123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347 |
- %bcond_with systemd
- %global _unpackaged_files_terminate_build 1
- Name: trousers
- Summary: TCG's Software Stack v1.2
- Version: 0.3.14
- Release: 1%{?_dist_release}%{?with_systemd:.systemd}
- Group: system
- Vendor: Project Vine
- Distribution: Vine Linux
- License: BSD
- URL: http://trousers.sourceforge.net
- Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
- Source1: tcsd.service
- Source1000: tcsd.init
- Patch1: trousers-0.3.14-noinline.patch
- # submitted upstream
- Patch2: trousers-0.3.14-unlock-in-err-path.patch
- Patch3: trousers-0.3.14-fix-indent-obj_policy.patch
- Patch4: trousers-0.3.14-double-free.patch
- Patch5: trousers-0.3.14-fix-indent-tspi_key.patch
- Patch6: trousers-0.3.14-tcsd-header-fix.patch
- Patch1003: 0003-trousers-clean-up-use-after-free-in-Transport_Termin.patch
- Patch1005: 0005-Correct-multiple-security-issues-that-are-present-if.patch
- BuildRequires: libtool, openssl-devel
- Requires(pre): shadow-utils
- Requires: %{name}-lib%{?_isa} = %{version}-%{release}
- %if %{with systemd}
- BuildRequires: systemd
- Requires(post): systemd-units
- Requires(preun): systemd-units
- Requires(postun): systemd-units
- %endif
- %description
- TrouSerS is an implementation of the Trusted Computing Group's Software Stack
- (TSS) specification. You can use TrouSerS to write applications that make use
- of your TPM hardware. TPM hardware can create, store and use RSA keys
- securely (without ever being exposed in memory), verify a platform's software
- state using cryptographic hashes and more.
- %package lib
- Summary: TrouSerS libtspi library
- Group: system
- # Needed obsoletes due to the -lib subpackage split
- Obsoletes: trousers < 0.3.13-4
- %description lib
- The libtspi library for use in Trusted Computing enabled applications.
- %package static
- Summary: TrouSerS TCG Device Driver Library
- Group: programming
- Requires: %{name}-devel%{?_isa} = %{version}-%{release}
- %description static
- The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the
- interface to the TPM's device driver. For more information about writing
- applications to the TDDL interface, see the latest TSS spec at
- https://www.trustedcomputinggroup.org/specs/TSS.
- %package devel
- Summary: TrouSerS header files and documentation
- Group: programming
- Requires: %{name}-lib%{?_isa} = %{version}-%{release}
- %description devel
- Header files and man pages for use in creating Trusted Computing enabled
- applications.
- %prep
- %setup -q -c
- %autopatch -p1
- # fix man page paths
- sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in
- %build
- %configure --with-gui=openssl
- make -k %{?_smp_mflags}
- %install
- mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm
- make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p"
- rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la
- %if %{with systemd}
- mkdir -p $RPM_BUILD_ROOT%{_unitdir}
- install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/
- %else
- mkdir -p $RPM_BUILD_ROOT%{_initdir}
- install -m 0755 %{SOURCE1000} $RPM_BUILD_ROOT%{_initdir}/tcsd
- %endif
- %pre
- getent group tss >/dev/null || groupadd -g 59 -r tss
- getent passwd tss >/dev/null || \
- useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \
- -c "Account used by the trousers package to sandbox the tcsd daemon" tss
- exit 0
- %post
- %if %{with systemd}
- %systemd_post tcsd.service
- %else
- /sbin/chkconfig --add tcsd
- %endif
- %preun
- %if %{with systemd}
- %systemd_preun tcsd.service
- %else
- if [ $1 -eq 0 -o -x /bin/systemctl ]; then
- /sbin/service tcsd stop
- /sbin/chkconfig --del tcsd
- fi
- %endif
- %postun
- %if %{with systemd}
- %systemd_postun_with_restart tcsd.service
- %else
- if [ $1 -gt 0 ]; then
- /sbin/service tcsd condrestart
- fi
- %endif
- %post lib -p /sbin/ldconfig
- %postun lib -p /sbin/ldconfig
- %files
- %doc README ChangeLog
- %{_sbindir}/tcsd
- %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf
- %{_mandir}/man5/*
- %{_mandir}/man8/*
- %if %{with systemd}
- %attr(644,root,root) %{_unitdir}/tcsd.service
- %else
- %{_initdir}/tcsd
- %endif
- %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/
- %files lib
- %{!?_licensedir:%global license %%doc}
- %license LICENSE
- %{_libdir}/libtspi.so.?
- %{_libdir}/libtspi.so.?.?.?
- %files devel
- # The files to be used by developers, 'trousers-devel'
- %doc doc/LTC-TSS_LLD_08_r2.pdf doc/TSS_programming_SNAFUs.txt
- %attr(0755, root, root) %{_libdir}/libtspi.so
- %{_includedir}/tss/
- %{_includedir}/trousers/
- %{_mandir}/man3/Tspi_*
- %files static
- # The only static library shipped by trousers, the TDDL
- %{_libdir}/libtddl.a
- %changelog
- * Tue Aug 18 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.14-1
- - new upstream release.
- - dropped Patch1 and 2.
- - imported Patch1-6 from rawhide.
- - imported Patch1003 and 1005 from upstream to fix vulnerabilities.
- * Wed Nov 07 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.13-12
- - rebuilt with openssl-1.1.1.
- - enabled Patch2.
- * Mon Mar 05 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 0.3.13-11
- - initial build for Vine Linux.
- * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-10
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
- * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-9
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
- * Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-8
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
- * Tue Feb 7 2017 Peter Robinson <pbrobinson@fedoraproject.org> 0.3.13-7
- - Add patch for OpenSSL 1.1
- * Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.13-6
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
- * Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-5
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
- * Tue May 26 2015 Tomáš Mráz <tmraz@redhat.com> 0.3.13-4
- - Split libtspi to a trousers-lib subpackage (#1225062)
- - Fix FTBFS with current gcc (drop inline keyword when bogus)
- * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-3
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
- * Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.13-2
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
- * Thu May 15 2014 Steve Grubb <sgrubb@redhat.com> 0.3.13-1
- - New upstream bug fix release
- * Tue Mar 18 2014 Steve Grubb <sgrubb@redhat.com> 0.3.11.2-3
- - Fix crash when linking libgnutls and libmysqlclient (#1069079)
- - Don't order tcsd after syslog.target (#1055198)
- * Thu Feb 13 2014 Peter Robinson <pbrobinson@fedoraproject.org> 0.3.11.2-2
- - Minor spec cleanups
- * Mon Aug 19 2013 Steve Grubb <sgrubb@redhat.com> 0.3.11.2-1
- - New upstream bug fix and license change release
- * Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.10-4
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
- * Sun Jun 02 2013 Steve Grubb <sgrubb@redhat.com> 0.3.10-3
- - Remove +x bit from service file (#963916)
- * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.10-2
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
- * Tue Sep 25 2012 Steve Grubb <sgrubb@redhat.com> 0.3.10-1
- - New upstream bug fix release
- * Thu Aug 30 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-4
- - Make daemon full RELRO
- * Mon Aug 27 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-3
- - bz #836476 - Provide native systemd service
- * Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-2
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
- * Thu Jun 21 2012 Steve Grubb <sgrubb@redhat.com> 0.3.9-1
- - New upstream bug fix release
- * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.6-2
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
- * Fri Apr 08 2011 Steve Grubb <sgrubb@redhat.com> 0.3.6-1
- - New upstream bug fix release
- * Thu Feb 10 2011 Miloš Jakubíček <xjakub@fi.muni.cz> - 0.3.4-5
- - Fix paths in man pages, mark them as %%doc -- fix BZ#676394
- * Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.4-4
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
- * Sat May 01 2010 Miloš Jakubíček <xjakub@fi.muni.cz> - 0.3.4-3
- - Fix init script to conform to Fedora guidelines
- - Do not overuse macros
- * Mon Feb 08 2010 Steve Grubb <sgrubb@redhat.com> 0.3.4-2
- - Fix issue freeing a data structure
- * Fri Jan 29 2010 Steve Grubb <sgrubb@redhat.com> 0.3.4-1
- - New upstream bug fix release
- - Upstream requested the tpm-emulator patch be dropped
- * Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.3.1-19
- - rebuilt with new openssl
- * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-18
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
- * Thu May 14 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-17
- - Do not overuse macros.
- - Removed unnecessary file requirements on chkconfig, ldconfig and service,
- now requiring the initscripts and chkconfig packages.
- * Wed May 06 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-16
- - Fix a typo in groupadd causing the %%pre scriptlet to fail (resolves BZ#486155).
- * Mon Apr 27 2009 Milos Jakubicek <xjakub@fi.muni.cz> - 0.3.1-15
- - Fix FTBFS: added trousers-0.3.1-gcc44.patch
- * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.1-14
- - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
- * Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 0.3.1-13
- - rebuild with new openssl
- * Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.3.1-12
- - Bump release to avoid wrong tag in rawhide
- * Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.3.1-11
- - Work around SELinux namespace pollution (#464037)
- - Use SO_REUSEADDR
- - Use TPM emulator if it's available and no hardware is
- * Fri Aug 08 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-10
- - Use the uid/gid pair assigned to trousers from BZ#457593
- * Fri Aug 01 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-9
- - Incorporated changes from the RHEL package which were done by Steve Grubb
- * Wed Jun 04 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-8
- - Fix cast issue preventing successful build on ppc64 and x86_64
- * Tue Jun 03 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-7
- - Fix for BZ #434267 and #440733. Patch authored by Debora Velarde
- * Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.3.1-6
- - Autorebuild for GCC 4.3
- * Mon Dec 17 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-5
- - Updated static rpm's comment line (too long)
- * Thu Dec 13 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-4
- - Updated specfile for RHBZ#323441 comment #28
- * Wed Dec 12 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-3
- - Updated specfile for RHBZ#323441 comment #22
- * Wed Nov 28 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-2
- - Updated to include the include dirs in the devel package;
- added the no-install-hooks patch
- * Wed Nov 28 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1-1
- - Updated specfile for RHBZ#323441 comment #13
- * Mon Nov 12 2007 Kent Yoder <kyoder@users.sf.net> - 0.3.1
- - Updated specfile for comments in RHBZ#323441
- * Wed Jun 07 2006 Kent Yoder <kyoder@users.sf.net> - 0.2.6-1
- - Updated build section to use smp_mflags
- - Removed .la file from installed dest and files section
- * Tue Jun 06 2006 Kent Yoder <kyoder@users.sf.net> - 0.2.6-1
- - Initial add of changelog tag for trousers CVS
|