From d8388a07357ee1cda5b27e6e7fdc0c87aa713f21f078d379d84b03910e9125d6 Mon Sep 17 00:00:00 2001
From: Guillaume GARDET <guillaume.gardet@opensuse.org>
Date: Mon, 27 Sep 2021 12:13:40 +0000
Subject: [PATCH] Accepting request 921728 from
 home:Guillaume_G:branches:security

- Allow access to /run/parsec to all users
- Requires rust 1.53+ (now also available in 15.3/15-SP3 via Update)
  which allow to enable same features accross distros

OBS-URL: https://build.opensuse.org/request/show/921728
OBS-URL: https://build.opensuse.org/package/show/security/parsec?expand=0&rev=13
---
 parsec.changes |  7 +++++++
 parsec.conf    |  2 +-
 parsec.spec    | 12 +++---------
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/parsec.changes b/parsec.changes
index a3f0c0f..732b582 100644
--- a/parsec.changes
+++ b/parsec.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Sep 27 10:18:08 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Allow access to /run/parsec to all users
+- Requires rust 1.53+ (now also available in 15.3/15-SP3 via Update)
+  which allow to enable same features accross distros
+
 -------------------------------------------------------------------
 Fri Aug  6 07:01:27 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
 
diff --git a/parsec.conf b/parsec.conf
index 875d551..e2ac5c3 100644
--- a/parsec.conf
+++ b/parsec.conf
@@ -1,3 +1,3 @@
 #Type   Path          Mode User   Group            Age         Argument
-d       /run/parsec   750  parsec parsec-clients   -           -
+d       /run/parsec   777  parsec parsec-clients   -           -
 
diff --git a/parsec.spec b/parsec.spec
index 96fca40..57eb534 100644
--- a/parsec.spec
+++ b/parsec.spec
@@ -40,6 +40,8 @@ BuildRequires:  llvm-devel
 BuildRequires:  pkgconfig
 BuildRequires:  protobuf-devel
 BuildRequires:  python3
+# jwt-svid-authenticator (SPIFFE-based authenticator) needs rust >= 1.53
+BuildRequires:  rust >= 1.53
 BuildRequires:  rust-packaging
 BuildRequires:  sysuser-tools
 BuildRequires:  pkgconfig(tss2-esys) >= 2.3.3
@@ -71,16 +73,8 @@ sed -i -e 's#default = \["unix-peer-credentials-authenticator"\]##' Cargo.toml
 # Features available in 0.8.0:
 # all-providers = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "cryptoauthlib-provider", "trusted-service-provider"]
 # all-authenticators = ["direct-authenticator", "unix-peer-credentials-authenticator", "jwt-svid-authenticator"]
-%if 0%{suse_version} > 1500
-# Tumbleweed
-# Disable "trusted-service-provider" until we have a trusted-services package
+# But disable "trusted-service-provider" until we have a trusted-services package
 echo 'default = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "cryptoauthlib-provider", "all-authenticators"]' >> Cargo.toml
-%else
-# Leap/SLE
-# Disable jwt-svid-authenticator (SPIFFE-based authenticator) as it cannot be compiled with rust 1.43.1
-# Disable "trusted-service-provider" until we have a trusted-services package
-echo 'default = ["direct-authenticator", "unix-peer-credentials-authenticator", "tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "cryptoauthlib-provider"]' >> Cargo.toml
-%endif
 
 %build
 export PROTOC=%{_bindir}/protoc