# care: resetting symlinks is intended
+%dir %{_sysconfdir}/pki/sb-certs
+%dir %{_datadir}/pki/sb-certs
+%{_sysconfdir}/pki/sb-certs/*
+%{_datadir}/pki/sb-certs/*
+
+%changelog
+* Sat Jun 17 2023 Louis Abel <label@rockylinux.org> - 10.0-0.1
+- Init for Rocky Linux 10 (Smoky Quartz)
diff --git a/code b/code
new file mode 100644
index 0000000..d8719c4
--- /dev/null
+++ b/code
@@ -0,0 +1,4 @@
+8:  Green Obsidian
+9:  Blue Onyx
+10: Smoky Quartz
+11: Lavender Calcite
diff --git a/id_verify b/id_verify
new file mode 100644
index 0000000..549aab4
--- /dev/null
+++ b/id_verify
@@ -0,0 +1,2 @@
+Signing: None
+Testing: bbe2c108