powerel9
/
akmods
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

initial package creation 

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
master
Toshaan Bharvani 4 months ago
commit
04cca44c73
21 changed files with 1951 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      SOURCES/95-akmods.preset
  2. 65
      SOURCES/95-akmodsposttrans.install
  3. 18
      SOURCES/LICENSE
  4. 12
      SOURCES/README
  5. 51
      SOURCES/README.secureboot
  6. 575
      SOURCES/akmods
  7. 3
      SOURCES/akmods-keygen.target
  8. 11
      SOURCES/akmods-keygen@.service
  9. 151
      SOURCES/akmods-kmodgenca
  10. 102
      SOURCES/akmods-ostree-post
  11. 31
      SOURCES/akmods-shutdown
  12. 14
      SOURCES/akmods-shutdown.service
  13. 2
      SOURCES/akmods-tmpfiles.conf
  14. 12
      SOURCES/akmods.h2m
  15. 8
      SOURCES/akmods.log
  16. 14
      SOURCES/akmods.service.in
  17. 12
      SOURCES/akmods@.service
  18. 358
      SOURCES/akmodsbuild
  19. 47
      SOURCES/akmodsposttrans
  20. 41
      SOURCES/cacert.config.in
  21. 416
      SPECS/akmods.spec

8
SOURCES/95-akmods.preset
Unescape View File

@ -0,0 +1,8 @@ @@ -0,0 +1,8 @@
# Also see:
# https://fedoraproject.org/wiki/Starting_services_by_default

# Installing presets is not the preferred solution but until another one
# presents itself:
# https://bugzilla.rpmfusion.org/show_bug.cgi?id=3713
enable akmods.service
#enable akmods-shutdown.service

65
SOURCES/95-akmodsposttrans.install
Unescape View File

@ -0,0 +1,65 @@ @@ -0,0 +1,65 @@
#!/bin/bash -
#
# 95-akmodposttrans.install - Calls akmods for newly installed kernels
#
# Copyright (c) 2019 Nicolas Viéville <nicolas.vieville@uphf.fr>
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#

COMMAND="$1"
KERNEL_VERSION="$2"
BOOT_DIR_ABS="$3"
KERNEL_IMAGE="$4"

# just check in case a user calls this directly
if [[ ! -w /var ]] ; then
echo "Needs to run as root to be able to install rpms." >&2
exit 4
fi

if [[ ! -n "${KERNEL_VERSION}" ]] ; then
exit 1
fi

case "${COMMAND}" in
add)
# needs to run in background as rpmdb might be locked otherwise
if [ -e /bin/systemctl ] ; then
# Exit early if system-update.target is active - rhbz#1518401
/bin/systemctl is-active system-update.target &>/dev/null
RET=$?

[ $RET == 0 ] && exit 0

/bin/systemctl restart akmods@${KERNEL_VERSION}.service --no-block >/dev/null 2>&1
else
nohup /usr/sbin/akmods --from-kernel-posttrans --kernels ${KERNEL_VERSION} > /dev/null 2>&1 &
fi
exit 0
;;
remove)
# Nothing to do
;;
*)
;;
esac

exit 0

18
SOURCES/LICENSE
Unescape View File

@ -0,0 +1,18 @@ @@ -0,0 +1,18 @@
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:

The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

12
SOURCES/README
Unescape View File

@ -0,0 +1,12 @@ @@ -0,0 +1,12 @@
Akmods startup script will rebuild akmod packages during system
boot, while its background daemon will build them for kernels right
after they were installed.

The akmods systemd service provides both, and is enabled by default.

The akmods-shutdown service is disabled by default but can, in some
circumstances, provide an additional chance to build and install a kernel
module. Users who would prefer longer shutdowns over delayed startups
may wish to consider enabling it with the following command:

sudo systemctl enable --now akmods-shutdown.service

51
SOURCES/README.secureboot
Unescape View File

@ -0,0 +1,51 @@ @@ -0,0 +1,51 @@
Secure boot is a setup using UEFI firmware to check cryptographic
signatures on the bootloader and associated OS kernel to ensure they
have not been tampered with or bypassed in the boot process.

This verification can be extended to Kernel and its modules.
It's default case in Fedora with UEFI and Secure boot enabled.

Fedora Project have signed kernels and also main modules with Fedora
Key, but 3rd party modules as NVidia, VirtualBox, etc. need to be signed
to load.

Akmods provides an enroll process to sign third party modules with your
own keypair.

At the first run of the akmods.service, certificate and keypair will be
created with default value using the '/usr/sbin/kmodgenca' script.

You may also wish to manually create your own certificate and keypair
with `/usr/sbin/kmodgenca` command.
If '/usr/sbin/kmodgenca' is launched with the '-a' parameter, it will
use default values to complete the cacert.config file, and to generate
automatically the cert and the private key.
If '/usr/sbin/kmodgenca' is launched without parameters, user will be
prompted to complete manually the cacert.config file, then the cert and
the private key will be automatically generated.
If the cert and the private key files already exist,
'/usr/sbin/kmodgenca' will exit unless the '-f' parameter is used.

The cert and the private key are stored respectively in
/etc/pki/akmods/certs and /etc/pki/akmods/private/ directories.

Now you need to enroll the public key in MOK, this process is described
below.
- Ask MOK to enroll new keypair with certificate with the command
`mokutil --import /etc/pki/akmods/certs/public_key.der`.
- mokutil asks to generate a password to enroll the public key.
- Rebooting the system is needed for MOK to enroll the new public key.
- On next boot MOK Management is launched and you have to choose
"Enroll MOK".
- Choose "Continue" to enroll the key or "View key 0" to show the keys
already enrolled.
- Confirm enrollment by selecting "Yes".
- You will be invited to enter the password generated above.
WARNING: keyboard is mapped to QWERTY!
- The new key is enrolled, and system ask you to reboot.

You can confirm the enrollment of the new keypair once the system
rebooted with:
`mokutil --list-enrolled | grep Issuer`
or with:
`mokutil --test-key /etc/pki/akmods/certs/public_key.der`

575
SOURCES/akmods
Unescape View File

@ -0,0 +1,575 @@ @@ -0,0 +1,575 @@
#!/bin/bash -
########################################################################
#
# akmods - Rebuilds and install akmod RPMs
# Copyright (c) 2007, 2008 Thorsten Leemhuis <fedora@leemhuis.info>
# Copyright (c) 2018 Nicolas Chauvet <kwizart@gmail.com>
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
########################################################################
#
# ToDo:
# - use yum/dnf to install required kernel-devel packages?
# - better way to detect if a earlier build failed or succeeded
# - special kernel "all" (all that are installed with a matching -devel package; could be called from posttrans in akmods packages)
# - manpage
# - make it configurable if kmod building is done with nohup
# - check on shutdown if akmods is still running and let it finish before continuing
# - make it configurable if kmods from the repo replace local ones

# global vars
myprog="akmods"
myver="0.5.7"
kmodlogfile=
continue_line=""
tmpdir=
kernels=
verboselevel=2
# We cannot differenciate from a code failure to shutdown kill9 oom etc
# So we always retry anyway
alwaystry=1

akmods_echo()
{
# where to output
local this_fd=${1}
shift

# verboselevel
local this_verbose=${1}
shift

# output to console
if (( ${verboselevel} >= ${this_verbose} )) ; then
if [[ "${1}" == "--success" ]] ; then
echo_success
continue_line=""
echo
return 0
elif [[ "${1}" == "--failure" ]] ; then
echo_failure
echo
continue_line=""
return 0
elif [[ "${1}" == "--warning" ]] ; then
echo_warning
echo
continue_line=""
return 0
elif [[ "${1}" == "-n" ]] ; then
continue_line="true"
fi
echo "$@" >&${this_fd}
fi

# no need to print the status flags in the logs
if [[ "${1}" == "--success" ]] || [[ "${1}" == "--failure" ]] || [[ "${1}" == "--warning" ]] ; then
return 0
fi

# no need to continues in the log
if [[ "${1}" == "-n" ]] ; then
shift
fi

# global logfile
echo "$(date +%Y/%m/%d\ %H:%M:%S) akmods: $@" >> "/var/log/akmods/akmods.log"

# the kmods logfile as well, if we work on a kmod
if [[ -n "${kmodlogfile}" ]] ; then
echo "$(date +%Y/%m/%d\ %H:%M:%S) akmods: $@" >> "${kmodlogfile}"
fi
}

finally()
{
# remove tmpfiles
remove_tmpdir

# remove lockfile
rm -f /var/cache/akmods/.lockfile

exit ${1:-128}
}

# Make sure finally() is run regardless of reason for exiting.
trap "finally" ABRT HUP INT QUIT

create_tmpdir()
{
if ! tmpdir="$(mktemp -d -p /tmp ${myprog}.XXXXXXXX)/" ; then
akmods_echo 2 1 "ERROR: failed to create tmpdir."
akmods_echo 2 1 --failure ; return 1
fi
if ! mkdir "${tmpdir}"results ; then
akmods_echo 2 1 "ERROR: failed to create result tmpdir."
akmods_echo 2 1 --failure ; return 1
fi
}

remove_tmpdir()
{
# remove tmpfiles
if [[ -n "${tmpdir}" ]] && [[ -d "${tmpdir}" ]] ; then
rm -f "${tmpdir}"results/* "${tmpdir}"*.log
rmdir "${tmpdir}"results/ "${tmpdir}"
fi
}

cleanup_cachedir ()
{
for one_file in $(ls /var/cache/akmods/*/* 2>/dev/null | \
grep -v "$(ls -I "*rescue*" /boot/vmlinuz-* | \
sed 's%.*vmlinuz-%%g')") ; do
if $(grep -qE ".*\.rpm$" <<< "${one_file}") ; then
if ! $(rpm -q "$(basename ${one_file%.rpm})" >/dev/null) ; then
rm -f "${one_file}"
fi
else
rm -f "${one_file}"
fi
done
}

init ()
{
# some security provisions
\export PATH='/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
\unalias -a
hash -r
# https://bugzilla.rpmfusion.org/show_bug.cgi?id=4023
#ulimit -H -c 0 --
IFS=$' \t\n'
UMASK=022
umask ${UMASK}

# fall back to current kernel if user didn't provide one
if [[ ! -n "${kernels}" ]] ; then
kernels="$(uname -r)"
fi
# ensure to build for grub default kernel
default_kernel=$(grubby --default-kernel | sed -e 's/^.*vmlinuz-//')
if ! $(echo "${kernels}" | grep -q "${default_kernel}") ; then
kernels="${kernels} ${default_kernel}"
fi

# we get the echo_{success,failure} stuff from there
if [[ -r /etc/rc.d/init.d/functions ]] ; then
source /etc/rc.d/init.d/functions
else
# Use our own simple replacements
echo_success() {
echo -ne " [ OK ]\r"
return 0
}
echo_failure() {
echo -ne " [FAILED]\r"
return 1
}
echo_warning() {
echo -ne " [WARNING]\r"
return 1
}
fi

# needs root permissions
if [[ ! -w /var ]] ; then
echo -n "Needs to run as root to be able to install rpms." >&2
echo_failure ; echo ; exit 1
fi

# no akmods
if [[ ! -d "/usr/src/akmods/" ]] ; then
echo -n "/usr/src/akmods/ not found." >&2
echo_failure ; echo ; exit 1
fi

# if there are no akmod packages installed there is nothing to do for us
if ! ls /usr/src/akmods/*-kmod.latest &> /dev/null ; then
echo -n "No akmod packages found, nothing to do." >&2
echo_success ; echo ; exit 0
fi


# now that we know that we're root make sure our dir for logging and results is available
if [[ ! -d "/var/cache/akmods/" ]] ; then
if ! mkdir -p "/var/cache/akmods/" ; then
echo -n "/var/cache/akmods/ not found and could not be created" >&2
echo_failure ; echo ; exit 1
fi
fi
if [[ ! -w "/var/cache/akmods/" ]] ; then
echo -n "/var/cache/akmods/ not writable" >&2
echo_failure ; echo ; exit 1
fi

# tools needed
for tool in akmodsbuild chown flock sed rpmdev-vercmp ; do
if ! which "${tool}" &> /dev/null ; then
echo -n "${tool} not found" >&2
echo_failure ; echo ; exit 1
fi
done

# create lockfile and wait till we get it
exec 99>/run/akmods/akmods.lock
flock -w 900 99
}

buildinstall_kmod()
{
local this_kernelver=${1}
local this_kmodname=${2}
local this_kmodsrpm=${3}
local this_kmodverrel=${4}

if [[ ! -r "${this_kmodsrpm}" ]] ; then
akmods_echo 2 1 "ERROR: ${this_kmodsrpm} not found."
akmods_echo 2 1 --failure ; return 1
fi


# result and logdir
if [[ ! -d "/var/cache/akmods/${this_kmodname}" ]] ; then
if ! mkdir "/var/cache/akmods/${this_kmodname}" ; then
akmods_echo 2 1 "ERROR: could not create /var/cache/akmods/${this_kmodname}."
akmods_echo 2 1 --failure ; return 1
fi
fi

## preparations
# tmpdir
create_tmpdir

# akmods needs to write there (and nobody else, but mktemp takes care of that!)
chown akmods "${tmpdir}" "${tmpdir}"results

# remove old logfiles if they exist
rm -f "/var/cache/akmods/${this_kmodname}/${this_kmodverrel}-for-${this_kernelver}.log" "/var/cache/akmods/${this_kmodname}/.last.log"

# create a per kmod logfile
if ! touch "/var/cache/akmods/${this_kmodname}/.last.log" ; then
akmods_echo 2 1 "ERROR: failed to create kmod specific logfile."
return 1
fi

# akmods_echo will log to this file from now on as well
kmodlogfile="/var/cache/akmods/${this_kmodname}/.last.log"

# Unset TMPDIR since it is misused by "runuser"
# https://bugzilla.rpmfusion.org/show_bug.cgi?id=2596
unset TMPDIR

# build module using akmod
akmods_echo 1 4 "Building RPM using the command '$(which akmodsbuild) --kernels ${this_kernelver} ${this_kmodsrpm}'"
/sbin/runuser -s /bin/bash -c "$(which akmodsbuild) --quiet --kernels ${this_kernelver} --outputdir ${tmpdir}results --logfile ${tmpdir}/akmodsbuild.log ${this_kmodsrpm}" akmods >> "${kmodlogfile}" 2>&1
local returncode=$?

# copy rpmbuild log to kmod specific logfile
if [[ -s "${tmpdir}"/akmodsbuild.log ]] ; then
while read line ; do
echo "$(date +%Y/%m/%d\ %H:%M:%S) akmodsbuild: ${line}" >> "${kmodlogfile}"
done < "${tmpdir}"/akmodsbuild.log
fi

# result
if (( ! ${returncode} == 0 )) ; then
if [[ -n "${continue_line}" ]] ; then
akmods_echo 1 2 --failure
fi
akmods_echo 2 1 "Building rpms failed; see /var/cache/akmods/${this_kmodname}/${this_kmodverrel}-for-${this_kernelver}.failed.log for details"
cp -fl "${kmodlogfile}" "/var/cache/akmods/${this_kmodname}/${this_kmodverrel}-for-${this_kernelver}.failed.log"
kmodlogfile=""
remove_tmpdir
return 4
fi

# dnf/yum install - repository disabled on purpose see rfbz#3350
akmods_echo 1 4 "Installing newly built rpms"
if [[ -f /usr/bin/dnf ]] ; then
akmods_echo 1 4 "DNF detected"
dnf -y install --disablerepo='*' $(find "${tmpdir}results" -type f -name '*.rpm' | grep -v debuginfo) >> "${kmodlogfile}" 2>&1
else
akmods_echo 1 4 "DNF not found, using YUM instead."
yum -y install --disablerepo='*' $(find "${tmpdir}results" -type f -name '*.rpm' | grep -v debuginfo) >> "${kmodlogfile}" 2>&1
fi
local returncode=$?

# place the newly built rpms where user expects them
cp "${tmpdir}results/"* "/var/cache/akmods/${this_kmodname}/"

# everything fine?
if (( ${returncode} != 0 )) ; then
if [[ -n "${continue_line}" ]] ; then
akmods_echo 1 2 --failure
fi
akmods_echo 2 1 "Could not install newly built RPMs. You can find them and the logfile in:"
akmods_echo 2 1 "/var/cache/akmods/${this_kmodname}/${this_kmodverrel}-for-${this_kernelver}.failed.log"
cp -fl "${kmodlogfile}" "/var/cache/akmods/${this_kmodname}/${this_kmodverrel}-for-${this_kernelver}.failed.log"
kmodlogfile=""
remove_tmpdir
return 8
fi

# finish
akmods_echo 1 4 "Successful."
cp -fl "${kmodlogfile}" "/var/cache/akmods/${this_kmodname}/${this_kmodverrel}-for-${this_kernelver}.log"
kmodlogfile=""
remove_tmpdir

return 0
}

check_kmod_up2date()
{
local this_kernelver=${1}
local this_kmodname=${2}
local kmodpackage_file="$(modinfo ${this_kmodname} -k ${this_kernelver} -n 2>/dev/null)"

# kmod present, even with weak-modules?
if [[ ! -n "${kmodpackage_file}" ]] && [[ ! -d /lib/modules/${this_kernelver}/extra/${this_kmodname}/ ]] ; then
# build it
return 1
fi

# kmod up2date?
# Weak module symlink case
if [ -n "${kmodpackage_file}" ] && [ -h "${kmodpackage_file}" ] && $(echo "${kmodpackage_file}" | grep -q "weak-updates") ; then
local kmodpackage="$(rpm -qf $(readlink -e ${kmodpackage_file}) 2> /dev/null)"
# Regular module file case
else
local kmodpackage="$(rpm -qf /lib/modules/${this_kernelver}/extra/${this_kmodname}/ 2> /dev/null)"
fi
if [[ ! -n "${kmodpackage}" ]] ; then
# seems we didn't get what we wanted
# well, better to do nothing in this case
akmods_echo 1 2 -n "Warning: Could not determine what package owns /lib/modules/${this_kernelver}/extra/${this_kmodname}/"
return 0
fi
local kmodver=$(rpm -q --qf '%{EPOCH}:%{VERSION}-%{RELEASE}\n' "${kmodpackage}" | sed 's|(none)|0|; s!\.\(fc\|el\|lvn\)[0-9]*!!g')
local akmodver=$(rpm -qp --qf '%{EPOCH}:%{VERSION}-%{RELEASE}\n' /usr/src/akmods/"${this_kmodname}"-kmod.latest | sed 's|(none)|0|; s!\.\(fc\|el\|lvn\)[0-9]*!!g')

rpmdev-vercmp "${kmodver}" "${akmodver}" &>/dev/null
local retvalue=$?
if [[ "$retvalue" == 0 ]] ; then
# Versions are the same. Nothing to do.
return 0
elif [[ "$retvalue" == 11 ]] ; then
# kmod is newer, nothing to do.
return 0
elif [[ "$retvalue" == 12 ]] ; then
# akmod is newer, need to build kmod.
return 1
else
# Something went wrong
akmods_echo 1 2 -n "Error: Could not determine if akmod is newer than the installed kmod"
akmods_echo 1 2 --failure
return 0
fi
}

check_kmods()
{
local this_kernelver="${1}"

akmods_echo 1 2 -n "Checking kmods exist for ${this_kernelver}"
for akmods_kmodfile in /usr/src/akmods/*-kmod.latest ; do
local this_kmodname="$(basename ${akmods_kmodfile%%-kmod.latest})"

# actually check this akmod?
if [[ -n "${akmods}" ]] ; then
for akmod in ${akmods} ; do
if [[ "${this_kmodname}" != "${akmod}" ]] ; then
# ignore this one
continue 2
fi
done
fi

# go
if ! check_kmod_up2date ${this_kernelver} ${this_kmodname} ; then
# okay, kmod wasn't found or is not up2date
if [[ -n "${continue_line}" ]] ; then
akmods_echo 1 2 --success
# if the files for building modules are not available don't even try to build modules
if [[ ! -r /usr/src/kernels/"${this_kernelver}"/Makefile ]] && \
[[ ! -r /lib/modules/"${this_kernelver}"/build/Makefile ]] ; then
akmods_echo 1 2 "Files needed for building modules against kernel"
akmods_echo 1 2 "${this_kernelver} could not be found as the following"
akmods_echo 1 2 "directories are missing:"
akmods_echo 1 2 "/usr/src/kernels/${this_kernelver}/"
akmods_echo 1 2 -n "/lib/modules/${this_kernelver}/build/"
akmods_echo 1 2 -n "Is the correct kernel-devel package installed?"
akmods_echo 1 2 --failure
return 1
fi
fi

local this_kmodverrel="$(rpm -qp --qf '%{VERSION}-%{RELEASE}' "${akmods_kmodfile}" | sed 's!\.\(fc\|el\|lvn\)[0-9]*!!g' )"
if [[ ! -n "${alwaystry}" ]] && [[ -e "/var/cache/akmods/${this_kmodname}/${this_kmodverrel}-for-${this_kernelver}".failed.log ]] ; then
akmods_echo 1 2 -n "Ignoring ${this_kmodname}-kmod as it failed earlier"
akmods_echo 1 2 --warning
local someignored="true"
else
akmods_echo 1 2 -n "Building and installing ${this_kmodname}-kmod"
buildinstall_kmod ${this_kernelver} ${this_kmodname} ${akmods_kmodfile} ${this_kmodverrel}
local returncode=$?
if [[ "$returncode" == "0" ]] ; then
akmods_echo 1 2 --success
local somesucceeded="true"
elif [[ "$returncode" == "8" ]] ; then
akmods_echo 1 2 --failure "New kmod RPM was built but could not be installed."
else
local somefailed="true"
fi
fi
fi
done

if [[ -n "${continue_line}" ]] ; then
akmods_echo 1 2 --success
elif [[ -n "${someignored}" ]] || [[ -n "${somefailed}" ]] ; then
echo
akmods_echo 1 2 "Hint: Some kmods were ignored or failed to build or install."
akmods_echo 1 2 "You can try to rebuild and install them by by calling"
akmods_echo 1 2 "'/usr/sbin/akmods --force' as root."
echo
sleep 2
fi

# akmods for newly installed akmod rpms as wells as akmods.service run
# after udev and systemd-modules-load.service have tried to load modules
if [[ -n "${somesucceeded}" ]] && [[ ${this_kernelver} = "$(uname -r)" ]] ; then
find /sys/devices -name modalias -print0 | xargs -0 cat | xargs modprobe -a -b -q
if [ -f /usr/bin/systemctl ] ; then
systemctl restart systemd-modules-load.service
fi
fi
}

myprog_help ()
{
echo "Checks the akmod packages and rebuilds them if needed"
echo $'\n'"Usage: ${myprog} [OPTIONS]"
echo $'\n'"Options:"
echo " --force -- try all, even if they failed earlier"
echo " --kernels <kernel> -- build and install only for kernel <kernel>"
echo " (formatted the same as 'uname -r' would produce)"
echo " --akmod <akmod> -- build and install only akmod <akmod>"
}


# first parse command line options
while [ "${1}" ] ; do
case "${1}" in
--kernel|--kernels)
shift
if [[ ! -n "${1}" ]] ; then
echo "ERROR: Please provide the kernel-version to build for together with --kernel" >&2
exit 1
elif [[ ! -r /usr/src/kernels/"${1}"/Makefile ]] && \
[[ ! -r /lib/modules/"${1}"/build/Makefile ]] ; then
echo "Could not find files needed to compile modules for ${1}"
echo "Are the development files for kernel ${1} or the appropriate kernel-devel package installed?"
exit 1
elif [[ -r /usr/src/kernels/"${1}"/Makefile ]] && \
[[ ! -d /lib/modules/"${1}" ]] ; then
# this is a red hat / fedora kernel-devel package, but the kernel for it is not installed
# kmodtool would add a dep on that kernel when building; thus when we'd try to install the
# rpms we'd run into a missing-dep problem. Thus we prevent that case
echo "Kernel ${1} not installed"
exit 1
fi
# overwrites the default:
if [[ ! -n "${kernels}" ]] ; then
kernels="${1}"
else
kernels="${kernels} ${1}"
fi
# an try to build, even if we tried already
alwaystry=true
shift
;;
--akmod|--kmod)
shift
if [[ ! -n "${1}" ]] ; then
echo "ERROR: Please provide a name of a akmod package together with --akmods" >&2
exit 1
elif [[ -r /usr/src/akmods/"${1}"-kmod.latest ]] ; then
akmods="${akmods}${1} "
elif [[ -r /usr/src/akmods/"${1}".latest ]] ; then
akmods="${akmods}${1%%-kmod} "
else
echo "Could not find akmod ${1}"
exit 1
fi
shift
;;
--force)
alwaystry=true
shift
;;
--from-init)
# just in case: remove stale lockfile if it exists:
rm -f /var/cache/akmods/.lockfile
# Clean old logs and rpm files from no more installed kmod
# packages.
cleanup_cachedir
shift
;;
--from-posttrans|--from-kernel-posttrans|--from-akmod-posttrans)
# ignored
shift
;;
--verbose)
let verboselevel++
shift
;;
--quiet)
let verboselevel--
shift
;;
--help)
myprog_help
exit 0
;;
--version)
echo "${myprog} ${myver}"
exit 0
;;
*)
echo "Error: Unknown option '${1}'." >&2
myprog_help >&2
exit 2
;;
esac
done

# sanity checks
init

# go
for kernel in ${kernels} ; do
check_kmods ${kernel}
done

# finished :)
finally 0

3
SOURCES/akmods-keygen.target
Unescape View File

@ -0,0 +1,3 @@ @@ -0,0 +1,3 @@
[Unit]
Wants=akmods-keygen@.service
PartOf=akmods.service

11
SOURCES/akmods-keygen@.service
Unescape View File

@ -0,0 +1,11 @@ @@ -0,0 +1,11 @@
[Unit]
Description=Akmods Secure boot MOK Key Generation
ConditionFileNotEmpty=|!/etc/pki/akmods/certs/public_key.der
ConditionFileNotEmpty=|!/etc/pki/akmods/private/private_key.priv

[Service]
Type=oneshot
ExecStart=/usr/sbin/kmodgenca -a

[Install]
WantedBy=akmods-keygen.target

151
SOURCES/akmods-kmodgenca
Unescape View File

@ -0,0 +1,151 @@ @@ -0,0 +1,151 @@
#!/bin/bash
#
# kmodgenca - Helper script to create CA/Keypair to sign modules.
# Copyright (c) 2017 Stanislas Leduc <stanislas.leduc@balinor.net>
# Copyright (c) 2018-2019 Nicolas Viéville <nicolas.vieville@uphf.fr>
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
MYPROG="kmodgenca"
MYVER="0.5.7"
FORCE_BUILD=0
AUTOMATIC_BUILD=0
AUTOMATIC_BUILD_OPTION=""

myprog_help ()
{
echo "Build CA/Keypair to sign modules"
echo $'\n'"Usage: ${MYPROG} [OPTIONS]"
echo $'\n'"Options:"
echo " -a, --auto -- generate default values for cacert.config file without prompt"
echo " -f, --force -- build CA/Keypair even if there is already ones"
echo " -h, --help -- print usage"
echo " -V, --version -- show version"
}


# Parse command line options.
#
while [ "${1}" ] ; do
case "${1}" in
-a|--auto)
AUTOMATIC_BUILD=1
shift
;;
-f|--force)
FORCE_BUILD=1
shift
;;
-h|--help)
myprog_help
exit 0
;;
-V|--version)
echo "${MYPROG} ${MYVER}"
exit 0
;;
*)
echo "Error: Unknown option '${1}'." >&2
myprog_help >&2
exit 2
;;
esac
done

# Exit early if cert and private key already exist and if FORCE_BUILD
# is not equal to 1.
#
if $(readlink -e /etc/pki/akmods/certs/public_key.der &>/dev/null) && \
$(readlink -e /etc/pki/akmods/private/private_key.priv &>/dev/null) && \
[ ${FORCE_BUILD} -eq 0 ] ; then
exit 0
fi

CACERT_CONFIG="/etc/pki/akmods/cacert.config"
KEYNAME="$(hostname)"-"$(od -vAn -N4 -tu4 < /dev/urandom | awk '{print $1}')"

# Create cacert.config file with local values if AUTOMATIC_BUILD is set
# or ask for values manually.
#
echo "Update cacert.config..."
if [ ${AUTOMATIC_BUILD} -eq 1 ] ; then
# Set OpenSSL fields values, comment default values and min/max ones.
sed -e "s#\(0.organizationName *= \).*#\1$(hostname)#" \
-e "s#\(organizationalUnitName *= \).*#\1$(hostname)#" \
-e "s#\(emailAddress *= \).*#\1akmods@$(hostname)#" \
-e "s#\(localityName *= \).*#\1None#" \
-e "s#\(stateOrProvinceName *= \).*#\1None#" \
-e "s#\(countryName *= \).*#\1$(locale country_ab2)#" \
-e "s#\(commonName *= \).*#\1$(hostname)"-"$(od -vAn -N4 -tu4 < /dev/urandom | awk '{print $1}')#" \
-e "s/^[^#]*_default *= /#&/" \
-e "s/^[^#]*_min/#&/" \
-e "s/^[^#]*_max/#&/" ${CACERT_CONFIG}.in > ${CACERT_CONFIG}
AUTOMATIC_BUILD_OPTION=" -batch"
else
# Activate prompt directive.
sed -e "s#\(prompt *= \).*#\1yes#" ${CACERT_CONFIG}.in > ${CACERT_CONFIG}
fi
KEY_SUFF="$(date "+%F_%T_%N")"
# If cert and private key files names already exists, do not overwrite
# them but save them.
#
if [[ -e /etc/pki/akmods/certs/${KEYNAME}.der ]] ; then
# If the cert has already been loaded in MOK, add "already_enrolled"
# to the suffix of the backup file.
# `mokutil --help` fails if EFI variables are not supported on the
# system. It is therefore impossible to test the presence of the key
# in MOK, and then do not add special suffix to the backup file.
#
if $(which mokutil &> /dev/null) && $(mokutil --help &> /dev/null) && $(mokutil --test-key /etc/pki/akmods/certs/${KEYNAME}.der &> /dev/null) ; then
KEY_SUFF="${KEY_SUFF}_already_enrolled"
fi
mv /etc/pki/akmods/certs/${KEYNAME}.der /etc/pki/akmods/certs/${KEYNAME}.der.${KEY_SUFF}.bak
if [[ -e /etc/pki/akmods/private/${KEYNAME}.priv ]] ; then
mv /etc/pki/akmods/private/${KEYNAME}.priv /etc/pki/akmods/private/${KEYNAME}.priv.${KEY_SUFF}.bak
fi
fi

echo "Generate new keypair..."
sg akmods -c "
umask 037
openssl req -x509 -new -nodes -utf8 -sha256 -days 3650${AUTOMATIC_BUILD_OPTION} \
-config ${CACERT_CONFIG} -outform DER \
-out /etc/pki/akmods/certs/${KEYNAME}.der \
-keyout /etc/pki/akmods/private/${KEYNAME}.priv
"

# Ensure that akmods group can read keys.
#
chmod g+r /etc/pki/akmods/certs/${KEYNAME}.*
chmod g+r /etc/pki/akmods/private/${KEYNAME}.*

# Sanitize permissions.
#
if [[ -x /usr/sbin/restorecon ]] ; then
/usr/sbin/restorecon /etc/pki/akmods/certs/${KEYNAME}.der
/usr/sbin/restorecon /etc/pki/akmods/private/${KEYNAME}.priv
fi

# Update symlink to use new keypair.
#
ln -nsf /etc/pki/akmods/certs/${KEYNAME}.der /etc/pki/akmods/certs/public_key.der
ln -nsf /etc/pki/akmods/private/${KEYNAME}.priv /etc/pki/akmods/private/private_key.priv

exit 0

102
SOURCES/akmods-ostree-post
Unescape View File

@ -0,0 +1,102 @@ @@ -0,0 +1,102 @@
#!/bin/bash -
############################################################################
#
# akmods - Rebuilds and install akmod RPMs
# Copyright (c) 2007, 2008 Thorsten Leemhuis <fedora@leemhuis.info>
# Copyright (c) 2018 Nicolas Chauvet <kwizart@gmail.com>
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
############################################################################

myprog="akmods-post"
tmpdir=

# Only do %post builds in ostree
if ! grep -q OSTREE_VERSION= /etc/os-release && ! test -f /run/ostree-booted; then
exit 0
fi

kmodname=$1
srpm=$2


finally()
{
# remove tmpfiles
remove_tmpdir

exit ${1:-128}
}

# Make sure finally() is run regardless of reason for exiting.
trap "finally" ABRT HUP INT QUIT

create_tmpdir()
{
if ! tmpdir="$(mktemp -d -p /tmp ${myprog}.XXXXXXXX)/" ; then
echo "ERROR: failed to create tmpdir." >&2
finally 1
fi
if ! mkdir "${tmpdir}"results ; then
echo "ERROR: failed to create result tmpdir." >&2
finally 1
fi
}

remove_tmpdir()
{
# remove tmpfiles
if [[ -n "${tmpdir}" ]] && [[ -d "${tmpdir}" ]]; then
rm -rf "${tmpdir}"
fi
}

# This is an ostree build, so do build for all
# deployed kernels in the %post
kernels="$(ls /lib/modules)"

create_tmpdir

for kernel in ${kernels} ; do
echo "Building ${srpm} for kernel ${kernel}"
# Note: This builds as root, but this is pretty safe because its happening in the ostree %post sandbox.
# In fact, given that /usr is a rofiles-fuse mount no other user can access /usr in this sandbox anyway.
akmodsbuild --quiet --kernels ${kernel} --outputdir ${tmpdir}results --logfile "${tmpdir}/akmodsbuild.log" "${srpm}" 2>&1
returncode=$?
if (( ! ${returncode} == 0 )); then
finally 1
fi
done

for f in $(find "${tmpdir}results" -type f -name '*.rpm' | grep -v debuginfo) ; do
rpm2cpio $f | cpio --quiet -D / -id
returncode=$?
if (( ! ${returncode} == 0 )); then
echo "Extracting $f failed:" 2>&1
finally 1
fi
done

for kernel in ${kernels} ; do
depmod -v ${kernel} 2>&1
done

finally 0

31
SOURCES/akmods-shutdown
Unescape View File

@ -0,0 +1,31 @@ @@ -0,0 +1,31 @@
#!/bin/bash
#
# akmods-shutdown - Helper script to build kernel modules on shutdown
# Copyright (c) 2012 Richard shaw <hobbes1069@gmail.com>
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#

echo "Building modules for all installed kernels."
for kernel in /usr/src/kernels/* ; do
kernel=$(basename $kernel)
/usr/sbin/akmods --kernels $kernel
done

14
SOURCES/akmods-shutdown.service
Unescape View File

@ -0,0 +1,14 @@ @@ -0,0 +1,14 @@
[Unit]
Description=Builds and install new kmods from akmod packages
Before=shutdown.service reboot.service halt.service
Conflicts=shutdown.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/bin/true
ExecStop=-/usr/sbin/akmods-shutdown
TimeoutStopSec=5min

[Install]
WantedBy=multi-user.target

2
SOURCES/akmods-tmpfiles.conf
Unescape View File

@ -0,0 +1,2 @@ @@ -0,0 +1,2 @@
# See tmpfiles.d(5) for details
d /run/akmods 0770 root akmods -

12
SOURCES/akmods.h2m
Unescape View File

@ -0,0 +1,12 @@ @@ -0,0 +1,12 @@
[BUGS]
https://bugzilla.rpmfusion.org/buglist.cgi?product=Fedora&component=akmods&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED
[REPORTING BUGS]
Submit a bug against the akmods component at:
.br
https://bugzilla.rpmfusion.org/enter_bug.cgi?product=Fedora
[AUTHOR]
Thorsten Leemhuis <fedora [AT] leemhuis [DOT] info>
[MAINTAINER]
Richard Shaw <hobbes1069 [AT] gmail [DOT] com>
[SEE ALSO]
http://rpmfusion.org/Packaging/KernelModules/Akmods

8
SOURCES/akmods.log
Unescape View File

@ -0,0 +1,8 @@ @@ -0,0 +1,8 @@
/var/log/akmods/akmods.log {
monthly
rotate 12
missingok
notifempty
create 644 root root
su root akmods
}

14
SOURCES/akmods.service.in
Unescape View File

@ -0,0 +1,14 @@ @@ -0,0 +1,14 @@
[Unit]
Description=Builds and install new kmods from akmod packages
ConditionPathExists=!/run/ostree-booted
Before=@SERVICE@
After=akmods-keygen.target
Wants=akmods-keygen.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/akmods --from-init

[Install]
WantedBy=multi-user.target

12
SOURCES/akmods@.service
Unescape View File

@ -0,0 +1,12 @@ @@ -0,0 +1,12 @@
[Unit]
Description=Builds and install new kmods from akmod for a given kernel
Wants=akmods-keygen.target
After=akmods-keygen.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/systemd-inhibit --mode=block --what=idle:sleep:shutdown --who="akmods" --why="Akmods Transaction running" /usr/sbin/akmods --from-kernel-posttrans --kernels %i

[Install]
WantedBy=multi-user.target

358
SOURCES/akmodsbuild
Unescape View File

@ -0,0 +1,358 @@ @@ -0,0 +1,358 @@
#!/bin/bash
#
# akmodbuild - Helper script for building kernel module SRPMs
# Copyright (c) 2007 Thorsten Leemhuis <fedora@leemhuis.info>
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
myprog="akmodsbuild"
myver="0.5.6"

# defaults that might get overwritten by user:
kernels="$(uname -r)"
target="$(uname -m)"
if [[ "${target}" == "armv7l" ]] ; then
target="armv7hl"
fi
numberofjobs=$(grep -c processor /proc/cpuinfo 2> /dev/null)
verboselevel=2
outputdir="${PWD}"
srpms=

init ()
{
## startup checks
# prevent root-usage
if [[ -w /var ]] ; then
echo "ERROR: Not to be used as root; start as user or '${myprog}' instead." >&2
exit 1
fi

# do we have everything we need to build for the kernels in question?
for kernel in ${kernels}; do
if [[ ! -e /usr/src/kernels/${kernel}/Makefile ]] && [[ ! -e /usr/lib/modules/${kernel}/build/Makefile ]] ; then
echo "ERROR: Files needed for building modules against kernel" >&2
echo " ${kernel} could not be found as the following" >&2
echo " directories are missing:"
echo " /usr/src/kernels/${kernel}/" >&2
echo " /usr/lib/modules/${kernel}/build/" >&2
exit 2
fi
done

if [[ ! -n "${srpms}" ]] ; then
echo "ERROR: Please provide a list of SRPM-files to build."
exit 2
fi

# SRPMS available?
for srpm in ${srpms}; do
if [[ ! -r ${srpm} ]] ; then
echo "ERROR: Can't find SRPM ${srpm}"
exit 1
fi
done

# room to save things
if [[ ! -d "${outputdir}" ]] ; then
echo "ERROR: ${outputdir} is not a directory" >&2
exit 1
elif [[ ! -w "${outputdir}" ]] ; then
echo "ERROR: ${outputdir} is not a writable" >&2
exit 1
fi


# make sure this is a number
if ! (( ${numberofjobs} > 0 )) ; then
echo "Warning: using hardcoded defaut value for number of jobs"
numberofjobs=2
fi

## preparations
# tmpdir
if ! tmpdir="$(mktemp -d -p /tmp ${myprog}.XXXXXXXX)" ; then
echo "ERROR: Could create tempdir."
exit 1
fi

# buildtreee
mkdir "${tmpdir}"/{BUILD,SOURCES,SPECS,SRPMS,RPMS,RPMS/"${target}"}

# logfile
if [[ ! -n "${logfile}" ]] ; then
logfile="${tmpdir}/logfile"
fi

if ( [[ -e "${logfile}" ]] && [[ ! -w "${logfile}" ]] ) || ! touch "${logfile}" ; then
echo "ERROR: Could not write logfile."
finally
exit 1
fi
}


finally()
{
# kill background jobs if needed
if [[ -n "${watch_jobid}" ]] ; then
kill "${watch_jobid}"
fi
if [[ -n "${rpmbuild_jobid}" ]] ; then
kill "${rpmbuild_jobid}"
fi

# remove tmpfiles
if [[ -d "${tmpdir}" ]] ; then
rm -rf "${tmpdir}"
fi
}
trap "finally" 2


akmods_echo()
{
# where to output
local this_fd=${1}
shift

# verboselevel
local this_verbose=${1}
shift

if [[ "${1}" == "--not-logfile" ]] ; then
local notlogfile=true
shift
fi

# output to console
if (( ${verboselevel} >= ${this_verbose} )) ; then
echo "$@" >&${this_fd}
fi

# global logfile
if [[ ! -n ${notlogfile} ]] ; then
echo "$@" >> "${logfile}"
fi
}


watch_rpmbuild()
{
# background function to show rpmbuild progress
# does't use akmods_echo here; this stage handles the output on its own
# (seperate process and there is no need to log this)
if (( ${verboselevel} == 2 )) ; then
tail --pid ${1} -n +1 -s 0.1 -f ${2} 2>/dev/null | grep --line-buffered -e '%prep' -e '%build' -e '%install' -e '%clean' | while read line ; do
if [[ "${line}" != "${line##*prep}" ]] ; then
echo -n "prep "
elif [[ "${line}" != "${line##*build}" ]] ; then
echo -n "build "
elif [[ "${line}" != "${line##*install}" ]] ; then
echo -n "install "
elif [[ "${line}" != "${line##*clean}" ]] ; then
echo -n "clean; "
# last linefeed is done by the caller
fi
done
elif (( ${verboselevel} > 2 )) ; then
tail --pid ${1} -n +1 -s 0.1 -f ${2}
fi
}

process_srpm()
{
local source_rpm="${1}"

# status info
akmods_echo 1 2 -n "* Rebuilding ${source_rpm} for kernel(s) ${kernels}: "

# kick off rebuild into background
/usr/bin/time --format='%x' --output="${tmpdir}/.jobexit" rpmbuild \
--define "_topdir ${tmpdir}/" \
--define "_buildtree ${tmpdir}/BUILD" \
--define "_specdir ${tmpdir}/SPECS" \
--define "_sourcedir ${tmpdir}/SOURCES" \
--define "_srcrpmdir ${tmpdir}/SRPMS" \
--define "_rpmdir ${tmpdir}/RPMS" \
--define "_smp_mflags -j${numberofjobs}" \
--define "kernels ${kernels}" \
--target ${target} \
--rebuild "${source_rpm}" 2>&1 | tee -a "${logfile}" > "${tmpdir}/.joblog" &

local rpmbuild_jobid=$!

# show progress
if (( ${verboselevel} >= 2 )) ; then
watch_rpmbuild ${rpmbuild_jobid} "${tmpdir}/.joblog" 2> /dev/null &
local watch_jobid=$!
fi

# wait for rpmbuild
wait ${rpmbuild_jobid}
local rpmbuild_returncode=$(tail -n 1 "${tmpdir}/.jobexit")
unset rpmbuild_jobid

# give watch_rpmbuild a moment to catch up; kill it if it does not
if (( ${verboselevel} >= 2 )) ; then
sleep 0.5
kill ${watch_jobid} &> /dev/null
unset watch_jobid
fi

# did rpmbuild succeed?
if (( ${rpmbuild_returncode} != 0 )) ; then
# linefeed:
akmods_echo 1 2 ""

akmods_echo 2 2 --not-logfile "rpmbuild failed with errorcode ${rpmbuild_returncode}; last 35 Lines of log:"
akmods_echo 2 2 --not-logfile "--- "
tail -n 35 "${tmpdir}/.joblog" >&2
akmods_echo 2 2 --not-logfile "---"
return ${rpmbuild_returncode}
fi

# finish status for watch_rpmbuild
if (( ${verboselevel} >= 2 )) ; then
akmods_echo 1 2 -n "Successfull; "
fi

local rpms_built="$(cd "${tmpdir}"/RPMS/"${target}" ; echo *)"

if ! mv "${tmpdir}/RPMS/${target}/"* "${outputdir}" ; then
# linefeed:
akmods_echo 1 2 ""

akmods_echo 2 2 "Failed to move ${tmpdir}/RPMS/${target}/"* "to ${outputdir}"
return 128
fi

if (( ${verboselevel} == 1 )) ; then
for rpm in ${rpms_built}; do
echo "${outputdir%%/}/${rpm}"
done
elif (( ${verboselevel} >= 2 )) ; then
akmods_echo 1 2 "Saved ${rpms_built} in ${outputdir%%/}/"
fi


# finished
return 0
}

myprog_help ()
{
echo "Rebuilds kmod SRPM(s)"
echo $'\n'"Usage: ${myprog} [OPTIONS] <SRPMS>"
echo $'\n'"Options:"
echo " -k, --kernels -- build for kernel-versions (output from 'uname -r')"
echo " -l, --logfile <file> -- save rpmbuild output to <file>"
echo " -o, --outputdir <dir> -- save rpms and logs here (current directory)"
echo " -t, --target -- target-arch (output from 'uname -m')"
echo " -v, --verbose -- increase verboseness"
echo " -q, --quiet -- be more quiet"
echo " -h, --help -- show usage"
echo " -V, --version -- show version"
}

while [ "${1}" ] ; do
case "${1}" in
-k|--kernels)
shift
if [[ ! -n "${1}" ]] ; then
echo "ERROR: Please provide kernel-version(s) to build for together with --kernel" >&2
exit 1
fi
kernels="${1}"
shift
;;
-l|--logfile)
shift
if [[ ! -n "${1}" ]] ; then
echo "ERROR: Please provide a filename together with --logfile" >&2
exit 1
fi
logfile="${1}"
shift
;;
-o|--outputdir)
shift
if [[ ! -n "${1}" ]] ; then
echo "ERROR: Please provide the output directory together with --outputdir" >&2
exit 1
fi
outputdir="${1}"
shift
;;
-t|--target)
shift
if [[ ! -n "${1}" ]] ; then
echo "ERROR: Please provide the target-arch together with --target" >&2
exit 1
fi
target="${1}"
shift
;;
-v|--verbose)
let verboselevel++
shift
;;
-q|--quiet)
let verboselevel--
shift
;;
-h|--help)
myprog_help
exit 0
;;
-V|--version)
echo "${myprog} ${myver}"
exit 0
;;
--*)
echo "Error: Unknown option '${1}'." >&2
myprog_help >&2
exit 2
;;
*)
srpms="${srpms} ${1}"
shift
;;
esac
done

# sanity checks
init

# go
for srpm in ${srpms}; do
process_srpm ${srpm}
returncode=$?

if (( ${returncode} != 0 )) ; then
finally
exit ${returncode}
fi
done

# finished
finally

exit 0

47
SOURCES/akmodsposttrans
Unescape View File

@ -0,0 +1,47 @@ @@ -0,0 +1,47 @@
#!/bin/bash -
#
# akmodposttrans - Calls akmods for newly installed kernels
#
# Copyright (c) 2009 Thorsten Leemhuis <fedora@leemhuis.info>
# Copyright (c) 2017 Nicolas Chauvet <kwizart@gmail.com>
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#

# just check in case a user calls this directly
if [[ ! -w /var ]] ; then
echo "Needs to run as root to be able to install rpms." >&2
exit 4
fi

# needs to run in background as rpmdb might be locked otherwise
if [ -e /bin/systemctl ] ; then
# Exit early if system-update.target is active - rhbz#1518401
/bin/systemctl is-active system-update.target &>/dev/null
RET=$?

[ $RET == 0 ] && exit 0

/bin/systemctl restart akmods@${1}.service --no-block >/dev/null 2>&1
else
nohup /usr/sbin/akmods --from-kernel-posttrans --kernels ${1} > /dev/null 2>&1 &
fi

exit 0

41
SOURCES/cacert.config.in
Unescape View File

@ -0,0 +1,41 @@ @@ -0,0 +1,41 @@
# Default OpenSSL settings and configuration file for kmodgenca
# shell-script.
#
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
prompt = no
utf8 = yes
string_mask = utf8only
x509_extensions = req_exts

[ req_distinguished_name ]
# Values settings
#
0.organizationName = Organization Name (eg, company)
organizationalUnitName = Organizational Unit Name (eg, section)
emailAddress = Email Address
emailAddress_max = 64
localityName = Locality Name (eg, city)
stateOrProvinceName = State or Province Name (full name)
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64

# Default values
#
0.organizationName_default = akmods local
organizationalUnitName_default = akmods
emailAddress_default = akmods@localhost.localdomain
localityName_default = None
stateOrProvinceName_default = None
countryName_default = XX
commonName_default = akmods local signing CA

[ req_exts ]
basicConstraints = critical,CA:FALSE
keyUsage = digitalSignature
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid

416
SPECS/akmods.spec
Unescape View File

@ -0,0 +1,416 @@ @@ -0,0 +1,416 @@
Name: akmods
Version: 0.5.7
Release: 8%{?dist}
Summary: Automatic kmods build and install tool

License: MIT
URL: http://rpmfusion.org/Packaging/KernelModules/Akmods

# We are upstream, these files are maintained directly in pkg-git
Source0: 95-akmods.preset
Source1: akmods
Source2: akmodsbuild
Source3: akmods.h2m
Source5: akmodsposttrans
Source6: akmods.service.in
Source7: akmods-shutdown
Source8: akmods-shutdown.service
Source9: README
Source10: LICENSE
Source11: akmods@.service
Source12: akmods-ostree-post
Source13: 95-akmodsposttrans.install
Source14: akmods.log
Source15: README.secureboot
Source16: cacert.config.in
Source17: akmods-kmodgenca
Source18: akmods-keygen.target
Source19: akmods-keygen@.service
Source20: %{name}-tmpfiles.conf

BuildArch: noarch

BuildRequires: help2man

# not picked up automatically
%if 0%{?rhel} == 6
Requires: %{_bindir}/nohup
%endif
Requires: %{_bindir}/flock
Requires: %{_bindir}/time

# needed for actually building kmods:
Requires: %{_bindir}/rpmdev-vercmp
Requires: kmodtool >= 1.1-1

# needed to create CA/Keypair to sign modules
Requires: openssl

# this should track in all stuff that is normally needed to compile modules:
Requires: bzip2 coreutils diffutils file findutils gawk gcc grep
Requires: gzip make sed tar unzip util-linux which rpm-build

# On EL, kABI list was renamed
%if 0%{?rhel}
%if 0%{?rhel} >= 8
Requires: (kernel-abi-stablelists or kernel-abi-whitelists)
%else
Requires: kernel-abi-whitelists
%endif
%endif

%if 0%{?fedora} || 0%{?rhel} > 7
# We use a virtual provide that would match either
# kernel-devel or kernel-PAE-devel
Requires: kernel-devel-uname-r
# kernel-devel-matched enforces the same kernel version as the -devel
%if 0%{?fedora} >= 36 || 0%{?rhel} >= 9
Requires: (kernel-debug-devel-matched if kernel-debug-core)
Requires: (kernel-devel-matched if kernel-core)
Requires: (kernel-lpae-devel-matched if kernel-lpae-core)
%else
Suggests: (kernel-debug-devel if kernel-debug)
Suggests: (kernel-devel if kernel)
Suggests: (kernel-lpae-devel if kernel-lpae)
%endif
Suggests: (kernel-PAE-devel if kernel-PAE)
Suggests: (kernel-PAEdebug-devel if kernel-PAEdebug)
# Theses are from planetccrma-core or rhel-7-server-rt-rpms
Suggests: (kernel-rt-devel if kernel-rt)
Suggests: (kernel-rtPAE-devel if kernel-rtPAE)
%else
# There is no much variant there, so using a sane default
Requires: kernel-devel
%endif

# we create a special user that used by akmods to build kmod packages
Requires(pre): shadow-utils

# systemd unit requirements.
BuildRequires: systemd
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
# Optional but good to have on recent kernel
Requires: pkgconfig(libelf)


%description
Akmods startup script will rebuild akmod packages during system
boot, while its background daemon will build them for kernels right
after they were installed.


%prep
%setup -q -c -T
cp -p %{SOURCE9} %{SOURCE10} %{SOURCE15} .


%build
# Nothing to build


%install
mkdir -p %{buildroot}%{_usrsrc}/%{name} \
%{buildroot}%{_sbindir} \
%{buildroot}%{_sysconfdir}/rpm \
%{buildroot}%{_sysconfdir}/pki/%{name}/certs \
%{buildroot}%{_sysconfdir}/pki/%{name}/private \
%{buildroot}%{_sysconfdir}/kernel/postinst.d \
%{buildroot}%{_sysconfdir}/logrotate.d \
%{buildroot}%{_localstatedir}/cache/%{name} \
%{buildroot}%{_localstatedir}/log/%{name} \
%{buildroot}%{_tmpfilesdir}

install -pm 0755 %{SOURCE1} %{buildroot}%{_sbindir}/
install -pm 0755 %{SOURCE2} %{buildroot}%{_sbindir}/
install -pm 0755 %{SOURCE12} %{buildroot}%{_sbindir}/
install -pm 0755 %{SOURCE5} %{buildroot}%{_sysconfdir}/kernel/postinst.d/
install -pm 0644 %{SOURCE14} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
install -pm 0640 %{SOURCE16} %{buildroot}%{_sysconfdir}/pki/%{name}/
install -pm 0755 %{SOURCE17} %{buildroot}%{_sbindir}/kmodgenca
install -pm 0644 %{SOURCE20} %{buildroot}%{_tmpfilesdir}/%{name}.conf
install -dpm 0770 %{buildroot}%{_rundir}/%{name}/

mkdir -p %{buildroot}%{_prefix}/lib/kernel/install.d
install -pm 0755 %{SOURCE13} %{buildroot}%{_prefix}/lib/kernel/install.d/
mkdir -p \
%{buildroot}%{_unitdir} \
%{buildroot}%{_presetdir}
sed "s|@SERVICE@|display-manager.service|" %{SOURCE6} >\
%{buildroot}%{_unitdir}/akmods.service
install -pm 0644 %{SOURCE0} %{buildroot}%{_presetdir}/
install -pm 0755 %{SOURCE7} %{buildroot}%{_sbindir}/
install -pm 0644 %{SOURCE8} %{buildroot}%{_unitdir}/
install -pm 0644 %{SOURCE11} %{buildroot}%{_unitdir}/
install -pm 0644 %{SOURCE18} %{buildroot}%{_unitdir}/
install -pm 0644 %{SOURCE19} %{buildroot}%{_unitdir}/

# Generate and install man pages.
mkdir -p %{buildroot}%{_mandir}/man1
help2man -N -i %{SOURCE3} -s 1 \
-o %{buildroot}%{_mandir}/man1/akmods.1 \
%{buildroot}%{_sbindir}/akmods
help2man -N -i %{SOURCE3} -s 1 \
-o %{buildroot}%{_mandir}/man1/akmodsbuild.1 \
%{buildroot}%{_sbindir}/akmodsbuild


%pre
# create group and user
getent group akmods >/dev/null || groupadd -r akmods
getent passwd akmods >/dev/null || \
useradd -r -g akmods -d /var/cache/akmods/ -s /sbin/nologin \
-c "User is used by akmods to build akmod packages" akmods

%post
%systemd_post akmods.service
%systemd_post akmods@.service
%systemd_post akmods-shutdown.service

%preun
%systemd_preun akmods.service
%systemd_preun akmods@.service
%systemd_preun akmods-shutdown.service

%postun
%systemd_postun akmods.service
%systemd_postun akmods@.service
%systemd_postun akmods-shutdown.service


%files
%doc README README.secureboot
%license LICENSE
%{_sbindir}/akmodsbuild
%{_sbindir}/akmods
%{_sbindir}/akmods-ostree-post
%{_sbindir}/kmodgenca
%dir %attr(750,root,akmods) %{_sysconfdir}/pki/%{name}/certs
%dir %attr(750,root,akmods) %{_sysconfdir}/pki/%{name}/private
%config(noreplace) %attr(640,root,akmods) %{_sysconfdir}/pki/%{name}/cacert.config.in
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%{_sysconfdir}/kernel/postinst.d/akmodsposttrans
%{_unitdir}/akmods.service
%{_unitdir}/akmods@.service
%{_sbindir}/akmods-shutdown
%{_unitdir}/akmods-shutdown.service
%{_prefix}/lib/kernel/install.d/95-akmodsposttrans.install
%attr(0644,root,root) %{_unitdir}/akmods-keygen.target
%attr(0644,root,root) %{_unitdir}/akmods-keygen@.service
%dir %attr(0770,root,akmods) %{_rundir}/%{name}
%{_tmpfilesdir}/%{name}.conf
# akmods was enabled in the default preset by f28
%if 0%{?rhel}
%{_presetdir}/95-akmods.preset
%else
%exclude %{_presetdir}/95-akmods.preset
%endif
%{_usrsrc}/akmods
%dir %attr(-,akmods,akmods) %{_localstatedir}/cache/akmods
%dir %attr(0775,root,akmods) %{_localstatedir}/log/%{name}
%{_mandir}/man1/*


%changelog
* Wed May 04 2022 Nicolas Chauvet <kwizart@gmail.com> - 0.5.7-8
- Fix logrotate permission access to /var/log/akmods directory - rhbz#2078490
- Rename logrotate config file

* Wed Mar 09 2022 Timothée Ravier <tim@siosm.fr> - 0.5.7-7
- Use 'Require' instead of 'Suggest' for kernel*-devel packages.

* Thu Jan 27 2022 Nicolas Viéville <nicolas.vieville@uphf.fr> - 0.5.7-6
- Adapt usage of lockfile to systemd-tmpfiles
- Re-locate akmods logs in /var/log

* Wed Jan 26 2022 Timothée Ravier <tim@siosm.fr> - 0.5.7-5
- Use kernel*-core variants in conditional Suggests

* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

* Mon Dec 20 2021 Nicolas Chauvet <kwizart@gmail.com> - 0.5.7-3
- Drop perl-interpeter
- Drop akmodsinit
- Only use preset on rhel
- kernel-devel-matched support
see also https://src.fedoraproject.org/rpms/akmods/pull-request/7

* Fri Dec 10 2021 Nicolas Chauvet <kwizart@gmail.com> - 0.5.7-2
- Bump kmodtool requirement
- Rename kABI list
- Drop EL6 support
- Switch to distro agnostic deps

* Fri Oct 22 2021 Nicolas Viéville <nicolas.vieville@uphf.fr> - 0.5.7-1
- Add local akmods CA signing keys and support tools to sign modules for
Secure boot thanks to Stanislas Leduc <stanislas.leduc@balinor.net>
- Add akmods-keygen service to generate MOK key pair on first run

* Fri Oct 22 2021 Nicolas Viéville <nicolas.vieville@uphf.fr> - 0.5.6-29
- Remove trailing spaces and clean-up
- Use %%{name} when possible
- Convert if statement from "[!] $variable" to "[!] -n $variable"
- Fix kernel list build when parsing command line options
- Ensure to build for grub default kernel
- Improve detection of already installed (weak-)modules in akmods (RHEL)
- akmods uses logrotate and clean-up /var/cache/akmods sub-directories of
old logs and rpm files from no more installed kmod packages
(rhbz #1542658).

* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-28
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-27
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Wed Nov 20 2019 Nicolas Viéville <nicolas.vieville@uphf.fr> - 0.5.6-24
- Check kernel presence differently for systemd-boot machines - rhbz#1769144

* Wed Oct 16 2019 Leigh Scott <leigh123linux@googlemail.com> - 0.5.6-23
- Add requires kernel-abi-whitelists for RHEL

* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Mon May 20 2019 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-21
- Add check for rhel8

* Wed May 15 2019 Nicolas Viéville <nicolas.vieville@uphf.fr> - 0.5.6-20
- Fix akmodsposttrans after kernel update/install on Fedora >= 28 and
RHEL >= 7 - rhbz#1709055

* Thu Feb 28 2019 Alexander Larsson <alexl@redhat.com> - 0.5.6-19
- Support ostree/silverblue builds - rhbz#1667014

* Thu Feb 28 2019 Hans de Goede <hdegoede@redhat.com>
- Do not fail when the old initscripts pkg is not installed - rhbz#1680121

* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Mon Nov 05 2018 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-17
- Don't enforce target arch - rhbz#1644430
- Rework log file path
- Avoid using /usr/lib/modules for el6 compat

* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Mon Mar 26 2018 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-15
- Add inihibitor for akmods@.service
- Use restart on akmodsposttrans

* Mon Mar 26 2018 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-14
- Switch to always retry by default
- Drop akmods preset by f28
- Don't enable service on ah
- Test a rw directory

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Wed Dec 13 2017 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-12
- Update kernel posttrans method - rhbz#1518401

* Thu Aug 03 2017 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-11
- Rework kernel-devel requires on el

* Thu Aug 03 2017 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-10
- Enable suggests on fedora
- Add back el6 support in spec
- Add Requires elfutils-libelf-devel

* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.6-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

* Thu Jul 13 2017 Petr Pisar <ppisar@redhat.com> - 0.5.6-8
- perl dependency renamed to perl-interpreter
<https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules>

* Thu May 4 2017 Hans de Goede <hdegoede@redhat.com> - 0.5.6-7
- "udevadm trigger" may have bad side-effects (rhbz#454407) instead
look for modalias files under /sys/devices and call modprobe directly
- Fix exit status when no akmod packages are installed, so that systemd
does not consider the akmods.service as having failed to start

* Wed May 3 2017 Hans de Goede <hdegoede@redhat.com> - 0.5.6-6
- Run "udevadm trigger" and "systemctl restart systemd-modules-load.service"
when new kmod packages have been build and installed so that the new
modules may be used immediately without requiring a reboot

* Mon Mar 6 2017 Hans de Goede <hdegoede@redhat.com> - 0.5.6-5
- Add LICENSE file (rhbz#1422918)

* Fri Feb 24 2017 Hans de Goede <hdegoede@redhat.com> - 0.5.6-4
- Replace %%{_prefix}/lib/systemd/system-preset with %%{_presetdir}

* Thu Feb 16 2017 Hans de Goede <hdegoede@redhat.com> - 0.5.6-3
- Submit to Fedora for package review

* Mon Nov 28 2016 Nicolas Chauvet <kwizart@gmail.com> - 0.5.6-2
- Use Suggests kernel-devel weak-dependency - see rfbz#3386

* Fri Oct 14 2016 Richard Shaw <hobbes1069@gmail.com> - 0.5.6-1
- Disable shutdown systemd service file by default.
- Remove modprobe line from main service file.

* Wed Aug 17 2016 Sérgio Basto <sergio@serjux.com> - 0.5.4-3
- New release

* Sun Jan 03 2016 Nicolas Chauvet <kwizart@gmail.com> - 0.5.4-2
- Revert conflicts kernel-debug-devel

* Thu Jul 23 2015 Richard Shaw <hobbes1069@gmail.com> - 0.5.4-1
- Do not mark a build as failed when only installing the RPM fails.
- Run akmods-shutdown script instead of akmods on shutdown.
- Add systemd preset file to enable services by default.

* Wed Jul 15 2015 Richard Shaw <hobbes1069@gmail.com> - 0.5.3-2
- Add package conflicts to stop pulling in kernel-debug-devel, fixes BZ#3386.
- Add description for the formatting of the <kernel> parameter, BZ#3580.
- Update static man pages and clean them up.
- Fixed another instance of TMPDIR causing issues.
- Added detection of dnf vs yum to akmods, fixed BZ#3481.

* Wed Apr 1 2015 Richard Shaw <hobbes1069@gmail.com> - 0.5.2-1
- Fix temporary directory creation when TMPDIR environment variable is set,
fixes BZ#2596.
- Update systemd scripts to use macros.
- Fix akmods run on shutdown systemd unit file, fixes BZ#3503.

* Sun Nov 16 2014 Nicolas Chauvet <kwizart@gmail.com> - 0.5.1-4
- Fix akmods on armhfp - rfbz#3117
- Use yum instead of rpm to install packages - rfbz#3350
Switch to a better date format

* Fri Jan 11 2013 Richard Shaw <hobbes1069@gmail.com> - 0.5.1-3
- Really fix akmods.service.in.

* Fri Jun 01 2012 Richard Shaw <hobbes1069@gmail.com> - 0.5.1-2
- Add service file to run again on shutdown.
- Add conditional for Fedora 18 to specify correct systemd graphical service.

* Thu Apr 12 2012 Nicolas Chauvet <kwizart@gmail.com> - 0.4.0-4
- Rebuilt

* Tue Mar 20 2012 Richard Shaw <hobbes1069@gmail.com> - 0.4.0-3
- Add additional error output if the needed kernel development files are not
installed. (Fixes #561)

* Mon Mar 05 2012 Richard Shaw <hobbes1069@gmail.com> - 0.4.0-2
- Remove remaining references to previous Fedora releases
- Remove legacy SysV init script from CVS.
- Added man page for akmods and cleaned up man page for akmodsbuild.

* Tue Feb 07 2012 Nicolas Chauvet <kwizart@gmail.com> - 0.4.0-1
- Update for UsrMove support
- Remove unused references to older fedora
- Change Requires from kernel-devel to kernel-devel-uname-r
Write Preview
Loading…
Cancel
Save