Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: python3-keylime | Distribution: SUSE Linux Enterprise 15 |
Version: 6.3.2 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 150400.4.20.1 | Build date: Thu Aug 24 15:56:21 2023 |
Group: Unspecified | Build host: goat26 |
Size: 1804798 | Source RPM: keylime-6.3.2-150400.4.20.1.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://github.com/keylime/keylime | |
Summary: Open source TPM software for Bootstrapping and Maintaining Trust |
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.
Apache-2.0 AND MIT
* Thu Aug 24 2023 [email protected] - Backport patch to avoid the leak of the authorization tag (CVE-2023-38201, boo#1213314) + CVE-2023-38201.patch * Wed Aug 02 2023 [email protected] - Backport patches to avoid DoS via SSL (CVE-2023-38200, boo#1213310) + CVE-2023-38200-01.patch + CVE-2023-38200-02.patch + CVE-2023-38200-03.patch * Wed Oct 26 2022 [email protected] - Backport CVE-2022-3500.patch (CVE-2022-3500) (bsc#1204782) + Moderate vulnerability where a node can seems as attested when in reality it is not properly attested * Tue Jul 26 2022 [email protected] - Drop cfssl default in keylime.conf patch (bsc#1201866) * Thu Jul 14 2022 [email protected] - Use chown -h to adjust persmissions for downgrade migration. This skip following symlinks and make the migration possible (bsc#1201466) - Add logrotate configuration for the services - Create run directory as non-root user - Conflict with rust-keylime - Consolidate in _distconfdir when possible - Add fix_exit.diff patch, to exit properly in SLE * Thu Jun 23 2022 [email protected] - Remove user downgrade mechanism from the package (CVE-2022-31250, bsc#1200885) * Wed May 18 2022 [email protected] - Fix "run_as" configuration parameter and set it to keylime:tss - Improve downgrade user migration during package update - Add patches (CVE-2022-1053, boo#1199253): + CVE-2022-1053-01.patch + CVE-2022-1053-02.patch + CVE-2022-1053-03.patch + CVE-2022-1053-04.patch * Wed Apr 13 2022 [email protected] - Update to version v6.3.2: * general: bump Keylime version to 6.3.2 * tpm_main: flush transient objects * pypi: add notice that the Python API is unstable * installer: use OpenSSL by default * Avoid mounting secdir while unmounting it * remove TPM, VTPM and IMA stubbing support * archive: remove all archive files * Change GH reviewers to be from developer group * added suse / opensuse support with zypper * Fix tpm import in test_tpm.py * Fix cfssl configuration in run_tests.sh * tpm_emulator: improve TPM emulator installation * config: Add option to enable DB debugging via DEBUG_DB env var * Enable SQL query cache for JSONPickleType * tpm_emulator: move everything into systemd services * Implement broader key support for Keylime's signing mechanisms * tenant: Use exponential backoff on key verification retries * tenant: Move JSON parsing to capture possible exceptions * tenant: Move verifier stop from do_quote to do_verify * pylint: Fix issues related to W0602 global-variable-not-assigned * tenant: Handle 404 error from registrar gracefully * pylint: Fix remaining code with issue R1732 consider-using-with * pylint: Fix R1732 consider-using-with * pylint: Fix issue detected by pylint-2.13.0 * pylint: Fix issue detected by pylint-2.13.0 * tenant: verify agent quote before adding to verifier * README: remove tpm2-abrmd and OSX sections * pylint: Fix issues related to W0102 dangerous-default-value * pylint: Fix R0201 no-self-use * pylint: remove W1203 logging-format-interpolation from ignore list * pylint: remove R1729 use-a-generator from ignore list * pylint: remove E1120 no-value-for-parameter from ignore list * pylint: remove W1201 logging-not-lazy from ignore list * pylint: fix C0209 consider-using-f-string * pylint: fix C0201 consider-iterating-dictionary * pylint: fix W1509 subprocess-popen-preexec-fn * keylime_tenant non-zero exit code on error * Fix prepare step adjustments in packit-ci.fmf plan * failure: fix Pattern type hint * mypy: add initial Mypy configuration * ima_ast: add type hints * failure: add type hints * logging, config: add type hints for logging module * algorithms: add type hints * json: add type hints and add JSONType as custom type * Full allowlist processing when not adding host * provider, vTPM: remove vTPM manager and provider code * tpm: fix that the set of missing PCRs is not serializable in failure * Restores the option to use keylime agents without mTLS * services: make the services run as keylime user instead of root * State in --help that SHA-256 is used for --allowlist-checksum * config: change cacert.pem to cacert.crt * registrar_client: validate connections against registrar ca certificate * tenant: validate connections against verifier ca certificate * request_client: only add custom adapter if TLS is enabled * setup: add static assets for webapp * Add TESTING.md describing testing details * Fix some remaining log format strings * Fix for database_url parameter with sqlite * Enable test basic-attestation-with-unpriviledged-agent in Packit CI * Use lazy string formatting when logging (#535) * Make Packit CI plan more resource-saving * keylime.conf: Document setting ownership in WORK_DIR (/var/lib/keylime) * agent: Make sure tmpfs is empty even if not mounted or cannot unmount * agent: Drop privileges by switching to normal user and group * agent: Move mounting of tmpfs towards beginning of main() * agent: Read measured boot log near process start * agent: Open file for IMA log file near process start * ima: Refactor read_measurement_list() to take file as argument * Add the policy name to failure event * tpm_main: Check if tpm_cert_store exists (#553) * Remove tag input from container build workflow * Push container images to quay.io/keylime org * Enable code coverage measurement for e2e tests in Packit CI * config: fix config search order * Add defaults for ephemeral keys for agent records * Update outdated greetings Github messages * services: add keylime_agent_secure.mount service * installer.sh: updated tpm2-{tools, tss}, use system packages if possible * revocation_notifier: convert the data to str in the notifiers * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml - Drop already merged patches * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch * Thu Feb 24 2022 [email protected] - Add upstream patches: * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch - Configure the agent to run as non-root (via keylime.conf) - Add keylime sysuser conf file and deploy as part of the tpm certificate subpackage - Prepare the systemd mount unit for /var/lib/keylime/secure * Thu Feb 24 2022 [email protected] - Drop patches beacuse merged upstream: * version.diff * cloud_verifier_tornado-use-fork_processes.patch - Drop binaries not used anymore: * keylime_provider_platform_init * keylime_provider_registrar * keylime_provider_vtpm_add - Update to version v6.3.1: * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml * agent, crypto: add localhost, server and contact ip to agent certificate * Add better default repo path for run_local.sh * Fix incorrect variable name in test_restful * Run existing agent tests against the rust-keylime agent * Fix small wording mistakes caught while reading the code * agent: move key and certificate logging levels from debug to info * agent: allow absolute paths for rsa_keyname and mtls_cert * Add missing backend parameter * cloud_verifier_tornado: use fork_processes * ci: automatically push release to PyPI * setup.{py,cfg}: Move setup configuration to setup.cfg * Add iproute tool to Dockerfile * Pylint does not like single-line functions. * A small beauty fix * This is a small fix to proactively fix Issue #840 by identifying non-escaped double quotes in the tpm2-tools output * setup.py: add version number and new Python versions, drop unsed binaries * setup.py, config: install default configuration into package path * ci: move old keylime.conf to keylime.conf.orig before running tests * retry: fix pylint issue * Adding Infineon Optiga 034 RSA and ECC certificates for Infineon SLB9675 devices. * Ensure columns "mb_refstate" and "allowlist" are of type LONGTEXT in table "verifiermain" * tenant: add exponential backoff option to retry timings * cloud verifier: add exponential backoff option to retry timings * tpm: add exponential backoff option to retry timings * test, retry: add unit test for retry algorithm * common: add algorithm for retry time calculation * registrar, tpm_main: ensure that correct types are commited to DB. * Fix typo for config param listen_notifications * Lint is _really_ unhappy today. * Linty fixes * Adding a unit test file for tpm_main * tpm_main: check if PCRs for the hash algorithm are available * tpm_main: handle if tpm2_checkquote returns no PCRs for a hash algorithm * agent: output supported_version as result not as a status * Add missing subcommands to -c help message * tests: fix mtls_cert generation in test_restful.py * revocation_notifier: fix socket path permission check * Remove unused database_query config param * Move umask calls only on entry points * config: move directory utilities to fs_util * Mon Feb 07 2022 [email protected] - Change back agent_uuid to hostname - Set tpm_hash_alg to sha256 by default - Update version.diff patch to point to the correct version number - Fix issue with Tornado, when multiple workers are started * Add cloud_verifier_tornado-use-fork_processes.patch (bsc#1195605) * Thu Jan 27 2022 [email protected] - Drop patches beacuse merged upstream: * 0001-Drop-dataclasses-module-usage.patch * 0001-config-support-merge-multiple-config-files.patch * 0001-ca-support-back-old-cyptography-API.patch - Update to version v6.3.0: * Coordinated update to fix: + bsc#1193997 (CVE-2022-23948) + bsc#1193998 (CVE-2021-43310) + bsc#1194000 (CVE-2022-23949) + bsc#1194002 (CVE-2022-23950) + bsc#1194004 (CVE-2022-23951) + bsc#1194005 (CVE-2022-23952) * secure_mount: add umount function * secure_mount: use /proc/self/mountinfo * Validate user ID in all public interfaces * validators: add uuid and agent_id validators * validators: create validators module * revocation_notifier: move zmq socket to /var/run/keylime * Update API version from 1.0 to 2.0 * tpm: do not compress quote with zlib by default * verifier: persist AK and mTLS certificate to DB * verifier: use "supported_version" for agent connections * tenant: add support for "supported_version" option for the verifier * api_version: add the option for basic validation * verifier: add supported_version field to DB and API * agent: add /version to REST API * verifier, tenant: allow agents to not use mTLS * tenant, verifier: allow manual configuration of agent mTLS * tests: migrate to mTLS * tenant: connect to the agent via mTLS * verifier: connect to the agent via mTLS * tornado_requests: handle SSLError * web_util: add mTLS context generation for agent * agent: Enable mTLS for agent REST API * crypto: add helper function for creating self signed certs * registrar: Allow the agent to registrar with a mTLS certificate * request_client: add workaround for handling certificates * request_client: add the option to ignore hostname validation * Better docs and errors about IMA hash mismatches * tests: use JSON instead Python string for IMA tests * verifier: use json.loads(..) instead of ast.literal_eval(..) * Adding Nuvoton certificate for a post 2020 TPM device. The EK cert of the device directs to the following download site: 'https://www.nuvoton.com/security/NTC-TPM-EK-Cert/Nuvoton TPM Root CA 1111.cer' (yes, including the spaces) * Improve revocation notifier IP description in keylime.conf * tornado_requests: set Content-Type header correctly for JSON * tenant: post U key to agent with correct Content-Type header * Explicitly set permissions on new keylime.conf files installed * tpm_main: close file descriptor for aik handle * verifier: do not call finish() twice * agent: fix payload execution * tests: add initial tests for web_util module * config, web_util: move get_restful_params(..) to web_util * verifier: Also retry on HTTP 500 status code * agent: improve startup and shutdown * registrar: cleanup start function * web_util: move echo_json_response(..) out of config.py * verifier: fix failure generation for V key * tornado_requests: cleanup TornadoResponse class * web_util, verifier: move mTLS SSLContext generation into separate module * ca: support back old cyptography API * Fix test branch reference in packit.yaml * ci: disable DeprecationWarning from pylint in tox * Enable new test in Packit CI * tenant: fix reactivate command * config: support merge multiple config files * ci: use only fedora-stable for packit * elchecking: harden example policy against event type manipulation * elchecking: add new tests * tests: fix stdout formatting for agent and verifier * Drop dataclasses module usage * revocation notifier: handle shutdown of process gracefully * verifier: handle SIGINT and SIGTERM correctly * ima_emulator: fix IMA hash validation and add more options * ima_ast: fix handling ToMToU errors * Remove leftovers of TPM 1.2 support * agent: improved validation for post function * agent: better validation for mask and nonce * config: add function to validate hex strings * agent: keys/verify check if challenge was provided * tpm_main: do not append /usr/local/{bin,lib} to default env * db: only set length on Text type if supported * json: do not make sqlalchemy a hard requirement * Enable functional testing with Packit CI * ima_emulator: specify sys.argv as the named parameter argv in main() * elchecking example policy: make it work with Fedora 34 * elchecking example policy: initrd* might be also called initramfs* * scripts: add mb_refstate generator for example policy * config: change tpm_hash_alg to SHA1 by default * parse_mb_bootlog: specify the used hash algorithm used for PCRs * agent: add warning that on kernels <5.10 IMA only works with SHA1 * tpm: explicitly pass hash alg to sim_extend(..) * ima emulator: use IMA AST and support multiple hash algorithms * tests: update IMA allowlist version number * ima: add option 'log_hash_alg' to IMA allowlist * ima: remove hard requirement for SHA1 PCR 10 * algorithms: extend Hash class to simplify computing hash values * config, tpm_main: explicitly handle YAML load errors * config: private_key must be set to -private.pem not -public.pem * agent: add UUID option environment * agent: drop openstack uuid option * Tue Jan 25 2022 [email protected] - Set /var/lib/keylime under the same permissions expected by the code * Tue Jan 18 2022 [email protected] - Add 0001-config-support-merge-multiple-config-files.patch This will allow the merge of config files in /usr/etc and /etc. - Move the configuration file to /usr/etc in new distributions - Add 0001-ca-support-back-old-cyptography-API.patch This is only required for SLE, but the API is compatible with new versions * Tue Jan 11 2022 [email protected] - Add 0001-Drop-dataclasses-module-usage.patch, to support Python 3.6 * Tue Jan 11 2022 [email protected] - Fix cfssl bcond logic in Tumbleweed / SLE * Mon Jan 10 2022 [email protected] - Update to version v6.2.1: * Another addition to gitignore * Update .gitignore with more Keylime-specific files * json: add support for sqlalchemy.engine.row.Row in newer sqlalchemy * ima_ast: check if the PCR is the same as in the config * Fix permissions issue on volume mount in run_local.sh * Make run_local.sh use a local copy of the repo * Small updates to GOVERNANCE.md * Move cargo-tarpaulin install to separate command * config: drop registrar_* TLS options in [registrar] section * Fix missing && in Dockerfile * Remove simplejson from scripts and docs * Replace simplejson with built-in json module * Add rust-keylime container dependencies * config: fix getboolean with fallback * Clean up CI scripts and rewrite run_local.sh * ima: for ToMToU errors skip template content validation * ima: Use a set of entry numbers and file offsets to remember multiple positions * Rename CONTRIBUTORS.md to CONTRIBUTING.md * Update GOVERNANCE.md to match MAINTAINERS.md rename * Update MAINTAINERS * Update README: remove Gitter, Travis CI * ca: Use UTC when setting certificate validity * Tenant commands return json * scripts: Allow passing a base policy to create_policy tool * ima: Handle the case of ima-sig with a path with spaces in them * add length to string object * scripts: Implement create_policy to create the JSON allowlist from files * ima: Also add a sha256 default boot_aggregate hash with 64 '0's * ima: Use seek() to get to the last known last entry * ima: Extend allowlist to be able to handle generic ima-buf entries * ima: Extend JSON allowlist with 'ima' entry and 'ignored_keyrings' * ima: Populate verifier keyrings with keys taken from ima-buf log line * ima: Remove methods from ImaKeyring that are now in ImaKeyrings * ima: Start passing ima_keyrings through APIs replacing ima_keyring * Extend AgentAttestState with ima_keyrings field and use it * ima: Implement ImaKeyrings class to support multiple keyrings * verifier: Extend verifier DB to persist learned keyrings * Fix a couple of pylint errors * ima: Fix spurious attestation failures * ima: make ToMToU errors not a failure by default * Simple fix for tenant error message printout. * pylint: Fix errors related to R1714 * pylint: Suppress C0201, C0209 and W0602 newly reported errors * installer: do not install tpm2-abrmd * tpm: by default use /dev/tpmrm0 instead of tpm2-abrmd * verifier: add option to send revocation messages via webhook * Wed Dec 15 2021 [email protected] - Fix keylime configuration file attributes * Tue Dec 14 2021 [email protected] - Requires python-psutil - Disable automatic execution of the payload by default - Use ramdom UUID by default * Wed Dec 08 2021 [email protected] - Introduce a bcond for cfssl detection * Wed Dec 01 2021 [email protected] - Drop cfssl if we are not in openSUSE * Thu Sep 16 2021 [email protected] - Update to version 6.2.0: * Fix bug #757 where revoc cert was treated as text * Code improvement: removal of extra dependencies in measured boot attestation (#755) * Sanitize the exclude list while it is ingested at `tenant` by removing comments (^#) and empty lines. * tenant: show severity level and last event id in status * verifier: move to new failure architecture * pcr validation: move to new failure architecture * measured boot: move to new failure architecture * ima: move to new failure architecture * failure: add infrastructure to tag and collect revocation events in Keylime * Simulating use of SSLContext.minimum_version on ssl v3.6 * verifier: fix minor typos * Add tests for ca_impl_cfssl and ca_util * Replace M2Crypto with python-cryptography * tenant: status now shows if a agent was added to the registrar * tenant: open file to send utf-8 encoded * Correct some comments about and remove vestige in MB policy * fixing a small bug that resulted in malformed refstates not failing MBA * agent: ensure that EK is in PEM format when used as uuid * Solves #703 by adding a "non-trivial" example of a "measured boot policy" (#734) * ci: build and publish container images * codestyle: fix W0612 and R1735 pylint errors * codestyle: fix W1514 pylint error * systemd: Add KillSignal=SIGINT to keylime_agent.service * One-liner to set the minimum version of TLS to v1.2 * pylint fix * Typo fix: return list order confusion between measured_boot.py and tpm_abstract.py * Refactor keylime_logging module * ima: Implement ima-buf validator and validate keys on keyrings (#725) * Remove Python 2 leftovers * Additional fix for the processing of "tpm_policy" * ima: Return an empty allowlist rather than a plain empty list * verifier: convert (v)tpm_policy in DB from string to JSONPickleType * verifier: Create AgentAttestState objects from entries in the db * verifier: Persist the IMA attestation state after running the log verification * db: Add DB migration file for boottime, ima_pcrs, pcr10, and next_ima_ml_entries * verifier: Skip attestation one time if agent's boottime changed * test: Add test case simulating iterative attestation * verifier: Delete an AgentAttestState when deleting an agent * ima: Remember the number of lines successfully processed and last IMA PCR value(s) * ima: Reset the attestation if processing the measurement list fails * debug: Show line number when PCR match occurs * verifier: Extend AgentAttestState with state of the IMA PCR * Consult the AgentAttestState for the next measurement list entry * Introduce an AgentAttestState class for passing state through the APIs * verifier: Request IMA log at entry 0 for now * agent: Get boottime and transfer to verifier * agent: Add support for optional IMA log offset parameter * tests: Add a unit test for the IMA function and run it * agent: Move IMA measurement list reading function to ima.py * Add default verifier-check value * Use tox for pylint * Use Fedora 34 as base image for CI container * Run ci jobs only when needed * config: merge convert and list_convert into the same function * Versioned APIs * Refacator of check_pcrs to parse then validate (#716) * Automatically calculates the boot_aggregate from the measured boot log. (#713) * Set default UUID as lowercase (#699) * tenant: do_cvdelete wait until 404 * Ensures the output of `bulkinfo` command in `keylime_tenant` is JSON * ima: Convert pcrval to bytes to increase efficiency * tests: extend ima tests for signature validation and exclude lists * Allow agents to specify a contact ip address and port for the tenant and CV (#690) * verifer: Fix signature and allowlist evaluation bahavior change * ima: Fix runtime error due to wrong datatype * tenant: add the option to specify the registrar ip and port * measured_boot: drop process_refstate * check_pcrs: match PCR if no mb_refstate is provided * ci: make run_local.sh work with newer docker versions * Fixing pylint errors (#698) * tests: add IMA test where validation should be ignored * ima: Use ima_ast for parsing and validation * tests: Add test for ima AST parser * ima: Introducing a AST for parsing and validation * Make stalebot a bit nicer * enable tenant to fetch all (or verifier specific) agents info in a single call from the verifier * Flush all sessions from TPM device (#682) * multiple named verifiers sharing a single database * webapp: fix tls certs paths (#659) * Corrects markdown to have proper rendering (#673) * ima_file_signatures: Extract keyidv2 from x509 certs * installer: Add '-r' option to cp to copy directory (issue #671) * config: Add optional fallback parameter to get() * agent: Fix the usage of dmidecode during the agent startup (issue #664) * agent: Rename allowlist to ima_allowlist in keylime.conf * Fix decoding error in user_data_encrypt * agent: Fix issue #667 by testing for an empty ima_sign_verification_keys list * Addresses issue #660 (database path while running local tests) (#665) * ima: Return 'None' when ImaKeyring.from_string() called with emtpy string * tests: Move unittests into files with suffix _test.py * Fixes and improvements for database configuration (#654) * Add signature verification support for local and remote IMA signature verification keys (#597) * install: Remove TPM 1.2 support from installer and bundeling scripts * CI/CD: Remove tpm1.2 testing support * Remove duplicated calls to verifier * Remove adding entropy to system rng * Cleanup and fix error case in encryptAIK (#648) * Move measured boot related code into functions to make check_pcrs readable (#642) * Move code related to tpm2_checkquote into its own function (#639) * scripts: Cleanup shell script formatting * installer.sh: Do not delete the local copy of the certificates. * Fix user_data_encrypt to UTF8 decode before print * tpm_abstract: Fix adding of entropy * codestyle: Ignore R1732 implemented by pylint >=2.8.0 * a fix for letting JSON encoding bytes correctly * Adding back reglist to the list of commands that don't need a -t argument * Invoke tpm2_evictcontrol for 4.0 and 4.2 tools if aik_handle exists (#624) * Addresses #436 (#611) * Fixes #620 * Include PCR16 in the quote only when needed * Close leaking file descriptors (#622) * installer.sh: Add missing spaces when efivar is added * More ima_emulator_adapter cleanups (#616) * installer: Add json-c-devel/json-c-dev to BUILD_TOOLS for tpm2-tss build * Remove more commented code in ca_util.py * installer: Only install efi library on x86_64 systems * Create allowlist table and basic API support * installer: Add libuuid-devel/uuid-dev to BUILD_TOOLS for tpm2_tools build * WIP: Some cleanups (#612) * Remove _cLime.c * config: Document the measured boot PCRs and what is using them * Very simple fix for the agent (re: measured boot) The agent code does not need to import "measured boot policies" * ima_emulator_adapater: Remove unnecessary global statement * webapp: Fix private key and certificate path (issue #604) * Add support for keylime_webapp service to read intervals from keylime.conf * Mon Jul 26 2021 [email protected] - Update to Keylime 6.1.1 + keylime_tenant add crash with TypeError: Object of type 'bytes' is not JSON serializable + Whenever Keylime agent starts and cannot contact the registrar, it fails and quits without flushing create EK handles + keylime_tenant -c reglist now requires a "-t" parameter for no reason + Duplicated API calls to verifier in webapp backend + Installer deletes tpm_cert_store files + agent_uuid set to dmidecode crashes Keylime + Copying of tpm_cert_store fails during installation + If the PCR belong to a measured boot list, it is not validated + keylime_tenant --c update fails with a race condition - Drop patches already present in the new version + webapp-fix-tls-certs-paths.patch + check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch + tenant-do_cvdelete-wait-until-404.patch * Wed Jul 21 2021 [email protected] - Add tenant-do_cvdelete-wait-until-404.patch to fix the update command * Mon Jul 19 2021 [email protected] - Adjust the default revocation notifier binding IP - Default to CFSSL in keylime.conf * Wed Jul 14 2021 [email protected] - Add config-libefivars.diff to adjust the path of the library * Thu Jul 08 2021 [email protected] - Add check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch (gh#keylime/keylime!695) - Recommends CFSSL in the registrar (actually should be the CA) - Change default value for require_ek_cert to False - Reorder the patches to separate upstream fixes from openSUSE ones * Thu Jun 10 2021 [email protected] - Add webapp-fix-tls-certs-paths.patch (gh#keylime/keylime!659) - Recommend dmidecode for the agent - Require libtss2-tcti-{device0,tabrmd0} to use abrmd service - Add keylime.conf.diff patch to change the default config file - Add keylime.xml for firewalld service definition * Tue Apr 27 2021 [email protected] - Update to version 6.1.0: * Update python cryptography lib to v3.3.2 * installer.sh improvments * run_local.sh: Run unit tests in keylime/tpm/tpm2_objects.py * Fourth and final PR to address #491 (#580) * scripts: Also use pylint-3 if pylint is not installed * agent: Fix the checking for a specific error returned by tpm2_quote * Allowlist verification - Enhancement #16 * Forgot to remove the original, more crude solution (which caused pylint errors) * New and improved code to fix issue #582 * Consistent formatting for logging strings
/etc/alternatives/keylime_agent /etc/alternatives/keylime_ca /etc/alternatives/keylime_ima_emulator /etc/alternatives/keylime_migrations_apply /etc/alternatives/keylime_registrar /etc/alternatives/keylime_tenant /etc/alternatives/keylime_userdata_encrypt /etc/alternatives/keylime_verifier /etc/alternatives/keylime_webapp /usr/bin/keylime_agent /usr/bin/keylime_agent-3.6 /usr/bin/keylime_ca /usr/bin/keylime_ca-3.6 /usr/bin/keylime_ima_emulator /usr/bin/keylime_ima_emulator-3.6 /usr/bin/keylime_migrations_apply /usr/bin/keylime_migrations_apply-3.6 /usr/bin/keylime_registrar /usr/bin/keylime_registrar-3.6 /usr/bin/keylime_tenant /usr/bin/keylime_tenant-3.6 /usr/bin/keylime_userdata_encrypt /usr/bin/keylime_userdata_encrypt-3.6 /usr/bin/keylime_verifier /usr/bin/keylime_verifier-3.6 /usr/bin/keylime_webapp /usr/bin/keylime_webapp-3.6 /usr/lib/python3.6/site-packages/keylime /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/PKG-INFO /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/SOURCES.txt /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/dependency_links.txt /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/entry_points.txt /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/not-zip-safe /usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info/top_level.txt /usr/lib/python3.6/site-packages/keylime/__init__.py /usr/lib/python3.6/site-packages/keylime/__pycache__ /usr/lib/python3.6/site-packages/keylime/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/agentstates.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/agentstates.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/api_version.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/api_version.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_cfssl.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_cfssl.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_openssl.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_impl_openssl.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_util.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ca_util.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_common.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_common.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_tornado.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cloud_verifier_tornado.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cmd_exec.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cmd_exec.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/config.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/config.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/crypto.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/crypto.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cryptodome.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/cryptodome.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/failure.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/failure.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/fs_util.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/fs_util.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_ast.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_ast.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_file_signatures.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_file_signatures.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_test.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/ima_test.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/json.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/json.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_agent.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_agent.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_logging.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/keylime_logging.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/measured_boot.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/measured_boot.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_client.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_client.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_common.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/registrar_common.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/requests_client.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/requests_client.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/revocation_notifier.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/revocation_notifier.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/secure_mount.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/secure_mount.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/signing.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/signing.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant_webapp.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tenant_webapp.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tornado_requests.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tornado_requests.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_bootlog_enrich.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_bootlog_enrich.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_ek_ca.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/tpm_ek_ca.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils_test.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/user_utils_test.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/web_util.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/__pycache__/web_util.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/agentstates.py /usr/lib/python3.6/site-packages/keylime/api_version.py /usr/lib/python3.6/site-packages/keylime/ca_impl_cfssl.py /usr/lib/python3.6/site-packages/keylime/ca_impl_openssl.py /usr/lib/python3.6/site-packages/keylime/ca_util.py /usr/lib/python3.6/site-packages/keylime/cloud_verifier_common.py /usr/lib/python3.6/site-packages/keylime/cloud_verifier_tornado.py /usr/lib/python3.6/site-packages/keylime/cmd /usr/lib/python3.6/site-packages/keylime/cmd/__init__.py /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__ /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/agent.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/agent.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ca.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ca.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ima_emulator_adapter.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/ima_emulator_adapter.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/migrations_apply.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/migrations_apply.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/registrar.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/registrar.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/tenant.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/tenant.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/user_data_encrypt.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/user_data_encrypt.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/verifier.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/verifier.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/webapp.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/cmd/__pycache__/webapp.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/cmd/agent.py /usr/lib/python3.6/site-packages/keylime/cmd/ca.py /usr/lib/python3.6/site-packages/keylime/cmd/ima_emulator_adapter.py /usr/lib/python3.6/site-packages/keylime/cmd/migrations_apply.py /usr/lib/python3.6/site-packages/keylime/cmd/registrar.py /usr/lib/python3.6/site-packages/keylime/cmd/tenant.py /usr/lib/python3.6/site-packages/keylime/cmd/user_data_encrypt.py /usr/lib/python3.6/site-packages/keylime/cmd/verifier.py /usr/lib/python3.6/site-packages/keylime/cmd/webapp.py /usr/lib/python3.6/site-packages/keylime/cmd_exec.py /usr/lib/python3.6/site-packages/keylime/common /usr/lib/python3.6/site-packages/keylime/common/__init__.py /usr/lib/python3.6/site-packages/keylime/common/__pycache__ /usr/lib/python3.6/site-packages/keylime/common/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/algorithms.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/algorithms.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/exception.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/exception.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/metrics.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/metrics.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/retry.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/retry.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/states.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/states.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/validators.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/common/__pycache__/validators.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/common/algorithms.py /usr/lib/python3.6/site-packages/keylime/common/exception.py /usr/lib/python3.6/site-packages/keylime/common/metrics.py /usr/lib/python3.6/site-packages/keylime/common/retry.py /usr/lib/python3.6/site-packages/keylime/common/states.py /usr/lib/python3.6/site-packages/keylime/common/validators.py /usr/lib/python3.6/site-packages/keylime/config.py /usr/lib/python3.6/site-packages/keylime/crypto.py /usr/lib/python3.6/site-packages/keylime/cryptodome.py /usr/lib/python3.6/site-packages/keylime/db /usr/lib/python3.6/site-packages/keylime/db/__init__.py /usr/lib/python3.6/site-packages/keylime/db/__pycache__ /usr/lib/python3.6/site-packages/keylime/db/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/keylime_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/keylime_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/registrar_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/registrar_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/verifier_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/db/__pycache__/verifier_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/db/keylime_db.py /usr/lib/python3.6/site-packages/keylime/db/registrar_db.py /usr/lib/python3.6/site-packages/keylime/db/verifier_db.py /usr/lib/python3.6/site-packages/keylime/elchecking /usr/lib/python3.6/site-packages/keylime/elchecking/__init__.py /usr/lib/python3.6/site-packages/keylime/elchecking/__main__.py /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__ /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__main__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/__main__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/example.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/example.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/policies.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/policies.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/tests.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__/tests.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/elchecking/example.py /usr/lib/python3.6/site-packages/keylime/elchecking/policies.py /usr/lib/python3.6/site-packages/keylime/elchecking/tests.py /usr/lib/python3.6/site-packages/keylime/failure.py /usr/lib/python3.6/site-packages/keylime/fs_util.py /usr/lib/python3.6/site-packages/keylime/ima.py /usr/lib/python3.6/site-packages/keylime/ima_ast.py /usr/lib/python3.6/site-packages/keylime/ima_file_signatures.py /usr/lib/python3.6/site-packages/keylime/ima_test.py /usr/lib/python3.6/site-packages/keylime/json.py /usr/lib/python3.6/site-packages/keylime/keylime.conf /usr/lib/python3.6/site-packages/keylime/keylime_agent.py /usr/lib/python3.6/site-packages/keylime/keylime_logging.py /usr/lib/python3.6/site-packages/keylime/measured_boot.py /usr/lib/python3.6/site-packages/keylime/migrations /usr/lib/python3.6/site-packages/keylime/migrations/__init__.py /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__ /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/env.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/__pycache__/env.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/alembic.ini /usr/lib/python3.6/site-packages/keylime/migrations/env.py /usr/lib/python3.6/site-packages/keylime/migrations/versions /usr/lib/python3.6/site-packages/keylime/migrations/versions/1ac1513ef2a1_fix_mb_and_ima_column_types.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/257fe0f0c039_add_fields_for_revocation_context_to_.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/7d5db1a6ffb0_add_agentstates_columns.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/8a44a4364f5a_initial_database_migration.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/8da20383f6e1_extend_ip_field.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/9169f80345ed_add_supported_version_to_verifiermain_.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/__init__.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__ /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/7d5db1a6ffb0_add_agentstates_columns.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/7d5db1a6ffb0_add_agentstates_columns.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8a44a4364f5a_initial_database_migration.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8a44a4364f5a_initial_database_migration.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8da20383f6e1_extend_ip_field.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/8da20383f6e1_extend_ip_field.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/a7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/ae898986c6e9_add_mb_refstate_column.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/ae898986c6e9_add_mb_refstate_column.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/b4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/b4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/c3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/c3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/cc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/cc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eb869a77abd1_create_allowlist_table.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eb869a77abd1_create_allowlist_table.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eeb702f77d7d_allowlist_rename.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/eeb702f77d7d_allowlist_rename.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__/f82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/migrations/versions/a79c27ec1054_add_mtls_cert_field_to_registrar.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/a7a64155ab3a_add_ima_filesigning_keys_column.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/ae898986c6e9_add_mb_refstate_column.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/b4d024197413_add_verfier_id_to_verifiermain_table.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/c3842cc9ee69_store_keyrings_learned_from_ima_log.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/cc2630851a1f_receive_the_aik_tpm_from_the_agent.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/eb869a77abd1_create_allowlist_table.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/eeb702f77d7d_allowlist_rename.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/f35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.py /usr/lib/python3.6/site-packages/keylime/migrations/versions/f82c4252bc4f_add_ip_and_port_to_registrar.py /usr/lib/python3.6/site-packages/keylime/registrar_client.py /usr/lib/python3.6/site-packages/keylime/registrar_common.py /usr/lib/python3.6/site-packages/keylime/requests_client.py /usr/lib/python3.6/site-packages/keylime/revocation_actions /usr/lib/python3.6/site-packages/keylime/revocation_actions/__init__.py /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__ /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/print_metadata.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/print_metadata.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/update_crl.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__/update_crl.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/revocation_actions/print_metadata.py /usr/lib/python3.6/site-packages/keylime/revocation_actions/update_crl.py /usr/lib/python3.6/site-packages/keylime/revocation_notifier.py /usr/lib/python3.6/site-packages/keylime/secure_mount.py /usr/lib/python3.6/site-packages/keylime/signing.py /usr/lib/python3.6/site-packages/keylime/static /usr/lib/python3.6/site-packages/keylime/static/css /usr/lib/python3.6/site-packages/keylime/static/css/webapp.css /usr/lib/python3.6/site-packages/keylime/static/icons /usr/lib/python3.6/site-packages/keylime/static/icons/ICON-LICENSE /usr/lib/python3.6/site-packages/keylime/static/icons/README.md /usr/lib/python3.6/site-packages/keylime/static/icons/png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/ban.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/bug.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/keylime.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/plus.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-2x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-3x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-4x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-6x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash-8x.png /usr/lib/python3.6/site-packages/keylime/static/icons/png/trash.png /usr/lib/python3.6/site-packages/keylime/static/js /usr/lib/python3.6/site-packages/keylime/static/js/webapp.js /usr/lib/python3.6/site-packages/keylime/tenant.py /usr/lib/python3.6/site-packages/keylime/tenant_webapp.py /usr/lib/python3.6/site-packages/keylime/tornado_requests.py /usr/lib/python3.6/site-packages/keylime/tpm /usr/lib/python3.6/site-packages/keylime/tpm/__init__.py /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__ /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/__init__.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/__init__.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects_test.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm2_objects_test.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_abstract.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_abstract.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_main.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/keylime/tpm/__pycache__/tpm_main.cpython-36.pyc /usr/lib/python3.6/site-packages/keylime/tpm/tpm2_objects.py /usr/lib/python3.6/site-packages/keylime/tpm/tpm2_objects_test.py /usr/lib/python3.6/site-packages/keylime/tpm/tpm_abstract.py /usr/lib/python3.6/site-packages/keylime/tpm/tpm_main.py /usr/lib/python3.6/site-packages/keylime/tpm_bootlog_enrich.py /usr/lib/python3.6/site-packages/keylime/tpm_ek_ca.py /usr/lib/python3.6/site-packages/keylime/user_utils.py /usr/lib/python3.6/site-packages/keylime/user_utils_test.py /usr/lib/python3.6/site-packages/keylime/web_util.py /usr/share/doc/packages/python3-keylime /usr/share/doc/packages/python3-keylime/README.md /usr/share/licenses/python3-keylime /usr/share/licenses/python3-keylime/ICON-LICENSE /usr/share/licenses/python3-keylime/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 19:58:50 2024