diff --git a/_servicedata b/_servicedata
index 29914a8..65e651c 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
https://github.com/keylime/rust-keylime.git
- 7c4121ed6474f4bfacd5afe23488baf05bf49a09
\ No newline at end of file
+ b834667b4d775065be3d7677e8cb6ad209c43668
\ No newline at end of file
diff --git a/keylime.xml b/keylime.xml
index 4b98b36..d970af5 100644
--- a/keylime.xml
+++ b/keylime.xml
@@ -4,7 +4,6 @@
Keylime is a remote attestation tool that requires access to several ports.
-
diff --git a/logrotate.keylime b/logrotate.keylime
new file mode 100644
index 0000000..812f8e5
--- /dev/null
+++ b/logrotate.keylime
@@ -0,0 +1,8 @@
+/var/log/keylime/*.log {
+ su keylime tss
+ weekly
+ missingok
+ rotate 4
+ copytruncate
+ minsize 1M
+}
diff --git a/rust-keylime-0.1.0+git.1655143451.7c4121e.tar.xz b/rust-keylime-0.1.0+git.1655143451.7c4121e.tar.xz
deleted file mode 100644
index 64787ef..0000000
--- a/rust-keylime-0.1.0+git.1655143451.7c4121e.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:93b11bb2a3c58028b23ee4ca1bf2286ee49fa3da25a3caf758bed81e4b7af96c
-size 115220
diff --git a/rust-keylime-0.1.0+git.1655384301.b834667.tar.xz b/rust-keylime-0.1.0+git.1655384301.b834667.tar.xz
new file mode 100644
index 0000000..a7bc8ad
--- /dev/null
+++ b/rust-keylime-0.1.0+git.1655384301.b834667.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cb272a91f71f4b197a28390da64a56319b45e9bf2878f31c8f700e1b2a6b8924
+size 115404
diff --git a/rust-keylime.changes b/rust-keylime.changes
index d8e4782..23403d3 100644
--- a/rust-keylime.changes
+++ b/rust-keylime.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Wed Jun 22 08:45:20 UTC 2022 - Alberto Planas Dominguez
+
+- Update to version 0.1.0+git.1655384301.b834667:
+ * Update fmf plans to run test with IMA policy
+ * .github/dependabot.yml: prevent updates that require manifest change
+- Add logrotate configuration for the agent service
+- Requires libtss2-tcti-device0 to interact with the real device
+- Drop legacy Python subpackage and feature
+- Move conflicts into the Python version
+
+-------------------------------------------------------------------
+Wed Jun 15 09:52:48 UTC 2022 - Alberto Planas Dominguez
+
+- Drop CFSSL port from the keylime.xml firewalld rules
+
-------------------------------------------------------------------
Tue Jun 14 11:05:01 UTC 2022 - aplanas@suse.com
diff --git a/rust-keylime.spec b/rust-keylime.spec
index ca7df52..68aebc7 100644
--- a/rust-keylime.spec
+++ b/rust-keylime.spec
@@ -18,7 +18,7 @@
%global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
Name: rust-keylime
-Version: 0.1.0+git.1655143451.7c4121e
+Version: 0.1.0+git.1655384301.b834667
Release: 0
Summary: Rust implementation of the keylime agent
License: Apache-2.0 AND MIT
@@ -28,6 +28,7 @@ Source1: vendor.tar.xz
Source2: cargo_config
Source3: keylime_agent.service
Source4: keylime.xml
+Source5: logrotate.keylime
# PATCH-FIX-OPENSUSE keylime.conf.diff
Patch1: keylime.conf.diff
BuildRequires: cargo
@@ -36,47 +37,33 @@ BuildRequires: libarchive-devel
BuildRequires: rust
BuildRequires: tpm2-0-tss-devel
BuildRequires: zeromq-devel
-Recommends: %{name}-python = %{version}
-Conflicts: keylime-agent
-Conflicts: keylime-config
-Conflicts: keylime-firewalld
-Conflicts: python-keylime
+Requires: libtss2-tcti-device0
+Requires: logrotate
ExcludeArch: %{ix86} s390x ppc64 ppc64le armhfp armv7hl
%description
Rust implementation of keylime agent. Keylime is system integrity
monitoring system.
-%package -n %{name}-python
-Summary: Shim loader for Python compatibility
-Requires: %{name} = %{version}
-Requires: python3-base
-
-%description -n %{name}-python
-Subpackage of %{name} for executing Python based revocation scripts.
-
%prep
%autosetup -a1 -p1
mkdir .cargo
cp %{SOURCE2} .cargo/config
%build
-RUSTFLAGS=%{rustflags} cargo build --release
+RUSTFLAGS=%{rustflags} cargo build --release --no-default-features --features "with-zmq"
%install
RUSTFLAGS=%{rustflags} cargo install --frozen --root=%{buildroot}%{_prefix} --path .
install -Dpm 644 keylime.conf %{buildroot}%{_sysconfdir}/keylime.conf
install -Dpm 644 %{SOURCE3} %{buildroot}%{_unitdir}/keylime_agent.service
-
-install -D -m 644 %{SOURCE4} %{buildroot}%{_prefix}/lib/firewalld/services/keylime.xml
+install -Dpm 644 %{SOURCE4} %{buildroot}%{_prefix}/lib/firewalld/services/keylime.xml
+install -Dpm 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/logrotate.d/keylime
+install -d %{buildroot}%{_localstatedir}/log/keylime
# Create work directory
-mkdir -p %{buildroot}%{_sharedstatedir}/keylime
-
-# Create work directory for revocation actions
-mkdir -p %{buildroot}%{_libexecdir}/keylime
-cp tests/actions/shim.py %{buildroot}%{_libexecdir}/keylime
+mkdir -p %{buildroot}%{_localstatedir}/keylime
rm %{buildroot}%{_prefix}/.crates.toml
rm %{buildroot}%{_prefix}/.crates2.json
@@ -100,14 +87,12 @@ rm %{buildroot}%{_prefix}/.crates2.json
%{_bindir}/keylime_agent
%{_bindir}/keylime_ima_emulator
%config(noreplace) %{_sysconfdir}/keylime.conf
-%dir %attr(0700, root, root) %{_sharedstatedir}/keylime
+%dir %attr(0700,root,root) %{_localstatedir}/keylime
%dir %{_prefix}/lib/firewalld
%dir %{_prefix}/lib/firewalld/services
%{_prefix}/lib/firewalld/services/keylime.xml
%{_unitdir}/keylime_agent.service
-
-%files -n %{name}-python
-%dir %{_libexecdir}/keylime
-%{_libexecdir}/keylime/shim.py
+%config(noreplace) %{_sysconfdir}/logrotate.d/keylime
+%dir %attr(750,keylime,tss) %{_localstatedir}/log
%changelog
diff --git a/vendor.tar.xz b/vendor.tar.xz
index 311e077..287dad8 100644
--- a/vendor.tar.xz
+++ b/vendor.tar.xz
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:1fe478492e83ec8393af64f6a91ec4e84b865cf019c35df48d7f9782c4239672
-size 20105032
+oid sha256:0e4b91a6bff3824b1f58ff875102020400e200b4d4baa68c0b175bc0ee96f77d
+size 20113908