mirror of
https://github.com/stefanberger/swtpm.git
synced 2025-08-22 10:30:52 +00:00
3d2747a1be
An apparmor profile was added for Debian-based distributions in order to increase security. This blocks swtpm from accessing restricted and unnecessary files, folders, and network interfaces. swtpm works as normal alongside libvirt and its configurations, however users may run into issues when using swtpm on its own when providing it with a restricted directory. The apparmor profile can be modified to include additional permissions by creating and adding to the file /etc/apparmor.d/local/usr.bin.swtpm. Signed-off-by: Lena Voytek <lena.voytek@canonical.com>
23 lines
487 B
Makefile
Executable File
23 lines
487 B
Makefile
Executable File
#!/usr/bin/make -f
|
|
|
|
%:
|
|
dh $@
|
|
|
|
override_dh_auto_configure:
|
|
NOCONFIGURE=1 ./autogen.sh
|
|
dh_auto_configure -- --with-openssl --with-gnutls --without-cuse
|
|
|
|
override_dh_install:
|
|
dh_install
|
|
# deploy swtpm's apparmor profile
|
|
dh_apparmor -pswtpm --profile-name=usr.bin.swtpm
|
|
|
|
override_dh_auto_test:
|
|
SWTPM_TEST_SECCOMP_OPT="--seccomp action=none" make -j4 check VERBOSE=1
|
|
|
|
override_dh_clean:
|
|
dh_clean --exclude=man/man8/swtpm-localca.8
|
|
|
|
override_dh_makeshlibs:
|
|
dh_makeshlibs --no-scripts
|