Adapted from tpm-udev [0] which handles that, but it is not really a
hard-requirement for swtpm and TSS_USER is configurable after all
(even if that is mostly used for the test system).
So, create that user and group if it does not exists to avoid errors
and failing installation.
[0]: https://salsa.debian.org/debian/tpm-udev/-/blob/master/debian/tpm-udev.postinst
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
- debian/clean: Add files that were not being automatically cleaned
up by dh(1)'s `clean` target.
- debian/control:
- Add new recommended/required fields and bump Standards-Version.
- Remove redundant build dependencies that are implied transitively.
- Bump debhelper dependency version to match debian/compat.
- Move swtpm-libs's ${misc:Pre-Depends} dependency to `Pre-Depends`.
Resolves `depends-on-misc-pre-depends` Lintian warning.
- Sort packages and dependency lists alphabetically as per
wrap-and-sort(1).
- debian/not-installed: List deliberately non-installed files to
avoid dh_missing(1) warnings.
- debian/rules:
- Pass --no-scripts to dh_makeshlibs(1) in order to keep a
ldconfig(8) trigger from being implicitly added, which for
this package was redundant and triggered Lintian warning
`package-has-unnecessary-activation-of-ldconfig-trigger`.
- Remove redundant --parallel dh flag.
- Remove redundant dh_usrlocal override.
- debian/*.install:
- Add swtpm-create-tpmca(8) and its manpage, which were missing.
- Remove redundant `#! /usr/bin/dh-exec` lines.
- Sort entries alphabetically as per wrap-and-sort(1).
- debian/swtpm-tools.postinst.in: Add `set -e` to fail in case of
error. Fixes `maintainer-script-ignores-errors` Lintian warning.
Signed-off-by: Nick Chevsky <nchevsky@users.noreply.github.com>
Remove tpm-tools from runtime dependencies. Keep trousers for the
creation of the 'tss' user for now. Add python related dependencies.
Adjust the directory ownership for /var/lib/swtpm-localca to tss:root and
the mode flags to 0750. The new CA now may still be created as tss:tss but
users in the tss group will not have access to it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Remove swtpm_cuse related install script since not needed anymore.
Also address the following issues:
E: swtpm-tools: unknown-control-interpreter control/postinst #!/usr/bin/env
W: swtpm: syntax-error-in-debian-changelog line 25 "bad key-value after `;': `urgency medium'"
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add a post install script for swtpm-tools that creates
the /var/lib/swtpm-localca directory and changes ownersip
on it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
