From 16e39ac0b8583c60fb1bc3378483b91886ed6f85 Mon Sep 17 00:00:00 2001
From: Richard W.M. Jones <rjones@redhat.com>
Date: Thu, 18 Nov 2010 15:32:05 +0000
Subject: [PATCH] Remove FIPS .*.hmac files from the supermin appliance (RHBZ#654638).
---
appliance/make.sh.in | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/appliance/make.sh.in b/appliance/make.sh.in
index 36bcd6c..64bcb5a 100755
--- a/appliance/make.sh.in
+++ b/appliance/make.sh.in
@@ -128,6 +128,11 @@ if [ "@DIST@" = "REDHAT" ]; then
/var/log/yum.log \
$(cd initramfs && echo usr/sbin/glibc_post_upgrade.*)
+ # Remove all .*.hmac files (RHBZ#654638). These are not used unless
+ # you are using FIPS, and they cause hard dependencies on files
+ # which change whenever a library version is bumped.
+ @FEBOOTSTRAP_RUN@ initramfs -- rm -f $(cd initramfs && find -name '.*.hmac')
+
# Kernel modules take up nearly half of the image. Only include ones
# which are on the whitelist.
exec 5<appliance/kmod.whitelist
--
1.7.3.2