trousers-vl.spec 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347
  1. %bcond_with systemd
  2. %global _unpackaged_files_terminate_build 1
  3. Name: trousers
  4. Summary: TCG's Software Stack v1.2
  5. Version: 0.3.14
  6. Release: 1%{?_dist_release}%{?with_systemd:.systemd}
  7. Group: system
  8. Vendor: Project Vine
  9. Distribution: Vine Linux
  10. License: BSD
  11. URL: http://trousers.sourceforge.net
  12. Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
  13. Source1: tcsd.service
  14. Source1000: tcsd.init
  15. Patch1: trousers-0.3.14-noinline.patch
  16. # submitted upstream
  17. Patch2: trousers-0.3.14-unlock-in-err-path.patch
  18. Patch3: trousers-0.3.14-fix-indent-obj_policy.patch
  19. Patch4: trousers-0.3.14-double-free.patch
  20. Patch5: trousers-0.3.14-fix-indent-tspi_key.patch
  21. Patch6: trousers-0.3.14-tcsd-header-fix.patch
  22. Patch1003: 0003-trousers-clean-up-use-after-free-in-Transport_Termin.patch
  23. Patch1005: 0005-Correct-multiple-security-issues-that-are-present-if.patch
  24. BuildRequires: libtool, openssl-devel
  25. Requires(pre): shadow-utils
  26. Requires: %{name}-lib%{?_isa} = %{version}-%{release}
  27. %if %{with systemd}
  28. BuildRequires: systemd
  29. Requires(post): systemd-units
  30. Requires(preun): systemd-units
  31. Requires(postun): systemd-units
  32. %endif
  33. %description
  34. TrouSerS is an implementation of the Trusted Computing Group's Software Stack
  35. (TSS) specification. You can use TrouSerS to write applications that make use
  36. of your TPM hardware. TPM hardware can create, store and use RSA keys
  37. securely (without ever being exposed in memory), verify a platform's software
  38. state using cryptographic hashes and more.
  39. %package lib
  40. Summary: TrouSerS libtspi library
  41. Group: system
  42. # Needed obsoletes due to the -lib subpackage split
  43. Obsoletes: trousers < 0.3.13-4
  44. %description lib
  45. The libtspi library for use in Trusted Computing enabled applications.
  46. %package static
  47. Summary: TrouSerS TCG Device Driver Library
  48. Group: programming
  49. Requires: %{name}-devel%{?_isa} = %{version}-%{release}
  50. %description static
  51. The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the
  52. interface to the TPM's device driver. For more information about writing
  53. applications to the TDDL interface, see the latest TSS spec at
  54. https://www.trustedcomputinggroup.org/specs/TSS.
  55. %package devel
  56. Summary: TrouSerS header files and documentation
  57. Group: programming
  58. Requires: %{name}-lib%{?_isa} = %{version}-%{release}
  59. %description devel
  60. Header files and man pages for use in creating Trusted Computing enabled
  61. applications.
  62. %prep
  63. %setup -q -c
  64. %autopatch -p1
  65. # fix man page paths
  66. sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in
  67. %build
  68. %configure --with-gui=openssl
  69. make -k %{?_smp_mflags}
  70. %install
  71. mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm
  72. make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p"
  73. rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la
  74. %if %{with systemd}
  75. mkdir -p $RPM_BUILD_ROOT%{_unitdir}
  76. install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/
  77. %else
  78. mkdir -p $RPM_BUILD_ROOT%{_initdir}
  79. install -m 0755 %{SOURCE1000} $RPM_BUILD_ROOT%{_initdir}/tcsd
  80. %endif
  81. %pre
  82. getent group tss >/dev/null || groupadd -g 59 -r tss
  83. getent passwd tss >/dev/null || \
  84. useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \
  85. -c "Account used by the trousers package to sandbox the tcsd daemon" tss
  86. exit 0
  87. %post
  88. %if %{with systemd}
  89. %systemd_post tcsd.service
  90. %else
  91. /sbin/chkconfig --add tcsd
  92. %endif
  93. %preun
  94. %if %{with systemd}
  95. %systemd_preun tcsd.service
  96. %else
  97. if [ $1 -eq 0 -o -x /bin/systemctl ]; then
  98. /sbin/service tcsd stop
  99. /sbin/chkconfig --del tcsd
  100. fi
  101. %endif
  102. %postun
  103. %if %{with systemd}
  104. %systemd_postun_with_restart tcsd.service
  105. %else
  106. if [ $1 -gt 0 ]; then
  107. /sbin/service tcsd condrestart
  108. fi
  109. %endif
  110. %post lib -p /sbin/ldconfig
  111. %postun lib -p /sbin/ldconfig
  112. %files
  113. %doc README ChangeLog
  114. %{_sbindir}/tcsd
  115. %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf
  116. %{_mandir}/man5/*
  117. %{_mandir}/man8/*
  118. %if %{with systemd}
  119. %attr(644,root,root) %{_unitdir}/tcsd.service
  120. %else
  121. %{_initdir}/tcsd
  122. %endif
  123. %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/
  124. %files lib
  125. %{!?_licensedir:%global license %%doc}
  126. %license LICENSE
  127. %{_libdir}/libtspi.so.?
  128. %{_libdir}/libtspi.so.?.?.?
  129. %files devel
  130. # The files to be used by developers, 'trousers-devel'
  131. %doc doc/LTC-TSS_LLD_08_r2.pdf doc/TSS_programming_SNAFUs.txt
  132. %attr(0755, root, root) %{_libdir}/libtspi.so
  133. %{_includedir}/tss/
  134. %{_includedir}/trousers/
  135. %{_mandir}/man3/Tspi_*
  136. %files static
  137. # The only static library shipped by trousers, the TDDL
  138. %{_libdir}/libtddl.a
  139. %changelog
  140. * Tue Aug 18 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.14-1
  141. - new upstream release.
  142. - dropped Patch1 and 2.
  143. - imported Patch1-6 from rawhide.
  144. - imported Patch1003 and 1005 from upstream to fix vulnerabilities.
  145. * Wed Nov 07 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.13-12
  146. - rebuilt with openssl-1.1.1.
  147. - enabled Patch2.
  148. * Mon Mar 05 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.13-11
  149. - initial build for Vine Linux.
  150. * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-10
  151. - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
  152. * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-9
  153. - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
  154. * Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-8
  155. - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
  156. * Tue Feb 7 2017 Peter Robinson <pbrobinson@fedoraproject.org> 0.3.13-7
  157. - Add patch for OpenSSL 1.1
  158. * Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-6
  159. - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
  160. * Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-5
  161. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
  162. * Tue May 26 2015 Tomáš Mráz <tmraz@redhat.com> 0.3.13-4
  163. - Split libtspi to a trousers-lib subpackage (#1225062)
  164. - Fix FTBFS with current gcc (drop inline keyword when bogus)
  165. * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-3
  166. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
  167. * Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-2
  168. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
  169. * Thu May 15 2014 Steve Grubb <sgrubb@redhat.com> 0.3.13-1
  170. - New upstream bug fix release
  171. * Tue Mar 18 2014 Steve Grubb <sgrubb@redhat.com> 0.3.11.2-3
  172. - Fix crash when linking libgnutls and libmysqlclient (#1069079)
  173. - Don't order tcsd after syslog.target (#1055198)
  174. * Thu Feb 13 2014 Peter Robinson <pbrobinson@fedoraproject.org> 0.3.11.2-2
  175. - Minor spec cleanups
  176. * Mon Aug 19 2013 Steve Grubb <sgrubb@redhat.com> 0.3.11.2-1
  177. - New upstream bug fix and license change release
  178. * Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.10-4
  179. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
  180. * Sun Jun 02 2013 Steve Grubb <sgrubb@redhat.com> 0.3.10-3
  181. - Remove +x bit from service file (#963916)
  182. * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.10-2
  183. - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
  184. * Tue Sep 25 2012 Steve Grubb <sgrubb@redhat.com> 0.3.10-1
  185. - New upstream bug fix release
  186. * Thu Aug 30 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-4
  187. - Make daemon full RELRO
  188. * Mon Aug 27 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-3
  189. - bz #836476 - Provide native systemd service
  190. * Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-2
  191. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
  192. * Thu Jun 21 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-1
  193. - New upstream bug fix release
  194. * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.6-2
  195. - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
  196. * Fri Apr 08 2011 Steve Grubb <sgrubb@redhat.com> 0.3.6-1
  197. - New upstream bug fix release
  198. * Thu Feb 10 2011 Miloš Jakubíček <xjakub@fi.muni.cz> - 0.3.4-5
  199. - Fix paths in man pages, mark them as %%doc -- fix BZ#676394
  200. * Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-4
  201. - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
  202. * Sat May 01 2010 Miloš Jakubíček <xjakub@fi.muni.cz> - 0.3.4-3
  203. - Fix init script to conform to Fedora guidelines
  204. - Do not overuse macros
  205. * Mon Feb 08 2010 Steve Grubb <sgrubb@redhat.com> 0.3.4-2
  206. - Fix issue freeing a data structure
  207. * Fri Jan 29 2010 Steve Grubb <sgrubb@redhat.com> 0.3.4-1
  208. - New upstream bug fix release
  209. - Upstream requested the tpm-emulator patch be dropped
  210. * Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.3.1-19
  211. - rebuilt with new openssl
  212. * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-18
  213. - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
  214. * Thu May 14 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-17
  215. - Do not overuse macros.
  216. - Removed unnecessary file requirements on chkconfig, ldconfig and service,
  217. now requiring the initscripts and chkconfig packages.
  218. * Wed May 06 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-16
  219. - Fix a typo in groupadd causing the %%pre scriptlet to fail (resolves BZ#486155).
  220. * Mon Apr 27 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-15
  221. - Fix FTBFS: added trousers-0.3.1-gcc44.patch
  222. * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-14
  223. - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
  224. * Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 0.3.1-13
  225. - rebuild with new openssl
  226. * Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.3.1-12
  227. - Bump release to avoid wrong tag in rawhide
  228. * Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.3.1-11
  229. - Work around SELinux namespace pollution (#464037)
  230. - Use SO_REUSEADDR
  231. - Use TPM emulator if it's available and no hardware is
  232. * Fri Aug 08 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-10
  233. - Use the uid/gid pair assigned to trousers from BZ#457593
  234. * Fri Aug 01 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-9
  235. - Incorporated changes from the RHEL package which were done by Steve Grubb
  236. * Wed Jun 04 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-8
  237. - Fix cast issue preventing successful build on ppc64 and x86_64
  238. * Tue Jun 03 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-7
  239. - Fix for BZ #434267 and #440733. Patch authored by Debora Velarde
  240. * Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.3.1-6
  241. - Autorebuild for GCC 4.3
  242. * Mon Dec 17 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-5
  243. - Updated static rpm's comment line (too long)
  244. * Thu Dec 13 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-4
  245. - Updated specfile for RHBZ#323441 comment #28
  246. * Wed Dec 12 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-3
  247. - Updated specfile for RHBZ#323441 comment #22
  248. * Wed Nov 28 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-2
  249. - Updated to include the include dirs in the devel package;
  250. added the no-install-hooks patch
  251. * Wed Nov 28 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-1
  252. - Updated specfile for RHBZ#323441 comment #13
  253. * Mon Nov 12 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1
  254. - Updated specfile for comments in RHBZ#323441
  255. * Wed Jun 07 2006 Kent Yoder <kyoder@users.sf.net> - 0.2.6-1
  256. - Updated build section to use smp_mflags
  257. - Removed .la file from installed dest and files section
  258. * Tue Jun 06 2006 Kent Yoder <kyoder@users.sf.net> - 0.2.6-1
  259. - Initial add of changelog tag for trousers CVS