diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b487032 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/ima-evm-utils-1.1.tar.gz diff --git a/.ima-evm-utils.metadata b/.ima-evm-utils.metadata new file mode 100644 index 0000000..821fb5f --- /dev/null +++ b/.ima-evm-utils.metadata @@ -0,0 +1 @@ +58705b3544ae6e650042374dba535c0b3837b8fc SOURCES/ima-evm-utils-1.1.tar.gz diff --git a/SOURCES/docbook-xsl-path.patch b/SOURCES/docbook-xsl-path.patch new file mode 100644 index 0000000..e4ee8e5 --- /dev/null +++ b/SOURCES/docbook-xsl-path.patch @@ -0,0 +1,12 @@ +diff -urNp ima-evm-utils-1.0-orig/Makefile.am ima-evm-utils-1.0/Makefile.am +--- ima-evm-utils-1.0-orig/Makefile.am 2015-07-30 15:28:53.000000000 -0300 ++++ ima-evm-utils-1.0/Makefile.am 2017-11-20 16:20:04.245591165 -0200 +@@ -24,7 +24,7 @@ rpm: $(tarname) + rpmbuild -ba --nodeps $(SPEC) + + # requires asciidoc, xslproc, docbook-xsl +-MANPAGE_DOCBOOK_XSL = /usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl ++MANPAGE_DOCBOOK_XSL = /usr/share/sgml/docbook/xsl-stylesheets/manpages/docbook.xsl + + evmctl.1.html: README + @asciidoc -o $@ $< diff --git a/SOURCES/libimaevm-keydesc-import.patch b/SOURCES/libimaevm-keydesc-import.patch new file mode 100644 index 0000000..fb20ebc --- /dev/null +++ b/SOURCES/libimaevm-keydesc-import.patch @@ -0,0 +1,37 @@ +diff --git a/src/libimaevm.c b/src/libimaevm.c +index 6fa0ed4..b6f9b9f 100644 +--- a/src/libimaevm.c ++++ b/src/libimaevm.c +@@ -672,12 +672,11 @@ void calc_keyid_v1(uint8_t *keyid, char *str, const unsigned char *pkey, int len + memcpy(keyid, sha1 + 12, 8); + log_debug("keyid: "); + log_debug_dump(keyid, 8); ++ id = __be64_to_cpup((__be64 *) keyid); ++ sprintf(str, "%llX", (unsigned long long)id); + +- if (params.verbose > LOG_INFO) { +- id = __be64_to_cpup((__be64 *) keyid); +- sprintf(str, "%llX", (unsigned long long)id); ++ if (params.verbose > LOG_INFO) + log_info("keyid-v1: %s\n", str); +- } + } + + void calc_keyid_v2(uint32_t *keyid, char *str, RSA *key) +@@ -694,11 +693,10 @@ void calc_keyid_v2(uint32_t *keyid, char *str, RSA *key) + memcpy(keyid, sha1 + 16, 4); + log_debug("keyid: "); + log_debug_dump(keyid, 4); ++ sprintf(str, "%x", __be32_to_cpup(keyid)); + +- if (params.verbose > LOG_INFO) { +- sprintf(str, "%x", __be32_to_cpup(keyid)); ++ if (params.verbose > LOG_INFO) + log_info("keyid: %s\n", str); +- } + + free(pkey); + } +-- +2.19.1 + diff --git a/SPECS/ima-evm-utils.spec b/SPECS/ima-evm-utils.spec new file mode 100644 index 0000000..08cdb5d --- /dev/null +++ b/SPECS/ima-evm-utils.spec @@ -0,0 +1,105 @@ + +Summary: IMA/EVM support utilities +Name: ima-evm-utils +Version: 1.1 +Release: 3%{?dist} +License: GPLv2 +Url: http://linux-ima.sourceforge.net/ +Source: http://sourceforge.net/projects/linux-ima/files/ima-evm-utils/%{name}-%{version}.tar.gz +BuildRequires: autoconf automake libtool m4 asciidoc libxslt +BuildRequires: openssl-devel libattr-devel keyutils-libs-devel +Patch1: docbook-xsl-path.patch +Patch2: libimaevm-keydesc-import.patch + +%description +The Trusted Computing Group(TCG) run-time Integrity Measurement Architecture +(IMA) maintains a list of hash values of executables and other sensitive +system files, as they are read or executed. These are stored in the file +systems extended attributes. The Extended Verification Module (EVM) prevents +unauthorized changes to these extended attributes on the file system. +ima-evm-utils is used to prepare the file system for these extended attributes. + +%package devel +Summary: Development files for %{name} +Requires: ima-evm-utils = %{version}-%{release} + +%description devel +This package provides the header files for %{name} + +%prep +%setup -q +%patch1 -p1 +%patch2 -p1 + +%build +mkdir -p m4 +autoreconf -f -i +%configure --disable-static +make %{?_smp_mflags} + +%install +make DESTDIR=%{buildroot} install +find %{buildroot}%{_libdir} -type f -name "*.la" -print -delete + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%files devel +%{_docdir}/%{name}/*.sh +%{_includedir}/* +%{_libdir}/libimaevm.so + +%files +%doc ChangeLog README AUTHORS +%license COPYING +%{_bindir}/* +%{_libdir}/libimaevm.so.* +%{_mandir}/man1/* + +%changelog +* Fri Mar 01 2019 Bruno E. O. Meneguele - 1.1-3 +- Add patch to correctly handle key description on keyring during importation + +* Mon Feb 26 2018 Bruno E. O. Meneguele - 1.1-2 +- Add Requires for -devel subpackage + +* Mon Feb 26 2018 Bruno E. O. Meneguele - 1.1-1 +- New upstream release +- Adjusted docbook xsl path to match the correct stylesheet +- Remove only *.la files, considering there aren't any *.a files + +* Tue Sep 05 2017 Bruno E. O. Meneguele - 1.0-1 +- New upstream release +- Remove libtool files +- Run ldconfig after un/installation to update *.so files +- Add -devel subpackage to handle include files and examples + +* Thu May 11 2017 Laura Abbott - 0.9-6 +- Use explicit version of _pkgdocdir for non-versioning + +* Fri Feb 10 2017 Fedora Release Engineering - 0.9-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Feb 04 2016 Fedora Release Engineering - 0.9-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Jan 26 2016 Lubomir Rintel - 0.9-3 +- Fix FTBFS + +* Wed Jun 17 2015 Fedora Release Engineering - 0.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Fri Oct 31 2014 Avesh Agarwal - 0.9-1 +- New upstream release +- Applied a patch to fix man page issues. +- Updated spec file + +* Sat Aug 16 2014 Fedora Release Engineering - 0.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 0.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Aug 27 2013 Vivek Goyal - 0.6-1 +- Initial package