Changelog for
fde-firstboot-0.7.2-10.1.noarch.rpm :
* Fri Jun 07 2024 Gary Ching-Pang Lin
- Update fde-tools-bsc1220160-conditional-requires.patch to check fde-tpm-helper in %post and %posttrans
* Thu May 30 2024 Gary Ching-Pang Lin - Fix fde-tools-change-rpm-macro-dir.patch which didn\'t set RPM_MACRO_DIR correctly
* Tue May 07 2024 Gary Ching-Pang Lin - Add fde-tools-bsc1223771-firstboot-make-Pass-phrase-mandatory.patch to make \"pass\" mandatory during firstboot (bsc#1223771)
* Fri Apr 19 2024 Gary Ching-Pang Lin - Add patches to adopt the \"--target-platform\" option when using the newer pcr-oracle (bsc#1218390) + fde-tools-bsc1218390-Switch-to-target-platform-when-available.patch + fde-tools-bsc1218390-fix-tpm-present-with-the-newer-pcr-oracle.patch
* Thu Apr 18 2024 Gary Ching-Pang Lin - Add fde-tools-bsc1222970-firstboot-replace-ALP.patch to replace \"ALP\" with \"This system\" (bsc#1222970)- Add fde-tools-bsc1223002-firstboot-disable-ccid.patch to disable the non-functional ccid option (bsc#1223002)
* Wed Mar 13 2024 Gary Ching-Pang Lin - Add json-c to BuildRequires to build on openSUSE Leap 15.5
* Tue Mar 05 2024 Gary Ching-Pang Lin - Add fde-tools-change-rpm-macro-dir.patch and set the rpm macro directory correctly- Make fde-firstboot, fde-tpm-helper, and fde-tpm-helper-rpm-macros noarch- Add fde-tools-bsc1220160-conditional-requires.patch to make fde-tpm-helper a conditional \"Requires\" (bsc#1220160)
* Mon Feb 19 2024 Gary Ching-Pang Lin - Add fde-tools-bsc1213945-set-rsa-key-size.patch to set the highest supported RSA key size (bsc#1213945)
* Mon Nov 06 2023 Dominique Leuenberger - Fix build with RPM 4.19: unnumbered patches are no longer supported.
* Wed Nov 01 2023 Gary Ching-Pang Lin - Update to version 0.7.2 + Add help output for the command tpm-authorize + Improve the multi-devices support
* Mon Oct 23 2023 Gary Ching-Pang Lin - Update to version 0.7.1 + add-secondary-key: remove the generation of the secondary password + add-secondary-key: remove the inclusion of \'add-secondary-password\' + luks: list all underlying LUKS device + Introduce FDE_DEVS to list all LUKS devices- Drop upstreamd patch + fde-tools-remove-redundant-2nd-pw-creation.patch
* Wed Oct 04 2023 Gary Ching-Pang Lin - Add fde-tools-remove-redundant-2nd-pw-creation.patch to remove the creation of the secondary password in \'add-secondary-key\'
* Mon Oct 02 2023 Gary Ching-Pang Lin - Bring ExclusiveArch back and only enable the build for the architectures with the proper UEFI Secure Boot and TPM 2.0/TCG protocol support: aarch64 x86_64 riscv64
* Tue Sep 19 2023 Gary Ching-Pang Lin - Update to version 0.7.0 + firstboot: apply the grub.cfg change immediately + fde-tpm-helper for bootloader RPMs to update the sealed key automatically + Fix the find command of \'make dist\' + Clean up the repo + Make the system flags configurable + fde-tpm-helper: specify the bootloaders in %post- Add two new subpackages for the bootloader RPMs to update the sealed key: fde-tpm-helper and fde-tpm-helper-rpm-macros- Remove ExclusiveArch and set the system directories for \'make\' and \'make install\'
* Tue Aug 29 2023 Gary Ching-Pang Lin - Update to version 0.6.9 + Redirect the firstboot messages to journald instead of a standalone log file (bsc#1214581) + Update /boot/grub2/grub.cfg at the end of firstboot to reflect the LUKS key change + Update the version automatically + Add \'cryptsetup\' to \'make dist\' + Fix the version in fde.sh- Update the download URL
* Thu Aug 24 2023 Gary Ching-Pang Lin - Update to version 0.6.8 + Improve the LUKS partition detection to support LUKS over LVM- Remove openssl and tpm2-0-tss-devel from BuildRequires since all TPM related programs are already in pcr-oracle- Add util-linux-systemd to Requires for \'lsblk\'
* Fri Aug 18 2023 Gary Ching-Pang Lin - Update to version 0.6.7 + Check failure of authorized policy creation + Additional check for recovery password- Drop upstreamed patch + fde-tools-handle-authorized-policy-failure.patch
* Thu Jul 27 2023 Gary Ching-Pang Lin - Add fde-tools-handle-authorized-policy-failure.patch handle the failure of authorized policy creation
* Thu Jul 20 2023 Gary Ching-Pang Lin - Update to version 0.6.6 + Avoid cleaning the temp directory when calling tpm_test + firstboot/fde: use functions as the aliases for bootloader functions + firstboot/fde: always regenerate initrd + firstboot/fde: use authorized policy by default + Support devices other than the root partition- Drop upstreamed patches + fde-tools-avoid-cleaning-temp-dir.patch + fde-tools-fix-bootloader-func.patch + fde-tools-force-dracut.patch + fde-tools-enable-authpol-in-firstboot.patch
* Thu Jul 13 2023 Gary Ching-Pang Lin - Add fde-tools-enable-authpol-in-firstboot.patch to enable authorized policy in the firstboot script
* Fri Jul 07 2023 Gary Ching-Pang Lin - Add fde-tools-fix-bootloader-func.patch + Define the bootloader specific functions in the firstboot script since the aliases are not expanded- Add fde-tools-force-dracut.patch + Always regenerate initrd
* Tue Jul 04 2023 Gary Ching-Pang Lin - Add fde-tools-avoid-cleaning-temp-dir.patch to avoid cleaning the temp directory when calling tpm_test
* Tue Jul 04 2023 Gary Ching-Pang Lin - Update to version 0.6.5 + LUKS2 keyslot management with the grub-tpm2 token + Replace mkinitrd with dracut
* Wed Jun 14 2023 Gary Ching-Pang Lin - Update to version 0.6.4 + Add man page and bash completion support + Switch to TPM 2.0 Key File for grub2 + Update the installation paths + Enable authorized policy by default + Implement \'tpm-disable\' command (bsc#1208834)- Add a subpackage: fde-tools-bash-completion- Use \'tpm-activate\' in the systemd service file- Add help2man to BuildRequires- Drop the upstreamed patches + fde-tools-tpm2.0-key-file-support.patch + fde-tools-fix-paths.patch + fde-tools-set-stop-event-for-tpm_authorize.patch + fde-tools-enable-authorized-policy-by-default.patch + fde-tools-reduce-iterations.patch + fde-tools-set-grub.cfg-as-stop-event.patch
* Thu Jun 08 2023 Gary Ching-Pang Lin - Fix the path in fde-tools.service
* Wed Jun 07 2023 Gary Ching-Pang Lin - Add fde-tools-tpm2.0-key-file-support.patch to support TPM 2.0 Key File for grub2- Bump the required pcr-oracle version to 0.4.5 for the TPM 2.0 Key File support- Add fde-tools-reduce-iterations.patch to reduce the iterations for the key created by luks_add_random_key- Add fde-tools-set-grub.cfg-as-stop-event.patch to set grub.cfg as the stop event for the PCR prediction- Add fde-tools-enable-authorized-policy-by-default.patch to switch FDE_USE_AUTHORIZED_POLICIES to yes
* Tue Jun 06 2023 Marcus Meissner - remove dracut and jeos-firstboot from buildrequires, just specify the directory.
* Wed May 17 2023 Gary Ching-Pang Lin - Add fde-tools-fix-paths.patch to fix the installation paths- Using the tarball from the github repo- Remove %clean
* Fri Apr 21 2023 Gary Ching-Pang Lin - Update project URL
* Tue Mar 28 2023 Gary Ching-Pang Lin - Apply fde-tools-set-stop-event-for-tpm_authorize.patch correctly
* Mon Mar 06 2023 Gary Ching-Pang Lin - Add fde-tools-set-stop-event-for-tpm_authorize.patch to set the stop event when signing the authorized policy
* Wed Mar 01 2023 Olaf Kirch - firstboot/fde: ensure that aliases get expanded in shell scripts This is needed to make the bootloader_foo -> grub2_foo function name expansion work
* Tue Feb 28 2023 Olaf Kirch - Updated to version 0.6.3- Fix a bug introduced by the recent change in tempdir handling
* Mon Jan 09 2023 Olaf Kirch - Updated to version 0.6.2- Several patches that were added last-minute for the December snapshot have been folded back into git.- Implement first stab at authorized policies.
* Wed Dec 14 2022 Olaf Kirch - Fix several bugs in firstboot
* The approach for reading the initial FDE pass phrase from /etc/default/grub is not supported in kiwi yet, so work around that
* The kiwi KVM images have a strange EFI boot path that does not contain a File component. Try to work around that.
* shim-install behaves differently between kiwi image build time and the installed system. Work around.
* Tue Dec 13 2022 Alberto Planas Dominguez - Fix source URL
* Tue Dec 13 2022 Olaf Kirch - Fix the fde-tpm-enroll.service file
* Mon Dec 12 2022 Olaf Kirch - Updated to version 0.6.1- Fix tpm-enable subcommand- Add new add-secondary-key subcommand- Add a systemd unit file that triggers on the presence of the key file written by d-installer
* Wed Dec 07 2022 Olaf Kirch - Updated to version 0.6- pcr-oracle is now a standalone project and package- Split off the jeos-firstboot stuff into a binary package of its own, because bare metal installations do not need it- Refactoring the scripts- Folded Gary\'s patches into git.
* Fri Oct 14 2022 Gary Ching-Pang Lin - Add bsc1204037-mokutil-check-sb-state.patch to check the SecureBoot state with mokutil (bsc#1204037)
* Thu Oct 13 2022 Gary Ching-Pang Lin - Add bsc1204037-update-grub.cfg-for-pw-only.patch to update grub.cfg when the user only chooses the pass phrase to encrypt the disk. (bsc#1204037)
* Fri Sep 30 2022 Dirk Müller - add build support for other architectures- spec file clean ups
* Fri Sep 16 2022 Olaf Kirch - Move the (shipped) keyfile into /root to avoid issues with r/o root
* Tue Sep 13 2022 Olaf Kirch - Introduce a specific unit script that takes care of mounting root early (to avoid conflicts with ignition).
* Mon Aug 29 2022 Olaf Kirch - Make the firstboot workflow smarter (offer different key protectors)
* Mon Aug 15 2022 Olaf Kirch - Fixed typo of tpm2_key_protector_clear
* Mon Aug 15 2022 Olaf Kirch - Renamed to fde-tools-0.1- included firstboot stuff
* Tue Jul 26 2022 Olaf Kirch - Initial build as package pcr-oracle