Fix services and binary location (#1121)

packages/utils/keylime-agent/build.yaml

@@ -8,24 +8,24 @@ env:
 
 prelude:
 - apt-get update && apt-get install -y git libclang-dev libssl-dev libtss2-dev libzmq3-dev pkg-config cargo make
-- PACKAGE_VERSION=v${PACKAGE_VERSION%\+*} && git clone --depth=1 --branch ${PACKAGE_VERSION} https://github.com/${GITHUB_ORG}/${GITHUB_REPO}
+- PACKAGE_VERSION=v${PACKAGE_VERSION%\-*} && git clone --depth=1 --branch ${PACKAGE_VERSION} https://github.com/${GITHUB_ORG}/${GITHUB_REPO}
 
 steps:
 # build
 - cd ${GITHUB_REPO} && RELEASE=1 TARGETDIR=/build make all
 # create target dirs for package
-- mkdir -p /package/usr/local/bin/
+- mkdir -p /package/usr/bin/
 - mkdir -p /package/etc/keylime/
 - mkdir -p /package/etc/systemd/system/
 - mkdir -p /package/usr/libexec/keylime/
 # Copy binaries
-- cp /build/release/keylime_agent /package/usr/local/bin/
+- cp /build/release/keylime_agent /package/usr/bin/
-- cp /build/release/keylime_ima_emulator /package/usr/local/bin/
+- cp /build/release/keylime_ima_emulator /package/usr/bin/
 # copy default config
 - cp ${GITHUB_REPO}/keylime-agent.conf /package/etc/keylime/
 # copy systemd services
-- cp ${GITHUB_REPO}/dist/systemd/system/keylime_agent.service /package/etc/systemd/system/
+- cp keylime-agent.service /package/etc/systemd/system/
-- cp ${GITHUB_REPO}/dist/systemd/system/var-lib-keylime-secure.mount /package/etc/systemd/system/
+- cp var-lib-keylime-secure.mount /package/etc/systemd/system/
 # Some kind of needed shim for a bug
 # Remove when https://github.com/keylime/rust-keylime/issues/325 is fixed
 - cp ${GITHUB_REPO}/keylime-agent/tests/actions/shim.py /package/usr/libexec/keylime/

packages/utils/keylime-agent/definition.yaml

@@ -1,6 +1,6 @@
 name: "keylime-agent"
 category: "utils"
-version: "0.2.6"
+version: "0.2.6-1"
 labels:
   github.repo: "rust-keylime"
   github.owner: "keylime"

packages/utils/keylime-agent/keylime-agent.service

@@ -0,0 +1,20 @@
+[Unit]
+Description=The Keylime compute agent
+StartLimitInterval=10s
+StartLimitIntervalSec=10
+StartLimitBurst=5
+Requires=var-lib-keylime-secure.mount
+After=var-lib-keylime-secure.mount
+After=network-online.target
+Wants=network-online.target
+ConditionPathExistsGlob=/dev/(tpm|tpmrm)[0-9]*
+
+[Service]
+ExecStart=/usr/bin/keylime_agent
+TimeoutSec=60s
+Restart=on-failure
+RestartSec=120s
+Environment="RUST_LOG=keylime_agent=info"
+
+[Install]
+WantedBy=default.target

packages/utils/keylime-agent/var-lib-keylime-secure.mount

@@ -0,0 +1,12 @@
+[Unit]
+Description=Kelime configuration filesystem
+Before=keylime-agent.service
+
+[Mount]
+What=tmpfs
+Where=/var/lib/keylime/secure
+Type=tmpfs
+Options=mode=0700,size=1m,uid=tss,gid=tss
+
+[Install]
+WantedBy=multi-user.target