diff --git a/SOURCES/redhatsecureboot301.cer b/SOURCES/redhatsecureboot301.cer deleted file mode 100644 index 4ff8b79..0000000 Binary files a/SOURCES/redhatsecureboot301.cer and /dev/null differ diff --git a/SOURCES/redhatsecureboot503.cer b/SOURCES/redhatsecureboot503.cer deleted file mode 100644 index 50e375c..0000000 Binary files a/SOURCES/redhatsecureboot503.cer and /dev/null differ diff --git a/SOURCES/redhatsecurebootca3.cer b/SOURCES/redhatsecurebootca3.cer deleted file mode 100644 index b235400..0000000 Binary files a/SOURCES/redhatsecurebootca3.cer and /dev/null differ diff --git a/SOURCES/redhatsecurebootca5.cer b/SOURCES/redhatsecurebootca5.cer deleted file mode 100644 index dfb0284..0000000 Binary files a/SOURCES/redhatsecurebootca5.cer and /dev/null differ diff --git a/SOURCES/spheresecureboot001.cer b/SOURCES/spheresecureboot001.cer new file mode 100644 index 0000000..1cdb65a Binary files /dev/null and b/SOURCES/spheresecureboot001.cer differ diff --git a/SOURCES/spheresecurebootca.cer b/SOURCES/spheresecurebootca.cer new file mode 100644 index 0000000..4db57d7 Binary files /dev/null and b/SOURCES/spheresecurebootca.cer differ diff --git a/SPECS/fwupd.spec b/SPECS/fwupd.spec index 3a674b9..d895d8b 100644 --- a/SPECS/fwupd.spec +++ b/SPECS/fwupd.spec @@ -45,7 +45,7 @@ Summary: Firmware update daemon Name: fwupd Version: 1.7.9 -Release: 1%{?dist} +Release: 1%{?dist}.inferit License: LGPLv2+ URL: https://github.com/fwupd/fwupd Source0: http://people.freedesktop.org/~hughsient/releases/%{name}-%{version}.tar.xz @@ -58,12 +58,9 @@ Source13: http://people.redhat.com/rhughes/dbx/DBXUpdate-20200729-aa64.cab Source14: http://people.redhat.com/rhughes/dbx/DBXUpdate-20200729-ia32.cab Source15: http://people.redhat.com/rhughes/dbx/DBXUpdate-20200729-x64.cab -# these are numbered high just to keep them wildly away from colliding with -# the real package sources, in order to reduce churn. -Source300: redhatsecurebootca3.cer -Source301: redhatsecureboot301.cer -Source500: redhatsecurebootca5.cer -Source503: redhatsecureboot503.cer +# MSVSphere secureboot certificates +Source1000: spheresecurebootca.cer +Source1001: spheresecureboot001.cer BuildRequires: gettext BuildRequires: glib2-devel >= %{glib2_version} @@ -224,11 +221,11 @@ tar xfvs %{SOURCE2} -C subprojects/fwupd-efi --strip-components=1 -Dplugin_uefi_pk=true \ -Defi_os_dir=%{efi_vendor} \ %ifarch x86_64 - -Dfwupd-efi:efi_sbat_distro_id="rhel" \ - -Dfwupd-efi:efi_sbat_distro_summary="Red Hat Enterprise Linux" \ + -Dfwupd-efi:efi_sbat_distro_id="msvsphere" \ + -Dfwupd-efi:efi_sbat_distro_summary="MSVSphere" \ -Dfwupd-efi:efi_sbat_distro_pkgname="%{name}" \ -Dfwupd-efi:efi_sbat_distro_version="%{version}" \ - -Dfwupd-efi:efi_sbat_distro_url="mail:secalert@redhat.com" \ + -Dfwupd-efi:efi_sbat_distro_url="mailto:security@msvsphere.ru" \ -Dfwupd-efi:efi-libdir="/usr/lib64" \ %endif -Dplugin_tpm=true \ @@ -277,9 +274,7 @@ install %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15} %ifarch x86_64 %global efiarch x64 %global fwup_efi_fn $RPM_BUILD_ROOT%{_libexecdir}/fwupd/efi/fwupd%{efiarch}.efi -%pesign -s -i %{fwup_efi_fn} -o %{fwup_efi_fn}.tmp -a %{SOURCE300} -c %{SOURCE301} -n redhatsecureboot301 -%pesign -s -i %{fwup_efi_fn}.tmp -o %{fwup_efi_fn}.signed -a %{SOURCE500} -c %{SOURCE503} -n redhatsecureboot503 -rm -fv %{fwup_efi_fn}.tmp +%pesign -s -i %{fwup_efi_fn} -o %{fwup_efi_fn}.signed -a %{SOURCE1000} -c %{SOURCE1001} -n spheresecureboot001 %endif mkdir -p --mode=0700 $RPM_BUILD_ROOT%{_localstatedir}/lib/fwupd/gnupg @@ -537,8 +532,9 @@ done %endif %changelog -* Wed Mar 15 2023 MSVSphere Packaging Team - 1.7.9-1 -- Rebuilt for MSVSphere 9.1. +* Mon Mar 27 2023 Eugene Zamriy - 1.7.9-1.inferit +- Modified to use MSVSphere Secure Boot certificates +- Rebuilt for MSVSphere 9.1 * Mon Jul 25 2022 Richard Hughes 1.7.8-1 - New upstream release