!57 [sync] PR-53: fix function allow rpm-q

From: @openeuler-sync-bot 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee

fix-function-allow-rpm-q.patch

@@ -0,0 +1,25 @@
+From ec749d9a85c709779dd0862fdaf8d938ae76a12f Mon Sep 17 00:00:00 2001
+From: zhengxiaoxiao <zhengxiaoxiao2@huawei.com>
+Date: Mon, 27 Jun 2022 19:58:34 +0800
+Subject: [PATCH] fix function allow rpm-q
+
+---
+ security-tool.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/security-tool.sh b/security-tool.sh
+index e8619f5..0877081 100644
+--- a/security-tool.sh
++++ b/security-tool.sh
+@@ -687,7 +687,7 @@ function fn_handle_allow()
+     local prename=$2
+     local ret=0
+ 
+-    rpm -q "$rpmname"
++    chroot $ROOTFS rpm -q "$rpmname"
+     if [ $? -eq 0 ]; then
+         local denyfile="$ROOTFS/etc/$prename.deny"
+         local allowfile="$ROOTFS/etc/$prename.allow"
+-- 
+1.8.3.1
+

security-tool.spec

@@ -1,7 +1,7 @@
 Summary: openEuler Security Tool
 Name   : security-tool
 Version: 2.0
-Release: 1.78
+Release: 1.79
 Source0: https://gitee.com/openeuler/security-tool/repository/archive/v2.0.tar.gz
 License: Mulan PSL v2
 URL: https://gitee.com/openeuler/security-tool
@@ -16,6 +16,7 @@ BuildRequires: xauth
 Patch0: Use-secure-MACs-and-KexAlgorithms.patch
 Patch1: do-not-create-allow-file-while-the-command-does-not-.patch
 Patch2: remove-sha1-in-sshd-config.patch
+Patch3: fix-function-allow-rpm-q.patch
 
 %description
 openEuler Security Tool
@@ -120,6 +121,9 @@ fi
 %attr(0500,root,root) %{_sbindir}/security-tool.sh
 
 %changelog
+* Mon Jun 27 2022 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2.0-1.79
+- fix function allow rpm-q
+
 * Wed Apr 27 2022 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2.0-1.78
 - update release