import rng-tools-6.15-1.el9
This commit is contained in:
parent
5831e2ccd1
commit
c307573d33
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/rng-tools-6.14.tar.gz
|
SOURCES/rng-tools-6.15.tar.gz
|
||||||
|
@ -1 +1 @@
|
|||||||
fd67bdfdc7962801564cda6c55bf58acf0b6a8dc SOURCES/rng-tools-6.14.tar.gz
|
79de2f603a8d5266691edd5b53efc1a7b6a02cd3 SOURCES/rng-tools-6.15.tar.gz
|
||||||
|
14
SOURCES/3-rt-fix-jent-define.patch
Normal file
14
SOURCES/3-rt-fix-jent-define.patch
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
--- configure.ac 2022-03-24 13:14:11.000000000 +0100
|
||||||
|
+++ configure.ac.new 2022-03-24 15:58:56.187367770 +0100
|
||||||
|
@@ -95,7 +95,10 @@ AS_IF(
|
||||||
|
[AM_CONDITIONAL([JITTER], [true])
|
||||||
|
AC_DEFINE([HAVE_JITTER],1,[Enable JITTER])
|
||||||
|
AC_CHECK_LIB(jitterentropy, jent_notime_settick,
|
||||||
|
- [AC_DEFINE([HAVE_JITTER_NOTIME],1,[Enable JITTER_NOTIME])],
|
||||||
|
+ [
|
||||||
|
+ AC_DEFINE([HAVE_JITTER_NOTIME],1,[Enable JITTER_NOTIME])
|
||||||
|
+ AC_DEFINE([JENT_CONF_ENABLE_INTERNAL_TIMER],1,[Enable JENT_CONF_ENABLE_INTERNAL_TIMER])
|
||||||
|
+ ],
|
||||||
|
[],-lpthread)],
|
||||||
|
AC_MSG_NOTICE([No Jitterentropy library found]),-lpthread)
|
||||||
|
], [AC_MSG_NOTICE([Disabling JITTER entropy source])]
|
@ -1 +0,0 @@
|
|||||||
SUBSYSTEM=="misc", KERNEL=="hw_random", GROUP="rngd", MODE="0640"
|
|
@ -1,14 +0,0 @@
|
|||||||
[Unit]
|
|
||||||
Description=Hardware RNG Entropy Gatherer Wake threshold service
|
|
||||||
ConditionVirtualization=!container
|
|
||||||
Before=rngd.service
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
CapabilityBoundingSet=CAP_SYS_ADMIN
|
|
||||||
AmbientCapabilities=CAP_SYS_ADMIN
|
|
||||||
Type=oneshot
|
|
||||||
RemainAfterExit=yes
|
|
||||||
ExecStart=/bin/sh -c "PSIZE=$(cat /proc/sys/kernel/random/poolsize); let THRESH=$PSIZE*3/4; echo $THRESH>/proc/sys/kernel/random/write_wakeup_threshold; udevadm trigger --sysname-match=hw_random --settle"
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=sysinit.target
|
|
@ -1,15 +1,9 @@
|
|||||||
[Unit]
|
[Unit]
|
||||||
Description=Hardware RNG Entropy Gatherer Daemon
|
Description=Hardware RNG Entropy Gatherer Daemon
|
||||||
ConditionVirtualization=!container
|
ConditionVirtualization=!container
|
||||||
Requires=rngd-wake-threshold.service
|
|
||||||
|
|
||||||
# The "-f" option is required for the systemd service rngd to work with Type=simple
|
# The "-f" option is required for the systemd service rngd to work with Type=simple
|
||||||
[Service]
|
[Service]
|
||||||
User=rngd
|
|
||||||
Group=rngd
|
|
||||||
CapabilityBoundingSet=CAP_SYS_ADMIN
|
|
||||||
AmbientCapabilities=CAP_SYS_ADMIN
|
|
||||||
TimeoutStartSec=60s
|
|
||||||
Type=simple
|
Type=simple
|
||||||
EnvironmentFile=/etc/sysconfig/rngd
|
EnvironmentFile=/etc/sysconfig/rngd
|
||||||
ExecStart=/usr/sbin/rngd -f $RNGD_ARGS
|
ExecStart=/usr/sbin/rngd -f $RNGD_ARGS
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
# Optional arguments passed to rngd. See rngd(8) and
|
# Optional arguments passed to rngd. See rngd(8) and
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1252175#c21
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1252175#c21
|
||||||
RNGD_ARGS="--fill-watermark=0 -x pkcs11 -x nist"
|
RNGD_ARGS="--fill-watermark=0 -x pkcs11 -x nist -D daemon:daemon"
|
||||||
|
@ -11,20 +11,15 @@
|
|||||||
|
|
||||||
Summary: Random number generator related utilities
|
Summary: Random number generator related utilities
|
||||||
Name: rng-tools
|
Name: rng-tools
|
||||||
Version: 6.14
|
Version: 6.15
|
||||||
Release: 2.git.b2b7934e%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: https://github.com/nhorman/rng-tools
|
URL: https://github.com/nhorman/rng-tools
|
||||||
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
||||||
Source1: rngd.service
|
Source1: rngd.service
|
||||||
Source2: rngd-wake-threshold.service
|
Source2: rngd.sysconfig
|
||||||
Source3: 60-hwrng.rules
|
|
||||||
Source4: rngd.sysconfig
|
|
||||||
|
|
||||||
Patch0: 1-rt-revert-build-randstat.patch
|
BuildRequires: gcc make binutils
|
||||||
Patch1: 2-rt-comment-out-have-aesni.patch
|
|
||||||
|
|
||||||
BuildRequires: gcc make
|
|
||||||
BuildRequires: gettext
|
BuildRequires: gettext
|
||||||
BuildRequires: systemd systemd-rpm-macros
|
BuildRequires: systemd systemd-rpm-macros
|
||||||
BuildRequires: autoconf automake
|
BuildRequires: autoconf automake
|
||||||
@ -32,6 +27,7 @@ BuildRequires: libgcrypt-devel libcurl-devel
|
|||||||
BuildRequires: libxml2-devel openssl-devel
|
BuildRequires: libxml2-devel openssl-devel
|
||||||
BuildRequires: jitterentropy-devel
|
BuildRequires: jitterentropy-devel
|
||||||
BuildRequires: jansson-devel
|
BuildRequires: jansson-devel
|
||||||
|
BuildRequires: libcap-devel
|
||||||
%if %{with rtlsdr}
|
%if %{with rtlsdr}
|
||||||
BuildRequires: rtl-sdr-devel
|
BuildRequires: rtl-sdr-devel
|
||||||
%endif
|
%endif
|
||||||
@ -42,7 +38,11 @@ BuildRequires: libp11-devel
|
|||||||
Requires(post): systemd
|
Requires(post): systemd
|
||||||
Requires(preun): systemd
|
Requires(preun): systemd
|
||||||
Requires(postun): systemd
|
Requires(postun): systemd
|
||||||
Requires: jansson openssl
|
Requires: selinux-policy >= 34.1.31-2
|
||||||
|
|
||||||
|
Patch0: 1-rt-revert-build-randstat.patch
|
||||||
|
Patch1: 2-rt-comment-out-have-aesni.patch
|
||||||
|
Patch2: 3-rt-fix-jent-define.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
This is a random number generator daemon and its tools. It monitors
|
This is a random number generator daemon and its tools. It monitors
|
||||||
@ -61,31 +61,27 @@ TPM, jitter) and supplies entropy from them to a kernel entropy pool.
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
./autogen.sh
|
./autogen.sh
|
||||||
|
# a dirty hack so libdarn_impl_a_CFLAGS overrides common CFLAGS
|
||||||
|
sed -i -e 's/$(libdarn_impl_a_CFLAGS) $(CFLAGS)/$(CFLAGS) $(libdarn_impl_a_CFLAGS)/' Makefile.in
|
||||||
%configure %{?_without_pkcs11} %{?_without_rtlsdr}
|
%configure %{?_without_pkcs11} %{?_without_rtlsdr}
|
||||||
%make_build
|
%make_build
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%make_install
|
%make_install
|
||||||
|
|
||||||
# install systemd unit file and udev rules
|
# install systemd unit file
|
||||||
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE1}
|
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE1}
|
||||||
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE2}
|
|
||||||
install -Dt %{buildroot}%{_udevrulesdir} -m0644 %{SOURCE3}
|
|
||||||
# install sysconfig file
|
# install sysconfig file
|
||||||
install -D %{SOURCE4} -m0644 %{buildroot}%{_sysconfdir}/sysconfig/rngd
|
install -D %{SOURCE2} -m0644 %{buildroot}%{_sysconfdir}/sysconfig/rngd
|
||||||
|
|
||||||
%pre
|
|
||||||
getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s /sbin/nologin -c "Random Number Generator Daemon" rngd
|
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%systemd_post rngd.service rngd-wake-threshold.service
|
%systemd_post rngd.service
|
||||||
/usr/bin/systemctl start rngd-wake-threshold.service || :
|
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%systemd_preun rngd.service rngd-wake-threshold.service
|
%systemd_preun rngd.service
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
%systemd_postun_with_restart rngd.service rngd-wake-threshold.service
|
%systemd_postun_with_restart rngd.service
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%{!?_licensedir:%global license %%doc}
|
%{!?_licensedir:%global license %%doc}
|
||||||
@ -96,11 +92,17 @@ getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s
|
|||||||
%{_mandir}/man1/rngtest.1.*
|
%{_mandir}/man1/rngtest.1.*
|
||||||
%{_mandir}/man8/rngd.8.*
|
%{_mandir}/man8/rngd.8.*
|
||||||
%attr(0644,root,root) %{_unitdir}/rngd.service
|
%attr(0644,root,root) %{_unitdir}/rngd.service
|
||||||
%attr(0644,root,root) %{_unitdir}/rngd-wake-threshold.service
|
|
||||||
%attr(0644,root,root) %{_udevrulesdir}/60-hwrng.rules
|
|
||||||
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/rngd
|
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/rngd
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Sat Apr 16 2022 Vladis Dronov <vdronov@redhat.com> - 6.15-1
|
||||||
|
- Update to the upstream v6.15 @ 172bf0e3 (bz 2075977)
|
||||||
|
- Allow rngd process to drop privileges with "-D user:group"
|
||||||
|
- Fix an error building with jitterentropy-3.4.0
|
||||||
|
- Add a requirement for selinux-policy of a certain version
|
||||||
|
- Fix a build failure on ppc64
|
||||||
|
- Small edits in test scripts
|
||||||
|
|
||||||
* Tue Nov 23 2021 Vladis Dronov <vdronov@redhat.com> - 6.14-2.git.b2b7934e
|
* Tue Nov 23 2021 Vladis Dronov <vdronov@redhat.com> - 6.14-2.git.b2b7934e
|
||||||
- Update to the upstream v6.14 @ b2b7934e (bz 2015566)
|
- Update to the upstream v6.14 @ b2b7934e (bz 2015566)
|
||||||
- Add a config file for storing rngd options
|
- Add a config file for storing rngd options
|
||||||
|
Loading…
Reference in New Issue
Block a user