| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: python3-keylime | Distribution: SUSE Linux Enterprise 15 |
| Version: 6.3.2 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 150400.4.14.1 | Build date: Thu Oct 27 13:48:42 2022 |
| Group: Unspecified | Build host: sheep64 |
| Size: 1801017 | Source RPM: keylime-6.3.2-150400.4.14.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://github.com/keylime/keylime | |
| Summary: Open source TPM software for Bootstrapping and Maintaining Trust | |
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.
Apache-2.0 AND MIT
* Wed Oct 26 2022 [email protected]
- Backport CVE-2022-3500.patch (CVE-2022-3500) (bsc#1204782)
+ Moderate vulnerability where a node can seems as attested when in
reality it is not properly attested
* Tue Jul 26 2022 [email protected]
- Drop cfssl default in keylime.conf patch (bsc#1201866)
* Thu Jul 14 2022 [email protected]
- Use chown -h to adjust persmissions for downgrade migration. This
skip following symlinks and make the migration possible
(bsc#1201466)
- Add logrotate configuration for the services
- Create run directory as non-root user
- Conflict with rust-keylime
- Consolidate in _distconfdir when possible
- Add fix_exit.diff patch, to exit properly in SLE
* Thu Jun 23 2022 [email protected]
- Remove user downgrade mechanism from the package (CVE-2022-31250, bsc#1200885)
* Wed May 18 2022 [email protected]
- Fix "run_as" configuration parameter and set it to keylime:tss
- Improve downgrade user migration during package update
- Add patches (CVE-2022-1053, boo#1199253):
+ CVE-2022-1053-01.patch
+ CVE-2022-1053-02.patch
+ CVE-2022-1053-03.patch
+ CVE-2022-1053-04.patch
* Wed Apr 13 2022 [email protected]
- Update to version v6.3.2:
* general: bump Keylime version to 6.3.2
* tpm_main: flush transient objects
* pypi: add notice that the Python API is unstable
* installer: use OpenSSL by default
* Avoid mounting secdir while unmounting it
* remove TPM, VTPM and IMA stubbing support
* archive: remove all archive files
* Change GH reviewers to be from developer group
* added suse / opensuse support with zypper
* Fix tpm import in test_tpm.py
* Fix cfssl configuration in run_tests.sh
* tpm_emulator: improve TPM emulator installation
* config: Add option to enable DB debugging via DEBUG_DB env var
* Enable SQL query cache for JSONPickleType
* tpm_emulator: move everything into systemd services
* Implement broader key support for Keylime's signing mechanisms
* tenant: Use exponential backoff on key verification retries
* tenant: Move JSON parsing to capture possible exceptions
* tenant: Move verifier stop from do_quote to do_verify
* pylint: Fix issues related to W0602 global-variable-not-assigned
* tenant: Handle 404 error from registrar gracefully
* pylint: Fix remaining code with issue R1732 consider-using-with
* pylint: Fix R1732 consider-using-with
* pylint: Fix issue detected by pylint-2.13.0
* pylint: Fix issue detected by pylint-2.13.0
* tenant: verify agent quote before adding to verifier
* README: remove tpm2-abrmd and OSX sections
* pylint: Fix issues related to W0102 dangerous-default-value
* pylint: Fix R0201 no-self-use
* pylint: remove W1203 logging-format-interpolation from ignore list
* pylint: remove R1729 use-a-generator from ignore list
* pylint: remove E1120 no-value-for-parameter from ignore list
* pylint: remove W1201 logging-not-lazy from ignore list
* pylint: fix C0209 consider-using-f-string
* pylint: fix C0201 consider-iterating-dictionary
* pylint: fix W1509 subprocess-popen-preexec-fn
* keylime_tenant non-zero exit code on error
* Fix prepare step adjustments in packit-ci.fmf plan
* failure: fix Pattern type hint
* mypy: add initial Mypy configuration
* ima_ast: add type hints
* failure: add type hints
* logging, config: add type hints for logging module
* algorithms: add type hints
* json: add type hints and add JSONType as custom type
* Full allowlist processing when not adding host
* provider, vTPM: remove vTPM manager and provider code
* tpm: fix that the set of missing PCRs is not serializable in failure
* Restores the option to use keylime agents without mTLS
* services: make the services run as keylime user instead of root
* State in --help that SHA-256 is used for --allowlist-checksum
* config: change cacert.pem to cacert.crt
* registrar_client: validate connections against registrar ca certificate
* tenant: validate connections against verifier ca certificate
* request_client: only add custom adapter if TLS is enabled
* setup: add static assets for webapp
* Add TESTING.md describing testing details
* Fix some remaining log format strings
* Fix for database_url parameter with sqlite
* Enable test basic-attestation-with-unpriviledged-agent in Packit CI
* Use lazy string formatting when logging (#535)
* Make Packit CI plan more resource-saving
* keylime.conf: Document setting ownership in WORK_DIR (/var/lib/keylime)
* agent: Make sure tmpfs is empty even if not mounted or cannot unmount
* agent: Drop privileges by switching to normal user and group
* agent: Move mounting of tmpfs towards beginning of main()
* agent: Read measured boot log near process start
* agent: Open file for IMA log file near process start
* ima: Refactor read_measurement_list() to take file as argument
* Add the policy name to failure event
* tpm_main: Check if tpm_cert_store exists (#553)
* Remove tag input from container build workflow
* Push container images to quay.io/keylime org
* Enable code coverage measurement for e2e tests in Packit CI
* config: fix config search order
* Add defaults for ephemeral keys for agent records
* Update outdated greetings Github messages
* services: add keylime_agent_secure.mount service
* installer.sh: updated tpm2-{tools, tss}, use system packages if possible
* revocation_notifier: convert the data to str in the notifiers
* revocation_notifier: mark webhook threads as daemon and add timeout
* Fix Packit CI test plan Summary
* Enable Packit CI testing on CentOS Stream 8
* Enable Packit CI testing on Fedora Rawhide
* Remove last trace of TPM 1.2 (hopefully)
* verifier: remove start_tornado() function
* verifier: wait for connections to be closed before stopping ioloop
* revocation_notifier: kill ZeroMQ broker if it blocks more than 5s
* Add more e2e tests to Packit CI
* Enable EPEL repo on CentOS Stream in packit.yaml
- Drop already merged patches
* drop_privileges_of_agent_process_after_startup.patch
* config_fix_config_search_order.patch
* services_add_keylime_agent_secure_mount_service.patch
* Thu Feb 24 2022 [email protected]
- Add upstream patches:
* drop_privileges_of_agent_process_after_startup.patch
* config_fix_config_search_order.patch
* services_add_keylime_agent_secure_mount_service.patch
- Configure the agent to run as non-root (via keylime.conf)
- Add keylime sysuser conf file and deploy as part of the tpm
certificate subpackage
- Prepare the systemd mount unit for /var/lib/keylime/secure
* Thu Feb 24 2022 [email protected]
- Drop patches beacuse merged upstream:
* version.diff
* cloud_verifier_tornado-use-fork_processes.patch
- Drop binaries not used anymore:
* keylime_provider_platform_init
* keylime_provider_registrar
* keylime_provider_vtpm_add
- Update to version v6.3.1:
* revocation_notifier: mark webhook threads as daemon and add timeout
* Fix Packit CI test plan Summary
* Enable Packit CI testing on CentOS Stream 8
* Enable Packit CI testing on Fedora Rawhide
* Remove last trace of TPM 1.2 (hopefully)
* verifier: remove start_tornado() function
* verifier: wait for connections to be closed before stopping ioloop
* revocation_notifier: kill ZeroMQ broker if it blocks more than 5s
* Add more e2e tests to Packit CI
* Enable EPEL repo on CentOS Stream in packit.yaml
* agent, crypto: add localhost, server and contact ip to agent certificate
* Add better default repo path for run_local.sh
* Fix incorrect variable name in test_restful
* Run existing agent tests against the rust-keylime agent
* Fix small wording mistakes caught while reading the code
* agent: move key and certificate logging levels from debug to info
* agent: allow absolute paths for rsa_keyname and mtls_cert
* Add missing backend parameter
* cloud_verifier_tornado: use fork_processes
* ci: automatically push release to PyPI
* setup.{py,cfg}: Move setup configuration to setup.cfg
* Add iproute tool to Dockerfile
* Pylint does not like single-line functions.
* A small beauty fix
* This is a small fix to proactively fix Issue #840 by identifying non-escaped double quotes in the tpm2-tools output
* setup.py: add version number and new Python versions, drop unsed binaries
* setup.py, config: install default configuration into package path
* ci: move old keylime.conf to keylime.conf.orig before running tests
* retry: fix pylint issue
* Adding Infineon Optiga 034 RSA and ECC certificates for Infineon SLB9675 devices.
* Ensure columns "mb_refstate" and "allowlist" are of type LONGTEXT in table "verifiermain"
* tenant: add exponential backoff option to retry timings
* cloud verifier: add exponential backoff option to retry timings
* tpm: add exponential backoff option to retry timings
* test, retry: add unit test for retry algorithm
* common: add algorithm for retry time calculation
* registrar, tpm_main: ensure that correct types are commited to DB.
* Fix typo for config param listen_notifications
* Lint is _really_ unhappy today.
* Linty fixes
* Adding a unit test file for tpm_main
* tpm_main: check if PCRs for the hash algorithm are available
* tpm_main: handle if tpm2_checkquote returns no PCRs for a hash algorithm
* agent: output supported_version as result not as a status
* Add missing subcommands to -c help message
* tests: fix mtls_cert generation in test_restful.py
* revocation_notifier: fix socket path permission check
* Remove unused database_query config param
* Move umask calls only on entry points
* config: move directory utilities to fs_util
* Mon Feb 07 2022 [email protected]
- Change back agent_uuid to hostname
- Set tpm_hash_alg to sha256 by default
- Update version.diff patch to point to the correct version number
- Fix issue with Tornado, when multiple workers are started
* Add cloud_verifier_tornado-use-fork_processes.patch (bsc#1195605)
* Thu Jan 27 2022 [email protected]
- Drop patches beacuse merged upstream:
* 0001-Drop-dataclasses-module-usage.patch
* 0001-config-support-merge-multiple-config-files.patch
* 0001-ca-support-back-old-cyptography-API.patch
- Update to version v6.3.0:
* Coordinated update to fix:
+ bsc#1193997 (CVE-2022-23948)
+ bsc#1193998 (CVE-2021-43310)
+ bsc#1194000 (CVE-2022-23949)
+ bsc#1194002 (CVE-2022-23950)
+ bsc#1194004 (CVE-2022-23951)
+ bsc#1194005 (CVE-2022-23952)
* secure_mount: add umount function
* secure_mount: use /proc/self/mountinfo
* Validate user ID in all public interfaces
* validators: add uuid and agent_id validators
* validators: create validators module
* revocation_notifier: move zmq socket to /var/run/keylime
* Update API version from 1.0 to 2.0
* tpm: do not compress quote with zlib by default
* verifier: persist AK and mTLS certificate to DB
* verifier: use "supported_version" for agent connections
* tenant: add support for "supported_version" option for the verifier
* api_version: add the option for basic validation
* verifier: add supported_version field to DB and API
* agent: add /version to REST API
* verifier, tenant: allow agents to not use mTLS
* tenant, verifier: allow manual configuration of agent mTLS
* tests: migrate to mTLS
* tenant: connect to the agent via mTLS
* verifier: connect to the agent via mTLS
* tornado_requests: handle SSLError
* web_util: add mTLS context generation for agent
* agent: Enable mTLS for agent REST API
* crypto: add helper function for creating self signed certs
* registrar: Allow the agent to registrar with a mTLS certificate
* request_client: add workaround for handling certificates
* request_client: add the option to ignore hostname validation
* Better docs and errors about IMA hash mismatches
* tests: use JSON instead Python string for IMA tests
* verifier: use json.loads(..) instead of ast.literal_eval(..)
* Adding Nuvoton certificate for a post 2020 TPM device. The EK cert
of the device directs to the following download site:
'https://www.nuvoton.com/security/NTC-TPM-EK-Cert/Nuvoton TPM Root
CA 1111.cer' (yes, including the spaces)
* Improve revocation notifier IP description in keylime.conf
* tornado_requests: set Content-Type header correctly for JSON
* tenant: post U key to agent with correct Content-Type header
* Explicitly set permissions on new keylime.conf files installed
* tpm_main: close file descriptor for aik handle
* verifier: do not call finish() twice
* agent: fix payload execution
* tests: add initial tests for web_util module
* config, web_util: move get_restful_params(..) to web_util
* verifier: Also retry on HTTP 500 status code
* agent: improve startup and shutdown
* registrar: cleanup start function
* web_util: move echo_json_response(..) out of config.py
* verifier: fix failure generation for V key
* tornado_requests: cleanup TornadoResponse class
* web_util, verifier: move mTLS SSLContext generation into separate module
* ca: support back old cyptography API
* Fix test branch reference in packit.yaml
* ci: disable DeprecationWarning from pylint in tox
* Enable new test in Packit CI
* tenant: fix reactivate command
* config: support merge multiple config files
* ci: use only fedora-stable for packit
* elchecking: harden example policy against event type manipulation
* elchecking: add new tests
* tests: fix stdout formatting for agent and verifier
* Drop dataclasses module usage
* revocation notifier: handle shutdown of process gracefully
* verifier: handle SIGINT and SIGTERM correctly
* ima_emulator: fix IMA hash validation and add more options
* ima_ast: fix handling ToMToU errors
* Remove leftovers of TPM 1.2 support
* agent: improved validation for post function
* agent: better validation for mask and nonce
* config: add function to validate hex strings
* agent: keys/verify check if challenge was provided
* tpm_main: do not append /usr/local/{bin,lib} to default env
* db: only set length on Text type if supported
* json: do not make sqlalchemy a hard requirement
* Enable functional testing with Packit CI
* ima_emulator: specify sys.argv as the named parameter argv in main()
* elchecking example policy: make it work with Fedora 34
* elchecking example policy: initrd* might be also called initramfs*
* scripts: add mb_refstate generator for example policy
* config: change tpm_hash_alg to SHA1 by default
* parse_mb_bootlog: specify the used hash algorithm used for PCRs
* agent: add warning that on kernels <5.10 IMA only works with SHA1
* tpm: explicitly pass hash alg to sim_extend(..)
* ima emulator: use IMA AST and support multiple hash algorithms
* tests: update IMA allowlist version number
* ima: add option 'log_hash_alg' to IMA allowlist
* ima: remove hard requirement for SHA1 PCR 10
* algorithms: extend Hash class to simplify computing hash values
* config, tpm_main: explicitly handle YAML load errors
* config: private_key must be set to -private.pem not -public.pem
* agent: add UUID option environment
* agent: drop openstack uuid option
* Tue Jan 25 2022 [email protected]
- Set /var/lib/keylime under the same permissions expected by the code
* Tue Jan 18 2022 [email protected]
- Add 0001-config-support-merge-multiple-config-files.patch
This will allow the merge of config files in /usr/etc and /etc.
- Move the configuration file to /usr/etc in new distributions
- Add 0001-ca-support-back-old-cyptography-API.patch
This is only required for SLE, but the API is compatible with new versions
* Tue Jan 11 2022 [email protected]
- Add 0001-Drop-dataclasses-module-usage.patch, to support Python 3.6
* Tue Jan 11 2022 [email protected]
- Fix cfssl bcond logic in Tumbleweed / SLE
* Mon Jan 10 2022 [email protected]
- Update to version v6.2.1:
* Another addition to gitignore
* Update .gitignore with more Keylime-specific files
* json: add support for sqlalchemy.engine.row.Row in newer sqlalchemy
* ima_ast: check if the PCR is the same as in the config
* Fix permissions issue on volume mount in run_local.sh
* Make run_local.sh use a local copy of the repo
* Small updates to GOVERNANCE.md
* Move cargo-tarpaulin install to separate command
* config: drop registrar_* TLS options in [registrar] section
* Fix missing && in Dockerfile
* Remove simplejson from scripts and docs
* Replace simplejson with built-in json module
* Add rust-keylime container dependencies
* config: fix getboolean with fallback
* Clean up CI scripts and rewrite run_local.sh
* ima: for ToMToU errors skip template content validation
* ima: Use a set of entry numbers and file offsets to remember multiple positions
* Rename CONTRIBUTORS.md to CONTRIBUTING.md
* Update GOVERNANCE.md to match MAINTAINERS.md rename
* Update MAINTAINERS
* Update README: remove Gitter, Travis CI
* ca: Use UTC when setting certificate validity
* Tenant commands return json
* scripts: Allow passing a base policy to create_policy tool
* ima: Handle the case of ima-sig with a path with spaces in them
* add length to string object
* scripts: Implement create_policy to create the JSON allowlist from files
* ima: Also add a sha256 default boot_aggregate hash with 64 '0's
* ima: Use seek() to get to the last known last entry
* ima: Extend allowlist to be able to handle generic ima-buf entries
* ima: Extend JSON allowlist with 'ima' entry and 'ignored_keyrings'
* ima: Populate verifier keyrings with keys taken from ima-buf log line
* ima: Remove methods from ImaKeyring that are now in ImaKeyrings
* ima: Start passing ima_keyrings through APIs replacing ima_keyring
* Extend AgentAttestState with ima_keyrings field and use it
* ima: Implement ImaKeyrings class to support multiple keyrings
* verifier: Extend verifier DB to persist learned keyrings
* Fix a couple of pylint errors
* ima: Fix spurious attestation failures
* ima: make ToMToU errors not a failure by default
* Simple fix for tenant error message printout.
* pylint: Fix errors related to R1714
* pylint: Suppress C0201, C0209 and W0602 newly reported errors
* installer: do not install tpm2-abrmd
* tpm: by default use /dev/tpmrm0 instead of tpm2-abrmd
* verifier: add option to send revocation messages via webhook
* Wed Dec 15 2021 [email protected]
- Fix keylime configuration file attributes
* Tue Dec 14 2021 [email protected]
- Requires python-psutil
- Disable automatic execution of the payload by default
- Use ramdom UUID by default
* Wed Dec 08 2021 [email protected]
- Introduce a bcond for cfssl detection
* Wed Dec 01 2021 [email protected]
- Drop cfssl if we are not in openSUSE
* Thu Sep 16 2021 [email protected]
- Update to version 6.2.0:
* Fix bug #757 where revoc cert was treated as text
* Code improvement: removal of extra dependencies in measured boot attestation (#755)
* Sanitize the exclude list while it is ingested at `tenant` by removing comments (^#) and empty lines.
* tenant: show severity level and last event id in status
* verifier: move to new failure architecture
* pcr validation: move to new failure architecture
* measured boot: move to new failure architecture
* ima: move to new failure architecture
* failure: add infrastructure to tag and collect revocation events in Keylime
* Simulating use of SSLContext.minimum_version on ssl v3.6
* verifier: fix minor typos
* Add tests for ca_impl_cfssl and ca_util
* Replace M2Crypto with python-cryptography
* tenant: status now shows if a agent was added to the registrar
* tenant: open file to send utf-8 encoded
* Correct some comments about and remove vestige in MB policy
* fixing a small bug that resulted in malformed refstates not failing MBA
* agent: ensure that EK is in PEM format when used as uuid
* Solves #703 by adding a "non-trivial" example of a "measured boot policy" (#734)
* ci: build and publish container images
* codestyle: fix W0612 and R1735 pylint errors
* codestyle: fix W1514 pylint error
* systemd: Add KillSignal=SIGINT to keylime_agent.service
* One-liner to set the minimum version of TLS to v1.2
* pylint fix
* Typo fix: return list order confusion between measured_boot.py and tpm_abstract.py
* Refactor keylime_logging module
* ima: Implement ima-buf validator and validate keys on keyrings (#725)
* Remove Python 2 leftovers
* Additional fix for the processing of "tpm_policy"
* ima: Return an empty allowlist rather than a plain empty list
* verifier: convert (v)tpm_policy in DB from string to JSONPickleType
* verifier: Create AgentAttestState objects from entries in the db
* verifier: Persist the IMA attestation state after running the log verification
* db: Add DB migration file for boottime, ima_pcrs, pcr10, and next_ima_ml_entries
* verifier: Skip attestation one time if agent's boottime changed
* test: Add test case simulating iterative attestation
* verifier: Delete an AgentAttestState when deleting an agent
* ima: Remember the number of lines successfully processed and last IMA PCR value(s)
* ima: Reset the attestation if processing the measurement list fails
* debug: Show line number when PCR match occurs
* verifier: Extend AgentAttestState with state of the IMA PCR
* Consult the AgentAttestState for the next measurement list entry
* Introduce an AgentAttestState class for passing state through the APIs
* verifier: Request IMA log at entry 0 for now
* agent: Get boottime and transfer to verifier
* agent: Add support for optional IMA log offset parameter
* tests: Add a unit test for the IMA function and run it
* agent: Move IMA measurement list reading function to ima.py
* Add default verifier-check value
* Use tox for pylint
* Use Fedora 34 as base image for CI container
* Run ci jobs only when needed
* config: merge convert and list_convert into the same function
* Versioned APIs
* Refacator of check_pcrs to parse then validate (#716)
* Automatically calculates the boot_aggregate from the measured boot log. (#713)
* Set default UUID as lowercase (#699)
* tenant: do_cvdelete wait until 404
* Ensures the output of `bulkinfo` command in `keylime_tenant` is JSON
* ima: Convert pcrval to bytes to increase efficiency
* tests: extend ima tests for signature validation and exclude lists
* Allow agents to specify a contact ip address and port for the tenant and CV (#690)
* verifer: Fix signature and allowlist evaluation bahavior change
* ima: Fix runtime error due to wrong datatype
* tenant: add the option to specify the registrar ip and port
* measured_boot: drop process_refstate
* check_pcrs: match PCR if no mb_refstate is provided
* ci: make run_local.sh work with newer docker versions
* Fixing pylint errors (#698)
* tests: add IMA test where validation should be ignored
* ima: Use ima_ast for parsing and validation
* tests: Add test for ima AST parser
* ima: Introducing a AST for parsing and validation
* Make stalebot a bit nicer
* enable tenant to fetch all (or verifier specific) agents info in a single call from the verifier
* Flush all sessions from TPM device (#682)
* multiple named verifiers sharing a single database
* webapp: fix tls certs paths (#659)
* Corrects markdown to have proper rendering (#673)
* ima_file_signatures: Extract keyidv2 from x509 certs
* installer: Add '-r' option to cp to copy directory (issue #671)
* config: Add optional fallback parameter to get()
* agent: Fix the usage of dmidecode during the agent startup (issue #664)
* agent: Rename allowlist to ima_allowlist in keylime.conf
* Fix decoding error in user_data_encrypt
* agent: Fix issue #667 by testing for an empty ima_sign_verification_keys list
* Addresses issue #660 (database path while running local tests) (#665)
* ima: Return 'None' when ImaKeyring.from_string() called with emtpy string
* tests: Move unittests into files with suffix _test.py
* Fixes and improvements for database configuration (#654)
* Add signature verification support for local and remote IMA signature verification keys (#597)
* install: Remove TPM 1.2 support from installer and bundeling scripts
* CI/CD: Remove tpm1.2 testing support
* Remove duplicated calls to verifier
* Remove adding entropy to system rng
* Cleanup and fix error case in encryptAIK (#648)
* Move measured boot related code into functions to make check_pcrs readable (#642)
* Move code related to tpm2_checkquote into its own function (#639)
* scripts: Cleanup shell script formatting
* installer.sh: Do not delete the local copy of the certificates.
* Fix user_data_encrypt to UTF8 decode before print
* tpm_abstract: Fix adding of entropy
* codestyle: Ignore R1732 implemented by pylint >=2.8.0
* a fix for letting JSON encoding bytes correctly
* Adding back reglist to the list of commands that don't need a -t argument
* Invoke tpm2_evictcontrol for 4.0 and 4.2 tools if aik_handle exists (#624)
* Addresses #436 (#611)
* Fixes #620
* Include PCR16 in the quote only when needed
* Close leaking file descriptors (#622)
* installer.sh: Add missing spaces when efivar is added
* More ima_emulator_adapter cleanups (#616)
* installer: Add json-c-devel/json-c-dev to BUILD_TOOLS for tpm2-tss build
* Remove more commented code in ca_util.py
* installer: Only install efi library on x86_64 systems
* Create allowlist table and basic API support
* installer: Add libuuid-devel/uuid-dev to BUILD_TOOLS for tpm2_tools build
* WIP: Some cleanups (#612)
* Remove _cLime.c
* config: Document the measured boot PCRs and what is using them
* Very simple fix for the agent (re: measured boot) The agent code does not need to import "measured boot policies"
* ima_emulator_adapater: Remove unnecessary global statement
* webapp: Fix private key and certificate path (issue #604)
* Add support for keylime_webapp service to read intervals from keylime.conf
* Mon Jul 26 2021 [email protected]
- Update to Keylime 6.1.1
+ keylime_tenant add crash with TypeError: Object of type 'bytes' is
not JSON serializable
+ Whenever Keylime agent starts and cannot contact the registrar, it
fails and quits without flushing create EK handles
+ keylime_tenant -c reglist now requires a "-t" parameter for no
reason
+ Duplicated API calls to verifier in webapp backend
+ Installer deletes tpm_cert_store files
+ agent_uuid set to dmidecode crashes Keylime
+ Copying of tpm_cert_store fails during installation
+ If the PCR belong to a measured boot list, it is not validated
+ keylime_tenant --c update fails with a race condition
- Drop patches already present in the new version
+ webapp-fix-tls-certs-paths.patch
+ check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch
+ tenant-do_cvdelete-wait-until-404.patch
* Wed Jul 21 2021 [email protected]
- Add tenant-do_cvdelete-wait-until-404.patch to fix the update command
* Mon Jul 19 2021 [email protected]
- Adjust the default revocation notifier binding IP
- Default to CFSSL in keylime.conf
* Wed Jul 14 2021 [email protected]
- Add config-libefivars.diff to adjust the path of the library
* Thu Jul 08 2021 [email protected]
- Add check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch
(gh#keylime/keylime!695)
- Recommends CFSSL in the registrar (actually should be the CA)
- Change default value for require_ek_cert to False
- Reorder the patches to separate upstream fixes from openSUSE ones
* Thu Jun 10 2021 [email protected]
- Add webapp-fix-tls-certs-paths.patch (gh#keylime/keylime!659)
- Recommend dmidecode for the agent
- Require libtss2-tcti-{device0,tabrmd0} to use abrmd service
- Add keylime.conf.diff patch to change the default config file
- Add keylime.xml for firewalld service definition
* Tue Apr 27 2021 [email protected]
- Update to version 6.1.0:
* Update python cryptography lib to v3.3.2
* installer.sh improvments
* run_local.sh: Run unit tests in keylime/tpm/tpm2_objects.py
* Fourth and final PR to address #491 (#580)
* scripts: Also use pylint-3 if pylint is not installed
* agent: Fix the checking for a specific error returned by tpm2_quote
* Allowlist verification - Enhancement #16
* Forgot to remove the original, more crude solution (which caused pylint errors)
* New and improved code to fix issue #582
* Consistent formatting for logging strings
/etc/alternatives/keylime_agent /etc/alternatives/keylime_ca /etc/alternatives/keylime_ima_emulator /etc/alternatives/keylime_migrations_apply /etc/alternatives/keylime_registrar /etc/alternatives/keylime_tenant /etc/alternatives/keylime_userdata_encrypt /etc/alternatives/keylime_verifier /etc/alternatives/keylime_webapp /usr/bin/keylime_agent /usr/bin/keylime_agent-3.6 /usr/bin/keylime_ca /usr/bin/keylime_ca-3.6 /usr/bin/keylime_ima_emulator /usr/bin/keylime_ima_emulator-3.6 /usr/bin/keylime_migrations_apply /usr/bin/keylime_migrations_apply-3.6 /usr/bin/keylime_registrar /usr/bin/keylime_registrar-3.6 /usr/bin/keylime_tenant /usr/bin/keylime_tenant-3.6 /usr/bin/keylime_userdata_encrypt /usr/bin/keylime_userdata_encrypt-3.6 /usr/bin/keylime_verifier /usr/bin/keylime_verifier-3.6 /usr/bin/keylime_webapp /usr/bin/keylime_webapp-3.6 /usr/lib/python3.6/site-packages/keylime /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/PKG-INFO /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/SOURCES.txt /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/dependency_links.txt /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/entry_points.txt /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/not-zip-safe /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/top_level.txt /usr/lib/python3.6/site-packages/keylime/__init__.py /usr/lib/python3.6/site-packages/keylime/__pycache__ /usr/lib/python3.6/site-packages/keylime/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/agentstates.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/agentstates.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/api_version.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/api_version.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_cfssl.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_cfssl.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_openssl.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_openssl.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_util.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_util.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_common.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_common.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_tornado.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_tornado.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cmd_exec.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cmd_exec.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/config.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/config.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/crypto.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/crypto.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cryptodome.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cryptodome.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/failure.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/failure.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/fs_util.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/fs_util.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_ast.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_ast.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_file_signatures.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_file_signatures.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_test.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_test.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/json.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/json.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_agent.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_agent.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_logging.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_logging.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/measured_boot.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/measured_boot.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_client.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_client.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_common.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_common.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/requests_client.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/requests_client.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/revocation_notifier.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/revocation_notifier.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/secure_mount.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/secure_mount.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/signing.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/signing.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant_webapp.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant_webapp.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tornado_requests.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tornado_requests.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_bootlog_enrich.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_bootlog_enrich.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_ek_ca.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_ek_ca.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils_test.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils_test.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/web_util.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/web_util.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/agentstates.py /usr/lib/python3.6/site-packages/keylime/api_version.py /usr/lib/python3.6/site-packages/keylime/ca_impl_cfssl.py /usr/lib/python3.6/site-packages/keylime/ca_impl_openssl.py /usr/lib/python3.6/site-packages/keylime/ca_util.py /usr/lib/python3.6/site-packages/keylime/cloud_verifier_common.py /usr/lib/python3.6/site-packages/keylime/cloud_verifier_tornado.py /usr/lib/python3.6/site-packages/keylime/cmd /usr/lib/python3.6/site-packages/keylime/cmd/__init__.py /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__ /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/agent.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/agent.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ca.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ca.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ima_emulator_adapter.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ima_emulator_adapter.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/migrations_apply.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/migrations_apply.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/registrar.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/registrar.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/tenant.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/tenant.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/user_data_encrypt.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/user_data_encrypt.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/verifier.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/verifier.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/webapp.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/webapp.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/agent.py /usr/lib/python3.6/site-packages/keylime/cmd/ca.py /usr/lib/python3.6/site-packages/keylime/cmd/ima_emulator_adapter.py /usr/lib/python3.6/site-packages/keylime/cmd/migrations_apply.py /usr/lib/python3.6/site-packages/keylime/cmd/registrar.py /usr/lib/python3.6/site-packages/keylime/cmd/tenant.py /usr/lib/python3.6/site-packages/keylime/cmd/user_data_encrypt.py /usr/lib/python3.6/site-packages/keylime/cmd/verifier.py /usr/lib/python3.6/site-packages/keylime/cmd/webapp.py /usr/lib/python3.6/site-packages/keylime/cmd_exec.py /usr/lib/python3.6/site-packages/keylime/common /usr/lib/python3.6/site-packages/keylime/common/__init__.py /usr/lib/python3.6/site-packages/keylime/common/__pycache__ /usr/lib/python3.6/site-packages/keylime/common/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/algorithms.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/algorithms.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/exception.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/exception.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/metrics.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/metrics.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/retry.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/retry.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/states.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/states.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/validators.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/validators.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/algorithms.py /usr/lib/python3.6/site-packages/keylime/common/exception.py /usr/lib/python3.6/site-packages/keylime/common/metrics.py /usr/lib/python3.6/site-packages/keylime/common/retry.py /usr/lib/python3.6/site-packages/keylime/common/states.py /usr/lib/python3.6/site-packages/keylime/common/validators.py /usr/lib/python3.6/site-packages/keylime/config.py /usr/lib/python3.6/site-packages/keylime/crypto.py /usr/lib/python3.6/site-packages/keylime/cryptodome.py /usr/lib/python3.6/site-packages/keylime/db /usr/lib/python3.6/site-packages/keylime/db/__init__.py /usr/lib/python3.6/site-packages/keylime/db/__pycache__ /usr/lib/python3.6/site-packages/keylime/db/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/keylime_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/keylime_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/registrar_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/registrar_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/verifier_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/verifier_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/keylime_db.py /usr/lib/python3.6/site-packages/keylime/db/registrar_db.py /usr/lib/python3.6/site-packages/keylime/db/verifier_db.py /usr/lib/python3.6/site-packages/keylime/elchecking /usr/lib/python3.6/site-packages/keylime/elchecking/__init__.py /usr/lib/python3.6/site-packages/keylime/elchecking/__main__.py /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__ /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__main__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__main__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/example.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/example.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/policies.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/policies.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/tests.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/tests.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/example.py /usr/lib/python3.6/site-packages/keylime/elchecking/policies.py /usr/lib/python3.6/site-packages/keylime/elchecking/tests.py /usr/lib/python3.6/site-packages/keylime/failure.py /usr/lib/python3.6/site-packages/keylime/fs_util.py /usr/lib/python3.6/site-packages/keylime/ima.py /usr/lib/python3.6/site-packages/keylime/ima_ast.py /usr/lib/python3.6/site-packages/keylime/ima_file_signatures.py /usr/lib/python3.6/site-packages/keylime/ima_test.py /usr/lib/python3.6/site-packages/keylime/json.py /usr/lib/python3.6/site-packages/keylime/keylime.conf /usr/lib/python3.6/site-packages/keylime/keylime_agent.py /usr/lib/python3.6/site-packages/keylime/keylime_logging.py /usr/lib/python3.6/site-packages/keylime/measured_boot.py /usr/lib/python3.6/site-packages/keylime/migrations /usr/lib/python3.6/site-packages/keylime/migrations/__init__.py /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__ /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/env.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/env.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/alembic.ini /usr/lib/python3.6/site-packages/keylime/migrations/env.py /usr/lib/python3.6/site-packages/keylime/migrations/versions /usr/lib/python3.6/site-packages/keylime/migrations/versions/1ac1513ef2a1_fix_mb_and_ima_column_types.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/257fe0f0c039_add_fields_for_revocation_context_to_.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/7d5db1a6ffb0_add_agentstates_columns.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/8a44a4364f5a_initial_database_migration.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/8da20383f6e1_extend_ip_field.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/9169f80345ed_add_supported_version_to_verifiermain_.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/__init__.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__ /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/7d5db1a6ffb0_add_agentstates_columns.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/7d5db1a6ffb0_add_agentstates_columns.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8a44a4364f5a_initial_database_migration.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8a44a4364f5a_initial_database_migration.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8da20383f6e1_extend_ip_field.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8da20383f6e1_extend_ip_field.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/ae898986c6e9_add_mb_refstate_column.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/ae898986c6e9_add_mb_refstate_column.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/b4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/b4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/c3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/c3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/cc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/cc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eb869a77abd1_create_allowlist_table.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eb869a77abd1_create_allowlist_table.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eeb702f77d7d_allowlist_rename.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eeb702f77d7d_allowlist_rename.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/a79c27ec1054_add_mtls_cert_field_to_registrar.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/a7a64155ab3a_add_ima_filesigning_keys_column.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/ae898986c6e9_add_mb_refstate_column.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/b4d024197413_add_verfier_id_to_verifiermain_table.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/c3842cc9ee69_store_keyrings_learned_from_ima_log.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/cc2630851a1f_receive_the_aik_tpm_from_the_agent.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/eb869a77abd1_create_allowlist_table.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/eeb702f77d7d_allowlist_rename.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/f35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/f82c4252bc4f_add_ip_and_port_to_registrar.py /usr/lib/python3.6/site-packages/keylime/registrar_client.py /usr/lib/python3.6/site-packages/keylime/registrar_common.py /usr/lib/python3.6/site-packages/keylime/requests_client.py /usr/lib/python3.6/site-packages/keylime/revocation_actions /usr/lib/python3.6/site-packages/keylime/revocation_actions/__init__.py /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__ /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/print_metadata.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/print_metadata.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/update_crl.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/update_crl.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/print_metadata.py /usr/lib/python3.6/site-packages/keylime/revocation_actions/update_crl.py /usr/lib/python3.6/site-packages/keylime/revocation_notifier.py /usr/lib/python3.6/site-packages/keylime/secure_mount.py /usr/lib/python3.6/site-packages/keylime/signing.py /usr/lib/python3.6/site-packages/keylime/static /usr/lib/python3.6/site-packages/keylime/static/css /usr/lib/python3.6/site-packages/keylime/static/css/webapp.css /usr/lib/python3.6/site-packages/keylime/static/icons /usr/lib/python3.6/site-packages/keylime/static/icons/ICON-LICENSE /usr/lib/python3.6/site-packages/keylime/static/icons/README.md /usr/lib/python3.6/site-packages/keylime/static/icons/png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/keylime.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash.png /usr/lib/python3.6/site-packages/keylime/static/js /usr/lib/python3.6/site-packages/keylime/static/js/webapp.js /usr/lib/python3.6/site-packages/keylime/tenant.py /usr/lib/python3.6/site-packages/keylime/tenant_webapp.py /usr/lib/python3.6/site-packages/keylime/tornado_requests.py /usr/lib/python3.6/site-packages/keylime/tpm /usr/lib/python3.6/site-packages/keylime/tpm/__init__.py /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__ /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects_test.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects_test.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_abstract.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_abstract.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_main.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_main.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/tpm2_objects.py /usr/lib/python3.6/site-packages/keylime/tpm/tpm2_objects_test.py /usr/lib/python3.6/site-packages/keylime/tpm/tpm_abstract.py /usr/lib/python3.6/site-packages/keylime/tpm/tpm_main.py /usr/lib/python3.6/site-packages/keylime/tpm_bootlog_enrich.py /usr/lib/python3.6/site-packages/keylime/tpm_ek_ca.py /usr/lib/python3.6/site-packages/keylime/user_utils.py /usr/lib/python3.6/site-packages/keylime/user_utils_test.py /usr/lib/python3.6/site-packages/keylime/web_util.py /usr/share/doc/packages/python3-keylime /usr/share/doc/packages/python3-keylime/README.md /usr/share/licenses/python3-keylime /usr/share/licenses/python3-keylime/ICON-LICENSE /usr/share/licenses/python3-keylime/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 18:05:00 2024