pool/openCryptoki
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 294859 from home:elvigia:branches:security

Browse Source 
- Also create parent directory /run/lock/opencryptoki in 
  tmpfiles snippet if it does not exists.

- spec: do not use -D__USE_BSD, a glibc-internal macro
  which no longer has any meaning.

- spec: use %{_unitdir}  %{_tmpfilesdir)
- spec: call tmpfiles_create macro, if defined in %post
- opencryptoki-run-lock.patch, openCryptoki-tmp.conf: use
  /run/lock instead of /var/lock.

OBS-URL: https://build.opensuse.org/request/show/294859
OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=27
This commit is contained in:
Marcus Meissner 2015-04-22 09:41:29 +00:00 committed by Git OBS Bridge
parent adb9bc9138
commit 7d406e241d
4 changed files with 46 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
openCryptoki-tmp.conf
View File

@ -1,7 +1,8 @@
# Lock directories needed by openCryptoki # Lock directories needed by openCryptoki
D /var/lock/opencryptoki/swtok 0770 root pkcs11 D /run/lock/opencryptoki 0770 root pkcs11
D /var/lock/opencryptoki/lite 0770 root pkcs11 D /run/lock/opencryptoki/swtok 0770 root pkcs11
D /var/lock/opencryptoki/tpm 0770 root pkcs11 D /run/lock/opencryptoki/lite 0770 root pkcs11
D /var/lock/opencryptoki/ccatok 0770 root pkcs11 D /run/lock/opencryptoki/tpm 0770 root pkcs11
D /var/lock/opencryptoki/icsf 0770 root pkcs11 D /run/lock/opencryptoki/ccatok 0770 root pkcs11
D /var/lock/opencryptoki/ep11tok 0770 root pkcs11 D /run/lock/opencryptoki/icsf 0770 root pkcs11
D /run/lock/opencryptoki/ep11tok 0770 root pkcs11

20
openCryptoki.changes
View File

@ -1,3 +1,23 @@
-------------------------------------------------------------------
Tue Apr 7 21:22:57 UTC 2015 - crrodriguez@opensuse.org
- Also create parent directory /run/lock/opencryptoki in
tmpfiles snippet if it does not exists.
-------------------------------------------------------------------
Tue Apr 7 21:19:43 UTC 2015 - crrodriguez@opensuse.org
- spec: do not use -D__USE_BSD, a glibc-internal macro
which no longer has any meaning.
-------------------------------------------------------------------
Tue Apr 7 21:18:21 UTC 2015 - crrodriguez@opensuse.org
- spec: use %{_unitdir} %{_tmpfilesdir)
- spec: call tmpfiles_create macro, if defined in %post
- opencryptoki-run-lock.patch, openCryptoki-tmp.conf: use
/run/lock instead of /var/lock.
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Dec 17 10:42:43 UTC 2014 - p.drouand@gmail.com Wed Dec 17 10:42:43 UTC 2014 - p.drouand@gmail.com

13
openCryptoki.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package openCryptoki # spec file for package openCryptoki
# #
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -62,6 +62,7 @@ Patch1: ocki-3.1-remove-make-install-chgrp-chmod.patch
Patch2: ocki-3.1-fix-init_d-path.patch Patch2: ocki-3.1-fix-init_d-path.patch
Patch3: ocki-3.1-fix-implicit-decl.patch Patch3: ocki-3.1-fix-implicit-decl.patch
Patch4: ocki-3.1-fix-libica-link.patch Patch4: ocki-3.1-fix-libica-link.patch
Patch5: opencryptoki-run-lock.patch
Url: http://sourceforge.net/projects/opencryptoki/ Url: http://sourceforge.net/projects/opencryptoki/
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: /usr/sbin/groupadd /usr/bin/id /usr/sbin/usermod /bin/sed PreReq: /usr/sbin/groupadd /usr/bin/id /usr/sbin/usermod /bin/sed
@ -143,14 +144,15 @@ Cryptographic Accelerator (FC 4960 on pSeries).
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1
cp %{SOURCE2} . cp %{SOURCE2} .
%build %build
autoreconf --force --install autoreconf --force --install
CFLAGS="%optflags -D__USE_BSD" %configure \ %configure \
--enable-tpmtok \ --enable-tpmtok \
%if %{uses_systemd} %if %{uses_systemd}
--with-systemd=/usr/lib/systemd/system --with-systemd=%{_unitdir}
%endif %endif
make %{?_smp_mflags} make %{?_smp_mflags}
@ -208,6 +210,7 @@ if [ ! -L %{_sysconfdir}/pkcs11 ] ; then
fi fi
/sbin/ldconfig /sbin/ldconfig
%if %{uses_systemd} %if %{uses_systemd}
%{?tmpfiles_create:%tmpfiles_create %{_tmpfilesdir}/openCryptoki-tmp.conf}
%{service_add_post pkcsslotd.service} %{service_add_post pkcsslotd.service}
%else %else
%{fillup_and_insserv -f pkcsslotd} %{fillup_and_insserv -f pkcsslotd}
@ -266,8 +269,8 @@ ln -sf %{_libdir}/opencryptoki/libopencryptoki.so /usr/lib/pkcs11/PKCS11_API.so6
%{_sbindir}/pkcsep11_migrate %{_sbindir}/pkcsep11_migrate
%endif %endif
%if %{uses_systemd} %if %{uses_systemd}
%{_prefix}/lib/systemd/system/pkcsslotd.service %{_unitdir}/pkcsslotd.service
%{_prefix}/lib/tmpfiles.d/openCryptoki-tmp.conf %{_tmpfilesdir}/openCryptoki-tmp.conf
%else %else
%{_sysconfdir}/init.d/pkcsslotd %{_sysconfdir}/init.d/pkcsslotd
%ghost %dir %attr(770,root,pkcs11) %{_localstatedir}/lock/opencryptoki %ghost %dir %attr(770,root,pkcs11) %{_localstatedir}/lock/opencryptoki

11
opencryptoki-run-lock.patch Normal file
View File

@ -0,0 +1,11 @@
--- opencryptoki.orig/configure.in
+++ opencryptoki/configure.in
@@ -40,7 +40,7 @@ AC_PROG_YACC
dnl Define custom variables
-lockdir=$localstatedir/lock/opencryptoki
+lockdir=/run/lock/opencryptoki
AC_SUBST(lockdir)
dnl ---