|
 |
df592d |
%global compat_soversion 0
|
|
|
df592d |
|
|
|
df592d |
Name: ima-evm-utils
|
|
|
df592d |
Version: 1.3.2
|
|
|
df592d |
Release: 12%{?dist}
|
|
|
430cf6 |
Summary: IMA/EVM support utilities
|
|
|
430cf6 |
License: GPLv2
|
|
|
df592d |
Url: http://linux-ima.sourceforge.net/
|
|
|
df592d |
Source: http://sourceforge.net/projects/linux-ima/files/ima-evm-utils/%{name}-%{version}.tar.gz
|
|
|
df592d |
Source10: ima-evm-utils-1.1.tar.gz
|
|
|
df592d |
|
|
|
df592d |
Patch0: 0001-Fix-sign_hash-not-observing-the-hashalgo-argument.patch
|
|
|
df592d |
# compat patches
|
|
|
430cf6 |
Patch1: docbook-xsl-path.patch
|
|
|
430cf6 |
Patch2: covscan-memory-leaks.patch
|
|
|
430cf6 |
Patch3: annocheck-opt-flag.patch
|
|
|
2f70a7 |
Patch4: libimaevm-keydesc-import.patch
|
|
|
430cf6 |
|
|
|
df592d |
BuildRequires: asciidoc
|
|
|
df592d |
BuildRequires: autoconf
|
|
|
df592d |
BuildRequires: automake
|
|
|
df592d |
BuildRequires: gcc
|
|
|
df592d |
BuildRequires: keyutils-libs-devel
|
|
|
df592d |
BuildRequires: libtool
|
|
|
df592d |
BuildRequires: libxslt
|
|
|
df592d |
BuildRequires: openssl-devel
|
|
|
df592d |
BuildRequires: tpm2-tss-devel
|
|
|
df592d |
# compat requirement
|
|
|
df592d |
BuildRequires: libattr-devel
|
|
|
df592d |
|
|
|
df592d |
#Requires: tpm2-tss
|
|
|
df592d |
|
|
|
430cf6 |
%description
|
|
|
430cf6 |
The Trusted Computing Group(TCG) run-time Integrity Measurement Architecture
|
|
|
430cf6 |
(IMA) maintains a list of hash values of executables and other sensitive
|
|
|
430cf6 |
system files, as they are read or executed. These are stored in the file
|
|
|
430cf6 |
systems extended attributes. The Extended Verification Module (EVM) prevents
|
|
|
430cf6 |
unauthorized changes to these extended attributes on the file system.
|
|
|
430cf6 |
ima-evm-utils is used to prepare the file system for these extended attributes.
|
|
|
430cf6 |
|
|
|
430cf6 |
%package devel
|
|
|
430cf6 |
Summary: Development files for %{name}
|
|
|
df592d |
Requires: %{name} = %{version}-%{release}
|
|
|
430cf6 |
|
|
|
430cf6 |
%description devel
|
|
|
430cf6 |
This package provides the header files for %{name}
|
|
|
430cf6 |
|
|
|
df592d |
%package -n %{name}%{compat_soversion}
|
|
|
df592d |
Summary: Compatibility package of %{name}
|
|
|
df592d |
|
|
|
df592d |
%description -n %{name}%{compat_soversion}
|
|
|
df592d |
This package provides the libimaevm.so.%{compat_soversion} relative to %{name}-1.1
|
|
|
df592d |
|
|
|
430cf6 |
%prep
|
|
|
430cf6 |
%setup -q
|
|
|
df592d |
%patch0 -p1
|
|
|
df592d |
mkdir compat/
|
|
|
df592d |
tar -zxf %{SOURCE10} --strip-components=1 -C compat/
|
|
|
df592d |
cd compat/
|
|
|
430cf6 |
%patch1 -p1
|
|
|
430cf6 |
%patch2 -p1
|
|
|
430cf6 |
%patch3 -p1
|
|
|
2f70a7 |
%patch4 -p1
|
|
|
430cf6 |
|
|
|
430cf6 |
%build
|
|
|
df592d |
# build compat version of the package
|
|
|
df592d |
pushd compat/
|
|
|
df592d |
autoreconf -vif
|
|
|
430cf6 |
%configure --disable-static
|
|
|
df592d |
%make_build
|
|
|
df592d |
popd
|
|
|
df592d |
|
|
|
df592d |
autoreconf -vif
|
|
|
df592d |
%configure --disable-static
|
|
|
df592d |
%make_build
|
|
|
430cf6 |
|
|
|
430cf6 |
%install
|
|
|
df592d |
%make_install
|
|
|
430cf6 |
find %{buildroot}%{_libdir} -type f -name "*.la" -print -delete
|
|
|
df592d |
# install compat libs
|
|
|
df592d |
pushd compat/src/.libs/
|
|
|
df592d |
install -p libimaevm.so.%{compat_soversion}.0.0 %{buildroot}%{_libdir}/libimaevm.so.%{compat_soversion}.0.0
|
|
|
df592d |
ln -s -f %{buildroot}%{_libdir}/libimaevm.so.%{compat_soversion}.0.0 %{buildroot}%{_libdir}/libimaevm.so.%{compat_soversion}
|
|
|
df592d |
popd
|
|
|
430cf6 |
|
|
|
430cf6 |
%ldconfig_scriptlets
|
|
|
430cf6 |
|
|
|
df592d |
%files
|
|
|
df592d |
%license COPYING
|
|
|
df592d |
%doc NEWS README AUTHORS
|
|
|
df592d |
%{_bindir}/*
|
|
|
df592d |
# if you need to bump the soname version, coordinate with dependent packages
|
|
|
df592d |
%{_libdir}/libimaevm.so.2
|
|
|
df592d |
%{_libdir}/libimaevm.so.2.0.0
|
|
|
df592d |
%{_mandir}/man1/*
|
|
|
df592d |
|
|
|
430cf6 |
%files devel
|
|
|
430cf6 |
%{_pkgdocdir}/*.sh
|
|
|
430cf6 |
%{_includedir}/*
|
|
|
430cf6 |
%{_libdir}/libimaevm.so
|
|
|
430cf6 |
|
|
|
df592d |
%files -n %{name}%{compat_soversion}
|
|
|
df592d |
%{_libdir}/libimaevm.so.%{compat_soversion}
|
|
|
df592d |
%{_libdir}/libimaevm.so.%{compat_soversion}.0.0
|
|
|
430cf6 |
|
|
|
430cf6 |
%changelog
|
|
|
df592d |
* Thu Feb 18 2021 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-12
|
|
|
df592d |
- Add compat subpackage for keeping the API stability in userspace
|
|
|
df592d |
|
|
|
df592d |
* Mon Jan 25 2021 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-11
|
|
|
df592d |
- Bump release number for yet another rebuild
|
|
|
df592d |
|
|
|
df592d |
* Mon Jan 25 2021 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-10
|
|
|
df592d |
- Add patch for fixing hash algorithm used through libimaevm
|
|
|
df592d |
|
|
|
df592d |
* Fri Jan 15 2021 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-9
|
|
|
df592d |
- Add tpm2-tss as a runtime dependency
|
|
|
df592d |
|
|
|
df592d |
* Sun Jan 10 2021 Michal Domonkos <mdomonko@redhat.com> - 1.3.2-8
|
|
|
df592d |
- Bump release number for yet another couple of rebuilds
|
|
|
df592d |
|
|
|
df592d |
* Wed Jan 06 2021 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-4
|
|
|
df592d |
- Bump release number for yet another build for solving wrong target usage
|
|
|
df592d |
|
|
|
df592d |
* Wed Jan 06 2021 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-3
|
|
|
df592d |
- Bump release number for another build, handling build issues
|
|
|
df592d |
|
|
|
df592d |
* Tue Dec 01 2020 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-2
|
|
|
df592d |
- Bump release number for forcing a new build
|
|
|
df592d |
|
|
|
df592d |
* Mon Nov 09 2020 Bruno Meneguele <bmeneg@redhat.com> - 1.3.2-1
|
|
|
df592d |
- Rebase to upstream v1.3.2 version
|
|
|
df592d |
- Sync specfile with Fedora's version
|
|
|
df592d |
|
|
|
2f70a7 |
* Thu Mar 28 2019 Bruno E. O. Meneguele <bmeneg@redhat.com> - 1.1-5
|
|
|
2f70a7 |
- Add patch to correctly handle key description on keyring during importation
|
|
|
2f70a7 |
|
|
|
430cf6 |
* Mon Oct 29 2018 Bruno E. O. Meneguele <bmeneg@redhat.com> - 1.1-4
|
|
|
430cf6 |
- Solve a single memory leak not handled by the last patch
|
|
|
430cf6 |
|
|
|
430cf6 |
* Thu Oct 25 2018 Bruno E. O. Meneguele <bmeneg@redhat.com> - 1.1-3
|
|
|
430cf6 |
- Solve memory leaks pointed by covscan tool
|
|
|
430cf6 |
- Add optimization flag O2 during compilation to satisfy annocheck tool
|
|
|
430cf6 |
|
|
|
430cf6 |
* Fri Mar 02 2018 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.1-2
|
|
|
430cf6 |
- Remove libtool files
|
|
|
430cf6 |
- Run ldconfig scriptlets after un/installing
|
|
|
430cf6 |
- Add -devel subpackage to handle include files and examples
|
|
|
430cf6 |
- Disable any static file in the package
|
|
|
430cf6 |
|
|
|
430cf6 |
* Fri Feb 16 2018 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.1-1
|
|
|
430cf6 |
- New upstream release
|
|
|
430cf6 |
- Support for OpenSSL 1.1 was added directly to the source code in upstream,
|
|
|
430cf6 |
thus removing specific patch for it
|
|
|
430cf6 |
- Docbook xsl stylesheet updated to a local path
|
|
|
430cf6 |
|
|
|
430cf6 |
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0-5
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Fri Feb 02 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.0-4
|
|
|
430cf6 |
- Switch to %%ldconfig_scriptlets
|
|
|
430cf6 |
|
|
|
430cf6 |
* Fri Dec 01 2017 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.0-3
|
|
|
430cf6 |
- Add OpenSSL 1.1 API support for the package, avoiding the need of
|
|
|
430cf6 |
compat-openssl10-devel package
|
|
|
430cf6 |
|
|
|
430cf6 |
* Mon Nov 20 2017 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.0-2
|
|
|
430cf6 |
- Adjusted docbook xsl path to match the correct stylesheet
|
|
|
430cf6 |
- Remove only *.la files, considering there aren't any *.a files
|
|
|
430cf6 |
|
|
|
430cf6 |
* Tue Sep 05 2017 Bruno E. O. Meneguele <brdeoliv@redhat.com> - 1.0-1
|
|
|
430cf6 |
- New upstream release
|
|
|
430cf6 |
- Add OpenSSL 1.0 compatibility package, due to issues with OpenSSL 1.1
|
|
|
430cf6 |
- Remove libtool files
|
|
|
430cf6 |
- Run ldconfig after un/installation to update *.so files
|
|
|
430cf6 |
- Add -devel subpackage to handle include files and examples
|
|
|
430cf6 |
|
|
|
430cf6 |
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-7
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-6
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-5
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.9-4
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Tue Jan 26 2016 Lubomir Rintel <lkundrak@v3.sk> - 0.9-3
|
|
|
430cf6 |
- Fix FTBFS
|
|
|
430cf6 |
|
|
|
430cf6 |
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-2
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Fri Oct 31 2014 Avesh Agarwal <avagarwa@redhat.com> - 0.9-1
|
|
|
430cf6 |
- New upstream release
|
|
|
430cf6 |
- Applied a patch to fix man page issues.
|
|
|
430cf6 |
- Updated spec file
|
|
|
430cf6 |
|
|
|
430cf6 |
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-3
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-2
|
|
|
430cf6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
430cf6 |
|
|
|
430cf6 |
* Tue Aug 27 2013 Vivek Goyal <vgoyal@redhat.com> - 0.6-1
|
|
|
430cf6 |
- Initial package
|