Accepting request 959504 from home:aplanas:branches:security

- Add work_dir directory in /var/lib/keylime - Add subpackage rust-keylime-python to execute revocation payload in Python OBS-URL: https://build.opensuse.org/request/show/959504 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=11
2022-03-04 17:16:17 +00:00 · 2022-03-04 17:16:17 +00:00 · 87f52a01ac
commit 87f52a01ac
parent 2f90115869
2 changed files with 28 additions and 1 deletions
--- a/rust-keylime.changes
+++ b/rust-keylime.changes
@ -1,3 +1,9 @@
 -------------------------------------------------------------------
 Fri Mar  4 16:02:57 UTC 2022 - Alberto Planas Dominguez <aplanas@suse.com>
 - Add work_dir directory in /var/lib/keylime
 - Add subpackage rust-keylime-python to execute revocation payload in Python
 -------------------------------------------------------------------
 Tue Mar 01 14:21:35 UTC 2022 - aplanas@suse.com
--- a/rust-keylime.spec
+++ b/rust-keylime.spec
@ -1,7 +1,7 @@
 #
 # spec file for package rust-keylime
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -36,6 +36,7 @@ BuildRequires:  libarchive-devel
 BuildRequires:  rust
 BuildRequires:  tpm2-0-tss-devel
 BuildRequires:  zeromq-devel
 Recommends:     %{name}-python = %{version}
 Conflicts:      keylime-agent
 Conflicts:      keylime-config
 Conflicts:      keylime-firewalld
@ -46,6 +47,14 @@ ExcludeArch:    %{ix86} s390x ppc64 ppc64le armhfp armv7hl
 Rust implementation of keylime agent. Keylime is system integrity
 monitoring system.
 %package -n %{name}-python
 Summary:        Shim loader for Python compatibility
 Requires:       %{name} = %{version}
 Requires:       python3-base
 %description -n %{name}-python
 Subpackage of %{name} for executing Python based revocation scripts.
 %prep
 %autosetup -a1 -p1
 mkdir .cargo
@ -62,6 +71,13 @@ install -Dpm 644 %{SOURCE3} %{buildroot}%{_unitdir}/keylime_agent.service
 install -D -m 644 %{SOURCE4} %{buildroot}%{_prefix}/lib/firewalld/services/keylime.xml
 # Create work directory
 mkdir -p %{buildroot}%{_sharedstatedir}/keylime
 # Create work directory for revocation actions
 mkdir -p %{buildroot}%{_libexecdir}/keylime
 cp tests/actions/shim.py %{buildroot}%{_libexecdir}/keylime
 rm %{buildroot}%{_prefix}/.crates.toml
 rm %{buildroot}%{_prefix}/.crates2.json
@ -84,9 +100,14 @@ rm %{buildroot}%{_prefix}/.crates2.json
 %{_bindir}/keylime_agent
 %{_bindir}/keylime_ima_emulator
 %config(noreplace) %{_sysconfdir}/keylime.conf
 %dir %attr(0700, root, root) %{_sharedstatedir}/keylime
 %dir %{_prefix}/lib/firewalld
 %dir %{_prefix}/lib/firewalld/services
 %{_prefix}/lib/firewalld/services/keylime.xml
 %{_unitdir}/keylime_agent.service
 %files -n %{name}-python
 %dir %{_libexecdir}/keylime
 %{_libexecdir}/keylime/shim.py
 %changelog