[yocto] [meta-security][PATCH v2] tpm2.0-tss: install resourcemgr service

[Benjamin Gaignard]

Install systemd resource.mgr service and it needed user/group.

version 2:
- do not hardcode sbin directory in a patch but use ${sbindir} instead

Signed-off-by: Benjamin Gaignard <benjamin.gaignard at linaro.org>
---
 recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb b/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb
index a03559c..ca82562 100644
--- a/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb
+++ b/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb
@@ -10,7 +10,7 @@ SRC_URI = " \
     file://ax_pthread.m4 \
     file://fix_musl_select_include.patch "
 
-inherit autotools pkgconfig
+inherit autotools pkgconfig systemd
 
 S = "${WORKDIR}/${@d.getVar('BPN',d).upper()}"
 
@@ -24,6 +24,26 @@ do_configure_prepend () {
 	cd $currentdir
 }
 
+INHERIT += "extrausers"
+EXTRA_USERS_PARAMS = "\
+	useradd -p '' tss; \
+	groupadd tss; \
+	"
+
+SYSTEMD_PACKAGES += "resourcemgr"
+SYSTEMD_SERVICE_resourcemgr = "resourcemgr.service"
+SYSTEMD_AUTO_ENABLE_resourcemgr = "enable"
+
+do_patch[postfuncs] += "fix_systemd_unit"
+fix_systemd_unit () {
+    sed -i -e 's;^ExecStart=.*/resourcemgr;ExecStart=${sbindir}/resourcemgr;' ${S}/contrib/resourcemgr.service
+}
+
+do_install_append() {
+    install -d ${D}${systemd_system_unitdir}
+    install -m0644 ${S}/contrib/resourcemgr.service ${D}${systemd_system_unitdir}/resourcemgr.service
+}
+
 PROVIDES = "${PACKAGES}"
 PACKAGES = " \
     ${PN}-dbg \
@@ -64,4 +84,4 @@ FILES_libtctisocket-dev = " \
     ${libdir}/pkgconfig/tcti-socket.pc \
 "
 FILES_libtctisocket-staticdev = "${libdir}/libtcti-socket.*a"
-FILES_resourcemgr = "${sbindir}/resourcemgr"
+FILES_resourcemgr = "${sbindir}/resourcemgr ${systemd_system_unitdir}/resourcemgr.service"
-- 
1.9.1