Accepting request 294859 from home:elvigia:branches:security

- Also create parent directory /run/lock/opencryptoki in 
  tmpfiles snippet if it does not exists.

- spec: do not use -D__USE_BSD, a glibc-internal macro
  which no longer has any meaning.

- spec: use %{_unitdir}  %{_tmpfilesdir)
- spec: call tmpfiles_create macro, if defined in %post
- opencryptoki-run-lock.patch, openCryptoki-tmp.conf: use
  /run/lock instead of /var/lock.

OBS-URL: https://build.opensuse.org/request/show/294859
OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=27
This commit is contained in:
Marcus Meissner 2015-04-22 09:41:29 +00:00 committed by Git OBS Bridge
parent adb9bc9138
commit 7d406e241d
4 changed files with 46 additions and 11 deletions

View File

@ -1,7 +1,8 @@
# Lock directories needed by openCryptoki
D /var/lock/opencryptoki/swtok 0770 root pkcs11
D /var/lock/opencryptoki/lite 0770 root pkcs11
D /var/lock/opencryptoki/tpm 0770 root pkcs11
D /var/lock/opencryptoki/ccatok 0770 root pkcs11
D /var/lock/opencryptoki/icsf 0770 root pkcs11
D /var/lock/opencryptoki/ep11tok 0770 root pkcs11
D /run/lock/opencryptoki 0770 root pkcs11
D /run/lock/opencryptoki/swtok 0770 root pkcs11
D /run/lock/opencryptoki/lite 0770 root pkcs11
D /run/lock/opencryptoki/tpm 0770 root pkcs11
D /run/lock/opencryptoki/ccatok 0770 root pkcs11
D /run/lock/opencryptoki/icsf 0770 root pkcs11
D /run/lock/opencryptoki/ep11tok 0770 root pkcs11

View File

@ -1,3 +1,23 @@
-------------------------------------------------------------------
Tue Apr 7 21:22:57 UTC 2015 - crrodriguez@opensuse.org
- Also create parent directory /run/lock/opencryptoki in
tmpfiles snippet if it does not exists.
-------------------------------------------------------------------
Tue Apr 7 21:19:43 UTC 2015 - crrodriguez@opensuse.org
- spec: do not use -D__USE_BSD, a glibc-internal macro
which no longer has any meaning.
-------------------------------------------------------------------
Tue Apr 7 21:18:21 UTC 2015 - crrodriguez@opensuse.org
- spec: use %{_unitdir} %{_tmpfilesdir)
- spec: call tmpfiles_create macro, if defined in %post
- opencryptoki-run-lock.patch, openCryptoki-tmp.conf: use
/run/lock instead of /var/lock.
-------------------------------------------------------------------
Wed Dec 17 10:42:43 UTC 2014 - p.drouand@gmail.com

View File

@ -1,7 +1,7 @@
#
# spec file for package openCryptoki
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -62,6 +62,7 @@ Patch1: ocki-3.1-remove-make-install-chgrp-chmod.patch
Patch2: ocki-3.1-fix-init_d-path.patch
Patch3: ocki-3.1-fix-implicit-decl.patch
Patch4: ocki-3.1-fix-libica-link.patch
Patch5: opencryptoki-run-lock.patch
Url: http://sourceforge.net/projects/opencryptoki/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: /usr/sbin/groupadd /usr/bin/id /usr/sbin/usermod /bin/sed
@ -143,14 +144,15 @@ Cryptographic Accelerator (FC 4960 on pSeries).
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
cp %{SOURCE2} .
%build
autoreconf --force --install
CFLAGS="%optflags -D__USE_BSD" %configure \
%configure \
--enable-tpmtok \
%if %{uses_systemd}
--with-systemd=/usr/lib/systemd/system
--with-systemd=%{_unitdir}
%endif
make %{?_smp_mflags}
@ -208,6 +210,7 @@ if [ ! -L %{_sysconfdir}/pkcs11 ] ; then
fi
/sbin/ldconfig
%if %{uses_systemd}
%{?tmpfiles_create:%tmpfiles_create %{_tmpfilesdir}/openCryptoki-tmp.conf}
%{service_add_post pkcsslotd.service}
%else
%{fillup_and_insserv -f pkcsslotd}
@ -266,8 +269,8 @@ ln -sf %{_libdir}/opencryptoki/libopencryptoki.so /usr/lib/pkcs11/PKCS11_API.so6
%{_sbindir}/pkcsep11_migrate
%endif
%if %{uses_systemd}
%{_prefix}/lib/systemd/system/pkcsslotd.service
%{_prefix}/lib/tmpfiles.d/openCryptoki-tmp.conf
%{_unitdir}/pkcsslotd.service
%{_tmpfilesdir}/openCryptoki-tmp.conf
%else
%{_sysconfdir}/init.d/pkcsslotd
%ghost %dir %attr(770,root,pkcs11) %{_localstatedir}/lock/opencryptoki

View File

@ -0,0 +1,11 @@
--- opencryptoki.orig/configure.in
+++ opencryptoki/configure.in
@@ -40,7 +40,7 @@ AC_PROG_YACC
dnl Define custom variables
-lockdir=$localstatedir/lock/opencryptoki
+lockdir=/run/lock/opencryptoki
AC_SUBST(lockdir)
dnl ---