Install udev rule for TPM character devices

The udev rules to change the ownership and access permission for the TPM2 character devices is installed by the tpm2-abrmd package. But users could want to use the TPM2 device without the userspace tpm2-abrmd, for example by using the in-kernel resource manager or accessing the device directly. In those cases they may not install the tpm2-abrmd package but still want the correct user, group and permissions set in the TPM2 character device, so let's do that in the tpm2-tss package instead that is always required. Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-02-23 12:50:55 +01:00 · 2018-02-23 12:50:55 +01:00 · 075fc2f0d3
commit 075fc2f0d3
parent f61696f2b7
2 changed files with 12 additions and 1 deletions
--- a/60-tpm-udev.rules
+++ b/60-tpm-udev.rules
@ -0,0 +1,2 @@
+# tpm2 devices can be accessed by the tss user or tss group members
+KERNEL=="tpmrm[0-9]*|tpm[0-9]*", MODE="0660", OWNER="tss", GROUP="tss"
--- a/tpm2-tss.spec
+++ b/tpm2-tss.spec
@ -1,6 +1,6 @@
 Name:           tpm2-tss
 Version:        1.3.0
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        TPM2.0 Software Stack

 # The entire source code is under BSD except implementation.h and tpmb.h which
@ -9,11 +9,14 @@ License:        BSD and TCGL
 URL:            https://github.com/intel/tpm2-tss
 Source0:        https://github.com/intel/tpm2-tss/releases/download/%{version}/%{name}-%{version}.tar.gz

+Source1:        60-tpm-udev.rules
+
 BuildRequires:  gcc
 BuildRequires:  gcc-c++
 BuildRequires:  autoconf-archive
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
+BuildRequires:  systemd

 %description
 tpm2-tss is a software stack supporting Trusted Platform Module(TPM) 2.0 system
@ -31,11 +34,14 @@ APIs for applications to access TPM module through kernel TPM drivers.
 %make_install
 find %{buildroot}%{_libdir} -type f -name \*.la -delete

+install -m 0644 -D -t %{buildroot}/%{_udevrulesdir}/ %{SOURCE1}
+
 %files
 %license LICENSE
 %{_libdir}/libsapi.so.*
 %{_libdir}/libtcti-device.so.*
 %{_libdir}/libtcti-socket.so.*
+%{_udevrulesdir}/60-tpm-udev.rules


 %package        devel
@ -63,6 +69,9 @@ use tpm2-tss.
 %postun -p /sbin/ldconfig

 %changelog
+* Fri Feb 23 2018 Javier Martinez Canillas <javierm@redhat.com> - 1.3.0-4
+- Install udev rule for TPM character devices
+
 * Wed Feb 21 2018 Javier Martinez Canillas <javierm@redhat.com> - 1.3.0-3
 - Remove ExclusiveArch: %%{ix86} x86_64 directive