rpms/keylime-agent-rust
7
0
Fork 0
Code Issues Pull Requests Releases Activity
f74b64710c
keylime-agent-rust/keylime-agent-rust.spec
Anderson Toshiyuki Sasaki f74b64710c Backport patch to load configuration time only once 
Add patch to reduce the number of times the configuration file is
accessed, and modify dependencies dropping patch to allow enabling tests
during build.

Related: rhbz#2084552

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2022-07-04 15:37:16 +02:00

383 lines
15 KiB
RPMSpec
Raw Blame History

# keylime-agent-rust.spec
# Generated by rust2rpm 20
%bcond_without check
%global crate keylime_agent
%global crate_version 0.1.0
%global commit aed51c7c8c526953e945357594352c3df2ca4ace
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%global commitdate 20220603
# RHEL: Use bundled deps as it doesn't ship Rust libraries
%global bundled_rust_deps 1
Name: keylime-agent-rust
Version: %{crate_version}~%{commitdate}git%{shortcommit}
Release: %{?autorelease}%{!?autorelease:1%{?dist}}
Summary: Rust agent for Keylime
# Upstream license specification: Apache-2.0
#
# The build dependencies have the following licenses:
#
# 0BSD or MIT or ASL 2.0
# ASL 2.0
# ASL 2.0 or Boost
# ASL 2.0 or MIT
# ASL 2.0 with exceptions
# BSD
# MIT
# MIT or ASL 2.0
# MIT or ASL 2.0 or zlib
# MIT or zlib or ASL 2.0
# Unlicense or MIT
# zlib or ASL 2.0 or MIT
#
License: ASL 2.0 and BSD and MIT
URL: https://github.com/keylime/rust-keylime/
# The source tarball is downloaded using the following commands:
# spectool -g keylime-agent-rust.spec
Source0: %{url}/archive/%{commit}/rust-keylime-%{version}.tar.gz
# The vendor tarball is created using cargo vendor:
# tar xf rust-keylime-%%{version}.tar.gz
# cd rust-keylime-%%{version}
# cargo vendor
# tar jcf rust-keylime-%%{version}-vendor.tar.xz vendor
Source1: rust-keylime-%{version}-vendor.tar.xz
# Drop dependencies and adjust the features
Patch0: rust-keylime-drop-dependencies.patch
# Add serialization functions to fix issue on big-endian arches
Patch1: rust-keylime-add-quote-serialization.patch
# Show path on missing mTLS certificate
Patch2: rust-keylime-show-path-missing-cert.patch
# Use more descriptive error messages for missing files errors
Patch3: rust-keylime-descriptive-error-messages.patch
# Set supplementary groups when dropping privileges
Patch4: rust-keylime-set-supplementary-groups.patch
# Adjust the supported and required features
Patch5: rust-keylime-adjust-features.patch
# Load configuration file only once during startup
Patch6: rust-keylime-load-config-once.patch
ExclusiveArch: %{rust_arches}
Requires: tpm2-tss
# The keylime-base package provides the configuration file from the python
# implementation which ca be used for the rust implementation. It is available
# from Fedora 36
Requires: keylime-base
BuildRequires: systemd
BuildRequires: openssl-devel
BuildRequires: libarchive-devel
BuildRequires: tpm2-tss-devel
BuildRequires: rust-toolset
BuildRequires: clang
# Virtual Provides to support swapping between Python and Rust implementation
Provides: keylime-agent
Conflicts: keylime-agent
Provides: bundled(crate(actix-codec)) = 0.5.0
Provides: bundled(crate(actix-http)) = 3.0.4
Provides: bundled(crate(actix-macros)) = 0.2.3
Provides: bundled(crate(actix-router)) = 0.5.0
Provides: bundled(crate(actix-rt)) = 2.6.0
Provides: bundled(crate(actix-server)) = 2.0.0
Provides: bundled(crate(actix-service)) = 2.0.2
Provides: bundled(crate(actix-tls)) = 3.0.3
Provides: bundled(crate(actix-utils)) = 3.0.0
Provides: bundled(crate(actix-web)) = 4.0.1
Provides: bundled(crate(actix-web-codegen)) = 4.0.0
Provides: bundled(crate(adler)) = 1.0.2
Provides: bundled(crate(ahash)) = 0.4.7
Provides: bundled(crate(ahash)) = 0.7.6
Provides: bundled(crate(aho-corasick)) = 0.7.18
Provides: bundled(crate(alloc-no-stdlib)) = 2.0.3
Provides: bundled(crate(alloc-stdlib)) = 0.2.1
Provides: bundled(crate(ansi_term)) = 0.12.1
Provides: bundled(crate(atty)) = 0.2.14
Provides: bundled(crate(autocfg)) = 1.1.0
Provides: bundled(crate(base64)) = 0.13.0
Provides: bundled(crate(bindgen)) = 0.59.2
Provides: bundled(crate(bitfield)) = 0.13.2
Provides: bundled(crate(bitflags)) = 1.3.2
Provides: bundled(crate(block-buffer)) = 0.10.2
Provides: bundled(crate(brotli)) = 3.3.3
Provides: bundled(crate(brotli-decompressor)) = 2.3.2
Provides: bundled(crate(bumpalo)) = 3.9.1
Provides: bundled(crate(bytes)) = 1.1.0
Provides: bundled(crate(bytestring)) = 1.0.0
Provides: bundled(crate(cc)) = 1.0.72
Provides: bundled(crate(cexpr)) = 0.6.0
Provides: bundled(crate(cfg-if)) = 1.0.0
Provides: bundled(crate(clang-sys)) = 1.3.3
Provides: bundled(crate(clap)) = 2.34.0
Provides: bundled(crate(clap)) = 3.1.18
Provides: bundled(crate(clap_derive)) = 3.1.18
Provides: bundled(crate(clap_lex)) = 0.2.4
Provides: bundled(crate(compress-tools)) = 0.12.2
Provides: bundled(crate(convert_case)) = 0.4.0
Provides: bundled(crate(cookie)) = 0.16.0
Provides: bundled(crate(core-foundation)) = 0.9.3
Provides: bundled(crate(core-foundation-sys)) = 0.8.3
Provides: bundled(crate(cpufeatures)) = 0.2.1
Provides: bundled(crate(crc32fast)) = 1.3.2
Provides: bundled(crate(crypto-common)) = 0.1.3
Provides: bundled(crate(derive_more)) = 0.99.17
Provides: bundled(crate(digest)) = 0.10.3
Provides: bundled(crate(dlv-list)) = 0.2.3
Provides: bundled(crate(either)) = 1.7.0
Provides: bundled(crate(encoding_rs)) = 0.8.30
Provides: bundled(crate(enumflags2)) = 0.7.3
Provides: bundled(crate(enumflags2_derive)) = 0.7.3
Provides: bundled(crate(env_logger)) = 0.7.1
Provides: bundled(crate(env_logger)) = 0.9.0
Provides: bundled(crate(fastrand)) = 1.7.0
Provides: bundled(crate(firestorm)) = 0.5.0
Provides: bundled(crate(flate2)) = 1.0.22
Provides: bundled(crate(fnv)) = 1.0.7
Provides: bundled(crate(foreign-types)) = 0.3.2
Provides: bundled(crate(foreign-types-shared)) = 0.1.1
Provides: bundled(crate(form_urlencoded)) = 1.0.1
Provides: bundled(crate(futures)) = 0.3.21
Provides: bundled(crate(futures-channel)) = 0.3.21
Provides: bundled(crate(futures-core)) = 0.3.21
Provides: bundled(crate(futures-executor)) = 0.3.21
Provides: bundled(crate(futures-io)) = 0.3.21
Provides: bundled(crate(futures-macro)) = 0.3.21
Provides: bundled(crate(futures-sink)) = 0.3.21
Provides: bundled(crate(futures-task)) = 0.3.21
Provides: bundled(crate(futures-util)) = 0.3.21
Provides: bundled(crate(generic-array)) = 0.14.5
Provides: bundled(crate(getrandom)) = 0.2.4
Provides: bundled(crate(glob)) = 0.3.0
Provides: bundled(crate(h2)) = 0.3.11
Provides: bundled(crate(hamming)) = 0.1.3
Provides: bundled(crate(hashbrown)) = 0.9.1
Provides: bundled(crate(hashbrown)) = 0.11.2
Provides: bundled(crate(heck)) = 0.4.0
Provides: bundled(crate(hermit-abi)) = 0.1.19
Provides: bundled(crate(hex)) = 0.4.3
Provides: bundled(crate(hostname-validator)) = 1.1.0
Provides: bundled(crate(http)) = 0.2.6
Provides: bundled(crate(http-body)) = 0.4.4
Provides: bundled(crate(httparse)) = 1.6.0
Provides: bundled(crate(httpdate)) = 1.0.2
Provides: bundled(crate(humantime)) = 1.3.0
Provides: bundled(crate(humantime)) = 2.1.0
Provides: bundled(crate(hyper)) = 0.14.17
Provides: bundled(crate(hyper-tls)) = 0.5.0
Provides: bundled(crate(idna)) = 0.2.3
Provides: bundled(crate(indexmap)) = 1.8.0
Provides: bundled(crate(instant)) = 0.1.12
Provides: bundled(crate(ipnet)) = 2.3.1
Provides: bundled(crate(itoa)) = 1.0.1
Provides: bundled(crate(jobserver)) = 0.1.24
Provides: bundled(crate(js-sys)) = 0.3.56
Provides: bundled(crate(keylime_agent)) = 0.1.0
Provides: bundled(crate(language-tags)) = 0.3.2
Provides: bundled(crate(lazy_static)) = 1.4.0
Provides: bundled(crate(lazycell)) = 1.3.0
Provides: bundled(crate(libc)) = 0.2.126
Provides: bundled(crate(libloading)) = 0.7.3
Provides: bundled(crate(local-channel)) = 0.1.2
Provides: bundled(crate(local-waker)) = 0.1.2
Provides: bundled(crate(lock_api)) = 0.4.6
Provides: bundled(crate(log)) = 0.4.14
Provides: bundled(crate(matches)) = 0.1.9
Provides: bundled(crate(mbox)) = 0.6.0
Provides: bundled(crate(memchr)) = 2.4.1
Provides: bundled(crate(mime)) = 0.3.16
Provides: bundled(crate(minimal-lexical)) = 0.2.1
Provides: bundled(crate(miniz_oxide)) = 0.4.4
Provides: bundled(crate(mio)) = 0.7.14
Provides: bundled(crate(mio)) = 0.8.2
Provides: bundled(crate(miow)) = 0.3.7
Provides: bundled(crate(native-tls)) = 0.2.8
Provides: bundled(crate(nom)) = 7.1.1
Provides: bundled(crate(ntapi)) = 0.3.7
Provides: bundled(crate(num-derive)) = 0.3.3
Provides: bundled(crate(num-integer)) = 0.1.44
Provides: bundled(crate(num-traits)) = 0.2.14
Provides: bundled(crate(num_cpus)) = 1.13.1
Provides: bundled(crate(num_threads)) = 0.1.5
Provides: bundled(crate(once_cell)) = 1.9.0
Provides: bundled(crate(openssl)) = 0.10.38
Provides: bundled(crate(openssl-probe)) = 0.1.5
Provides: bundled(crate(openssl-sys)) = 0.9.72
Provides: bundled(crate(ordered-multimap)) = 0.3.1
Provides: bundled(crate(os_str_bytes)) = 6.0.0
Provides: bundled(crate(parking_lot)) = 0.11.2
Provides: bundled(crate(parking_lot_core)) = 0.8.5
Provides: bundled(crate(paste)) = 1.0.7
Provides: bundled(crate(peeking_take_while)) = 0.1.2
Provides: bundled(crate(percent-encoding)) = 2.1.0
Provides: bundled(crate(pest)) = 2.1.3
Provides: bundled(crate(pin-project-lite)) = 0.2.8
Provides: bundled(crate(pin-utils)) = 0.1.0
Provides: bundled(crate(pkg-config)) = 0.3.24
Provides: bundled(crate(ppv-lite86)) = 0.2.16
Provides: bundled(crate(pretty_env_logger)) = 0.4.0
Provides: bundled(crate(primal)) = 0.3.0
Provides: bundled(crate(primal-bit)) = 0.3.0
Provides: bundled(crate(primal-check)) = 0.3.1
Provides: bundled(crate(primal-estimate)) = 0.3.1
Provides: bundled(crate(primal-sieve)) = 0.3.1
Provides: bundled(crate(proc-macro-error)) = 1.0.4
Provides: bundled(crate(proc-macro-error-attr)) = 1.0.4
Provides: bundled(crate(proc-macro2)) = 1.0.36
Provides: bundled(crate(quick-error)) = 1.2.3
Provides: bundled(crate(quote)) = 1.0.15
Provides: bundled(crate(rand)) = 0.8.5
Provides: bundled(crate(rand_chacha)) = 0.3.1
Provides: bundled(crate(rand_core)) = 0.6.3
Provides: bundled(crate(redox_syscall)) = 0.2.10
Provides: bundled(crate(regex)) = 1.5.4
Provides: bundled(crate(regex-syntax)) = 0.6.25
Provides: bundled(crate(remove_dir_all)) = 0.5.3
Provides: bundled(crate(reqwest)) = 0.11.10
Provides: bundled(crate(rust-ini)) = 0.17.0
Provides: bundled(crate(rustc-hash)) = 1.1.0
Provides: bundled(crate(rustc_version)) = 0.3.3
Provides: bundled(crate(rustc_version)) = 0.4.0
Provides: bundled(crate(ryu)) = 1.0.9
Provides: bundled(crate(schannel)) = 0.1.19
Provides: bundled(crate(scopeguard)) = 1.1.0
Provides: bundled(crate(security-framework)) = 2.6.1
Provides: bundled(crate(security-framework-sys)) = 2.6.1
Provides: bundled(crate(semver)) = 0.11.0
Provides: bundled(crate(semver)) = 1.0.5
Provides: bundled(crate(semver-parser)) = 0.10.2
Provides: bundled(crate(serde)) = 1.0.136
Provides: bundled(crate(serde_derive)) = 1.0.136
Provides: bundled(crate(serde_json)) = 1.0.79
Provides: bundled(crate(serde_urlencoded)) = 0.7.1
Provides: bundled(crate(sha-1)) = 0.10.0
Provides: bundled(crate(shlex)) = 1.1.0
Provides: bundled(crate(signal-hook-registry)) = 1.4.0
Provides: bundled(crate(slab)) = 0.4.5
Provides: bundled(crate(smallvec)) = 1.8.0
Provides: bundled(crate(socket2)) = 0.4.4
Provides: bundled(crate(stable_deref_trait)) = 1.2.0
Provides: bundled(crate(static_assertions)) = 1.1.0
Provides: bundled(crate(strsim)) = 0.8.0
Provides: bundled(crate(strsim)) = 0.10.0
Provides: bundled(crate(syn)) = 1.0.86
Provides: bundled(crate(synstructure)) = 0.12.6
Provides: bundled(crate(target-lexicon)) = 0.12.3
Provides: bundled(crate(tempfile)) = 3.3.0
Provides: bundled(crate(termcolor)) = 1.1.2
Provides: bundled(crate(textwrap)) = 0.11.0
Provides: bundled(crate(textwrap)) = 0.15.0
Provides: bundled(crate(thiserror)) = 1.0.30
Provides: bundled(crate(thiserror-impl)) = 1.0.30
Provides: bundled(crate(time)) = 0.3.9
Provides: bundled(crate(time-macros)) = 0.2.4
Provides: bundled(crate(tinyvec)) = 1.5.1
Provides: bundled(crate(tinyvec_macros)) = 0.1.0
Provides: bundled(crate(tokio)) = 1.16.1
Provides: bundled(crate(tokio-macros)) = 1.7.0
Provides: bundled(crate(tokio-native-tls)) = 0.3.0
Provides: bundled(crate(tokio-openssl)) = 0.6.3
Provides: bundled(crate(tokio-util)) = 0.6.9
Provides: bundled(crate(tokio-util)) = 0.7.1
Provides: bundled(crate(tower-service)) = 0.3.1
Provides: bundled(crate(tracing)) = 0.1.30
Provides: bundled(crate(tracing-attributes)) = 0.1.20
Provides: bundled(crate(tracing-core)) = 0.1.22
Provides: bundled(crate(try-lock)) = 0.2.3
Provides: bundled(crate(tss-esapi)) = 7.0.0
Provides: bundled(crate(tss-esapi-sys)) = 0.3.0
Provides: bundled(crate(typenum)) = 1.15.0
Provides: bundled(crate(ucd-trie)) = 0.1.3
Provides: bundled(crate(unicode-bidi)) = 0.3.7
Provides: bundled(crate(unicode-normalization)) = 0.1.19
Provides: bundled(crate(unicode-width)) = 0.1.9
Provides: bundled(crate(unicode-xid)) = 0.2.2
Provides: bundled(crate(url)) = 2.2.2
Provides: bundled(crate(uuid)) = 0.8.2
Provides: bundled(crate(vcpkg)) = 0.2.15
Provides: bundled(crate(vec_map)) = 0.8.2
Provides: bundled(crate(version_check)) = 0.9.4
Provides: bundled(crate(want)) = 0.3.0
Provides: bundled(crate(wasi)) = 0.10.2
Provides: bundled(crate(wasi)) = 0.11.0
Provides: bundled(crate(wasm-bindgen)) = 0.2.79
Provides: bundled(crate(wasm-bindgen-backend)) = 0.2.79
Provides: bundled(crate(wasm-bindgen-futures)) = 0.4.29
Provides: bundled(crate(wasm-bindgen-macro)) = 0.2.79
Provides: bundled(crate(wasm-bindgen-macro-support)) = 0.2.79
Provides: bundled(crate(wasm-bindgen-shared)) = 0.2.79
Provides: bundled(crate(web-sys)) = 0.3.56
Provides: bundled(crate(which)) = 4.2.5
Provides: bundled(crate(winapi)) = 0.3.9
Provides: bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0
Provides: bundled(crate(winapi-util)) = 0.1.5
Provides: bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0
Provides: bundled(crate(winreg)) = 0.10.1
Provides: bundled(crate(zeroize)) = 1.5.2
Provides: bundled(crate(zeroize_derive)) = 1.3.1
Provides: bundled(crate(zstd)) = 0.10.0
Provides: bundled(crate(zstd-safe)) = 4.1.4
Provides: bundled(crate(zstd-sys)) = 1.6.3
%description
Rust agent for Keylime
%prep
%autosetup -N -n rust-keylime-%{commit}
%cargo_prep -V 1
%autopatch -p1
# Sometimes Rust sources start with #![...] attributes, and "smart" editors think
# it's a shebang and make them executable. Then brp-mangle-shebangs gets upset...
find -name '*.rs' -type f -perm /111 -exec chmod -v -x '{}' '+'
%build
%cargo_build --no-default-features
%install
%cargo_install
mkdir -p %{buildroot}/%{_sharedstatedir}/keylime
mkdir -p --mode=0700 %{buildroot}/%{_rundir}/keylime
mkdir -p --mode=0700 %{buildroot}/%{_localstatedir}/log/keylime
mkdir -p --mode=0700 %{buildroot}/%{_libexecdir}/keylime
install -Dpm 644 ./dist/systemd/system/keylime_agent.service \
%{buildroot}%{_unitdir}/keylime_agent.service
install -Dpm 644 ./dist/systemd/system/var-lib-keylime-secure.mount \
%{buildroot}%{_unitdir}/var-lib-keylime-secure.mount
%preun
%systemd_preun keylime_agent.service
%systemd_preun var-lib-keylime-secure.mount
%postun
%systemd_postun_with_restart keylime_agent.service
%systemd_postun_with_restart var-lib-keylime-secure.mount
%files
%license LICENSE
%doc README.md
%{_unitdir}/keylime_agent.service
%{_unitdir}/var-lib-keylime-secure.mount
%attr(700,keylime,keylime) %dir %{_rundir}/keylime
%attr(700,keylime,keylime) %dir %{_localstatedir}/log/keylime
%attr(700,keylime,keylime) %{_sharedstatedir}/keylime
%attr(700,keylime,keylime) %{_libexecdir}/keylime
%{_bindir}/keylime_agent
%{_bindir}/keylime_ima_emulator
%if %{with check}
%check
%cargo_test
%endif
%changelog
%autochangelog
Reference in New Issue View Git Blame Copy Permalink