Accepting request 1159300 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/1159300 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shim-leap?expand=0&rev=21
This commit is contained in:
commit
3079f8d074
@ -390,8 +390,14 @@ prepare_cryptodisk () {
|
||||
fi
|
||||
fi
|
||||
|
||||
tpm_srk_alg="${GRUB_TPM2_SRK_ALG}"
|
||||
|
||||
if [ -z "$tpm_srk_alg" ]; then
|
||||
tpm_srk_alg="RSA"
|
||||
fi
|
||||
|
||||
cat <<EOF
|
||||
tpm2_key_protector_init -T \$prefix/$tpm_sealed_key
|
||||
tpm2_key_protector_init -a $tpm_srk_alg -T \$prefix/$tpm_sealed_key
|
||||
if ! cryptomount -u $uuid --protector tpm2; then
|
||||
cryptomount -u $uuid
|
||||
fi
|
||||
|
@ -1,3 +1,13 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 14 05:58:13 UTC 2024 - Gary Ching-Pang Lin <glin@suse.com>
|
||||
|
||||
- Update shim-install to set the SRK algorithm for grub2 TPM2
|
||||
key protector (bsc#1213945)
|
||||
+ 92d0f4305df73 Set the SRK algorithm for the TPM2 protector
|
||||
- Build with update-bootloader-rpm-macros and
|
||||
fde-tpm-helper-rpm-macros and update the %post and %posttrans
|
||||
macros correctly
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 7 02:29:44 UTC 2023 - Gary Ching-Pang Lin <glin@suse.com>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package shim-leap
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -33,6 +33,8 @@ Group: System/Boot
|
||||
Source: shim-15.4-lp152.4.17.1.x86_64.rpm
|
||||
Source1: README
|
||||
Source2: shim-install
|
||||
BuildRequires: fde-tpm-helper-rpm-macros
|
||||
BuildRequires: update-bootloader-rpm-macros
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
ExclusiveArch: x86_64
|
||||
|
||||
@ -43,6 +45,9 @@ does not exist
|
||||
Summary: UEFI shim loader
|
||||
Group: System/Boot
|
||||
Requires: perl-Bootloader
|
||||
%if 0%{?fde_tpm_update_requires:1}
|
||||
%fde_tpm_update_requires
|
||||
%endif
|
||||
|
||||
%description -n shim
|
||||
shim is a trivial EFI application that, when run, attempts to open and
|
||||
@ -67,7 +72,19 @@ rm -rf %{buildroot}/usr/lib64/efi
|
||||
%endif
|
||||
|
||||
%post -n shim
|
||||
%if 0%{?fde_tpm_update_post:1}
|
||||
%fde_tpm_update_post shim
|
||||
%endif
|
||||
|
||||
%if 0%{?update_bootloader_check_type_reinit_post:1}
|
||||
%update_bootloader_check_type_reinit_post grub2-efi
|
||||
%else
|
||||
/sbin/update-bootloader --reinit || true
|
||||
%endif
|
||||
|
||||
%posttrans -n shim
|
||||
%{?update_bootloader_posttrans}
|
||||
%{?fde_tpm_update_posttrans}
|
||||
|
||||
%files -n shim
|
||||
%doc README
|
||||
|
Loading…
Reference in New Issue
Block a user