forked from brl/citadel
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 2a3c63e044 | |||
| 4f016177b9 |
@@ -290,9 +290,3 @@ CONF_VERSION = "2"
|
||||
#
|
||||
# CITADEL_GNOME_SHELL_PATH = "/home/user/citadel-gnome/gnome-shell"
|
||||
# CITADEL_MUTTER_PATH = "/home/user/citadel-gnome/mutter"
|
||||
#
|
||||
|
||||
#
|
||||
# Uncomment to include tpm2-tools package in Citadel rootfs image
|
||||
#
|
||||
#INCLUDE_TPM2_TOOLS = "1"
|
||||
|
||||
@@ -10,7 +10,6 @@ GROUPADD_PARAM:${PN} += "-r wheel; -r kvm; -r render"
|
||||
PACKAGECONFIG = "\
|
||||
efi acl ldconfig pam rfkill backlight binfmt hostnamed localed logind machined myhostname \
|
||||
nss polkit randomseed seccomp timedated utmp timesyncd kmod sysusers gshadow cryptsetup \
|
||||
tpm2 repart openssl \
|
||||
"
|
||||
|
||||
# This is to avoid deletion of tmp.mount
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
|
||||
DEPENDS = "tpm2-tss openssl curl efivar"
|
||||
@@ -387,7 +387,7 @@ LocalDirs: acng-doc /usr/share/doc/apt-cacher-ng
|
||||
# This restriction can be disabled by specifying a list of allowed ports or 0
|
||||
# for any port.
|
||||
#
|
||||
AllowUserPorts: 80 443
|
||||
# AllowUserPorts: 80
|
||||
|
||||
# Normally the HTTP redirection responses are forwarded to the original caller
|
||||
# (i.e. APT) which starts a new download attempt from the new URL. This
|
||||
|
||||
@@ -1,12 +1,3 @@
|
||||
// For launching terminal from realmsd
|
||||
polkit.addRule(function(action, subject) {
|
||||
if ((action.id == "org.freedesktop.machine1.shell" ||
|
||||
action.id == "org.freedesktop.machine1.host-open-pty") &&
|
||||
subject.isInGroup("users")) {
|
||||
return polkit.Result.YES;
|
||||
}
|
||||
});
|
||||
|
||||
polkit.addRule(function(action, subject) {
|
||||
if ((action.id == "org.freedesktop.NetworkManager.settings.modify.system" ||
|
||||
action.id == "org.freedesktop.machine1.shell" ||
|
||||
@@ -15,4 +6,3 @@ polkit.addRule(function(action, subject) {
|
||||
return polkit.Result.YES;
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ LICENSE="CLOSED"
|
||||
SRC_URI = "gitsm://git.subgraph.com/brl/citadel-realms.git;protocol=https;branch=master"
|
||||
|
||||
PV = "1.0"
|
||||
SRCREV = "2270a3e7b35add1d9155017525251a72228a84ad"
|
||||
SRCREV = "ab78839ae43bf0d225e05d736b03bc2a08330d1f"
|
||||
|
||||
S = "${WORKDIR}/git"
|
||||
|
||||
|
||||
@@ -47,10 +47,6 @@ setup_var() {
|
||||
|
||||
# do_rootfs() will fail otherwise
|
||||
ln -sf ../usr/share/factory/var/lib ${IMAGE_ROOTFS}/var/lib
|
||||
|
||||
# Create the symbolic link inside the root filesystem before it's packaged
|
||||
install -d ${IMAGE_ROOTFS}/storage/citadel-state
|
||||
ln -sf /usr/share/zoneinfo/America/Montreal ${IMAGE_ROOTFS}/storage/citadel-state/localtime
|
||||
}
|
||||
|
||||
append_os_release() {
|
||||
|
||||
@@ -12,5 +12,4 @@ RDEPENDS:${PN} = "\
|
||||
citadel-tools-boot \
|
||||
citadel-installer-ui \
|
||||
citadel-documentation \
|
||||
${@'tpm2-tools' if d.getVar('INCLUDE_TPM2_TOOLS') == "1" else "" } \
|
||||
"
|
||||
|
||||
@@ -14,7 +14,7 @@ require citadel-tools-crates.inc
|
||||
#
|
||||
# Update this when changes are pushed to github
|
||||
#
|
||||
SRCREV = "3a3d5c3b9b02728753d4f659073168c5d3f3664e"
|
||||
SRCREV = "729c197dcc3fc35d36267aa7bdbeb037a50ea74e"
|
||||
|
||||
# get git repo owner from citadel to find the correct citadel-tools repo path
|
||||
python () {
|
||||
|
||||
@@ -1,106 +0,0 @@
|
||||
From c3eb378f7f81179d830e9c7d585e53a20c385dee Mon Sep 17 00:00:00 2001
|
||||
From: Yi Zhao <yi.zhao@windriver.com>
|
||||
Date: Wed, 22 Jul 2020 13:45:44 +0800
|
||||
Subject: [PATCH] tests: switch to python3
|
||||
|
||||
The python2 is EOL and in some distributions (e.g. CentOS 8/RHEL 8),
|
||||
there is no python symbolic link by default.
|
||||
See: https://developers.redhat.com/blog/2018/11/14/python-in-rhel-8/
|
||||
|
||||
Update the scripts to switch to python3.
|
||||
|
||||
Upstream-Status: Pending
|
||||
|
||||
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
||||
---
|
||||
test/integration/helpers.sh | 12 +++---------
|
||||
test/integration/tests/activecredential.sh | 4 +---
|
||||
test/integration/tests/getcap.sh | 4 +---
|
||||
test/integration/tests/print.sh | 4 +---
|
||||
4 files changed, 6 insertions(+), 18 deletions(-)
|
||||
|
||||
diff --git a/test/integration/helpers.sh b/test/integration/helpers.sh
|
||||
index b986662..d370a2a 100644
|
||||
--- a/test/integration/helpers.sh
|
||||
+++ b/test/integration/helpers.sh
|
||||
@@ -51,9 +51,7 @@ is_cmd_supported() {
|
||||
|
||||
function filter_algs_by() {
|
||||
|
||||
-python << pyscript
|
||||
-from __future__ import print_function
|
||||
-
|
||||
+python3 << pyscript
|
||||
import sys
|
||||
import yaml
|
||||
|
||||
@@ -176,9 +174,7 @@ populate_alg_modes() {
|
||||
# as the first argument loads as a YAML file.
|
||||
#
|
||||
function yaml_verify() {
|
||||
-python << pyscript
|
||||
-from __future__ import print_function
|
||||
-
|
||||
+python3 << pyscript
|
||||
import sys
|
||||
import yaml
|
||||
|
||||
@@ -202,9 +198,7 @@ function yaml_get_kv() {
|
||||
third_arg=$3
|
||||
fi
|
||||
|
||||
-python << pyscript
|
||||
-from __future__ import print_function
|
||||
-
|
||||
+python3 << pyscript
|
||||
import sys
|
||||
import yaml
|
||||
|
||||
diff --git a/test/integration/tests/activecredential.sh b/test/integration/tests/activecredential.sh
|
||||
index 703823d..95019bf 100644
|
||||
--- a/test/integration/tests/activecredential.sh
|
||||
+++ b/test/integration/tests/activecredential.sh
|
||||
@@ -45,9 +45,7 @@ tpm2 flushcontext session.ctx
|
||||
diff actcred.out secret.data
|
||||
|
||||
# Capture the yaml output and verify that its the same as the name output
|
||||
-loaded_key_name_yaml=`python << pyscript
|
||||
-from __future__ import print_function
|
||||
-
|
||||
+loaded_key_name_yaml=`python3 << pyscript
|
||||
import yaml
|
||||
|
||||
with open('ak.out', 'r') as f:
|
||||
diff --git a/test/integration/tests/getcap.sh b/test/integration/tests/getcap.sh
|
||||
index ebd16fd..9ecb31e 100644
|
||||
--- a/test/integration/tests/getcap.sh
|
||||
+++ b/test/integration/tests/getcap.sh
|
||||
@@ -15,9 +15,7 @@ trap cleanup EXIT
|
||||
|
||||
function yaml_to_list() {
|
||||
|
||||
-python << pyscript
|
||||
-from __future__ import print_function
|
||||
-
|
||||
+python3 << pyscript
|
||||
import sys
|
||||
import yaml
|
||||
|
||||
diff --git a/test/integration/tests/print.sh b/test/integration/tests/print.sh
|
||||
index 977543b..1465c7d 100644
|
||||
--- a/test/integration/tests/print.sh
|
||||
+++ b/test/integration/tests/print.sh
|
||||
@@ -56,9 +56,7 @@ tpm2 quote -Q -c $ak_ctx -l "sha256:0,2,4,9,10,11,12,17" -q "0f8beb45ac" \
|
||||
tpm2 print -t TPMS_ATTEST $quote_file > $print_file
|
||||
|
||||
# Check printed yaml
|
||||
-python << pyscript
|
||||
-from __future__ import print_function
|
||||
-
|
||||
+python3 << pyscript
|
||||
import sys
|
||||
import re
|
||||
import yaml
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -1,19 +0,0 @@
|
||||
SUMMARY = "Trusted Platform Module 2.0 tools"
|
||||
DESCRIPTION = "Trusted Platform Module (TPM2.0) tools based on tpm2-tss."
|
||||
SECTION = "tpm"
|
||||
|
||||
LICENSE = "BSD-3-Clause"
|
||||
LIC_FILES_CHKSUM = "file://docs/LICENSE;md5=a846608d090aa64494c45fc147cc12e3"
|
||||
|
||||
SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz \
|
||||
file://0001-tests-switch-to-python3.patch \
|
||||
"
|
||||
|
||||
SRC_URI[sha256sum] = "3810d36b5079256f4f2f7ce552e22213d43b1031c131538df8a2dbc3c570983a"
|
||||
|
||||
UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases"
|
||||
UPSTREAM_CHECK_REGEX = "releases/tag/v?(?P<pver>\d+(\.\d+)+)"
|
||||
|
||||
DEPENDS = "tpm2-abrmd tpm2-tss openssl curl"
|
||||
|
||||
inherit autotools pkgconfig bash-completion
|
||||
@@ -1,53 +0,0 @@
|
||||
From 3a1d6cd2f41ecd73c7d867b22546857286db8f95 Mon Sep 17 00:00:00 2001
|
||||
From: Yi Zhao <yi.zhao@windriver.com>
|
||||
Date: Wed, 26 Apr 2023 17:01:31 +0800
|
||||
Subject: [PATCH] Do not create user and group
|
||||
|
||||
Do not create user/group since we are in cross build env.
|
||||
|
||||
Upstream-Status: Inappropriate [embedded specific]
|
||||
|
||||
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
||||
---
|
||||
Makefile.am | 2 +-
|
||||
configure.ac | 11 -----------
|
||||
2 files changed, 1 insertion(+), 12 deletions(-)
|
||||
|
||||
diff --git a/Makefile.am b/Makefile.am
|
||||
index f03d15c..30fad17 100644
|
||||
--- a/Makefile.am
|
||||
+++ b/Makefile.am
|
||||
@@ -994,7 +994,7 @@ endif
|
||||
@test -n "$(DESTDIR)" || $(call check_fapi_dirs)
|
||||
endif
|
||||
|
||||
-install-data-hook: install-dirs
|
||||
+install-data-hook:
|
||||
-if [ ! -z "$(udevrulesprefix)" ]; then \
|
||||
mv $(DESTDIR)$(udevrulesdir)/tpm-udev.rules $(DESTDIR)$(udevrulesdir)/$(udevrulesprefix)tpm-udev.rules; \
|
||||
fi
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index eb6051e..a52c472 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -663,17 +663,6 @@ AM_CONDITIONAL([SYSD_SYSUSERS], [test "x$systemd_sysusers" = "xyes" && test "x$s
|
||||
AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes)
|
||||
AM_CONDITIONAL([SYSD_TMPFILES], [test "x$systemd_tmpfiles" = "xyes" && test "x$tmpfilesdir" != "xno"])
|
||||
|
||||
-# Check all tools used by make install
|
||||
-AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"],
|
||||
- [ AC_CHECK_PROG(useradd, useradd, yes)
|
||||
- AC_CHECK_PROG(groupadd, groupadd, yes)
|
||||
- AC_CHECK_PROG(adduser, adduser, yes)
|
||||
- AC_CHECK_PROG(addgroup, addgroup, yes)
|
||||
- AS_IF([test "x$addgroup" != "xyes" && test "x$groupadd" != "xyes" ],
|
||||
- [AC_MSG_ERROR([addgroup or groupadd are needed.])])
|
||||
- AS_IF([test "x$adduser" != "xyes" && test "x$useradd" != "xyes" ],
|
||||
- [AC_MSG_ERROR([adduser or useradd are needed.])])])
|
||||
-
|
||||
AC_SUBST([PATH])
|
||||
|
||||
dnl --------- Doxy Gen -----------------------
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -1,85 +0,0 @@
|
||||
SUMMARY = "Software stack for TPM2."
|
||||
DESCRIPTION = "OSS implementation of the TCG TPM2 Software Stack (TSS2) "
|
||||
SECTION = "tpm"
|
||||
|
||||
LICENSE = "BSD-2-Clause"
|
||||
LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da"
|
||||
|
||||
SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz \
|
||||
file://0001-Do-not-create-user-and-group.patch \
|
||||
"
|
||||
|
||||
SRC_URI[sha256sum] = "37f1580200ab78305d1fc872d89241aaee0c93cbe85bc559bf332737a60d3be8"
|
||||
|
||||
UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases"
|
||||
UPSTREAM_CHECK_REGEX = "releases/tag/v?(?P<pver>\d+(\.\d+)+)"
|
||||
|
||||
DEPENDS = "openssl"
|
||||
|
||||
inherit autotools pkgconfig systemd useradd
|
||||
|
||||
PACKAGECONFIG ??= ""
|
||||
PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, "
|
||||
PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,curl json-c util-linux-libuuid"
|
||||
PACKAGECONFIG[policy] = "--enable-policy,--disable-policy,curl json-c util-linux-libuuid"
|
||||
|
||||
EXTRA_OECONF += "--enable-static --with-udevrulesdir=${nonarch_base_libdir}/udev/rules.d/"
|
||||
EXTRA_OECONF:remove = " --disable-static"
|
||||
|
||||
USERADD_PACKAGES = "${PN}"
|
||||
GROUPADD_PARAM:${PN} = "--system tss"
|
||||
USERADD_PARAM:${PN} = "--system -M -d / -s /bin/false -g tss tss"
|
||||
|
||||
PROVIDES = "${PACKAGES}"
|
||||
PACKAGES = " \
|
||||
${PN} \
|
||||
${PN}-dbg \
|
||||
${PN}-doc \
|
||||
libtss2-mu \
|
||||
libtss2-mu-dev \
|
||||
libtss2-mu-staticdev \
|
||||
libtss2-tcti-device \
|
||||
libtss2-tcti-device-dev \
|
||||
libtss2-tcti-device-staticdev \
|
||||
libtss2-tcti-mssim \
|
||||
libtss2-tcti-mssim-dev \
|
||||
libtss2-tcti-mssim-staticdev \
|
||||
libtss2 \
|
||||
libtss2-dev \
|
||||
libtss2-staticdev \
|
||||
"
|
||||
|
||||
FILES:libtss2-tcti-device = "${libdir}/libtss2-tcti-device.so.*"
|
||||
FILES:libtss2-tcti-device-dev = " \
|
||||
${includedir}/tss2/tss2_tcti_device.h \
|
||||
${libdir}/pkgconfig/tss2-tcti-device.pc \
|
||||
${libdir}/libtss2-tcti-device.so"
|
||||
FILES:libtss2-tcti-device-staticdev = "${libdir}/libtss2-tcti-device.*a"
|
||||
|
||||
FILES:libtss2-tcti-mssim = "${libdir}/libtss2-tcti-mssim.so.*"
|
||||
FILES:libtss2-tcti-mssim-dev = " \
|
||||
${includedir}/tss2/tss2_tcti_mssim.h \
|
||||
${libdir}/pkgconfig/tss2-tcti-mssim.pc \
|
||||
${libdir}/libtss2-tcti-mssim.so"
|
||||
FILES:libtss2-tcti-mssim-staticdev = "${libdir}/libtss2-tcti-mssim.*a"
|
||||
|
||||
FILES:libtss2-mu = "${libdir}/libtss2-mu.so.*"
|
||||
FILES:libtss2-mu-dev = " \
|
||||
${includedir}/tss2/tss2_mu.h \
|
||||
${libdir}/pkgconfig/tss2-mu.pc \
|
||||
${libdir}/libtss2-mu.so"
|
||||
FILES:libtss2-mu-staticdev = "${libdir}/libtss2-mu.*a"
|
||||
|
||||
FILES:libtss2 = "${libdir}/libtss2*so.*"
|
||||
FILES:libtss2-dev = " \
|
||||
${includedir} \
|
||||
${libdir}/pkgconfig \
|
||||
${libdir}/libtss2*so"
|
||||
FILES:libtss2-staticdev = "${libdir}/libtss*a"
|
||||
|
||||
FILES:${PN} = " \
|
||||
${libdir}/udev \
|
||||
${nonarch_base_libdir}/udev \
|
||||
${sysconfdir}/tmpfiles.d \
|
||||
${sysconfdir}/tpm2-tss \
|
||||
${sysconfdir}/sysusers.d"
|
||||
Reference in New Issue
Block a user