|
 |
4f38092 |
# Run tests in check section
|
|
|
4f38092 |
%bcond_without check
|
|
|
4f38092 |
|
|
|
4f38092 |
# https://github.com/Yubico/yubihsm-connector
|
|
|
4f38092 |
%global goipath github.com/Yubico/yubihsm-connector
|
|
|
0953937 |
Version: 3.0.2
|
|
 |
5d52765 |
%global tag %{version}
|
|
|
5d52765 |
|
|
|
5d52765 |
%gometa
|
|
|
5d52765 |
|
|
|
5d52765 |
%global common_description %{expand:
|
|
|
5d52765 |
Backend to talk to YubiHSM 2}
|
|
|
4f38092 |
|
|
|
4f38092 |
Name: yubihsm-connector
|
|
 |
d2c468c |
Release: 2%{?dist}
|
|
|
4f38092 |
Summary: YubiHSM Connector
|
|
|
4f38092 |
|
|
|
5d52765 |
# Upstream license specification: Apache-2.0
|
|
|
5d52765 |
License: ASL 2.0
|
|
|
4f38092 |
URL: %{gourl}
|
|
|
5d52765 |
Source0: %{gosource}
|
|
|
fe353cf |
Source1: %{gosource}.sig
|
|
|
5d86c11 |
Source2: gpgkey-9588EA0F.gpg
|
|
|
2de9229 |
%if 0%{?rhel}
|
|
|
2de9229 |
# In RHEL, there are no separate dependencies as packages so we need to "vendor" them
|
|
|
2de9229 |
# created using
|
|
|
2de9229 |
# $ cd yubihsm-connector-x.y.z
|
|
|
2de9229 |
# $ go mod vendor
|
|
|
2de9229 |
# $ tar -cvJf ../yubihsm-connector-vendor-x.y.z.tar.gz vendor/
|
|
|
2de9229 |
Source3: %{name}-vendor-%{version}.tar.gz
|
|
|
2de9229 |
%endif
|
|
|
4f38092 |
|
|
|
4f38092 |
%{?systemd_requires}
|
|
|
5d52765 |
Requires(pre): shadow-utils
|
|
|
2de9229 |
BuildRequires: compiler(go-compiler)
|
|
|
5d52765 |
BuildRequires: systemd-rpm-macros
|
|
|
60f874b |
#BuildRequires: git
|
|
|
2de9229 |
%if 0%{?fedora}
|
|
|
60f874b |
BuildRequires: golang(github.com/google/gousb)
|
|
|
60f874b |
BuildRequires: golang(github.com/google/uuid)
|
|
|
5d52765 |
BuildRequires: golang(github.com/kardianos/service)
|
|
|
5d52765 |
BuildRequires: golang(github.com/sirupsen/logrus)
|
|
|
5d52765 |
BuildRequires: golang(github.com/sirupsen/logrus/hooks/syslog)
|
|
|
5d52765 |
BuildRequires: golang(github.com/spf13/cobra)
|
|
|
5d52765 |
BuildRequires: golang(github.com/spf13/viper)
|
|
|
5d52765 |
BuildRequires: golang(gopkg.in/yaml.v2)
|
|
|
2de9229 |
%else
|
|
|
2de9229 |
BuildRequires: libusb-devel
|
|
|
2de9229 |
%endif
|
|
|
fe353cf |
BuildRequires: gnupg2
|
|
|
5d52765 |
Recommends: yubihsm-shell
|
|
|
4f38092 |
|
|
|
4f38092 |
%description
|
|
|
5d52765 |
%{common_description}
|
|
|
4f38092 |
|
|
|
5d52765 |
%gopkg
|
|
|
4f38092 |
|
|
|
4f38092 |
%prep
|
|
|
fe353cf |
gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
|
|
|
2de9229 |
%if 0%{?fedora}
|
|
|
5d52765 |
%goprep
|
|
|
2de9229 |
%else
|
|
|
2de9229 |
%setup -q -a 3
|
|
|
2de9229 |
rm -rf go.mod
|
|
|
2de9229 |
|
|
|
2de9229 |
mkdir -p "%{_builddir}/src/github.com/Yubico/"
|
|
|
2de9229 |
cp -r %{_builddir}/%{name}-%{version} %{_builddir}/src/github.com/Yubico/%{name}
|
|
|
2de9229 |
mkdir -p %{_builddir}/%{name}-%{version}/_build
|
|
|
2de9229 |
mv %{_builddir}/src %{_builddir}/%{name}-%{version}/_build/src
|
|
|
2de9229 |
%endif
|
|
|
4f38092 |
|
|
|
4f38092 |
%build
|
|
|
60f874b |
export GO111MODULE=off
|
|
|
2de9229 |
%if 0%{?fedora}
|
|
|
4f38092 |
go generate
|
|
|
60f874b |
%gobuild -o %{gobuilddir}/bin/yubihsm-connector %{goipath}
|
|
|
2de9229 |
%else
|
|
|
2de9229 |
export GOPATH="%{_builddir}/%{name}-%{version}/_build"
|
|
|
2de9229 |
pushd $GOPATH/src/github.com/Yubico/yubihsm-connector/
|
|
|
2de9229 |
go generate
|
|
|
2de9229 |
popd
|
|
|
2de9229 |
%gobuild -o bin/yubihsm-connector github.com/Yubico/yubihsm-connector/
|
|
|
2de9229 |
%endif
|
|
|
4f38092 |
|
|
|
4f38092 |
%install
|
|
|
2de9229 |
%if 0%{?fedora}
|
|
|
5d52765 |
install -Dpm 0755 %{gobuilddir}/bin/yubihsm-connector %{buildroot}%{_bindir}/yubihsm-connector
|
|
|
2de9229 |
%else
|
|
|
2de9229 |
install -Dpm 0755 bin/yubihsm-connector %{buildroot}%{_bindir}/yubihsm-connector
|
|
|
2de9229 |
%endif
|
|
|
4f38092 |
install -Dpm 0644 deb/yubihsm-connector.yaml %{buildroot}%{_sysconfdir}/yubihsm-connector.yaml
|
|
|
4f38092 |
install -Dpm 0644 deb/yubihsm-connector.service %{buildroot}%{_unitdir}/yubihsm-connector.service
|
|
|
4f38092 |
install -Dpm 0644 deb/70-yubihsm-connector.rules %{buildroot}%{_udevrulesdir}/70-yubihsm-connector.rules
|
|
|
4f38092 |
|
|
|
4f38092 |
%if %{with check}
|
|
|
4f38092 |
%check
|
|
|
2de9229 |
%if 0%{?fedora}
|
|
|
5d52765 |
%gocheck
|
|
|
2de9229 |
%else
|
|
|
2de9229 |
export GO111MODULE=off
|
|
|
2de9229 |
export GOPATH="%{_builddir}/%{name}-%{version}/_build"
|
|
|
2de9229 |
cd "_build/src/github.com/Yubico/%{name}"
|
|
|
2de9229 |
go test -v
|
|
|
2de9229 |
%endif
|
|
|
4f38092 |
%endif
|
|
|
4f38092 |
|
|
|
4f38092 |
%pre
|
|
|
4f38092 |
getent group yubihsm-connector >/dev/null || groupadd -r yubihsm-connector
|
|
|
4f38092 |
getent passwd yubihsm-connector >/dev/null || \
|
|
|
4f38092 |
useradd -r -g yubihsm-connector -M -s /sbin/nologin \
|
|
|
4f38092 |
-c "YubiHSM connector account" yubihsm-connector \
|
|
|
4f38092 |
--system
|
|
|
4f38092 |
exit 0
|
|
|
4f38092 |
|
|
|
4f38092 |
%post
|
|
|
4f38092 |
%systemd_post yubihsm-connector.service
|
|
|
4f38092 |
|
|
|
4f38092 |
%preun
|
|
|
4f38092 |
%systemd_preun yubihsm-connector.service
|
|
|
4f38092 |
|
|
|
4f38092 |
%postun
|
|
|
4f38092 |
%systemd_postun_with_restart yubihsm-connector.service
|
|
|
4f38092 |
|
|
|
4f38092 |
%files
|
|
|
4f38092 |
%license LICENSE
|
|
|
4f38092 |
%{_bindir}/yubihsm-connector
|
|
|
4f38092 |
%config(noreplace) %{_sysconfdir}/yubihsm-connector.yaml
|
|
|
4f38092 |
%{_unitdir}/yubihsm-connector.service
|
|
|
4f38092 |
%{_udevrulesdir}/70-yubihsm-connector.rules
|
|
|
4f38092 |
|
|
|
4f38092 |
%changelog
|
|
|
d2c468c |
* Sat Jul 09 2022 Maxwell G <gotmax@e.email> - 3.0.2-2
|
|
|
d2c468c |
- Rebuild for CVE-2022-{24675,28327,29526} in golang
|
|
|
d2c468c |
|
|
|
0953937 |
* Tue Aug 24 2021 Jakub Jelen <jjelen@redhat.com> - 3.0.2-1
|
|
|
0953937 |
- New upstream release (#1995879)
|
|
|
0953937 |
|
|
 |
9baa716 |
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.1-2
|
|
|
9baa716 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
|
|
9baa716 |
|
|
|
120a247 |
* Thu Apr 15 2021 Jakub Jelen <jjelen@redhat.com> - 3.0.1-1
|
|
|
120a247 |
- New upstream release fixing YSA-2021-02 / CVE-2021-28484
|
|
|
120a247 |
|
|
 |
6e4059b |
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3.0.0-2
|
|
|
6e4059b |
- Rebuilt for updated systemd-rpm-macros
|
|
|
6e4059b |
See https://pagure.io/fesco/issue/2583.
|
|
|
6e4059b |
|
|
|
5d86c11 |
* Wed Feb 17 2021 Jakub Jelen <jjelen@redhat.com> - 3.0.0-1
|
|
|
5d86c11 |
- New upstream release (#1929041)
|
|
|
5d86c11 |
|
|
|
a723a25 |
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.0-3
|
|
|
a723a25 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
|
a723a25 |
|
|
|
cc896e3 |
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.0-2
|
|
|
cc896e3 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
|
cc896e3 |
|
|
|
fe353cf |
* Mon Feb 17 2020 Jakub Jelen <jjelen@redhat.com> - 2.2.0-1
|
|
|
fe353cf |
- New upstream release (#1788637)
|
|
|
fe353cf |
|
|
|
c6150c7 |
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-2
|
|
|
c6150c7 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
|
c6150c7 |
|
|
|
60f874b |
* Mon Jan 13 2020 Jakub Jelen <jjelen@redhat.com> - 2.1.0-1
|
|
|
60f874b |
- New upstream release (#1788637)
|
|
|
60f874b |
|
|
|
a4de768 |
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-3
|
|
|
a4de768 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
|
a4de768 |
|
|
|
5d52765 |
* Fri Jul 12 2019 Elliott Sales de Andrade <quantum.analyst@gmail.com> - 2.0.0-2
|
|
|
5d52765 |
- Update to latest Go macros
|
|
|
5d52765 |
|
|
|
4f38092 |
* Thu Jan 31 2019 Jakub Jelen <jjelen@redhat.com> - 2.0.0-1
|
|
|
4f38092 |
- First package for Fedora
|