Sync from SUSE:SLFO:Main keyutils revision c4df76c0e03f37dd7e65e428cfca945c
This commit is contained in:
commit
bc3e2affda
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
4
baselibs.conf
Normal file
4
baselibs.conf
Normal file
@ -0,0 +1,4 @@
|
||||
libkeyutils1
|
||||
obsoletes "keyutils-libs-<targettype> < <version>"
|
||||
provides "keyutils-libs-<targettype> = <version>"
|
||||
keyutils-devel
|
BIN
keyutils-1.6.3.tar.gz
(Stored with Git LFS)
Normal file
BIN
keyutils-1.6.3.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
13
keyutils-nodate.patch
Normal file
13
keyutils-nodate.patch
Normal file
@ -0,0 +1,13 @@
|
||||
Index: keyutils-1.5.10/Makefile
|
||||
===================================================================
|
||||
--- keyutils-1.5.10.orig/Makefile
|
||||
+++ keyutils-1.5.10/Makefile
|
||||
@@ -104,7 +104,7 @@ all: keyctl request-key key.dns_resolver
|
||||
###############################################################################
|
||||
#RPATH = -Wl,-rpath,$(LIBDIR)
|
||||
|
||||
-VCPPFLAGS := -DPKGBUILD="\"$(shell date -u +%F)\""
|
||||
+VCPPFLAGS := -DPKGBUILD="\"no timestamp to avoid rebuilds\""
|
||||
VCPPFLAGS += -DPKGVERSION="\"keyutils-$(VERSION)\""
|
||||
VCPPFLAGS += -DAPIVERSION="\"libkeyutils-$(APIVERSION)\""
|
||||
|
25
keyutils-usr-move.patch
Normal file
25
keyutils-usr-move.patch
Normal file
@ -0,0 +1,25 @@
|
||||
Index: keyutils-1.5.9/request-key.conf
|
||||
===================================================================
|
||||
--- keyutils-1.5.9.orig/request-key.conf
|
||||
+++ keyutils-1.5.9/request-key.conf
|
||||
@@ -31,14 +31,14 @@
|
||||
|
||||
#OP TYPE DESCRIPTION CALLOUT INFO PROGRAM ARG1 ARG2 ARG3 ...
|
||||
#====== ======= =============== =============== ===============================
|
||||
-create dns_resolver * * /sbin/key.dns_resolver %k
|
||||
-create user debug:* negate /bin/keyctl negate %k 30 %S
|
||||
-create user debug:* rejected /bin/keyctl reject %k 30 %c %S
|
||||
-create user debug:* expired /bin/keyctl reject %k 30 %c %S
|
||||
-create user debug:* revoked /bin/keyctl reject %k 30 %c %S
|
||||
+create dns_resolver * * /usr/sbin/key.dns_resolver %k
|
||||
+create user debug:* negate /usr/bin/keyctl negate %k 30 %S
|
||||
+create user debug:* rejected /usr/bin/keyctl reject %k 30 %c %S
|
||||
+create user debug:* expired /usr/bin/keyctl reject %k 30 %c %S
|
||||
+create user debug:* revoked /usr/bin/keyctl reject %k 30 %c %S
|
||||
create user debug:loop:* * |/bin/cat
|
||||
create user debug:* * /usr/share/keyutils/request-key-debug.sh %k %d %c %S
|
||||
create cifs.spnego * * /usr/sbin/cifs.upcall %k
|
||||
-negate * * * /bin/keyctl negate %k 30 %S
|
||||
+negate * * * /usr/bin/keyctl negate %k 30 %S
|
||||
create id_resolver * * /usr/sbin/nfsidmap %k %d -t 600
|
||||
|
273
keyutils.changes
Normal file
273
keyutils.changes
Normal file
@ -0,0 +1,273 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 23 10:22:28 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
|
||||
|
||||
- Drop pkgconfig(krb5) BuildRequires: this dependency was dropped
|
||||
upstream in commit f9c7b4e4 (2018-11-02).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 27 12:37:34 UTC 2022 - Ludwig Nussel <lnussel@suse.com>
|
||||
|
||||
- Replace transitional %usrmerged macro with regular version check (boo#1206798)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 21 08:26:54 UTC 2022 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Add /etc/keys/evn and /usr/etc/keys/evm together with the IMA ones
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 24 12:54:11 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 6 10:27:14 UTC 2021 - Marcus Meissner <meissner@suse.com>
|
||||
|
||||
- adjust the library license to be LPGL-2.1+ only (the tools are GPL2+,
|
||||
the library is just LGPL-2.1+) (bsc#1180603)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 4 10:50:03 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 1.6.3:
|
||||
* Revert the change notifications that were using /dev/watch_queue.
|
||||
* Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
|
||||
* Allow "keyctl supports" to retrieve raw capability data.
|
||||
* Allow "keyctl id" to turn a symbolic key ID into a numeric ID.
|
||||
* Allow "keyctl new_session" to name the keyring.
|
||||
* Allow "keyctl add/padd/etc." to take hex-encoded data.
|
||||
* Add "keyctl watch*" to expose kernel change notifications on keys.
|
||||
* Add caps for namespacing and notifications.
|
||||
* Set a default TTL on keys that upcall for name resolution.
|
||||
* Explicitly clear memory after it's held sensitive information.
|
||||
* Various manual page fixes.
|
||||
* Fix C++-related errors.
|
||||
* Add support for keyctl_move().
|
||||
* Add support for keyctl_capabilities().
|
||||
* Make key=val list optional for various public-key ops.
|
||||
* Fix system call signature for KEYCTL_PKEY_QUERY.
|
||||
* Fix 'keyctl pkey_query' argument passing.
|
||||
* Use keyctl_read_alloc() in dump_key_tree_aux().
|
||||
* Various manual page fixes.
|
||||
- spec-cleaner run (fixup failing homepage url)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 16 09:59:07 UTC 2020 - Ludwig Nussel <lnussel@suse.de>
|
||||
|
||||
- prepare usrmerge (boo#1029961)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 1 14:28:52 UTC 2019 - Wolfgang Frisch <wolfgang.frisch@suse.com>
|
||||
|
||||
- updated to 1.6
|
||||
- Apply various specfile cleanups from Fedora.
|
||||
- request-key: Provide a command line option to suppress helper execution.
|
||||
- request-key: Find least-wildcard match rather than first match.
|
||||
- Remove the dependency on MIT Kerberos.
|
||||
- Fix some error messages
|
||||
- keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
|
||||
- Fix doc and comment typos.
|
||||
- Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
|
||||
- Add pkg-config support for finding libkeyutils.
|
||||
- upstream isn't offering PGP signatures for the source tarballs anymore
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 4 09:41:58 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
||||
|
||||
- Replace krb5-devel BuildRequires with pkgconfig(krb5): Allow OBS
|
||||
to shortcut the ring0 bootstrap cycle by also using krb5-mini.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 29 16:36:11 UTC 2018 - astieger@suse.com
|
||||
|
||||
- add upstream signing key and verify source signature
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 29 15:37:31 UTC 2018 - meissner@suse.com
|
||||
|
||||
- updated to 1.5.11 (bsc#1113013)
|
||||
- Add keyring restriction support.
|
||||
- Add KDF support to the Diffie-Helman function.
|
||||
- DNS: Add support for AFS config files and SRV records
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 22 15:10:34 UTC 2018 - fvogt@suse.com
|
||||
|
||||
- Use %license (boo#1082318)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 6 10:18:56 UTC 2017 - meissner@suse.com
|
||||
|
||||
- add keyutils-devel for baselibs, to allow biarch LTP builds.
|
||||
(bsc#1061591)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri May 5 13:46:43 UTC 2017 - meissner@suse.com
|
||||
|
||||
- updated to 1.5.10
|
||||
- added "dh_compute" callback
|
||||
- manpage improvements
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 21 15:31:03 UTC 2017 - meissner@suse.com
|
||||
|
||||
- move binaries from /bin to /usr/bin (bsc#1029969)
|
||||
- keyutils-usr-move.patch: also adjust the request-key.conf file
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Feb 4 13:11:19 UTC 2015 - meissner@suse.com
|
||||
|
||||
- keyutils-nodate.patch: avoid including the timestamp. bsc#916180
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 5 13:58:56 UTC 2014 - meissner@suse.com
|
||||
|
||||
- correct the obsoletes and provides in baselibs.conf to be correct.
|
||||
bnc#881533
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 14 02:19:52 UTC 2014 - nfbrown@suse.com
|
||||
|
||||
- New upstream release 1.5.9.
|
||||
Particularly adds keyctl_invalidate, needed for latest nfs-utils.
|
||||
A few minor bugfixes and usability improvements.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 29 08:37:36 UTC 2013 - tchvatal@suse.com
|
||||
|
||||
- Use macros bit more and fix noreplace on folder, which is not
|
||||
good.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jun 16 16:59:30 UTC 2013 - lmuelle@suse.com
|
||||
|
||||
- Remove deprecated -c arg while calling cifs.upcall from request-key.conf.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 1 18:53:40 UTC 2013 - coolo@suse.com
|
||||
|
||||
- update license to new format
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 20 07:40:08 UTC 2012 - meissner@suse.com
|
||||
|
||||
- various small improvements
|
||||
- added a /etc/request-key.d/ snippet drop directory
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 4 18:00:41 UTC 2012 - jeffm@suse.com
|
||||
|
||||
- Update nfs4 idmap support, nfs-client 1.2.6 changed parameters.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Apr 11 03:43:35 UTC 2012 - jeffm@suse.com
|
||||
|
||||
- Add nfs4 idmap support
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 5 15:04:53 UTC 2011 - uli@suse.com
|
||||
|
||||
- cross-build fix: use %__cc macro
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 22 18:05:05 CEST 2011 - meissner@suse.de
|
||||
|
||||
- Updated to 1.5.3
|
||||
- Fix unread variables.
|
||||
- Licence file update.
|
||||
|
||||
- Updated to 1.5
|
||||
- Disable RPATH setting in Makefile.
|
||||
- Add -I. to build to get this keyutils.h.
|
||||
- Make CFLAGS override on make command line work right.
|
||||
- Make specfile UTF-8.
|
||||
- Support KEYCTL_REJECT.
|
||||
- Support KEYCTL_INSTANTIATE_IOV.
|
||||
- Add AFSDB DNS lookup program from Wang Lei.
|
||||
- Generalise DNS lookup program.
|
||||
- Add recursive scan utility function.
|
||||
- Add bad key reap command to keyctl.
|
||||
- Add multi-unlink variant to keyctl unlink command.
|
||||
- Add multi key purger command to keyctl.
|
||||
- Handle multi-line commands in keyctl command table.
|
||||
- Move the package to version to 1.5.
|
||||
|
||||
- Update to 1.4-4
|
||||
- Make build guess at default libdirs and word size.
|
||||
- Make program build depend on library in Makefile.
|
||||
- Don't include $(DESTDIR) in MAN* macros.
|
||||
- Remove NO_GLIBC_KEYSYS as it is obsolete.
|
||||
- Have Makefile extract version info from specfile and version script.
|
||||
- Provide RPM build rule in Makefile.
|
||||
- Provide distclean rule in Makefile.
|
||||
- Fix local linking and RPATH.
|
||||
- Fix prototypes in manual pages (some char* should be void*).
|
||||
- Rename the keyctl_security.3 manpage to keyctl_get_security.3.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 22 12:41:50 UTC 2011 - jengelh@medozas.de
|
||||
|
||||
- Implement shlib package (libkeyutils1)
|
||||
- Cleanup per Specfile Guidelines
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 19 13:45:30 CEST 2011 - meissner@suse.de
|
||||
|
||||
- Upgraded to 1.4
|
||||
- Fix the library naming wrt the version.
|
||||
- Move the package to version to 1.4.
|
||||
- Fix spelling mistakes in manpages.
|
||||
- Add an index manpage for all the keyctl functions.
|
||||
- Fix rpmlint warnings.
|
||||
- fixed parallel make
|
||||
- do not include empty rpaths
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 18 13:27:59 CET 2010 - meissner@suse.de
|
||||
|
||||
- Upgraded to 1.3
|
||||
- Expose the kernel function to get a key's security context.
|
||||
- Expose the kernel function to set a processes keyring onto its parent.
|
||||
- Move libkeyutils library version to 1.3.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 14 16:33:36 CET 2009 - jengelh@medozas.de
|
||||
|
||||
- add baselibs.conf as a source
|
||||
- enable parallel building
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 24 12:52:44 CET 2008 - meissner@suse.de
|
||||
|
||||
- added 2 cifs helpers to request-key.conf (for CIFS DFS support)
|
||||
bnc#432494, FATE#303758
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Nov 13 00:03:14 CET 2008 - crrodriguez@suse.de
|
||||
|
||||
- build request-key.c with -fno-strict-aliasing to avoid
|
||||
possible breakages
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
|
||||
|
||||
- added baselibs.conf file to build xxbit packages
|
||||
for multilib support
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 16:33:24 CET 2006 - meissner@suse.de
|
||||
|
||||
- Upgraded to 1.2.
|
||||
- call ldconfig
|
||||
- removed manpages (now in global man-pages)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 19 14:35:25 CEST 2006 - meissner@suse.de
|
||||
|
||||
- Upgraded to 1.1.
|
||||
- cleanups, new manpage.
|
||||
- no static lib anymore (like upstream).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 21 15:30:31 CEST 2006 - meissner@suse.de
|
||||
|
||||
- initial import of version 1.0.
|
||||
|
63
keyutils.keyring
Normal file
63
keyutils.keyring
Normal file
@ -0,0 +1,63 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBE6MQAUBEACh/QJTf+QLTHo5Vk7Bq/U7lMpzO+9iGuRJDFkS9HbT1NFMrJi6
|
||||
O/udOfGky1+9BOU7dGg5hB2qWzp/IMTHzIOtcRUBz7AkdQxCDkBPpdJkWQMG8AkA
|
||||
DK4xvHTtdHZ7TQnmtrSRFjkb0MuyQd31bBlXv3WzLAnzVpdsTyG8sevnjOojvrxu
|
||||
dQ1pYjlTSh5CX2cntOM72Zk8jWZ4X5q7hp1f7mu4sKVjzq8uoGAq/05JTRajZuyl
|
||||
Hn0aMP+WZlmFs7KAbqohgdzYy/8bo6kfyn0d5YOJn+a7G09wpxWK4G3iek6b4/l3
|
||||
3EQwd6mvm69DgdWMjHNs7+dhH3sNIHH6jlxtx+z96qAN6ntAirAIBV6xRob/OP9T
|
||||
2femC84lWJljNh6Bc0gRt3pDtrAiZaWqFGZ9e68qZ6K+LsWfcW4oapXTWp/ELErg
|
||||
a7FkrmfnPD9upt1yLEE2/nlzXJoIT5r+IMiNPoIddkciXJDGe4IBc3QOcl/sfz5h
|
||||
ET8n93XyNBifsgQHw/rqQGfzMiqgCP0WjScU0D/DlhT9bVcheCEWQ5Ghk3DpP8gD
|
||||
adlQEr/4YU+PrHLyFoj/65MkFRpYodcrzU7gyuboo3rAPrO4FcR2M7gkxyVFswg7
|
||||
AeTclTzxLdb1KxNfSsL7tK0AfhkrDBv5N2xmxRSNcK0SHRKz4Sc6Kq/rtwARAQAB
|
||||
tCNEYXZpZCBIb3dlbGxzIDxkaG93ZWxsc0ByZWRoYXQuY29tPokCOAQTAQIAIgUC
|
||||
TozmuAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ+7dXa6fLC2t6pg/+
|
||||
PCr5Ienbgwzv8Chc5CqnXCmSMkWCUTjQQuxICq9EpBopOAaAdTuAvVCFVICSBeoH
|
||||
nnDO/CjVmv72o3DcG0jxWcP40+oBGOXZChRshahyzLEOJ1JK34UAcYavN8r69tWJ
|
||||
7PQ+g/cwL/On0L4cYYqjhKGpmYlMRSjS7icjygAnTmGz8CnI6KG/0K0cDxNtoMsc
|
||||
rMX1UoDgkIgTJi0Jb2TlyBbi6QeZyrEExEp2RuepZDx8XLvnXy/rm/qniFZMeQcG
|
||||
eF4ercc9z6DXc9gJhOtehphkAk967VPYBzrXTzuF3rsXYB546ZvsvvKsi7w+Cc8C
|
||||
6JbLNbJ0pJsSCydZL44QOGuPM0dpTIHUZeo2DdPcUcUsoxvCOmmvXWbiWxSFlO1D
|
||||
MMGna2dJFrDvPedJudd8hXxWRyoPG1X5oxyHAvpYB7sRPuVW5udAbiDeKPXEY8jP
|
||||
0fT/BBM9+ihdblVofwzLI9Bch6xSq9g7VQo7t3wUI5+Wn3i5QNUGMEyz2L9rS4Cs
|
||||
vGCULdN5E+/4cQcuNt4rcPPusQl3RoOOsqXBSuDYTXBwOCHTJ6L9NVGQH7cGlVAD
|
||||
PmO9vMA8MGrt825RnLz/6w5kyA7BOGgZ8QOEAOGp8Way5H9gbMUmBebofBaxoWiH
|
||||
W8MEQf+/FtsY1A8noOU2U1VnGFDfhVAQO9jbUFMWhLS0JERhdmlkIEhvd2VsbHMg
|
||||
PGRob3dlbGxzNzRAZ21haWwuY29tPokCOAQTAQIAIgUCToxABQIbAwYLCQgHAwIG
|
||||
FQgCCQoLBBYCAwECHgECF4AACgkQ+7dXa6fLC2v3Pg//RiZQ1YdjmRbQThZAH5Kh
|
||||
WuhkN7cSfQHz7UlxQaW/pqUnTN/PgBADALXZeMALmUVCBpiY2Jc+UiX3ixzkc3PO
|
||||
MAWG61xxGy90xBVkYqDVNzMR+wiTUZUCzKdqXUzoWrXHkQnkRm2iDHR5JiUR/CjM
|
||||
KJf0lAegAxGw3Npdz9QKWoTZLJJnBf0WOD1Ld+rMaVixDc8bD1fSwNfGrFfiOFVe
|
||||
xvugQagHw8peGg4EbQ0dll4P5/+SrJsYCCAYBLc+lKWG+G9qYC75MbWtg4R+RJWv
|
||||
fu2Gl64OJvVnGq70X9gW6W93MD/S+MskpI8Si8QsfWreVY3Q0t25nBY7jvoh+gaX
|
||||
Jyiih6Tei8LS2WLhedHCdMuh9ZM0TBaaJlBBhyG6X8wO1IzRFMmvlHKulTkfXqSP
|
||||
ILPkLBzhBIhNlZzVDI1Bzh3kjq48AfO+eK4ZZRALxnqffObJAydKRm+FGmLzrO5h
|
||||
Ww1MJoS3n3khnvqFSjQBI/xkC5qNqDMBU4hQgUPQBka8fIyvpbj2pIL7Iv1wuJR8
|
||||
E/0qO10G1+G4ZU2EeVakQgKgbL/+4NK29J8Xn2VaeAMpcr2I9eJIRHeKlGTK1I3D
|
||||
kCkxFBKVfdLngvVFa544OKW9lGCY1C2kenPBEH17pQdejLESR+iqnkYGGdf6zoWz
|
||||
aFGFKNC/yG5x2NVGdk724my5Ag0EToxABQEQAKl9mbsMzHOkAG0YBrJkl6UwkiNR
|
||||
AOYnHgVUfQ6ZnlT8PwnQc1FSKDdqO1e/GVaGsyo3VYQnkLp9KKW2El7srY+vFOMG
|
||||
hLtZR9nJrtX54YOyg85RY1q7jXam2AqW8y26QX7PqA+XZ2OpRZ9ohkUJTvStQ4Yq
|
||||
XgAn3f00YQ+eKhqoT79PPwW6fSUgjqApbhGkQX/IrSOLlI4LsfA1JuSd8PNsC5LZ
|
||||
ad0fKEKyvPRHMmw36wcG/4cspPi5gOyk04hFZ1EewT+lQ5cs+32ZANww88CDBOR9
|
||||
smUuWkkA9V0qWBP6P7i6bTHxTNZ3G6LutqahXnCm6xcfyRCBFYr5u62J3bFnEfFO
|
||||
tqoTzB3pLePuxBHxqcx7iI6EM66JM30euIb+5d61g9YNcJeY85EXCGTamNDsGcaJ
|
||||
xtiQwdRfK3PBBndABAswB/uRrB9ed07LMu9O0FPD+pqxhKp45tr00XFJB5dcqWKL
|
||||
1aa+F62kFEIrU0RXCEVYaQXUKY/9tvkABbGBcUJ8ASw7O4vgkPbiqQ1FgRlCf0Pq
|
||||
PBS28x9orV7YX+bMxUtiSlCsDXXos9G+vNp5aPDdGb24Jj0z9uIj3AhiNd89KwtA
|
||||
qPBYO3471IJmc5+y0hIF4NAwh5KT2Bq3BdjL3M6W957PObMYgJWQKGBoAxnbyWng
|
||||
+lUV+MST6CYaSAizABEBAAGJAh8EGAECAAkFAk6MQAUCGwwACgkQ+7dXa6fLC2um
|
||||
RQ/6AqE32NIlfduy4Avc4Z1IPO6OZuDpwNYaopuHW0K9Hk5yZLk1Avk4COOK/w0E
|
||||
1TLYXRkDUBN0D5K3eW9efPvUvm/aRsPLeOhdUqwjAZrdbjJufqSikqr+0LVECA8j
|
||||
HsEntnvTGmY5sX+Ufuh+/cH8kCx2ascO6G6cT5RyqeJN71VDMajFq347+S5w7qIG
|
||||
/GbICLP2f678tiiRyYr7XocnJC95b8tyHxCrOc7/ZD2b8ZAmbOUi6GEP6hXVoAxB
|
||||
VRJJ4Y9cH7ZAbKfgWsopfHDTrQU9gOeyYHuZex4dQSB/e7nphCeAeyr/DnR5VNIx
|
||||
ypqXoFEJ5aDMXvh806qUykz/vDdJrT6T5ReI+V4n6e+dtyKj+7t5OJ9ibY+EcIQh
|
||||
wXWa73zBlt+42ZMaYccaZAadbRrvjqCivNlceq/0W76HWwV6EQ/Q8CcVggOwggrA
|
||||
T7WW5berTthwvloeSSHl+w8JPWfNMZXwDO/ItFesZQ532NpOGoF0AP3ID5Xry36W
|
||||
X/IKFhWtzjBY/j2JkcWjoBk+Md3vgcIOfityege/HvlmOeFnonp6kCBRqTkZwRlR
|
||||
KFkraSBgzdmMqC4xip7C+3WFIV+1ki/Dixwk6hh0jlPw53anPxyA1a3/Uc5vIOeA
|
||||
hohMBKGGIXz0cCaD64EQLY7Svd4AoIVM72pzkX7Y+ZvfrbM=
|
||||
=U2Rm
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
130
keyutils.spec
Normal file
130
keyutils.spec
Normal file
@ -0,0 +1,130 @@
|
||||
#
|
||||
# spec file for package keyutils
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
# upon. The license for this file, and modifications and additions to the
|
||||
# file, is the same license as for the pristine package itself (unless the
|
||||
# license for the pristine package is not an Open Source License, in which
|
||||
# case the license is the MIT License). An "Open Source License" is a
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%if ! %{defined _distconfdir}
|
||||
%define _distconfdir %{_sysconfdir}
|
||||
%else
|
||||
%define use_usretc 1
|
||||
%endif
|
||||
|
||||
%define lname libkeyutils1
|
||||
Name: keyutils
|
||||
Version: 1.6.3
|
||||
Release: 0
|
||||
Summary: Linux Key Management Utilities
|
||||
License: GPL-2.0-or-later AND LGPL-2.1-or-later
|
||||
Group: System/Kernel
|
||||
URL: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/
|
||||
Source0: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/snapshot/keyutils-%{version}.tar.gz
|
||||
Source1: baselibs.conf
|
||||
Source3: %{name}.keyring
|
||||
Patch1: request-key-cifs.patch
|
||||
Patch2: request-key-nfs4.patch
|
||||
Patch3: keyutils-nodate.patch
|
||||
Patch4: keyutils-usr-move.patch
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: pkgconfig
|
||||
|
||||
%description
|
||||
Utilities to control the kernel key management facility and to provide
|
||||
a mechanism by which the kernel can call back to user space to get a
|
||||
key instantiated.
|
||||
|
||||
%package -n %{lname}
|
||||
Summary: Key utilities library
|
||||
License: LGPL-2.1-or-later
|
||||
Group: System/Kernel
|
||||
Obsoletes: keyutils-libs < %{version}-%{release}
|
||||
Provides: keyutils-libs = %{version}-%{release}
|
||||
|
||||
%description -n %{lname}
|
||||
This package provides a wrapper library for the key management facility
|
||||
system calls.
|
||||
|
||||
%package devel
|
||||
Summary: Development package for building linux key management utilities
|
||||
License: LGPL-2.1-or-later
|
||||
Group: System/Kernel
|
||||
Requires: %{lname} = %{version}
|
||||
Requires: glibc-devel
|
||||
|
||||
%description devel
|
||||
This package provides headers and libraries for building key utilities.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
|
||||
%build
|
||||
%make_build NO_ARLIB=1 CFLAGS="%{optflags}" CC="gcc"
|
||||
|
||||
%install
|
||||
make install NO_ARLIB=1 DESTDIR=%{buildroot} BINDIR=/%{_bindir} SBINDIR=/%{_sbindir} LIBDIR=/%{_libdir} USRLIBDIR=%{_libdir}
|
||||
%if 0%{?suse_version} < 1550
|
||||
mkdir -p %{buildroot}/bin %{buildroot}/sbin
|
||||
ln -s /%{_bindir}/keyctl %{buildroot}/bin
|
||||
ln -s /%{_sbindir}/key.dns_resolver %{buildroot}/sbin
|
||||
ln -s /%{_sbindir}/request-key %{buildroot}/sbin
|
||||
%endif
|
||||
|
||||
install -m 0750 -d \
|
||||
%{buildroot}%{_sysconfdir}/keys \
|
||||
%{buildroot}%{_sysconfdir}/keys/ima \
|
||||
%{buildroot}%{_sysconfdir}/keys/evm \
|
||||
%{buildroot}%{_distconfdir}/keys \
|
||||
%{buildroot}%{_distconfdir}/keys/ima \
|
||||
%{buildroot}%{_distconfdir}/keys/evm
|
||||
|
||||
%post -n %{lname} -p /sbin/ldconfig
|
||||
%postun -n %{lname} -p /sbin/ldconfig
|
||||
|
||||
%files
|
||||
%license LICENCE.GPL
|
||||
%doc README
|
||||
%if 0%{?suse_version} < 1550
|
||||
/sbin/*
|
||||
/bin/*
|
||||
%endif
|
||||
/%{_sbindir}/*
|
||||
/%{_bindir}/*
|
||||
%{_datadir}/keyutils
|
||||
%{_mandir}/*/*
|
||||
%config(noreplace) %{_sysconfdir}/request-key.conf
|
||||
%dir %{_sysconfdir}/request-key.d/
|
||||
%dir %{_sysconfdir}/keys/
|
||||
%dir %{_sysconfdir}/keys/ima/
|
||||
%dir %{_sysconfdir}/keys/evm/
|
||||
%if %{defined use_usretc}
|
||||
%dir %{_distconfdir}/keys/
|
||||
%dir %{_distconfdir}/keys/ima/
|
||||
%dir %{_distconfdir}/keys/evm/
|
||||
%endif
|
||||
|
||||
%files -n %{lname}
|
||||
%license LICENCE.LGPL
|
||||
/%{_libdir}/libkeyutils.so.*
|
||||
|
||||
%files devel
|
||||
%{_libdir}/libkeyutils.so
|
||||
%{_includedir}/*
|
||||
%attr(0644, root, root) %{_libdir}/pkgconfig/libkeyutils.pc
|
||||
|
||||
%changelog
|
10
request-key-cifs.patch
Normal file
10
request-key-cifs.patch
Normal file
@ -0,0 +1,10 @@
|
||||
Index: request-key.conf
|
||||
===================================================================
|
||||
--- request-key.conf.orig
|
||||
+++ request-key.conf
|
||||
@@ -38,4 +38,5 @@ create user debug:* expired
|
||||
create user debug:* revoked /bin/keyctl reject %k 30 %c %S
|
||||
create user debug:loop:* * |/bin/cat
|
||||
create user debug:* * /usr/share/keyutils/request-key-debug.sh %k %d %c %S
|
||||
+create cifs.spnego * * /usr/sbin/cifs.upcall %k
|
||||
negate * * * /bin/keyctl negate %k 30 %S
|
12
request-key-nfs4.patch
Normal file
12
request-key-nfs4.patch
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
request-key.conf | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
--- a/request-key.conf
|
||||
+++ b/request-key.conf
|
||||
@@ -40,3 +40,5 @@ create user debug:loop:* * |/bin/cat
|
||||
create user debug:* * /usr/share/keyutils/request-key-debug.sh %k %d %c %S
|
||||
create cifs.spnego * * /usr/sbin/cifs.upcall %k
|
||||
negate * * * /bin/keyctl negate %k 30 %S
|
||||
+create id_resolver * * /usr/sbin/nfsidmap %k %d -t 600
|
||||
+
|
Loading…
Reference in New Issue
Block a user