From 0aa49b8e01ab893cfbf9144ef38cbd43a7c90d94 Mon Sep 17 00:00:00 2001 From: Itxaka Date: Thu, 24 Oct 2024 15:44:42 +0200 Subject: [PATCH] Fix services and binary location (#1121) --- packages/utils/keylime-agent/build.yaml | 12 +++++------ packages/utils/keylime-agent/definition.yaml | 2 +- .../utils/keylime-agent/keylime-agent.service | 20 +++++++++++++++++++ .../var-lib-keylime-secure.mount | 12 +++++++++++ 4 files changed, 39 insertions(+), 7 deletions(-) create mode 100644 packages/utils/keylime-agent/keylime-agent.service create mode 100644 packages/utils/keylime-agent/var-lib-keylime-secure.mount diff --git a/packages/utils/keylime-agent/build.yaml b/packages/utils/keylime-agent/build.yaml index 910e406e..caa00cac 100644 --- a/packages/utils/keylime-agent/build.yaml +++ b/packages/utils/keylime-agent/build.yaml @@ -8,24 +8,24 @@ env: prelude: - apt-get update && apt-get install -y git libclang-dev libssl-dev libtss2-dev libzmq3-dev pkg-config cargo make -- PACKAGE_VERSION=v${PACKAGE_VERSION%\+*} && git clone --depth=1 --branch ${PACKAGE_VERSION} https://github.com/${GITHUB_ORG}/${GITHUB_REPO} +- PACKAGE_VERSION=v${PACKAGE_VERSION%\-*} && git clone --depth=1 --branch ${PACKAGE_VERSION} https://github.com/${GITHUB_ORG}/${GITHUB_REPO} steps: # build - cd ${GITHUB_REPO} && RELEASE=1 TARGETDIR=/build make all # create target dirs for package -- mkdir -p /package/usr/local/bin/ +- mkdir -p /package/usr/bin/ - mkdir -p /package/etc/keylime/ - mkdir -p /package/etc/systemd/system/ - mkdir -p /package/usr/libexec/keylime/ # Copy binaries -- cp /build/release/keylime_agent /package/usr/local/bin/ -- cp /build/release/keylime_ima_emulator /package/usr/local/bin/ +- cp /build/release/keylime_agent /package/usr/bin/ +- cp /build/release/keylime_ima_emulator /package/usr/bin/ # copy default config - cp ${GITHUB_REPO}/keylime-agent.conf /package/etc/keylime/ # copy systemd services -- cp ${GITHUB_REPO}/dist/systemd/system/keylime_agent.service /package/etc/systemd/system/ -- cp ${GITHUB_REPO}/dist/systemd/system/var-lib-keylime-secure.mount /package/etc/systemd/system/ +- cp keylime-agent.service /package/etc/systemd/system/ +- cp var-lib-keylime-secure.mount /package/etc/systemd/system/ # Some kind of needed shim for a bug # Remove when https://github.com/keylime/rust-keylime/issues/325 is fixed - cp ${GITHUB_REPO}/keylime-agent/tests/actions/shim.py /package/usr/libexec/keylime/ diff --git a/packages/utils/keylime-agent/definition.yaml b/packages/utils/keylime-agent/definition.yaml index c445c9d5..563d0bdc 100644 --- a/packages/utils/keylime-agent/definition.yaml +++ b/packages/utils/keylime-agent/definition.yaml @@ -1,6 +1,6 @@ name: "keylime-agent" category: "utils" -version: "0.2.6" +version: "0.2.6-1" labels: github.repo: "rust-keylime" github.owner: "keylime" diff --git a/packages/utils/keylime-agent/keylime-agent.service b/packages/utils/keylime-agent/keylime-agent.service new file mode 100644 index 00000000..5139e2b7 --- /dev/null +++ b/packages/utils/keylime-agent/keylime-agent.service @@ -0,0 +1,20 @@ +[Unit] +Description=The Keylime compute agent +StartLimitInterval=10s +StartLimitIntervalSec=10 +StartLimitBurst=5 +Requires=var-lib-keylime-secure.mount +After=var-lib-keylime-secure.mount +After=network-online.target +Wants=network-online.target +ConditionPathExistsGlob=/dev/(tpm|tpmrm)[0-9]* + +[Service] +ExecStart=/usr/bin/keylime_agent +TimeoutSec=60s +Restart=on-failure +RestartSec=120s +Environment="RUST_LOG=keylime_agent=info" + +[Install] +WantedBy=default.target \ No newline at end of file diff --git a/packages/utils/keylime-agent/var-lib-keylime-secure.mount b/packages/utils/keylime-agent/var-lib-keylime-secure.mount new file mode 100644 index 00000000..427ba49e --- /dev/null +++ b/packages/utils/keylime-agent/var-lib-keylime-secure.mount @@ -0,0 +1,12 @@ +[Unit] +Description=Kelime configuration filesystem +Before=keylime-agent.service + +[Mount] +What=tmpfs +Where=/var/lib/keylime/secure +Type=tmpfs +Options=mode=0700,size=1m,uid=tss,gid=tss + +[Install] +WantedBy=multi-user.target \ No newline at end of file