Update to upstream version 0.2.1

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2023-02-23 19:13:57 +01:00 · 2023-02-23 19:13:57 +01:00 · e3ff08388b
commit e3ff08388b
parent ff683a1f32
7 changed files with 51 additions and 81 deletions
--- a/.gitignore
+++ b/.gitignore
@ -6,3 +6,7 @@
 /rust-keylime-0.1.0~20220603gitaed51c7-vendor.tar.xz
 /v0.1.0.tar.gz
 /rust-keylime-0.1.0-vendor.tar.xz
+/v0.2.0.tar.gz
+/rust-keylime-0.2.0-vendor.tar.xz
+/v0.2.1.tar.gz
+/rust-keylime-0.2.1-vendor.tar.xz
--- a/keylime-agent-rust.spec
+++ b/keylime-agent-rust.spec
@ -15,7 +15,7 @@
 %endif

 Name:           keylime-agent-rust
-Version:        0.1.0
+Version:        0.2.1
 Release:        %{?autorelease}%{!?autorelease:1%{?dist}}
 Summary:        Rust agent for Keylime

@ -54,19 +54,13 @@ Source0:        %{url}/archive/refs/tags/v%{version}.tar.gz
 #   tar jcf rust-keylime-%%{version}-vendor.tar.xz vendor
 Source1:        rust-keylime-%{version}-vendor.tar.xz
 ## Patches for building from system Rust libraries (Fedora)
-# Fix version requirement for clap to avoid FTBFS in Fedora
+# Drop completely the legacy-python-actions feature
 Patch1:         rust-keylime-metadata.patch
-# Use API available on rust-config-0.12.0
-Patch2:         rust-keylime-config-separator.patch
-## Patches for building from bundled Rust libraries (RHEL)
-# Build tss-esapi extension from source (upstream commit)
-Patch100:       rust-keylime-metadata-bundled.patch
-# fix tss-esapi build with tpm2-tss v4
-Patch101:       rust-keylime-vendor-tpm-tss-v4.patch

 ExclusiveArch:  %{rust_arches}

 Requires: tpm2-tss
+Requires: util-linux-core

 # The keylime-base package provides the keylime user creation. It is available
 # from Fedora 36
@ -80,7 +74,6 @@ BuildRequires:  libarchive-devel
 BuildRequires:  tpm2-tss-devel
 %if 0%{?bundled_rust_deps}
 BuildRequires:  clang
-BuildRequires:  pkgconfig(libzmq) >= 4.1
 BuildRequires:  rust-toolset
 %else
 BuildRequires:  rust-packaging >= 21-2
@ -110,11 +103,9 @@ Rust agent for Keylime
 %cargo_build

 %install
-%cargo_install

 mkdir -p %{buildroot}/%{_sharedstatedir}/keylime
 mkdir -p --mode=0700 %{buildroot}/%{_rundir}/keylime
-mkdir -p --mode=0700 %{buildroot}/%{_localstatedir}/log/keylime
 mkdir -p --mode=0700 %{buildroot}/%{_libexecdir}/keylime
 mkdir -p --mode=0700  %{buildroot}/%{_sysconfdir}/keylime
 mkdir -p --mode=0700  %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d
@ -134,6 +125,13 @@ cat > %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d/001-run_as.conf << EOF
 run_as = "keylime:keylime"
 EOF

+install -Dpm 0755 \
+    -t %{buildroot}%{_bindir} \
+    ./target/release/keylime_agent
+install -Dpm 0755 \
+    -t %{buildroot}%{_bindir} \
+    ./target/release/keylime_ima_emulator
+
 %posttrans
 chmod 500 %{_sysconfdir}/keylime/agent.conf.d
 chmod 400 %{_sysconfdir}/keylime/agent.conf.d/*.conf
@ -158,7 +156,6 @@ chown -R keylime:keylime %{_sysconfdir}/keylime
 %{_unitdir}/keylime_agent.service
 %{_unitdir}/var-lib-keylime-secure.mount
 %attr(700,keylime,keylime) %dir %{_rundir}/keylime
-%attr(700,keylime,keylime) %dir %{_localstatedir}/log/keylime
 %attr(700,keylime,keylime) %{_sharedstatedir}/keylime
 %attr(700,keylime,keylime) %{_libexecdir}/keylime
 %{_bindir}/keylime_agent
--- a/rust-keylime-config-separator.patch
+++ b/rust-keylime-config-separator.patch
@ -1,20 +0,0 @@
--- a/src/config.rs	2022-11-01 14:47:42.702938017 +0100
-+++ b/src/config.rs	2022-11-01 15:19:07.072122442 +0100
-@@ -408,8 +408,7 @@
-         // Add environment variables overrides
-         .add_source(
-             Environment::with_prefix("KEYLIME")
-                .separator("_")
-                .prefix_separator("_"),
-+                .separator("_"),
-         ))
- }
- 
-@@ -425,7 +424,6 @@
-                     // Add environment variables overrides
-                     .add_source(
-                         Environment::with_prefix("KEYLIME")
-                            .prefix_separator("_")
-                             .separator("_"),
-                     ));
-             } else {
--- a/rust-keylime-metadata-bundled.patch
+++ b/rust-keylime-metadata-bundled.patch
@ -1,11 +0,0 @@
--- a/Cargo.toml	2022-11-01 11:14:11.349498931 +0100
-+++ b/Cargo.toml	2022-11-01 14:22:01.934115151 +0100
-@@ -42,7 +42,7 @@
- tempfile = "3.0.4"
- tokio = {version = "1.13.1", features = ["full"]}
- toml = "0.5"
-tss-esapi = "7.1.0"
-+tss-esapi = {version = "7.1.0", features = ["generate-bindings"]}
- thiserror = "1.0"
- uuid = {version = "0.8", features = ["v4"]}
- zmq = {version = "0.9.2", optional = true}
--- a/rust-keylime-metadata.patch
+++ b/rust-keylime-metadata.patch
@ -1,17 +1,8 @@
--- a/Cargo.toml	2022-11-01 11:14:11.349498931 +0100
-+++ b/Cargo.toml	2022-11-01 14:22:01.934115151 +0100
-@@ -21,17 +21,17 @@
- actix-web =  { version = "4", features = ["openssl"] }
- base64 = "0.13"
- cfg-if = "1"
-clap = { version = "~3.1.18", features = ["derive"] }
-+clap = { version = "3.1.18", features = ["derive"] }
- compress-tools = "0.12"
-config = { version = "0.13", features = ["toml"] }
-+config = { version = "0.12", features = ["toml"] }
- futures = "0.3.6"
- glob = "0.3"
- hex = "0.4"
+diff --git a/keylime-agent/Cargo.toml b/keylime-agent/Cargo.toml
+index 0cc1385..286e807 100644
+--- a/keylime-agent/Cargo.toml
+++ b/keylime-agent/Cargo.toml
+@@ -21,8 +21,8 @@ keylime = { path = "../keylime" }
 libc = "0.2.43"
 log = "0.4"
 openssl = "0.10.15"
@ -20,5 +11,33 @@
 +picky-asn1-der = "0.3"
 +picky-asn1-x509 = "0.7"
 pretty_env_logger = "0.4"
- reqwest = {version = "0.11", features = ["json"]}
- rust-ini = "0.17"
+ reqwest = {version = "0.11", default-features = false, features = ["json"]}
+ serde = "1.0.80"
+@@ -31,7 +31,7 @@ serde_json = { version = "1.0", features = ["raw_value"] }
+ static_assertions = "1"
+ tempfile = "3.4.0"
+ tokio = {version = "1.24", features = ["rt", "sync"]}
+-tss-esapi = {version = "7.2.0", features = ["generate-bindings"]}
+tss-esapi = {version = "7", features = ["generate-bindings"]}
+ thiserror = "1.0"
+ uuid = {version = "1.3", features = ["v4"]}
+ zmq = {version = "0.9.2", optional = true}
+@@ -48,18 +48,6 @@ actix-rt = "2"
+ default = []
+ # this should change to dev-dependencies when we have integration testing
+ testing = ["wiremock"]
+-# Whether the agent should be compiled with support to listen for notification
+-# messages on ZeroMQ
+-#
+-# This feature is deprecated and will be removed on next major release
+-with-zmq = ["zmq"]
+-# Whether the agent should be compiled with support for python revocation
+-# actions loaded as modules, which is the only kind supported by the python
+-# agent (unless the enhancement-55 is implemented). See:
+-# https://github.com/keylime/enhancements/blob/master/55_revocation_actions_without_python.md
+-#
+-# This feature is deprecated and will be removed on next major release
+-legacy-python-actions = []
+ 
+ [package.metadata.deb]
+ section = "net"
--- a/rust-keylime-vendor-tpm-tss-v4.patch
+++ b/rust-keylime-vendor-tpm-tss-v4.patch
--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (v0.1.0.tar.gz) = 204e5cdf0901d237ed22f5265ce8c9f4c13d7d8ad4c1b64419a469213d88e584f0555f6edfbf7aa9346d2e3a86d8f7f0a0d5056a3e0ab0dfe5d170f8910fc7cf
-SHA512 (rust-keylime-0.1.0-vendor.tar.xz) = 469726ac4176e8bab93620293402422fe8da794773fcdbff722a5e4ef7a7377008996b002e2a260012052aa59c127de94572e8d11b25d5daa46052c5a74d9ec3
+SHA512 (v0.2.1.tar.gz) = 5d837054004f874ba671bbcf67f732673b3a1d7d7eedd746541e21485c0a9759dcb48d74106ba6bdc7c6f45ccb983a2d10c0184605b59707e9a48a0a338d3982
+SHA512 (rust-keylime-0.2.1-vendor.tar.xz) = a9f9b2549d09cf95fe8bffd2be7cf23975639a1de3423966c783ce6740e9971eafad8db7b8549f057a8f074808894054cb1575c8e3977d3caa51636768c7f5fe