From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: References: <20181126102243.31055-1-t.scherer@eckelmann.de> From: Marc Kleine-Budde Message-ID: Date: Wed, 28 Nov 2018 09:11:54 +0100 MIME-Version: 1.0 In-Reply-To: <20181126102243.31055-1-t.scherer@eckelmann.de> Subject: Re: [ptxdist] [PATCH 1/5] ptxdist: add tpm2-abrmd 2.0.2 List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: multipart/mixed; boundary="===============1072487169==" Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: ptxdist@pengutronix.de, "Thorsten K. Scherer" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============1072487169== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="BsBT8yOJg9fHy50E6Bw2gtdGExQ4PF54p" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --BsBT8yOJg9fHy50E6Bw2gtdGExQ4PF54p Content-Type: multipart/mixed; boundary="0HDt3nvTOseQ23vJZwqMUn3Jd82MROkJE"; protected-headers="v1" From: Marc Kleine-Budde To: ptxdist@pengutronix.de, "Thorsten K. Scherer" Message-ID: Subject: Re: [ptxdist] [PATCH 1/5] ptxdist: add tpm2-abrmd 2.0.2 References: <20181126102243.31055-1-t.scherer@eckelmann.de> In-Reply-To: <20181126102243.31055-1-t.scherer@eckelmann.de> --0HDt3nvTOseQ23vJZwqMUn3Jd82MROkJE Content-Type: text/plain; charset=utf-8 Content-Language: de-DE Content-Transfer-Encoding: quoted-printable On 11/26/18 11:22 AM, Thorsten K. Scherer wrote: > Signed-off-by: Thorsten K. Scherer > --- > projectroot/etc/group | 31 ++++++++ > projectroot/etc/passwd | 17 +++++ > projectroot/etc/shadow | 1 + > .../etc/systemd/system/tpm2-abrmd.service | 14 ++++ > .../com.intel.tss2.Tabrmd.service | 5 ++ > rules/tpm2-abrmd.in | 17 +++++ > rules/tpm2-abrmd.make | 71 +++++++++++++++++++= > 7 files changed, 156 insertions(+) > create mode 100644 projectroot/etc/group > create mode 100644 projectroot/etc/passwd > create mode 100644 projectroot/etc/systemd/system/tpm2-abrmd.service > create mode 100755 projectroot/usr/share/dbus-1/system-services/com.in= tel.tss2.Tabrmd.service > create mode 100755 rules/tpm2-abrmd.in > create mode 100755 rules/tpm2-abrmd.make Why are the files executable? >=20 > diff --git a/projectroot/etc/group b/projectroot/etc/group > new file mode 100644 > index 0000000..15e3f91 > --- /dev/null > +++ b/projectroot/etc/group > @@ -0,0 +1,31 @@ > +root:x:0: > +daemon:x:1: > +adm:x:4: > +kvm:x:36: > +shadow:x:42: > +utmp:x:43: > +users:x:100: > +ftp:x:101: > +www:x:102: > +messagebus:x:104: > +cdrom:x:105: > +dialout:x:106: > +disk:x:107: > +floppy:x:108: > +kmem:x:109: > +lp:x:110: > +tape:x:111: > +tty:x:112: > +video:x:113: > +lock:x:114: > +audio:x:115: > +input:x:116: > +mysql:x:117: > +systemd-journal:x:201: > +systemd-network:x:202: > +systemd-journal-gateway:x:206: > +systemd-journal-remote:x:203: > +systemd-journal-upload:x:208: > +render:x:209: > +nogroup:x:65534: > +tss:x:998: > diff --git a/projectroot/etc/passwd b/projectroot/etc/passwd > new file mode 100644 > index 0000000..d773aa1 > --- /dev/null > +++ b/projectroot/etc/passwd > @@ -0,0 +1,17 @@ > +root:x:0:0:root:/root:/bin/sh > +daemon:x:1:1:daemon:/usr/sbin:/bin/sh > +ftp:x:11:101:ftp user:/home:/bin/false > +www:x:12:102:www user:/home:/bin/false > +sshd:x:100:65534:SSH Server:/var/run/sshd:/bin/false > +mysql:x:101:117:mySQL Server:/var/run/mysql:/bin/false > +messagebus:x:103:104:messagebus:/dev/null:/bin/false > +systemd-network:x:202:202:systemd-network:/dev/null:/bin/false > +systemd-resolve:x:203:65534:systemd-resolve:/dev/null:/bin/false > +systemd-timesync:x:204:65534:systemd-timesync:/dev/null:/bin/false > +systemd-coredump:x:205:65534:systemd-coredump:/dev/null:/bin/false > +systemd-journal-gateway:x:206:206:systemd-journal-gateway:/dev/null:/b= in/false > +systemd-journal-remote:x:207:203:systemd-journal-remote:/dev/null:/bin= /false > +systemd-journal-upload:x:208:208:systemd-journal-upload:/dev/null:/bin= /false > +rpcuser:x:65533:65534:RPC user:/dev/null:/bin/false > +nobody:x:65534:65534:Unprivileged Nobody:/dev/null:/bin/false > +tss:x:998:998: :/dev/null:/bin/false > diff --git a/projectroot/etc/shadow b/projectroot/etc/shadow > index 7cf6f27..9034a0c 100644 > --- a/projectroot/etc/shadow > +++ b/projectroot/etc/shadow > @@ -2,3 +2,4 @@ root:$1$X8ymmpO3$amNaEv3Jw9.EjhrurM7r0.:16475:0:99999:7= ::: > daemon:*:14250:0:99999:7::: > sshd:*:0:0:99999:7::: > ftp::0:0:99999:7::: > +tss:!:17835:0:99999:7::: > diff --git a/projectroot/etc/systemd/system/tpm2-abrmd.service b/projec= troot/etc/systemd/system/tpm2-abrmd.service > new file mode 100644 > index 0000000..589f9bc > --- /dev/null > +++ b/projectroot/etc/systemd/system/tpm2-abrmd.service > @@ -0,0 +1,14 @@ > +[Unit] > +Description=3DTPM2 Access Broker and Resource Management Daemon > + > +[Service] > +Type=3Ddbus > +Restart=3Dalways > +RestartSec=3D5 > +BusName=3Dcom.intel.tss2.Tabrmd > +StandardOutput=3Dsyslog > +ExecStart=3D/usr/sbin/tpm2-abrmd > +User=3Dtss > + > +[Install] > +WantedBy=3Dmulti-user.target Why do you need a seperate service unit? The package comes with it's own.= > diff --git a/projectroot/usr/share/dbus-1/system-services/com.intel.tss= 2.Tabrmd.service b/projectroot/usr/share/dbus-1/system-services/com.intel= =2Etss2.Tabrmd.service > new file mode 100755 > index 0000000..f5749a4 > --- /dev/null > +++ b/projectroot/usr/share/dbus-1/system-services/com.intel.tss2.Tabrm= d.service > @@ -0,0 +1,5 @@ > +[D-BUS Service] > +Name=3Dcom.intel.tss2.Tabrmd > +Exec=3D/usr/sbin/tpm2-abrmd > +User=3Dtss > +SystemdService=3Dtpm2-abrmd.service Why do you need a seperate dbus service unit? The package comes with it's own. > diff --git a/rules/tpm2-abrmd.in b/rules/tpm2-abrmd.in > new file mode 100755 > index 0000000..70869ce > --- /dev/null > +++ b/rules/tpm2-abrmd.in > @@ -0,0 +1,17 @@ > +## SECTION=3Dtpm > + > +config TPM2_ABRMD > + tristate > + select HOST_AUTOTOOLS_AUTOCONF_ARCHIVE > + select DBUS > + select GLIB > + select TPM2_TSS > + prompt "tpm2-abrmd" > + help > + TPM2 Access Broker & Resource Management Daemon implementing > + the TCG spec. > + > + This is a system daemon implementing the TPM2 access broker > + (TAB) & Resource Manager (RM) spec from the TCG. The daemon > + (tpm2-abrmd) is implemented using Glib and the GObject > + system. > diff --git a/rules/tpm2-abrmd.make b/rules/tpm2-abrmd.make > new file mode 100755 > index 0000000..671152a > --- /dev/null > +++ b/rules/tpm2-abrmd.make > @@ -0,0 +1,71 @@ > +# -*-makefile-*- > +# > +# Copyright (C) 2017 by Marc Kleine-Budde > +# > +# See CREDITS for details about who has contributed to this project. > +# > +# For further information about the PTXdist project and license condit= ions > +# see the README file. > +# > + > +# > +# We provide this package > +# > +PACKAGES-$(PTXCONF_TPM2_ABRMD) +=3D tpm2-abrmd > + > +# > +# Paths and names > +# > +TPM2_ABRMD_VERSION :=3D 2.0.2 2.0.3 is the latest version > +TPM2_ABRMD_MD5 :=3D 07b629d99685b4273a85e894e623e87b > +TPM2_ABRMD :=3D tpm2-abrmd-$(TPM2_ABRMD_VERSION) > +TPM2_ABRMD_SUFFIX :=3D tar.gz > +TPM2_ABRMD_URL :=3D https://github.com/01org/tpm2-abrmd.git;ta= g=3D$(TPM2_ABRMD_VERSION) > +TPM2_ABRMD_SOURCE :=3D $(SRCDIR)/$(TPM2_ABRMD).$(TPM2_ABRMD_SUFFI= X) > +TPM2_ABRMD_DIR :=3D $(BUILDDIR)/$(TPM2_ABRMD) > +TPM2_ABRMD_LICENSE :=3D BSD-3-Clause > + > +# --------------------------------------------------------------------= -------- > +# Prepare > +# --------------------------------------------------------------------= -------- > + > +# > +# autoconf > +# > +TPM2_ABRMD_CONF_TOOL :=3D autoconf > +TPM2_ABRMD_CONF_OPT :=3D \ > + $(CROSS_AUTOCONF_USR) \ > + --with-dbuspolicydir=3D/usr/share/dbus-1/system.d \ > + --with-systemdsystemunitdir=3D/lib/systemd/system \ With new ptxdists that's: /usr/lib/systemd/system > + > +# --------------------------------------------------------------------= -------- > +# Target-Install > +# --------------------------------------------------------------------= -------- > + > +$(STATEDIR)/tpm2-abrmd.targetinstall: > + @$(call targetinfo) > + > + @$(call install_init, tpm2-abrmd) > + @$(call install_fixup, tpm2-abrmd,PRIORITY,optional) > + @$(call install_fixup, tpm2-abrmd,SECTION,base) > + @$(call install_fixup, tpm2-abrmd,AUTHOR,"Marc Kleine-Budde ") > + @$(call install_fixup, tpm2-abrmd,DESCRIPTION,missing) > + > + @$(call install_lib, tpm2-abrmd, tss, tss, 0644, libtss2-tcti-tabrmd)= > + @$(call install_copy, tpm2-abrmd, tss, tss, 0755, -, /usr/sbin/tpm2-a= brmd) > + > + @$(call install_copy, tpm2-abrmd, tss, tss, 0644, -, \ > + /usr/share/dbus-1/system.d/tpm2-abrmd.conf) > + @$(call install_copy, tpm2-abrmd, tss, tss, 0644, -, \ > + /lib/systemd/system/tpm2-abrmd.service) > + > + @$(call install_alternative, tpm2-abrmd, tss, tss, 0644, \ > + /usr/share/dbus-1/system-services/com.intel.tss2.Tabrmd.service) > + @$(call install_alternative, tpm2-abrmd, tss, tss, 0644, \ > + /etc/systemd/system/tpm2-abrmd.service) > + > + @$(call install_finish, tpm2-abrmd) > + > + @$(call touch) > + > +# vim: syntax=3Dmake >=20 Marc --=20 Pengutronix e.K. | Marc Kleine-Budde | Industrial Linux Solutions | Phone: +49-231-2826-924 | Vertretung West/Dortmund | Fax: +49-5121-206917-5555 | Amtsgericht Hildesheim, HRA 2686 | http://www.pengutronix.de | --0HDt3nvTOseQ23vJZwqMUn3Jd82MROkJE-- --BsBT8yOJg9fHy50E6Bw2gtdGExQ4PF54p Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEENrCndlB/VnAEWuH5k9IU1zQoZfEFAlv+TcoACgkQk9IU1zQo ZfEM3Af+MoKukIBL2HCrClCrjUY25fkmkAFjwWfBH05vR3rsJUM49frwa3fTaHvP FXQFIsqFrU79wjKvz4ykv9sFIi9zqkyCf67UnpWiVcLdrP84z9d54NlZM5yAGfo+ K25EypewhPZjzd8dnP0r5o/9JNTZWbJZP7n8/RcAZM1/3+jfp9qieATl4/4IiHOx 8Xl0ArbHK0fidUaGBbT2K9LCmeJABmQvP51K2wiOtBFrqHNa+oEaFY+g1Dk61rZX zlgVebb4yBlnpCKxHPlRWdBNFDRuhC8srR6VHcarcqvhFFQms1ZllhjnD+DTFW4X E4rVthEkl5/WGgdKQJo0AR9qtkeSUw== =zK21 -----END PGP SIGNATURE----- --BsBT8yOJg9fHy50E6Bw2gtdGExQ4PF54p-- --===============1072487169== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KcHR4ZGlzdCBt YWlsaW5nIGxpc3QKcHR4ZGlzdEBwZW5ndXRyb25peC5kZQ== --===============1072487169==--