%define vermajor 1 %define verminor 6.3 %define version %{vermajor}.%{verminor} %define libapivermajor 1 %define libapiversion %{libapivermajor}.10 # % define buildid .local Name: keyutils Version: %{version} Release: 1%{?buildid}%{?dist} Summary: Linux Key Management Utilities License: GPLv2+ and LGPLv2+ Url: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git Source0: %{url}/snapshot/keyutils-%{version}.tar.gz BuildRequires: gcc BuildRequires: glibc-kernheaders >= 2.4-9.1.92 Requires: %{name}-libs%{?_isa} = %{version}-%{release} %description Utilities to control the kernel key management facility and to provide a mechanism by which the kernel call back to user space to get a key instantiated. %package libs Summary: Key utilities library %description libs This package provides a wrapper library for the key management facility system calls. %package libs-devel Summary: Development package for building Linux key management utilities Requires: %{name}-libs%{?_isa} = %{version}-%{release} %description libs-devel This package provides headers and libraries for building key utilities. %prep %setup -q %define datadir %{_datarootdir}/keyutils %build make \ NO_ARLIB=1 \ ETCDIR=%{_sysconfdir} \ LIBDIR=%{_libdir} \ USRLIBDIR=%{_libdir} \ BINDIR=%{_bindir} \ SBINDIR=%{_sbindir} \ MANDIR=%{_mandir} \ INCLUDEDIR=%{_includedir} \ SHAREDIR=%{datadir} \ RELEASE=.%{release} \ NO_GLIBC_KEYERR=1 \ CFLAGS="-Wall $RPM_OPT_FLAGS -Werror" \ LDFLAGS="%{?__global_ldflags}" %install make \ NO_ARLIB=1 \ DESTDIR=$RPM_BUILD_ROOT \ ETCDIR=%{_sysconfdir} \ LIBDIR=%{_libdir} \ USRLIBDIR=%{_libdir} \ BINDIR=%{_bindir} \ SBINDIR=%{_sbindir} \ MANDIR=%{_mandir} \ INCLUDEDIR=%{_includedir} \ SHAREDIR=%{datadir} \ install %ldconfig_scriptlets libs %files %doc README %license LICENCE.GPL %{_sbindir}/* %{_bindir}/* %{datadir} %{_mandir}/man1/* %{_mandir}/man5/* %{_mandir}/man8/* %config(noreplace) %{_sysconfdir}/* %files libs %license LICENCE.LGPL %{_mandir}/man7/* %{_libdir}/libkeyutils.so.%{libapiversion} %{_libdir}/libkeyutils.so.%{libapivermajor} %files libs-devel %{_libdir}/libkeyutils.so %{_includedir}/* %{_mandir}/man3/* %{_libdir}/pkgconfig/libkeyutils.pc %changelog * Tue Jul 7 2020 David Howells - 1.6.3-1 - Revert the change notifications that were using /dev/watch_queue. - Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE). * Mon Jul 6 2020 David Howells - 1.6.2-1 - Allow "keyctl supports" to retrieve raw capability data. - Allow "keyctl id" to turn a symbolic key ID into a numeric ID. - Allow "keyctl new_session" to name the keyring. - Allow "keyctl add/padd/etc." to take hex-encoded data. - Add "keyctl watch*" to expose kernel change notifications on keys. - Add caps for namespacing and notifications. - Set a default TTL on keys that upcall for name resolution. - Explicitly clear memory after it's held sensitive information. - Various manual page fixes. - Fix C++-related errors. * Fri Aug 2 2019 David Howells - 1.6.1-1 - Add support for keyctl_move(). - Add support for keyctl_capabilities(). - Make key=val list optional for various public-key ops. - Fix system call signature for KEYCTL_PKEY_QUERY. - Fix 'keyctl pkey_query' argument passing. - Use keyctl_read_alloc() in dump_key_tree_aux(). - Various manual page fixes. * Tue Nov 13 2018 David Howells - 1.6-1 - Apply various specfile cleanups from Fedora. - request-key: Provide a command line option to suppress helper execution. - request-key: Find least-wildcard match rather than first match. - Remove the dependency on MIT Kerberos. - Fix some error messages - keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes. - Fix doc and comment typos. - Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20). - Add pkg-config support for finding libkeyutils. * Wed May 9 2018 David Howells - 1.5.11-1 - Add keyring restriction support. - Add KDF support to the Diffie-Helman function. - DNS: Add support for AFS config files and SRV records * Wed Mar 15 2017 David Howells - 1.5.10-1 - Include sys/types.h in keyutils.h. - The dns resolver needs limits.h. - Overhaul of all manual pages. - Some manual pages moved to Linux man-pages project. - Add Diffie-Helman keyctl function. * Fri Feb 21 2014 David Howells - 1.5.9-1 - Add manpages for get_persistent. - Fix memory leaks in keyctl_describe/read/get_security_alloc(). - Use keyctl_describe_alloc in dump_key_tree_aux rather than open coding it. - Exit rather than returning from act_xxx() functions. - Fix memory leak in dump_key_tree_aux. - Only get the groups list if we need it. - Don't trust sscanf's %%n argument. - Use the correct path macros in the specfile. - Avoid use realloc when the memory has no content. - Fix a bunch of issues in key.dns_resolver. - Fix command table searching in keyctl utility. - Fix a typo in the permissions mask constants. - Improve the keyctl_read manpage. - Add man7 pages describing various keyrings concepts. * Fri Oct 4 2013 David Howells - 1.5.8-1 - New lib symbols should go in a new library minor version. * Wed Oct 2 2013 David Howells - 1.5.7-1 - Provide a utility function to find a key by type and name. - Allow keyctl commands to take a type+name arg instead of a key-id arg. - Add per-UID get_persistent keyring function. * Thu Aug 29 2013 David Howells - 1.5.6-1 - Fix the request-key.conf.5 manpage. - Fix the max depth of key tree dump (keyctl show). - The input buffer size for keyctl padd and pinstantiate should be larger. - Add keyctl_invalidate.3 manpage. * Wed Nov 30 2011 David Howells - 1.5.5-1 - Fix a Makefile error. * Wed Nov 30 2011 David Howells - 1.5.4-1 - Fix the keyctl padd command and similar to handle binary input. - Make keyctl show able to take a keyring to dump. - Make keyctl show able to take a flag to request hex key IDs. - Make keyctl show print the real ID of the root keyring. * Tue Nov 15 2011 David Howells - Allow /sbin/request-key to have multiple config files. * Wed Aug 31 2011 David Howells - Adjust the manual page for 'keyctl unlink' to show keyring is optional. - Add --version support for the keyutils version and build date. * Thu Aug 11 2011 David Howells - 1.5.3-1 - Make the keyutils rpm depend on the same keyutils-libs rpm version. * Tue Jul 26 2011 David Howells - 1.5.2-1 - Use correct format spec for printing pointer subtraction results. * Tue Jul 19 2011 David Howells - 1.5.1-1 - Fix unread variables. - Licence file update. * Thu Mar 10 2011 David Howells - 1.5-1 - Disable RPATH setting in Makefile. - Add -I. to build to get this keyutils.h. - Make CFLAGS override on make command line work right. - Make specfile UTF-8. - Support KEYCTL_REJECT. - Support KEYCTL_INSTANTIATE_IOV. - Add AFSDB DNS lookup program from Wang Lei. - Generalise DNS lookup program. - Add recursive scan utility function. - Add bad key reap command to keyctl. - Add multi-unlink variant to keyctl unlink command. - Add multi key purge command to keyctl. - Handle multi-line commands in keyctl command table. - Move the package to version to 1.5. * Tue Mar 1 2011 David Howells - 1.4-4 - Make build guess at default libdirs and word size. - Make program build depend on library in Makefile. - Don't include $(DESTDIR) in MAN* macros. - Remove NO_GLIBC_KEYSYS as it is obsolete. - Have Makefile extract version info from specfile and version script. - Provide RPM build rule in Makefile. - Provide distclean rule in Makefile. * Fri Dec 17 2010 Diego Elio Pettenò - 1.4-3 - Fix local linking and RPATH. * Thu Jun 10 2010 David Howells - 1.4-2 - Fix prototypes in manual pages (some char* should be void*). - Rename the keyctl_security.3 manpage to keyctl_get_security.3. * Fri Mar 19 2010 David Howells - 1.4-1 - Fix the library naming wrt the version. - Move the package to version to 1.4. * Fri Mar 19 2010 David Howells - 1.3-3 - Fix spelling mistakes in manpages. - Add an index manpage for all the keyctl functions. * Thu Mar 11 2010 David Howells - 1.3-2 - Fix rpmlint warnings. * Fri Feb 26 2010 David Howells - 1.3-1 - Fix compiler warnings in request-key. - Expose the kernel function to get a key's security context. - Expose the kernel function to set a processes keyring onto its parent. - Move libkeyutils library version to 1.3. * Tue Aug 22 2006 David Howells - 1.2-1 - Remove syscall manual pages (section 2) to man-pages package [BZ 203582] - Don't write to serial port in debugging script * Mon Jun 5 2006 David Howells - 1.1-4 - Call ldconfig during (un)installation. * Fri May 5 2006 David Howells - 1.1-3 - Don't include the release number in the shared library filename - Don't build static library * Fri May 5 2006 David Howells - 1.1-2 - More bug fixes from Fedora reviewer. * Thu May 4 2006 David Howells - 1.1-1 - Fix rpmlint errors * Mon Dec 5 2005 David Howells - 1.0-2 - Add build dependency on glibc-kernheaders with key management syscall numbers * Tue Nov 29 2005 David Howells - 1.0-1 - Add data pipe-in facility for keyctl request2 * Mon Nov 28 2005 David Howells - 1.0-1 - Rename library and header file "keyutil" -> "keyutils" for consistency - Fix shared library version naming to same way as glibc. - Add versioning for shared library symbols - Create new keyutils-libs package and install library and main symlink there - Install base library symlink in /usr/lib and place in devel package - Added a keyutils archive library - Shorten displayed key permissions list to just those we actually have * Thu Nov 24 2005 David Howells - 0.3-4 - Add data pipe-in facilities for keyctl add, update and instantiate * Fri Nov 18 2005 David Howells - 0.3-3 - Added stdint.h inclusion in keyutils.h - Made request-key.c use request_key() rather than keyctl_search() - Added piping facility to request-key * Thu Nov 17 2005 David Howells - 0.3-2 - Added timeout keyctl option - request_key auth keys must now be assumed - Fix keyctl argument ordering for debug negate line in request-key.conf * Thu Jul 28 2005 David Howells - 0.3-1 - Must invoke initialisation from perror() override in libkeyutils - Minor UI changes * Wed Jul 20 2005 David Howells - 0.2-2 - Bump version to permit building in main repositories. * Tue Jul 12 2005 David Howells - 0.2-1 - Don't attempt to define the error codes in the header file. - Pass the release ID through to the makefile to affect the shared library name. * Tue Jul 12 2005 David Howells - 0.1-3 - Build in the perror() override to get the key error strings displayed. * Tue Jul 12 2005 David Howells - 0.1-2 - Need a defattr directive after each files directive. * Tue Jul 12 2005 David Howells - 0.1-1 - Package creation.