# # spec file for package mokutil # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: mokutil Version: 0.2.0 Release: 0 Summary: Tools for manipulating machine owner keys License: GPL-3.0 Group: Productivity/Security Url: https://github.com/lcp/mokutil Source: %{name}-%{version}.tar.bz2 # PATCH-FIX-UPSTREAM mokutil-upstream-fixes.patch glin@suse.com -- Include upstream fixes for db signature check, gcc warnings, error handling Patch1: mokutil-upstream-fixes.patch # PATCH-FIX-UPSTREAM mokutil-mokx-support.patch glin@suse.com -- Support the MOK blacklist Patch2: mokutil-mokx-support.patch # PATCH-FIX-UPSTREAM mokutil-fix-hash-list-size.patch glin@suse.com -- Update the list size after merging or deleting a hash Patch3: mokutil-fix-hash-list-size.patch # PATCH-FIX-UPSTREAM mokutil-clean-request.patch glin@suse.com -- Clear the request if all keys are removed Patch4: mokutil-clean-request.patch # PATCH-FIX-UPSTREAM mokutil-more-details-for-skipped-keys.patch glin@suse.com -- Be more verbose while skipping a key Patch5: mokutil-more-details-for-skipped-keys.patch # PATCH-FIX-UPSTREAM mokutil-check-secure-boot-support.patch glin@suse.com -- Check whether the system supports secure boot or not Patch6: mokutil-check-secure-boot-support.patch # PATCH-FIX-UPSTREAM mokutil-check-corrupted-key-list.patch glin@suse.com -- Add a check for corrupted list Patch7: mokutil-check-corrupted-key-list.patch # PATCH-FIX-UPSTREAM mokutil-no-invalid-x509.patch glin@suse.com -- Don't import an invalid x509 certificate Patch8: mokutil-no-invalid-x509.patch # PATCH-FIX-OPENSUSE mokutil-support-revoke-builtin-cert.patch glin@suse.com -- Add an option to revoke the built-in certificate Patch100: mokutil-support-revoke-builtin-cert.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: libopenssl-devel >= 0.9.8 BuildRequires: pkg-config BuildRoot: %{_tmppath}/%{name}-%{version}-build ExclusiveArch: x86_64 %description This program provides the means to enroll and erase the machine owner keys (MOK) stored in the database of shim. Authors: -------- Gary Lin %prep %setup -q %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch100 -p1 %build %configure make %install %makeinstall %clean %{?buildroot:%__rm -rf "%{buildroot}"} %files %defattr(-,root,root) %doc COPYING %{_bindir}/mokutil %{_mandir}/man?/* %changelog