Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package tpm2.0-abrmd for openSUSE:Factory checked in at 2021-08-02 12:04:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tpm2.0-abrmd (Old) and /work/SRC/openSUSE:Factory/.tpm2.0-abrmd.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tpm2.0-abrmd" Mon Aug 2 12:04:17 2021 rev:19 rq:908096 version:2.4.0 Changes: -------- --- /work/SRC/openSUSE:Factory/tpm2.0-abrmd/tpm2.0-abrmd.changes 2021-06-14 23:11:41.376815954 +0200 +++ /work/SRC/openSUSE:Factory/.tpm2.0-abrmd.new.1899/tpm2.0-abrmd.changes 2021-08-02 12:04:24.405664495 +0200 @@ -1,0 +2,16 @@ +Sat Jul 17 21:04:13 UTC 2021 - Callum Farmer <gm...@opensuse.org> + +- Move selinux devel file to devel subpackage + +------------------------------------------------------------------- +Wed Jul 14 13:41:59 UTC 2021 - Callum Farmer <gm...@opensuse.org> + +- Update to version 2.4.0: + - Service start depends on systemd device unit: dev-tpm0.device. + - Numerous memory leaks. + - udev settle service deprecation warnings. + - StandardOutput=syslog deprecation warnings. +- Add selinux module files +- Move dbus files out of /etc + +------------------------------------------------------------------- Old: ---- _service tpm2-abrmd-2.3.3.tar.gz New: ---- tpm2-abrmd-2.4.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tpm2.0-abrmd.spec ++++++ --- /var/tmp/diff_new_pack.R6Lxee/_old 2021-08-02 12:04:25.009664366 +0200 +++ /var/tmp/diff_new_pack.R6Lxee/_new 2021-08-02 12:04:25.013664366 +0200 @@ -15,9 +15,10 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # - +%global selinuxtype targeted +%global modulename tabrmd Name: tpm2.0-abrmd -Version: 2.3.3 +Version: 2.4.0 Release: 0 Summary: Intel's TCG Software Stack Access Broker & Resource Manager for TPM 2.0 chips License: BSD-2-Clause @@ -27,18 +28,25 @@ Source1: tpm2.0-abrmd.rpmlintrc BuildRequires: autoconf-archive BuildRequires: automake +BuildRequires: checkpolicy BuildRequires: gcc-c++ BuildRequires: libtool -BuildRequires: pkg-config +BuildRequires: pkgconfig +BuildRequires: policycoreutils BuildRequires: systemd-rpm-macros BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(gio-unix-2.0) BuildRequires: pkgconfig(tss2-sys) -Requires(pre): shadow +BuildRequires: selinux-policy-devel +# due to %%selinux_requires +BuildRequires: pkgconfig(systemd) +# +BuildRequires: selinux-policy-targeted +Requires(pre): user(tss) Requires: libtss2-tcti-device0 Requires: libtss2-tcti-tabrmd0 Requires: tpm2-0-tss -BuildRoot: %{_tmppath}/%{name}-%{version}-build +Requires: (%{name}-selinux if selinux-policy-base) # the auto activation is not whitelisted for <= SLE12-SP3 %if 0%{?sle_version} > 120300 || 0%{?is_opensuse} %define install_dbus_files 1 @@ -60,6 +68,16 @@ This package provides the development files for the Access Broker & Resource Manager for coordinating access to TPM 2.0 chips. +%package selinux +Summary: SELinux module for the Access Broker & Resource Manager for TPM 2.0 chips +Group: System/Management +BuildArch: noarch +Requires: tpm2.0-abrmd = %{version} +%selinux_requires + +%description selinux +This package provides the SELinux module for the Access Broker & Resource Manager for TPM 2.0 chips. + %package -n libtss2-tcti-tabrmd0 Summary: Client interface library for tpm2-abrmd Group: System/Libraries @@ -72,15 +90,19 @@ %postun -n libtss2-tcti-tabrmd0 -p /sbin/ldconfig %prep -%setup -q -n tpm2-abrmd-%{version} +%autosetup -n tpm2-abrmd-%{version} %build -export CFLAGS="%optflags -fPIE" -export LDFLAGS="-pie -fPIE" -%configure --disable-static --with-systemdsystemunitdir=%{_unitdir} +export CFLAGS="%{optflags} -fPIE" +export LDFLAGS="$LDFLAGS -pie" +%configure \ + --disable-static \ + --with-sepolicy=yes \ + --with-systemdsystemunitdir=%{_unitdir} \ + --with-dbuspolicydir=%{_datadir}/dbus-1/system.d + %{nil} make %{?_smp_mflags} PTHREAD_LDFLAGS=-pthread -# TODO: add the tss user again %install %make_install # don't package libtool files as is best practice @@ -93,6 +115,8 @@ rm %{buildroot}/%{_sysconfdir}/dbus-1/system.d/tpm2-abrmd.conf rm %{buildroot}/%{_datadir}/dbus-1/system-services/com.intel.tss2.Tabrmd.service %endif +mkdir %{buildroot}%{_datadir}/selinux/packages/targeted +mv %{buildroot}%{_datadir}/selinux/packages/tab* %{buildroot}%{_datadir}/selinux/packages/targeted %pre %service_add_pre tpm2-abrmd.service @@ -106,8 +130,21 @@ %preun %service_del_preun tpm2-abrmd.service +%pre selinux +%selinux_relabel_pre -s %{selinuxtype} + +%post selinux +%selinux_modules_install -s %{selinuxtype} -p 200 %{_datadir}/selinux/packages/targeted/%{modulename}.pp.bz2 + +%postun selinux +if [ $1 -eq 0 ]; then + %selinux_modules_uninstall -s %{selinuxtype} -p 200 %{modulename} +fi + +%posttrans selinux +%selinux_relabel_post -s %{selinuxtype} + %files -%defattr(-,root,root) %doc *.md %license LICENSE %{_mandir}/man7/tss2-* @@ -117,19 +154,22 @@ %{_unitdir}/tpm2-abrmd.service %if 0%{?install_dbus_files} # the auto activation is not whitelisted for <= SLE12-SP3 -%config %{_sysconfdir}/dbus-1/system.d/tpm2-abrmd.conf +%{_datadir}/dbus-1/system.d/tpm2-abrmd.conf %{_datadir}/dbus-1/system-services/com.intel.tss2.Tabrmd.service %endif +%files selinux +%{_datadir}/selinux/packages/targeted/tabrmd.pp.bz2 +%ghost %verify(not md5 size mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename} + %files devel -%defattr(-,root,root) %{_includedir}/tss2 %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc %{_mandir}/man3/Tss2* +%{_datadir}/selinux/devel/include/contrib/tabrmd.if %files -n libtss2-tcti-tabrmd0 -%defattr(-,root,root) %{_libdir}/libtss2-tcti-tabrmd.so.* %changelog ++++++ tpm2-abrmd-2.3.3.tar.gz -> tpm2-abrmd-2.4.0.tar.gz ++++++ ++++ 8018 lines of diff (skipped)
