File trustedgrub2.spec of Package trustedgrub2

#
# spec file for package trustedgrub2
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           trustedgrub2
Version:        1.4.0
Release:        0
Summary:        Bootloader with TCG (TPM) support  
License:        GPL-3.0+
Group:          System/Boot
Url:            https://github.com/Sirrix-AG/TrustedGRUB2
Source0:        %{name}-%{version}.tar.gz
Source1:        trustedgrub2.rpmlintrc
Source2:        HOWTO.luks-keyfile
Patch1:         use-grub2-as-a-package-name.patch
Patch2:         grub2-linguas.sh-no-rsync.patch
Patch3:         0001-build-Use-AC_HEADER_MAJOR-to-find-device-macros.patch
Patch4:         0002-configure-fix-check-for-sys-sysmacros.h-under-glibc-.patch
# from upstream a3e9da054d00260f274cfd9d1b9611c32ecd437c
Patch5:         trustedgrub2-no-pie.patch
# from upstream b53f595b3ed989335d7cd1618a5502270cdb26de
Patch6:         trustedgrub2-no-pie2.patch
# fix build against gcc-7
Patch7:         0001-btrfs-avoid-used-uninitialized-error-with-GCC7.patch
Patch8:         0002-i386-x86_64-ppc-fix-switch-fallthrough-cases-with-GC.patch
Patch9:         0003-Add-gnulib-fix-gcc7-fallthrough.diff.patch
# fix build against flex-2.6.4
Patch10:        grub2-fix-build-with-flex-2.6.4.patch
# fix build against GCC-8
Patch11:        0001-Fix-packed-not-aligned-error-on-GCC-8.patch
# fix "no symbol table" error on new binutil, backport patches
Patch12:        0001-Verify-modules-on-build-time-rather-than-failing-in-.patch
Patch13:        0002-module-verifier-Check-range-limited-relative-relocat.patch
Patch14:        0003-support-modules-without-symbol-table.patch
# Btrfs snapshot booting related patches
Patch101:       grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
Patch102:       grub2-btrfs-02-export-subvolume-envvars.patch
Patch103:       grub2-btrfs-03-follow_default.patch
Patch104:       grub2-btrfs-04-subvol-mount.patch
Patch105:       grub2-btrfs-05-subvol-fallback.patch
Patch110:       grub2-menu-unrestricted.patch
BuildRequires:  automake
BuildRequires:  bison
BuildRequires:  flex
BuildRequires:  gcc
BuildRequires:  python
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
ExclusiveArch:  %{ix86} x86_64

%define _unpackaged_files_terminate_build 0

# Modules code is dynamically loaded and collected from a _fixed_ path.
%define _libdir %{_exec_prefix}/lib

%ifarch %{ix86} x86_64
%define grubcpu i386
%define platform pc
%endif

%define grubarch %{grubcpu}-%{platform}

%description
This package provides the alternatives made to transform a standard GRUB2
into a version that offers TCG (TPM) support for granting the integrity of the
boot process (trusted boot). This project was highly inspired by the former
projects TrustedGrub1 and GRUB-IMA. However TrustedGRUB2 was completely written
from scratch.

%package %{grubarch}

Summary:        Bootloader with TCG (TPM) support
Group:          System/Boot
BuildArch:      noarch

%description %{grubarch}
This package provides the alternatives made to transform a standard GRUB2
into a version that offers TCG (TPM) support for granting the integrity of the
boot process (trusted boot). This project was highly inspired by the former
projects TrustedGrub1 and GRUB-IMA. However TrustedGRUB2 was completely written
from scratch.

This package contains modules for %{platform} systems.

%prep
%setup
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1
%patch104 -p1
%patch105 -p1
%patch110 -p1

# HOWTO.luks-keyfile
cp %{SOURCE2} .

mkdir build

%build
./autogen.sh
# We don't want to let rpm override *FLAGS with default a.k.a bogus values.
CFLAGS="-fno-strict-aliasing -fno-inline-functions-called-once "
CXXFLAGS=" "
FFLAGS=" "
export CFLAGS CXXFLAGS FFLAGS

cd build

%define _configure ../configure
%configure \
	--target=%{grubcpu} \
	--with-platform=%{platform} \
	--program-transform-name=s,grub,%{name},

make %{?_smp_mflags}

%install
cd build
make install-data DESTDIR=%{buildroot} %{?_smp_mflags}

# *.module files are installed with executable bits due to the way grub2 build
# system works. Clear executable bits to not confuse find-debuginfo.sh
find $RPM_BUILD_ROOT%{_libdir}/%{name} \
       \( -name '*.module' -o -name '*.image' -o -name '*.exec' \) -print0 | \
       xargs --no-run-if-empty -0 chmod a-x

%post

%postun

%files
%defattr(-,root,root,-)
%doc COPYING README.md Changelog.md HOWTO.luks-keyfile

%files %{grubarch}
%defattr(-,root,root,-)
%dir %{_libdir}/%{name}
%dir %{_libdir}/%{name}/%{grubarch}
%{_libdir}/%{name}/%{grubarch}/*

%changelog