|
|
|
@ -1,7 +1,3 @@
|
|
|
|
|
%global efi_vendor almalinux
|
|
|
|
|
%global efidir almalinux
|
|
|
|
|
%global efi_esp_dir /boot/efi/EFI/%{efidir}
|
|
|
|
|
|
|
|
|
|
%global glib2_version 2.45.8
|
|
|
|
|
%global libxmlb_version 0.1.3
|
|
|
|
|
%global libgusb_version 0.2.11
|
|
|
|
@ -44,7 +40,7 @@
|
|
|
|
|
Summary: Firmware update daemon
|
|
|
|
|
Name: fwupd
|
|
|
|
|
Version: 1.7.8
|
|
|
|
|
Release: 2%{?dist}.alma
|
|
|
|
|
Release: 2%{?dist}
|
|
|
|
|
License: LGPLv2+
|
|
|
|
|
URL: https://github.com/fwupd/fwupd
|
|
|
|
|
Source0: http://people.freedesktop.org/~hughsient/releases/%{name}-%{version}.tar.xz
|
|
|
|
@ -60,7 +56,10 @@ Source15: http://people.redhat.com/rhughes/dbx/DBXUpdate-20200729-x64.cab
|
|
|
|
|
|
|
|
|
|
# these are numbered high just to keep them wildly away from colliding with
|
|
|
|
|
# the real package sources, in order to reduce churn.
|
|
|
|
|
Source300: almalinuxsecurebootca0.cer
|
|
|
|
|
Source300: redhatsecurebootca3.cer
|
|
|
|
|
Source301: redhatsecureboot301.cer
|
|
|
|
|
Source500: redhatsecurebootca5.cer
|
|
|
|
|
Source503: redhatsecureboot503.cer
|
|
|
|
|
|
|
|
|
|
Patch1: 0001-redfish-Set-the-permissions-of-redfish.conf-at-insta.patch
|
|
|
|
|
Patch2: 0002-redfish-Only-create-users-using-IPMI-when-we-know-it.patch
|
|
|
|
@ -221,11 +220,11 @@ export RHEL_ALLOW_PYTHON2_FOR_BUILD=1
|
|
|
|
|
-Dplugin_uefi_capsule=true \
|
|
|
|
|
-Dplugin_uefi_pk=false \
|
|
|
|
|
%ifarch x86_64
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_id="almalinux" \
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_summary="AlmaLinux" \
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_id="rhel" \
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_summary="Red Hat Enterprise Linux" \
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_pkgname="%{name}" \
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_version="%{version}" \
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_url="mail:security@almalinux.org" \
|
|
|
|
|
-Dfwupd-efi:efi_sbat_distro_url="mail:secalert@redhat.com" \
|
|
|
|
|
-Dfwupd-efi:efi-libdir="/usr/lib64" \
|
|
|
|
|
%endif
|
|
|
|
|
-Dplugin_tpm=false \
|
|
|
|
@ -273,7 +272,9 @@ install %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15}
|
|
|
|
|
%ifarch x86_64
|
|
|
|
|
%global efiarch x64
|
|
|
|
|
%global fwup_efi_fn $RPM_BUILD_ROOT%{_libexecdir}/fwupd/efi/fwupd%{efiarch}.efi
|
|
|
|
|
%pesign -s -i %{fwup_efi_fn} -o %{fwup_efi_fn}.signed -a %{SOURCE300} -c %{SOURCE301} -n clsecureboot001
|
|
|
|
|
%pesign -s -i %{fwup_efi_fn} -o %{fwup_efi_fn}.tmp -a %{SOURCE300} -c %{SOURCE301} -n redhatsecureboot301
|
|
|
|
|
%pesign -s -i %{fwup_efi_fn}.tmp -o %{fwup_efi_fn}.signed -a %{SOURCE500} -c %{SOURCE503} -n redhatsecureboot503
|
|
|
|
|
rm -fv %{fwup_efi_fn}.tmp
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
mkdir -p --mode=0700 $RPM_BUILD_ROOT%{_localstatedir}/lib/fwupd/gnupg
|
|
|
|
@ -495,9 +496,6 @@ done
|
|
|
|
|
%if 0%{?have_uefi}
|
|
|
|
|
%{_datadir}/fwupd/uefi-capsule-ux.tar.xz
|
|
|
|
|
%endif
|
|
|
|
|
%if 0%{?have_modem_manager}
|
|
|
|
|
%{_libdir}/fwupd-plugins-3/libfu_plugin_modem_manager.so
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
|
%{_datadir}/gir-1.0/Fwupd-2.0.gir
|
|
|
|
@ -533,12 +531,10 @@ done
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Wed Sep 27 2023 Eduard Abdullin <eabdullin@almalinux.org> - 1.7.8-2.alma
|
|
|
|
|
- Use AlmaLinux cert
|
|
|
|
|
|
|
|
|
|
* Mon Feb 20 2023 Richard Hughes <richard@hughsie.com> 1.7.8-2
|
|
|
|
|
- Backport the Redfish security fixes which affect IDRAC.
|
|
|
|
|
- Resolves: rhbz#2170950
|
|
|
|
|
|
|
|
|
|
* Wed Jun 15 2022 Richard Hughes <richard@hughsie.com> 1.7.8-1
|
|
|
|
|
- New upstream release
|
|
|
|
|
- Resolves: rhbz#2095668
|
|
|
|
@ -670,7 +666,7 @@ done
|
|
|
|
|
* Wed Aug 29 2018 Richard Hughes <richard@hughsie.com> 1.1.1-5
|
|
|
|
|
- Include the certificates for secure boot signing
|
|
|
|
|
|
|
|
|
|
* Thu Aug 23 2018 Richard Hughes <richard@hughsie.com> 1.1.1-4
|
|
|
|
|
* Tue Aug 23 2018 Richard Hughes <richard@hughsie.com> 1.1.1-4
|
|
|
|
|
- Rebuild to get the EFI executable signed with the Red Hat key
|
|
|
|
|
|
|
|
|
|
* Thu Aug 23 2018 Richard Hughes <richard@hughsie.com> 1.1.1-3
|
|
|
|
|