@ -1,60 +1,84 @@
%global dracutlibdir %{_prefix}/lib/dracut
%global debug_package %{nil}
%define dracutlibdir %{_prefix}/lib/dracut
%bcond_without check
%bcond_without check
%global combined_license Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR ISC OR MIT) AND (Apache-2.0 OR MIT) AND ((Apache-2.0 OR MIT) AND BSD-3-Clause) AND (Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT) AND BSD-2-Clause AND BSD-3-Clause AND (CC0-1.0 OR Apache-2.0) AND (CC0-1.0 OR MIT-0 OR Apache-2.0) AND ISC AND MIT AND ((MIT OR Apache-2.0) AND Unicode-DFS-2016) AND (Apache-2.0 OR MIT OR Zlib) AND MPL-2.0 AND (Unlicense OR MIT)
%global forgeurl https://github.com/fedora-iot/fido-device-onboard-rs
Version: 0.4.7
%forgemeta
Name: fido-device-onboard
Name: fido-device-onboard
Version: 0.5.0
Release: 3%{?dist}
Release: 2%{?dist}
Summary: A rust implementation of the FIDO Device Onboard Specification
Summary: A rust implementation of the FIDO Device Onboard Specification
License: BSD-3-Clause
URL: https://github.com/fdo-rs/fido-device-onboard-rs
# Apache-2.0
Source0: %{url}/archive/v%{version}/%{name}-rs-%{version}.tar.gz
# Apache-2.0 OR BSL-1.0
# See make-vendored-tarfile.sh in upstream repo
# Apache-2.0 OR ISC OR MIT
Source1: %{name}-rs-%{version}-vendor-patched.tar.xz
# Apache-2.0 OR MIT
Patch1: 0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch
# (Apache-2.0 OR MIT) AND BSD-3-Clause
# Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT
# BSD-2-Clause
# BSD-3-Clause
# CC0-1.0
# CC0-1.0 OR Apache-2.0
# ISC
# MIT
# MIT OR Apache-2.0
# MIT OR Apache-2.0 OR Zlib
# MPL-2.0
# Unlicense OR MIT
# Zlib OR Apache-2.0 OR MIT
License: Apache-2.0 and BSD and MIT
URL: %{forgeurl}
Source0: %{forgesource}
# this is a basic script to generate the vendor tarfile.
Source1: make-vendored-tarfile.sh
%if "%{?commit}" != ""
Source2: %{name}-rs-%{commit}-vendor-patched.tar.xz
%else
Source2: %{name}-rs-%{version}-vendor-patched.tar.xz
%endif
# Because nobody cares
ExclusiveArch: %{rust_arches}
ExcludeArch: %{ix86}
# Needs, at least, tss bindings regen
ExcludeArch: s390x i686 %{power64}
%if 0%{?rhel}
%if 0%{?rhel} && !0%{?eln}
BuildRequires: rust-toolset
BuildRequires: rust-toolset
%else
%else
BuildRequires: rust-packaging
BuildRequires: rust-packaging
%endif
%endif
BuildRequires: clang-devel
BuildRequires: clang-devel
BuildRequires: cryptsetup-devel
BuildRequires: cryptsetup-devel
BuildRequires: device-mapper-devel
BuildRequires: golang
BuildRequires: golang
BuildRequires: openssl-devel >= 3.0.1-12
BuildRequires: openssl-devel >= 3.0.1-12
BuildRequires: systemd-rpm-macros
BuildRequires: systemd-rpm-macros
BuildRequires: tpm2-tss-devel
BuildRequires: tpm2-tss-devel
BuildRequires: sqlite-devel
BuildRequires: libpq-devel
%description
%description
%{summary}.
%{summary}.
%prep
%prep
%setup -q -n %{name}-rs-%{version}
%forgesetup
# general patches should go here
%patch -P1 -p1
%if 0%{?rhel}
%cargo_prep -V 1
%else
%cargo_prep
%cargo_prep
%generate_buildrequires
%cargo_generate_buildrequires -a
# Vendored crates
%endif
tar xf %{SOURCE2}
mkdir -p .cargo
cat >.cargo/config << EOF
[source.crates-io]
replace-with = "vendored-sources"
[source.vendored-sources]
directory = "vendor"
EOF
%build
%build
%cargo_build \
%cargo_build \
-F openssl-kdf/deny_custom
-F openssl-kdf/deny_custom
%{?cargo_license_summary}
%{?cargo_license} > LICENSE.dependencies
%install
%install
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-client-linuxapp
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-client-linuxapp
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-manufacturing-client
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-manufacturing-client
@ -62,36 +86,14 @@ install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-manufact
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-owner-onboarding-server
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-owner-onboarding-server
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-rendezvous-server
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-rendezvous-server
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-serviceinfo-api-server
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-serviceinfo-api-server
# duplicates as needed by AIO command
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-owner-tool
install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-admin-tool
install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-owner-tool
install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-owner-tool
install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-admin-tool
install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-admin-tool
install -D -m 0644 -t %{buildroot}%{_unitdir} examples/systemd/*
install -D -m 0644 -t %{buildroot}%{_unitdir} examples/systemd/*
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo examples/config/*
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo examples/config/*
# db sql files
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_manufacturing_server_postgres migrations/migrations_manufacturing_server_postgres/2023-10-03-152801_create_db/*
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_manufacturing_server_sqlite migrations/migrations_manufacturing_server_sqlite/2023-10-03-152801_create_db/*
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_owner_onboarding_server_postgres migrations/migrations_owner_onboarding_server_postgres/2023-10-03-152801_create_db/*
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_owner_onboarding_server_sqlite migrations/migrations_owner_onboarding_server_sqlite/2023-10-03-152801_create_db/*
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_rendezvous_server_postgres migrations/migrations_rendezvous_server_postgres/2023-10-03-152801_create_db/*
install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_rendezvous_server_sqlite migrations/migrations_rendezvous_server_sqlite/2023-10-03-152801_create_db/*
# duplicates as needed by AIO command so link them
ln -s %{_bindir}/fdo-owner-tool %{buildroot}%{_libexecdir}/fdo/fdo-owner-tool
ln -s %{_bindir}/fdo-admin-tool %{buildroot}%{_libexecdir}/fdo/fdo-admin-tool
# Create directories needed by the various services so we own them
mkdir -p %{buildroot}%{_sysconfdir}/fdo
mkdir -p %{buildroot}%{_sysconfdir}/fdo
mkdir -p %{buildroot}%{_sysconfdir}/fdo/keys
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/manufacturer_keys
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/manufacturing_sessions
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/owner_onboarding_sessions
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/owner_vouchers
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/rendezvous_registered
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/rendezvous_sessions
mkdir -p %{buildroot}%{_sysconfdir}/fdo/stores/serviceinfo_api_devices
mkdir -p %{buildroot}%{_sysconfdir}/fdo/manufacturing-server.conf.d
mkdir -p %{buildroot}%{_sysconfdir}/fdo/owner-onboarding-server.conf.d
mkdir -p %{buildroot}%{_sysconfdir}/fdo/rendezvous-server.conf.d
mkdir -p %{buildroot}%{_sysconfdir}/fdo/serviceinfo-api-server.conf.d
mkdir -p %{buildroot}%{_localstatedir}/lib/fdo
# Dracut manufacturing service
# Dracut manufacturing service
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/module-setup.sh
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/module-setup.sh
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client-generator
install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client-generator
@ -100,44 +102,28 @@ install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/m
%package -n fdo-init
%package -n fdo-init
Summary: dracut module for device initialization
Summary: dracut module for device initialization
License: %combined_license
Requires: openssl-libs >= 3.0.1-12
Requires: openssl-libs >= 3.0.1-12
Requires: dracut
%description -n fdo-init
%description -n fdo-init
%{summary}
%{summary}
%files -n fdo-init
%files -n fdo-init
%license LICENSE LICENSE.dependencies
%license LICENSE
%{dracutlibdir}/modules.d/52fdo/
%{dracutlibdir}/modules.d/52fdo/*
%{_libexecdir}/fdo/fdo-manufacturing-client
%{_libexecdir}/fdo/fdo-manufacturing-client
%package -n fdo-owner-onboarding-server
%package -n fdo-owner-onboarding-server
Summary: FDO Owner Onboarding Server implementation
Summary: FDO Owner Onboarding Server implementation
License: %combined_license
Requires: openssl-libs >= 3.0.1-12
Requires: openssl-libs >= 3.0.1-12
%description -n fdo-owner-onboarding-server
%description -n fdo-owner-onboarding-server
%{summary}
%{summary}
%files -n fdo-owner-onboarding-server
%files -n fdo-owner-onboarding-server
%license LICENSE LICENSE.dependencies
%license LICENSE
%dir %{_sysconfdir}/fdo
%dir %{_sysconfdir}/fdo/keys
%dir %{_sysconfdir}/fdo/owner-onboarding-server.conf.d
%dir %{_sysconfdir}/fdo/serviceinfo-api-server.conf.d
%dir %{_sysconfdir}/fdo/stores
%dir %{_sysconfdir}/fdo/stores/owner_onboarding_sessions
%dir %{_sysconfdir}/fdo/stores/owner_vouchers
%dir %{_sysconfdir}/fdo/stores/serviceinfo_api_devices
%{_libexecdir}/fdo/fdo-owner-onboarding-server
%{_libexecdir}/fdo/fdo-owner-onboarding-server
%{_libexecdir}/fdo/fdo-serviceinfo-api-server
%{_libexecdir}/fdo/fdo-serviceinfo-api-server
%dir %{_localstatedir}/lib/fdo
%dir %{_docdir}/fdo
%{_docdir}/fdo/device_specific_serviceinfo.yml
%{_docdir}/fdo/serviceinfo-api-server.yml
%{_docdir}/fdo/serviceinfo-api-server.yml
%{_docdir}/fdo/owner-onboarding-server.yml
%{_docdir}/fdo/migrations/migrations_owner_onboarding_server_postgres/*
%{_docdir}/fdo/migrations/migrations_owner_onboarding_server_sqlite/*
%{_unitdir}/fdo-serviceinfo-api-server.service
%{_unitdir}/fdo-serviceinfo-api-server.service
%{_docdir}/fdo/owner-onboarding-server.yml
%{_unitdir}/fdo-owner-onboarding-server.service
%{_unitdir}/fdo-owner-onboarding-server.service
%post -n fdo-owner-onboarding-server
%post -n fdo-owner-onboarding-server
@ -154,24 +140,13 @@ Requires: openssl-libs >= 3.0.1-12
%package -n fdo-rendezvous-server
%package -n fdo-rendezvous-server
Summary: FDO Rendezvous Server implementation
Summary: FDO Rendezvous Server implementation
License: %combined_license
%description -n fdo-rendezvous-server
%description -n fdo-rendezvous-server
%{summary}
%{summary}
%files -n fdo-rendezvous-server
%files -n fdo-rendezvous-server
%license LICENSE LICENSE.dependencies
%license LICENSE
%dir %{_sysconfdir}/fdo
%dir %{_sysconfdir}/fdo/keys
%dir %{_sysconfdir}/fdo/rendezvous-server.conf.d
%dir %{_sysconfdir}/fdo/stores
%dir %{_sysconfdir}/fdo/stores/rendezvous_registered
%dir %{_sysconfdir}/fdo/stores/rendezvous_sessions
%{_libexecdir}/fdo/fdo-rendezvous-server
%{_libexecdir}/fdo/fdo-rendezvous-server
%dir %{_localstatedir}/lib/fdo
%dir %{_docdir}/fdo
%{_docdir}/fdo/rendezvous-*.yml
%{_docdir}/fdo/rendezvous-*.yml
%{_docdir}/fdo/migrations/migrations_rendezvous_server_postgres/*
%{_docdir}/fdo/migrations/migrations_rendezvous_server_sqlite/*
%{_unitdir}/fdo-rendezvous-server.service
%{_unitdir}/fdo-rendezvous-server.service
%post -n fdo-rendezvous-server
%post -n fdo-rendezvous-server
@ -185,26 +160,14 @@ License: %combined_license
%package -n fdo-manufacturing-server
%package -n fdo-manufacturing-server
Summary: FDO Manufacturing Server implementation
Summary: FDO Manufacturing Server implementation
License: %combined_license
Requires: openssl-libs >= 3.0.1-12
Requires: openssl-libs >= 3.0.1-12
%description -n fdo-manufacturing-server
%description -n fdo-manufacturing-server
%{summary}
%{summary}
%files -n fdo-manufacturing-server
%files -n fdo-manufacturing-server
%license LICENSE LICENSE.dependencies
%license LICENSE
%dir %{_sysconfdir}/fdo
%dir %{_sysconfdir}/fdo/keys
%dir %{_sysconfdir}/fdo/manufacturing-server.conf.d
%dir %{_sysconfdir}/fdo/keys
%dir %{_sysconfdir}/fdo/stores
%dir %{_sysconfdir}/fdo/stores/manufacturer_keys
%dir %{_sysconfdir}/fdo/stores/manufacturing_sessions
%{_libexecdir}/fdo/fdo-manufacturing-server
%{_libexecdir}/fdo/fdo-manufacturing-server
%dir %{_localstatedir}/lib/fdo
%dir %{_docdir}/fdo
%{_docdir}/fdo/manufacturing-server.yml
%{_docdir}/fdo/manufacturing-server.yml
%{_docdir}/fdo/migrations/migrations_manufacturing_server_postgres/*
%{_docdir}/fdo/migrations/migrations_manufacturing_server_sqlite/*
%{_unitdir}/fdo-manufacturing-server.service
%{_unitdir}/fdo-manufacturing-server.service
%post -n fdo-manufacturing-server
%post -n fdo-manufacturing-server
@ -218,17 +181,15 @@ Requires: openssl-libs >= 3.0.1-12
%package -n fdo-client
%package -n fdo-client
Summary: FDO Client implementation
Summary: FDO Client implementation
License: %combined_license
Requires: openssl-libs >= 3.0.1-12
Requires: openssl-libs >= 3.0.1-12
Requires: clevis
Requires: clevis
Requires: clevis-luks
Requires: clevis-luks
Requires: clevis-pin-tpm2
Requires: cryptsetup
Requires: cryptsetup
%description -n fdo-client
%description -n fdo-client
%{summary}
%{summary}
%files -n fdo-client
%files -n fdo-client
%license LICENSE LICENSE.dependencies
%license LICENSE
%{_libexecdir}/fdo/fdo-client-linuxapp
%{_libexecdir}/fdo/fdo-client-linuxapp
%{_unitdir}/fdo-client-linuxapp.service
%{_unitdir}/fdo-client-linuxapp.service
@ -243,34 +204,31 @@ Requires: cryptsetup
%package -n fdo-owner-cli
%package -n fdo-owner-cli
Summary: FDO Owner tools implementation
Summary: FDO Owner tools implementation
License: %combined_license
%description -n fdo-owner-cli
%description -n fdo-owner-cli
%{summary}
%{summary}
%files -n fdo-owner-cli
%files -n fdo-owner-cli
%license LICENSE LICENSE.dependencies
%license LICENSE
%{_bindir}/fdo-owner-tool
%{_bindir}/fdo-owner-tool
%{_libexecdir}/fdo/fdo-owner-tool
%{_libexecdir}/fdo/fdo-owner-tool
%package -n fdo-admin-cli
%package -n fdo-admin-cli
Summary: FDO admin tools implementation
Summary: FDO admin tools implementation
License: %combined_license
Requires: fdo-manufacturing-server
Requires: fdo-manufacturing-server = %{version}-%{release}
Requires: fdo-init
Requires: fdo-rendezvous-server = %{version}-%{release}
Requires: fdo-client
Requires: fdo-owner-onboarding-server = %{version}-%{release}
Requires: fdo-rendezvous-server
Requires: fdo-owner-cli = %{version}-%{release}
Requires: fdo-owner-onboarding-server
Requires: fdo-client = %{version}-%{release}
Requires: fdo-owner-cli
Requires: fdo-init = %{version}-%{release}
%description -n fdo-admin-cli
%description -n fdo-admin-cli
%{summary}
%{summary}
%files -n fdo-admin-cli
%files -n fdo-admin-cli
%license LICENSE LICENSE.dependencies
%license LICENSE
%dir %{_sysconfdir}/fdo
%dir %{_sysconfdir}/fdo/keys
%{_bindir}/fdo-admin-tool
%{_bindir}/fdo-admin-tool
%{_libexecdir}/fdo/fdo-admin-tool
%{_libexecdir}/fdo/fdo-admin-tool
%{_unitdir}/fdo-aio.service
%{_unitdir}/fdo-aio.service
%dir %{_sysconfdir}/fdo
%post -n fdo-admin-cli
%post -n fdo-admin-cli
%systemd_post fdo-aio.service
%systemd_post fdo-aio.service
@ -282,49 +240,8 @@ Requires: fdo-init = %{version}-%{release}
%systemd_postun_with_restart fdo-aio.service
%systemd_postun_with_restart fdo-aio.service
%changelog
%changelog
* Wed Feb 28 2024 Irene Diez <idiez@redhat.com> - 0.5.0-2
* Fri Apr 14 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 0.4.7-3
- Update license
- Rebuilt for MSVSphere 9.2 beta
* Thu Feb 22 2024 Irene Diez <idiez@redhat.com> - 0.5.0-1
- New version 0.5.0, adds database support
- Remove unused patches
* Wed Aug 23 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-4
- Ensure client service fix is applied
* Tue Aug 22 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-3
- Own var/lib/fdo, SELinux fixes
* Thu Aug 17 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-2
- Add client/init deps to fdo-admin-cli
* Thu Jul 27 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.12-1
- Update to 0.4.12
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jul 03 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.10-2
- Updates for eln/c9s building
* Fri Jun 23 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.10-1
- Update to 0.4.10
* Wed Jun 14 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-5
- More spec updates
* Wed Jun 14 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-4
- Add patch for libcryptsetup-rs 0.8 API changes
* Tue Jun 13 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-3
- Updates for licenses
* Tue May 30 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-2
- Review feedback
- Patch for libcryptsetup-rs 0.7
* Thu May 11 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-1
- Update to 0.4.9
* Mon Feb 20 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-3
* Mon Feb 20 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-3
- Fix services start
- Fix services start