Bug#956922: ITP: fsverity -- Userspace utilities for fs-verity
On Fri, Apr 17, 2020 at 07:55:17PM +0200, Romain Perier wrote: > Bastien : why not , I am opened to suggestions. > > Lucas: thanks for your proposal and your feedbacks. I will fix this and I > will keep you in touch. > > Regards, > Romain Hi, Lucas: Everything should be fixed in https://salsa.debian.org/rperier-guest/fsverity-utils. All the current patches will be sent on upstream. Thanks, Regards, Romain > > Le ven. 17 avr. 2020 à 13:29, Bastien ROUCARIES > a écrit : > > > On Thu, Apr 16, 2020 at 9:18 PM Romain Perier > > wrote: > > > > > > Package: wnpp > > > Severity: wishlist > > > Owner: Romain Perier > > > > > > * Package name: fsverity > > > Version : 1.0 > > > Upstream Author : Eric Biggers > > > * URL : > > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git > > > * License : GPL > > > Programming Lang: C > > > Description : Userspace utilities for fs-verity > > > > > > This is fsverity, a userspace utility for fs-verity. fs-verity is a > > Linux kernel > > > feature that does transparent on-demand integrity/authenticity > > verification of > > > the contents of read-only files, using a hidden Merkle tree (hash tree) > > associated > > > with the file. The mechanism is similar to dm-verity, but implemented at > > the file > > > level rather than at the block device level. The fsverity utility allows > > you to > > > set up fs-verity protected files. > > > > > > This package will be helpful for handling the fsverity feature on a file > > from > > > userspace. > > > > > > I want to maintain this package. As DM, I need someone for the initial > > upload. > > > Packaging is currently hosted here > > https://salsa.debian.org/rperier-guest/fsverity, > > > and will be developed at https://salsa.debian.org/debian/fsverity > > > > I can. Do you plan also to support it under debian install (maybe also > > dm-verify/dm-integrity) > > > > Bastien > > signature.asc Description: PGP signature
Bug#956922: ITP: fsverity -- Userspace utilities for fs-verity
Bastien : why not , I am opened to suggestions. Lucas: thanks for your proposal and your feedbacks. I will fix this and I will keep you in touch. Regards, Romain Le ven. 17 avr. 2020 à 13:29, Bastien ROUCARIES a écrit : > On Thu, Apr 16, 2020 at 9:18 PM Romain Perier > wrote: > > > > Package: wnpp > > Severity: wishlist > > Owner: Romain Perier > > > > * Package name: fsverity > > Version : 1.0 > > Upstream Author : Eric Biggers > > * URL : > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git > > * License : GPL > > Programming Lang: C > > Description : Userspace utilities for fs-verity > > > > This is fsverity, a userspace utility for fs-verity. fs-verity is a > Linux kernel > > feature that does transparent on-demand integrity/authenticity > verification of > > the contents of read-only files, using a hidden Merkle tree (hash tree) > associated > > with the file. The mechanism is similar to dm-verity, but implemented at > the file > > level rather than at the block device level. The fsverity utility allows > you to > > set up fs-verity protected files. > > > > This package will be helpful for handling the fsverity feature on a file > from > > userspace. > > > > I want to maintain this package. As DM, I need someone for the initial > upload. > > Packaging is currently hosted here > https://salsa.debian.org/rperier-guest/fsverity, > > and will be developed at https://salsa.debian.org/debian/fsverity > > I can. Do you plan also to support it under debian install (maybe also > dm-verify/dm-integrity) > > Bastien >
Bug#956922: ITP: fsverity -- Userspace utilities for fs-verity
On Thu, Apr 16, 2020 at 9:18 PM Romain Perier wrote: > > Package: wnpp > Severity: wishlist > Owner: Romain Perier > > * Package name: fsverity > Version : 1.0 > Upstream Author : Eric Biggers > * URL : > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git > * License : GPL > Programming Lang: C > Description : Userspace utilities for fs-verity > > This is fsverity, a userspace utility for fs-verity. fs-verity is a Linux > kernel > feature that does transparent on-demand integrity/authenticity verification of > the contents of read-only files, using a hidden Merkle tree (hash tree) > associated > with the file. The mechanism is similar to dm-verity, but implemented at the > file > level rather than at the block device level. The fsverity utility allows you > to > set up fs-verity protected files. > > This package will be helpful for handling the fsverity feature on a file from > userspace. > > I want to maintain this package. As DM, I need someone for the initial upload. > Packaging is currently hosted here > https://salsa.debian.org/rperier-guest/fsverity, > and will be developed at https://salsa.debian.org/debian/fsverity I can. Do you plan also to support it under debian install (maybe also dm-verify/dm-integrity) Bastien
Bug#956922: ITP: fsverity -- Userspace utilities for fs-verity
On Thu, 2020-04-16 at 21:15 +0200, Romain Perier wrote: > Package: wnpp > Severity: wishlist > Owner: Romain Perier > > * Package name: fsverity > Version : 1.0 > Upstream Author : Eric Biggers > * URL : > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git > * License : GPL > Programming Lang: C > Description : Userspace utilities for fs-verity > > This is fsverity, a userspace utility for fs-verity. fs-verity is a Linux > kernel > feature that does transparent on-demand integrity/authenticity verification of > the contents of read-only files, using a hidden Merkle tree (hash tree) > associated > with the file. The mechanism is similar to dm-verity, but implemented at the > file > level rather than at the block device level. The fsverity utility allows you > to > set up fs-verity protected files. > > This package will be helpful for handling the fsverity feature on a file from > userspace. > > I want to maintain this package. As DM, I need someone for the initial upload. > Packaging is currently hosted here > https://salsa.debian.org/rperier-guest/fsverity, > and will be developed at https://salsa.debian.org/debian/fsverity Hi, I can sponsor your initial upload, if you haven't found anyone else yet. A few things I noticed that would be good to fix beforehand: 1) Given you set compat 12, you can delete debian/compat and change the build-dep from debhelper (>= 12) to debhelper-compat (= 12) 2) The upstream repository is called fsverity-utils, but the source package and the salsa repository are called fsverity. It would be better if they matched. The binary package name can stay as fsverity. 3) Standards-Version is outdated 4) Rules-Requires-Root: no is not set, even though I don't see anything that would make it not work 5) The license in debian/copyright should be "GPL-2+ with OpenSSL exception" since the author explicitly added it. Copy the exception from upstream's README into a paragraph at the bottom of the license body in d/copyright. Then, remove the lintian-override for possible- gpl-code-linked-with-openssl 6) Given it's a linux-specific feature, the Architecture should probably be linux-any instead of any 7) The upstream makefile hard-codes -lcrypto instead of using pkg- config to get linker and compiler flags. This should be fixed. 8) The upstream makefile does not append to CFLAGS and CPPFLAGS, but overrides them, so the hardening flags are lost and the build fails since debhelper's -g is lost and dh_dwz fails as there are no symbols to strip. This should be fixed as well. signature.asc Description: This is a digitally signed message part
Bug#956922: ITP: fsverity -- Userspace utilities for fs-verity
Package: wnpp Severity: wishlist Owner: Romain Perier * Package name: fsverity Version : 1.0 Upstream Author : Eric Biggers * URL : https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git * License : GPL Programming Lang: C Description : Userspace utilities for fs-verity This is fsverity, a userspace utility for fs-verity. fs-verity is a Linux kernel feature that does transparent on-demand integrity/authenticity verification of the contents of read-only files, using a hidden Merkle tree (hash tree) associated with the file. The mechanism is similar to dm-verity, but implemented at the file level rather than at the block device level. The fsverity utility allows you to set up fs-verity protected files. This package will be helpful for handling the fsverity feature on a file from userspace. I want to maintain this package. As DM, I need someone for the initial upload. Packaging is currently hosted here https://salsa.debian.org/rperier-guest/fsverity, and will be developed at https://salsa.debian.org/debian/fsverity