import ima-evm-utils-1.1-4.el8
This commit is contained in:
commit
de05ba5722
|
@ -0,0 +1 @@
|
|||
SOURCES/ima-evm-utils-1.1.tar.gz
|
|
@ -0,0 +1 @@
|
|||
58705b3544ae6e650042374dba535c0b3837b8fc SOURCES/ima-evm-utils-1.1.tar.gz
|
|
@ -0,0 +1,19 @@
|
|||
diff --git a/configure.ac b/configure.ac
|
||||
index 6822f39..34e4a81 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -36,9 +36,9 @@ AC_CHECK_HEADERS(keyutils.h, , [AC_MSG_ERROR([keyutils.h header not found. You n
|
||||
#debug support - yes for a while
|
||||
PKG_ARG_ENABLE(debug, "yes", DEBUG, [Enable Debug support])
|
||||
if test $pkg_cv_enable_debug = yes; then
|
||||
- CFLAGS="$CFLAGS -g -O1 -Wall -Wstrict-prototypes -pipe"
|
||||
+ CFLAGS="$CFLAGS -g -O2 -Wall -Wstrict-prototypes -pipe"
|
||||
else
|
||||
- CFLAGS="$CFLAGS -Wall -Wstrict-prototypes -pipe -fomit-frame-pointer"
|
||||
+ CFLAGS="$CFLAGS -O2 -Wall -Wstrict-prototypes -pipe -fomit-frame-pointer"
|
||||
fi
|
||||
|
||||
# for gcov
|
||||
--
|
||||
2.14.4
|
||||
|
|
@ -0,0 +1,45 @@
|
|||
diff --git a/src/evmctl.c b/src/evmctl.c
|
||||
index 2ffee78..b80a1c9 100644
|
||||
--- a/src/evmctl.c
|
||||
+++ b/src/evmctl.c
|
||||
@@ -1716,7 +1716,7 @@ static char *get_password(void)
|
||||
|
||||
if (tcsetattr(fileno(stdin), TCSANOW, &tmp_flags) != 0) {
|
||||
perror("tcsetattr");
|
||||
- return NULL;
|
||||
+ goto get_pwd_err;
|
||||
}
|
||||
|
||||
printf("PEM password: ");
|
||||
@@ -1725,10 +1725,14 @@ static char *get_password(void)
|
||||
/* restore terminal */
|
||||
if (tcsetattr(fileno(stdin), TCSANOW, &flags) != 0) {
|
||||
perror("tcsetattr");
|
||||
- return NULL;
|
||||
+ goto get_pwd_err;
|
||||
}
|
||||
|
||||
+ free(password);
|
||||
return pwd;
|
||||
+get_pwd_err:
|
||||
+ free(password);
|
||||
+ return NULL;
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
diff --git a/src/libimaevm.c b/src/libimaevm.c
|
||||
index 6fa0ed4..39582f2 100644
|
||||
--- a/src/libimaevm.c
|
||||
+++ b/src/libimaevm.c
|
||||
@@ -466,6 +466,8 @@ void init_public_keys(const char *keyfiles)
|
||||
entry->next = public_keys;
|
||||
public_keys = entry;
|
||||
}
|
||||
+
|
||||
+ free(tmp_keyfiles);
|
||||
}
|
||||
|
||||
int verify_hash_v2(const char *file, const unsigned char *hash, int size,
|
||||
--
|
||||
2.14.4
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
diff -urNp ima-evm-utils-1.0-orig/Makefile.am ima-evm-utils-1.0/Makefile.am
|
||||
--- ima-evm-utils-1.0-orig/Makefile.am 2015-07-30 15:28:53.000000000 -0300
|
||||
+++ ima-evm-utils-1.0/Makefile.am 2017-11-20 16:20:04.245591165 -0200
|
||||
@@ -24,7 +24,7 @@ rpm: $(tarname)
|
||||
rpmbuild -ba --nodeps $(SPEC)
|
||||
|
||||
# requires asciidoc, xslproc, docbook-xsl
|
||||
-MANPAGE_DOCBOOK_XSL = /usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl
|
||||
+MANPAGE_DOCBOOK_XSL = /usr/share/sgml/docbook/xsl-stylesheets/manpages/docbook.xsl
|
||||
|
||||
evmctl.1.html: README
|
||||
@asciidoc -o $@ $<
|
|
@ -0,0 +1,129 @@
|
|||
Summary: IMA/EVM support utilities
|
||||
Name: ima-evm-utils
|
||||
Version: 1.1
|
||||
Release: 4%{?dist}
|
||||
License: GPLv2
|
||||
Url: http://linux-ima.sourceforge.net/
|
||||
Source: http://sourceforge.net/projects/linux-ima/files/ima-evm-utils/%{name}-%{version}.tar.gz
|
||||
BuildRequires: autoconf automake libtool m4 asciidoc libxslt
|
||||
BuildRequires: openssl-devel libattr-devel keyutils-libs-devel
|
||||
Patch1: docbook-xsl-path.patch
|
||||
Patch2: covscan-memory-leaks.patch
|
||||
Patch3: annocheck-opt-flag.patch
|
||||
|
||||
%description
|
||||
The Trusted Computing Group(TCG) run-time Integrity Measurement Architecture
|
||||
(IMA) maintains a list of hash values of executables and other sensitive
|
||||
system files, as they are read or executed. These are stored in the file
|
||||
systems extended attributes. The Extended Verification Module (EVM) prevents
|
||||
unauthorized changes to these extended attributes on the file system.
|
||||
ima-evm-utils is used to prepare the file system for these extended attributes.
|
||||
|
||||
%package devel
|
||||
Summary: Development files for %{name}
|
||||
|
||||
%description devel
|
||||
This package provides the header files for %{name}
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
|
||||
%build
|
||||
mkdir -p m4
|
||||
autoreconf -f -i
|
||||
%configure --disable-static
|
||||
make %{?_smp_mflags}
|
||||
|
||||
%install
|
||||
make DESTDIR=%{buildroot} install
|
||||
find %{buildroot}%{_libdir} -type f -name "*.la" -print -delete
|
||||
|
||||
%ldconfig_scriptlets
|
||||
|
||||
%files devel
|
||||
%{_pkgdocdir}/*.sh
|
||||
%{_includedir}/*
|
||||
%{_libdir}/libimaevm.so
|
||||
|
||||
%files
|
||||
%doc ChangeLog README AUTHORS
|
||||
%license COPYING
|
||||
%{_bindir}/*
|
||||
%{_libdir}/libimaevm.so.*
|
||||
%{_mandir}/man1/*
|
||||
|
||||
%changelog
|
||||
* Mon Oct 29 2018 Bruno E. O. Meneguele <bmeneg@redhat.com> - 1.1-4
|
||||
- Solve a single memory leak not handled by the last patch
|
||||
|
||||
* Thu Oct 25 2018 Bruno E. O. Meneguele <bmeneg@redhat.com> - 1.1-3
|
||||
- Solve memory leaks pointed by covscan tool
|
||||
- Add optimization flag O2 during compilation to satisfy annocheck tool
|
||||
|
||||
* Fri Mar 02 2018 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.1-2
|
||||
- Remove libtool files
|
||||
- Run ldconfig scriptlets after un/installing
|
||||
- Add -devel subpackage to handle include files and examples
|
||||
- Disable any static file in the package
|
||||
|
||||
* Fri Feb 16 2018 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.1-1
|
||||
- New upstream release
|
||||
- Support for OpenSSL 1.1 was added directly to the source code in upstream,
|
||||
thus removing specific patch for it
|
||||
- Docbook xsl stylesheet updated to a local path
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Fri Feb 02 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.0-4
|
||||
- Switch to %%ldconfig_scriptlets
|
||||
|
||||
* Fri Dec 01 2017 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.0-3
|
||||
- Add OpenSSL 1.1 API support for the package, avoiding the need of
|
||||
compat-openssl10-devel package
|
||||
|
||||
* Mon Nov 20 2017 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.0-2
|
||||
- Adjusted docbook xsl path to match the correct stylesheet
|
||||
- Remove only *.la files, considering there aren't any *.a files
|
||||
|
||||
* Tue Sep 05 2017 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.0-1
|
||||
- New upstream release
|
||||
- Add OpenSSL 1.0 compatibility package, due to issues with OpenSSL 1.1
|
||||
- Remove libtool files
|
||||
- Run ldconfig after un/installation to update *.so files
|
||||
- Add -devel subpackage to handle include files and examples
|
||||
|
||||
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Tue Jan 26 2016 Lubomir Rintel <lkundrak@v3.sk> - 0.9-3
|
||||
- Fix FTBFS
|
||||
|
||||
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Fri Oct 31 2014 Avesh Agarwal <avagarwa@redhat.com> - 0.9-1
|
||||
- New upstream release
|
||||
- Applied a patch to fix man page issues.
|
||||
- Updated spec file
|
||||
|
||||
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Tue Aug 27 2013 Vivek Goyal <vgoyal@redhat.com> - 0.6-1
|
||||
- Initial package
|
Loading…
Reference in New Issue