Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tpm2-pkcs11: 1.0.1 -> 1.1.0 #82241

Merged
merged 1 commit into from Mar 17, 2020
Merged

tpm2-pkcs11: 1.0.1 -> 1.1.0 #82241

merged 1 commit into from Mar 17, 2020

Conversation

r-ryantm
Copy link
Contributor

Semi-automatic update generated by nixpkgs-update tools. This update was made based on information from https://github.com/tpm2-software/tpm2-pkcs11/releases.

meta.description for tpm2-pkcs11 is: "A PKCS#11 interface for TPM2 hardware"

meta.homepage for tpm2-pkcs11 is: "https://github.com/tpm2-software/tpm2-pkcs11"
Updates performed:

  • Version update
  • Quoted meta.homepage for RFC 45

Release on GitHub

Compare changes on GitHub

Checks done (click to expand)
Rebuild report (if merged into master) (click to expand)

2 total rebuild path(s)

1 package rebuild(s)

1 x86_64-linux rebuild(s)
1 i686-linux rebuild(s)
0 x86_64-darwin rebuild(s)
0 aarch64-linux rebuild(s)

First fifty rebuilds by attrpath
tpm2-pkcs11

Instructions to test this update (click to expand)

Either download from Cachix:

nix-store -r /nix/store/zkgal0hm9xpz6qslb2v9p8v3h131xl85-tpm2-pkcs11-1.1.0 \
  --option binary-caches 'https://cache.nixos.org/ https://r-ryantm.cachix.org/' \
  --option trusted-public-keys '
  r-ryantm.cachix.org-1:gkUbLkouDAyvBdpBX0JOdIiD2/DP1ldF3Z3Y6Gqcc4c=
  cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
  '

(r-ryantm's Cachix cache is only trusted for this store-path realization.)
For the Cachix download to work, your user must be in the trusted-users list or you can use sudo since root is effectively trusted.

Or, build yourself:

nix-build -A tpm2-pkcs11 https://github.com/r-ryantm/nixpkgs/archive/fbd175b11f64963b737683a32eaa34e8f430c639.tar.gz

After you've downloaded or built it, look at the files and if there are any, run the binaries:

ls -la /nix/store/zkgal0hm9xpz6qslb2v9p8v3h131xl85-tpm2-pkcs11-1.1.0
ls -la /nix/store/zkgal0hm9xpz6qslb2v9p8v3h131xl85-tpm2-pkcs11-1.1.0/bin

cc @lschuermann for testing.

@ofborg ofborg bot requested a review from lschuermann March 10, 2020 12:36
@marsam marsam merged commit 788a7c4 into NixOS:master Mar 17, 2020
@lschuermann
Copy link
Member

@marsam This was unfortunate. I didn't leave a comment stating that this needs further testing and attention, so you merged it of course.

However, during changes from tpm2-pkcs11 v1.0.1 to v1.1.0 significant database changes happened, with users strictly advised to make backups of their database beforehand. Do you know how that should be handled in future releases? I guess we don't need to revert this, as the tpm2-module just landed in unstable and this software likely isn't used widely.

@r-ryantm r-ryantm deleted the auto-update/tpm2-pkcs11 branch March 18, 2020 13:00
@marsam
Copy link
Contributor

marsam commented Mar 22, 2020

Sorry about that, I did test the executable and assumed it was working correctly

Do you know how that should be handled in future releases?

Unfortunately, I don't think there is a right answer for handling db schema changes in nixos modules; however, we could add tests to the tpm2 module to ensure it still works as expected.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lschuermann lschuermann Awaiting requested review from lschuermann

Assignees
No one assigned
Labels
10.rebuild-darwin: 0 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@r-ryantm @lschuermann @marsam