| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: fde-firstboot | Distribution: openSUSE Tumbleweed |
| Version: 0.7.2 | Vendor: openSUSE |
| Release: 5.2 | Build date: Wed Mar 13 09:54:37 2024 |
| Group: System/Boot | Build host: reproducible |
| Size: 8412 | Source RPM: fde-tools-0.7.2-5.2.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://github.com/openSUSE/fde-tools | |
| Summary: Full Disk Encryption for images | |
This package contains the scripts necessary to plug Full Disk Encryption into the JeOS Firstboot framework used for image based delivery of ALP.
GPL-2.0-only
* Wed Mar 13 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add json-c to BuildRequires to build on openSUSE Leap 15.5
* Tue Mar 05 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-change-rpm-macro-dir.patch and set the rpm macro
directory correctly
- Make fde-firstboot, fde-tpm-helper, and fde-tpm-helper-rpm-macros
noarch
- Add fde-tools-bsc1220160-conditional-requires.patch to make
fde-tpm-helper a conditional "Requires" (bsc#1220160)
* Mon Feb 19 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1213945-set-rsa-key-size.patch to set
the highest supported RSA key size (bsc#1213945)
* Mon Nov 06 2023 Dominique Leuenberger <dimstar@opensuse.org>
- Fix build with RPM 4.19: unnumbered patches are no longer
supported.
* Wed Nov 01 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.7.2
+ Add help output for the command tpm-authorize
+ Improve the multi-devices support
* Mon Oct 23 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.7.1
+ add-secondary-key: remove the generation of the secondary
password
+ add-secondary-key: remove the inclusion of
'add-secondary-password'
+ luks: list all underlying LUKS device
+ Introduce FDE_DEVS to list all LUKS devices
- Drop upstreamd patch
+ fde-tools-remove-redundant-2nd-pw-creation.patch
* Wed Oct 04 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-remove-redundant-2nd-pw-creation.patch to remove
the creation of the secondary password in 'add-secondary-key'
* Mon Oct 02 2023 Gary Ching-Pang Lin <glin@suse.com>
- Bring ExclusiveArch back and only enable the build for the
architectures with the proper UEFI Secure Boot and TPM 2.0/TCG
protocol support: aarch64 x86_64 riscv64
* Tue Sep 19 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.7.0
+ firstboot: apply the grub.cfg change immediately
+ fde-tpm-helper for bootloader RPMs to update the sealed key
automatically
+ Fix the find command of 'make dist'
+ Clean up the repo
+ Make the system flags configurable
+ fde-tpm-helper: specify the bootloaders in %post
- Add two new subpackages for the bootloader RPMs to update the
sealed key: fde-tpm-helper and fde-tpm-helper-rpm-macros
- Remove ExclusiveArch and set the system directories for 'make'
and 'make install'
* Tue Aug 29 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.9
+ Redirect the firstboot messages to journald instead of a
standalone log file (bsc#1214581)
+ Update /boot/grub2/grub.cfg at the end of firstboot to reflect
the LUKS key change
+ Update the version automatically
+ Add 'cryptsetup' to 'make dist'
+ Fix the version in fde.sh
- Update the download URL
* Thu Aug 24 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.8
+ Improve the LUKS partition detection to support LUKS over LVM
- Remove openssl and tpm2-0-tss-devel from BuildRequires since all
TPM related programs are already in pcr-oracle
- Add util-linux-systemd to Requires for 'lsblk'
* Fri Aug 18 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.7
+ Check failure of authorized policy creation
+ Additional check for recovery password
- Drop upstreamed patch
+ fde-tools-handle-authorized-policy-failure.patch
* Thu Jul 27 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-handle-authorized-policy-failure.patch handle the
failure of authorized policy creation
* Thu Jul 20 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.6
+ Avoid cleaning the temp directory when calling tpm_test
+ firstboot/fde: use functions as the aliases for bootloader
functions
+ firstboot/fde: always regenerate initrd
+ firstboot/fde: use authorized policy by default
+ Support devices other than the root partition
- Drop upstreamed patches
+ fde-tools-avoid-cleaning-temp-dir.patch
+ fde-tools-fix-bootloader-func.patch
+ fde-tools-force-dracut.patch
+ fde-tools-enable-authpol-in-firstboot.patch
* Thu Jul 13 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-enable-authpol-in-firstboot.patch to enable
authorized policy in the firstboot script
* Fri Jul 07 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-fix-bootloader-func.patch
+ Define the bootloader specific functions in the firstboot
script since the aliases are not expanded
- Add fde-tools-force-dracut.patch
+ Always regenerate initrd
* Tue Jul 04 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-avoid-cleaning-temp-dir.patch to avoid cleaning
the temp directory when calling tpm_test
* Tue Jul 04 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.5
+ LUKS2 keyslot management with the grub-tpm2 token
+ Replace mkinitrd with dracut
* Wed Jun 14 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.4
+ Add man page and bash completion support
+ Switch to TPM 2.0 Key File for grub2
+ Update the installation paths
+ Enable authorized policy by default
+ Implement 'tpm-disable' command (bsc#1208834)
- Add a subpackage: fde-tools-bash-completion
- Use 'tpm-activate' in the systemd service file
- Add help2man to BuildRequires
- Drop the upstreamed patches
+ fde-tools-tpm2.0-key-file-support.patch
+ fde-tools-fix-paths.patch
+ fde-tools-set-stop-event-for-tpm_authorize.patch
+ fde-tools-enable-authorized-policy-by-default.patch
+ fde-tools-reduce-iterations.patch
+ fde-tools-set-grub.cfg-as-stop-event.patch
* Thu Jun 08 2023 Gary Ching-Pang Lin <glin@suse.com>
- Fix the path in fde-tools.service
* Wed Jun 07 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-tpm2.0-key-file-support.patch to support TPM 2.0
Key File for grub2
- Bump the required pcr-oracle version to 0.4.5 for the TPM 2.0 Key
File support
- Add fde-tools-reduce-iterations.patch to reduce the iterations
for the key created by luks_add_random_key
- Add fde-tools-set-grub.cfg-as-stop-event.patch to set grub.cfg as
the stop event for the PCR prediction
- Add fde-tools-enable-authorized-policy-by-default.patch to switch
FDE_USE_AUTHORIZED_POLICIES to yes
* Tue Jun 06 2023 Marcus Meissner <meissner@suse.com>
- remove dracut and jeos-firstboot from buildrequires, just specify
the directory.
* Wed May 17 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-fix-paths.patch to fix the installation paths
- Using the tarball from the github repo
- Remove %clean
* Fri Apr 21 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update project URL
* Tue Mar 28 2023 Gary Ching-Pang Lin <glin@suse.com>
- Apply fde-tools-set-stop-event-for-tpm_authorize.patch correctly
* Mon Mar 06 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-set-stop-event-for-tpm_authorize.patch to set the
stop event when signing the authorized policy
* Wed Mar 01 2023 Olaf Kirch <okir@suse.com>
- firstboot/fde: ensure that aliases get expanded in shell scripts
This is needed to make the bootloader_foo -> grub2_foo function
name expansion work
* Tue Feb 28 2023 Olaf Kirch <okir@suse.com>
- Updated to version 0.6.3
- Fix a bug introduced by the recent change in tempdir handling
* Mon Jan 09 2023 Olaf Kirch <okir@suse.com>
- Updated to version 0.6.2
- Several patches that were added last-minute for the December
snapshot have been folded back into git.
- Implement first stab at authorized policies.
* Wed Dec 14 2022 Olaf Kirch <okir@suse.com>
- Fix several bugs in firstboot
* The approach for reading the initial FDE pass phrase
from /etc/default/grub is not supported in kiwi yet,
so work around that
* The kiwi KVM images have a strange EFI boot path that
does not contain a File component. Try to work
around that.
* shim-install behaves differently between kiwi image build time
and the installed system. Work around.
* Tue Dec 13 2022 Alberto Planas Dominguez <aplanas@suse.com>
- Fix source URL
* Tue Dec 13 2022 Olaf Kirch <okir@suse.com>
- Fix the fde-tpm-enroll.service file
* Mon Dec 12 2022 Olaf Kirch <okir@suse.com>
- Updated to version 0.6.1
- Fix tpm-enable subcommand
- Add new add-secondary-key subcommand
- Add a systemd unit file that triggers on the presence of the
key file written by d-installer
* Wed Dec 07 2022 Olaf Kirch <okir@suse.com>
- Updated to version 0.6
- pcr-oracle is now a standalone project and package
- Split off the jeos-firstboot stuff into a binary package of its own,
because bare metal installations do not need it
- Refactoring the scripts
- Folded Gary's patches into git.
* Fri Oct 14 2022 Gary Ching-Pang Lin <glin@suse.com>
- Add bsc1204037-mokutil-check-sb-state.patch to check the
SecureBoot state with mokutil (bsc#1204037)
* Thu Oct 13 2022 Gary Ching-Pang Lin <glin@suse.com>
- Add bsc1204037-update-grub.cfg-for-pw-only.patch to update
grub.cfg when the user only chooses the pass phrase to encrypt
the disk. (bsc#1204037)
* Fri Sep 30 2022 Dirk Müller <dmueller@suse.com>
- add build support for other architectures
- spec file clean ups
* Fri Sep 16 2022 Olaf Kirch <okir@suse.com>
- Move the (shipped) keyfile into /root to avoid issues with r/o root
* Tue Sep 13 2022 Olaf Kirch <okir@suse.com>
- Introduce a specific unit script that takes care of mounting root
early (to avoid conflicts with ignition).
* Mon Aug 29 2022 Olaf Kirch <okir@suse.com>
- Make the firstboot workflow smarter (offer different key protectors)
* Mon Aug 15 2022 Olaf Kirch <okir@suse.com>
- Fixed typo of tpm2_key_protector_clear
* Mon Aug 15 2022 Olaf Kirch <okir@suse.com>
- Renamed to fde-tools-0.1
- included firstboot stuff
* Tue Jul 26 2022 Olaf Kirch <okir@suse.com>
- Initial build as package pcr-oracle
/usr/share/jeos-firstboot /usr/share/jeos-firstboot/modules /usr/share/jeos-firstboot/modules/fde
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Apr 18 23:22:23 2024