@@ -4,7 +4,7 @@

 Summary:        Kernel Audit Tool

 Name:           audit

 Version:        2.7.5

-Release:        2%{?dist}

+Release:        3%{?dist}

 Source0:        http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz

 %define sha1    audit=7aaae7ea80f2280b25f243916e8d18b7338b5f53

 License:        GPLv2+

@@ -92,6 +92,9 @@ mkdir -p %{buildroot}/%{_var}/log/audit

 mkdir -p %{buildroot}/%{_var}/spool/audit

 make install DESTDIR=%{buildroot}

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable auditd.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-auditd.preset

+

 %check

 make %{?_smp_mflags} check

@@ -112,6 +115,7 @@ make %{?_smp_mflags} check

 %{_sbindir}/*

 %{_libdir}/*.so.*

 %{_libdir}/systemd/system/auditd.service

+%{_libdir}/systemd/system-preset/50-auditd.preset

 %{_libexecdir}/*

 %{_mandir}/man5/*

 %{_mandir}/man7/*

@@ -154,6 +158,8 @@ make %{?_smp_mflags} check

 %{python3_sitelib}/*

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  2.7.5-3

+-   Disabled audit service by default

 *   Thu May 18 2017 Xiaolin Li <xiaolinl@vmware.com> 2.7.5-2

 -   Move python2 requires to python subpackage and added python3.

 *   Fri Apr 14 2017 Alexey Makhalov <amakhalov@vmware.com> 2.7.5-1

@@ -1,7 +1,7 @@

 Summary:        Cyrus Simple Authentication Service Layer (SASL) library

 Name:           cyrus-sasl

 Version:        2.1.26

-Release:        11%{?dist}

+Release:        12%{?dist}

 License:        Custom

 URL:            http://cyrusimap.web.cmu.edu/

 Group:          System Environment/Security

@@ -98,6 +98,9 @@ RuntimeDirectory=saslauthd

 WantedBy=multi-user.target

 EOF

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable saslauthd.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-saslauthd.preset

+

 %check

 make %{?_smp_mflags} check

@@ -118,6 +121,7 @@ rm -rf %{buildroot}/*

 %defattr(-,root,root)

 /etc/sysconfig/saslauthd

 /lib/systemd/system/saslauthd.service

+%{_libdir}/systemd/system-preset/50-saslauthd.preset

 %{_includedir}/*

 %{_libdir}/*.so*

 %{_libdir}/pkgconfig/*

@@ -128,6 +132,8 @@ rm -rf %{buildroot}/*

 %{_mandir}/man8/saslauthd.8.gz

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  2.1.26-12

+-   Disabled saslauthd service by default

 *   Wed Dec 07 2016 Xiaolin Li <xiaolinl@vmware.com> 2.1.26-11

 -   BuildRequires Linux-PAM-devel

 *   Thu Nov 24 2016 Alexey Makhalov <amakhalov@vmware.com> 2.1.26-10

@@ -1,7 +1,7 @@

 Summary:        A filtering tool for a Linux-based bridging firewall.

 Name:           ebtables

 Version:        2.0.10

-Release:        2%{?dist}

+Release:        3%{?dist}

 License:        GPLv2+

 URL:            http://ebtables.netfilter.org/

 Group:          System Environment/Security

@@ -31,6 +31,9 @@ install -vdm755 %{buildroot}/etc/systemd/scripts

 install -m 755 %{SOURCE1} %{buildroot}/etc/systemd/scripts/ebtables

 install -m 644 %{SOURCE2} %{buildroot}/%{_libdir}/systemd/system/ebtables.service

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable ebtables.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-ebtables.preset

+

 %preun

 %systemd_preun ebtables.service

@@ -56,12 +59,15 @@ rm -rf %{buildroot}/*

 %{_libdir}/*.so

 %config(noreplace) %{_sysconfdir}/sysconfig/ebtables-config

 %{_libdir}/systemd/system/*

+%{_libdir}/systemd/system-preset/50-ebtables.preset

 %{_sysconfdir}/ethertypes

 %{_sysconfdir}/systemd/scripts/ebtables

 %exclude %{_sysconfdir}/rc.d/init.d/ebtables

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  2.0.10-3

+-   Disabled ebtables service by default

 *   Mon May 15 2017 Xiaolin Li <xiaolinl@vmware.com>  2.0.10-2

 -   Added systemd to Requires and BuildRequires.

 *   Wed Jan 18 2017 Xiaolin Li <xiaolinl@vmware.com>  2.0.10-1

@@ -3,7 +3,7 @@

 Summary:        Userland logical volume management tools 

 Name:           lvm2

 Version:        2.02.171

-Release:        2%{?dist}

+Release:        3%{?dist}

 License:        GPLv2

 Group:          System Environment/Base

 URL:            http://sources.redhat.com/dm

@@ -224,6 +224,12 @@ make install_systemd_generators DESTDIR=%{buildroot}

 make install_tmpfiles_configuration DESTDIR=%{buildroot}

 cp %{SOURCE1} %{buildroot}/lib/systemd/system/lvm2-activate.service

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable lvm2-activate.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-lvm2.preset

+echo "disable lvm2-monitor.service" >> %{buildroot}%{_libdir}/systemd/system-preset/50-lvm2.preset

+echo "disable lvm2-lvmeatd.socket" >> %{buildroot}%{_libdir}/systemd/system-preset/50-lvm2.preset

+echo "disable lvm2-lvmeatd.service" >> %{buildroot}%{_libdir}/systemd/system-preset/50-lvm2.preset

+

 %preun

 %systemd_preun lvm2-lvmetad.service lvm2-lvmetad.socket lvm2-monitor.service lvm2-activate.service

@@ -325,6 +331,7 @@ cp %{SOURCE1} %{buildroot}/lib/systemd/system/lvm2-activate.service

 %{_unitdir}/../system-generators/lvm2-activation-generator

 %{_unitdir}/blk-availability.service

 %{_unitdir}/lvm2-*

+%{_libdir}/systemd/system-preset/50-lvm2.preset

 %{_libdir}/tmpfiles.d/lvm2.conf

 %dir %{_sysconfdir}/lvm

 %attr(644, -, -) %config(noreplace) %{_sysconfdir}/lvm/lvm.conf

@@ -335,6 +342,8 @@ cp %{SOURCE1} %{buildroot}/lib/systemd/system/lvm2-activate.service

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  2.02.171-3

+-   Disabled all lvm services by default

 *   Tue May 23 2017 Xiaolin Li <xiaolinl@vmware.com> 2.02.171-2

 -   Added python3 subpackage.

 *   Thu May 4  2017 Bo Gan <ganb@vmware.com> 2.02.171-1

@@ -1,7 +1,7 @@

 Summary:        Network Time Protocol reference implementation

 Name:           ntp

 Version:        4.2.8p10

-Release:        2%{?dist}

+Release:        3%{?dist}

 License:        NTP

 URL:            http://www.ntp.org/

 Group:          System Environment/NetworkingPrograms

@@ -95,8 +95,13 @@ Restart=always

 [Install]

 WantedBy=multi-user.target

 EOF

+

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable ntpd.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-ntpd.preset

+

 %check

 make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}

+

 %pre

 if ! getent group ntp >/dev/null; then

     groupadd -g 87 ntp

@@ -121,6 +126,7 @@ rm -rf %{buildroot}/*

 %attr(0750, root, root) %config(noreplace) /etc/ntp.conf

 %attr(0750, root, root) %config(noreplace) /etc/sysconfig/ntp

 /lib/systemd/system/ntpd.service

+%{_libdir}/systemd/system-preset/50-ntpd.preset

 %exclude %{_bindir}/ntpstat

 %exclude %{_mandir}/man8/ntpstat.8*

 %{_bindir}/*

@@ -138,6 +144,8 @@ rm -rf %{buildroot}/*

 %{_mandir}/man8/ntpstat.8*

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  4.2.8p10-3

+-   Disabled ntpd service by default

 *   Mon Apr 10 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 4.2.8p10-2

 -   add noquery to conf

 *   Wed Apr 05 2017 Anish Swaminathan <anishs@vmware.com> 4.2.8p10-1

@@ -1,7 +1,7 @@

 Summary:        RPC program number mapper

 Name:           rpcbind

 Version:        0.2.4

-Release:        2%{?dist}

+Release:        3%{?dist}

 License:        BSD

 URL:            http://nfsv4.bullopensource.org

 Group:          Applications/Daemons

@@ -46,6 +46,10 @@ install -m644 %{SOURCE1} %{buildroot}%{_unitdir}

 install -m644 %{SOURCE2} %{buildroot}%{_unitdir}

 install -m644 %{SOURCE3} %{buildroot}/etc/sysconfig/rpcbind

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable rpcbind.socket" > %{buildroot}%{_libdir}/systemd/system-preset/50-rpcbind.preset

+echo "disable rpcbind.service" >> %{buildroot}%{_libdir}/systemd/system-preset/50-rpcbind.preset

+

 %check

 make %{?_smp_mflags} check

@@ -56,6 +60,7 @@ make %{?_smp_mflags} check

 %{_mandir}/man8/*

 %dir %{_localstatedir}/lib/rpcbind

 %{_unitdir}/*

+%{_libdir}/systemd/system-preset/50-rpcbind.preset

 %pre

 rpcid=`getent passwd rpc | cut -d: -f 3`

@@ -89,6 +94,8 @@ fi

 rm -rf %{buildroot}/*

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  0.2.4-3

+-   Disabled rpcbind service by default

 *   Thu May 18 2017 Vinay Kulkarni <kulkarniv@vmware.com> 0.2.4-2

 -   Fix CVE-2017-8779

 *   Wed Apr 5 2017 Siju Maliakkal <smaliakkal@vmware.com> 0.2.4-1

@@ -3,7 +3,7 @@

 Summary:        Next generation system logger facilty

 Name:           syslog-ng

 Version:        3.9.1

-Release:        2%{?dist}

+Release:        3%{?dist}

 License:        GPL + LGPL

 URL:            https://syslog-ng.org/

 Group:          System Environment/Daemons

@@ -126,6 +126,9 @@ rm -rf %{buildroot}/%{_infodir}

 find %{buildroot} -name "*.la" -exec rm -f {} \;

 popd

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable syslog-ng.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-syslog-ng.preset

+

 %check

 make %{?_smp_mflags} check

 pushd ../p3dir

@@ -153,6 +156,7 @@ rm -rf %{buildroot}/*

 %config(noreplace) %{_sysconfdir}/syslog-ng/scl.conf

 %{_sysconfdir}/systemd/journald.conf.d/*

 %{_libdir}/systemd/system/syslog-ng.service

+%{_libdir}/systemd/system-preset/50-syslog-ng.preset

 /usr/bin/*

 /usr/sbin/syslog-ng

 /usr/sbin/syslog-ng-ctl

@@ -176,6 +180,8 @@ rm -rf %{buildroot}/*

 %{_libdir}/pkgconfig/*

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  3.9.1-3

+-   Disabled syslog-ng service by default

 *   Thu May 18 2017 Xiaolin Li <xiaolinl@vmware.com> 3.9.1-2

 -   Move python2 requires to python2 subpackage and added python3 binding.

 *   Tue Apr 11 2017 Vinay Kulkarni <kulkarniv@vmware.com> 3.9.1-1

@@ -1,7 +1,7 @@

 Summary:  	xinetd -- A better inetd.

 Name:		xinetd

 Version:	2.3.15

-Release:	6%{?dist}

+Release:	7%{?dist}

 License:	BSD

 Group:		System Environment/Daemons

 Vendor:     	VMware, Inc.

@@ -33,7 +33,6 @@ mechanism to protect against port scanners, among other things.

 %install

 rm -rf %{buildroot}

 mkdir -p %{buildroot}/%{_sbindir}

-mkdir -p %{buildroot}/etc/rc.d/init.d

 mkdir -p %{buildroot}/etc/xinetd.d

 %makeinstall  

@@ -42,16 +41,15 @@ cp contrib/xinetd.d/* %{buildroot}/etc/xinetd.d

 mkdir -p %{buildroot}/lib/systemd/system

 cp %{SOURCE1} %{buildroot}/lib/systemd/system/xinetd.service

+install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset

+echo "disable xinetd.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-xinetd.preset

+

 %clean

 rm -rf %{buildroot}

 %post

 %{_sbindir}/ldconfig 

-if [ $1 -eq 1 ] ; then

-    # Initial installation

-    # Enabled by default per "runs once then goes away" exception

-    /bin/systemctl enable xinetd.service     >/dev/null 2>&1 || :

-fi

+%systemd_post xinetd.service

 %preun

 %systemd_preun xinetd.service

@@ -67,8 +65,11 @@ fi

 %attr(0750, root, root) %config(noreplace) /etc/xinetd.conf

 %attr(0750, root, root) %config(noreplace) /etc/xinetd.d/*

 /lib/systemd/system/xinetd.service

+%{_libdir}/systemd/system-preset/50-xinetd.preset

 %changelog

+*   Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com>  2.3.15-7

+-   Disabled xinetd service by default

 *   Thu May 26 2016 Divya Thaluru <dthaluru@vmware.com>  2.3.15-6

 -   Fixed logic to restart the active services after upgrade 

 *	Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.3.15-5