������trousers-0.3.15-150400.3.3.19���������������������������������������������������������������������<���>�������,���������������������������������������������������N�����fp9|�����nt�PO!8.[6(Iݪ(R"1A�s'�Z2B"O*�X�)-C*/���S/�˫}�
-wR1"�cwPX�
ٔ8֕l+d��r].EL;
&R\C�$?| �)rRxVDǭ
mgqW�Ly}��Lm䮋d�,/��Y~�_4P�Upi
A'T/ݮgT�
Q�.P���>��������������������H��3���?������3�������d��������������������������������������������������������������� ��� ���������� ���V������������������������������������������������������������������������%��������������F��������������S���������� ���i��������������������������������������������������������������������������������������&��������������
#���������������d���������������������� ��������������
�����������������������l�����������������������
������� ���������������x������������������������������Q���������������x���������������������������������������������L����������������������(��������������8�����������
���9�������(���
���:�����������
���=������'�������>������'�������?������'�������@������'�������F������'�������G������'�������H������(,�������I������(�������X������(�������Y������(�������\������(�������]������)@�������^������*P�������b������+!�������c������+�������d������,M�������e������,R�������f������,U�������l������,W�������u������,l�������v������,�������w������.X�������x������.�������y������/��������z������/ �������������/0�������������3Q�������������3\�������������3`�������������3f�������������3����C�trousers�0.3.15�150400.3.3.19�TSS (TCG Software Stack) access daemon for a TPM chip�The trousers package provides a TSS implementation through the help of
a user-space daemon, the tcsd, and a library Trousers aims to be
compliant to the 1.1b and 1.2 TSS specifications as available from the
Trusted Computing website http://www.trustedcomputinggroup.org/.
The package needs the /dev/tpm device file to be present on your
system. It is a character device file major 10 minor 224, 0600 tss:tss.����fibs-power9-18�����)�SUSE Linux Enterprise 15�SUSE LLC �BSD-3-Clause�https://www.suse.com/�Productivity/Security�http://trousers.sourceforge.net/�linux�ppc64le�/usr/bin/getent group tss >/dev/null || /usr/sbin/groupadd -g 98 tss || :
/usr/bin/getent passwd tss >/dev/null || \
/usr/sbin/useradd -u 98 -o -g tss -s /bin/false -c "TSS daemon" \
-d /var/lib/tpm tss || :
if [ -x /usr/bin/systemctl ]; then
test -n "$FIRST_ARG" || FIRST_ARG="$1"
[ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || :
for service in tcsd.service ; do
sysv_service=${service%.*}
if [ ! -e /usr/lib/systemd/system/$service ] &&
[ ! -e /etc/init.d/$sysv_service ]; then
mkdir -p /run/systemd/rpm/needs-preset
touch /run/systemd/rpm/needs-preset/$service
elif [ -e /etc/init.d/$sysv_service ] &&
[ ! -e /var/lib/systemd/migrated/$sysv_service ]; then
/usr/sbin/systemd-sysv-convert --save $sysv_service || :
mkdir -p /run/systemd/rpm/needs-sysv-convert
touch /run/systemd/rpm/needs-sysv-convert/$service
fi
done
fi�
if [ -x /usr/bin/systemctl ]; then
test -n "$FIRST_ARG" || FIRST_ARG="$1"
[ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || :
if [ "$YAST_IS_RUNNING" != "instsys" ]; then
/usr/bin/systemctl daemon-reload || :
fi
for service in tcsd.service ; do
sysv_service=${service%.*}
if [ -e /run/systemd/rpm/needs-preset/$service ]; then
/usr/bin/systemctl preset $service || :
rm "/run/systemd/rpm/needs-preset/$service" || :
elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then
/usr/sbin/systemd-sysv-convert --apply $sysv_service || :
rm "/run/systemd/rpm/needs-sysv-convert/$service" || :
touch /var/lib/systemd/migrated/$sysv_service || :
fi
done
fi
/usr/bin/udevadm trigger -s tpm || :
# bsc#1164472: adjust potential root ownership to allow tcsd to open the file
# as unprivileged user. Be careful not to follow a symlink target.
system_data=/var/lib/tpm/system.data
if [ -e "${system_data}" ]; then
chown --no-dereference tss:tss /var/lib/tpm/system.data
fi�
test -n "$FIRST_ARG" || FIRST_ARG="$1"
if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then
# Package removal, not upgrade
/usr/bin/systemctl --no-reload disable tcsd.service || :
(
test "$YAST_IS_RUNNING" = instsys && exit 0
test -f /etc/sysconfig/services -a \
-z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services
test "$DISABLE_STOP_ON_REMOVAL" = yes -o \
"$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0
/usr/bin/systemctl stop tcsd.service
) || :
fi�
test -n "$FIRST_ARG" || FIRST_ARG="$1"
if [ $1 -eq 0 ]; then
# Package removal
for service in tcsd.service ; do
sysv_service="${service%.*}"
rm -f "/var/lib/systemd/migrated/$sysv_service" || :
done
fi
if [ -x /usr/bin/systemctl ]; then
/usr/bin/systemctl daemon-reload || :
fi
if [ "$FIRST_ARG" -ge 1 ]; then
# Package upgrade, not uninstall
if [ -x /usr/bin/systemctl ]; then
(
test "$YAST_IS_RUNNING" = instsys && exit 0
test -f /etc/sysconfig/services -a \
-z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services
test "$DISABLE_RESTART_ON_UPDATE" = yes -o \
"$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0
/usr/bin/systemctl try-restart tcsd.service
) || :
fi
fi�������������.����������������\�����W�������"����#���]������~����������^���^����A큤A큤A��������������������������������������������ffffff^S_L^S^S^S^S^S^S^S^Sfۿfۿf^S^Sfeb009b7d1132ac33411e8f838c7e272606c8dd1d8944bc8b82ee28f9114e82fc�c56f762ff401646eae0b25769c79234e22cabea3e3b4f4c7bc581a23787b36f4�4b635e9ae00264cd370fc62921814265679e2a15fa6d6ebbd468e40f00af48f4��a98151c3a0e3a8859cc7cb647b1381d8d51d5e0adcee4d29ba44fbb56306d918��fa066fc32ac644d28c5ae56f62feae0e3b8639565dccad1cc4345dc71577970f�fccf2c7a906ae571849fc1bacd98f3e070e4da85b2ec6e937aa45ca1323b55ef�1ad596d12e7471549663c03e280b5b5d084a2e853fb86e4d766109818f9d7dae�4a6bf595610b97b05728f4615d54faf290fac3f8bef836a5d919de070f3cecc4�842cff0de213dbcbe03bdcc03c3dcfaa48e03bf45eea9d18e970cef4411f4458�686e9d62dea2df5433d4a435602c3e0522b3bb68a2e75c39c80552d6bdddd948�e10fd3096b3fca327b01803d91959817028371fe8d9e1970256bc56aeb1bdc11�38547b7d669844a1d7d5b9075872b6f5117996c0a21d78e383e79ce7eaedb8c0�7ef598700d70a9cd14ba28950c7b048cf21ec2ac2297013e5789830b58ffe8ba�f09355ad0bc2e91d802c18654c2b9219ac1a26cab805879a784eb8a030e02c43�7cef9d8224b158378505c02b77fcdaa05a2f9ecc1552e95ad6d71b5ea96b6902�19a3b32565147e2a9d085f67d3c83fd4b93dad037fb966cb0cc5499d8fa6a568��d7c26f86aeb0e601cd2358475047161b619bb46872f84569448031f3649619e3�5e3194d734c81d99d6cb679ed5c24ac97652b068ff12eed215e1ce382a4fb7dc�����service������������������������������������������������������������������������������������������������������������root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�tss�tss�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�tss�trousers-0.3.15-150400.3.3.19.src.rpm��config(trousers)�trousers�trousers(ppc-64)��������������� �������������������@���@���@���@���@���@��������
���
���
���
����/bin/sh�/bin/sh�/bin/sh�/bin/sh�/bin/sh�config(trousers)�coreutils�coreutils�libc.so.6()(64bit)�libc.so.6(GLIBC_2.17)(64bit)�libcrypto.so.1.1()(64bit)�libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)�libpthread.so.0()(64bit)�libpthread.so.0(GLIBC_2.17)(64bit)�pwdutils�rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�udev������0.3.15-150400.3.3.19����������3.0.4-1�4.6.0-1�4.0-1�5.2-1��4.14.3���f�@a\>@^˳@]�[GXh@W,@U�@U�/@Smatthias.gerstner@suse.com�matthias.gerstner@suse.com�matthias.gerstner@suse.com�matthias.gerstner@suse.com�matthias.gerstner@suse.com�mailaender@opensuse.org�jengelh@inai.de�crrodriguez@opensuse.org�mpluskal@suse.com�meissner@suse.com�- fix runtime requirements for stat and udevadm (bsc#1221770). On minimal
systems this can cause the %pretrans or %post scriptlets to fail because of
missing tools.�- update to new upstream version 0.3.15 (jira#SLE-18269):
- Corrected mutliple security issues that existed if the tcsd is started by
root instead of the tss user. CVE-2020-24332, CVE-2020-24330, CVE-2020-24331
- Replaced use of _no_optimize with asm memory barrier
- Fixed multiple potential instances of use after free memory handling
- Removed unused global variables which caused build issue on some distros
- drop bsc1164472.patch: now contained in upstream tarball
- adjusted %setup macro invocation which seemed to be wrong�- fix a potential tss user to root privilege escalation when running tcsd
(bsc#1164472). To do this run tcsd as the 'tss' user right away to prevent
badly designed privilege drop and initialization code to run.
- add bsc1164472.patch: additionally harden operation of tcsd when running as
root. No longer follow symlinks in /var/lib/tpm. Drop gid to tss main group.
require /etc/tcsd.conf to be owned by root:tss mode 0640.�- Fix a local symlink attack problem with the %posttrans scriptlet
(bsc#1157651, CVE-2019-18898). A rogue tss user could have used this attack
to gain ownership of arbitrary files in the system during
installation/update of the trousers package.�- fix wrong installation of system.data.{auth,noauth} into /var/lib/tpm. These
files are only sample files that *can* be used to fake that ownership was
already taken by trousers, when other TPM stacks did that already. These
files should not be there by default. Therefore install them into
/usr/share/trousers instead, to allow the user to use them at his own
discretion (fixes bsc#1111381).
- implement a backup and restore logic for /var/lib/tpm/system.data.* to
prevent removal of validly stored trousers state during update.�- Update to version 0.3.14 (see ChangeLog) (FATE#321450)�- Check for user/group existence before attempting to add them,
and remove error suppression from these calls.
- Avoid runtime dependency on systemd, the macros can all deal with
its absence.�- Force GNU inline semantics, fixes build with GCC5�- Cleanup spec-file with spec-cleaner
- Update prerequires
- Use systemd unit file
* replace tcsd.init with tcsd.service�- updated to trousers 0.3.13 (bnc#881095 LTC#111124)
- Changed exported functions which had a name too common, to avoid
collision
- Assessed daemon security using manual techniques and coverity
- Fixed major security bugs and memory leaks
- Added debug support to run tcsd with a different user/group
- Daemon now properly closes sockets before shutting down
* TROUSERS_0_3_12
- Added new network code for RPC, which supports IPv6
- Users of client applications can configure the hostname of the tcsd
server they want to connect through the TSS_TCSD_HOSTNAME env var
(only works if application didn't set a hostname in the context)
- Added disable_ipv4 and disable_ipv6 config options for server
- removed trousers-wrap_large_key_overflow.patch: upstream
- removed trousers-0.3.11.2.diff: solved upstream now�/bin/sh�/bin/sh�/bin/sh�/bin/sh�ibs-power9-18 1721031619����������������������������������������������������������������������������������������������������������������������������� ���
�����������
������������������������������������������������������������������������0.3.15-150400.3.3.19�0.3.15-150400.3.3.19�0.3.15-150400.3.3.19��������������������������������������������������������������������������������� ��� ���
tcsd.conf�tcsd.service�91-trousers.rules�rctcsd�tcsd�trousers�AUTHORS�ChangeLog�LICENSE�LTC-TSS_LLD_08_r2.pdf�LTC-TSS_LLD_08_r2.sxw�NICETOHAVES�README�README.selinux�TODO�TSS_programming_SNAFUs.txt�tcsd.conf.5.gz�tcsd.8.gz�trousers�system.data.auth�system.data.noauth�tpm�/etc/�/usr/lib/systemd/system/�/usr/lib/udev/rules.d/�/usr/sbin/�/usr/share/doc/packages/�/usr/share/doc/packages/trousers/�/usr/share/man/man5/�/usr/share/man/man8/�/usr/share/�/usr/share/trousers/�/var/lib/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.suse.de/SUSE:Maintenance:33188/SUSE_SLE-15-SP4_Update/159c6189c2888e1f144b776f98e388d1-trousers.SUSE_SLE-15-SP4_Update�drpm�xz�5�ppc64le-suse-linux�������������������������������������������������������������������������������������������ASCII text��ELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=de7e051e7eb7a13d2175471e35c3721bb3b65057, for GNU/Linux 3.10.0, stripped�directory�ASCII text, with no line terminators (OpenOffice.org 1.x Writer document)�troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������R���R��
R�� R���R��
R����&�I&Rf`}�s# this scriplet and the counterpart in %posttrans work around a packaging bug
# that was present in all trousers packages since around 2008 until 2018.
# /var/lib/tpm/system.data.* was wrongly packaged as runtime state data
# instead of package resource data in /usr/share. After removal of these files
# from packaging, during updating they will be deleted. Since users could have
# created their own versions of the files already (by taking ownership of a
# TPM) we want to keep those files in place.
#
# to achieve this we use the ownership of /var/lib/tpm as an indicator.
# Versions that still wrongly package those files also had the ownership of
# the directory wrong. Therefore if the directory is not owned by the tss user
# we apply a backup and restore logic.
[ ! -d "/var/lib/tpm" ] && exit 0
OWNER=`/usr/bin/stat -c "%U" "/var/lib/tpm"`
[ "$OWNER" = "tss" ] && exit 0
for data in system.data.auth system.data.noauth; do
file="/var/lib/tpm/${data}"
[ ! -e "$file" ] && continue
cp -p $file ${file}.rpmsave
echo "saving backup of $file"
done�/bin/sh��������utf-8�2f3a6193a4d8a4e058f55ebb0406e214e921982174f0ff9152f335e3d9f3b6a2���������?��������7zXZ��
���!�����t/8&�R]�"��k%{f60c>ͱ�;jA�mQ��"������E��؈ e�p�f�6깘ˏ^�v�H]T���+rQiGl:))ΟU!>̈xC`�mp�שsb�;1|3# Yk�{0�IB{f�0�9�`26.�j1Mu.WZS�Z}�8P�jQ'��}zN"{wZ��P��;Ŝ@i&Dc"�M�߲ڣ%=Yۥ7>gykR�w6�cA��k)%\�GpIY`t4ʟ'�U.@c<Ϳ#l;2m_�$W˹%<8r�x� Z��|yHf�i6WP9XzH��v�$e?j�ʪKO~re{l�;X�*;t�|�3Jly?l;Tañ9\n$,; '�y
1wD
R|mpU06
v:x8��GY+ڛW!({JC*R9hxT8��V�Ril�\�MPFۄUd1)�:���cA\�$۞�^�"$�۪�Z����QU+|e��-n
к����[J��]ꈯ;�6lvOpgqdLz+d<.l'�T/�G EQ�}7J ��D�E�q�%# s�9" !2o��``y�h�-��j�W�#Oy�s�^^ńU3�$z=�]Vr8A�CW4N� Q=oFT䟢pK,Ii��gcInì߶;Gd jKٮ,�V�xh-=0"C!��L�q�b(�p�Ew��T眺̢}~k
5Pi�C�xvm�GFW�@hᕱͬ�2?D��_6_-2ì`},3E�[>[Lww�n+-k>,V�F�_1m&�>�oQ*�|g�:)NsE�Z=$<#cH��ϐ��_؛d��oN'�A}�k��M�:g$ymϽ̇v� Nwa˼A�&K=Fܵ=D%L1SNz
Z7emn�Ȭ72Nf?�f�ƬR�1F=
ˤ^v'V�yOEj�,�_g�,^�x&C p'a%](IL6��oN�dJ�tqѠQf{ckD}35W||�(w_S8�hbU�l#EJ?K�c�7���oD3ɀ*e�tTL";U5w�eUEߛi�QA-YdBz䛿|�;-�C�`w JL�g���dҴbQ5 �P,D>�a_G�$A˒~&Jz�r7gQQi$S>4Kn�>[�&{c�R�G�F)"z�]};.vQק+SmI@;��_d]1cN�V<�TqjzM4G�}�Lsǀ'DonCc^��S�
�:,�$ �⽉w
bM+٥�5tF�"e&$
}CGQ�\�|v*]�@U/ű�e��qU�[r�sͬ^H7yT^RFVYLH&O���ί�͋Qc�6�D|YACq�uH�,���**�<"�b-G0ZŦqO;51"N$#u���T��To�2-�H?(&v-lt�1#-�Wtk䦪� =$��ʘ 9a�&?=rc��3G8T�:$h:�!~��7hՆs܁�nJЃzrevmx&{�����#;0bN�s;.
�hx q�w �8�xA8ES=zS{zsl5RP�,d]F�-yZ>9V`�mD ڤ~ji�l�2v!,�KtBB=Dn�]�'�
u`l�c#�A�*o7y��Dx%ԫ)A.,8Cba�Rľ}�LR5@K9
(}[�,ǜal!ag��iSiQ2�.2��5�S��6uf5f.Djѓ t>
qyD:K�&�6y˺Y;,_[}��e6](lj\.���[.}e̜7_KM�Mc&�r(λ)2[)MI�vn*<�#�5t5pf�TŲF/2�`I�5�?I::44NWm&Bkj�֧
`XȻ]Ԙo@@/"5xa
x�{,2ҡ;?Dڱf@�5Y
`�,q <)K^pn1P%<ㅆZ|�lugMM?�u�9�"eyCIezЩ\�^�:ja>
?j �?�^wVWBst:}txv8rU�Nl 8+K̔p�M|n�Q!#2ХL�/��}�[�SH5/�9�K�4�H�@ǦO�Ho ?�/#8��m%\~B{@K^-AMcz`F��\ �AR�Z��v>�+�j>јic�;v-rpŸ��Cȁs1ջV`2}V��f�4�oLv?(> m�`s�LJ^p꒗]U̽;J1Vσ�8�w{0�/CoB,�^GJQVWUi�{|N~wY{fu-dQs>S[h�.YF�H�>AnvL�'rs9Ąfɘ4g.T�SAS3uWûKʺwŵt'�͍H�VVEl�(2Gy*X�U�eA`yk%j�̊�tW�?��(u�� ϺB�g?l,%ѹ�C#el+/��qI [ҏޠ:";=f4�\]�*̾�3rdAGͅ���T>.�kj7
E�#�l `��m� iP0/�S
�X+o=)փXtXwv;��C>9cR��\=�
e1�5X|<Q�E=4K֣WKߐP�ݮ:
,n*1!@gֳ,
p�Ű<^&j�L!RѤ�$R��#�[#F�"�EF@<�%�'aWW��٥IynE>�F�ޞde;3f-�Wҍ� �;X�V��$��+b� D/QӴe\ {SJ
~n�k�7l���~�Aȣ�T�z1��ay��-p��A������
YZ