trousers-0.3.15-150600.10.3.1<>,DDgp9|k6H*W+~{lluyT׉loO?%^I{}2\fG4itr!+6,)%ª-D1rozt0p"jϾ%g7jm$[ķIxY[RKefXBxi!ż27 '8e&䤄Y̽Uc诏w\g4C:iljC>H1?1d   V!BO e{ e b $ P  > \! 8(8 9 : =%>%?%@%F%G%H&,I&X&Y&\&]'@^(P b)!c)d*Me*Rf*Ul*Wu*hv*w,<x,y, z--,1M1X1\1b1Ctrousers0.3.15150600.10.3.1TSS (TCG Software Stack) access daemon for a TPM chipThe trousers package provides a TSS implementation through the help of a user-space daemon, the tcsd, and a library Trousers aims to be compliant to the 1.1b and 1.2 TSS specifications as available from the Trusted Computing website http://www.trustedcomputinggroup.org/. The package needs the /dev/tpm device file to be present on your system. It is a character device file major 10 minor 224, 0600 tss:tss.gs390zp34 SUSE Linux Enterprise 15SUSE LLC BSD-3-Clausehttps://www.suse.com/Productivity/Securityhttp://trousers.sourceforge.net/linuxs390x/usr/bin/getent group tss >/dev/null || /usr/sbin/groupadd -g 98 tss || : /usr/bin/getent passwd tss >/dev/null || \ /usr/sbin/useradd -u 98 -o -g tss -s /bin/false -c "TSS daemon" \ -d /var/lib/tpm tss || : if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in tcsd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi [ -x /usr/bin/udevadm ] && /usr/bin/udevadm control --reload || : if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in tcsd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi /usr/bin/udevadm trigger -s tpm || : # bsc#1164472: adjust potential root ownership to allow tcsd to open the file # as unprivileged user. Be careful not to follow a symlink target. system_data=/var/lib/tpm/system.data if [ -e "${system_data}" ]; then chown --no-dereference tss:tss /var/lib/tpm/system.data fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable tcsd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop tcsd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in tcsd.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart tcsd.service ) || : fi fi.\W"#]~^^A큤A큤Agggggg^S_L^S^S^S^S^S^S^S^Sggg^S^Sgeb009b7d1132ac33411e8f838c7e272606c8dd1d8944bc8b82ee28f9114e82fcc56f762ff401646eae0b25769c79234e22cabea3e3b4f4c7bc581a23787b36f44b635e9ae00264cd370fc62921814265679e2a15fa6d6ebbd468e40f00af48f4b0b4f07c571f7cba001f1d7af08343409b24b8a2f14e1a09891f38c4053786abfa066fc32ac644d28c5ae56f62feae0e3b8639565dccad1cc4345dc71577970ffccf2c7a906ae571849fc1bacd98f3e070e4da85b2ec6e937aa45ca1323b55ef1ad596d12e7471549663c03e280b5b5d084a2e853fb86e4d766109818f9d7dae4a6bf595610b97b05728f4615d54faf290fac3f8bef836a5d919de070f3cecc4842cff0de213dbcbe03bdcc03c3dcfaa48e03bf45eea9d18e970cef4411f4458686e9d62dea2df5433d4a435602c3e0522b3bb68a2e75c39c80552d6bdddd948e10fd3096b3fca327b01803d91959817028371fe8d9e1970256bc56aeb1bdc1138547b7d669844a1d7d5b9075872b6f5117996c0a21d78e383e79ce7eaedb8c07ef598700d70a9cd14ba28950c7b048cf21ec2ac2297013e5789830b58ffe8baf09355ad0bc2e91d802c18654c2b9219ac1a26cab805879a784eb8a030e02c437cef9d8224b158378505c02b77fcdaa05a2f9ecc1552e95ad6d71b5ea96b690219a3b32565147e2a9d085f67d3c83fd4b93dad037fb966cb0cc5499d8fa6a568d7c26f86aeb0e601cd2358475047161b619bb46872f84569448031f3649619e35e3194d734c81d99d6cb679ed5c24ac97652b068ff12eed215e1ce382a4fb7dcservicerootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottsstssrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottsstrousers-0.3.15-150600.10.3.1.src.rpmconfig(trousers)trouserstrousers(s390-64) @@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/sh/bin/shconfig(trousers)coreutilslibc.so.6()(64bit)libc.so.6(GLIBC_2.15)(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.32)(64bit)libc.so.6(GLIBC_2.33)(64bit)libc.so.6(GLIBC_2.34)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcrypto.so.3()(64bit)libcrypto.so.3(OPENSSL_3.0.0)(64bit)pwdutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)udev0.3.15-150600.10.3.13.0.4-14.6.0-14.0-15.2-14.14.3g@f4a\>@^˳@][GXh@W,@U@U/@meissner@suse.commatthias.gerstner@suse.commatthias.gerstner@suse.commatthias.gerstner@suse.commatthias.gerstner@suse.commatthias.gerstner@suse.commailaender@opensuse.orgjengelh@inai.decrrodriguez@opensuse.orgmpluskal@suse.com- make sure that udev workers have finished before daemon-reload (bsc#1231071 bsc#1236457)- fix runtime requirements for stat and udevadm (bsc#1221770). On minimal systems this can cause the %pretrans or %post scriptlets to fail because of missing tools.- update to new upstream version 0.3.15 (jira#SLE-18269): - Corrected mutliple security issues that existed if the tcsd is started by root instead of the tss user. CVE-2020-24332, CVE-2020-24330, CVE-2020-24331 - Replaced use of _no_optimize with asm memory barrier - Fixed multiple potential instances of use after free memory handling - Removed unused global variables which caused build issue on some distros - drop bsc1164472.patch: now contained in upstream tarball - adjusted %setup macro invocation which seemed to be wrong- fix a potential tss user to root privilege escalation when running tcsd (bsc#1164472). To do this run tcsd as the 'tss' user right away to prevent badly designed privilege drop and initialization code to run. - add bsc1164472.patch: additionally harden operation of tcsd when running as root. No longer follow symlinks in /var/lib/tpm. Drop gid to tss main group. require /etc/tcsd.conf to be owned by root:tss mode 0640.- Fix a local symlink attack problem with the %posttrans scriptlet (bsc#1157651, CVE-2019-18898). A rogue tss user could have used this attack to gain ownership of arbitrary files in the system during installation/update of the trousers package.- fix wrong installation of system.data.{auth,noauth} into /var/lib/tpm. These files are only sample files that *can* be used to fake that ownership was already taken by trousers, when other TPM stacks did that already. These files should not be there by default. Therefore install them into /usr/share/trousers instead, to allow the user to use them at his own discretion (fixes bsc#1111381). - implement a backup and restore logic for /var/lib/tpm/system.data.* to prevent removal of validly stored trousers state during update.- Update to version 0.3.14 (see ChangeLog) (FATE#321450)- Check for user/group existence before attempting to add them, and remove error suppression from these calls. - Avoid runtime dependency on systemd, the macros can all deal with its absence.- Force GNU inline semantics, fixes build with GCC5- Cleanup spec-file with spec-cleaner - Update prerequires - Use systemd unit file * replace tcsd.init with tcsd.service/bin/sh/bin/sh/bin/sh/bin/shs390zp34 1738925763 0.3.15-150600.10.3.10.3.15-150600.10.3.10.3.15-150600.10.3.1 tcsd.conftcsd.service91-trousers.rulesrctcsdtcsdtrousersAUTHORSChangeLogLICENSELTC-TSS_LLD_08_r2.pdfLTC-TSS_LLD_08_r2.sxwNICETOHAVESREADMEREADME.selinuxTODOTSS_programming_SNAFUs.txttcsd.conf.5.gztcsd.8.gztrouserssystem.data.authsystem.data.noauthtpm/etc//usr/lib/systemd/system//usr/lib/udev/rules.d//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/trousers//usr/share/man/man5//usr/share/man/man8//usr/share//usr/share/trousers//var/lib/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:37368/SUSE_SLE-15-SP6_Update/acab3358446069a4d3709cf4ea8d3d73-trousers.SUSE_SLE-15-SP6_Updatedrpmxz5s390x-suse-linuxASCII textELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, for GNU/Linux 3.2.0, BuildID[sha1]=2d8445ae1755a9890e35b3e700ba061fd2752a30, strippeddirectoryASCII text, with no line terminators (OpenOffice.org 1.x Writer document)troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix) RR RR RRRR R R RRrͱ;jA4K1qjAp -fXt>&Z oHfzU~|@S컧x01%7B}8Vb3;J^:fQ;$??S0,8[yFAzLUlL48R^IGv9=DDެ7$e+1Z4J}GR~Ayyc~.m= M} :Lj345r]uߧ~$:UK ){.)Zp{?4F2zzKU*yGO>*Tmd ;ve!lr8@Ecyr Tq.8)?:=X\7DP=l@mC0!ȶYy==suѹj7>ZE[zs^|pzi>H?b 5T̿0RxRfE"^tKl-'Aybq./>x  zki:ɦajԴ\hfBm:vbdOf)WEJgp\noJoF+ӳEAI*+徯x-a7dbguFʹ/"8^:h$P\攼*{̓Ik6Py^,RhKMGpa33r+5Pd^Ud  erU7T"&I:_p'8_sio/IOHfd30QH勐.aBLQf1ԙaEiA_cU9:l 0^x;CP]L XCaqݩhn;x{ E/YG[K? [cserL0 o Y4DEt$?$ Ggbm0au8r &jb̓A*$؃wb { ²(f ,:IZt8p]zIz^9fKIiДuOz^ FW\7.Z^ }]u1נV6і, mҟ: v`^Y{i:Zx)ӧ;n 9*BC=X<偻`畗a^^S9ҹWLWQXc@d&?̟U =(KJY25)p 74aQ*5߾j W|Qd-bPh`MJgۀ|rajSoxLW PEP0Z9C.ͻwFaI5eFuvt~ȲʮyJI&d0qrgf1kFW#ɑjƲSm~zJ"#55Wx }3 MM'@Сߝdu7=4  {~t-g ฬ.282Xc8y> d?=IޗKĝgliI$uJx Dw`o~E1kY4m0AF\*]q==1]:P>|S5Vx܋)^C-Msy:$ß`Xa9DayqAh3&gY;deϨZA-7a8pFΓ$/Z6^~G[+F[p0ky>)r A~MoLdOưrG{$]3djFȲږ0/gFARcEs̃v\gCb/ Pm2؅ƭR9^> xj =;,RǺzP^e" W(xV==tP#p\(V9?ۤ #[dk?Vcej\7s .I7C.hpzɢ1w"SC/ql9gTT= %M.%SP-W<5;Hث jRb6-floq=oH ;HΫ)pCݵJcg%%a {#bM𹮈>L?A|IHi!r(2n!CcKRhQu_T+ zSZq#[%%m|C6>58K ^ gB xod}lOxs@rc:5ʙ?,ؑe9Àa6 *}ӳWZrNCou64 KJ>50trilB.TQF/*)c UI]L;[vqK`"sZQC:`1Ģ/IG9u+GS~gq9;XaX벭`TphFU6L6D=_K"ɪ%3wgh.Nˆ#a'n쒊:Jy{9䪍wq[\i88J袯*t0faM;EF8"aw7[(>=@+[$Hv]PC{G:kan,eɓ@Q_d3!\%f<͊YpU^w YZ