Overview Repositories Revisions Requests Users Attributes Meta

TSS (TCG Software Stack) access daemon for a TPM chip

Edit Package trousers

The trousers package provides a TSS implementation through the help of
a user-space daemon, the tcsd, and a library Trousers aims to be
compliant to the 1.1b and 1.2 TSS specifications as available from the
Trusted Computing website http://www.trustedcomputinggroup.org/.

The package needs the /dev/tpm device file to be present on your
system. It is a character device file major 10 minor 224, 0600 tss:tss.

  • Developed at security
  • Sources inherited from project openSUSE:Factory
  • 3 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Factory:Rebuild/trousers && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
91-trousers.rules 0000000046 46 Bytes
baselibs.conf 0000000009 9 Bytes
bsc1164472.patch 0000002203 2.15 KB
fix-lto.patch 0000000448 448 Bytes
tcsd.service 0000000140 140 Bytes
trousers-0.3.14.tar.gz 0001378438 1.31 MB
trousers.changes 0000015923 15.5 KB
trousers.spec 0000005722 5.59 KB
Revision 45 (latest revision is 55)
Yuchen Lin's avatar Yuchen Lin (maxlin_factory) accepted request 807580 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 45) 
- get rid of %pre/%post logic that fixes the old packaging bug. Turns out
  %pretrans and %posttrans had their purpose before, because the logic needed
  to run before old files owned by the package got deleted. But I'm not
  reimplementing this strange logic in Lua ... users that didn't get the fix
  yet will have to live with it.

- fix a potential tss user to root privilege escalation when running tcsd
  (bsc#1164472). To do this run tcsd as the 'tss' user right away to prevent
  badly designed privilege drop and initialization code to run.
- add bsc1164472.patch: additionally harden operation of tcsd when running as
  root. No longer follow symlinks in /var/lib/tpm. Drop gid to tss main group.
  require /etc/tcsd.conf to be owned by root:tss mode 0640.

- add correct Requires(pre) and change %pretrans and %posttrans into %pre and
  %post. %pretrans can't have any dependencies and therefore can only be
  %implemented in lua. This currently leads to build errors "/bin/sh: no such
  file or directory".
Comments 0
openSUSE Build Service is sponsored by
Places