diff options
Diffstat (limited to 'meta-security/meta-tpm/recipes-tpm/trousers/files')
5 files changed, 196 insertions, 0 deletions
diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch b/meta-security/meta-tpm/recipes-tpm/trousers/files/0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch new file mode 100644 index 000000000..7b3cc77c5 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch @@ -0,0 +1,68 @@ +From 3396fc7a184293c23135161f034802062f7f3816 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <adraszik@tycoint.com> +Date: Wed, 1 Nov 2017 11:41:48 +0000 +Subject: [PATCH] build: don't override --localstatedir --mandir --sysconfdir +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +It is currently impossible to override localstatedir, +mandir and sysconfdir during ./configure, because they +are being overriden unconditionally because of they +way trousers is built using rpmbuild. + +If they need massaging for rpmbuild, the values should +be specified inside the spec file, not in ./configure +and thereby overriding user-requested values. + +With this patch it is now possible to set above +locations as needed. The .spec file is being modified +as well so as to restore previous behaviour. + +Signed-off-by: André Draszik <adraszik@tycoint.com> +--- +Upstream-Status: Submitted [https://sourceforge.net/p/trousers/mailman/message/36099290/] +Signed-off-by: André Draszik <adraszik@tycoint.com> + configure.ac | 11 ++--------- + dist/trousers.spec.in | 2 +- + 2 files changed, 3 insertions(+), 10 deletions(-) + +diff --git a/configure.ac b/configure.ac +index b9626af..7fe5f8e 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -376,16 +376,9 @@ CFLAGS="$CFLAGS -I../include \ + KERNEL_VERSION=`uname -r` + AC_SUBST(CFLAGS) + +-# When we build the rpms, prefix will be /usr. This'll do some things that make sense, +-# like put our sbin stuff in /usr/sbin and our library in /usr/lib. It'll do some other +-# things that don't make sense like put our config file in /usr/etc. So, I'll just hack +-# it here. If the --prefix option isn't specified during configure, let it all go to ++# If the --prefix option isn't specified during configure, let it all go to + # /usr/local, even /usr/local/etc. :-P +-if test x"${prefix}" = x"/usr"; then +- sysconfdir="/etc" +- localstatedir="/var" +- mandir="/usr/share/man" +-elif test x"${prefix}" = x"NONE"; then ++if test x"${prefix}" = x"NONE"; then + localstatedir="/usr/local/var" + fi + +diff --git a/dist/trousers.spec.in b/dist/trousers.spec.in +index b298b0e..10ef178 100644 +--- a/dist/trousers.spec.in ++++ b/dist/trousers.spec.in +@@ -45,7 +45,7 @@ applications. + + %build + %{?arch64:export PKG_CONFIG_PATH=%{pkgconfig_path}:$PKG_CONFIG_PATH} +-./configure --prefix=/usr --libdir=%{_libdir} ++./configure --prefix=/usr --libdir=%{_libdir} --sysconfdir=/etc --localstatedir=/var --mandir=/usr/share/man + make + + %clean +-- +2.15.0.rc1 + diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch b/meta-security/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch new file mode 100644 index 000000000..3f5a144d9 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch @@ -0,0 +1,49 @@ +trousers: fix compiling with musl + +use POSIX getpwent instead of getpwent_r + +Upstream-Status: Submitted + +Signed-off-by: Armin Kuster <akuster@mvista.com> + +Index: git/src/tspi/ps/tspps.c +=================================================================== +--- git.orig/src/tspi/ps/tspps.c ++++ git/src/tspi/ps/tspps.c +@@ -66,9 +66,6 @@ get_user_ps_path(char **file) + TSS_RESULT result; + char *file_name = NULL, *home_dir = NULL; + struct passwd *pwp; +-#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) +- struct passwd pw; +-#endif + struct stat stat_buf; + char buf[PASSWD_BUFSIZE]; + uid_t euid; +@@ -96,24 +93,15 @@ get_user_ps_path(char **file) + #else + setpwent(); + while (1) { +-#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) +- rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp); +- if (rc) { +- LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s", +- strerror(rc)); +- endpwent(); +- return TSPERR(TSS_E_INTERNAL_ERROR); +- } +- +-#elif (defined (__FreeBSD__) || defined (__OpenBSD__)) + if ((pwp = getpwent()) == NULL) { + LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s", + strerror(rc)); + endpwent(); ++#if (defined (__FreeBSD__) || defined (__OpenBSD__)) + MUTEX_UNLOCK(user_ps_path); ++#endif + return TSPERR(TSS_E_INTERNAL_ERROR); + } +-#endif + if (euid == pwp->pw_uid) { + home_dir = strdup(pwp->pw_dir); + break; diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/tcsd.service b/meta-security/meta-tpm/recipes-tpm/trousers/files/tcsd.service new file mode 100644 index 000000000..787d4e97b --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/tcsd.service @@ -0,0 +1,10 @@ +[Unit] +Description=TCG Core Services Daemon +After=syslog.target + +[Service] +Type=forking +ExecStart=@SBINDIR@/tcsd + +[Install] +WantedBy=multi-user.target diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules new file mode 100644 index 000000000..256babd73 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules @@ -0,0 +1,2 @@ +# trousers daemon expects tpm device to be owned by tss user & group +KERNEL=="tpm[0-9]*", MODE="0600", OWNER="tss", GROUP="tss" diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh new file mode 100644 index 000000000..d0d6cb3c4 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh @@ -0,0 +1,67 @@ +#!/bin/sh + +### BEGIN INIT INFO +# Provides: tcsd trousers +# Required-Start: $local_fs $remote_fs $network +# Required-Stop: $local_fs $remote_fs $network +# Should-Start: +# Should-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: starts tcsd +# Description: tcsd belongs to the TrouSerS TCG Software Stack +### END INIT INFO + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/tcsd +NAME=tcsd +DESC="Trusted Computing daemon" +USER="tss" + +test -x "${DAEMON}" || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +case "${1}" in + start) + echo "Starting $DESC: " + + if [ ! -e /dev/tpm* ] + then + echo "device driver not loaded, skipping." + exit 0 + fi + + start-stop-daemon --start --quiet --oknodo \ + --pidfile /var/run/${NAME}.pid --make-pidfile --background \ + --user ${USER} --chuid ${USER} \ + --exec ${DAEMON} -- ${DAEMON_OPTS} --foreground + RETVAL="$?" + echo "$NAME." + exit $RETVAL + ;; + + stop) + echo "Stopping $DESC: " + + start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --exec ${DAEMON} + RETVAL="$?" + echo "$NAME." + rm -f /var/run/${NAME}.pid + exit $RETVAL + ;; + + restart|force-reload) + "${0}" stop + sleep 1 + "${0}" start + exit $? + ;; + *) + echo "Usage: ${NAME} {start|stop|restart|force-reload|status}" >&2 + exit 3 + ;; +esac + +exit 0 |
