| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: fde-tpm-helper-rpm-macros | Distribution: openSUSE Tumbleweed |
| Version: 0.7.3 | Vendor: openSUSE |
| Release: 5.1 | Build date: Tue Jul 29 09:32:53 2025 |
| Group: Development/Tools/Building | Build host: reproducible |
| Size: 627 | Source RPM: fde-tools-0.7.3-5.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://github.com/openSUSE/fde-tools | |
| Summary: RPM macros for fde-tools | |
This package contains the RPM macros for the bootloader packages to update the signature in the sealed key.
GPL-2.0-only
* Tue Jul 29 2025 Gary Ching-Pang Lin <glin@suse.com>
- Add the missing /var/log/fde (bsc#1247228)
* Tue Jul 22 2025 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1246464-use-default-uefi-boot-path.patch to
use the default EFI boot path if there is no FILE compoment in
in the boot entry (bsc#1246464)
* Wed Jun 11 2025 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1244323-firstboot-fix-lsinitrd.patch to fix the
empty LUKS header checksum from lsinitrd (bsc#1244323)
* Thu Jun 05 2025 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1243877-firstboot-remove-key-conf.patch to
remove the dracut conf for the key file to avoid the error from
dracut (bsc#1243877)
* Thu May 15 2025 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.7.3
+ Detect the supported RSA key size
+ Take snapshot when signing
+ Switch to "--target-platform" when available
+ Allow RPM_MACRO_DIR to be defined during build time
+ Fix naming and disable ccid
+ tpm: fix tpm-present with the newer pcr-oracle
+ firstboot: make "Pass phrase" mandatory
+ firstboot: disable FDE/TPM2 when secure boot is off
+ Conditional helper
+ firstboot: replace the key file path in crypttab
+ firstboot: add more alias bootloader functions
+ firstboot: detect the early reencryption
- Refresh fde-tools-firstboot-alp-snapshot.patch
- Drop merged patches
+ fde-tools-bsc1213945-set-rsa-key-size.patch
+ fde-tools-bsc1223771-firstboot-make-Pass-phrase-mandatory.patch
+ fde-tools-bsc1223002-firstboot-disable-ccid.patch
+ fde-tools-bsc1218181-replace-crypttab-key-path.patch
+ fde-tools-bsc1220160-conditional-requires.patch
+ fde-tools-change-rpm-macro-dir.patch
+ fde-tools-bsc1243166-firstboot-disable-tpm2-when-sb-is-off.patch
+ fde-tools-bsc1222970-firstboot-replace-ALP.patch
+ fde-tools-bsc1218390-fix-tpm-present-with-the-newer-pcr-oracle.patch
+ fde-tools-bsc1238593-firstboot-more-bootloader-functions.patch
+ fde-tools-bsc1218390-Switch-to-target-platform-when-available.patch
* Wed May 14 2025 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1243166-firstboot-disable-tpm2-when-sb-is-off.patch
to not skip the encryption process when Secure Boot is off
(bsc#1243166)
* Tue Mar 11 2025 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1238593-firstboot-more-bootloader-functions.patch
to define non-expanded functions for the firstboot script
(bsc#1238593)
* Fri Dec 06 2024 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Enable build on loongarch64
* Wed Jul 31 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1218181-replace-crypttab-key-path.patch to
change the key path in crypttab to avoid the unexpected error
(bsc#1218181)
* Fri Jun 07 2024 Gary Ching-Pang Lin <glin@suse.com>
- Update fde-tools-bsc1220160-conditional-requires.patch to
check fde-tpm-helper in %post and %posttrans
* Thu May 30 2024 Gary Ching-Pang Lin <glin@suse.com>
- Fix fde-tools-change-rpm-macro-dir.patch which didn't set
RPM_MACRO_DIR correctly
* Tue May 07 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1223771-firstboot-make-Pass-phrase-mandatory.patch
to make "pass" mandatory during firstboot (bsc#1223771)
* Fri Apr 19 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add patches to adopt the "--target-platform" option when using
the newer pcr-oracle (bsc#1218390)
+ fde-tools-bsc1218390-Switch-to-target-platform-when-available.patch
+ fde-tools-bsc1218390-fix-tpm-present-with-the-newer-pcr-oracle.patch
* Thu Apr 18 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1222970-firstboot-replace-ALP.patch to replace
"ALP" with "This system" (bsc#1222970)
- Add fde-tools-bsc1223002-firstboot-disable-ccid.patch to disable
the non-functional ccid option (bsc#1223002)
* Wed Mar 13 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add json-c to BuildRequires to build on openSUSE Leap 15.5
* Tue Mar 05 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-change-rpm-macro-dir.patch and set the rpm macro
directory correctly
- Make fde-firstboot, fde-tpm-helper, and fde-tpm-helper-rpm-macros
noarch
- Add fde-tools-bsc1220160-conditional-requires.patch to make
fde-tpm-helper a conditional "Requires" (bsc#1220160)
* Mon Feb 19 2024 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-bsc1213945-set-rsa-key-size.patch to set
the highest supported RSA key size (bsc#1213945)
* Mon Nov 06 2023 Dominique Leuenberger <dimstar@opensuse.org>
- Fix build with RPM 4.19: unnumbered patches are no longer
supported.
* Wed Nov 01 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.7.2
+ Add help output for the command tpm-authorize
+ Improve the multi-devices support
* Mon Oct 23 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.7.1
+ add-secondary-key: remove the generation of the secondary
password
+ add-secondary-key: remove the inclusion of
'add-secondary-password'
+ luks: list all underlying LUKS device
+ Introduce FDE_DEVS to list all LUKS devices
- Drop upstreamd patch
+ fde-tools-remove-redundant-2nd-pw-creation.patch
* Wed Oct 04 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-remove-redundant-2nd-pw-creation.patch to remove
the creation of the secondary password in 'add-secondary-key'
* Mon Oct 02 2023 Gary Ching-Pang Lin <glin@suse.com>
- Bring ExclusiveArch back and only enable the build for the
architectures with the proper UEFI Secure Boot and TPM 2.0/TCG
protocol support: aarch64 x86_64 riscv64
* Tue Sep 19 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.7.0
+ firstboot: apply the grub.cfg change immediately
+ fde-tpm-helper for bootloader RPMs to update the sealed key
automatically
+ Fix the find command of 'make dist'
+ Clean up the repo
+ Make the system flags configurable
+ fde-tpm-helper: specify the bootloaders in %post
- Add two new subpackages for the bootloader RPMs to update the
sealed key: fde-tpm-helper and fde-tpm-helper-rpm-macros
- Remove ExclusiveArch and set the system directories for 'make'
and 'make install'
* Tue Aug 29 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.9
+ Redirect the firstboot messages to journald instead of a
standalone log file (bsc#1214581)
+ Update /boot/grub2/grub.cfg at the end of firstboot to reflect
the LUKS key change
+ Update the version automatically
+ Add 'cryptsetup' to 'make dist'
+ Fix the version in fde.sh
- Update the download URL
* Thu Aug 24 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.8
+ Improve the LUKS partition detection to support LUKS over LVM
- Remove openssl and tpm2-0-tss-devel from BuildRequires since all
TPM related programs are already in pcr-oracle
- Add util-linux-systemd to Requires for 'lsblk'
* Fri Aug 18 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.7
+ Check failure of authorized policy creation
+ Additional check for recovery password
- Drop upstreamed patch
+ fde-tools-handle-authorized-policy-failure.patch
* Thu Jul 27 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-handle-authorized-policy-failure.patch handle the
failure of authorized policy creation
* Thu Jul 20 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.6
+ Avoid cleaning the temp directory when calling tpm_test
+ firstboot/fde: use functions as the aliases for bootloader
functions
+ firstboot/fde: always regenerate initrd
+ firstboot/fde: use authorized policy by default
+ Support devices other than the root partition
- Drop upstreamed patches
+ fde-tools-avoid-cleaning-temp-dir.patch
+ fde-tools-fix-bootloader-func.patch
+ fde-tools-force-dracut.patch
+ fde-tools-enable-authpol-in-firstboot.patch
* Thu Jul 13 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-enable-authpol-in-firstboot.patch to enable
authorized policy in the firstboot script
* Fri Jul 07 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-fix-bootloader-func.patch
+ Define the bootloader specific functions in the firstboot
script since the aliases are not expanded
- Add fde-tools-force-dracut.patch
+ Always regenerate initrd
* Tue Jul 04 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-avoid-cleaning-temp-dir.patch to avoid cleaning
the temp directory when calling tpm_test
* Tue Jul 04 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.5
+ LUKS2 keyslot management with the grub-tpm2 token
+ Replace mkinitrd with dracut
* Wed Jun 14 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update to version 0.6.4
+ Add man page and bash completion support
+ Switch to TPM 2.0 Key File for grub2
+ Update the installation paths
+ Enable authorized policy by default
+ Implement 'tpm-disable' command (bsc#1208834)
- Add a subpackage: fde-tools-bash-completion
- Use 'tpm-activate' in the systemd service file
- Add help2man to BuildRequires
- Drop the upstreamed patches
+ fde-tools-tpm2.0-key-file-support.patch
+ fde-tools-fix-paths.patch
+ fde-tools-set-stop-event-for-tpm_authorize.patch
+ fde-tools-enable-authorized-policy-by-default.patch
+ fde-tools-reduce-iterations.patch
+ fde-tools-set-grub.cfg-as-stop-event.patch
* Thu Jun 08 2023 Gary Ching-Pang Lin <glin@suse.com>
- Fix the path in fde-tools.service
* Wed Jun 07 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-tpm2.0-key-file-support.patch to support TPM 2.0
Key File for grub2
- Bump the required pcr-oracle version to 0.4.5 for the TPM 2.0 Key
File support
- Add fde-tools-reduce-iterations.patch to reduce the iterations
for the key created by luks_add_random_key
- Add fde-tools-set-grub.cfg-as-stop-event.patch to set grub.cfg as
the stop event for the PCR prediction
- Add fde-tools-enable-authorized-policy-by-default.patch to switch
FDE_USE_AUTHORIZED_POLICIES to yes
* Tue Jun 06 2023 Marcus Meissner <meissner@suse.com>
- remove dracut and jeos-firstboot from buildrequires, just specify
the directory.
* Wed May 17 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-fix-paths.patch to fix the installation paths
- Using the tarball from the github repo
- Remove %clean
* Fri Apr 21 2023 Gary Ching-Pang Lin <glin@suse.com>
- Update project URL
* Tue Mar 28 2023 Gary Ching-Pang Lin <glin@suse.com>
- Apply fde-tools-set-stop-event-for-tpm_authorize.patch correctly
* Mon Mar 06 2023 Gary Ching-Pang Lin <glin@suse.com>
- Add fde-tools-set-stop-event-for-tpm_authorize.patch to set the
stop event when signing the authorized policy
* Wed Mar 01 2023 Olaf Kirch <okir@suse.com>
- firstboot/fde: ensure that aliases get expanded in shell scripts
This is needed to make the bootloader_foo -> grub2_foo function
name expansion work
* Tue Feb 28 2023 Olaf Kirch <okir@suse.com>
- Updated to version 0.6.3
- Fix a bug introduced by the recent change in tempdir handling
* Mon Jan 09 2023 Olaf Kirch <okir@suse.com>
- Updated to version 0.6.2
- Several patches that were added last-minute for the December
snapshot have been folded back into git.
- Implement first stab at authorized policies.
* Wed Dec 14 2022 Olaf Kirch <okir@suse.com>
- Fix several bugs in firstboot
* The approach for reading the initial FDE pass phrase
from /etc/default/grub is not supported in kiwi yet,
so work around that
* The kiwi KVM images have a strange EFI boot path that
does not contain a File component. Try to work
around that.
* shim-install behaves differently between kiwi image build time
and the installed system. Work around.
* Tue Dec 13 2022 Alberto Planas Dominguez <aplanas@suse.com>
- Fix source URL
* Tue Dec 13 2022 Olaf Kirch <okir@suse.com>
- Fix the fde-tpm-enroll.service file
* Mon Dec 12 2022 Olaf Kirch <okir@suse.com>
- Updated to version 0.6.1
- Fix tpm-enable subcommand
- Add new add-secondary-key subcommand
- Add a systemd unit file that triggers on the presence of the
key file written by d-installer
* Wed Dec 07 2022 Olaf Kirch <okir@suse.com>
- Updated to version 0.6
- pcr-oracle is now a standalone project and package
- Split off the jeos-firstboot stuff into a binary package of its own,
because bare metal installations do not need it
- Refactoring the scripts
- Folded Gary's patches into git.
* Fri Oct 14 2022 Gary Ching-Pang Lin <glin@suse.com>
- Add bsc1204037-mokutil-check-sb-state.patch to check the
SecureBoot state with mokutil (bsc#1204037)
* Thu Oct 13 2022 Gary Ching-Pang Lin <glin@suse.com>
- Add bsc1204037-update-grub.cfg-for-pw-only.patch to update
grub.cfg when the user only chooses the pass phrase to encrypt
the disk. (bsc#1204037)
* Fri Sep 30 2022 Dirk Müller <dmueller@suse.com>
- add build support for other architectures
- spec file clean ups
* Fri Sep 16 2022 Olaf Kirch <okir@suse.com>
- Move the (shipped) keyfile into /root to avoid issues with r/o root
* Tue Sep 13 2022 Olaf Kirch <okir@suse.com>
- Introduce a specific unit script that takes care of mounting root
early (to avoid conflicts with ignition).
* Mon Aug 29 2022 Olaf Kirch <okir@suse.com>
- Make the firstboot workflow smarter (offer different key protectors)
* Mon Aug 15 2022 Olaf Kirch <okir@suse.com>
- Fixed typo of tpm2_key_protector_clear
* Mon Aug 15 2022 Olaf Kirch <okir@suse.com>
- Renamed to fde-tools-0.1
- included firstboot stuff
* Tue Jul 26 2022 Olaf Kirch <okir@suse.com>
- Initial build as package pcr-oracle
/usr/lib/rpm/macros.d/macros.fde-tpm-helper
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Oct 22 22:25:06 2025