From f282ca0fd432478059c878c1b070693f5f4262e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20L=C3=BCke?= Date: Fri, 7 Aug 2020 13:38:10 +0200 Subject: [PATCH] app-crypt/trousers: Apply Flatcar modifications --- .../app-crypt/trousers/files/system.data | 1 + .../app-crypt/trousers/files/tcsd.service | 1 + .../trousers/files/tmpfiles.d/trousers.conf | 3 +++ .../trousers/trousers-0.3.14-r2.ebuild | 24 +++++++++++++++++-- 4 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/system.data create mode 100644 sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tmpfiles.d/trousers.conf diff --git a/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/system.data b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/system.data new file mode 100644 index 0000000000..b498fd495d --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/system.data @@ -0,0 +1 @@ +/ diff --git a/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tcsd.service b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tcsd.service index 4a46e6143b..f1960f79f2 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tcsd.service +++ b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tcsd.service @@ -1,5 +1,6 @@ [Unit] Description=TCG Core Services Daemon +ConditionPathExists=/dev/tpm0 [Service] User=tss diff --git a/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tmpfiles.d/trousers.conf b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tmpfiles.d/trousers.conf new file mode 100644 index 0000000000..c1c39895e7 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/files/tmpfiles.d/trousers.conf @@ -0,0 +1,3 @@ +d /var/lib/tpm 0755 tss tss - - +C /etc/tcsd.conf 0600 tss tss - /usr/share/trousers/tcsd.conf +C /var/lib/tpm/system.data 0600 tss tss - /usr/share/trousers/system.data diff --git a/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/trousers-0.3.14-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/trousers-0.3.14-r2.ebuild index a36ff68307..153aeb169c 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/trousers-0.3.14-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-crypt/trousers/trousers-0.3.14-r2.ebuild @@ -1,3 +1,8 @@ +# Flatcar modifications: +# - added "Flatcar:" customizations +# - added condition to files/tcsd.service +# - created files/tmpfiles.d/trousers.conf +# - created files/system.data # Copyright 1999-2020 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 @@ -59,10 +64,25 @@ src_install() { keepdir /var/lib/tpm use doc && dodoc doc/* - newinitd "${FILESDIR}"/tcsd.initd tcsd - newconfd "${FILESDIR}"/tcsd.confd tcsd + # Flatcar: + # (removed newinitd and newconfd) + fowners tss:tss /etc/tcsd.conf + systemd_dounit "${FILESDIR}"/tcsd.service + + # Flatcar: + systemd_enable_service multi-user.target tcsd.service + udev_dorules "${FILESDIR}"/61-trousers.rules fowners tss:tss /var/lib/tpm readme.gentoo_create_doc + + # Flatcar: + insinto /usr/share/trousers/ + doins "${FILESDIR}"/system.data + # stash a copy of the config so we can restore it from tmpfiles + doins "${D}"/etc/tcsd.conf + fowners tss:tss /usr/share/trousers/system.data + fowners tss:tss /usr/share/trousers/tcsd.conf + systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/trousers.conf }