| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Pavel Reichl <preichl@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
| |
|
|
|
|
|
|
| |
Open API version KEYUTILS_1.10 in the shared library.
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
| |
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This is needed so that other projects can add a dependency on libkeyutils
via PKG_CHECK_MODULES([KEYUTILS], [libkeyutils]). This enabling makes
'make install' do the right thing, and of course individual distros will
need to add enabling to their associated packages (rpm, deb, etc.) so the
package manager installs do the right thing.
Signed-off-by: Dave Jiang <dave.jiang@intel.com>
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the dependency on MIT Kerberos as not everyone has it available.
With the "use best match" change to /sbin/request-key, the kafs-client
package can install a more specific handler for dns_resolver afsdb:*
requests in front of the default one.
This means that the dns resolver program only needs to look up DNS records
and can ignore any static kafs configuration.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Port cleanups from Fedora:
Igor Gnatenko <ignatenkobrain@fedoraproject.org>
- Switching to %ldconfig_scriptlets
- Fixing the licence directory specs
- Removing unneeded %defattr specs
- Escaping macros in changelogs
- Remove buildroot definition and deletion
Peter Robinson <pbrobinson@gmail.com>
- Add explicit gcc requirement
- Remove Group specs
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
cc: Peter Robinson <pbrobinson@gmail.com>
|
| |
|
| |
|
|
|
|
|
|
| |
New symbols go into the libkeyutils.so.1.7 API.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Fix the handling of licence files in the specfile.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Pass global ldflags into build so that hardening works.
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
|
|
|
|
|
| |
Add manual pages to section 7 describing various keyrings concepts.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Use the correct path macros in the specfile.
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
New symbols should go in a new library minor version, so move
keyctl_get_persistent and find_key_by_type_and_desc to 1.5.
Reported-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Fix complaints generated by rpmlint.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
| |
Add a build ID facility to the specfile and the Makefile and add a make rule
to run rpmlint.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Make it possible to provide keytype-specific request key configs in userspace
as /etc/request-key.d/<keytype>.conf. If present, this will be used in
preference to /etc/request-key.conf.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The package version number and build date are stored in the library in:
const char keyutils_version_string[];
const char keyutils_build_string[];
And are displayable with the programs built as part of it:
# keyctl --version
keyctl from keyutils-1.5.3 (Built 2011-08-24)
# request-key --version
request-key from keyutils-1.5.3 (Built 2011-08-24)
The DNS query resolver gets extended version information as it already has its
own version number:
# key.dns_resolver --version
version: 1.0 from keyutils-1.5.3 (2011-08-24)
(the keyutils version is simply appended to the original).
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
| |
Fix the unlink entry in the keyctl.1 manual page command list to indicate that
the keyring is optional.
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The main keyutils rpm should depend on exactly the same version of the
keyutils-libs rpm so that they get updated together.
This should fix the following complaint from RHEL rpmdiff:
Report from TEST_REQUIRES:
[VERIFY] [keyutils] Subpackage keyutils on i686 ppc s390 consumes libraries libkeyutils.so.1 libkeyutils.so.1(KEYUTILS_0.3) libkeyutils.so.1(KEYUTILS_1.0) libkeyutils.so.1(KEYUTILS_1.3) from subpackage keyutils-libs but does not have explicit package version requirement.
Please add Requires: keyutils-libs = %{version}-%{release} to keyutils in the specfile to avoid the need to test interoperability between the various combinations of old and new subpackages.
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use ptrdiff_t format spec ("%td") in printf when displaying a pointer
subtraction result rather than a size_t ("%zu") or ssize_t ("%zd") format spec
as on something like the S390 pointers are not the same size as size_t,
resulting in the following warnings:
request-key.c: In function 'execute_program':
request-key.c:583:4: error: format '%zd' expects argument of type 'signed size_t', but argument 2 has type 'int' [-Werror=format]
request-key.c: In function 'pipe_to_program':
request-key.c:841:2: error: format '%zd' expects argument of type 'signed size_t', but argument 2 has type 'int' [-Werror=format]
Signed-off-by: David Howells <dhowells@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Fix the address of the FSF in the GPL licence file and add a URL to both
licence files whilst we're at it.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up variables that are set but not read, giving:
keyutils.c: In function 'recursive_key_scan_aux':
keyutils.c:353:46: error: variable 'is_keyring' set but not used [-Werror=unused-but-set-variable]
key.dns_resolver.c: In function 'main':
key.dns_resolver.c:643:7: error: variable 'hostbuf' set but not used [-Werror=unused-but-set-variable]
with the F16 compiler.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Move to version 1.5.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
| |
Support the negate key with specific rejection error keyctl op, providing it
as keyctl_reject().
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
| |
Make the specfile UTF-8 to keep rpmlint happy (one of the names in the
changelog has an accented character in it).
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add -I. to the build so that the keyutils.h in the build directory gets used in
preference to whatever's in /usr/include.
Handle Makefile variables being overridden by the specfile and discarding the
previously mentioned -I. flag.
Also chuck -Werror into the mix.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Release 1.4-4
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make the Makefile extract version information from the specfile and the library
version script when building rather than defining it redundantly.
The specfile provides the current package version and the library version
script provides the current API version.
Also add a 'make rpm' option to build a RPMs from the HEAD version of the GIT
tree that the keyutils package is in.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Release 1.4-3
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Release 1.4-2
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
| |
Move to version 1.4.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
| |
Fix the library naming to be libkeyutils.so.x.y.z, not libkeyutils-x.y.z.so as
the former is the preferred way, and the latter is only used by a few
exceptional packages, such as glibc.
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
|
|
|
|
|
|
| |
Add a keyctl.3 manpage as an index for all the keyctl functions. This means
that I don't have to alter every keyutils manpage each time a new function is
added, just to update the "See Also" sections.
Signed-off-by: David Howells <dhowells@redhat.com>
|