Accepting request 1138772 from security

- Fix tmpfiles %ghost file names (forwarded request 1138485 from gmbr3)

OBS-URL: https://build.opensuse.org/request/show/1138772
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tpm2-0-tss?expand=0&rev=35

tpm2-0-tss.changes

@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Sat Jan 13 17:45:03 UTC 2024 - Callum Farmer <gmbr3@opensuse.org>
+
+- Fix tmpfiles %ghost file names
+
+-------------------------------------------------------------------
+Sat Dec 16 16:41:48 UTC 2023 - Callum Farmer <gmbr3@opensuse.org>
+
+- Move tmpfiles config to different package:
+  * tmpfiles_create was being called with bad input (version ?)
+  * it avoids breaking SLPP for libtss2-fapi1 (hence the prior
+    warning in spec)
+- tss sysusers requires should be pre not post
+
 -------------------------------------------------------------------
 Mon Nov 27 10:41:32 UTC 2023 - Ludwig Nussel <lnussel@suse.com>
 

tpm2-0-tss.spec

@@ -154,14 +154,23 @@ protocol exposed by the Microsoft software TPM2 simulator.
 %package -n     libtss2-fapi1
 Summary:        FAPI interface library
 Group:          System/Libraries
-Requires:       user(tss)
+Requires:       libtss2-fapi-common
-Requires(post): user(tss)
 
 %description -n libtss2-fapi1
 This is the tpm2 Feature API (FAPI) library. This API is designed to be very
 high-level API, intended to make programming with the TPM as simple as
 possible.
 
+%package -n     libtss2-fapi-common
+Summary:        Common files for FAPI interface library
+Group:          System/Libraries
+Provides:       libtss2-fapi1:%{_tmpfilesdir}/tpm2-tss-fapi.conf
+Requires:       user(tss)
+Requires(pre):  user(tss)
+
+%description -n libtss2-fapi-common
+Provides files needed by the tpm2 Feature API (FAPI) library
+
 %package -n libtss2-policy0
 Summary:        TPM2 FAPI policy library
 Group:          System/Libraries
@@ -235,6 +244,9 @@ rm %{buildroot}%{_sysusersdir}/tpm2-tss.conf
 %post
 %{_bindir}/udevadm trigger -s tpm -s tpmrm || :
 
+%post -n libtss2-fapi-common
+%tmpfiles_create %{_tmpfilesdir}/tpm2-tss-fapi.conf
+
 %post -n libtss2-esys0 -p /sbin/ldconfig
 %postun -n libtss2-esys0 -p /sbin/ldconfig
 %post -n libtss2-sys1 -p /sbin/ldconfig
@@ -249,11 +261,7 @@ rm %{buildroot}%{_sysusersdir}/tpm2-tss.conf
 %postun -n libtss2-mu0 -p /sbin/ldconfig
 %post -n libtss2-rc0 -p /sbin/ldconfig
 %postun -n libtss2-rc0 -p /sbin/ldconfig
-
+%post -n libtss2-fapi1 -p /sbin/ldconfig
-%post -n libtss2-fapi1
-/sbin/ldconfig
-%tmpfiles_create %{_tmpfilesdir}/tpm2-tss-fapi-%{version}.conf
-
 %postun -n libtss2-fapi1 -p /sbin/ldconfig
 %post -n libtss2-policy0 -p /sbin/ldconfig
 %postun -n libtss2-policy0 -p /sbin/ldconfig
@@ -306,19 +314,14 @@ rm %{buildroot}%{_sysusersdir}/tpm2-tss.conf
 
 %files -n libtss2-fapi1
 %{_libdir}/libtss2-fapi.so.*
+
+%files -n libtss2-fapi-common
 %{_tmpfilesdir}/tpm2-tss-fapi.conf
-# this would fix "tmpfile-not-in-filelist" warnings but when adding these
+%ghost %{_sharedstatedir}/tpm2-tss
-# entries then it complains about "directories not owned by a package:" for
+%ghost %{_sharedstatedir}/tpm2-tss/system
-# /run/tpm2-0-tss & friends. When adding them as %%ghost, too, then Leap15.1
+%ghost %{_sharedstatedir}/tpm2-tss/system/keystore
-# complains about "found conflict of libtss2-fapi1-3.0.1-lp152.103.1.x86_64
+%ghost %{_rundir}/tpm2-tss
-# with libtss2-fapi1-3.0.1-lp152.103.1.x86_64". Thus leave it be for the
+%ghost %{_rundir}/tpm2-tss/eventlog
-# moment, some insane circle of errors is involved here.
-#
-# it seems the problem is that during `make install` the package runs
-# systemd-tmpfiles --create, and the directories are created outside the
-# package's install tree. It seems this is not expected by RPM.
-# %%ghost %%{_sharedstatedir}/%%{name}/system/keystore
-# %%ghost %%{_rundir}/%%{name}/eventlog
 
 %files -n libtss2-policy0
 %{_libdir}/libtss2-policy.so.*