[11578] | 1 | %bcond_with systemd |
---|
| 2 | %global _unpackaged_files_terminate_build 1 |
---|
| 3 | |
---|
| 4 | Name: trousers |
---|
| 5 | Summary: TCG's Software Stack v1.2 |
---|
[12316] | 6 | Version: 0.3.14 |
---|
[12476] | 7 | Release: 1%{?_dist_release}%{?with_systemd:.systemd} |
---|
| 8 | Group: system |
---|
[11578] | 9 | Vendor: Project Vine |
---|
| 10 | Distribution: Vine Linux |
---|
| 11 | |
---|
[12316] | 12 | License: BSD |
---|
| 13 | URL: http://trousers.sourceforge.net |
---|
| 14 | Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz |
---|
[11578] | 15 | Source1: tcsd.service |
---|
| 16 | Source1000: tcsd.init |
---|
| 17 | |
---|
[12476] | 18 | Patch1: trousers-0.3.14-noinline.patch |
---|
| 19 | # submitted upstream |
---|
| 20 | Patch2: trousers-0.3.14-unlock-in-err-path.patch |
---|
| 21 | Patch3: trousers-0.3.14-fix-indent-obj_policy.patch |
---|
| 22 | Patch4: trousers-0.3.14-double-free.patch |
---|
| 23 | Patch5: trousers-0.3.14-fix-indent-tspi_key.patch |
---|
| 24 | Patch6: trousers-0.3.14-tcsd-header-fix.patch |
---|
| 25 | |
---|
| 26 | Patch1003: 0003-trousers-clean-up-use-after-free-in-Transport_Termin.patch |
---|
| 27 | Patch1005: 0005-Correct-multiple-security-issues-that-are-present-if.patch |
---|
| 28 | |
---|
[11578] | 29 | BuildRequires: libtool, openssl-devel |
---|
| 30 | Requires(pre): shadow-utils |
---|
| 31 | Requires: %{name}-lib%{?_isa} = %{version}-%{release} |
---|
| 32 | %if %{with systemd} |
---|
| 33 | BuildRequires: systemd |
---|
| 34 | Requires(post): systemd-units |
---|
| 35 | Requires(preun): systemd-units |
---|
| 36 | Requires(postun): systemd-units |
---|
| 37 | %endif |
---|
| 38 | |
---|
| 39 | %description |
---|
| 40 | TrouSerS is an implementation of the Trusted Computing Group's Software Stack |
---|
| 41 | (TSS) specification. You can use TrouSerS to write applications that make use |
---|
| 42 | of your TPM hardware. TPM hardware can create, store and use RSA keys |
---|
| 43 | securely (without ever being exposed in memory), verify a platform's software |
---|
| 44 | state using cryptographic hashes and more. |
---|
| 45 | |
---|
[12476] | 46 | |
---|
[11578] | 47 | %package lib |
---|
| 48 | Summary: TrouSerS libtspi library |
---|
[12476] | 49 | Group: system |
---|
[11578] | 50 | # Needed obsoletes due to the -lib subpackage split |
---|
| 51 | Obsoletes: trousers < 0.3.13-4 |
---|
| 52 | |
---|
| 53 | %description lib |
---|
| 54 | The libtspi library for use in Trusted Computing enabled applications. |
---|
| 55 | |
---|
[12476] | 56 | |
---|
[11578] | 57 | %package static |
---|
| 58 | Summary: TrouSerS TCG Device Driver Library |
---|
[12476] | 59 | Group: programming |
---|
[11578] | 60 | Requires: %{name}-devel%{?_isa} = %{version}-%{release} |
---|
| 61 | |
---|
| 62 | %description static |
---|
| 63 | The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the |
---|
| 64 | interface to the TPM's device driver. For more information about writing |
---|
| 65 | applications to the TDDL interface, see the latest TSS spec at |
---|
| 66 | https://www.trustedcomputinggroup.org/specs/TSS. |
---|
| 67 | |
---|
[12476] | 68 | |
---|
[11578] | 69 | %package devel |
---|
| 70 | Summary: TrouSerS header files and documentation |
---|
[12476] | 71 | Group: programming |
---|
[11578] | 72 | Requires: %{name}-lib%{?_isa} = %{version}-%{release} |
---|
| 73 | |
---|
| 74 | %description devel |
---|
| 75 | Header files and man pages for use in creating Trusted Computing enabled |
---|
| 76 | applications. |
---|
| 77 | |
---|
[12476] | 78 | |
---|
[11578] | 79 | %prep |
---|
[12316] | 80 | %setup -q -c |
---|
[12476] | 81 | %autopatch -p1 |
---|
[11578] | 82 | # fix man page paths |
---|
| 83 | sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in |
---|
| 84 | |
---|
[12476] | 85 | |
---|
[11578] | 86 | %build |
---|
| 87 | %configure --with-gui=openssl |
---|
| 88 | make -k %{?_smp_mflags} |
---|
| 89 | |
---|
[12476] | 90 | |
---|
[11578] | 91 | %install |
---|
| 92 | mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm |
---|
| 93 | make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p" |
---|
| 94 | rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la |
---|
| 95 | |
---|
| 96 | %if %{with systemd} |
---|
| 97 | mkdir -p $RPM_BUILD_ROOT%{_unitdir} |
---|
| 98 | install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ |
---|
| 99 | %else |
---|
| 100 | mkdir -p $RPM_BUILD_ROOT%{_initdir} |
---|
| 101 | install -m 0755 %{SOURCE1000} $RPM_BUILD_ROOT%{_initdir}/tcsd |
---|
| 102 | %endif |
---|
| 103 | |
---|
[12476] | 104 | |
---|
[11578] | 105 | %pre |
---|
| 106 | getent group tss >/dev/null || groupadd -g 59 -r tss |
---|
| 107 | getent passwd tss >/dev/null || \ |
---|
| 108 | useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ |
---|
| 109 | -c "Account used by the trousers package to sandbox the tcsd daemon" tss |
---|
| 110 | exit 0 |
---|
| 111 | |
---|
| 112 | %post |
---|
| 113 | %if %{with systemd} |
---|
| 114 | %systemd_post tcsd.service |
---|
| 115 | %else |
---|
| 116 | /sbin/chkconfig --add tcsd |
---|
| 117 | %endif |
---|
| 118 | |
---|
| 119 | %preun |
---|
| 120 | %if %{with systemd} |
---|
| 121 | %systemd_preun tcsd.service |
---|
| 122 | %else |
---|
[12476] | 123 | if [ $1 -eq 0 -o -x /bin/systemctl ]; then |
---|
[11578] | 124 | /sbin/service tcsd stop |
---|
| 125 | /sbin/chkconfig --del tcsd |
---|
| 126 | fi |
---|
| 127 | %endif |
---|
| 128 | |
---|
| 129 | %postun |
---|
| 130 | %if %{with systemd} |
---|
| 131 | %systemd_postun_with_restart tcsd.service |
---|
| 132 | %else |
---|
| 133 | if [ $1 -gt 0 ]; then |
---|
| 134 | /sbin/service tcsd condrestart |
---|
| 135 | fi |
---|
| 136 | %endif |
---|
| 137 | |
---|
| 138 | %post lib -p /sbin/ldconfig |
---|
| 139 | %postun lib -p /sbin/ldconfig |
---|
| 140 | |
---|
[12476] | 141 | |
---|
[11578] | 142 | %files |
---|
| 143 | %doc README ChangeLog |
---|
| 144 | %{_sbindir}/tcsd |
---|
| 145 | %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf |
---|
| 146 | %{_mandir}/man5/* |
---|
| 147 | %{_mandir}/man8/* |
---|
| 148 | %if %{with systemd} |
---|
| 149 | %attr(644,root,root) %{_unitdir}/tcsd.service |
---|
| 150 | %else |
---|
| 151 | %{_initdir}/tcsd |
---|
| 152 | %endif |
---|
| 153 | |
---|
| 154 | %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ |
---|
| 155 | |
---|
| 156 | %files lib |
---|
| 157 | %{!?_licensedir:%global license %%doc} |
---|
| 158 | %license LICENSE |
---|
| 159 | %{_libdir}/libtspi.so.? |
---|
| 160 | %{_libdir}/libtspi.so.?.?.? |
---|
| 161 | |
---|
| 162 | %files devel |
---|
| 163 | # The files to be used by developers, 'trousers-devel' |
---|
| 164 | %doc doc/LTC-TSS_LLD_08_r2.pdf doc/TSS_programming_SNAFUs.txt |
---|
| 165 | %attr(0755, root, root) %{_libdir}/libtspi.so |
---|
| 166 | %{_includedir}/tss/ |
---|
| 167 | %{_includedir}/trousers/ |
---|
| 168 | %{_mandir}/man3/Tspi_* |
---|
| 169 | |
---|
| 170 | %files static |
---|
| 171 | # The only static library shipped by trousers, the TDDL |
---|
| 172 | %{_libdir}/libtddl.a |
---|
| 173 | |
---|
[12476] | 174 | |
---|
[11578] | 175 | %changelog |
---|
[12476] | 176 | * Tue Aug 18 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.14-1 |
---|
[12316] | 177 | - new upstream release. |
---|
[12476] | 178 | - dropped Patch1 and 2. |
---|
| 179 | - imported Patch1-6 from rawhide. |
---|
| 180 | - imported Patch1003 and 1005 from upstream to fix vulnerabilities. |
---|
[12316] | 181 | |
---|
[11883] | 182 | * Wed Nov 07 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.13-12 |
---|
| 183 | - rebuilt with openssl-1.1.1. |
---|
| 184 | - enabled Patch2. |
---|
| 185 | |
---|
[11578] | 186 | * Mon Mar 05 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.13-11 |
---|
| 187 | - initial build for Vine Linux. |
---|
| 188 | |
---|
| 189 | * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-10 |
---|
| 190 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild |
---|
| 191 | |
---|
| 192 | * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-9 |
---|
| 193 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild |
---|
| 194 | |
---|
| 195 | * Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-8 |
---|
| 196 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild |
---|
| 197 | |
---|
| 198 | * Tue Feb 7 2017 Peter Robinson <pbrobinson@fedoraproject.org> 0.3.13-7 |
---|
| 199 | - Add patch for OpenSSL 1.1 |
---|
| 200 | |
---|
| 201 | * Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-6 |
---|
| 202 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild |
---|
| 203 | |
---|
| 204 | * Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-5 |
---|
| 205 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild |
---|
| 206 | |
---|
| 207 | * Tue May 26 2015 Tomáš Mráz <tmraz@redhat.com> 0.3.13-4 |
---|
| 208 | - Split libtspi to a trousers-lib subpackage (#1225062) |
---|
| 209 | - Fix FTBFS with current gcc (drop inline keyword when bogus) |
---|
| 210 | |
---|
| 211 | * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-3 |
---|
| 212 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild |
---|
| 213 | |
---|
| 214 | * Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-2 |
---|
| 215 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild |
---|
| 216 | |
---|
| 217 | * Thu May 15 2014 Steve Grubb <sgrubb@redhat.com> 0.3.13-1 |
---|
| 218 | - New upstream bug fix release |
---|
| 219 | |
---|
| 220 | * Tue Mar 18 2014 Steve Grubb <sgrubb@redhat.com> 0.3.11.2-3 |
---|
| 221 | - Fix crash when linking libgnutls and libmysqlclient (#1069079) |
---|
| 222 | - Don't order tcsd after syslog.target (#1055198) |
---|
| 223 | |
---|
| 224 | * Thu Feb 13 2014 Peter Robinson <pbrobinson@fedoraproject.org> 0.3.11.2-2 |
---|
| 225 | - Minor spec cleanups |
---|
| 226 | |
---|
| 227 | * Mon Aug 19 2013 Steve Grubb <sgrubb@redhat.com> 0.3.11.2-1 |
---|
| 228 | - New upstream bug fix and license change release |
---|
| 229 | |
---|
| 230 | * Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.10-4 |
---|
| 231 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild |
---|
| 232 | |
---|
| 233 | * Sun Jun 02 2013 Steve Grubb <sgrubb@redhat.com> 0.3.10-3 |
---|
| 234 | - Remove +x bit from service file (#963916) |
---|
| 235 | |
---|
| 236 | * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.10-2 |
---|
| 237 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild |
---|
| 238 | |
---|
| 239 | * Tue Sep 25 2012 Steve Grubb <sgrubb@redhat.com> 0.3.10-1 |
---|
| 240 | - New upstream bug fix release |
---|
| 241 | |
---|
| 242 | * Thu Aug 30 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-4 |
---|
| 243 | - Make daemon full RELRO |
---|
| 244 | |
---|
| 245 | * Mon Aug 27 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-3 |
---|
| 246 | - bz #836476 - Provide native systemd service |
---|
| 247 | |
---|
| 248 | * Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-2 |
---|
| 249 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
---|
| 250 | |
---|
| 251 | * Thu Jun 21 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-1 |
---|
| 252 | - New upstream bug fix release |
---|
| 253 | |
---|
| 254 | * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.6-2 |
---|
| 255 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild |
---|
| 256 | |
---|
| 257 | * Fri Apr 08 2011 Steve Grubb <sgrubb@redhat.com> 0.3.6-1 |
---|
| 258 | - New upstream bug fix release |
---|
| 259 | |
---|
| 260 | * Thu Feb 10 2011 Miloš Jakubíček <xjakub@fi.muni.cz> - 0.3.4-5 |
---|
| 261 | - Fix paths in man pages, mark them as %%doc -- fix BZ#676394 |
---|
| 262 | |
---|
| 263 | * Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-4 |
---|
| 264 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild |
---|
| 265 | |
---|
| 266 | * Sat May 01 2010 Miloš Jakubíček <xjakub@fi.muni.cz> - 0.3.4-3 |
---|
| 267 | - Fix init script to conform to Fedora guidelines |
---|
| 268 | - Do not overuse macros |
---|
| 269 | |
---|
| 270 | * Mon Feb 08 2010 Steve Grubb <sgrubb@redhat.com> 0.3.4-2 |
---|
| 271 | - Fix issue freeing a data structure |
---|
| 272 | |
---|
| 273 | * Fri Jan 29 2010 Steve Grubb <sgrubb@redhat.com> 0.3.4-1 |
---|
| 274 | - New upstream bug fix release |
---|
| 275 | - Upstream requested the tpm-emulator patch be dropped |
---|
| 276 | |
---|
| 277 | * Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.3.1-19 |
---|
| 278 | - rebuilt with new openssl |
---|
| 279 | |
---|
| 280 | * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-18 |
---|
| 281 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
---|
| 282 | |
---|
| 283 | * Thu May 14 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-17 |
---|
| 284 | - Do not overuse macros. |
---|
| 285 | - Removed unnecessary file requirements on chkconfig, ldconfig and service, |
---|
| 286 | now requiring the initscripts and chkconfig packages. |
---|
| 287 | |
---|
| 288 | * Wed May 06 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-16 |
---|
| 289 | - Fix a typo in groupadd causing the %%pre scriptlet to fail (resolves BZ#486155). |
---|
| 290 | |
---|
| 291 | * Mon Apr 27 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-15 |
---|
| 292 | - Fix FTBFS: added trousers-0.3.1-gcc44.patch |
---|
| 293 | |
---|
| 294 | * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-14 |
---|
| 295 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
---|
| 296 | |
---|
| 297 | * Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 0.3.1-13 |
---|
| 298 | - rebuild with new openssl |
---|
| 299 | |
---|
| 300 | * Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.3.1-12 |
---|
| 301 | - Bump release to avoid wrong tag in rawhide |
---|
| 302 | |
---|
| 303 | * Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.3.1-11 |
---|
| 304 | - Work around SELinux namespace pollution (#464037) |
---|
| 305 | - Use SO_REUSEADDR |
---|
| 306 | - Use TPM emulator if it's available and no hardware is |
---|
| 307 | |
---|
| 308 | * Fri Aug 08 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-10 |
---|
| 309 | - Use the uid/gid pair assigned to trousers from BZ#457593 |
---|
| 310 | |
---|
| 311 | * Fri Aug 01 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-9 |
---|
| 312 | - Incorporated changes from the RHEL package which were done by Steve Grubb |
---|
| 313 | |
---|
| 314 | * Wed Jun 04 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-8 |
---|
| 315 | - Fix cast issue preventing successful build on ppc64 and x86_64 |
---|
| 316 | |
---|
| 317 | * Tue Jun 03 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-7 |
---|
| 318 | - Fix for BZ #434267 and #440733. Patch authored by Debora Velarde |
---|
| 319 | |
---|
| 320 | * Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.3.1-6 |
---|
| 321 | - Autorebuild for GCC 4.3 |
---|
| 322 | |
---|
| 323 | * Mon Dec 17 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-5 |
---|
| 324 | - Updated static rpm's comment line (too long) |
---|
| 325 | |
---|
| 326 | * Thu Dec 13 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-4 |
---|
| 327 | - Updated specfile for RHBZ#323441 comment #28 |
---|
| 328 | |
---|
| 329 | * Wed Dec 12 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-3 |
---|
| 330 | - Updated specfile for RHBZ#323441 comment #22 |
---|
| 331 | |
---|
| 332 | * Wed Nov 28 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-2 |
---|
| 333 | - Updated to include the include dirs in the devel package; |
---|
| 334 | added the no-install-hooks patch |
---|
| 335 | |
---|
| 336 | * Wed Nov 28 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-1 |
---|
| 337 | - Updated specfile for RHBZ#323441 comment #13 |
---|
| 338 | |
---|
| 339 | * Mon Nov 12 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1 |
---|
| 340 | - Updated specfile for comments in RHBZ#323441 |
---|
| 341 | |
---|
| 342 | * Wed Jun 07 2006 Kent Yoder <kyoder@users.sf.net> - 0.2.6-1 |
---|
| 343 | - Updated build section to use smp_mflags |
---|
| 344 | - Removed .la file from installed dest and files section |
---|
| 345 | |
---|
| 346 | * Tue Jun 06 2006 Kent Yoder <kyoder@users.sf.net> - 0.2.6-1 |
---|
| 347 | - Initial add of changelog tag for trousers CVS |
---|