import keylime-agent-rust-0.1.0~20220805git0186093-1.el9
This commit is contained in:
commit
8aad834d53
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
SOURCES/rust-keylime-0.1.0~20220805git0186093-vendor.tar.xz
|
||||||
|
SOURCES/rust-keylime-0.1.0~20220805git0186093.tar.gz
|
2
.keylime-agent-rust.metadata
Normal file
2
.keylime-agent-rust.metadata
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
3bf026abefc8a27da7f63c28b97895152099606e SOURCES/rust-keylime-0.1.0~20220805git0186093-vendor.tar.xz
|
||||||
|
f903f1da3ccdd1da4f58b4cefe9c64f502b0c117 SOURCES/rust-keylime-0.1.0~20220805git0186093.tar.gz
|
34
SOURCES/rust-keylime-adjust-features.patch
Normal file
34
SOURCES/rust-keylime-adjust-features.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
--- a/Cargo.toml 2022-08-25 12:16:51.789234342 +0200
|
||||||
|
+++ b/Cargo.toml 2022-08-25 12:21:45.451435220 +0200
|
||||||
|
@@ -39,28 +39,13 @@
|
||||||
|
static_assertions = "1"
|
||||||
|
tempfile = "3.0.4"
|
||||||
|
tokio = {version = "1.13.1", features = ["full"]}
|
||||||
|
-tss-esapi = "7.1.0"
|
||||||
|
+tss-esapi = {version="7.1.0", features = ["generate-bindings"]}
|
||||||
|
thiserror = "1.0"
|
||||||
|
uuid = {version = "0.8", features = ["v4"]}
|
||||||
|
-zmq = {version = "0.9.2", optional = true}
|
||||||
|
-# wiremock was moved to be a regular dependency because optional
|
||||||
|
-# dev-dependencies are not supported
|
||||||
|
-# see: https://github.com/rust-lang/cargo/issues/1596
|
||||||
|
-wiremock = {version = "0.5", optional = true}
|
||||||
|
|
||||||
|
[dev-dependencies]
|
||||||
|
actix-rt = "2"
|
||||||
|
|
||||||
|
[features]
|
||||||
|
-# The features enabled by default
|
||||||
|
-default = ["with-zmq", "legacy-python-actions"]
|
||||||
|
-# this should change to dev-dependencies when we have integration testing
|
||||||
|
-testing = ["wiremock"]
|
||||||
|
-# Whether the agent should be compiled with support to listen for notification
|
||||||
|
-# messages on ZeroMQ
|
||||||
|
-with-zmq = ["zmq"]
|
||||||
|
-# Whether the agent should be compiled with support for python revocation
|
||||||
|
-# actions loaded as modules, which is the only kind supported by the python
|
||||||
|
-# agent (unless the enhancement-55 is implemented). See:
|
||||||
|
-# https://github.com/keylime/enhancements/blob/master/55_revocation_actions_without_python.md
|
||||||
|
-legacy-python-actions = []
|
||||||
|
+# Removed default features to drop ZeroMQ and the need for the python shim
|
||||||
|
+default = []
|
380
SPECS/keylime-agent-rust.spec
Normal file
380
SPECS/keylime-agent-rust.spec
Normal file
@ -0,0 +1,380 @@
|
|||||||
|
# keylime-agent-rust.spec
|
||||||
|
# Generated by rust2rpm 20
|
||||||
|
|
||||||
|
%bcond_without check
|
||||||
|
|
||||||
|
%global crate keylime_agent
|
||||||
|
%global crate_version 0.1.0
|
||||||
|
|
||||||
|
%global commit 01860934f7308bc5ea1e68c8d858aea056620ce8
|
||||||
|
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||||
|
%global commitdate 20220805
|
||||||
|
|
||||||
|
# RHEL: Use bundled deps as it doesn't ship Rust libraries
|
||||||
|
%global bundled_rust_deps 1
|
||||||
|
|
||||||
|
Name: keylime-agent-rust
|
||||||
|
Version: %{crate_version}~%{commitdate}git%{shortcommit}
|
||||||
|
Release: 1%{?dist}
|
||||||
|
Summary: Rust agent for Keylime
|
||||||
|
|
||||||
|
# Upstream license specification: Apache-2.0
|
||||||
|
#
|
||||||
|
# The build dependencies have the following licenses:
|
||||||
|
#
|
||||||
|
# 0BSD or MIT or ASL 2.0
|
||||||
|
# ASL 2.0
|
||||||
|
# ASL 2.0 or Boost
|
||||||
|
# ASL 2.0 or MIT
|
||||||
|
# ASL 2.0 with exceptions
|
||||||
|
# BSD
|
||||||
|
# MIT
|
||||||
|
# MIT or ASL 2.0
|
||||||
|
# MIT or ASL 2.0 or zlib
|
||||||
|
# MIT or zlib or ASL 2.0
|
||||||
|
# Unlicense or MIT
|
||||||
|
# zlib or ASL 2.0 or MIT
|
||||||
|
#
|
||||||
|
License: ASL 2.0 and BSD and MIT
|
||||||
|
URL: https://github.com/keylime/rust-keylime/
|
||||||
|
# The source tarball is downloaded using the following commands:
|
||||||
|
# spectool -g keylime-agent-rust.spec
|
||||||
|
Source0: %{url}/archive/%{commit}/rust-keylime-%{version}.tar.gz
|
||||||
|
# The vendor tarball is created using cargo-vendor-filterer to remove Windows
|
||||||
|
# related files (https://github.com/cgwalters/cargo-vendor-filterer)
|
||||||
|
# tar xf rust-keylime-%%{version}.tar.gz
|
||||||
|
# cd rust-keylime-%%{version}
|
||||||
|
# cargo vendor-filterer --platform x86_64-unknown-linux-gnu \
|
||||||
|
# --platform powerpc64le-unknown-linux-gnu \
|
||||||
|
# --platform aarch64-unknown-linux-gnu \
|
||||||
|
# --platform i686-unknown-linux-gnu \
|
||||||
|
# --platform s390x-unknown-linux-gnu \
|
||||||
|
# --exclude-crate-path "libloading#tests"
|
||||||
|
# tar jcf rust-keylime-%%{version}-vendor.tar.xz vendor
|
||||||
|
Source1: rust-keylime-%{version}-vendor.tar.xz
|
||||||
|
# Drop dependencies and adjust the features
|
||||||
|
Patch0: rust-keylime-adjust-features.patch
|
||||||
|
|
||||||
|
ExclusiveArch: %{rust_arches}
|
||||||
|
|
||||||
|
Requires: tpm2-tss
|
||||||
|
|
||||||
|
# The keylime-base package provides the configuration file from the python
|
||||||
|
# implementation which ca be used for the rust implementation. It is available
|
||||||
|
# from Fedora 36
|
||||||
|
Requires: keylime-base
|
||||||
|
|
||||||
|
BuildRequires: systemd
|
||||||
|
BuildRequires: openssl-devel
|
||||||
|
BuildRequires: libarchive-devel
|
||||||
|
BuildRequires: tpm2-tss-devel
|
||||||
|
BuildRequires: rust-toolset
|
||||||
|
BuildRequires: clang
|
||||||
|
|
||||||
|
# Virtual Provides to support swapping between Python and Rust implementation
|
||||||
|
Provides: keylime-agent
|
||||||
|
Conflicts: keylime-agent
|
||||||
|
|
||||||
|
Provides: bundled(crate(actix-codec)) = 0.5.0
|
||||||
|
Provides: bundled(crate(actix-http)) = 3.0.4
|
||||||
|
Provides: bundled(crate(actix-macros)) = 0.2.3
|
||||||
|
Provides: bundled(crate(actix-router)) = 0.5.0
|
||||||
|
Provides: bundled(crate(actix-rt)) = 2.7.0
|
||||||
|
Provides: bundled(crate(actix-server)) = 2.1.1
|
||||||
|
Provides: bundled(crate(actix-service)) = 2.0.2
|
||||||
|
Provides: bundled(crate(actix-tls)) = 3.0.3
|
||||||
|
Provides: bundled(crate(actix-utils)) = 3.0.0
|
||||||
|
Provides: bundled(crate(actix-web)) = 4.0.1
|
||||||
|
Provides: bundled(crate(actix-web-codegen)) = 4.0.0
|
||||||
|
Provides: bundled(crate(adler)) = 1.0.2
|
||||||
|
Provides: bundled(crate(ahash)) = 0.4.7
|
||||||
|
Provides: bundled(crate(ahash)) = 0.7.6
|
||||||
|
Provides: bundled(crate(aho-corasick)) = 0.7.18
|
||||||
|
Provides: bundled(crate(alloc-no-stdlib)) = 2.0.3
|
||||||
|
Provides: bundled(crate(alloc-stdlib)) = 0.2.1
|
||||||
|
Provides: bundled(crate(ansi_term)) = 0.12.1
|
||||||
|
Provides: bundled(crate(atty)) = 0.2.14
|
||||||
|
Provides: bundled(crate(autocfg)) = 1.1.0
|
||||||
|
Provides: bundled(crate(base64)) = 0.13.0
|
||||||
|
Provides: bundled(crate(bindgen)) = 0.59.2
|
||||||
|
Provides: bundled(crate(bitfield)) = 0.13.2
|
||||||
|
Provides: bundled(crate(bitflags)) = 1.3.2
|
||||||
|
Provides: bundled(crate(block-buffer)) = 0.10.2
|
||||||
|
Provides: bundled(crate(brotli)) = 3.3.4
|
||||||
|
Provides: bundled(crate(brotli-decompressor)) = 2.3.2
|
||||||
|
Provides: bundled(crate(bytes)) = 1.1.0
|
||||||
|
Provides: bundled(crate(bytestring)) = 1.0.0
|
||||||
|
Provides: bundled(crate(cc)) = 1.0.73
|
||||||
|
Provides: bundled(crate(cexpr)) = 0.6.0
|
||||||
|
Provides: bundled(crate(cfg-if)) = 1.0.0
|
||||||
|
Provides: bundled(crate(clang-sys)) = 1.3.3
|
||||||
|
Provides: bundled(crate(clap)) = 2.34.0
|
||||||
|
Provides: bundled(crate(clap)) = 3.1.18
|
||||||
|
Provides: bundled(crate(clap_derive)) = 3.1.18
|
||||||
|
Provides: bundled(crate(clap_lex)) = 0.2.0
|
||||||
|
Provides: bundled(crate(compress-tools)) = 0.12.2
|
||||||
|
Provides: bundled(crate(convert_case)) = 0.4.0
|
||||||
|
Provides: bundled(crate(cookie)) = 0.16.0
|
||||||
|
Provides: bundled(crate(cpufeatures)) = 0.2.2
|
||||||
|
Provides: bundled(crate(crc32fast)) = 1.3.2
|
||||||
|
Provides: bundled(crate(crypto-common)) = 0.1.3
|
||||||
|
Provides: bundled(crate(derive_more)) = 0.99.17
|
||||||
|
Provides: bundled(crate(digest)) = 0.10.3
|
||||||
|
Provides: bundled(crate(dlv-list)) = 0.2.3
|
||||||
|
Provides: bundled(crate(either)) = 1.7.0
|
||||||
|
Provides: bundled(crate(encoding_rs)) = 0.8.31
|
||||||
|
Provides: bundled(crate(enumflags2)) = 0.7.5
|
||||||
|
Provides: bundled(crate(enumflags2_derive)) = 0.7.4
|
||||||
|
Provides: bundled(crate(env_logger)) = 0.7.1
|
||||||
|
Provides: bundled(crate(env_logger)) = 0.9.0
|
||||||
|
Provides: bundled(crate(fastrand)) = 1.7.0
|
||||||
|
Provides: bundled(crate(firestorm)) = 0.5.1
|
||||||
|
Provides: bundled(crate(flate2)) = 1.0.24
|
||||||
|
Provides: bundled(crate(fnv)) = 1.0.7
|
||||||
|
Provides: bundled(crate(foreign-types)) = 0.3.2
|
||||||
|
Provides: bundled(crate(foreign-types-shared)) = 0.1.1
|
||||||
|
Provides: bundled(crate(form_urlencoded)) = 1.0.1
|
||||||
|
Provides: bundled(crate(futures)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-channel)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-core)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-executor)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-io)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-macro)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-sink)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-task)) = 0.3.21
|
||||||
|
Provides: bundled(crate(futures-util)) = 0.3.21
|
||||||
|
Provides: bundled(crate(generic-array)) = 0.14.5
|
||||||
|
Provides: bundled(crate(getrandom)) = 0.2.6
|
||||||
|
Provides: bundled(crate(glob)) = 0.3.0
|
||||||
|
Provides: bundled(crate(h2)) = 0.3.13
|
||||||
|
Provides: bundled(crate(hashbrown)) = 0.9.1
|
||||||
|
Provides: bundled(crate(hashbrown)) = 0.11.2
|
||||||
|
Provides: bundled(crate(heck)) = 0.4.0
|
||||||
|
Provides: bundled(crate(hex)) = 0.4.3
|
||||||
|
Provides: bundled(crate(hostname-validator)) = 1.1.1
|
||||||
|
Provides: bundled(crate(http)) = 0.2.8
|
||||||
|
Provides: bundled(crate(http-body)) = 0.4.5
|
||||||
|
Provides: bundled(crate(httparse)) = 1.7.1
|
||||||
|
Provides: bundled(crate(httpdate)) = 1.0.2
|
||||||
|
Provides: bundled(crate(humantime)) = 1.3.0
|
||||||
|
Provides: bundled(crate(humantime)) = 2.1.0
|
||||||
|
Provides: bundled(crate(hyper)) = 0.14.19
|
||||||
|
Provides: bundled(crate(hyper-tls)) = 0.5.0
|
||||||
|
Provides: bundled(crate(idna)) = 0.2.3
|
||||||
|
Provides: bundled(crate(indexmap)) = 1.8.2
|
||||||
|
Provides: bundled(crate(ipnet)) = 2.5.0
|
||||||
|
Provides: bundled(crate(itoa)) = 1.0.2
|
||||||
|
Provides: bundled(crate(jobserver)) = 0.1.24
|
||||||
|
Provides: bundled(crate(keylime_agent)) = 0.1.0
|
||||||
|
Provides: bundled(crate(language-tags)) = 0.3.2
|
||||||
|
Provides: bundled(crate(lazy_static)) = 1.4.0
|
||||||
|
Provides: bundled(crate(lazycell)) = 1.3.0
|
||||||
|
Provides: bundled(crate(libc)) = 0.2.126
|
||||||
|
Provides: bundled(crate(libloading)) = 0.7.3
|
||||||
|
Provides: bundled(crate(local-channel)) = 0.1.3
|
||||||
|
Provides: bundled(crate(local-waker)) = 0.1.3
|
||||||
|
Provides: bundled(crate(lock_api)) = 0.4.7
|
||||||
|
Provides: bundled(crate(log)) = 0.4.17
|
||||||
|
Provides: bundled(crate(matches)) = 0.1.9
|
||||||
|
Provides: bundled(crate(mbox)) = 0.6.0
|
||||||
|
Provides: bundled(crate(memchr)) = 2.5.0
|
||||||
|
Provides: bundled(crate(mime)) = 0.3.16
|
||||||
|
Provides: bundled(crate(minimal-lexical)) = 0.2.1
|
||||||
|
Provides: bundled(crate(miniz_oxide)) = 0.5.3
|
||||||
|
Provides: bundled(crate(mio)) = 0.8.3
|
||||||
|
Provides: bundled(crate(native-tls)) = 0.2.10
|
||||||
|
Provides: bundled(crate(nom)) = 7.1.1
|
||||||
|
Provides: bundled(crate(num-derive)) = 0.3.3
|
||||||
|
Provides: bundled(crate(num-traits)) = 0.2.15
|
||||||
|
Provides: bundled(crate(num_cpus)) = 1.13.1
|
||||||
|
Provides: bundled(crate(num_threads)) = 0.1.6
|
||||||
|
Provides: bundled(crate(oid)) = 0.2.1
|
||||||
|
Provides: bundled(crate(once_cell)) = 1.12.0
|
||||||
|
Provides: bundled(crate(openssl)) = 0.10.40
|
||||||
|
Provides: bundled(crate(openssl-macros)) = 0.1.0
|
||||||
|
Provides: bundled(crate(openssl-probe)) = 0.1.5
|
||||||
|
Provides: bundled(crate(openssl-sys)) = 0.9.74
|
||||||
|
Provides: bundled(crate(ordered-multimap)) = 0.3.1
|
||||||
|
Provides: bundled(crate(os_str_bytes)) = 6.1.0
|
||||||
|
Provides: bundled(crate(parking_lot)) = 0.12.1
|
||||||
|
Provides: bundled(crate(parking_lot_core)) = 0.9.3
|
||||||
|
Provides: bundled(crate(paste)) = 1.0.7
|
||||||
|
Provides: bundled(crate(peeking_take_while)) = 0.1.2
|
||||||
|
Provides: bundled(crate(percent-encoding)) = 2.1.0
|
||||||
|
Provides: bundled(crate(pest)) = 2.1.3
|
||||||
|
Provides: bundled(crate(picky-asn1)) = 0.3.3
|
||||||
|
Provides: bundled(crate(picky-asn1)) = 0.5.0
|
||||||
|
Provides: bundled(crate(picky-asn1-der)) = 0.2.5
|
||||||
|
Provides: bundled(crate(picky-asn1-der)) = 0.3.1
|
||||||
|
Provides: bundled(crate(picky-asn1-x509)) = 0.6.1
|
||||||
|
Provides: bundled(crate(pin-project-lite)) = 0.2.9
|
||||||
|
Provides: bundled(crate(pin-utils)) = 0.1.0
|
||||||
|
Provides: bundled(crate(pkg-config)) = 0.3.25
|
||||||
|
Provides: bundled(crate(ppv-lite86)) = 0.2.16
|
||||||
|
Provides: bundled(crate(pretty_env_logger)) = 0.4.0
|
||||||
|
Provides: bundled(crate(proc-macro-error)) = 1.0.4
|
||||||
|
Provides: bundled(crate(proc-macro-error-attr)) = 1.0.4
|
||||||
|
Provides: bundled(crate(proc-macro2)) = 1.0.39
|
||||||
|
Provides: bundled(crate(quick-error)) = 1.2.3
|
||||||
|
Provides: bundled(crate(quote)) = 1.0.18
|
||||||
|
Provides: bundled(crate(rand)) = 0.8.5
|
||||||
|
Provides: bundled(crate(rand_chacha)) = 0.3.1
|
||||||
|
Provides: bundled(crate(rand_core)) = 0.6.3
|
||||||
|
Provides: bundled(crate(regex)) = 1.5.6
|
||||||
|
Provides: bundled(crate(regex-syntax)) = 0.6.26
|
||||||
|
Provides: bundled(crate(remove_dir_all)) = 0.5.3
|
||||||
|
Provides: bundled(crate(reqwest)) = 0.11.10
|
||||||
|
Provides: bundled(crate(rust-ini)) = 0.17.0
|
||||||
|
Provides: bundled(crate(rustc-hash)) = 1.1.0
|
||||||
|
Provides: bundled(crate(rustc_version)) = 0.3.3
|
||||||
|
Provides: bundled(crate(rustc_version)) = 0.4.0
|
||||||
|
Provides: bundled(crate(ryu)) = 1.0.10
|
||||||
|
Provides: bundled(crate(scopeguard)) = 1.1.0
|
||||||
|
Provides: bundled(crate(semver)) = 0.11.0
|
||||||
|
Provides: bundled(crate(semver)) = 1.0.9
|
||||||
|
Provides: bundled(crate(semver-parser)) = 0.10.2
|
||||||
|
Provides: bundled(crate(serde)) = 1.0.137
|
||||||
|
Provides: bundled(crate(serde_bytes)) = 0.11.6
|
||||||
|
Provides: bundled(crate(serde_derive)) = 1.0.137
|
||||||
|
Provides: bundled(crate(serde_json)) = 1.0.81
|
||||||
|
Provides: bundled(crate(serde_urlencoded)) = 0.7.1
|
||||||
|
Provides: bundled(crate(sha-1)) = 0.10.0
|
||||||
|
Provides: bundled(crate(shlex)) = 1.1.0
|
||||||
|
Provides: bundled(crate(signal-hook-registry)) = 1.4.0
|
||||||
|
Provides: bundled(crate(slab)) = 0.4.6
|
||||||
|
Provides: bundled(crate(smallvec)) = 1.8.0
|
||||||
|
Provides: bundled(crate(socket2)) = 0.4.4
|
||||||
|
Provides: bundled(crate(stable_deref_trait)) = 1.2.0
|
||||||
|
Provides: bundled(crate(static_assertions)) = 1.1.0
|
||||||
|
Provides: bundled(crate(strsim)) = 0.8.0
|
||||||
|
Provides: bundled(crate(strsim)) = 0.10.0
|
||||||
|
Provides: bundled(crate(syn)) = 1.0.96
|
||||||
|
Provides: bundled(crate(synstructure)) = 0.12.6
|
||||||
|
Provides: bundled(crate(target-lexicon)) = 0.12.4
|
||||||
|
Provides: bundled(crate(tempfile)) = 3.3.0
|
||||||
|
Provides: bundled(crate(termcolor)) = 1.1.3
|
||||||
|
Provides: bundled(crate(textwrap)) = 0.11.0
|
||||||
|
Provides: bundled(crate(textwrap)) = 0.15.0
|
||||||
|
Provides: bundled(crate(thiserror)) = 1.0.31
|
||||||
|
Provides: bundled(crate(thiserror-impl)) = 1.0.31
|
||||||
|
Provides: bundled(crate(time)) = 0.3.9
|
||||||
|
Provides: bundled(crate(time-macros)) = 0.2.4
|
||||||
|
Provides: bundled(crate(tinyvec)) = 1.6.0
|
||||||
|
Provides: bundled(crate(tinyvec_macros)) = 0.1.0
|
||||||
|
Provides: bundled(crate(tokio)) = 1.19.2
|
||||||
|
Provides: bundled(crate(tokio-macros)) = 1.8.0
|
||||||
|
Provides: bundled(crate(tokio-native-tls)) = 0.3.0
|
||||||
|
Provides: bundled(crate(tokio-openssl)) = 0.6.3
|
||||||
|
Provides: bundled(crate(tokio-util)) = 0.7.3
|
||||||
|
Provides: bundled(crate(tower-service)) = 0.3.1
|
||||||
|
Provides: bundled(crate(tracing)) = 0.1.35
|
||||||
|
Provides: bundled(crate(tracing-core)) = 0.1.27
|
||||||
|
Provides: bundled(crate(try-lock)) = 0.2.3
|
||||||
|
Provides: bundled(crate(tss-esapi)) = 7.1.0
|
||||||
|
Provides: bundled(crate(tss-esapi-sys)) = 0.3.0
|
||||||
|
Provides: bundled(crate(typenum)) = 1.15.0
|
||||||
|
Provides: bundled(crate(ucd-trie)) = 0.1.3
|
||||||
|
Provides: bundled(crate(unicode-bidi)) = 0.3.8
|
||||||
|
Provides: bundled(crate(unicode-ident)) = 1.0.0
|
||||||
|
Provides: bundled(crate(unicode-normalization)) = 0.1.19
|
||||||
|
Provides: bundled(crate(unicode-width)) = 0.1.9
|
||||||
|
Provides: bundled(crate(unicode-xid)) = 0.2.3
|
||||||
|
Provides: bundled(crate(url)) = 2.2.2
|
||||||
|
Provides: bundled(crate(uuid)) = 0.8.2
|
||||||
|
Provides: bundled(crate(vec_map)) = 0.8.2
|
||||||
|
Provides: bundled(crate(version_check)) = 0.9.4
|
||||||
|
Provides: bundled(crate(want)) = 0.3.0
|
||||||
|
Provides: bundled(crate(which)) = 4.2.5
|
||||||
|
Provides: bundled(crate(zeroize)) = 1.5.5
|
||||||
|
Provides: bundled(crate(zeroize_derive)) = 1.3.2
|
||||||
|
Provides: bundled(crate(zstd)) = 0.10.2
|
||||||
|
Provides: bundled(crate(zstd-safe)) = 4.1.6
|
||||||
|
Provides: bundled(crate(zstd-sys)) = 1.6.3
|
||||||
|
|
||||||
|
%description
|
||||||
|
Rust agent for Keylime
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%autosetup -N -n rust-keylime-%{commit}
|
||||||
|
%cargo_prep -V 1
|
||||||
|
%autopatch -p1
|
||||||
|
|
||||||
|
# Sometimes Rust sources start with #![...] attributes, and "smart" editors think
|
||||||
|
# it's a shebang and make them executable. Then brp-mangle-shebangs gets upset...
|
||||||
|
find -name '*.rs' -type f -perm /111 -exec chmod -v -x '{}' '+'
|
||||||
|
|
||||||
|
%build
|
||||||
|
%cargo_build --no-default-features
|
||||||
|
|
||||||
|
%install
|
||||||
|
%cargo_install
|
||||||
|
mkdir -p %{buildroot}/%{_sharedstatedir}/keylime
|
||||||
|
mkdir -p --mode=0700 %{buildroot}/%{_rundir}/keylime
|
||||||
|
mkdir -p --mode=0700 %{buildroot}/%{_localstatedir}/log/keylime
|
||||||
|
mkdir -p --mode=0700 %{buildroot}/%{_libexecdir}/keylime
|
||||||
|
|
||||||
|
install -Dpm 644 ./dist/systemd/system/keylime_agent.service \
|
||||||
|
%{buildroot}%{_unitdir}/keylime_agent.service
|
||||||
|
|
||||||
|
install -Dpm 644 ./dist/systemd/system/var-lib-keylime-secure.mount \
|
||||||
|
%{buildroot}%{_unitdir}/var-lib-keylime-secure.mount
|
||||||
|
|
||||||
|
# Setting up the agent to use keylime:keylime user/group after dropping privileges.
|
||||||
|
sed -e 's/^run_as[[:space:]]*=.*/run_as = keylime:keylime/g' -i keylime-agent.conf
|
||||||
|
|
||||||
|
# Using sha256 for tpm_hash_alg.
|
||||||
|
sed -e 's/^tpm_hash_alg[[:space:]]*=.*/tpm_hash_alg = sha256/g' -i keylime-agent.conf
|
||||||
|
|
||||||
|
install -Dpm 600 keylime-agent.conf \
|
||||||
|
%{buildroot}%{_sysconfdir}/keylime-agent.conf
|
||||||
|
|
||||||
|
%preun
|
||||||
|
%systemd_preun keylime_agent.service
|
||||||
|
%systemd_preun var-lib-keylime-secure.mount
|
||||||
|
|
||||||
|
%postun
|
||||||
|
%systemd_postun_with_restart keylime_agent.service
|
||||||
|
%systemd_postun_with_restart var-lib-keylime-secure.mount
|
||||||
|
|
||||||
|
%files
|
||||||
|
%license LICENSE
|
||||||
|
%doc README.md
|
||||||
|
%config(noreplace) %attr(600,keylime,keylime) %{_sysconfdir}/keylime-agent.conf
|
||||||
|
%{_unitdir}/keylime_agent.service
|
||||||
|
%{_unitdir}/var-lib-keylime-secure.mount
|
||||||
|
%attr(700,keylime,keylime) %dir %{_rundir}/keylime
|
||||||
|
%attr(700,keylime,keylime) %dir %{_localstatedir}/log/keylime
|
||||||
|
%attr(700,keylime,keylime) %{_sharedstatedir}/keylime
|
||||||
|
%attr(700,keylime,keylime) %{_libexecdir}/keylime
|
||||||
|
%{_bindir}/keylime_agent
|
||||||
|
%{_bindir}/keylime_ima_emulator
|
||||||
|
|
||||||
|
%if %{with check}
|
||||||
|
%check
|
||||||
|
%cargo_test
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Thu Aug 25 2022 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 0.1.0~20220805git0185093-1
|
||||||
|
- Update to upstream commit 0186093
|
||||||
|
|
||||||
|
* Mon Jul 18 2022 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 0.1.0~20220603gitaed51c7-4
|
||||||
|
- Remove vendored source files for non-Linux or unsupported platforms
|
||||||
|
|
||||||
|
* Fri Jul 08 2022 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 0.1.0~20220603gitaed51c7-3
|
||||||
|
- Add support for hash algorithms other than SHA-1 to the IMA emulator
|
||||||
|
|
||||||
|
* Mon Jul 04 2022 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 0.1.0~20220603gitaed51c7-2
|
||||||
|
- Use classic release instead of autorelease macro
|
||||||
|
- Use classic changelog instead of autochangelog macro
|
||||||
|
|
||||||
|
* Mon Jul 04 2022 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 0.1.0~20220603gitaed51c7-2
|
||||||
|
- Backport patch to load configuration file only once
|
||||||
|
|
||||||
|
* Fri Jul 01 2022 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 0.1.0~20220603gitaed51c7-2
|
||||||
|
- Set supplementary groups when dropping privileges
|
||||||
|
- Show more descriptive error messages on missing files errors
|
||||||
|
- Create /usr/libexec/keylime directory
|
||||||
|
|
||||||
|
* Tue Jun 21 2022 Sergio Correia <scorreia@redhat.com> - 0.1.0~20220603gitaed51c7-1
|
||||||
|
- Add keylime-agent-rust to RHEL 9
|
Loading…
Reference in New Issue
Block a user