58a749e2c2
The rust-toolset macros in RHEL 10 are now compatible with Fedora's in terms of handling vendoring and automatic generation of license information and bundled provides.
386 lines
13 KiB
RPMSpec
386 lines
13 KiB
RPMSpec
%global dracutlibdir %{_prefix}/lib/dracut
|
|
%bcond_without check
|
|
%global combined_license Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR ISC OR MIT) AND (Apache-2.0 OR MIT) AND ((Apache-2.0 OR MIT) AND BSD-3-Clause) AND (Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT) AND BSD-2-Clause AND BSD-3-Clause AND (CC0-1.0 OR Apache-2.0) AND (CC0-1.0 OR MIT-0 OR Apache 2.0) AND ISC AND MIT AND ((MIT OR Apache-2.0) AND Unicode-DFS-2016) AND (Apache-2.0 OR MIT OR Zlib) AND MPL-2.0 AND (Unlicense OR MIT)
|
|
|
|
Name: fido-device-onboard
|
|
Version: 0.4.12
|
|
Release: 9%{?dist}
|
|
Summary: A rust implementation of the FIDO Device Onboard Specification
|
|
License: BSD-3-Clause
|
|
|
|
URL: https://github.com/fedora-iot/fido-device-onboard-rs
|
|
Source0: %{url}/archive/v%{version}/%{name}-rs-%{version}.tar.gz
|
|
# See make-vendored-tarfile.sh in upstream repo
|
|
Source1: %{name}-rs-%{version}-vendor-patched.tar.xz
|
|
Patch0: 0001-hack-drop-shadow.patch
|
|
Patch1: 0001-fix-drop-unused-sha-crypt-dep.patch
|
|
Patch3: 0001-fix-relabel-devcreds-before-onboarding.patch
|
|
Patch4: fdo-bump-devicemapper-libcryptosetup.patch
|
|
|
|
# fixes for vendored dependencies
|
|
Patch100: fix-aws-nitro-enclaves-cose.patch
|
|
|
|
# Because nobody cares
|
|
ExcludeArch: %{ix86}
|
|
|
|
%if 0%{?rhel}
|
|
BuildRequires: rust-toolset
|
|
%else
|
|
BuildRequires: rust-packaging
|
|
%endif
|
|
BuildRequires: clang-devel
|
|
BuildRequires: cryptsetup-devel
|
|
BuildRequires: device-mapper-devel
|
|
BuildRequires: golang
|
|
BuildRequires: openssl-devel >= 3.0.1-12
|
|
BuildRequires: systemd-rpm-macros
|
|
BuildRequires: tpm2-tss-devel
|
|
|
|
%description
|
|
%{summary}.
|
|
|
|
%prep
|
|
%setup -q -n %{name}-rs-%{version}
|
|
%patch -P0 -p1
|
|
%patch -P1 -p1
|
|
%patch -P3 -p1
|
|
%patch -P4 -p1
|
|
|
|
%if 0%{?rhel}
|
|
%if 0%{?rhel} >= 10
|
|
tar xf %{SOURCE1}
|
|
%cargo_prep -v vendor
|
|
%else
|
|
%cargo_prep -V 1
|
|
%endif
|
|
# patch vendored dependencies
|
|
%patch -P100 -p1
|
|
%else
|
|
%cargo_prep
|
|
%generate_buildrequires
|
|
%cargo_generate_buildrequires -a
|
|
%endif
|
|
|
|
%build
|
|
%cargo_build \
|
|
-F openssl-kdf/deny_custom
|
|
|
|
%{?cargo_license_summary}
|
|
%{?cargo_license} > LICENSE.dependencies
|
|
%if 0%{?rhel} >= 10
|
|
%cargo_vendor_manifest
|
|
%endif
|
|
|
|
%install
|
|
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-client-linuxapp
|
|
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-manufacturing-client
|
|
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-manufacturing-server
|
|
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-owner-onboarding-server
|
|
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-rendezvous-server
|
|
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-serviceinfo-api-server
|
|
install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-owner-tool
|
|
install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-admin-tool
|
|
install -D -m 0644 -t %{buildroot}%{_unitdir} examples/systemd/*
|
|
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo examples/config/*
|
|
# duplicates as needed by AIO command so link them
|
|
ln -s %{_bindir}/fdo-owner-tool %{buildroot}%{_libexecdir}/fdo/fdo-owner-tool
|
|
ln -s %{_bindir}/fdo-admin-tool %{buildroot}%{_libexecdir}/fdo/fdo-admin-tool
|
|
# Create directories needed by the various services so we own them
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/keys
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/manufacturer_keys
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/manufacturing_sessions
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/owner_onboarding_sessions
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/owner_vouchers
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/rendezvous_registered
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/rendezvous_sessions
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/manufacturing-server.conf.d
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/owner-onboarding-server.conf.d
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/rendezvous-server.conf.d
|
|
mkdir -p %{buildroot}%{_sysconfdir}/fdo/serviceinfo-api-server.conf.d
|
|
mkdir -p %{buildroot}%{_localstatedir}/lib/fdo
|
|
# Dracut manufacturing service
|
|
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/module-setup.sh
|
|
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client-generator
|
|
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client-service
|
|
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client.service
|
|
|
|
%package -n fdo-init
|
|
Summary: dracut module for device initialization
|
|
License: %combined_license
|
|
Requires: openssl-libs >= 3.0.1-12
|
|
Requires: dracut
|
|
%description -n fdo-init
|
|
%{summary}
|
|
|
|
%files -n fdo-init
|
|
%license LICENSE LICENSE.dependencies
|
|
%if 0%{?rhel} >= 10
|
|
%license cargo-vendor.txt
|
|
%endif
|
|
%{dracutlibdir}/modules.d/52fdo/
|
|
%{_libexecdir}/fdo/fdo-manufacturing-client
|
|
|
|
%package -n fdo-owner-onboarding-server
|
|
Summary: FDO Owner Onboarding Server implementation
|
|
License: %combined_license
|
|
Requires: openssl-libs >= 3.0.1-12
|
|
%description -n fdo-owner-onboarding-server
|
|
%{summary}
|
|
|
|
%files -n fdo-owner-onboarding-server
|
|
%license LICENSE LICENSE.dependencies
|
|
%if 0%{?rhel} >= 10
|
|
%license cargo-vendor.txt
|
|
%endif
|
|
%dir %{_sysconfdir}/fdo
|
|
%dir %{_sysconfdir}/fdo/keys
|
|
%dir %{_sysconfdir}/fdo/owner-onboarding-server.conf.d
|
|
%dir %{_sysconfdir}/fdo/serviceinfo-api-server.conf.d
|
|
%dir %{_sysconfdir}/fdo/stores
|
|
%dir %{_sysconfdir}/fdo/stores/owner_onboarding_sessions
|
|
%dir %{_sysconfdir}/fdo/stores/owner_vouchers
|
|
%{_libexecdir}/fdo/fdo-owner-onboarding-server
|
|
%{_libexecdir}/fdo/fdo-serviceinfo-api-server
|
|
%dir %{_localstatedir}/lib/fdo
|
|
%dir %{_docdir}/fdo
|
|
%{_docdir}/fdo/device_specific_serviceinfo.yml
|
|
%{_docdir}/fdo/serviceinfo-api-server.yml
|
|
%{_docdir}/fdo/owner-onboarding-server.yml
|
|
%{_unitdir}/fdo-serviceinfo-api-server.service
|
|
%{_unitdir}/fdo-owner-onboarding-server.service
|
|
|
|
%post -n fdo-owner-onboarding-server
|
|
%systemd_post fdo-owner-onboarding-server.service
|
|
%systemd_post fdo-serviceinfo-api-server.service
|
|
|
|
%preun -n fdo-owner-onboarding-server
|
|
%systemd_preun fdo-owner-onboarding-server.service
|
|
%systemd_post fdo-serviceinfo-api-server.service
|
|
|
|
%postun -n fdo-owner-onboarding-server
|
|
%systemd_postun_with_restart fdo-owner-onboarding-server.service
|
|
%systemd_postun_with_restart fdo-serviceinfo-api-server.service
|
|
|
|
%package -n fdo-rendezvous-server
|
|
Summary: FDO Rendezvous Server implementation
|
|
License: %combined_license
|
|
%description -n fdo-rendezvous-server
|
|
%{summary}
|
|
|
|
%files -n fdo-rendezvous-server
|
|
%license LICENSE LICENSE.dependencies
|
|
%if 0%{?rhel} >= 10
|
|
%license cargo-vendor.txt
|
|
%endif
|
|
%dir %{_sysconfdir}/fdo
|
|
%dir %{_sysconfdir}/fdo/keys
|
|
%dir %{_sysconfdir}/fdo/rendezvous-server.conf.d
|
|
%dir %{_sysconfdir}/fdo/stores
|
|
%dir %{_sysconfdir}/fdo/stores/rendezvous_registered
|
|
%dir %{_sysconfdir}/fdo/stores/rendezvous_sessions
|
|
%{_libexecdir}/fdo/fdo-rendezvous-server
|
|
%dir %{_localstatedir}/lib/fdo
|
|
%dir %{_docdir}/fdo
|
|
%{_docdir}/fdo/rendezvous-*.yml
|
|
%{_unitdir}/fdo-rendezvous-server.service
|
|
|
|
%post -n fdo-rendezvous-server
|
|
%systemd_post fdo-rendezvous-server.service
|
|
|
|
%preun -n fdo-rendezvous-server
|
|
%systemd_preun fdo-rendezvous-server.service
|
|
|
|
%postun -n fdo-rendezvous-server
|
|
%systemd_postun_with_restart fdo-rendezvous-server.service
|
|
|
|
%package -n fdo-manufacturing-server
|
|
Summary: FDO Manufacturing Server implementation
|
|
License: %combined_license
|
|
Requires: openssl-libs >= 3.0.1-12
|
|
%description -n fdo-manufacturing-server
|
|
%{summary}
|
|
|
|
%files -n fdo-manufacturing-server
|
|
%license LICENSE LICENSE.dependencies
|
|
%if 0%{?rhel} >= 10
|
|
%license cargo-vendor.txt
|
|
%endif
|
|
%dir %{_sysconfdir}/fdo
|
|
%dir %{_sysconfdir}/fdo/keys
|
|
%dir %{_sysconfdir}/fdo/manufacturing-server.conf.d
|
|
%dir %{_sysconfdir}/fdo/keys
|
|
%dir %{_sysconfdir}/fdo/stores
|
|
%dir %{_sysconfdir}/fdo/stores/manufacturer_keys
|
|
%dir %{_sysconfdir}/fdo/stores/manufacturing_sessions
|
|
%{_libexecdir}/fdo/fdo-manufacturing-server
|
|
%dir %{_localstatedir}/lib/fdo
|
|
%dir %{_docdir}/fdo
|
|
%{_docdir}/fdo/manufacturing-server.yml
|
|
%{_unitdir}/fdo-manufacturing-server.service
|
|
|
|
%post -n fdo-manufacturing-server
|
|
%systemd_post fdo-manufacturing-server.service
|
|
|
|
%preun -n fdo-manufacturing-server
|
|
%systemd_preun fdo-manufacturing-server.service
|
|
|
|
%postun -n fdo-manufacturing-server
|
|
%systemd_postun_with_restart fdo-manufacturing-server.service
|
|
|
|
%package -n fdo-client
|
|
Summary: FDO Client implementation
|
|
License: %combined_license
|
|
Requires: openssl-libs >= 3.0.1-12
|
|
Requires: clevis
|
|
Requires: clevis-luks
|
|
Requires: clevis-pin-tpm2
|
|
Requires: cryptsetup
|
|
%description -n fdo-client
|
|
%{summary}
|
|
|
|
%files -n fdo-client
|
|
%if 0%{?rhel} >= 10
|
|
%license cargo-vendor.txt
|
|
%endif
|
|
%license LICENSE LICENSE.dependencies
|
|
%{_libexecdir}/fdo/fdo-client-linuxapp
|
|
%{_unitdir}/fdo-client-linuxapp.service
|
|
|
|
%post -n fdo-client
|
|
%systemd_post fdo-client-linuxapp.service
|
|
|
|
%preun -n fdo-client
|
|
%systemd_preun fdo-client-linuxapp.service
|
|
|
|
%postun -n fdo-client
|
|
%systemd_postun_with_restart fdo-client-linuxapp.service
|
|
|
|
%package -n fdo-owner-cli
|
|
Summary: FDO Owner tools implementation
|
|
License: %combined_license
|
|
%description -n fdo-owner-cli
|
|
%{summary}
|
|
|
|
%files -n fdo-owner-cli
|
|
%if 0%{?rhel} >= 10
|
|
%license cargo-vendor.txt
|
|
%endif
|
|
%license LICENSE LICENSE.dependencies
|
|
%{_bindir}/fdo-owner-tool
|
|
%{_libexecdir}/fdo/fdo-owner-tool
|
|
|
|
%package -n fdo-admin-cli
|
|
Summary: FDO admin tools implementation
|
|
License: %combined_license
|
|
Requires: fdo-manufacturing-server = %{version}-%{release}
|
|
Requires: fdo-rendezvous-server = %{version}-%{release}
|
|
Requires: fdo-owner-onboarding-server = %{version}-%{release}
|
|
Requires: fdo-owner-cli = %{version}-%{release}
|
|
Requires: fdo-client = %{version}-%{release}
|
|
Requires: fdo-init = %{version}-%{release}
|
|
%description -n fdo-admin-cli
|
|
%{summary}
|
|
|
|
%files -n fdo-admin-cli
|
|
%if 0%{?rhel} >= 10
|
|
%license cargo-vendor.txt
|
|
%endif
|
|
%license LICENSE LICENSE.dependencies
|
|
%dir %{_sysconfdir}/fdo
|
|
%dir %{_sysconfdir}/fdo/keys
|
|
%{_bindir}/fdo-admin-tool
|
|
%{_libexecdir}/fdo/fdo-admin-tool
|
|
%{_unitdir}/fdo-aio.service
|
|
|
|
%post -n fdo-admin-cli
|
|
%systemd_post fdo-aio.service
|
|
|
|
%preun -n fdo-admin-cli
|
|
%systemd_preun fdo-aio.service
|
|
|
|
%postun -n fdo-admin-cli
|
|
%systemd_postun_with_restart fdo-aio.service
|
|
|
|
%changelog
|
|
* Sun Feb 04 2024 Yaakov Selkowitz <yselkowi@redhat.com> - 0.4.12-9
|
|
- Update Rust macro usage
|
|
|
|
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.12-8
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
|
|
|
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.12-7
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
|
|
|
* Mon Jan 08 2024 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-6
|
|
- Rebuild for fixed dependencies
|
|
|
|
* Fri Dec 01 2023 Fabio Valentini <decathorpe@gmail.com> - 0.4.12-5
|
|
- Rebuild for openssl crate >= v0.10.60 (RUSTSEC-2023-0044, RUSTSEC-2023-0072)
|
|
|
|
* Wed Aug 23 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-4
|
|
- Ensure client service fix is applied
|
|
|
|
* Tue Aug 22 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-3
|
|
- Own var/lib/fdo, SELinux fixes
|
|
|
|
* Thu Aug 17 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-2
|
|
- Add client/init deps to fdo-admin-cli
|
|
|
|
* Thu Jul 27 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-1
|
|
- Update to 0.4.12
|
|
|
|
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.10-3
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
|
|
|
* Mon Jul 03 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.10-2
|
|
- Updates for eln/c9s building
|
|
|
|
* Fri Jun 23 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.10-1
|
|
- Update to 0.4.10
|
|
|
|
* Wed Jun 14 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-5
|
|
- More spec updates
|
|
|
|
* Wed Jun 14 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-4
|
|
- Add patch for libcryptsetup-rs 0.8 API changes
|
|
|
|
* Tue Jun 13 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-3
|
|
- Updates for licenses
|
|
|
|
* Tue May 30 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-2
|
|
- Review feedback
|
|
- Patch for libcryptsetup-rs 0.7
|
|
|
|
* Thu May 11 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-1
|
|
- Update to 0.4.9
|
|
|
|
* Mon Feb 20 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-3
|
|
- Fix services start
|
|
|
|
* Wed Feb 15 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-2
|
|
- Upstream fix for rhbz#2168089
|
|
|
|
* Wed Nov 30 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-1
|
|
- Update to 0.4.7
|
|
- Package updates and cleanup
|
|
|
|
* Tue Mar 29 2022 Antonio Murdaca <runcom@linux.com> - 0.4.5-1
|
|
- bump to 0.4.5
|
|
|
|
* Mon Feb 28 2022 Antonio Murdaca <runcom@linux.com> - 0.4.0-2
|
|
- fix runtime requirements to use openssl-libs and not -devel
|
|
|
|
* Thu Feb 24 2022 Antonio Murdaca <runcom@linux.com> - 0.4.0-1
|
|
- upgrade to 0.4.0
|
|
|
|
* Tue Feb 01 2022 Antonio Murdaca <runcom@linux.com> - 0.3.0-1
|
|
- bump to 0.3.0
|
|
|
|
* Tue Jan 11 2022 Antonio Murdaca <runcom@linux.com> - 0.2.0-2
|
|
- use patched vendor w/o win files and rename license
|
|
|
|
* Mon Dec 13 2021 Antonio Murdaca <runcom@linux.com> - 0.2.0-1
|
|
- import fido-device-onboard
|