From e9ad5427faff010e27f9f8d88f80b3e915612743 Mon Sep 17 00:00:00 2001 From: Marcel Telka Date: Wed, 13 Nov 2024 16:44:23 +0100 Subject: [PATCH] trousers: move 32 bit support to separate package --- components/library/trousers/Makefile | 26 ++++++++++- .../trousers/manifests/sample-manifest.p5m | 11 ++++- .../trousers/patches/04-configure-dirs.patch | 24 ++++++++++ .../library/trousers/patches/70-dilos.patch | 45 +------------------ .../library/trousers/patches/fno-common.patch | 2 +- components/library/trousers/pkg5 | 5 ++- components/library/trousers/trousers-32.p5m | 39 ++++++++++++++++ components/library/trousers/trousers.p5m | 29 +++++++----- 8 files changed, 118 insertions(+), 63 deletions(-) create mode 100644 components/library/trousers/patches/04-configure-dirs.patch create mode 100644 components/library/trousers/trousers-32.p5m diff --git a/components/library/trousers/Makefile b/components/library/trousers/Makefile index 38b94b5a688..adb6e8123fe 100644 --- a/components/library/trousers/Makefile +++ b/components/library/trousers/Makefile @@ -22,14 +22,14 @@ # Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. # -BUILD_BITS= 32_and_64 +BUILD_BITS= 64_and_32 USE_OPENSSL11= yes include ../../../make-rules/shared-macros.mk COMPONENT_NAME= trousers COMPONENT_VERSION= 0.3.11.2 -COMPONENT_REVISION= 5 +COMPONENT_REVISION= 6 COMPONENT_SUMMARY= TrouSerS TCG software to access a TPM device COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION) COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz @@ -42,6 +42,9 @@ COMPONENT_CLASSIFICATION= System/Security COMPONENT_LICENSE= BSD-3-Clause COMPONENT_LICENSE_FILE= LICENSE +COMPONENT_FMRI.$(COMPONENT_NAME)-32 = $(COMPONENT_FMRI)/32 +COMPONENT_SUMMARY.$(COMPONENT_NAME)-32 = $(COMPONENT_SUMMARY) (32-bit) + DROP_STATIC_LIBRARIES = yes TEST_TARGET= $(NO_TESTS) @@ -60,6 +63,9 @@ LD_OPTIONS += $(LD_Z_DEFS) CONFIGURE_SBINDIR.32 = $(CONFIGURE_LIBDIR.32) CONFIGURE_SBINDIR.64 = $(CONFIGURE_LIBDIR.64) +# deliver tcsd.conf in /etc/security +CONFIGURE_SYSCONFDIR = $(ETCDIR)/security + COMPONENT_PREP_ACTION= ( cd $(@D); PATH="$(PATH)" autoreconf -vif ) CONFIGURE_OPTIONS += --with-gui=openssl @@ -77,6 +83,22 @@ COMPONENT_POST_CONFIGURE_ACTION = (cd $(COMPONENT_SRC); \ /usr/bin/dos2unix $$f $$f; \ done;) +# Drop files installed for the 32-bit build that overlaps with files installed +# for the 64-bit build. +COMPONENT_POST_INSTALL_ACTION.32 += $(RM) -r $(PROTOETCDIR) ; +COMPONENT_POST_INSTALL_ACTION.32 += $(RM) -r $(PROTOUSRINCDIR) ; +COMPONENT_POST_INSTALL_ACTION.32 += $(RM) -r $(PROTOUSRSHAREMANDIR) ; + +# Install additional files +COMPONENT_POST_INSTALL_ACTION.64 += \ + $(INSTALL) -D $(SOURCE_DIR)/dist/system.data.auth $(PROTOVARDIR)/tpm/system/system.data.auth ; \ + $(INSTALL) -D $(SOURCE_DIR)/dist/system.data.noauth $(PROTOVARDIR)/tpm/system/system.data.noauth ; \ + $(SYMLINK) system.data.auth $(PROTOVARDIR)/tpm/system/system.data ; \ + $(INSTALL) -D $(COMPONENT_DIR)/files/auth_attr $(PROTOETCSECDIR)/auth_attr.d/trousers ; \ + $(INSTALL) -D $(COMPONENT_DIR)/files/prof_attr $(PROTOETCSECDIR)/prof_attr.d/trousers ; \ + $(INSTALL) -D $(COMPONENT_DIR)/files/tcsd.xml $(PROTOLIBDIR)/svc/manifest/application/security/tcsd.xml ; \ + $(INSTALL) -D $(COMPONENT_DIR)/files/tcsd.sh $(PROTOLIBDIR)/svc/method/tcsd.sh ; + # Auto-generated dependencies REQUIRED_PACKAGES += SUNWcs REQUIRED_PACKAGES += library/security/openssl diff --git a/components/library/trousers/manifests/sample-manifest.p5m b/components/library/trousers/manifests/sample-manifest.p5m index 43c9bc1cab7..e5b9b22fafc 100644 --- a/components/library/trousers/manifests/sample-manifest.p5m +++ b/components/library/trousers/manifests/sample-manifest.p5m @@ -10,7 +10,7 @@ # # -# Copyright 2023 +# Copyright 2024 # set name=pkg.fmri value=pkg:/$(COMPONENT_FMRI)@$(IPS_COMPONENT_VERSION),$(BUILD_VERSION) @@ -23,7 +23,11 @@ set name=org.opensolaris.consolidation value=$(CONSOLIDATION) license $(COMPONENT_LICENSE_FILE) license='$(COMPONENT_LICENSE)' -file path=etc/tcsd.conf +file path=etc/security/auth_attr.d/trousers +file path=etc/security/prof_attr.d/trousers +file path=etc/security/tcsd.conf +file path=lib/svc/manifest/application/security/tcsd.xml +file path=lib/svc/method/tcsd.sh file path=usr/include/trousers/trousers.h file path=usr/include/trousers/tss.h file path=usr/include/tss/compat11b.h @@ -138,3 +142,6 @@ file path=usr/share/man/man3/Tspi_TPM_StirRandom.3 file path=usr/share/man/man3/Tspi_TPM_TakeOwnership.3 file path=usr/share/man/man5/tcsd.conf.5 file path=usr/share/man/man8/tcsd.8 +link path=var/tpm/system/system.data target=system.data.auth +file path=var/tpm/system/system.data.auth +file path=var/tpm/system/system.data.noauth diff --git a/components/library/trousers/patches/04-configure-dirs.patch b/components/library/trousers/patches/04-configure-dirs.patch new file mode 100644 index 00000000000..394ec4ed12a --- /dev/null +++ b/components/library/trousers/patches/04-configure-dirs.patch @@ -0,0 +1,24 @@ +We do not want this directory location override. + +--- trousers-0.3.11.2/configure.in.orig ++++ trousers-0.3.11.2/configure.in +@@ -363,19 +363,6 @@ + KERNEL_VERSION=`uname -r` + AC_SUBST(CFLAGS) + +-# When we build the rpms, prefix will be /usr. This'll do some things that make sense, +-# like put our sbin stuff in /usr/sbin and our library in /usr/lib. It'll do some other +-# things that don't make sense like put our config file in /usr/etc. So, I'll just hack +-# it here. If the --prefix option isn't specified during configure, let it all go to +-# /usr/local, even /usr/local/etc. :-P +-if test x"${prefix}" = x"/usr"; then +- sysconfdir="/etc" +- localstatedir="/var" +- mandir="/usr/share/man" +-elif test x"${prefix}" = x"NONE"; then +- localstatedir="/usr/local/var" +-fi +- + AC_OUTPUT(dist/tcsd.conf \ + dist/fedora/trousers.spec \ + dist/trousers.spec \ diff --git a/components/library/trousers/patches/70-dilos.patch b/components/library/trousers/patches/70-dilos.patch index 40df5cb0843..8e391845891 100644 --- a/components/library/trousers/patches/70-dilos.patch +++ b/components/library/trousers/patches/70-dilos.patch @@ -72,52 +72,9 @@ tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c ---- trousers-0.3.11.2/src/tcsd/Makefile.in.orig -+++ trousers-0.3.11.2/src/tcsd/Makefile.in -@@ -64,7 +64,7 @@ - mkinstalldirs = $(install_sh) -d - CONFIG_CLEAN_FILES = - CONFIG_CLEAN_VPATH_FILES = --am__installdirs = "$(DESTDIR)$(sbindir)" -+am__installdirs = "$(DESTDIR)$(libdir)" - PROGRAMS = $(sbin_PROGRAMS) - am_tcsd_OBJECTS = tcsd-svrside.$(OBJEXT) tcsd-tcsd_conf.$(OBJEXT) \ - tcsd-tcsd_threads.$(OBJEXT) tcsd-platform.$(OBJEXT) -@@ -212,7 +212,7 @@ - prefix = @prefix@ - program_transform_name = @program_transform_name@ - psdir = @psdir@ --sbindir = @sbindir@ -+sbindir = @libdir@ - sharedstatedir = @sharedstatedir@ - srcdir = @srcdir@ - sysconfdir = @sysconfdir@ -@@ -227,8 +227,9 @@ - tcsd_CFLAGS = -DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" \ - -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include \ - -fPIE -DPIE $(am__append_1) $(am__append_2) --tcsd_LDADD = ${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@ --tcsd_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now -+tcsd_LDADD = ${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a \ -+ -lpthread -lbsm -lscf -lresolv @CRYPTOLIB@ -+tcsd_LDFLAGS = -Wl,-z,now - tcsd_SOURCES = svrside.c tcsd_conf.c tcsd_threads.c platform.c - all: all-am - --- trousers-0.3.11.2/src/include/tcsd.h.orig +++ trousers-0.3.11.2/src/include/tcsd.h -@@ -48,15 +48,25 @@ - of this TCS System */ - }; - -+#ifdef SOLARIS -+#define TCSD_DEFAULT_CONFIG_FILE "/etc/security/tcsd.conf" -+#else - #define TCSD_DEFAULT_CONFIG_FILE ETC_PREFIX "/tcsd.conf" -+#endif - extern char *tcsd_config_file; - - #define TSS_USER_NAME "tss" +@@ -55,8 +55,14 @@ #define TSS_GROUP_NAME "tss" #define TCSD_DEFAULT_MAX_THREADS 10 diff --git a/components/library/trousers/patches/fno-common.patch b/components/library/trousers/patches/fno-common.patch index 58a413a681d..6e61aa85219 100644 --- a/components/library/trousers/patches/fno-common.patch +++ b/components/library/trousers/patches/fno-common.patch @@ -1,6 +1,6 @@ --- trousers-0.3.11.2/src/include/tcsd.h.orig +++ trousers-0.3.11.2/src/include/tcsd.h -@@ -167,7 +167,7 @@ +@@ -163,7 +163,7 @@ void thread_signal_init(); /* signal handling */ diff --git a/components/library/trousers/pkg5 b/components/library/trousers/pkg5 index f7d5deff524..b73d61920db 100644 --- a/components/library/trousers/pkg5 +++ b/components/library/trousers/pkg5 @@ -7,7 +7,8 @@ "system/library/iconv/utf-8" ], "fmris": [ - "library/security/trousers" + "library/security/trousers", + "library/security/trousers/32" ], "name": "trousers" -} \ No newline at end of file +} diff --git a/components/library/trousers/trousers-32.p5m b/components/library/trousers/trousers-32.p5m new file mode 100644 index 00000000000..0db2eadd033 --- /dev/null +++ b/components/library/trousers/trousers-32.p5m @@ -0,0 +1,39 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. +# + +set name=pkg.fmri value=pkg:/$(COMPONENT_FMRI)@$(IPS_COMPONENT_VERSION),$(BUILD_VERSION) +set name=pkg.human-version value=$(HUMAN_VERSION) +set name=pkg.summary value="$(COMPONENT_SUMMARY)" +set name=info.classification value="$(COMPONENT_CLASSIFICATION)" +set name=info.upstream-url value=$(COMPONENT_PROJECT_URL) +set name=info.source-url value=$(COMPONENT_ARCHIVE_URL) +set name=org.opensolaris.consolidation value=$(CONSOLIDATION) + +license $(COMPONENT_LICENSE_FILE) license='$(COMPONENT_LICENSE)' + + default mode 0555> + +link path=usr/lib/libtspi.so target=libtspi.so.1.2.0 +link path=usr/lib/libtspi.so.1 target=libtspi.so.1.2.0 +file path=usr/lib/libtspi.so.1.2.0 +file path=usr/lib/tcsd diff --git a/components/library/trousers/trousers.p5m b/components/library/trousers/trousers.p5m index e39372d7108..55ffa998691 100644 --- a/components/library/trousers/trousers.p5m +++ b/components/library/trousers/trousers.p5m @@ -29,6 +29,9 @@ set name=info.upstream-url value=$(COMPONENT_PROJECT_URL) set name=info.source-url value=$(COMPONENT_ARCHIVE_URL) set name=org.opensolaris.consolidation value=$(CONSOLIDATION) +# 32 bit files used to live in this package +depend type=require fmri=$(COMPONENT_FMRI)/32 + # # libtspi needs to convert between codesets 646 and UTF-16LE, which are covered # by package system/library/iconv/utf-8. This is for function Trspi_Native_To_UNICODE() @@ -38,19 +41,22 @@ depend type=require fmri=pkg:/system/library/iconv/utf-8 license $(COMPONENT_LICENSE_FILE) license='$(COMPONENT_LICENSE)' + default mode 0644> + default preserve true> + default original_name SUNWtss-root:etc/security/tcsd.conf> default mode 0555> + default mode 0400> + default owner root> + default group sys> -file dist/system.data.auth path=var/tpm/system/system.data.auth mode=0400 owner=root group=sys -file dist/system.data.noauth path=var/tpm/system/system.data.noauth mode=0400 owner=root group=sys -link path=var/tpm/system/system.data target=system.data.auth dir path=var/tpm/pkcs11 group=sys mode=1777 owner=root dir path=var/tpm/system group=sys mode=0700 owner=root dir path=var/tpm/userps group=sys mode=1777 owner=root -file files/auth_attr path=etc/security/auth_attr.d/trousers -file files/prof_attr path=etc/security/prof_attr.d/trousers -file files/tcsd.xml path=lib/svc/manifest/application/security/tcsd.xml -file files/tcsd.sh path=lib/svc/method/tcsd.sh mode=0555 -file etc/tcsd.conf path=etc/security/tcsd.conf mode=0644 preserve=true original_name=SUNWtss-root:etc/security/tcsd.conf +file path=etc/security/auth_attr.d/trousers +file path=etc/security/prof_attr.d/trousers +file path=etc/security/tcsd.conf +file path=lib/svc/manifest/application/security/tcsd.xml +file path=lib/svc/method/tcsd.sh file path=usr/include/trousers/trousers.h file path=usr/include/trousers/tss.h file path=usr/include/tss/compat11b.h @@ -80,10 +86,6 @@ link path=usr/lib/$(MACH64)/libtspi.so target=libtspi.so.1.2.0 link path=usr/lib/$(MACH64)/libtspi.so.1 target=libtspi.so.1.2.0 file path=usr/lib/$(MACH64)/libtspi.so.1.2.0 file path=usr/lib/$(MACH64)/tcsd -link path=usr/lib/libtspi.so target=libtspi.so.1.2.0 -link path=usr/lib/libtspi.so.1 target=libtspi.so.1.2.0 -file path=usr/lib/libtspi.so.1.2.0 -file path=usr/lib/tcsd file path=usr/share/man/man3/Tspi_ChangeAuth.3 file path=usr/share/man/man3/Tspi_ChangeAuthAsym.3 file path=usr/share/man/man3/Tspi_Context_Close.3 @@ -165,3 +167,6 @@ file path=usr/share/man/man3/Tspi_TPM_StirRandom.3 file path=usr/share/man/man3/Tspi_TPM_TakeOwnership.3 file path=usr/share/man/man5/tcsd.conf.5 file path=usr/share/man/man8/tcsd.8 +link path=var/tpm/system/system.data target=system.data.auth +file path=var/tpm/system/system.data.auth +file path=var/tpm/system/system.data.noauth