Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rust-keylime for openSUSE:Factory
checked in at 2022-10-01 17:41:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rust-keylime (Old)
and /work/SRC/openSUSE:Factory/.rust-keylime.new.2275 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rust-keylime"
Sat Oct 1 17:41:59 2022 rev:4 rq:1006461 version:0.1.0+git.1663769444.6318234
Changes:
--------
--- /work/SRC/openSUSE:Factory/rust-keylime/rust-keylime.changes
2022-08-11 18:31:52.610199695 +0200
+++ /work/SRC/openSUSE:Factory/.rust-keylime.new.2275/rust-keylime.changes
2022-10-01 17:42:05.597553889 +0200
@@ -1,0 +2,25 @@
+Mon Sep 26 14:15:04 UTC 2022 - apla...@suse.com
+
+- Rebase bindgen.patch and upstream the change
+- Rebase keylime-agent.conf.diff
+- Store the configuration file in /usr/etc/keylime/agent.conf
+- Fix keylime user creation
+- Drop webapp service port in firewall XML service file
+- Update to version 0.1.0+git.1663769444.6318234:
+ * Update comments in the configuration file
+ * config: Align config locations with the python components
+ * config: Add configuration file version
+ * config: Add back support for KEYLIME_DIR env var
+ * Change configuration format to TOML
+ * Add support for using passphrase protected key
+ * Do not try to load TPM data generated by another TPM
+ * Allow using existing key and certificate
+ * Remove the agent TPM data from the config struct
+ * Rename the configuration options
+ * Use password to generate EK when provided
+ * Add tpm_ownerpassword option to keylime.conf
+ * Add cargo audit to CI static tests
+ * Add agent and faked_measured_boot_log tests context
+ * Appease clippy
+
+-------------------------------------------------------------------
Old:
----
rust-keylime-0.1.0+git.1659977521.0186093.tar.xz
New:
----
rust-keylime-0.1.0+git.1663769444.6318234.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rust-keylime.spec ++++++
--- /var/tmp/diff_new_pack.b4E3xT/_old 2022-10-01 17:42:06.481555501 +0200
+++ /var/tmp/diff_new_pack.b4E3xT/_new 2022-10-01 17:42:06.485555509 +0200
@@ -25,7 +25,7 @@
%define _config_norepl %config(noreplace)
%endif
Name: rust-keylime
-Version: 0.1.0+git.1659977521.0186093
+Version: 0.1.0+git.1663769444.6318234
Release: 0
Summary: Rust implementation of the keylime agent
License: Apache-2.0 AND MIT
@@ -38,7 +38,7 @@
Source5: tmpfiles.keylime
# PATCH-FIX-OPENSUSE keylime-agent.conf.diff
Patch1: keylime-agent.conf.diff
-# PATCH-FIX-OPENSUSE bindgen.patch
+# PATCH-FIX-UPSTREAM bindgen.patch -- gh#keylime/rust-keylime!459
Patch2: bindgen.patch
BuildRequires: cargo
BuildRequires: clang
@@ -51,6 +51,8 @@
Requires: libtss2-tcti-device0
Requires: logrotate
Requires: tpm2.0-abrmd
+Provides: user(keylime)
+%sysusers_requires
%description
Rust implementation of keylime agent. Keylime is system integrity
@@ -68,8 +70,7 @@
%install
RUSTFLAGS=%{rustflags} cargo install --frozen --no-default-features --features
"with-zmq" --root=%{buildroot}%{_prefix} --path .
-# TODO: move the configuration file into _distconfdir
-install -Dpm 0600 keylime-agent.conf
%{buildroot}%{_sysconfdir}/keylime-agent.conf
+install -Dpm 0600 keylime-agent.conf
%{buildroot}%{_distconfdir}/keylime/agent.conf
install -Dpm 0644 ./dist/systemd/system/keylime_agent.service
%{buildroot}%{_unitdir}/keylime_agent.service
install -Dpm 0644 ./dist/systemd/system/var-lib-keylime-secure.mount
%{buildroot}%{_unitdir}/var-lib-keylime-secure.mount
@@ -85,7 +86,7 @@
rm %{buildroot}%{_prefix}/.crates.toml
rm %{buildroot}%{_prefix}/.crates2.json
-%pre
+%pre -f keylime.pre
%service_add_pre keylime_agent.service
%service_add_pre var-lib-keylime-secure.mount
@@ -108,7 +109,8 @@
%license LICENSE
%{_bindir}/keylime_agent
%{_bindir}/keylime_ima_emulator
-%config(noreplace) %attr (0600,keylime,tss) %{_sysconfdir}/keylime-agent.conf
+%dir %attr(0700,keylime,tss) %{_distconfdir}/keylime
+%_config_norepl %attr (0600,keylime,tss) %{_distconfdir}/keylime/agent.conf
%{_unitdir}/keylime_agent.service
%{_unitdir}/var-lib-keylime-secure.mount
%dir %{_prefix}/lib/firewalld
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.b4E3xT/_old 2022-10-01 17:42:06.525555582 +0200
+++ /var/tmp/diff_new_pack.b4E3xT/_new 2022-10-01 17:42:06.529555589 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/keylime/rust-keylime.git</param>
- <param
name="changesrevision">01860934f7308bc5ea1e68c8d858aea056620ce8</param></service></servicedata>
+ <param
name="changesrevision">63182344ab8efa90896eb0765c3ad9ecad11362e</param></service></servicedata>
(No newline at EOF)
++++++ bindgen.patch ++++++
++++ 1585 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/rust-keylime/bindgen.patch
++++ and /work/SRC/openSUSE:Factory/.rust-keylime.new.2275/bindgen.patch
++++++ keylime-agent.conf.diff ++++++
--- /var/tmp/diff_new_pack.b4E3xT/_old 2022-10-01 17:42:06.569555662 +0200
+++ /var/tmp/diff_new_pack.b4E3xT/_new 2022-10-01 17:42:06.573555669 +0200
@@ -1,35 +1,40 @@
-Index: rust-keylime-0.1.0+git.1659977521.0186093/keylime-agent.conf
+Index: rust-keylime-0.1.0+git.1663769444.6318234/keylime-agent.conf
===================================================================
---- rust-keylime-0.1.0+git.1659977521.0186093.orig/keylime-agent.conf
-+++ rust-keylime-0.1.0+git.1659977521.0186093/keylime-agent.conf
-@@ -4,7 +4,8 @@
-
- # Revocation IP & Port used by either the cloud_agent or keylime_ca to receive
- # revocation events from the verifier.
--receive_revocation_ip = 127.0.0.1
-+# receive_revocation_ip = 127.0.0.1
-+receive_revocation_ip = <REMOTE_IP>
- receive_revocation_port = 8992
-
-
-@@ -13,7 +14,8 @@ receive_revocation_port = 8992
- #=============================================================================
+--- rust-keylime-0.1.0+git.1663769444.6318234.orig/keylime-agent.conf
++++ rust-keylime-0.1.0+git.1663769444.6318234/keylime-agent.conf
+@@ -10,10 +10,12 @@ version = "2.0"
+ # If you set this to "generate", Keylime will create a random UUID.
+ # If you set this to "hash_ek", Keylime will set the UUID to the result
+ # of 'SHA256(public EK in PEM format)'.
+-uuid = "d432fbb3-d2f1-4a97-9ef7-75bd81c00000"
++# uuid = "d432fbb3-d2f1-4a97-9ef7-75bd81c00000"
++uuid = "generate"
# The binding address and port for the agent server
--cloudagent_ip = 127.0.0.1
-+# cloudagent_ip = 127.0.0.1
-+cloudagent_ip = 0.0.0.0
- cloudagent_port = 9002
+-ip = "127.0.0.1"
++# ip = "127.0.0.1"
++ip = "0.0.0.0"
+ port = 9002
# Address and port where the verifier and tenant can connect to reach the
agent.
-@@ -22,7 +24,8 @@ agent_contact_ip = 127.0.0.1
- agent_contact_port = 9002
+@@ -22,7 +24,8 @@ contact_ip = "127.0.0.1"
+ contact_port = 9002
# The address and port of registrar server which agent communicate with
--registrar_ip = 127.0.0.1
-+# registrar_ip = 127.0.0.1
-+registrar_ip = <REMOTE_IP>
+-registrar_ip = "127.0.0.1"
++# registrar_ip = "127.0.0.1"
++registrar_ip = "<REMOTE_IP>"
registrar_port = 8890
- # The keylime working directory. Can be overriden by setting the KEYLIME_DIR
+ # Enable mTLS communication between agent, verifier and tenant.
+@@ -96,7 +99,8 @@ revocation_actions_dir = "/usr/libexec/k
+ # Revocation IP & Port used by the agent to receive revocation
+ # notifications from the verifier via zeromq.
+ # This is optional and used only when 'enable_revocation_notifications' is
'true'.
+-revocation_notification_ip = "127.0.0.1"
++# revocation_notification_ip = "127.0.0.1"
++revocation_notification_ip = "<REMOTE_IP>"
+ revocation_notification_port = 8992
+
+ # The path to the certificate to verify revocation messages received from the
++++++ keylime.xml ++++++
--- /var/tmp/diff_new_pack.b4E3xT/_old 2022-10-01 17:42:06.601555720 +0200
+++ /var/tmp/diff_new_pack.b4E3xT/_new 2022-10-01 17:42:06.605555727 +0200
@@ -2,7 +2,6 @@
<service>
<short>Keylime</short>
<description>Keylime is a remote attestation tool that requires access to
several ports.</description>
- <port protocol="tcp" port="443"/><!-- Webapp -->
<port protocol="tcp" port="8881"/><!-- Verifier -->
<port protocol="tcp" port="8890"/><!-- Registrar -->
<port protocol="tcp" port="8891"/><!-- Registrar TLS -->
++++++ rust-keylime-0.1.0+git.1659977521.0186093.tar.xz ->
rust-keylime-0.1.0+git.1663769444.6318234.tar.xz ++++++
++++ 3526 lines of diff (skipped)
++++++ vendor.tar.xz ++++++
/work/SRC/openSUSE:Factory/rust-keylime/vendor.tar.xz
/work/SRC/openSUSE:Factory/.rust-keylime.new.2275/vendor.tar.xz differ: char
25, line 1
