Updated to 3.11.0

Resolved #1341079 - Failed to create directory or subvolume "/var/lock/opencryptoki" Ported root's group membership's patch for 3.11.0
2019-01-31 11:05:38 +01:00 · 2019-01-31 11:05:38 +01:00 · a97cd99a50
parent e48badb8b2
commit a97cd99a50
6 changed files with 60 additions and 57 deletions
--- a/.gitignore
+++ b/.gitignore
@ -19,3 +19,4 @@ opencryptoki-2.3.1.tar.gz
 /opencryptoki-3.8.2.tar.gz
 /opencryptoki-3.9.0.tar.gz
 /opencryptoki-3.10.0.tar.gz
+/opencryptoki-3.11.0.tar.gz
--- a/opencryptoki-2.4-group.patch
+++ b/opencryptoki-2.4-group.patch
@ -1,51 +0,0 @@
-diff -upr opencryptoki-3.7.0.orig/usr/lib/pkcs11/api/shrd_mem.c.in opencryptoki-3.7.0/usr/lib/pkcs11/api/shrd_mem.c.in
--- opencryptoki-3.7.0.orig/usr/lib/pkcs11/api/shrd_mem.c.in	2017-05-17 15:13:54.711536688 +0530
-+++ opencryptoki-3.7.0/usr/lib/pkcs11/api/shrd_mem.c.in	2017-05-17 15:22:27.758655055 +0530
-@@ -56,9 +56,6 @@ attach_shared_memory() {
-    int    shmid;
-    char   *shmp;
-    struct stat statbuf;
-   struct group *grp;
-   struct passwd *pw, *epw;
-   uid_t uid, euid;
- 
- #if !(MMAP)
-    // Really should fstat the tok_path, since it will be the actual
-@@ -70,37 +67,6 @@ attach_shared_memory() {
-       return NULL;
-    }
- 
-   uid = getuid();
-   euid = geteuid();
-   // only check group membership if not root user
-   if (uid != 0 && euid != 0) {
-	   int i, member=0;
-	   grp = getgrnam("pkcs11");
-	   if (!grp) {
-		   // group pkcs11 not known to the system
-		   return NULL;
-	   }
-	   pw = getpwuid(uid);
-	   epw = getpwuid(euid);
-	   for (i=0; grp->gr_mem[i]; i++) {
-		   if (pw) {
-			   if (!strncmp(pw->pw_name, grp->gr_mem[i],strlen(pw->pw_name))) {
-				   member = 1;
-				   break;
-			   }
-		   }
-		   if (epw) {
-			   if (!strncmp(epw->pw_name, grp->gr_mem[i],strlen(epw->pw_name))) {
-				   member = 1;
-				   break;
-			   }
-		   }
-	   }
-	   if (!member) {
-		   return NULL;
-	   }
-   }
-
-    Anchor->shm_tok = ftok(TOK_PATH,'b');
- 
-    // Get the shared memory id.
--- a/opencryptoki-3.11.0-group.patch
+++ b/opencryptoki-3.11.0-group.patch
@ -0,0 +1,31 @@
+diff -up opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in.me opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in
+--- opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in.me	2019-01-31 10:42:23.325797012 +0100
+++ opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in	2019-01-31 10:52:17.585191667 +0100
+@@ -55,9 +55,11 @@ void *attach_shared_memory()
+     int shmid;
+     char *shmp;
+     struct stat statbuf;
+#if 0
+     struct group *grp;
+     struct passwd *pw, *epw;
+     uid_t uid, euid;
+#endif
+ 
+ #if !(MMAP)
+     // Really should fstat the tok_path, since it will be the actual
+@@ -69,6 +71,7 @@ void *attach_shared_memory()
+         return NULL;
+     }
+ 
+#if 0
+     uid = getuid();
+     euid = geteuid();
+     // only check group membership if not root user
+@@ -102,6 +105,7 @@ void *attach_shared_memory()
+             return NULL;
+         }
+     }
+#endif
+ 
+     Anchor->shm_tok = ftok(TOK_PATH, 'b');
+ 
--- a/opencryptoki-3.11.0-lockdir.patch
+++ b/opencryptoki-3.11.0-lockdir.patch
@ -0,0 +1,12 @@
+diff -up opencryptoki-3.11.0/configure.ac.me opencryptoki-3.11.0/configure.ac
+--- opencryptoki-3.11.0/configure.ac.me	2019-01-30 17:10:19.660952694 +0100
+++ opencryptoki-3.11.0/configure.ac	2019-01-30 17:13:54.150089964 +0100
+@@ -62,7 +62,7 @@ AC_SUBST([OPENLDAP_LIBS])
+ 
+ dnl Define custom variables
+ 
+-lockdir=$localstatedir/lock/opencryptoki
+lockdir=/run/lock/opencryptoki
+ AC_SUBST(lockdir)
+ 
+ logdir=$localstatedir/log/opencryptoki
--- a/opencryptoki.spec
+++ b/opencryptoki.spec
@ -1,12 +1,14 @@
 Name:			opencryptoki
 Summary:		Implementation of the PKCS#11 (Cryptoki) specification v2.11
-Version:		3.10.0
-Release:		2%{?dist}
+Version:		3.11.0
+Release:		1%{?dist}
 License:		CPL
 URL:			http://sourceforge.net/projects/opencryptoki
 Source0:		https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
 # https://bugzilla.redhat.com/show_bug.cgi?id=732756
-Patch0:			%{name}-2.4-group.patch
+Patch0:			opencryptoki-3.11.0-group.patch
+#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/*
+Patch1:			opencryptoki-3.11.0-lockdir.patch

 # Use --no-undefined to debug missing symbols
 #Patch100:			%{name}-3.2-no-undefined.patch
@ -197,6 +199,9 @@ exit 0

 %post
 %systemd_post pkcsslotd.service
+if test $1 -eq 1; then
+	%tmpfiles_create
+fi

 %preun
 %systemd_preun pkcsslotd.service
@ -222,8 +227,8 @@ exit 0
 %{_libdir}/opencryptoki/methods
 %{_libdir}/pkcs11/methods
 %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}
-%dir %attr(770,root,pkcs11) %{_localstatedir}/lock/%{name}
-%dir %attr(770,root,pkcs11) %{_localstatedir}/lock/%{name}/*
+%ghost %dir %attr(770,root,pkcs11) %{_rundir}/lock/%{name}
+%ghost %dir %attr(770,root,pkcs11) %{_rundir}/lock/%{name}/*

 %files libs
 %license LICENSE
@ -296,6 +301,11 @@ exit 0


 %changelog
+* Thu Jan 31 2019 Than Ngo <than@redhat.com> - 3.11.0-1
+- Updated to 3.11.0
+- Resolved #1341079 - Failed to create directory or subvolume "/var/lock/opencryptoki"
+- Ported root's group membership's patch for 3.11.0
+
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.10.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (opencryptoki-3.10.0.tar.gz) = 5c01c367be2db202f177ba5b586b4a16cd2cb2ff58d318d0168cb594b92e79fc7d5bc50318c427590deb74f3cd4cd5b588a636b2dd05ea11d98f946e793403e6
+SHA512 (opencryptoki-3.11.0.tar.gz) = 1a01fdb5daf613bc0fce366846015716986b7b8d1868901fb57e455fd93a985d8532e3565e417fe2aa59f2308bd11ac110de90d873b83e8547e36b9e1582f89b