X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=packaging%2Fkey-manager.spec;h=d39cdbd41445a708a2bd092d81662a11edaa595c;hb=bbaf47ebb5d4e4f1f43872a4be80136fa3949fcb;hp=9fecde1914d1711c72045bbd6127edfae499e976;hpb=0072ff2ccf859bebf2bcdb6dab0d5ae97e3f4ca7;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec index 9fecde1..d39cdbd 100644 --- a/packaging/key-manager.spec +++ b/packaging/key-manager.spec @@ -1,10 +1,14 @@ Name: key-manager Summary: Central Key Manager and utilities -Version: 0.0.1 +Version: 0.1.15 Release: 1 Group: System/Security -License: Apache License, Version 2.0 +License: Apache-2.0 Source0: %{name}-%{version}.tar.gz +Source1001: key-manager.manifest +Source1002: key-manager-listener.manifest +Source1003: libkey-manager-client.manifest +Source1004: libkey-manager-common.manifest BuildRequires: cmake BuildRequires: zip BuildRequires: pkgconfig(dlog) @@ -12,17 +16,47 @@ BuildRequires: pkgconfig(openssl) BuildRequires: libattr-devel BuildRequires: pkgconfig(libsmack) BuildRequires: pkgconfig(libsystemd-daemon) -BuildRequires: pkgconfig(db-util) +BuildRequires: pkgconfig(vconf) +BuildRequires: pkgconfig(libsystemd-journal) +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(capi-system-info) +BuildRequires: pkgconfig(security-manager) BuildRequires: boost-devel +Requires: libkey-manager-common = %{version}-%{release} %{?systemd_requires} %description -Central Key Manager and utilities +Central Key Manager daemon could be used as secure storage +for certificate and private/public keys. It gives API for +application to sign and verify (DSA/RSA/ECDSA) signatures. + +%package -n key-manager-listener +Summary: Package with listener daemon +Group: System/Security +BuildRequires: pkgconfig(vconf) +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(capi-appfw-package-manager) +Requires: libkey-manager-client = %{version}-%{release} + +%description -n key-manager-listener +Listener for central key manager. This daemon is responsible for +receive notification from dbus about uninstall application +and pass them to key-manager daemon. + +%package -n libkey-manager-common +Summary: Central Key Manager (common libraries) +Group: Development/Libraries +Requires(post): /sbin/ldconfig +Requires(postun): /sbin/ldconfig + +%description -n libkey-manager-common +Central Key Manager package (common library) %package -n libkey-manager-client Summary: Central Key Manager (client) Group: Development/Libraries Requires: key-manager = %{version}-%{release} +Requires: libkey-manager-common = %{version}-%{release} Requires(post): /sbin/ldconfig Requires(postun): /sbin/ldconfig @@ -32,30 +66,42 @@ Central Key Manager package (client) %package -n libkey-manager-client-devel Summary: Central Key Manager (client-devel) Group: Development/Libraries +BuildRequires: pkgconfig(capi-base-common) +Requires: pkgconfig(capi-base-common) Requires: libkey-manager-client = %{version}-%{release} %description -n libkey-manager-client-devel Central Key Manager package (client-devel) -%package -n key-manager-devel -Summary: Central Key Manager (Development) -Group: Development/Libraries -Requires: key-manager = %{version}-%{release} - -%description -n key-manager-devel -Central Key Manager (Development) - %package -n key-manager-tests -Summary: internal test for key-manager +Summary: Internal test for key-manager Group: Development +BuildRequires: pkgconfig(libxml-2.0) +Requires: boost-test Requires: key-manager = %{version}-%{release} %description -n key-manager-tests -Internal test for key-manager +Internal test for key-manager implementation. + +%package -n key-manager-pam-plugin +Summary: CKM login/password module to PAM. +Group: Development/Libraries +BuildRequires: pam-devel +Requires: key-manager = %{version}-%{release} +Requires(post): /sbin/ldconfig +Requires(postun): /sbin/ldconfig + +%description -n key-manager-pam-plugin +CKM login/password module to PAM. +It's used to monitor user login/logout and password change events from PAM. + %prep %setup -q - +cp -a %{SOURCE1001} . +cp -a %{SOURCE1002} . +cp -a %{SOURCE1003} . +cp -a %{SOURCE1004} . %build %if 0%{?sec_build_binary_debug_enable} @@ -65,11 +111,18 @@ Internal test for key-manager %endif -export LDFLAGS+="-Wl,--rpath=%{_libdir} " +export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions " %cmake . -DVERSION=%{version} \ -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \ - -DCMAKE_VERBOSE_MAKEFILE=ON + -DCMAKE_VERBOSE_MAKEFILE=ON \ +%if "%{sec_product_feature_security_mdfpp_enable}" == "1" + -DSECURITY_MDFPP_STATE_ENABLE=1 \ +%endif + -DSYSTEMD_UNIT_DIR=%{_unitdir} \ + -DSYSTEMD_ENV_FILE="/etc/sysconfig/central-key-manager" \ + -DMOCKUP_SM=%{?mockup_sm:%mockup_sm}%{!?mockup_sm:OFF} + make %{?jobs:-j%jobs} %install @@ -77,25 +130,38 @@ rm -rf %{buildroot} mkdir -p %{buildroot}/usr/share/license cp LICENSE %{buildroot}/usr/share/license/%{name} cp LICENSE %{buildroot}/usr/share/license/libkey-manager-client +cp LICENSE %{buildroot}/usr/share/license/libkey-manager-control-client +mkdir -p %{buildroot}/opt/data/ckm/initial_values mkdir -p %{buildroot}/etc/security/ +mkdir -p %{buildroot}/usr/share/ckm/scripts +cp data/scripts/*.sql %{buildroot}/usr/share/ckm/scripts +cp doc/initial_values.xsd %{buildroot}/usr/share/ckm +mkdir -p %{buildroot}/usr/share/ckm-db-test +cp tests/testme_ver1.db %{buildroot}/usr/share/ckm-db-test/ +cp tests/testme_ver2.db %{buildroot}/usr/share/ckm-db-test/ +cp tests/testme_ver3.db %{buildroot}/usr/share/ckm-db-test/ +cp tests/XML_1_okay.xml %{buildroot}/usr/share/ckm-db-test/ +cp tests/XML_1_okay.xsd %{buildroot}/usr/share/ckm-db-test/ +cp tests/XML_1_wrong.xml %{buildroot}/usr/share/ckm-db-test/ +cp tests/XML_1_wrong.xsd %{buildroot}/usr/share/ckm-db-test/ +cp tests/XML_2_structure.xml %{buildroot}/usr/share/ckm-db-test/ +mkdir -p %{buildroot}/etc/gumd/userdel.d/ +cp data/gumd/10_key-manager.post %{buildroot}/etc/gumd/userdel.d/ %make_install -mkdir -p %{buildroot}/usr/lib/systemd/system/multi-user.target.wants -mkdir -p %{buildroot}/usr/lib/systemd/system/sockets.target.wants -ln -s ../central-key-manager.service %{buildroot}/usr/lib/systemd/system/multi-user.target.wants/central-key-manager.service -ln -s ../central-key-manager-echo.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/central-key-manager-echo.socket -ln -s ../central-key-manager-api-control.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/central-key-manager-api-control.socket -ln -s ../central-key-manager-api-storage.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/central-key-manager-api-storage.socket - +mkdir -p %{buildroot}%{_unitdir}/multi-user.target.wants +mkdir -p %{buildroot}%{_unitdir}/sockets.target.wants +ln -s ../central-key-manager.service %{buildroot}%{_unitdir}/multi-user.target.wants/central-key-manager.service +ln -s ../central-key-manager-listener.service %{buildroot}%{_unitdir}/multi-user.target.wants/central-key-manager-listener.service +ln -s ../central-key-manager-api-control.socket %{buildroot}%{_unitdir}/sockets.target.wants/central-key-manager-api-control.socket +ln -s ../central-key-manager-api-storage.socket %{buildroot}%{_unitdir}/sockets.target.wants/central-key-manager-api-storage.socket +ln -s ../central-key-manager-api-ocsp.socket %{buildroot}%{_unitdir}/sockets.target.wants/central-key-manager-api-ocsp.socket +ln -s ../central-key-manager-api-encryption.socket %{buildroot}%{_unitdir}/sockets.target.wants/central-key-manager-api-encryption.socket %clean rm -rf %{buildroot} %post -%if "%{sec_product_feature_security_mdfpp_enable}" == "1" -rm %{_libdir}/libkey-manager-key-provider.so.1.0.0 -ln -s %{_libdir}/libskmm.so %{_libdir}/libkey-manager-key-provider.so.1.0.0 -%endif systemctl daemon-reload if [ $1 = 1 ]; then # installation @@ -124,41 +190,106 @@ fi %postun -n libkey-manager-client -p /sbin/ldconfig +%post -n key-manager-listener +systemctl daemon-reload +if [ $1 = 1 ]; then + # installation + systemctl start central-key-manager-listener.service +fi +if [ $1 = 2 ]; then + # update + systemctl restart central-key-manager-listener.service +fi + +%preun -n key-manager-listener +if [ $1 = 0 ]; then + # unistall + systemctl stop central-key-manager-listener.service +fi + +%postun -n key-manager-listener +if [ $1 = 0 ]; then + # unistall + systemctl daemon-reload +fi + + %files -n key-manager -%manifest %{_datadir}/key-manager.manifest -%attr(755,root,root) /usr/bin/key-manager -%{_libdir}/libkey-manager-commons.so.* -%{_libdir}/libkey-manager-key-provider.so.* -%attr(-,root,root) /usr/lib/systemd/system/multi-user.target.wants/central-key-manager.service -%attr(-,root,root) /usr/lib/systemd/system/central-key-manager.service -%attr(-,root,root) /usr/lib/systemd/system/central-key-manager.target -%attr(-,root,root) /usr/lib/systemd/system/sockets.target.wants/central-key-manager-echo.socket -%attr(-,root,root) /usr/lib/systemd/system/central-key-manager-echo.socket -%attr(-,root,root) /usr/lib/systemd/system/sockets.target.wants/central-key-manager-api-control.socket -%attr(-,root,root) /usr/lib/systemd/system/central-key-manager-api-control.socket -%attr(-,root,root) /usr/lib/systemd/system/sockets.target.wants/central-key-manager-api-storage.socket -%attr(-,root,root) /usr/lib/systemd/system/central-key-manager-api-storage.socket +%manifest key-manager.manifest +%{_bindir}/key-manager +%{_unitdir}/multi-user.target.wants/central-key-manager.service +%{_unitdir}/central-key-manager.service +%{_unitdir}/central-key-manager.target +%{_unitdir}/sockets.target.wants/central-key-manager-api-control.socket +%{_unitdir}/central-key-manager-api-control.socket +%{_unitdir}/sockets.target.wants/central-key-manager-api-storage.socket +%{_unitdir}/central-key-manager-api-storage.socket +%{_unitdir}/sockets.target.wants/central-key-manager-api-ocsp.socket +%{_unitdir}/central-key-manager-api-ocsp.socket +%{_unitdir}/sockets.target.wants/central-key-manager-api-encryption.socket +%{_unitdir}/central-key-manager-api-encryption.socket %{_datadir}/license/%{name} +%{_datadir}/ckm/scripts/*.sql +%{_datadir}/ +%{_datadir}/ckm/initial_values.xsd +/opt/data/ckm/initial_values/ +%attr(444, root, root) %{_datadir}/ckm/scripts/*.sql +/etc/opt/upgrade/230.key-manager-migrate-dkek.patch.sh +/etc/gumd/userdel.d/10_key-manager.post +%attr(550, root, root) /etc/gumd/userdel.d/10_key-manager.post +%{_bindir}/ckm_tool -%files -n key-manager-devel -%defattr(-,root,root,-) -%{_libdir}/libkey-manager-key-provider.so +%files -n key-manager-listener +%manifest key-manager-listener.manifest +%{_bindir}/key-manager-listener +%{_unitdir}/multi-user.target.wants/central-key-manager-listener.service +%{_unitdir}/central-key-manager-listener.service + +%files -n libkey-manager-common +%manifest libkey-manager-common.manifest +%{_libdir}/libkey-manager-common.so.* %files -n libkey-manager-client -%manifest %{_datadir}/libkey-manager-client.manifest -%defattr(-,root,root,-) +%manifest libkey-manager-client.manifest %{_libdir}/libkey-manager-client.so.* +%{_libdir}/libkey-manager-control-client.so.* %{_datadir}/license/libkey-manager-client +%{_datadir}/license/libkey-manager-control-client %files -n libkey-manager-client-devel %defattr(-,root,root,-) %{_libdir}/libkey-manager-client.so -%{_libdir}/libkey-manager-commons.so -%{_includedir}/ckm/ckm/key-manager.h +%{_libdir}/libkey-manager-control-client.so +%{_libdir}/libkey-manager-common.so +%{_includedir}/ckm/ckm/ckm-manager.h +%{_includedir}/ckm/ckm/ckm-manager-async.h +%{_includedir}/ckm/ckm/ckm-certificate.h +%{_includedir}/ckm/ckm/ckm-control.h %{_includedir}/ckm/ckm/ckm-error.h +%{_includedir}/ckm/ckm/ckm-key.h +%{_includedir}/ckm/ckm/ckm-password.h +%{_includedir}/ckm/ckm/ckm-pkcs12.h +%{_includedir}/ckm/ckm/ckm-raw-buffer.h %{_includedir}/ckm/ckm/ckm-type.h +%{_includedir}/ckm/ckmc/ckmc-manager.h +%{_includedir}/ckm/ckmc/ckmc-control.h +%{_includedir}/ckm/ckmc/ckmc-error.h +%{_includedir}/ckm/ckmc/ckmc-type.h %{_libdir}/pkgconfig/*.pc %files -n key-manager-tests %defattr(-,root,root,-) -%{_bindir}/key-manager-tests +%{_bindir}/ckm-tests-internal +%{_datadir}/ckm-db-test/testme_ver1.db +%{_datadir}/ckm-db-test/testme_ver2.db +%{_datadir}/ckm-db-test/testme_ver3.db +%{_datadir}/ckm-db-test/XML_1_okay.xml +%{_datadir}/ckm-db-test/XML_1_okay.xsd +%{_datadir}/ckm-db-test/XML_1_wrong.xml +%{_datadir}/ckm-db-test/XML_1_wrong.xsd +%{_datadir}/ckm-db-test/XML_2_structure.xml +%{_bindir}/ckm_so_loader + +%files -n key-manager-pam-plugin +%defattr(-,root,root,-) +%{_libdir}/security/pam_key_manager_plugin.so*