%bcond_with systemd %global _unpackaged_files_terminate_build 1 Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.14 Release: 1%{?_dist_release}%{?with_systemd:.systemd} Group: system Vendor: Project Vine Distribution: Vine Linux License: BSD URL: http://trousers.sourceforge.net Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service Source1000: tcsd.init Patch1: trousers-0.3.14-noinline.patch # submitted upstream Patch2: trousers-0.3.14-unlock-in-err-path.patch Patch3: trousers-0.3.14-fix-indent-obj_policy.patch Patch4: trousers-0.3.14-double-free.patch Patch5: trousers-0.3.14-fix-indent-tspi_key.patch Patch6: trousers-0.3.14-tcsd-header-fix.patch Patch1003: 0003-trousers-clean-up-use-after-free-in-Transport_Termin.patch Patch1005: 0005-Correct-multiple-security-issues-that-are-present-if.patch BuildRequires: libtool, openssl-devel Requires(pre): shadow-utils Requires: %{name}-lib%{?_isa} = %{version}-%{release} %if %{with systemd} BuildRequires: systemd Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units %endif %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack (TSS) specification. You can use TrouSerS to write applications that make use of your TPM hardware. TPM hardware can create, store and use RSA keys securely (without ever being exposed in memory), verify a platform's software state using cryptographic hashes and more. %package lib Summary: TrouSerS libtspi library Group: system # Needed obsoletes due to the -lib subpackage split Obsoletes: trousers < 0.3.13-4 %description lib The libtspi library for use in Trusted Computing enabled applications. %package static Summary: TrouSerS TCG Device Driver Library Group: programming Requires: %{name}-devel%{?_isa} = %{version}-%{release} %description static The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the interface to the TPM's device driver. For more information about writing applications to the TDDL interface, see the latest TSS spec at https://www.trustedcomputinggroup.org/specs/TSS. %package devel Summary: TrouSerS header files and documentation Group: programming Requires: %{name}-lib%{?_isa} = %{version}-%{release} %description devel Header files and man pages for use in creating Trusted Computing enabled applications. %prep %setup -q -c %autopatch -p1 # fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in %build %configure --with-gui=openssl make -k %{?_smp_mflags} %install mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p" rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la %if %{with systemd} mkdir -p $RPM_BUILD_ROOT%{_unitdir} install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ %else mkdir -p $RPM_BUILD_ROOT%{_initdir} install -m 0755 %{SOURCE1000} $RPM_BUILD_ROOT%{_initdir}/tcsd %endif %pre getent group tss >/dev/null || groupadd -g 59 -r tss getent passwd tss >/dev/null || \ useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ -c "Account used by the trousers package to sandbox the tcsd daemon" tss exit 0 %post %if %{with systemd} %systemd_post tcsd.service %else /sbin/chkconfig --add tcsd %endif %preun %if %{with systemd} %systemd_preun tcsd.service %else if [ $1 -eq 0 -o -x /bin/systemctl ]; then /sbin/service tcsd stop /sbin/chkconfig --del tcsd fi %endif %postun %if %{with systemd} %systemd_postun_with_restart tcsd.service %else if [ $1 -gt 0 ]; then /sbin/service tcsd condrestart fi %endif %post lib -p /sbin/ldconfig %postun lib -p /sbin/ldconfig %files %doc README ChangeLog %{_sbindir}/tcsd %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf %{_mandir}/man5/* %{_mandir}/man8/* %if %{with systemd} %attr(644,root,root) %{_unitdir}/tcsd.service %else %{_initdir}/tcsd %endif %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ %files lib %{!?_licensedir:%global license %%doc} %license LICENSE %{_libdir}/libtspi.so.? %{_libdir}/libtspi.so.?.?.? %files devel # The files to be used by developers, 'trousers-devel' %doc doc/LTC-TSS_LLD_08_r2.pdf doc/TSS_programming_SNAFUs.txt %attr(0755, root, root) %{_libdir}/libtspi.so %{_includedir}/tss/ %{_includedir}/trousers/ %{_mandir}/man3/Tspi_* %files static # The only static library shipped by trousers, the TDDL %{_libdir}/libtddl.a %changelog * Tue Aug 18 2020 Tomohiro "Tomo-p" KATO - 0.3.14-1 - new upstream release. - dropped Patch1 and 2. - imported Patch1-6 from rawhide. - imported Patch1003 and 1005 from upstream to fix vulnerabilities. * Wed Nov 07 2018 Tomohiro "Tomo-p" KATO - 0.3.13-12 - rebuilt with openssl-1.1.1. - enabled Patch2. * Mon Mar 05 2018 Tomohiro "Tomo-p" KATO - 0.3.13-11 - initial build for Vine Linux. * Fri Feb 09 2018 Fedora Release Engineering - 0.3.13-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Aug 03 2017 Fedora Release Engineering - 0.3.13-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering - 0.3.13-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Tue Feb 7 2017 Peter Robinson 0.3.13-7 - Add patch for OpenSSL 1.1 * Fri Feb 05 2016 Fedora Release Engineering - 0.3.13-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Fri Jun 19 2015 Fedora Release Engineering - 0.3.13-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue May 26 2015 Tomáš Mráz 0.3.13-4 - Split libtspi to a trousers-lib subpackage (#1225062) - Fix FTBFS with current gcc (drop inline keyword when bogus) * Mon Aug 18 2014 Fedora Release Engineering - 0.3.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 08 2014 Fedora Release Engineering - 0.3.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 15 2014 Steve Grubb 0.3.13-1 - New upstream bug fix release * Tue Mar 18 2014 Steve Grubb 0.3.11.2-3 - Fix crash when linking libgnutls and libmysqlclient (#1069079) - Don't order tcsd after syslog.target (#1055198) * Thu Feb 13 2014 Peter Robinson 0.3.11.2-2 - Minor spec cleanups * Mon Aug 19 2013 Steve Grubb 0.3.11.2-1 - New upstream bug fix and license change release * Sun Aug 04 2013 Fedora Release Engineering - 0.3.10-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sun Jun 02 2013 Steve Grubb 0.3.10-3 - Remove +x bit from service file (#963916) * Fri Feb 15 2013 Fedora Release Engineering - 0.3.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Tue Sep 25 2012 Steve Grubb 0.3.10-1 - New upstream bug fix release * Thu Aug 30 2012 Steve Grubb 0.3.9-4 - Make daemon full RELRO * Mon Aug 27 2012 Steve Grubb 0.3.9-3 - bz #836476 - Provide native systemd service * Sun Jul 22 2012 Fedora Release Engineering - 0.3.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jun 21 2012 Steve Grubb 0.3.9-1 - New upstream bug fix release * Sat Jan 14 2012 Fedora Release Engineering - 0.3.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Fri Apr 08 2011 Steve Grubb 0.3.6-1 - New upstream bug fix release * Thu Feb 10 2011 Miloš Jakubíček - 0.3.4-5 - Fix paths in man pages, mark them as %%doc -- fix BZ#676394 * Wed Feb 09 2011 Fedora Release Engineering - 0.3.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sat May 01 2010 Miloš Jakubíček - 0.3.4-3 - Fix init script to conform to Fedora guidelines - Do not overuse macros * Mon Feb 08 2010 Steve Grubb 0.3.4-2 - Fix issue freeing a data structure * Fri Jan 29 2010 Steve Grubb 0.3.4-1 - New upstream bug fix release - Upstream requested the tpm-emulator patch be dropped * Fri Aug 21 2009 Tomas Mraz - 0.3.1-19 - rebuilt with new openssl * Sun Jul 26 2009 Fedora Release Engineering - 0.3.1-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Thu May 14 2009 Milos Jakubicek - 0.3.1-17 - Do not overuse macros. - Removed unnecessary file requirements on chkconfig, ldconfig and service, now requiring the initscripts and chkconfig packages. * Wed May 06 2009 Milos Jakubicek - 0.3.1-16 - Fix a typo in groupadd causing the %%pre scriptlet to fail (resolves BZ#486155). * Mon Apr 27 2009 Milos Jakubicek - 0.3.1-15 - Fix FTBFS: added trousers-0.3.1-gcc44.patch * Wed Feb 25 2009 Fedora Release Engineering - 0.3.1-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sun Jan 18 2009 Tomas Mraz - 0.3.1-13 - rebuild with new openssl * Tue Dec 16 2008 David Woodhouse - 0.3.1-12 - Bump release to avoid wrong tag in rawhide * Tue Dec 16 2008 David Woodhouse - 0.3.1-11 - Work around SELinux namespace pollution (#464037) - Use SO_REUSEADDR - Use TPM emulator if it's available and no hardware is * Fri Aug 08 2008 Emily Ratliff - 0.3.1-10 - Use the uid/gid pair assigned to trousers from BZ#457593 * Fri Aug 01 2008 Emily Ratliff - 0.3.1-9 - Incorporated changes from the RHEL package which were done by Steve Grubb * Wed Jun 04 2008 Emily Ratliff - 0.3.1-8 - Fix cast issue preventing successful build on ppc64 and x86_64 * Tue Jun 03 2008 Emily Ratliff - 0.3.1-7 - Fix for BZ #434267 and #440733. Patch authored by Debora Velarde * Tue Feb 19 2008 Fedora Release Engineering - 0.3.1-6 - Autorebuild for GCC 4.3 * Mon Dec 17 2007 Kent Yoder - 0.3.1-5 - Updated static rpm's comment line (too long) * Thu Dec 13 2007 Kent Yoder - 0.3.1-4 - Updated specfile for RHBZ#323441 comment #28 * Wed Dec 12 2007 Kent Yoder - 0.3.1-3 - Updated specfile for RHBZ#323441 comment #22 * Wed Nov 28 2007 Kent Yoder - 0.3.1-2 - Updated to include the include dirs in the devel package; added the no-install-hooks patch * Wed Nov 28 2007 Kent Yoder - 0.3.1-1 - Updated specfile for RHBZ#323441 comment #13 * Mon Nov 12 2007 Kent Yoder - 0.3.1 - Updated specfile for comments in RHBZ#323441 * Wed Jun 07 2006 Kent Yoder - 0.2.6-1 - Updated build section to use smp_mflags - Removed .la file from installed dest and files section * Tue Jun 06 2006 Kent Yoder - 0.2.6-1 - Initial add of changelog tag for trousers CVS