[Bug 1771338] New: Review Request: Intel SecL Verification Service - Remote Attestation Server
https://bugzilla.redhat.com/show_bug.cgi?id=1771338
Bug ID: 1771338 Summary: Review Request: Intel SecL Verification Service - Remote Attestation Server Product: Fedora Version: rawhide Hardware: All OS: Linux Status: NEW Component: Package Review Severity: medium Assignee: nobody@fedoraproject.org Reporter: timothy.e.knoll@intel.com QA Contact: extras-qa@fedoraproject.org CC: package-review@lists.fedoraproject.org Target Milestone: --- Classification: Fedora
Spec URL: https://01.org/sites/default/files/downloads//verification-service-1.5.1.zip SRPM URL: https://01.org/sites/default/files/downloads//verification-service-1.5.1.zip Spec and SRPM are bundled into a single zip file.
Description: This package provides the Host Verification Service component of Intel Security Libraries for Datacenter. This service is the primary server component of ISecL, used to provide a remote attestation authority for establishing platform integrity using Intel security features like Intel TXT and Intel Boot Guard. Remote attestation provides a method by which TCG-defined measurements in a server TPM can be securely quoted and compared against expected values to determine whether the integrity of any measured component has been compromised. The Verification Service acts as the remote attestation authority and maintains a database of user-defined expected measurements values, and provides an intelligent verification engine that allows easy centralized management of expected measurements and supports a variety of root-of-trust configurations.
Fedora Account System Username: teknoll
https://bugzilla.redhat.com/show_bug.cgi?id=1771338
Neil Horman nhorman@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |nhorman@redhat.com Blocks| |177841 (FE-NEEDSPONSOR) Doc Type|--- |If docs needed, set a value
--- Comment #1 from Neil Horman nhorman@redhat.com --- Adding FE-NEEDSPONSOR, as the submitter is not currently a packager
Submission is in incorrect format, should not be zipped into a single file, SPEC url and SRPM URL should point to those files specifically, so that fedora-review works with the BZ
package fails to build: [exec] main: [exec] [mkdir] Created dir: /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/dist [exec] [mkdir] Created dir: /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/dist-deps [exec] [touch] Creating /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/dist/builder/x [exec] [exec] PREFIX=/opt/mtwilson/share/hex2bin [exec] [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied [exec] [exec] gcc -fstack-protector-strong -fPIE -fPIC -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -o hex2bin hex2bin.c -z noexecstack -z relro -z now -pie [exec] [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied [exec] [exec] chmod +x hex2bin [exec] [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied [exec] [exec] mkdir -p /opt/mtwilson/share/hex2bin/bin [exec] [exec] make: *** [Makefile:13: install] Error 1 [exec] [exec] Failed to make install hex2bin [exec] [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied [exec] [exec] make: *** [Makefile:13: install] Error 1 [exec] [INFO] ------------------------------------------------------------------------ [exec] [INFO] Reactor Summary: [exec] [INFO] [exec] [INFO] hex2bin-dist 1.0 ................................... FAILURE [ 1.931 s] [exec] [INFO] mtwilson-maven-build-contrib-features 1.1 .......... SKIPPED [exec] [INFO] ------------------------------------------------------------------------ [exec] [INFO] BUILD FAILURE [exec] [INFO] ------------------------------------------------------------------------ [exec] [INFO] Total time: 2.053 s [exec] [INFO] Finished at: 2019-11-18T13:49:48-05:00 [exec] [INFO] ------------------------------------------------------------------------ [exec] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-antrun-plugin:1.7:run (default-cli) on project hex2bin-dist: An Ant BuildException has occured: exec returned: 2 [exec] [ERROR] around Ant part ...<exec failonerror="true" dir="/home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target" executable="/bin/bash">... @ 27:122 in /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/antrun/build-main.xml [exec] [ERROR] -> [Help 1] [exec] [ERROR] [exec] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [exec] [ERROR] Re-run Maven using the -X switch to enable full debug logging. [exec] [ERROR] [exec] [ERROR] For more information about the errors and possible solutions, please read the following articles: [exec] [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException [exec] Result: 1
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=177841 [Bug 177841] Tracker: Review requests from new Fedora packagers who need a sponsor
https://bugzilla.redhat.com/show_bug.cgi?id=1771338
Petr Pisar ppisar@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |ppisar@redhat.com
--- Comment #2 from Petr Pisar ppisar@redhat.com --- A summary of this bug report is invalid. Review requests must have this format:
Review Request: PACKAGE_NAME - PACKAGE_SUMMARY
The review request must link to _directly_ downloadable SPEC and SRPM files. Hiding them into a ZIP archive is not the right way.
https://bugzilla.redhat.com/show_bug.cgi?id=1771338
Tim Knoll timothy.e.knoll@intel.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |timothy.e.knoll@intel.com
--- Comment #3 from Tim Knoll timothy.e.knoll@intel.com --- We have re-uploaded the source RPM and spec files to a new location:
Spec URL: https://github.com/intel-secl/verification-service/blob/v1.5.1/packages/host... SRPM URL: https://github.com/intel-secl/verification-service/blob/v1.5.1/packages/host...
We are currently still working through the Koji build failures and will update once we have a resolution.
I'll also update the title to meet the format requirement.
https://bugzilla.redhat.com/show_bug.cgi?id=1771338
Petr Pisar ppisar@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Review Request: |Review Request: |host-verification-service-4 |host-verification-service - |.5-1 - Intel SecL |RPM Package for ISecL Host |Verification Service Remote |Verification Service |Attestation Server |Component
https://bugzilla.redhat.com/show_bug.cgi?id=1771338
Sumit sumitx.srivastav@intel.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sumitx.srivastav@intel.com
--- Comment #4 from Sumit sumitx.srivastav@intel.com --- Hi Guys,
As i am new to this can you please tell how you are trying to review this package. I am using fedora rawhide server (VERSION_ID=32)
1. For me it is saying package is not in correct format.
I manually downloaded the srpm file , then tried to run it, but getting below errors
Step1: wget https://github.com/intel-secl/verification-service/blob/v1.5.1/packages/host...
[root@localhost ~]# rpm -qpl host-verification-service-4.5-1.el7.src.rpm error: host-verification-service-4.5-1.el7.src.rpm: not an rpm package (or package manifest)
[root@localhost ~]# fedora-review --rpm-spec -n host-verification-service-4.5-1.el7.src.rpm INFO: Processing local files: host-verification-service-4.5-1.el7.src.rpm INFO: Getting .spec and .srpm Urls from : Local files in /root INFO: --> SRPM url: file:///root/host-verification-service-4.5-1.el7.src.rpm INFO: Using review directory: /root/host-verification-service argument is not an RPM package cpio: premature end of archive WARNING: Cannot unpack /root/host-verification-service/srpm/host-verification-service-4.5-1.el7.src.rpm into /root/host-verification-service/srpm-unpacked argument is not an RPM package cpio: premature end of archive WARNING: Cannot unpack /root/host-verification-service/srpm/host-verification-service-4.5-1.el7.src.rpm into /root/host-verification-service/srpm-unpacked ERROR: 'Cannot find spec file in srpm' (logs in /root/.cache/fedora-review.log)
https://bugzilla.redhat.com/show_bug.cgi?id=1771338
Didik Supriadi didiksupriadi41@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |didiksupriadi41@gmail.com Flags| |needinfo?(timothy.e.knoll@i | |ntel.com)
package-review@lists.fedoraproject.org
-
bugzilla@redhat.com