Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rust-keylime for openSUSE:Factory checked in at 2023-04-13 14:10:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rust-keylime (Old) and /work/SRC/openSUSE:Factory/.rust-keylime.new.19717 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rust-keylime" Thu Apr 13 14:10:22 2023 rev:12 rq:1078771 version:0.2.0+git.1681223954.646cf61 Changes: -------- --- /work/SRC/openSUSE:Factory/rust-keylime/rust-keylime.changes 2023-03-17 17:03:02.053294297 +0100 +++ /work/SRC/openSUSE:Factory/.rust-keylime.new.19717/rust-keylime.changes 2023-04-13 14:10:35.284241636 +0200 @@ -1,0 +2,27 @@ +Wed Apr 12 14:52:38 UTC 2023 - [email protected] + +- Update to version 0.2.0+git.1681223954.646cf61: + * Allow setting measured boot log path for testing + * build(deps): bump base64 from 0.13.1 to 0.21.0 + * build(deps): bump wiremock from 0.5.14 to 0.5.18 + * Build Fedora and CentOS packages on Copr using packit + * build(deps): bump serde_json from 1.0.91 to 1.0.95 + * build(deps): bump actix-rt from 2.7.0 to 2.8.0 + * build(deps): bump base64 from 0.13.1 to 0.21.0 + * build(deps): bump serde from 1.0.147 to 1.0.159 + * build(deps): bump glob from 0.3.0 to 0.3.1 + * Add missing test from keylime testsuite to e2e plan + * Fix typo in name of test for generating coverage + * build(deps): bump thiserror from 1.0.38 to 1.0.40 + * build(deps): bump base64 from 0.13.1 to 0.21.0 + * build(deps): bump actix-web from 4.2.1 to 4.3.1 + * build(deps): bump serde from 1.0.145 to 1.0.147 + * build(deps): bump libc from 0.2.139 to 0.2.140 + * build(deps): bump futures from 0.3.25 to 0.3.27 + * build(deps): bump reqwest from 0.11.12 to 0.11.15 + * build(deps): bump config from 0.13.2 to 0.13.3 + * build(deps): bump openssl from 0.10.45 to 0.10.48 + * build(deps): bump tokio from 1.24.2 to 1.26.0 + * Cargo: Update tempfile to 3.4.0 version + +------------------------------------------------------------------- Old: ---- rust-keylime-0.2.0+git.1677691779.f7edd9a.tar.xz New: ---- rust-keylime-0.2.0+git.1681223954.646cf61.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rust-keylime.spec ++++++ --- /var/tmp/diff_new_pack.yJhykr/_old 2023-04-13 14:10:36.448248319 +0200 +++ /var/tmp/diff_new_pack.yJhykr/_new 2023-04-13 14:10:36.452248342 +0200 @@ -25,7 +25,7 @@ %define _config_norepl %config(noreplace) %endif Name: rust-keylime -Version: 0.2.0+git.1677691779.f7edd9a +Version: 0.2.0+git.1681223954.646cf61 Release: 0 Summary: Rust implementation of the keylime agent License: Apache-2.0 AND MIT ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.yJhykr/_old 2023-04-13 14:10:36.540248847 +0200 +++ /var/tmp/diff_new_pack.yJhykr/_new 2023-04-13 14:10:36.544248870 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/keylime/rust-keylime.git</param> - <param name="changesrevision">f7edd9a5cd49ef09e95f34a35d0829a90e9d38ff</param></service></servicedata> + <param name="changesrevision">646cf6190192344c95983e3be3103861d9e22b51</param></service></servicedata> (No newline at EOF) ++++++ rust-keylime-0.2.0+git.1677691779.f7edd9a.tar.xz -> rust-keylime-0.2.0+git.1681223954.646cf61.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/.packit.yaml new/rust-keylime-0.2.0+git.1681223954.646cf61/.packit.yaml --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/.packit.yaml 2023-03-01 18:29:39.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/.packit.yaml 2023-04-11 16:39:14.000000000 +0200 @@ -1,3 +1,16 @@ +downstream_package_name: keylime-agent-rust +upstream_project_url: https://github.com/keylime/rust-keylime +specfile_path: rpm/fedora/keylime-agent-rust.spec +actions: + get-current-version: + - bash -c "git describe --tags --abbrev=0 | sed 's/v\(.*\)/\1/g'" + +srpm_build_deps: + - cargo + - rust + - git + - openssl-devel + jobs: - job: tests trigger: pull_request @@ -7,3 +20,56 @@ # - fedora-rawhide - centos-stream-9-x86_64 skip_build: true + +- job: copr_build + trigger: commit + branch: master + specfile_path: rpm/fedora/keylime-agent-rust.spec + files_to_sync: + - rpm/fedora/* + actions: + get-current-version: + bash -c "git describe --tags --abbrev=0 | sed 's/v\(.*\)/\1/g'" + post-upstream-clone: + bash -c 'if [[ ! -d /var/tmp/cargo-vendor-filterer ]]; then git clone https://github.com/cgwalters/cargo-vendor-filterer.git /var/tmp/cargo-vendor-filterer; fi && + cd /var/tmp/cargo-vendor-filterer && + cargo build && + cd - && + cp /var/tmp/cargo-vendor-filterer/target/debug/cargo-vendor-filterer . && + ./cargo-vendor-filterer --platform x86_64-unknown-linux-gnu + --platform powerpc64le-unknown-linux-gnu + --platform aarch64-unknown-linux-gnu + --platform i686-unknown-linux-gnu + --platform s390x-unknown-linux-gnu + --exclude-crate-path "libloading#tests" && + tar jcf rpm/fedora/rust-keylime-vendor.tar.xz vendor' + targets: + - fedora-stable +# - fedora-rawhide + +- job: copr_build + trigger: commit + branch: master + specfile_path: rpm/centos/keylime-agent-rust.spec + files_to_sync: + - rpm/centos/* + actions: + get-current-version: + bash -c "git describe --tags --abbrev=0 | sed 's/v\(.*\)/\1/g'" + post-upstream-clone: + bash -c 'if [[ ! -d /var/tmp/cargo-vendor-filterer ]]; then git clone https://github.com/cgwalters/cargo-vendor-filterer.git /var/tmp/cargo-vendor-filterer; fi && + cd /var/tmp/cargo-vendor-filterer && + cargo build && + cd - && + cp /var/tmp/cargo-vendor-filterer/target/debug/cargo-vendor-filterer . && + ./cargo-vendor-filterer --platform x86_64-unknown-linux-gnu + --platform powerpc64le-unknown-linux-gnu + --platform aarch64-unknown-linux-gnu + --platform i686-unknown-linux-gnu + --platform s390x-unknown-linux-gnu + --exclude-crate-path "libloading#tests" && + tar jcf rpm/centos/rust-keylime-vendor.tar.xz vendor' + targets: + - centos-stream-9-x86_64 + + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/Cargo.lock new/rust-keylime-0.2.0+git.1681223954.646cf61/Cargo.lock --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/Cargo.lock 2023-03-01 18:29:39.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/Cargo.lock 2023-04-11 16:39:14.000000000 +0200 @@ -21,17 +21,17 @@ [[package]] name = "actix-http" -version = "3.2.2" +version = "3.3.1" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "0c83abf9903e1f0ad9973cc4f7b9767fd5a03a583f51a5b7a339e07987cd2724" +checksum = "c2079246596c18b4a33e274ae10c0e50613f4d32a4198e09c7b93771013fed74" dependencies = [ "actix-codec", "actix-rt", "actix-service", "actix-tls", "actix-utils", - "ahash", - "base64", + "ahash 0.8.3", + "base64 0.21.0", "bitflags", "brotli", "bytes", @@ -53,6 +53,8 @@ "rand 0.8.5", "sha1", "smallvec", + "tokio", + "tokio-util", "tracing", "zstd", ] @@ -64,7 +66,7 @@ checksum = "465a6172cf69b960917811022d8f29bc0b7fa1398bc4f78b3c466673db1213b6" dependencies = [ "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -82,9 +84,9 @@ [[package]] name = "actix-rt" -version = "2.7.0" +version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "7ea16c295198e958ef31930a6ef37d0fb64e9ca3b6116e6b93a8bdae96ee1000" +checksum = "15265b6b8e2347670eb363c47fc8c75208b4a4994b27192f345fcbe707804f3e" dependencies = [ "actix-macros", "futures-core", @@ -150,9 +152,9 @@ [[package]] name = "actix-web" -version = "4.2.1" +version = "4.3.1" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "d48f7b6534e06c7bfc72ee91db7917d4af6afe23e7d223b51e68fffbb21e96b9" +checksum = "cd3cb42f9566ab176e1ef0b8b3a896529062b4efc6be0123046095914c4c1c96" dependencies = [ "actix-codec", "actix-http", @@ -164,7 +166,7 @@ "actix-tls", "actix-utils", "actix-web-codegen", - "ahash", + "ahash 0.7.6", "bytes", "bytestring", "cfg-if", @@ -192,14 +194,14 @@ [[package]] name = "actix-web-codegen" -version = "4.1.0" +version = "4.2.0" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "1fa9362663c8643d67b2d5eafba49e4cb2c8a053a29ed00a0bea121f17c76b13" +checksum = "2262160a7ae29e3415554a3f1fc04c764b1540c116aa524683208078b7a75bc9" dependencies = [ "actix-router", "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -220,6 +222,18 @@ ] [[package]] +name = "ahash" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" +dependencies = [ + "cfg-if", + "getrandom 0.2.7", + "once_cell", + "version_check", +] + +[[package]] name = "aho-corasick" version = "0.7.19" source = "registry+https://github.com/rust-lang/crates.io-index"; @@ -278,7 +292,7 @@ dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -305,6 +319,12 @@ checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" [[package]] +name = "base64" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a" + +[[package]] name = "bindgen" version = "0.63.0" source = "registry+https://github.com/rust-lang/crates.io-index"; @@ -322,7 +342,7 @@ "regex", "rustc-hash", "shlex", - "syn", + "syn 1.0.100", "which", ] @@ -457,7 +477,7 @@ "proc-macro-error", "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -492,9 +512,9 @@ [[package]] name = "config" -version = "0.13.2" +version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "11f1667b8320afa80d69d8bbe40830df2c8a06003d86f73d8e003b2c48df416d" +checksum = "d379af7f68bfc21714c6c7dea883544201741d2ce8274bb12fa54f89507f52a7" dependencies = [ "async-trait", "json5", @@ -599,7 +619,7 @@ "proc-macro2", "quote", "rustc_version 0.4.0", - "syn", + "syn 1.0.100", ] [[package]] @@ -650,7 +670,7 @@ dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -667,6 +687,27 @@ ] [[package]] +name = "errno" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1" +dependencies = [ + "errno-dragonfly", + "libc", + "winapi", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + +[[package]] name = "error-chain" version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index"; @@ -729,9 +770,9 @@ [[package]] name = "futures" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "38390104763dc37a5145a53c29c63c1290b5d316d6086ec32c293f6736051bb0" +checksum = "531ac96c6ff5fd7c62263c5e3c67a603af4fcaee2e1a0ae5565ba3a11e69e549" dependencies = [ "futures-channel", "futures-core", @@ -744,9 +785,9 @@ [[package]] name = "futures-channel" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "52ba265a92256105f45b719605a571ffe2d1f0fea3807304b522c1d778f79eed" +checksum = "164713a5a0dcc3e7b4b1ed7d3b433cabc18025386f9339346e8daf15963cf7ac" dependencies = [ "futures-core", "futures-sink", @@ -754,15 +795,15 @@ [[package]] name = "futures-core" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "04909a7a7e4633ae6c4a9ab280aeb86da1236243a77b694a49eacd659a4bd3ac" +checksum = "86d7a0c1aa76363dac491de0ee99faf6941128376f1cf96f07db7603b7de69dd" [[package]] name = "futures-executor" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "7acc85df6714c176ab5edf386123fafe217be88c0840ec11f199441134a074e2" +checksum = "1997dd9df74cdac935c76252744c1ed5794fac083242ea4fe77ef3ed60ba0f83" dependencies = [ "futures-core", "futures-task", @@ -771,9 +812,9 @@ [[package]] name = "futures-io" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "00f5fb52a06bdcadeb54e8d3671f8888a39697dcb0b81b23b55174030427f4eb" +checksum = "89d422fa3cbe3b40dca574ab087abb5bc98258ea57eea3fd6f1fa7162c778b91" [[package]] name = "futures-lite" @@ -792,26 +833,26 @@ [[package]] name = "futures-macro" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "bdfb8ce053d86b91919aad980c220b1fb8401a9394410e1c289ed7e66b61835d" +checksum = "3eb14ed937631bd8b8b8977f2c198443447a8355b6e3ca599f38c975e5a963b6" dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] name = "futures-sink" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "39c15cf1a4aa79df40f1bb462fb39676d0ad9e366c2a33b590d7c66f4f81fcf9" +checksum = "ec93083a4aecafb2a80a885c9de1f0ccae9dbd32c2bb54b0c3a65690e0b8d2f2" [[package]] name = "futures-task" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "2ffb393ac5d9a6eaa9d3fdf37ae2776656b706e200c8e16b1bdb227f5198e6ea" +checksum = "fd65540d33b37b16542a0438c12e6aeead10d4ac5d05bd3f805b8f35ab592879" [[package]] name = "futures-timer" @@ -821,9 +862,9 @@ [[package]] name = "futures-util" -version = "0.3.25" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "197676987abd2f9cadff84926f410af1c183608d36641465df73ae8211dc65d6" +checksum = "3ef6b17e481503ec85211fed8f39d1970f128935ca1f814cd32ac4a6842e84ab" dependencies = [ "futures-channel", "futures-core", @@ -871,9 +912,9 @@ [[package]] name = "glob" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" [[package]] name = "h2" @@ -900,7 +941,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"; checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" dependencies = [ - "ahash", + "ahash 0.7.6", ] [[package]] @@ -960,7 +1001,7 @@ dependencies = [ "anyhow", "async-channel", - "base64", + "base64 0.13.1", "futures-lite", "http", "infer", @@ -1067,6 +1108,16 @@ ] [[package]] +name = "io-lifetimes" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "e7d6c6f8c91b4b9ed43484ad1a938e393caf35960fce7f82a040497207bd8e9e" +dependencies = [ + "libc", + "windows-sys 0.42.0", +] + +[[package]] name = "ipnet" version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index"; @@ -1111,7 +1162,7 @@ name = "keylime" version = "0.2.0" dependencies = [ - "base64", + "base64 0.21.0", "hex", "log", "openssl", @@ -1129,7 +1180,7 @@ dependencies = [ "actix-rt", "actix-web", - "base64", + "base64 0.21.0", "cfg-if", "clap", "compress-tools", @@ -1192,9 +1243,9 @@ [[package]] name = "libc" -version = "0.2.139" +version = "0.2.140" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" +checksum = "99227334921fae1a979cf0bfdfcc6b3e5ce376ef57e16fb6fb3ea2ed6095f80c" [[package]] name = "libloading" @@ -1213,6 +1264,12 @@ checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" [[package]] +name = "linux-raw-sys" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4" + +[[package]] name = "local-channel" version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index"; @@ -1346,7 +1403,7 @@ dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -1394,9 +1451,9 @@ [[package]] name = "openssl" -version = "0.10.45" +version = "0.10.48" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "b102428fd03bc5edf97f62620f7298614c45cedf287c271e7ed450bbaf83f2e1" +checksum = "518915b97df115dd36109bfa429a48b8f737bd05508cf9588977b599648926d2" dependencies = [ "bitflags", "cfg-if", @@ -1415,7 +1472,7 @@ dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -1426,9 +1483,9 @@ [[package]] name = "openssl-sys" -version = "0.9.80" +version = "0.9.83" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "23bbbf7854cd45b83958ebe919f0e8e516793727652e27fda10a8384cfc790b7" +checksum = "666416d899cf077260dac8698d60a60b435a46d57e82acb1be3d0dad87284e5b" dependencies = [ "autocfg", "cc", @@ -1536,7 +1593,7 @@ "pest_meta", "proc-macro2", "quote", - "syn", + "syn 1.0.100", ] [[package]] @@ -1600,7 +1657,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"; checksum = "f3033675030de806aba1d5470949701b7c9f1dbf77e3bb17bd12e5f945e560ba" dependencies = [ - "base64", + "base64 0.13.1", "oid", "picky-asn1 0.3.3", "picky-asn1-der 0.2.5", @@ -1650,7 +1707,7 @@ "proc-macro-error-attr", "proc-macro2", "quote", - "syn", + "syn 1.0.100", "version_check", ] @@ -1667,9 +1724,9 @@ [[package]] name = "proc-macro2" -version = "1.0.44" +version = "1.0.54" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "7bd7356a8122b6c4a24a82b278680c73357984ca2fc79a0f9fa6dea7dced7c58" +checksum = "e472a104799c74b514a57226160104aa483546de37e839ec50e3c2e41dd87534" dependencies = [ "unicode-ident", ] @@ -1682,9 +1739,9 @@ [[package]] name = "quote" -version = "1.0.21" +version = "1.0.26" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" +checksum = "4424af4bf778aae2051a77b60283332f386554255d722233d09fbfc7e30da2fc" dependencies = [ "proc-macro2", ] @@ -1787,21 +1844,12 @@ checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244" [[package]] -name = "remove_dir_all" -version = "0.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7" -dependencies = [ - "winapi", -] - -[[package]] name = "reqwest" -version = "0.11.12" +version = "0.11.15" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "431949c384f4e2ae07605ccaa56d1d9d2ecdb5cadd4f9577ccfab29f2e5149fc" +checksum = "0ba30cc2c0cd02af1222ed216ba659cdb2f879dfe3181852fe7c50b1d0005949" dependencies = [ - "base64", + "base64 0.21.0", "bytes", "encoding_rs", "futures-core", @@ -1844,7 +1892,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"; checksum = "88073939a61e5b7680558e6be56b419e208420c2adb92be54921fa6b72283f1a" dependencies = [ - "base64", + "base64 0.13.1", "bitflags", "serde", ] @@ -1884,6 +1932,20 @@ ] [[package]] +name = "rustix" +version = "0.36.7" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "d4fdebc4b395b7fbb9ab11e462e20ed9051e7b16e42d24042c776eca0ac81b03" +dependencies = [ + "bitflags", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys", + "windows-sys 0.42.0", +] + +[[package]] name = "ryu" version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index"; @@ -1954,9 +2016,9 @@ [[package]] name = "serde" -version = "1.0.145" +version = "1.0.159" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "728eb6351430bccb993660dfffc5a72f91ccc1295abaa8ce19b27ebe4f75568b" +checksum = "3c04e8343c3daeec41f58990b9d77068df31209f2af111e059e9fe9646693065" dependencies = [ "serde_derive", ] @@ -1972,20 +2034,20 @@ [[package]] name = "serde_derive" -version = "1.0.145" +version = "1.0.159" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "81fa1584d3d1bcacd84c277a0dfe21f5b0f6accf4a23d04d4c6d61f1af522b4c" +checksum = "4c614d17805b093df4b147b51339e7e44bf05ef59fba1e45d83500bcfb4d8585" dependencies = [ "proc-macro2", "quote", - "syn", + "syn 2.0.11", ] [[package]] name = "serde_json" -version = "1.0.91" +version = "1.0.95" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "877c235533714907a8c2464236f5c4b2a17262ef1bd71f38f35ea592c8da6883" +checksum = "d721eca97ac802aa7777b701877c8004d950fc142651367300d21c1cc0194744" dependencies = [ "itoa", "ryu", @@ -2106,6 +2168,17 @@ ] [[package]] +name = "syn" +version = "2.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index"; +checksum = "21e3787bb71465627110e7d87ed4faaa36c1f61042ee67badb9e2ef173accc40" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] name = "synstructure" version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index"; @@ -2113,7 +2186,7 @@ dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", "unicode-xid", ] @@ -2125,16 +2198,15 @@ [[package]] name = "tempfile" -version = "3.3.0" +version = "3.4.0" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" +checksum = "af18f7ae1acd354b992402e9ec5864359d693cd8a79dcbef59f76891701c1e95" dependencies = [ "cfg-if", "fastrand", - "libc", "redox_syscall", - "remove_dir_all", - "winapi", + "rustix", + "windows-sys 0.42.0", ] [[package]] @@ -2154,22 +2226,22 @@ [[package]] name = "thiserror" -version = "1.0.38" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "6a9cd18aa97d5c45c6603caea1da6628790b37f7a34b6ca89522331c5180fed0" +checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.38" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "1fb327af4685e4d03fa8cbcf1716380da910eeb2bb8be417e7f9fd3fb164f36f" +checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" dependencies = [ "proc-macro2", "quote", - "syn", + "syn 2.0.11", ] [[package]] @@ -2207,9 +2279,9 @@ [[package]] name = "tokio" -version = "1.24.2" +version = "1.25.0" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "597a12a59981d9e3c38d216785b0c37399f6e415e8d0712047620f189371b0bb" +checksum = "c8e00990ebabbe4c14c08aca901caed183ecd5c09562a12c824bb53d3c3fd3af" dependencies = [ "autocfg", "bytes", @@ -2461,7 +2533,7 @@ "once_cell", "proc-macro2", "quote", - "syn", + "syn 1.0.100", "wasm-bindgen-shared", ] @@ -2495,7 +2567,7 @@ dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2669,13 +2741,13 @@ [[package]] name = "wiremock" -version = "0.5.14" +version = "0.5.18" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "cc3c7b7557dbfdad6431b5a51196c9110cef9d83f6a9b26699f35cdc0ae113ec" +checksum = "bd7b0b5b253ebc0240d6aac6dd671c495c467420577bf634d3064ae7e6fa2b4c" dependencies = [ "assert-json-diff", "async-trait", - "base64", + "base64 0.21.0", "deadpool", "futures", "futures-timer", @@ -2715,7 +2787,7 @@ dependencies = [ "proc-macro2", "quote", - "syn", + "syn 1.0.100", "synstructure", ] @@ -2743,18 +2815,18 @@ [[package]] name = "zstd" -version = "0.11.2+zstd.1.5.2" +version = "0.12.3+zstd.1.5.2" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "20cc960326ece64f010d2d2107537f26dc589a6573a316bd5b1dba685fa5fde4" +checksum = "76eea132fb024e0e13fd9c2f5d5d595d8a967aa72382ac2f9d39fcc95afd0806" dependencies = [ "zstd-safe", ] [[package]] name = "zstd-safe" -version = "5.0.2+zstd.1.5.2" +version = "6.0.4+zstd.1.5.4" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "1d2a5585e04f9eea4b2a3d1eca508c4dee9592a89ef6f450c11719da0726f4db" +checksum = "7afb4b54b8910cf5447638cb54bf4e8a65cbedd783af98b98c62ffe91f185543" dependencies = [ "libc", "zstd-sys", @@ -2762,10 +2834,11 @@ [[package]] name = "zstd-sys" -version = "2.0.1+zstd.1.5.2" +version = "2.0.7+zstd.1.5.4" source = "registry+https://github.com/rust-lang/crates.io-index"; -checksum = "9fd07cbbc53846d9145dbffdf6dd09a7a0aa52be46741825f5c97bdd4f73f12b" +checksum = "94509c3ba2fe55294d752b79842c530ccfab760192521df74a081a78d2b3c7f5" dependencies = [ "cc", "libc", + "pkg-config", ] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/Cargo.toml new/rust-keylime-0.2.0+git.1681223954.646cf61/keylime-agent/Cargo.toml --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/Cargo.toml 2023-03-01 18:29:39.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/keylime-agent/Cargo.toml 2023-04-11 16:39:14.000000000 +0200 @@ -29,7 +29,7 @@ serde_derive = "1.0.80" serde_json = { version = "1.0", features = ["raw_value"] } static_assertions = "1" -tempfile = "3.0.4" +tempfile = "3.4.0" tokio = {version = "1.24", features = ["rt", "sync"]} tss-esapi = {version = "7.2.0", features = ["generate-bindings"]} thiserror = "1.0" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/src/common.rs new/rust-keylime-0.2.0+git.1681223954.646cf61/keylime-agent/src/common.rs --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/src/common.rs 2023-03-01 18:29:39.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/keylime-agent/src/common.rs 2023-04-11 16:39:14.000000000 +0200 @@ -53,7 +53,7 @@ pub const AES_BLOCK_SIZE: usize = 16; cfg_if::cfg_if! { - if #[cfg(any(test, feature = "testing"))] { + if #[cfg(test)] { // Secure mount of tpmfs (False is generally used for development environments) pub static MOUNT_SECURE: bool = false; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/src/main.rs new/rust-keylime-0.2.0+git.1681223954.646cf61/keylime-agent/src/main.rs --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/src/main.rs 2023-03-01 18:29:39.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/keylime-agent/src/main.rs 2023-04-11 16:39:14.000000000 +0200 @@ -147,7 +147,16 @@ None }; - let measuredboot_ml_path = Path::new(MEASUREDBOOT_ML); + let mut measuredboot_ml_path = Path::new(MEASUREDBOOT_ML); + + // Allow setting the binary bios measurements log path when testing + let env_mb_path: String; + #[cfg(feature = "testing")] + if let Ok(v) = std::env::var("TPM_BINARY_MEASUREMENTS") { + env_mb_path = v; + measuredboot_ml_path = Path::new(&env_mb_path); + } + let measuredboot_ml_file = if measuredboot_ml_path.exists() { match fs::File::open(measuredboot_ml_path) { Ok(file) => Some(Mutex::new(file)), @@ -871,9 +880,15 @@ Err(err) => None, }; - let measuredboot_ml_path = Path::new( - "/sys/kernel/security/tpm0/binary_bios_measurements", - ); + // Allow setting the binary bios measurements log path when testing + let mut measuredboot_ml_path = Path::new(MEASUREDBOOT_ML); + let env_mb_path; + #[cfg(feature = "testing")] + if let Ok(v) = std::env::var("TPM_BINARY_MEASUREMENTS") { + env_mb_path = v; + measuredboot_ml_path = Path::new(&env_mb_path); + } + let measuredboot_ml_file = match fs::File::open(measuredboot_ml_path) { Ok(file) => Some(Mutex::new(file)), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/packit-ci.fmf new/rust-keylime-0.2.0+git.1681223954.646cf61/packit-ci.fmf --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/packit-ci.fmf 2023-03-01 18:29:39.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/packit-ci.fmf 2023-04-11 16:39:14.000000000 +0200 @@ -10,7 +10,7 @@ context: swtpm: yes agent: rust - faked_measured_boot_log: true + faked_measured_boot_log: yes prepare: - how: shell @@ -42,6 +42,7 @@ - /functional/db-postgresql-sanity-on-localhost - /functional/db-mariadb-sanity-on-localhost - /functional/db-mysql-sanity-on-localhost + - /functional/durable-attestion-sanity-on-localhost - /functional/ek-cert-use-ek_check_script - /functional/ek-cert-use-ek_handle-custom-ca_certs - /functional/install-rpm-with-ima-signature @@ -55,7 +56,7 @@ - /functional/tpm_policy-sanity-on-localhost - /functional/use-multiple-ima-sign-verification-keys - /upstream/run_rust_keylime_tests - - /setup/generate_usptream_rust_keylime_code_coverage + - /setup/generate_upstream_rust_keylime_code_coverage adjust: # prepare step adjustments @@ -70,7 +71,7 @@ KEYLIME_RUST_CODE_COVERAGE: 0 discover+: test-: - - /setup/generate_usptream_rust_keylime_code_coverage + - /setup/generate_upstream_rust_keylime_code_coverage execute: how: tmt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/README.md new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/README.md --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/README.md 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/README.md 2023-04-11 16:39:14.000000000 +0200 @@ -0,0 +1,9 @@ +# Keylime testing RPM + +The specfiles in this directory are used to build RPM packages on Copr using +packit for testing purposes. Do not use the RPM built using these files in a +production environment. + +The goal is to avoid recompiling the project multiple times during testing. + +The binaries in the test RPM are build with the `testing` feature enabled. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/centos/keylime-agent-rust.spec new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/centos/keylime-agent-rust.spec --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/centos/keylime-agent-rust.spec 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/centos/keylime-agent-rust.spec 2023-04-11 16:39:14.000000000 +0200 @@ -0,0 +1,149 @@ +# keylime-agent-rust.spec + +%bcond_without check + +%global crate keylime_agent + +# Centos: Use bundled deps as it doesn't ship Rust libraries +%global bundled_rust_deps 1 +%global __brp_mangle_shebangs_exclude_from ^/usr/src/debug/.*$ + +Name: keylime-agent-rust +Version: 0.2.0 +Release: %{?autorelease}%{!?autorelease:1%{?dist}} +Summary: Rust agent for Keylime + +# Upstream license specification: Apache-2.0 +# +# The build dependencies have the following licenses: +# +# 0BSD or MIT or ASL 2.0 +# ASL 2.0 +# ASL 2.0 or Boost +# ASL 2.0 or MIT +# ASL 2.0 with exceptions +# BSD +# MIT +# MIT or ASL 2.0 +# MIT or ASL 2.0 or zlib +# MIT or zlib or ASL 2.0 +# Unlicense or MIT +# zlib or ASL 2.0 or MIT +# +License: ASL 2.0 and BSD and MIT +URL: https://github.com/keylime/rust-keylime/ +Source0: rust-keylime-v%{version}.tar.gz +# The vendor tarball is created using cargo-vendor-filterer to remove Windows +# related files (https://github.com/cgwalters/cargo-vendor-filterer) +# tar xf rust-keylime-%%{version}.tar.gz +# cd rust-keylime-%%{version} +# cargo vendor-filterer --platform x86_64-unknown-linux-gnu \ +# --platform powerpc64le-unknown-linux-gnu \ +# --platform aarch64-unknown-linux-gnu \ +# --platform i686-unknown-linux-gnu \ +# --platform s390x-unknown-linux-gnu \ +# --exclude-crate-path "libloading#tests" +# tar jcf rust-keylime-%%{version}-vendor.tar.xz vendor +Source1: rust-keylime-vendor.tar.xz + +ExclusiveArch: %{rust_arches} + +Requires: tpm2-tss + +# The keylime-base package provides the keylime user creation. It is available +# from Fedora 36 +%if 0%{?fedora} >= 36 +Requires: keylime-base +%endif + +BuildRequires: systemd +BuildRequires: openssl-devel +BuildRequires: libarchive-devel +BuildRequires: tpm2-tss-devel +BuildRequires: clang +BuildRequires: rust-toolset + +# Virtual Provides to support swapping between Python and Rust implementation +Provides: keylime-agent +Conflicts: keylime-agent + +%description +Rust agent for Keylime + +%prep +%autosetup -n rust-keylime-%{version} -N +%autopatch -m 100 -p1 +# Source1 is vendored dependencies +%cargo_prep -V 1 + +%build +%cargo_build --features=testing + +%install + +mkdir -p %{buildroot}/%{_sharedstatedir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_rundir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_localstatedir}/log/keylime +mkdir -p --mode=0700 %{buildroot}/%{_libexecdir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d + +install -Dpm 400 keylime-agent.conf \ + %{buildroot}%{_sysconfdir}/keylime/agent.conf + +install -Dpm 644 ./dist/systemd/system/keylime_agent.service \ + %{buildroot}%{_unitdir}/keylime_agent.service + +install -Dpm 644 ./dist/systemd/system/var-lib-keylime-secure.mount \ + %{buildroot}%{_unitdir}/var-lib-keylime-secure.mount + +# Setting up the agent to use keylime:keylime user/group after dropping privileges. +cat > %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d/001-run_as.conf << EOF +[agent] +run_as = "keylime:keylime" +EOF + +install -Dpm 0755 \ + -t %{buildroot}%{_bindir} \ + ./target/release/keylime_agent +install -Dpm 0755 \ + -t %{buildroot}%{_bindir} \ + ./target/release/keylime_ima_emulator + +%posttrans +chmod 500 %{_sysconfdir}/keylime/agent.conf.d +chmod 400 %{_sysconfdir}/keylime/agent.conf.d/*.conf +chmod 500 %{_sysconfdir}/keylime +chown -R keylime:keylime %{_sysconfdir}/keylime + +%preun +%systemd_preun keylime_agent.service +%systemd_preun var-lib-keylime-secure.mount + +%postun +%systemd_postun_with_restart keylime_agent.service +%systemd_postun_with_restart var-lib-keylime-secure.mount + +%files +%license LICENSE +%doc README.md +%attr(500,keylime,keylime) %dir %{_sysconfdir}/keylime +%attr(500,keylime,keylime) %dir %{_sysconfdir}/keylime/agent.conf.d +%config(noreplace) %attr(400,keylime,keylime) %{_sysconfdir}/keylime/agent.conf.d/001-run_as.conf +%config(noreplace) %attr(400,keylime,keylime) %{_sysconfdir}/keylime/agent.conf +%{_unitdir}/keylime_agent.service +%{_unitdir}/var-lib-keylime-secure.mount +%attr(700,keylime,keylime) %dir %{_rundir}/keylime +%attr(700,keylime,keylime) %dir %{_localstatedir}/log/keylime +%attr(700,keylime,keylime) %{_sharedstatedir}/keylime +%attr(700,keylime,keylime) %{_libexecdir}/keylime +%{_bindir}/keylime_agent +%{_bindir}/keylime_ima_emulator + +%if %{with check} +%check +%cargo_test +%endif + +%changelog +%autochangelog diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/fedora/keylime-agent-rust.spec new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/fedora/keylime-agent-rust.spec --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/fedora/keylime-agent-rust.spec 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/fedora/keylime-agent-rust.spec 2023-04-11 16:39:14.000000000 +0200 @@ -0,0 +1,174 @@ +# keylime-agent-rust.spec + +%bcond_without check + +%global crate keylime_agent + +%if 0%{?fedora} < 38 +# For older Fedora versions, use vendored dependencies due to broken packages +%global bundled_rust_deps 1 +%else +# Otherwise, use only system Rust libraries +%global bundled_rust_deps 0 +%endif + +%global __brp_mangle_shebangs_exclude_from ^/usr/src/debug/.*$ + +Name: keylime-agent-rust +Version: 0.2.0 +Release: %{?autorelease}%{!?autorelease:1%{?dist}} +Summary: Rust agent for Keylime + +# Upstream license specification: Apache-2.0 +# +# The build dependencies have the following licenses: +# +# 0BSD or MIT or ASL 2.0 +# ASL 2.0 +# ASL 2.0 or Boost +# ASL 2.0 or MIT +# ASL 2.0 with exceptions +# BSD +# MIT +# MIT or ASL 2.0 +# MIT or ASL 2.0 or zlib +# MIT or zlib or ASL 2.0 +# Unlicense or MIT +# zlib or ASL 2.0 or MIT +# +License: ASL 2.0 and BSD and MIT +URL: https://github.com/keylime/rust-keylime/ +Source0: rust-keylime-v%{version}.tar.gz +# The vendor tarball is created using cargo-vendor-filterer to remove Windows +# related files (https://github.com/cgwalters/cargo-vendor-filterer) +# tar xf rust-keylime-%%{version}.tar.gz +# cd rust-keylime-%%{version} +# cargo vendor-filterer --platform x86_64-unknown-linux-gnu \ +# --platform powerpc64le-unknown-linux-gnu \ +# --platform aarch64-unknown-linux-gnu \ +# --platform i686-unknown-linux-gnu \ +# --platform s390x-unknown-linux-gnu \ +# --exclude-crate-path "libloading#tests" +# tar jcf rust-keylime-%%{version}-vendor.tar.xz vendor +Source1: rust-keylime-vendor.tar.xz +## Patches for building from system Rust libraries (Fedora) +# Fix picky-asn1-der and picky-asn1-x509 to use available versions +# Drop completely the legacy-python-actions feature +Patch1: rust-keylime-metadata.patch + +ExclusiveArch: %{rust_arches} + +Requires: tpm2-tss + +# The keylime-base package provides the keylime user creation. It is available +# from Fedora 36 +%if 0%{?fedora} >= 36 +Requires: keylime-base +%endif + +BuildRequires: systemd +BuildRequires: openssl-devel +BuildRequires: libarchive-devel +BuildRequires: tpm2-tss-devel +BuildRequires: clang +BuildRequires: rust-packaging >= 21-2 + +# Virtual Provides to support swapping between Python and Rust implementation +Provides: keylime-agent +Conflicts: keylime-agent + +%description +Rust agent for Keylime + +%prep +%autosetup -n rust-keylime-%{version} -N +%if 0%{?bundled_rust_deps} +%autopatch -m 100 -p1 +# Source1 contains vendored dependencies +%cargo_prep +tar -xoaf %{SOURCE1} +sed -i 's/^\(replace-with\).*$/\1 = "vendored-sources"/g' .cargo/config +cat >> .cargo/config << EOF + +[source.vendored-sources] +directory = "./vendor" +EOF + +%cargo_generate_buildrequires +%else +%autopatch -M 99 -p1 +%cargo_prep +%cargo_generate_buildrequires +%endif + +%build +%cargo_build -ftesting + +%install + +mkdir -p %{buildroot}/%{_sharedstatedir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_rundir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_localstatedir}/log/keylime +mkdir -p --mode=0700 %{buildroot}/%{_libexecdir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime +mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d + +install -Dpm 400 keylime-agent.conf \ + %{buildroot}%{_sysconfdir}/keylime/agent.conf + +install -Dpm 644 ./dist/systemd/system/keylime_agent.service \ + %{buildroot}%{_unitdir}/keylime_agent.service + +install -Dpm 644 ./dist/systemd/system/var-lib-keylime-secure.mount \ + %{buildroot}%{_unitdir}/var-lib-keylime-secure.mount + +# Setting up the agent to use keylime:keylime user/group after dropping privileges. +cat > %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d/001-run_as.conf << EOF +[agent] +run_as = "keylime:keylime" +EOF + +install -Dpm 0755 \ + -t %{buildroot}%{_bindir} \ + ./target/release/keylime_agent +install -Dpm 0755 \ + -t %{buildroot}%{_bindir} \ + ./target/release/keylime_ima_emulator + +%posttrans +chmod 500 %{_sysconfdir}/keylime/agent.conf.d +chmod 400 %{_sysconfdir}/keylime/agent.conf.d/*.conf +chmod 500 %{_sysconfdir}/keylime +chown -R keylime:keylime %{_sysconfdir}/keylime + +%preun +%systemd_preun keylime_agent.service +%systemd_preun var-lib-keylime-secure.mount + +%postun +%systemd_postun_with_restart keylime_agent.service +%systemd_postun_with_restart var-lib-keylime-secure.mount + +%files +%license LICENSE +%doc README.md +%attr(500,keylime,keylime) %dir %{_sysconfdir}/keylime +%attr(500,keylime,keylime) %dir %{_sysconfdir}/keylime/agent.conf.d +%config(noreplace) %attr(400,keylime,keylime) %{_sysconfdir}/keylime/agent.conf.d/001-run_as.conf +%config(noreplace) %attr(400,keylime,keylime) %{_sysconfdir}/keylime/agent.conf +%{_unitdir}/keylime_agent.service +%{_unitdir}/var-lib-keylime-secure.mount +%attr(700,keylime,keylime) %dir %{_rundir}/keylime +%attr(700,keylime,keylime) %dir %{_localstatedir}/log/keylime +%attr(700,keylime,keylime) %{_sharedstatedir}/keylime +%attr(700,keylime,keylime) %{_libexecdir}/keylime +%{_bindir}/keylime_agent +%{_bindir}/keylime_ima_emulator + +%if %{with check} +%check +%cargo_test +%endif + +%changelog +%autochangelog diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/fedora/rust-keylime-metadata.patch new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/fedora/rust-keylime-metadata.patch --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/rpm/fedora/rust-keylime-metadata.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/rpm/fedora/rust-keylime-metadata.patch 2023-04-11 16:39:14.000000000 +0200 @@ -0,0 +1,54 @@ +diff --git a/keylime-agent/Cargo.toml b/keylime-agent/Cargo.toml +index 2d9cd9a..e4a7852 100644 +--- a/keylime-agent/Cargo.toml ++++ b/keylime-agent/Cargo.toml +@@ -13,7 +13,7 @@ base64 = "0.13" + cfg-if = "1" + clap = { version = "3.2", features = ["derive"] } + compress-tools = "0.12" +-config = { version = "0.13", features = ["toml"] } ++config = { version = "0.12", features = ["toml"] } + futures = "0.3.6" + glob = "0.3" + hex = "0.4" +@@ -21,8 +21,8 @@ keylime = { path = "../keylime" } + libc = "0.2.43" + log = "0.4" + openssl = "0.10.15" +-picky-asn1-der = "0.3.1" +-picky-asn1-x509 = "0.6.1" ++picky-asn1-der = "0.3" ++picky-asn1-x509 = "0.7" + pretty_env_logger = "0.4" + reqwest = {version = "0.11", features = ["json"]} + serde = "1.0.80" +@@ -31,7 +31,7 @@ serde_json = { version = "1.0", features = ["raw_value"] } + static_assertions = "1" + tempfile = "3.4.0" + tokio = {version = "1.24", features = ["rt", "sync"]} +-tss-esapi = {version = "7.2.0", features = ["generate-bindings"]} ++tss-esapi = {version = "7", features = ["generate-bindings"]} + thiserror = "1.0" + uuid = {version = "1.3", features = ["v4"]} + zmq = {version = "0.9.2", optional = true} +@@ -46,20 +46,7 @@ actix-rt = "2" + [features] + # The features enabled by default + default = [] +-# this should change to dev-dependencies when we have integration testing + testing = ["wiremock"] +-# Whether the agent should be compiled with support to listen for notification +-# messages on ZeroMQ +-# +-# This feature is deprecated and will be removed on next major release +-with-zmq = ["zmq"] +-# Whether the agent should be compiled with support for python revocation +-# actions loaded as modules, which is the only kind supported by the python +-# agent (unless the enhancement-55 is implemented). See: +-# https://github.com/keylime/enhancements/blob/master/55_revocation_actions_without_python.md +-# +-# This feature is deprecated and will be removed on next major release +-legacy-python-actions = [] + + [package.metadata.deb] + section = "net" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677691779.f7edd9a/scripts/download_packit_coverage.sh new/rust-keylime-0.2.0+git.1681223954.646cf61/scripts/download_packit_coverage.sh --- old/rust-keylime-0.2.0+git.1677691779.f7edd9a/scripts/download_packit_coverage.sh 2023-03-01 18:29:39.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1681223954.646cf61/scripts/download_packit_coverage.sh 2023-04-11 16:39:14.000000000 +0200 @@ -36,7 +36,7 @@ # uploads coverage XML files to a web drive # currently we are doing that in a job running tests on Fedora-37 TF_JOB_DESC="testing-farm:fedora-37-x86_64" -TF_TEST_OUTPUT="/setup/generate_usptream_rust_keylime_code_coverage/output.txt" +TF_TEST_OUTPUT="/setup/generate_upstream_rust_keylime_code_coverage/output.txt" TF_ARTIFACTS_URL_PREFIX="https://artifacts.dev.testing-farm.io"; GITHUB_API_PREFIX_URL="https://api.github.com/repos/${PROJECT}"; ++++++ vendor.tar.xz ++++++ /work/SRC/openSUSE:Factory/rust-keylime/vendor.tar.xz /work/SRC/openSUSE:Factory/.rust-keylime.new.19717/vendor.tar.xz differ: char 27, line 1
