From 18aa734070f96037a2d330901420c3018c4e9dac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Thu, 21 Jun 2012 13:49:09 +0200
Subject: [PATCH] new upstream release 2.4.2

- add pkcs_slot man page
- don't add root to the pkcs11 group
---
 .gitignore                     |  1 +
 opencryptoki-2.4.1-man.patch   | 49 ++++++++++++++++++++++++++++++++++
 opencryptoki-2.4.2-locks.patch | 30 +++++++++++++++++++++
 opencryptoki-tmpfiles.conf     |  1 +
 opencryptoki.spec              | 32 ++++++++++++++++------
 sources                        |  2 +-
 6 files changed, 106 insertions(+), 9 deletions(-)
 create mode 100644 opencryptoki-2.4.1-man.patch
 create mode 100644 opencryptoki-2.4.2-locks.patch
 create mode 100644 opencryptoki-tmpfiles.conf

diff --git a/.gitignore b/.gitignore
index f69b4ec..e107b82 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ opencryptoki-2.3.1.tar.gz
 /opencryptoki-2.3.3.tar.gz
 /opencryptoki-2.4.tar.gz
 /opencryptoki-2.4.1.tar.gz
+/opencryptoki-2.4.2.tar.gz
diff --git a/opencryptoki-2.4.1-man.patch b/opencryptoki-2.4.1-man.patch
new file mode 100644
index 0000000..fec3a0a
--- /dev/null
+++ b/opencryptoki-2.4.1-man.patch
@@ -0,0 +1,49 @@
+diff --git a/configure.in b/configure.in
+index 483a092..083a766 100644
+--- a/configure.in
++++ b/configure.in
+@@ -663,6 +663,7 @@ AC_CONFIG_FILES([Makefile usr/Makefile \
+ 	  man/Makefile \
+ 	  man/man1/Makefile \
+ 	  man/man1/pkcsconf.1 \
++	  man/man1/pkcs_slot.1 \
+ 	  man/man1/pkcs11_startup.1 \
+ 	  man/man5/Makefile \
+ 	  man/man5/pk_config_data.5 \
+diff --git a/man/man1/Makefile.am b/man/man1/Makefile.am
+index 8f0e5ee..1560fec 100644
+--- a/man/man1/Makefile.am
++++ b/man/man1/Makefile.am
+@@ -1,2 +1,2 @@
+-man1_MANS=pkcs11_startup.1 pkcsconf.1
++man1_MANS=pkcs11_startup.1 pkcs_slot.1 pkcsconf.1
+ EXTRA_DIST = $(man1_MANS)
+diff --git a/man/man1/pkcs_slot.1.in b/man/man1/pkcs_slot.1.in
+new file mode 100644
+index 0000000..8d55c9a
+--- /dev/null
++++ b/man/man1/pkcs_slot.1.in
+@@ -0,0 +1,23 @@
++.TH PKCS_SLOT 1 "February 2010"  "@PACKAGE_VERSION@" "openCryptoki"
++.SH NAME
++pkcs_slot \- configuration program for opencryptoki
++.SH SYNOPSIS
++.B pkcs_slot
++\fIdevicenumber depth\fR
++.SH DESCRIPTION
++
++This utility is used internal by pkcs11_startup.
++It writes the configuration file to disk as @localstatedir@/lib/opencryptoki/pk_config_data.
++
++.SH "SEE ALSO"
++.PD 0
++.TP
++\fBpkcs11_startup\fP(1),
++.TP
++\fBopencryptoki\fP(7),
++.TP
++\fBpkcsslotd\fP(8),
++.TP
++\fBpk_config_data\fP(5).
++.PD
++
diff --git a/opencryptoki-2.4.2-locks.patch b/opencryptoki-2.4.2-locks.patch
new file mode 100644
index 0000000..98a2fc5
--- /dev/null
+++ b/opencryptoki-2.4.2-locks.patch
@@ -0,0 +1,30 @@
+diff --git a/usr/Makefile.am b/usr/Makefile.am
+index bced120..20352d5 100644
+--- a/usr/Makefile.am
++++ b/usr/Makefile.am
+@@ -5,6 +5,6 @@ endif
+ SUBDIRS = lib $(DAEMONDIRS)
+ 
+ install-data-hook:
+-	$(MKDIR_P) $(lockdir)
+-	$(CHGRP) pkcs11 $(lockdir)
+-	$(CHMOD) 0770 $(lockdir)
++	$(MKDIR_P) $(DESTDIR)$(lockdir)
++	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)
++	$(CHMOD) 0770 $(DESTDIR)$(lockdir)
+diff --git a/usr/Makefile.am b/usr/Makefile.am
+index 20352d5..5d42b0f 100644
+--- a/usr/Makefile.am
++++ b/usr/Makefile.am
+@@ -6,5 +6,9 @@ SUBDIRS = lib $(DAEMONDIRS)
+ 
+ install-data-hook:
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir)
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)
+-	$(CHMOD) 0770 $(DESTDIR)$(lockdir)
++	if test `id` = 0; then \
++	    $(CHGRP) pkcs11 $(DESTDIR)$(lockdir); \
++	    $(CHMOD) 0770 $(DESTDIR)$(lockdir); \
++	else \
++	    echo "Not running as root, you must set the correct group and mode manually!"; \
++	fi
diff --git a/opencryptoki-tmpfiles.conf b/opencryptoki-tmpfiles.conf
new file mode 100644
index 0000000..87332a8
--- /dev/null
+++ b/opencryptoki-tmpfiles.conf
@@ -0,0 +1 @@
+D /var/lock/opencryptoki 0770 root pkcs11 -
diff --git a/opencryptoki.spec b/opencryptoki.spec
index 8e976cf..f7a321f 100644
--- a/opencryptoki.spec
+++ b/opencryptoki.spec
@@ -1,11 +1,12 @@
 Name:			opencryptoki
 Summary:		Implementation of the PKCS#11 (Cryptoki) specification v2.11
-Version:		2.4.1
-Release:		2%{?dist}
+Version:		2.4.2
+Release:		1%{?dist}
 License:		CPL
 Group:			System Environment/Base
 URL:			http://sourceforge.net/projects/opencryptoki
-Source:			http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
+Source0:		http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
+Source1:		%{name}-tmpfiles.conf
 # the pkcs11 group is created and populated in scriptlet
 Patch0:			%{name}-2.3.2-do-not-create-group-in-pkcs11_startup.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=732756
@@ -14,6 +15,10 @@ Patch1:			%{name}-2.4-group.patch
 Patch2:			%{name}-2.4.1-systemd.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=830129
 Patch3:			%{name}-2.4.1-830129.patch
+# add pkcs_slot man page
+Patch4:			%{name}-2.4.1-man.patch
+# fix locks dir installation
+Patch5:			%{name}-2.4.2-locks.patch
 Requires(pre):		shadow-utils coreutils sed
 BuildRequires:		openssl-devel
 BuildRequires:		trousers-devel
@@ -40,6 +45,7 @@ This package contains the Slot Daemon (pkcsslotd) and general utilities.
 %package libs
 Group:			System Environment/Libraries
 Summary:		The run-time libraries for opencryptoki package
+Requires:		%{name}%{?_isa} = %{version}-%{release}
 Obsoletes:		%{name}-libs < 2.3.2
 
 %description libs
@@ -56,7 +62,7 @@ functional.
 %package devel
 Group:			Development/Libraries
 Summary:		Development files for openCryptoki
-Requires:		%{name}-libs = %{version}-%{release}
+Requires:		%{name}-libs%{?_isa} = %{version}-%{release}
 
 %description devel
 This package contains the development header files for building
@@ -138,6 +144,8 @@ cryptographic hardware such as IBM 4764 or 4765 that uses the
 %patch1 -p1 -b .group
 %patch2 -p1 -b .systemd
 %patch3 -p1 -b .bz830129
+%patch4 -p1 -b .man
+%patch5 -p1 -b .locks
 
 # Upstream tarball has unnecessary executable perms set on the sources
 find . -name '*.[ch]' -print0 | xargs -0 chmod -x
@@ -163,6 +171,10 @@ make install DESTDIR=$RPM_BUILD_ROOT
 rm -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/*.la
 rm -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/stdll/*.la
 
+# systemd must create /var/lock/opencryptoki
+mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d
+install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/%{name}.conf
+
 
 %post libs -p /sbin/ldconfig
 %post swtok -p /sbin/ldconfig
@@ -181,10 +193,7 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/stdll/*.la
 %endif
 
 %pre
-# Create pkcs11 group
 getent group pkcs11 >/dev/null || groupadd -r pkcs11
-# Add root to the pkcs11 group
-gpasswd -a root pkcs11
 exit 0
 
 %post
@@ -211,12 +220,14 @@ fi
 %files
 %doc ChangeLog FAQ README
 %doc doc/openCryptoki-HOWTO.pdf
+%{_prefix}/lib/tmpfiles.d/%{name}.conf
 %{_unitdir}/pkcsslotd.service
 %{_sbindir}/*
 %{_mandir}/man*/*
 %{_libdir}/opencryptoki/methods
 %{_libdir}/pkcs11/methods
 %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}
+%dir %attr(770,root,pkcs11) %{_localstatedir}/lock/%{name}
 
 %files libs
 %doc LICENSE
@@ -235,7 +246,7 @@ fi
 %{_libdir}/pkcs11/stdll
 
 %files devel
-%{_includedir}/*
+%{_includedir}/%{name}/
 
 %files swtok
 %{_libdir}/opencryptoki/stdll/libpkcs11_sw.*
@@ -260,6 +271,11 @@ fi
 
 
 %changelog
+* Thu Jun 21 2012 Dan Horák <dan[at]danny.cz> - 2.4.2-1
+- new upstream release 2.4.2
+- add pkcs_slot man page
+- don't add root to the pkcs11 group
+
 * Mon Jun 11 2012 Dan Horák <dan[at]danny.cz> - 2.4.1-2
 - fix unresolved symbols in TPM module (#830129)
 
diff --git a/sources b/sources
index 8f92251..a6205a8 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-165e91b70ae5c78bc34ea910ff91ea8f  opencryptoki-2.4.1.tar.gz
+ec020070237ef652e4e1dc06a642f717  opencryptoki-2.4.2.tar.gz