python3-keylime-6.3.2-150400.4.20.1<>,h<dap9|c3Kߛ VI/G/΃SzrCPE4F*Qu/E]Xrʀc 3V4GeD4?rFu4ݽu U Nɤ?&<-޺`4mxV0=Wj:'-:ǖ2H+@8G#8iMCiĬw5NA_^%$8W;YMJ8xZ U|mֶX֎~D}RX|>ET?Td & g1 GSv| Lkk k k Pk o{k r kwk~k kH\`m(n8x9:>@FGkH|kI (kX Y \ k]Xk^5,b;0c;d<[e<`fApache-2.0 AND MIThttps://www.suse.com/Unspecifiedhttps://github.com/keylime/keylimelinuxnoarch# python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_verifier keylime_verifier /usr/bin/keylime_verifier-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_registrar keylime_registrar /usr/bin/keylime_registrar-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_agent keylime_agent /usr/bin/keylime_agent-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_tenant keylime_tenant /usr/bin/keylime_tenant-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_ca keylime_ca /usr/bin/keylime_ca-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_migrations_apply keylime_migrations_apply /usr/bin/keylime_migrations_apply-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_userdata_encrypt keylime_userdata_encrypt /usr/bin/keylime_userdata_encrypt-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_ima_emulator keylime_ima_emulator /usr/bin/keylime_ima_emulator-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_webapp keylime_webapp /usr/bin/keylime_webapp-3.6 36# python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_verifier-3.6" ]; then update-alternatives --quiet --remove "keylime_verifier" "/usr/bin/keylime_verifier-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_registrar-3.6" ]; then update-alternatives --quiet --remove "keylime_registrar" "/usr/bin/keylime_registrar-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_agent-3.6" ]; then update-alternatives --quiet --remove "keylime_agent" "/usr/bin/keylime_agent-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_tenant-3.6" ]; then update-alternatives --quiet --remove "keylime_tenant" "/usr/bin/keylime_tenant-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_ca-3.6" ]; then update-alternatives --quiet --remove "keylime_ca" "/usr/bin/keylime_ca-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_migrations_apply-3.6" ]; then update-alternatives --quiet --remove "keylime_migrations_apply" "/usr/bin/keylime_migrations_apply-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_userdata_encrypt-3.6" ]; then update-alternatives --quiet --remove "keylime_userdata_encrypt" "/usr/bin/keylime_userdata_encrypt-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_ima_emulator-3.6" ]; then update-alternatives --quiet --remove "keylime_ima_emulator" "/usr/bin/keylime_ima_emulator-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_webapp-3.6" ]; then update-alternatives --quiet --remove "keylime_webapp" "/usr/bin/keylime_webapp-3.6" fi&*# *" hf__9[9[  xqxqdd22115l5l=E=E  W W s s b b??uu ..ddgg 4 4 | |  zzbPK=1ŎZZNN 99TTv"s} q qss8844>[wu 8 8 [ [a : " "ff/\ \R4Bm& rJ$ + ^ ^#9J &;; 4 4ee``WW00%: \ \   MMA 0 1 1 ej`#X~u?QU{F  55//.C47^#o JS1,^AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤dadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadabMdadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadabMdF@bMbMbMbMdF@dabMdadadadadadadadadadadadadadadadadadadadadabMbMbMbMbMbMbMbMbMbMdabMdadadadadadadadadadadadadadadabMbMbMbMbMbMdF@bMbMdabMdadadadadadadadadabMbMbMdabMbMdadadadadadadadadadadabMbMbMbMbMbMbMbMbMbMdabMbMbMdabMdadadadadabMbMdabMbMbMbMbMbMbMbMdadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadabMbMbMbMbMbMbMbMbMbMbMdF@bMdabMdadadadadadadabMbMbMbMbMdadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadadF@bMdF@dabMdadadadadadadadadadadabMbMbMbMbMbMbMbMbMdabMdabMbM95ce7c9a24f0f63c512954983c5be99824720042638b5093a1fe77b0b932022003dcaba0102670ee96590ca292a9f08364cb3378d8eb186e3d77c8f7c7febc585ac0cc9d10fdc9da2d4ada92f6bc99c514369379732c20dceaa7880f209cb9bbb496fde09335305d99bef19dd83c7eb2d7874fbde5664d608d1122479fb93d2c8236d15f9d17281df2a87b8794b7a0b2077886b3d81905272b0a750885fe58a1ccd217002ec4317e0a53ec14a470fe50738998198f80c4467701f80705caf44e68bf4b2ffbfb5b3dc8e9a993e495902a2667a00c502b0b98da7f91129e1036358b6867091f0b91401053400374d4b5b7528374b33780e50aa762c3b1e743e91909a798af05cfd621467c4067323439accfc4c95c328ce00ee608065725f12390f6f12a0ac557fd540aa4955252894b8b8ddd4def588da17e3333750493202eea9c026378b0ed1730d5888a42a94d2f4319b9e469aaeebeb162ae9ecc6fde5ce201ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546bf43a0226cb5bbe9a4f22d12773149d49c3251a5ed860cf131047366ae1ba401f01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b4f8272bbfddb679644685e7a14d81ede1b2d0fbe72e8a2f4993042d5f44f9188e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855295971bee1db1e78d026cd62c20a4b6ed92fb353c3c4c32ad070d943c82883da295971bee1db1e78d026cd62c20a4b6ed92fb353c3c4c32ad070d943c82883da56c19130085d32caf9fcce9bcab71d6011b75777106af8892f3c9069a9f87ca4d437a317c85a67cef9d361800e35e70e0dccaa78b441ea96a5e4d512e68a774e714e1248a77e179627c419730280972ea6476e5d375f4de592af8d5652bbdbd43d0499c52f01f984cf17c247aa534b6c5374c3182a3bd49bc5e7ca0a7b0ae6062117dbac474442b2edac9a317071c1fbdb7642b00567d98293e5d0cb866de937fde9af6b42323c8a7b7e4fd4d90416dc9de1cf7c8928cc17e2ead5176b912252f670aa0afaabb09fb31ea51a4ec81920b26cb55e6e07959e576ae5ada24821926bea10d133ecf67df994a23aa009d1c3a2a976f49bd24db8d40a67a446eff88845940f2539c0b6bd0f3641af0ec8bcfea4b60dc142e205c816407587fda11775cc4875bb1322de7071de995c5b62e0d1c275d51db255f2266afbcf558481719d33d8f75faad0718791aa5ced6dc82047a86265e364aa1e669c648e6c0586323f884f7c753245a854f256f8a068e6297d3ec6711bf5d811205731bfe987a61c40397e7cbee798dbd76a2fb0131eb3e458fd84064ef45e275c0e97054122786c21695bf62985c2a430ca6dd3aa9a7de9fcf26eb9e855cf06ca3e4999a9a70f099930fd6dedc41741e124c04d018ddc2b0d2530ecd82a3858dcfae2a413145bc627327cc356c4dd49773cc003871888b35770b60446b46a6ab912038335301191c2b378461b763b1470f74c4a9927f57b93e65578c498d5e76eebf8474dae83d539010f1bac999512921253bb5666b3bd8de4b71b21e2b104951bd2fc2f57b0bbdb3eb2f2e721b15d037d6adfae6e6372d6324178562273dc8a129ee116de6d043da8cc1b8d9ce15b42bb54914d3853b480b527d4bb4e57c903facb5cf9dfbae095da9ea551579895fddb7be7ecdc7dfafc4529ee41041fb61745d96a7b3cd42f892df49d239d83df7e3813e4eac5ffbe49434535d3152b9d3f9de16dc9d46e9b41f16ddfa022854f425461f27a5cd532e75cde3e0b4e4560d34cf5aae047db3d7dabe9fa4fd056308fb0096a8422eb41b28a7470ab68e27612320c9b999ba83e4b94ec1130e87524ef7fcf2360d69bbb472588acaee771bd4ff0ee06061cd9d8c594ec1130e87524ef7fcf2360d69bbb472588acaee771bd4ff0ee06061cd9d8c5150b9b56feca574a228c172426abeec494dc21cb119aae7e79f4ce8566af138acdacca12d39cde54c931f53d74459b26deeff3c96ca1d11bd35fa4f0614bc26c45652ec2df67670aeba073c6af69f333b83d7197892136e4573df895b200e6671890e3424bba431dec2dea00b2366c24f66dd6d4a2d29ee59dad13ea593d66eed500a592179083ee7db29081ab925f07f321ccc1b863602a6f388bae9b046256d9bd664b2ae9686715350b7f136562b08407b5188a236c8f0911c49cae7f0038f4aa7bbdee6a1e3b8eab73a1d06bdec369631d616ae1503580e734cdc1316eb7d83a8b1e46636ccf866839633d5bdfe26c6b350623396f748ee2a277f93a48562679f079cfd94a3195971489a7022bf961bc8a985454d328810f521f3c8f327c34ec1284ce7ab1d920151752b261778acb8b39cbadd3d43e74363f4ea12628f35f09eccf16d9d256f9a22b7063000d6d7c5c4155ebb4a0de049d71048fa686ed6f75b00652bc9da4499e1e49827973d22d46ae698f350d241c0a50552bb90317905f0c229ecf51757719d2580eb6b533fa4653f0846f39d56dd4168231008618b680adaa8ef8c1f9a9e24e0c1350c2c41ca3f21ce131cb134a3d166db3151bc871eec11e8a660e39a9f2a139e59552fe61040dacb108d8b0e9d71aa83088a325169ea7b2765473ab266572917126d9b981c79affdda828e06ab68b2917c19f7bb5eec92820966f94557baea4a2bc35d6b4d97eae9933e213c30821b3af9ec8f385484cabe6346ea59b8c959955531f8c7711a9d04164a7f5437302941603786737130f70258ef41a38065e13392ea256741c424a5768ea99ab94128395156d386b0fe440ffe12c8bf49540b2a95e65bf09bade53195ae8b8a8a52ef3ba4043a11ac6d9710b9d840602a683d5895aa0fd7a9159d51f56b4e01d6ccd5bfa892326ae82a880d44aec0b09fd18241fa456fd795ca78246098d07b70b9348e90ee23cd86dea70b11b379cf7266d2371bced0727194e39ee6bf035385bcda957a08f5a0c050b0cf7f1f8faa0144c1b9e1817df9d5000a21724440690f276899507246b16fb893c357e4905338b2542b461deabdec19365e5f96e8dbb5120468fe023bc65aa00a5073b4ff6b4670f860e97d6ef9863e3f49efd236be8a360bba6907d8c94e20d272d5ce35dfdf3b357c5a0ccb4353a72aa2e9c029837b7b51615fb0fd469bd1809e9711963efdf87e9d3cec21cc7e69680921906c2d85200ca8ecbb280df729b5d5aa685e198380a33cc6837d150acab759f72f541003b789ba8072cc771b88962a2ce76505166e06356dbc66cf140e10c19fb244cac41a4892ee0f69f6c1084d4b5875e3f63a5649f2304b17bd8c1e26defd96841f2dee9b06fe32c8a7ac5012a1a2fc6d912130f1b4d3cc633a3c6cea8050bd15a72e118fb8e482dd3e153aaff5ba8899c614e86dd2f4b3753db572cbea704718a8d89d13116542c6279aa6ebc132942bdefa7513436617c44edcf11c88f02afc34a33a7a9315e1b5be8de05e3475d892994b26a3e25e6d7f0cc0033a93b514de36fecca655a91cad15a182fc5d842e1c403807319b12d976a18d045143aebb714c1a74d9dd4bb6b2dedbd5fcd45b848cb3320c908ef589d340ab090abcdb783640ed5f8e66e1d00a959d2129e9062e85bf66cf03e939b9249a3b77b0af2f56cb721b61ead60291f142dfecde537b9a64c0582d1eed6c1d3499199bc1d9c94d16af2e4fd78709049257909f5c8e23aa38d5f8f5e300fd32b5ed4cdd2889c1b69b1edd455f51fdd62ce213e687777fe33f152dcc43806df8536b65636ba93980013c4b72b77504dfae9a7b79e86c0f7525708de8d10620d082a59904155e4c6e971ec949e79d3213a5a214984ec7863e45f65f076f411cd626e0d5d43ecfffd2f896f9fa2141e8b6ed1085af54865fff921ea904a5de8a66f90132e14a4021f9e58e486b3af3188ae57701dbd1edce3113735727f7474fa025889eedb8ec211b4860895d541c011deff8c98abb4d5fe5dae0afc86f22df76b44e84dbeb8bd9b9aa3b54d9b1b5d52e931b7e390f8ed7534a00fa189dfa828278de586fe8169d98778b55e17b12c50580c0dc22792505bbe113fab1da2e3a2e24e85b18a8874747cd3138366c1d9788b33b743d66967b8e3593d327ca829b234e0043fc6e549b5cc225bc733b52b0da93c4a46b0a9d08737f458f4e5a17486ba994dadfcecd53af2b1544030f7a7115d14efc9a71ae28aa6268e6f4d57bb6fe408ac56d62f7032f94d5d8377b9b144da1ce3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855647223752fb42799133a3e1f45d08ea0c0b514dbea980e4e64ace22058be3f1d647223752fb42799133a3e1f45d08ea0c0b514dbea980e4e64ace22058be3f1dd45653d0ea45123362dcb2abc66adc62522bd031a863c5d2a1b71d3be9de3e9b88c9ffcd9998a95e139e2fb4b9b3100169c89a424f61e6d11aa347af7609b032d46cf5d5a2cabac71b8c13e1d412e9f872b9931236105634a89230b1af90a18ebe0d3dd9a24a53bb6d19551058536f32b5705d9215f02f19d4984ad00f15b21f5aa40a32c91b64bab8ce797099f651893db23bad967a95eff85dfa8a0c0e26f8adbdd4cd6d489500a4ac1f40aaca0a86dcaf96829bf11497e8d137c5a4ce09832bf6ae5726f62d165dafea936d4a232288a2a4dfc3e4d765301726c8d2ff7003ecc712c5b2d7c4edc4043e29119b2f233c4db2a2564644cddca979c37e62ad4953b38f3898ce16d352b8ff2958ccd08718448be3b1c9470ea36e91ddca0607443597796758700e57ac2259ee33e452aa3f3bb90c68858d3ac4e6c17a00be5cfc7bd5f85ea1592dde79e00993bff395761dfa641418a6c157840a4d94e09584f1cf57b69a05b0d47acdf7f9d7bf94645c16a846ac9bd98eb083b0d94fad5ce283bb82e1697f1a5ff2b437278da7c9eee93b20c2c1066ca3b2b5991da4c1b82cd4efc110eac62024bb504143e95ae1619173c0f4b2b387e92bdfb5b7302db3e7b7b87ba58dccfd1546318e2be4f85b44907756bc15da9ce64eb20f05a18fe3402eb448bde40fa10841d63b65868ffece6812cb4444b44f539d8630ce42176c5a2bcbfb3efcb262ad80f7b55f2939db19b340ca73c11f4cabc70634f63191c6c402fa4cf96947d5bd1c5a0b176ed4ed23dc7f8a5252f2a8e3efb4fd8fd9598edb3875bd13ac03036c7498ffdb77ff91afba35649b0c207f03c932f979c2abab739378418c066686a84f0e46e3c49addd8d077831e854b93f5d47ca9f4e55c246c6225a3315b8b328839b73d960daf05e954701172530308b259336bbf76ea131c17fa2ea7da1eb41df7c256e9156989982e83d237aa7fd78de1a8fab31d87af2dbdf2971be43085453c2eae44b351c59e40e6096da882a7b3cc2e15a24b65eef6abaf91a7cab39dfcc2f9a0466a7f2b6e55274592e8603e5115448c2cc15ce65b9f1f776635886678195534052de05c3bd9ceb7b9d2910b5e1f00efbf4d9b2b342e88ec50f3f94e3c3b6613f8a69d858b78d62834a2b563c885809b4615d31df29195d2accb0b163d2de88840cfd8f7ff687fa54f3c344309f40bd1881c7ac211307c7e4ba8797a42b34e90608d7ccb923fb3ae5fbf709cb318014dcf317cf4b68fe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8556aa54d16468278cb028dbb3b4f02c89845dcd4273fd3eb0297c908abfbcf0ade6aa54d16468278cb028dbb3b4f02c89845dcd4273fd3eb0297c908abfbcf0adeb3a15e5c790873b483d6fd345663b1395954c555254664cb250cfde693409517637e9407ffd5f5d37c7b58d8078f0b3179468184fa51364758f3432fd5eafeecb12ed6cd53efaa20c0eab909c51daeb7015f517fd20e46f82416ac7f249adf64b12ed6cd53efaa20c0eab909c51daeb7015f517fd20e46f82416ac7f249adf6406a4c073d7cc75bd61f0d17b976a3d39f6e286410ae2a9d2127a6ecf5889bd3e06a4c073d7cc75bd61f0d17b976a3d39f6e286410ae2a9d2127a6ecf5889bd3e5524a6e30b91243488386ca2abf763efbf4de6792d2d0f786ffb9508b5c61b99042db25db273a959b9ec6b9ebad55722bb1d7f0842ff529662517ec738535ed1c0ef10d646d94409fac185292272c2cf4ec94eda0adc4da6ddd0ce7925eeef29c0ef10d646d94409fac185292272c2cf4ec94eda0adc4da6ddd0ce7925eeef29a4b0a7f82d2ff616c5c702a6de9910ef962b4ba041197bcd9b9e060ebcbd1be3a4b0a7f82d2ff616c5c702a6de9910ef962b4ba041197bcd9b9e060ebcbd1be366d58c0b85feb4d376eb91c1f83086d0f19ba52be251d4130227f724fc83f2ecc32cfeef230110dffb4b0e154f7282cca32f6a1101701fee77bbb796c9e37d0f272a2cfc1b732b07d5bf13e4b3cb527290a28dfd5f4bf57e037b01695b5c38b0af208aa37afa88e70ec99002140d4829b5407954168393c37a0011c628691b0b48170a485f230c650d8b4a7743827bf690b4eebbaa5a5305633fec2d7eefb196e4309f30d74c8c5333926d0314aa7cd712415424613a192d0a6b4e5cb7260cb769e90a60e89c78578972dcfbcfef96ff20a74a70cc13398c8b9887f84f16832cc3d29a30dbcfabe8612744037af8f8ddac4e3c4022054af6494ef55269e28217611d1fadf606ce125450df0361d571f7f43c4f05e9bdddfb757078b494869ffbe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8557dd51f7150841184f1e368fa6a0638e2c08a383e09807fbfb3f57d28504fda747dd51f7150841184f1e368fa6a0638e2c08a383e09807fbfb3f57d28504fda74b77afd291d19c43e6254fe90854f10d1c09a7f1a03143b3b7894a8ce914e3fc312e1a96cfa58aeaf1402a98d06ab5dc5f0bae065e322de2bfd9d5bec20aa99f0e15cd1442f98e0118806237596cdfb2876f89b1a8d13342926632ff86df09b37391a51f34def8b481ed0a5005531923be2fcd55b4a49d5cffa8edeabb62c3c144b06cbf88018f0343bb94f33ffe67772354fa7fa7ce6757ef0e92415005275b7eba7073107f9e4f268da153d91ff2af6843478f7db2aea9e59b564712e078df754bd27e7ce45a1cd204a95fc9efabc86b8735dd01d6c80a0f3b6b45245185163fd5c37e3ef4e13165762c2fc5257180bc5707686b8e57114b129b47515aba9fb74bb724b96bea7a3b6926662fc343bc524e8784d4f9b4056161e62cdaed89aa060afa5702484068ddbe75b7f311156f4ffd75a18a5db45560d0bf3d6860270bb68cdf959a14f8734b2155dc724a9518d0f49a4162bffe0546728e010827ca0ce304260ce014182c5ba1d371302d4ef952797bfdfb579cd7c4283bc06a1c0ba66304260ce014182c5ba1d371302d4ef952797bfdfb579cd7c4283bc06a1c0ba66212ba3284f91b19da2a60175ec9cefbc2d256abe0d0fbc23496eb6f59755f823cf5cdf6d71daf6be71195d13b27496c6a39514199c5648be921460411065cd7dc8c5bde34ec1af221e60344869525104f6546f42ff6d36688ba0c08ea65349da45812f048d35811a964a7e579e97ae5a80ee9f7bfaaf544eabf37cb626ef80622c90005fd19472dc39dd3e6190ea0f49f047f8a1f88f66afe759a6ac0506aa21335a45e1c11f3f0c4c3d9f79ebe9780b577c65d40d080357829e54114540f3f84217d9ca54470e8dfed68414bb67ee1b0d3a138fb687303c76f6754fc24e0f9c8273389bd431e4f69e8a3007c0c2b96253a93734c76df3415bfa61a2c202c74dc95675822697cae944982a0aaacdb8edf31be9396776e87a95edeee2d7451d58a50216831ebe19af288d6185bd7e75d6cc347f934054f44b415ee686ce5b3d47723109c37239bce6cadb3763b2eb17d700acb2a1a1f34f49eb35ada5d5019eef8f58c5b688f7c0052702898b3b51cd2146208e2c632ccf0d667034ee3f7c1ad45d77910152a06104f8b70432dae67897df54949c38505ec1f3822a660e0f66fb2577b6b4883e24378c308ceed333213556c7ea3114da04af2744cbab2805765843b3ac638ab2dea77e776364215658e5c2de0c6719789c798859956f08e90a1ac53f978542e2ce93037816e21271eb6a02baadc8fbbf1d98354b0e16c436297f1ecec644bb1f200d277ed984f821ba7db92681995e938476e31acf5bb575bf8d72ceb43bc11d7a6a3488cecf55e23f29b20dd6171412bfa089df9fa37df6fa38bb39cecd961f3bf3aa67d3073d6bc0ca8e66a43a3743c4883c9025f8f0d2fb38949b6dcc4b35e4652f2fcbb3e86242edf840959c5281b523526bfbe89139c184cecc72bef997e674e97f97649ef04f023b189fdc3418fd62c5512097b592b4ff3a206639e2eccd1506bdf2b75055ac70c097d22d2d79661ff967aba64e0ff702e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85548f48aa563d076ae2f51b19a67917168269646b83689bc83db4fb35d9ddb817a48f48aa563d076ae2f51b19a67917168269646b83689bc83db4fb35d9ddb817a42470ded2714624ef08885b37a0d439e54057feb1d952ff89679ec26e4aeab259d4176a8364a28911caea5f40f1e88edd2261420b69e8d729128e94623f897b0a1d1a261b4348598eaddccba8dc86b2a2c7c9680e2cb4528732291f78e8d9b2226f2e65f5bd4f6e9e891563b6fc8f31673d1280c3caa70e9052037eca7309e35c1822b5d40a0f023305c7a0ad01c0cb392018800b2e593a546bb6faae74afae9bddd88f821f634619009ddfd8a9fbac2990bbd34ade94b191469cfdd5548d8c0e8cc735c51f5a8f47e351c738fb5bfe01a5c70f4a323d1e12b96c9a3903466349f1cc0efccdef3dd27b06402222f82da9605968d7e821a9dca26207affb082ee6e802112e11a883f72a163190200a7cc506251a9c8bd486e6c06f0a00ffc632265d30936651b8cf226f32434ea8caac8908d2e244a3ca77e77733414eff7794a891c69acae93b3cc73ccd62313295d46094d0b668864624c8f02fca7e7727887e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85546207996dfbd744b35396f3ba4d13d8314ff4fb45f2aeeaa61a7c1ccd3a1151772b448870550019a69e83de2db7a62f99ec15d26b17d7343b2899a043e8012f9e0a74f840a771854ea6b981503bc7c0be579330b92eb70ec36370dc30fd6a56d07a49ea8b1318ba4d02e8de8c6c09fb293e76ca871e31069882427454c3dbd7945f5672f5bced09c973d9f3766d8244762ab39782338cf7b07d597ed2ff6f0d454e182772e8cdeb9f92e1445d28df7c999ba8c027654e533dd657c7d54f7263d3c1538064d0d921e52034225fb1e35572ee3d6ac533fa9dc5db1f9875a19bde23e52c47c63c22f4b4cdea262ef632131a7ffe9f30d0afba16a78b85d569f21ebde79aa663f03808a14ab1fd5f7188c2058ec4de83aa3d376ec5f305387477dbd538dcdbbd8f07f6a4398cfa8ac89baf80e40b4245d7281d2d58e236f4ad9b6c641a37c1e8d8fe6cb769936efc45007d05fe9d58f50adf9bb8e3c66fda245f95af08de98e97c601056b5a28b02a61b53e02a6d57b3fdab0848824304efe294ba226c1f20810278b1dc8b954215e0fa6a3020b5f87035c1285013704a5a1316c0f03198764248e95e42309c23a303bb810d43b30548335d86244c96927b300ed58339d64acdc65fd448f5349b133b5a9a38f616162aefe7bef3b1375a64a614a2f339d64acdc65fd448f5349b133b5a9a38f616162aefe7bef3b1375a64a614a2fc1857731a9fc881a271174ca53efc70c7a32484429b53ec889ad5b680800c21facfea313d0092b094999cda71da71b7026036aedc34705c4d0034f3e61975910f8fac0efcbdab12535f6346f3e91af4d6f15d69d922d87f2e67699a3d4e476c160d1b5df439860ec1383fee48bb5cd93af978098cc6ac36ea75a6e645a16fd43aba83255b284306e7e695feae1cdbe13f07148459eb319bbeb931034b8dd59e1280b37ccbbf61e76f2674a7b48eeea12b1e186675d99d2648203617cf729ae48dc6a5eb73110fb28c387c9411c315ad3af541d65b94efd58f7d5b641c8278dc8d5a0690274cf528c488f60c9a2e61e9d6eb5e0104ad4f88a50a9ecbfc8227988527c6e72e6c0d4e7aa6ab0c2d475b0bc587df7e672ca69e75b2bcfc6449cc18b56ae7c403fd2f9fe38adc3ac117e8b10c88c122c004b5030dbdf00a285f4b1d8e28947d44158fe31761a3ff6d1d2180f072eeeefe84083551ead5ff2e868c8898f17f51e1d733c7cdc2793ec99d44dc5f39f86ccdf0c7e68d237e27494d8317a3ef8ce971f48b38c58aafe21378f321b551432e85fc5e308f5241833c48877c62ff39b9252129e08ed93fdcd370fda000922e5152f1ff7fb20e73dd67cf4a4d597271a21cd1b21df116e9e869f026125c2d5dfae8e4d30cc28c9ea025a58be2ed2f3ece468c02f0bb20bb3364e3c9738b45194d93181df351a2a625f7c0a96192d98345de1fb5a30d4dbbafc55957e421b878bf13c7bf324653d5b84d8569b7aee5fea7b7d2b07b3a70613b23cfb1de040eca99f18e25485eaad55b13e7a8f5798b72212919f4af1f0dd38582708250f07abaa6ba11f2863f600e1db90a03d808ae8784a4d62d290e8fcc4e7f6d9f31d3cfa319514f2f1a6542731e614fd88d8764419fe2da2da3d42373d4dfcdc8bbe979e61f285f04a2a6fcf378e9b40db47fe9ef24d1a1b513a1f17a462a4dac5a0dedaf2227b86b70cac699b84139c359d5916a23d09464509193500defaa23900fa508327031884c91da9cf4f73f8bc180bc21bffa4fbe36692ffb7b9e90d539075e0f78a67debb00130e7b098dedd143de496fffe62af8a630f4b2c67993c5b838fdb7d7460f4143c66294310bcfa15e772d452af09e1b55f601ed241866d082383465bdf6e0dc4e80c20a2697ac229e8b15f38155affeab4587d2741e1ecc53b32582b6a4ded1b3308b79617a1dfe6a390f8ae6410324022c4935efc91161691388ecefaec26210c4d56b7863b17319cf564fb7625a3b98e034c30060be2d45876e60f8dab3221ba0e778201c3388353c20dd92688a08bc127658eaeb3b091dd4c61d721b746a8be08eab1770027acadf4a09887c54f718a71ff8dba7845b361182761c814d27d1907157f388f8fa28f052f921016785cc3bed9c6661bca09a36f5d2d10b6cfec0f1563ea033961269cb1cf948b8e19d7c20239530f276b5f69840926bdfeb81ac939f49ca30c7c1dee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855c6cc38c7759722c3641e849f4a8f7105f556086004cc7708672d01f6a3c54f1ac6cc38c7759722c3641e849f4a8f7105f556086004cc7708672d01f6a3c54f1a1621fb20c71f58a0bab2de6f849eccc2b1c349661ee6861d5b419019d422f333b98df968e52617ddb59ba82576242d2b66b93281b12577ea418c2d3a3651b2f226da0611d4567877cfe5991644060525677a06a45c9945ad42cabb84653d81b9c8252fa06c11a563f0850eeabe93597b8a003c611bea9a24d896efdd0d97946282f0c469038b6ddd478376bdc096ae9f60d70eaebe1f2bcb9e877c5cb71620537ffc3d01d94bc2aace50fb8544d7bbef7dfe21cb340d1afd3afaacb47163bf8b182208cab4454b0bed36f18df662b2b3270a030b2908f5e2f166f221668ec6c4bac66f799fcaee48c56de163a40411e4612e8e196866689693867a579341713b0a18d86e7b597d516697b6c401cda15069d81919520e252e52ed0d76d210461fcfcb34d19f9985632ab049dc94882a3393f9c5c347e8870dd004476e3be1b9dfb3f22ce84cba8df34011f5d420ec87ad75d7f91700f21cdc8589ee388594325ef7074d5d0144efc2c2347a3e1ead9e5cc4f1f9805fda08ecb9f55325cf1d015d8cc6b2471e621ec93597f70b3569bfc38535b482b430312418eae7c40a45a704cccf6d68e3c0950ef7cc77e8ad860d25bc6c2c73b2bba30e91c3a29928074bc5ce03b281437d0e67d7e864060a73090454a19ff1de52ba006ec5fad2a1a4c5125f101a3abbb2dcdd7e2f13fa5e4be040e7a6c2ec4eafd52d09add263f85f0cae4f19b10e6a5cf124e34a2f82e439a13fba3cbefe5be5037371f8523cb38a8d9c687607e377529e60a1b07dfb17d6dcfa4f4e4f3e2ae1ff5847a5e3b18dcdebdb62ae8833cf44cf0f540154950efc98c6ec024986748bef10c168e1e8ab601f171921c6efa41a77453a0d7a316b3b54683a743a257d39a30d94b54df3e55fd57ab735efec0ae4f99a0d4b65af94c4bdb87e0f3f459bc10b540b48944ecbec7262efc57784de051b85bebb76dffc9c8ce19f5d4481f587a96a5930dbe09113beab49b4458b0cd26fd3eecd2d620713e8ba5813703158924a40bf40c28fb9db2adef8272c2efd093798809af1fa9c091d61189f55a2ec26ad2d7fe820b2bebdb054824e19f5f080791f323482a2f90d3657778fc04867d3514829f6e1f4d8f7171a7943f98def6d598cf8606927378d30757ae53b4973f50c6ed12654245835d595c37e156efca6f13cf566cb5b67cf039311d6f215847b248054e141a40edb1f6e2efeb6c6babea131e9a6c1ba2126c59e5bc8b52be11dc5f136c965abcd39268feca4d34761578df9c77313474d701750cd074eb5e3408bea9a709d05d2af618b209f5c82772090aa514b43a122cce54e3c97da67c162c5bad40837de5a64259618e42f974247240744f1f212056f963c3aec31aff1cc35cbe993d892c9ef2e58af804a3c4911cd162d5941c5b1e6a0f2d746ca6867e36df4adfa4eaed2f8e5a2c48582a8b4fb1c82b41480df27339cd56720e67ee2def5df00c1803098e5a512c92cf6684ad12f72c03f37d9286715c851d257fc52ffd377011ab6f71fa06920892a42ce01ad6007b4e8c0ae64d489a964bf4c93042c911e3eac1ebb2f04ed2b8d197415048d3db2efbe77094da68a3fe0c02abed6d911317653ddc971ac5d1eacc6e43333f374ecf377202b13330c30a58f9dd40cbb06472fadf62318d121ac47a04c10250430890f1b698df7d7d6a2a1312f27d7e760169ca3d4d0d60c0164432e844376bae22fd2cf6cca7e25e53cea795e0b1d8b5e1be9154e72db5d903cd3a46c50bbeb06695b8ef02951b85fb7bfd511ec3bc4ae8d37d67afc80e8e2d0d85fe74a6f86e7edc6b27072f38b8cf876ba5e1b6ca24e4f11bffe0537dcc3d2e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855d86a0952f6f3416e5455b54e7d40e09b0c17b10b8058926909cdc8d1d2db4c6fd86a0952f6f3416e5455b54e7d40e09b0c17b10b8058926909cdc8d1d2db4c6f1142c20575c518164d44296f1eec0bcbe9f6aa85f32bd5ef5c38b71de8f4debd6668f4873aa02a4ea029927703bde30e6c2528fc216756d3dc4df81ac606895f83def8eabf720bd4d88348da4e3d5b6198925f2410d605fdcfe3a779d27f788b8c4317e75d0f1bdeefb56a187d2ffb411ed32f4fdbead2b78fddca1ecac72258f9d4d0eec2b285aa01cb412b4da2896c00894113b9f4a7cd92910fa7e05e777630f51120fb32a95e65d197f1291305cda97423fc6c303a2addb9de8ae59a2162205a5d9df7b75b11bea775e169ad927521a82125bca9e28301bcc507c75a87a67c4c05d768f4e7374fb41071bc4c9ca0a1a0102b5810db09621110cfc63aa735cb624a84b6338c4b3c2f962187b26949a643d5275e60b0b45edad6ad3035c20b55153c8240a55a93808813c131ff4ee9817a9e95f4394429b001c37c4362606a8acf7cfad1ee50136f3a7235f77875dc11d99fa4d351e6adfbb1a310a848594da9801d5369c0ed815779adfc4e1369bc75e08c8cd4df8fd5a03450cd8ffbc90921adcc1738194532895dbdbe9f33ed1bdbe9d43440157a7cb430858a46de6bad453ddc364c50cc045535764c00f1f3016ead9781ae5eb939a860944d5b753f18ef17c0102263540f7b5d1254152d084804907e812641b9cc86cf914e61384c5f5b85bf2e773e006593ee2eabae7f26c1bf2ae9cc0729a13a88dcff26e333de1c33138000e18a5ac57a4a5a2c15a583d77c52f38dd4f9249582cdd09acaba38e876c545c2d6653d0d857fa8c33c8551441d8cbad6ef98e868322ebf68a6638531b3f22ce84cba8df34011f5d420ec87ad75d7f91700f21cdc8589ee388594325ecfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30/etc/alternatives/keylime_agent/etc/alternatives/keylime_ca/etc/alternatives/keylime_ima_emulator/etc/alternatives/keylime_migrations_apply/etc/alternatives/keylime_registrar/etc/alternatives/keylime_tenant/etc/alternatives/keylime_userdata_encrypt/etc/alternatives/keylime_verifier/etc/alternatives/keylime_webapp@@@@@@@@@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkeylime-6.3.2-150400.4.20.1.src.rpmpython3-keylime@@     /bin/sh/bin/sh/usr/bin/python3libtss2-tcti-device0libtss2-tcti-tabrmd0procpspython(abi)python3-M2Cryptopython3-PyYAMLpython3-SQLAlchemypython3-alembicpython3-cryptographypython3-psutilpython3-python-gnupgpython3-pyzmqpython3-requestspython3-simplejsonpython3-tornadorpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)tpm2-0-tsstpm2.0-abrmdtpm2.0-toolsupdate-alternatives3.63.0.4-14.6.0-14.0.4-14.0-15.2-1rust-keylime4.14.3dF@dE@cY!@b@b@bUbbV@bs@bs@b a@a@aaq@aq@aaa@a@acaC1`` @`i@````aplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.com- Backport patch to avoid the leak of the authorization tag (CVE-2023-38201, boo#1213314) + CVE-2023-38201.patch- Backport patches to avoid DoS via SSL (CVE-2023-38200, boo#1213310) + CVE-2023-38200-01.patch + CVE-2023-38200-02.patch + CVE-2023-38200-03.patch- Backport CVE-2022-3500.patch (CVE-2022-3500) (bsc#1204782) + Moderate vulnerability where a node can seems as attested when in reality it is not properly attested- Drop cfssl default in keylime.conf patch (bsc#1201866)- Use chown -h to adjust persmissions for downgrade migration. This skip following symlinks and make the migration possible (bsc#1201466) - Add logrotate configuration for the services - Create run directory as non-root user - Conflict with rust-keylime - Consolidate in _distconfdir when possible - Add fix_exit.diff patch, to exit properly in SLE- Remove user downgrade mechanism from the package (CVE-2022-31250, bsc#1200885)- Fix "run_as" configuration parameter and set it to keylime:tss - Improve downgrade user migration during package update - Add patches (CVE-2022-1053, boo#1199253): + CVE-2022-1053-01.patch + CVE-2022-1053-02.patch + CVE-2022-1053-03.patch + CVE-2022-1053-04.patch- Update to version v6.3.2: * general: bump Keylime version to 6.3.2 * tpm_main: flush transient objects * pypi: add notice that the Python API is unstable * installer: use OpenSSL by default * Avoid mounting secdir while unmounting it * remove TPM, VTPM and IMA stubbing support * archive: remove all archive files * Change GH reviewers to be from developer group * added suse / opensuse support with zypper * Fix tpm import in test_tpm.py * Fix cfssl configuration in run_tests.sh * tpm_emulator: improve TPM emulator installation * config: Add option to enable DB debugging via DEBUG_DB env var * Enable SQL query cache for JSONPickleType * tpm_emulator: move everything into systemd services * Implement broader key support for Keylime's signing mechanisms * tenant: Use exponential backoff on key verification retries * tenant: Move JSON parsing to capture possible exceptions * tenant: Move verifier stop from do_quote to do_verify * pylint: Fix issues related to W0602 global-variable-not-assigned * tenant: Handle 404 error from registrar gracefully * pylint: Fix remaining code with issue R1732 consider-using-with * pylint: Fix R1732 consider-using-with * pylint: Fix issue detected by pylint-2.13.0 * pylint: Fix issue detected by pylint-2.13.0 * tenant: verify agent quote before adding to verifier * README: remove tpm2-abrmd and OSX sections * pylint: Fix issues related to W0102 dangerous-default-value * pylint: Fix R0201 no-self-use * pylint: remove W1203 logging-format-interpolation from ignore list * pylint: remove R1729 use-a-generator from ignore list * pylint: remove E1120 no-value-for-parameter from ignore list * pylint: remove W1201 logging-not-lazy from ignore list * pylint: fix C0209 consider-using-f-string * pylint: fix C0201 consider-iterating-dictionary * pylint: fix W1509 subprocess-popen-preexec-fn * keylime_tenant non-zero exit code on error * Fix prepare step adjustments in packit-ci.fmf plan * failure: fix Pattern type hint * mypy: add initial Mypy configuration * ima_ast: add type hints * failure: add type hints * logging, config: add type hints for logging module * algorithms: add type hints * json: add type hints and add JSONType as custom type * Full allowlist processing when not adding host * provider, vTPM: remove vTPM manager and provider code * tpm: fix that the set of missing PCRs is not serializable in failure * Restores the option to use keylime agents without mTLS * services: make the services run as keylime user instead of root * State in --help that SHA-256 is used for --allowlist-checksum * config: change cacert.pem to cacert.crt * registrar_client: validate connections against registrar ca certificate * tenant: validate connections against verifier ca certificate * request_client: only add custom adapter if TLS is enabled * setup: add static assets for webapp * Add TESTING.md describing testing details * Fix some remaining log format strings * Fix for database_url parameter with sqlite * Enable test basic-attestation-with-unpriviledged-agent in Packit CI * Use lazy string formatting when logging (#535) * Make Packit CI plan more resource-saving * keylime.conf: Document setting ownership in WORK_DIR (/var/lib/keylime) * agent: Make sure tmpfs is empty even if not mounted or cannot unmount * agent: Drop privileges by switching to normal user and group * agent: Move mounting of tmpfs towards beginning of main() * agent: Read measured boot log near process start * agent: Open file for IMA log file near process start * ima: Refactor read_measurement_list() to take file as argument * Add the policy name to failure event * tpm_main: Check if tpm_cert_store exists (#553) * Remove tag input from container build workflow * Push container images to quay.io/keylime org * Enable code coverage measurement for e2e tests in Packit CI * config: fix config search order * Add defaults for ephemeral keys for agent records * Update outdated greetings Github messages * services: add keylime_agent_secure.mount service * installer.sh: updated tpm2-{tools, tss}, use system packages if possible * revocation_notifier: convert the data to str in the notifiers * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml - Drop already merged patches * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch- Add upstream patches: * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch - Configure the agent to run as non-root (via keylime.conf) - Add keylime sysuser conf file and deploy as part of the tpm certificate subpackage - Prepare the systemd mount unit for /var/lib/keylime/secure- Drop patches beacuse merged upstream: * version.diff * cloud_verifier_tornado-use-fork_processes.patch - Drop binaries not used anymore: * keylime_provider_platform_init * keylime_provider_registrar * keylime_provider_vtpm_add - Update to version v6.3.1: * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml * agent, crypto: add localhost, server and contact ip to agent certificate * Add better default repo path for run_local.sh * Fix incorrect variable name in test_restful * Run existing agent tests against the rust-keylime agent * Fix small wording mistakes caught while reading the code * agent: move key and certificate logging levels from debug to info * agent: allow absolute paths for rsa_keyname and mtls_cert * Add missing backend parameter * cloud_verifier_tornado: use fork_processes * ci: automatically push release to PyPI * setup.{py,cfg}: Move setup configuration to setup.cfg * Add iproute tool to Dockerfile * Pylint does not like single-line functions. * A small beauty fix * This is a small fix to proactively fix Issue #840 by identifying non-escaped double quotes in the tpm2-tools output * setup.py: add version number and new Python versions, drop unsed binaries * setup.py, config: install default configuration into package path * ci: move old keylime.conf to keylime.conf.orig before running tests * retry: fix pylint issue * Adding Infineon Optiga 034 RSA and ECC certificates for Infineon SLB9675 devices. * Ensure columns "mb_refstate" and "allowlist" are of type LONGTEXT in table "verifiermain" * tenant: add exponential backoff option to retry timings * cloud verifier: add exponential backoff option to retry timings * tpm: add exponential backoff option to retry timings * test, retry: add unit test for retry algorithm * common: add algorithm for retry time calculation * registrar, tpm_main: ensure that correct types are commited to DB. * Fix typo for config param listen_notifications * Lint is _really_ unhappy today. * Linty fixes * Adding a unit test file for tpm_main * tpm_main: check if PCRs for the hash algorithm are available * tpm_main: handle if tpm2_checkquote returns no PCRs for a hash algorithm * agent: output supported_version as result not as a status * Add missing subcommands to -c help message * tests: fix mtls_cert generation in test_restful.py * revocation_notifier: fix socket path permission check * Remove unused database_query config param * Move umask calls only on entry points * config: move directory utilities to fs_util- Change back agent_uuid to hostname - Set tpm_hash_alg to sha256 by default - Update version.diff patch to point to the correct version number - Fix issue with Tornado, when multiple workers are started * Add cloud_verifier_tornado-use-fork_processes.patch (bsc#1195605)- Drop patches beacuse merged upstream: * 0001-Drop-dataclasses-module-usage.patch * 0001-config-support-merge-multiple-config-files.patch * 0001-ca-support-back-old-cyptography-API.patch - Update to version v6.3.0: * Coordinated update to fix: + bsc#1193997 (CVE-2022-23948) + bsc#1193998 (CVE-2021-43310) + bsc#1194000 (CVE-2022-23949) + bsc#1194002 (CVE-2022-23950) + bsc#1194004 (CVE-2022-23951) + bsc#1194005 (CVE-2022-23952) * secure_mount: add umount function * secure_mount: use /proc/self/mountinfo * Validate user ID in all public interfaces * validators: add uuid and agent_id validators * validators: create validators module * revocation_notifier: move zmq socket to /var/run/keylime * Update API version from 1.0 to 2.0 * tpm: do not compress quote with zlib by default * verifier: persist AK and mTLS certificate to DB * verifier: use "supported_version" for agent connections * tenant: add support for "supported_version" option for the verifier * api_version: add the option for basic validation * verifier: add supported_version field to DB and API * agent: add /version to REST API * verifier, tenant: allow agents to not use mTLS * tenant, verifier: allow manual configuration of agent mTLS * tests: migrate to mTLS * tenant: connect to the agent via mTLS * verifier: connect to the agent via mTLS * tornado_requests: handle SSLError * web_util: add mTLS context generation for agent * agent: Enable mTLS for agent REST API * crypto: add helper function for creating self signed certs * registrar: Allow the agent to registrar with a mTLS certificate * request_client: add workaround for handling certificates * request_client: add the option to ignore hostname validation * Better docs and errors about IMA hash mismatches * tests: use JSON instead Python string for IMA tests * verifier: use json.loads(..) instead of ast.literal_eval(..) * Adding Nuvoton certificate for a post 2020 TPM device. The EK cert of the device directs to the following download site: 'https://www.nuvoton.com/security/NTC-TPM-EK-Cert/Nuvoton TPM Root CA 1111.cer' (yes, including the spaces) * Improve revocation notifier IP description in keylime.conf * tornado_requests: set Content-Type header correctly for JSON * tenant: post U key to agent with correct Content-Type header * Explicitly set permissions on new keylime.conf files installed * tpm_main: close file descriptor for aik handle * verifier: do not call finish() twice * agent: fix payload execution * tests: add initial tests for web_util module * config, web_util: move get_restful_params(..) to web_util * verifier: Also retry on HTTP 500 status code * agent: improve startup and shutdown * registrar: cleanup start function * web_util: move echo_json_response(..) out of config.py * verifier: fix failure generation for V key * tornado_requests: cleanup TornadoResponse class * web_util, verifier: move mTLS SSLContext generation into separate module * ca: support back old cyptography API * Fix test branch reference in packit.yaml * ci: disable DeprecationWarning from pylint in tox * Enable new test in Packit CI * tenant: fix reactivate command * config: support merge multiple config files * ci: use only fedora-stable for packit * elchecking: harden example policy against event type manipulation * elchecking: add new tests * tests: fix stdout formatting for agent and verifier * Drop dataclasses module usage * revocation notifier: handle shutdown of process gracefully * verifier: handle SIGINT and SIGTERM correctly * ima_emulator: fix IMA hash validation and add more options * ima_ast: fix handling ToMToU errors * Remove leftovers of TPM 1.2 support * agent: improved validation for post function * agent: better validation for mask and nonce * config: add function to validate hex strings * agent: keys/verify check if challenge was provided * tpm_main: do not append /usr/local/{bin,lib} to default env * db: only set length on Text type if supported * json: do not make sqlalchemy a hard requirement * Enable functional testing with Packit CI * ima_emulator: specify sys.argv as the named parameter argv in main() * elchecking example policy: make it work with Fedora 34 * elchecking example policy: initrd* might be also called initramfs* * scripts: add mb_refstate generator for example policy * config: change tpm_hash_alg to SHA1 by default * parse_mb_bootlog: specify the used hash algorithm used for PCRs * agent: add warning that on kernels <5.10 IMA only works with SHA1 * tpm: explicitly pass hash alg to sim_extend(..) * ima emulator: use IMA AST and support multiple hash algorithms * tests: update IMA allowlist version number * ima: add option 'log_hash_alg' to IMA allowlist * ima: remove hard requirement for SHA1 PCR 10 * algorithms: extend Hash class to simplify computing hash values * config, tpm_main: explicitly handle YAML load errors * config: private_key must be set to -private.pem not -public.pem * agent: add UUID option environment * agent: drop openstack uuid option- Set /var/lib/keylime under the same permissions expected by the code- Add 0001-config-support-merge-multiple-config-files.patch This will allow the merge of config files in /usr/etc and /etc. - Move the configuration file to /usr/etc in new distributions - Add 0001-ca-support-back-old-cyptography-API.patch This is only required for SLE, but the API is compatible with new versions- Add 0001-Drop-dataclasses-module-usage.patch, to support Python 3.6- Fix cfssl bcond logic in Tumbleweed / SLE- Update to version v6.2.1: * Another addition to gitignore * Update .gitignore with more Keylime-specific files * json: add support for sqlalchemy.engine.row.Row in newer sqlalchemy * ima_ast: check if the PCR is the same as in the config * Fix permissions issue on volume mount in run_local.sh * Make run_local.sh use a local copy of the repo * Small updates to GOVERNANCE.md * Move cargo-tarpaulin install to separate command * config: drop registrar_* TLS options in [registrar] section * Fix missing && in Dockerfile * Remove simplejson from scripts and docs * Replace simplejson with built-in json module * Add rust-keylime container dependencies * config: fix getboolean with fallback * Clean up CI scripts and rewrite run_local.sh * ima: for ToMToU errors skip template content validation * ima: Use a set of entry numbers and file offsets to remember multiple positions * Rename CONTRIBUTORS.md to CONTRIBUTING.md * Update GOVERNANCE.md to match MAINTAINERS.md rename * Update MAINTAINERS * Update README: remove Gitter, Travis CI * ca: Use UTC when setting certificate validity * Tenant commands return json * scripts: Allow passing a base policy to create_policy tool * ima: Handle the case of ima-sig with a path with spaces in them * add length to string object * scripts: Implement create_policy to create the JSON allowlist from files * ima: Also add a sha256 default boot_aggregate hash with 64 '0's * ima: Use seek() to get to the last known last entry * ima: Extend allowlist to be able to handle generic ima-buf entries * ima: Extend JSON allowlist with 'ima' entry and 'ignored_keyrings' * ima: Populate verifier keyrings with keys taken from ima-buf log line * ima: Remove methods from ImaKeyring that are now in ImaKeyrings * ima: Start passing ima_keyrings through APIs replacing ima_keyring * Extend AgentAttestState with ima_keyrings field and use it * ima: Implement ImaKeyrings class to support multiple keyrings * verifier: Extend verifier DB to persist learned keyrings * Fix a couple of pylint errors * ima: Fix spurious attestation failures * ima: make ToMToU errors not a failure by default * Simple fix for tenant error message printout. * pylint: Fix errors related to R1714 * pylint: Suppress C0201, C0209 and W0602 newly reported errors * installer: do not install tpm2-abrmd * tpm: by default use /dev/tpmrm0 instead of tpm2-abrmd * verifier: add option to send revocation messages via webhook- Fix keylime configuration file attributes- Requires python-psutil - Disable automatic execution of the payload by default - Use ramdom UUID by default- Introduce a bcond for cfssl detection- Drop cfssl if we are not in openSUSE- Update to version 6.2.0: * Fix bug #757 where revoc cert was treated as text * Code improvement: removal of extra dependencies in measured boot attestation (#755) * Sanitize the exclude list while it is ingested at `tenant` by removing comments (^#) and empty lines. * tenant: show severity level and last event id in status * verifier: move to new failure architecture * pcr validation: move to new failure architecture * measured boot: move to new failure architecture * ima: move to new failure architecture * failure: add infrastructure to tag and collect revocation events in Keylime * Simulating use of SSLContext.minimum_version on ssl v3.6 * verifier: fix minor typos * Add tests for ca_impl_cfssl and ca_util * Replace M2Crypto with python-cryptography * tenant: status now shows if a agent was added to the registrar * tenant: open file to send utf-8 encoded * Correct some comments about and remove vestige in MB policy * fixing a small bug that resulted in malformed refstates not failing MBA * agent: ensure that EK is in PEM format when used as uuid * Solves #703 by adding a "non-trivial" example of a "measured boot policy" (#734) * ci: build and publish container images * codestyle: fix W0612 and R1735 pylint errors * codestyle: fix W1514 pylint error * systemd: Add KillSignal=SIGINT to keylime_agent.service * One-liner to set the minimum version of TLS to v1.2 * pylint fix * Typo fix: return list order confusion between measured_boot.py and tpm_abstract.py * Refactor keylime_logging module * ima: Implement ima-buf validator and validate keys on keyrings (#725) * Remove Python 2 leftovers * Additional fix for the processing of "tpm_policy" * ima: Return an empty allowlist rather than a plain empty list * verifier: convert (v)tpm_policy in DB from string to JSONPickleType * verifier: Create AgentAttestState objects from entries in the db * verifier: Persist the IMA attestation state after running the log verification * db: Add DB migration file for boottime, ima_pcrs, pcr10, and next_ima_ml_entries * verifier: Skip attestation one time if agent's boottime changed * test: Add test case simulating iterative attestation * verifier: Delete an AgentAttestState when deleting an agent * ima: Remember the number of lines successfully processed and last IMA PCR value(s) * ima: Reset the attestation if processing the measurement list fails * debug: Show line number when PCR match occurs * verifier: Extend AgentAttestState with state of the IMA PCR * Consult the AgentAttestState for the next measurement list entry * Introduce an AgentAttestState class for passing state through the APIs * verifier: Request IMA log at entry 0 for now * agent: Get boottime and transfer to verifier * agent: Add support for optional IMA log offset parameter * tests: Add a unit test for the IMA function and run it * agent: Move IMA measurement list reading function to ima.py * Add default verifier-check value * Use tox for pylint * Use Fedora 34 as base image for CI container * Run ci jobs only when needed * config: merge convert and list_convert into the same function * Versioned APIs * Refacator of check_pcrs to parse then validate (#716) * Automatically calculates the boot_aggregate from the measured boot log. (#713) * Set default UUID as lowercase (#699) * tenant: do_cvdelete wait until 404 * Ensures the output of `bulkinfo` command in `keylime_tenant` is JSON * ima: Convert pcrval to bytes to increase efficiency * tests: extend ima tests for signature validation and exclude lists * Allow agents to specify a contact ip address and port for the tenant and CV (#690) * verifer: Fix signature and allowlist evaluation bahavior change * ima: Fix runtime error due to wrong datatype * tenant: add the option to specify the registrar ip and port * measured_boot: drop process_refstate * check_pcrs: match PCR if no mb_refstate is provided * ci: make run_local.sh work with newer docker versions * Fixing pylint errors (#698) * tests: add IMA test where validation should be ignored * ima: Use ima_ast for parsing and validation * tests: Add test for ima AST parser * ima: Introducing a AST for parsing and validation * Make stalebot a bit nicer * enable tenant to fetch all (or verifier specific) agents info in a single call from the verifier * Flush all sessions from TPM device (#682) * multiple named verifiers sharing a single database * webapp: fix tls certs paths (#659) * Corrects markdown to have proper rendering (#673) * ima_file_signatures: Extract keyidv2 from x509 certs * installer: Add '-r' option to cp to copy directory (issue #671) * config: Add optional fallback parameter to get() * agent: Fix the usage of dmidecode during the agent startup (issue #664) * agent: Rename allowlist to ima_allowlist in keylime.conf * Fix decoding error in user_data_encrypt * agent: Fix issue #667 by testing for an empty ima_sign_verification_keys list * Addresses issue #660 (database path while running local tests) (#665) * ima: Return 'None' when ImaKeyring.from_string() called with emtpy string * tests: Move unittests into files with suffix _test.py * Fixes and improvements for database configuration (#654) * Add signature verification support for local and remote IMA signature verification keys (#597) * install: Remove TPM 1.2 support from installer and bundeling scripts * CI/CD: Remove tpm1.2 testing support * Remove duplicated calls to verifier * Remove adding entropy to system rng * Cleanup and fix error case in encryptAIK (#648) * Move measured boot related code into functions to make check_pcrs readable (#642) * Move code related to tpm2_checkquote into its own function (#639) * scripts: Cleanup shell script formatting * installer.sh: Do not delete the local copy of the certificates. * Fix user_data_encrypt to UTF8 decode before print * tpm_abstract: Fix adding of entropy * codestyle: Ignore R1732 implemented by pylint >=2.8.0 * a fix for letting JSON encoding bytes correctly * Adding back reglist to the list of commands that don't need a -t argument * Invoke tpm2_evictcontrol for 4.0 and 4.2 tools if aik_handle exists (#624) * Addresses #436 (#611) * Fixes #620 * Include PCR16 in the quote only when needed * Close leaking file descriptors (#622) * installer.sh: Add missing spaces when efivar is added * More ima_emulator_adapter cleanups (#616) * installer: Add json-c-devel/json-c-dev to BUILD_TOOLS for tpm2-tss build * Remove more commented code in ca_util.py * installer: Only install efi library on x86_64 systems * Create allowlist table and basic API support * installer: Add libuuid-devel/uuid-dev to BUILD_TOOLS for tpm2_tools build * WIP: Some cleanups (#612) * Remove _cLime.c * config: Document the measured boot PCRs and what is using them * Very simple fix for the agent (re: measured boot) The agent code does not need to import "measured boot policies" * ima_emulator_adapater: Remove unnecessary global statement * webapp: Fix private key and certificate path (issue #604) * Add support for keylime_webapp service to read intervals from keylime.conf- Update to Keylime 6.1.1 + keylime_tenant add crash with TypeError: Object of type 'bytes' is not JSON serializable + Whenever Keylime agent starts and cannot contact the registrar, it fails and quits without flushing create EK handles + keylime_tenant -c reglist now requires a "-t" parameter for no reason + Duplicated API calls to verifier in webapp backend + Installer deletes tpm_cert_store files + agent_uuid set to dmidecode crashes Keylime + Copying of tpm_cert_store fails during installation + If the PCR belong to a measured boot list, it is not validated + keylime_tenant --c update fails with a race condition - Drop patches already present in the new version + webapp-fix-tls-certs-paths.patch + check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch + tenant-do_cvdelete-wait-until-404.patch- Add tenant-do_cvdelete-wait-until-404.patch to fix the update command- Adjust the default revocation notifier binding IP - Default to CFSSL in keylime.conf- Add config-libefivars.diff to adjust the path of the library- Add check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch (gh#keylime/keylime!695) - Recommends CFSSL in the registrar (actually should be the CA) - Change default value for require_ek_cert to False - Reorder the patches to separate upstream fixes from openSUSE ones- Add webapp-fix-tls-certs-paths.patch (gh#keylime/keylime!659) - Recommend dmidecode for the agent - Require libtss2-tcti-{device0,tabrmd0} to use abrmd service - Add keylime.conf.diff patch to change the default config file - Add keylime.xml for firewalld service definition- Update to version 6.1.0: * Update python cryptography lib to v3.3.2 * installer.sh improvments * run_local.sh: Run unit tests in keylime/tpm/tpm2_objects.py * Fourth and final PR to address #491 (#580) * scripts: Also use pylint-3 if pylint is not installed * agent: Fix the checking for a specific error returned by tpm2_quote * Allowlist verification - Enhancement #16 * Forgot to remove the original, more crude solution (which caused pylint errors) * New and improved code to fix issue #582 * Consistent formatting for logging strings/bin/sh/bin/shgoat26 1692885381  ! #$%&&()*+,-./0123456789:;<=>?@@BCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxxz{|}~      !!#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTTVWXYZ[\]^_`abcdefghijk6.3.2-150400.4.20.1   keylime_agentkeylime_cakeylime_ima_emulatorkeylime_migrations_applykeylime_registrarkeylime_tenantkeylime_userdata_encryptkeylime_verifierkeylime_webappkeylime_agentkeylime_agent-3.6keylime_cakeylime_ca-3.6keylime_ima_emulatorkeylime_ima_emulator-3.6keylime_migrations_applykeylime_migrations_apply-3.6keylime_registrarkeylime_registrar-3.6keylime_tenantkeylime_tenant-3.6keylime_userdata_encryptkeylime_userdata_encrypt-3.6keylime_verifierkeylime_verifier-3.6keylime_webappkeylime_webapp-3.6keylimekeylime-6.3.2-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txtentry_points.txtnot-zip-safetop_level.txt__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycagentstates.cpython-36.opt-1.pycagentstates.cpython-36.pycapi_version.cpython-36.opt-1.pycapi_version.cpython-36.pycca_impl_cfssl.cpython-36.opt-1.pycca_impl_cfssl.cpython-36.pycca_impl_openssl.cpython-36.opt-1.pycca_impl_openssl.cpython-36.pycca_util.cpython-36.opt-1.pycca_util.cpython-36.pyccloud_verifier_common.cpython-36.opt-1.pyccloud_verifier_common.cpython-36.pyccloud_verifier_tornado.cpython-36.opt-1.pyccloud_verifier_tornado.cpython-36.pyccmd_exec.cpython-36.opt-1.pyccmd_exec.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pyccrypto.cpython-36.opt-1.pyccrypto.cpython-36.pyccryptodome.cpython-36.opt-1.pyccryptodome.cpython-36.pycfailure.cpython-36.opt-1.pycfailure.cpython-36.pycfs_util.cpython-36.opt-1.pycfs_util.cpython-36.pycima.cpython-36.opt-1.pycima.cpython-36.pycima_ast.cpython-36.opt-1.pycima_ast.cpython-36.pycima_file_signatures.cpython-36.opt-1.pycima_file_signatures.cpython-36.pycima_test.cpython-36.opt-1.pycima_test.cpython-36.pycjson.cpython-36.opt-1.pycjson.cpython-36.pyckeylime_agent.cpython-36.opt-1.pyckeylime_agent.cpython-36.pyckeylime_logging.cpython-36.opt-1.pyckeylime_logging.cpython-36.pycmeasured_boot.cpython-36.opt-1.pycmeasured_boot.cpython-36.pycregistrar_client.cpython-36.opt-1.pycregistrar_client.cpython-36.pycregistrar_common.cpython-36.opt-1.pycregistrar_common.cpython-36.pycrequests_client.cpython-36.opt-1.pycrequests_client.cpython-36.pycrevocation_notifier.cpython-36.opt-1.pycrevocation_notifier.cpython-36.pycsecure_mount.cpython-36.opt-1.pycsecure_mount.cpython-36.pycsigning.cpython-36.opt-1.pycsigning.cpython-36.pyctenant.cpython-36.opt-1.pyctenant.cpython-36.pyctenant_webapp.cpython-36.opt-1.pyctenant_webapp.cpython-36.pyctornado_requests.cpython-36.opt-1.pyctornado_requests.cpython-36.pyctpm_bootlog_enrich.cpython-36.opt-1.pyctpm_bootlog_enrich.cpython-36.pyctpm_ek_ca.cpython-36.opt-1.pyctpm_ek_ca.cpython-36.pycuser_utils.cpython-36.opt-1.pycuser_utils.cpython-36.pycuser_utils_test.cpython-36.opt-1.pycuser_utils_test.cpython-36.pycweb_util.cpython-36.opt-1.pycweb_util.cpython-36.pycagentstates.pyapi_version.pyca_impl_cfssl.pyca_impl_openssl.pyca_util.pycloud_verifier_common.pycloud_verifier_tornado.pycmd__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycagent.cpython-36.opt-1.pycagent.cpython-36.pycca.cpython-36.opt-1.pycca.cpython-36.pycima_emulator_adapter.cpython-36.opt-1.pycima_emulator_adapter.cpython-36.pycmigrations_apply.cpython-36.opt-1.pycmigrations_apply.cpython-36.pycregistrar.cpython-36.opt-1.pycregistrar.cpython-36.pyctenant.cpython-36.opt-1.pyctenant.cpython-36.pycuser_data_encrypt.cpython-36.opt-1.pycuser_data_encrypt.cpython-36.pycverifier.cpython-36.opt-1.pycverifier.cpython-36.pycwebapp.cpython-36.opt-1.pycwebapp.cpython-36.pycagent.pyca.pyima_emulator_adapter.pymigrations_apply.pyregistrar.pytenant.pyuser_data_encrypt.pyverifier.pywebapp.pycmd_exec.pycommon__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycalgorithms.cpython-36.opt-1.pycalgorithms.cpython-36.pycexception.cpython-36.opt-1.pycexception.cpython-36.pycmetrics.cpython-36.opt-1.pycmetrics.cpython-36.pycretry.cpython-36.opt-1.pycretry.cpython-36.pycstates.cpython-36.opt-1.pycstates.cpython-36.pycvalidators.cpython-36.opt-1.pycvalidators.cpython-36.pycalgorithms.pyexception.pymetrics.pyretry.pystates.pyvalidators.pyconfig.pycrypto.pycryptodome.pydb__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyckeylime_db.cpython-36.opt-1.pyckeylime_db.cpython-36.pycregistrar_db.cpython-36.opt-1.pycregistrar_db.cpython-36.pycverifier_db.cpython-36.opt-1.pycverifier_db.cpython-36.pyckeylime_db.pyregistrar_db.pyverifier_db.pyelchecking__init__.py__main__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyc__main__.cpython-36.opt-1.pyc__main__.cpython-36.pycexample.cpython-36.opt-1.pycexample.cpython-36.pycpolicies.cpython-36.opt-1.pycpolicies.cpython-36.pyctests.cpython-36.opt-1.pyctests.cpython-36.pycexample.pypolicies.pytests.pyfailure.pyfs_util.pyima.pyima_ast.pyima_file_signatures.pyima_test.pyjson.pykeylime.confkeylime_agent.pykeylime_logging.pymeasured_boot.pymigrations__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycenv.cpython-36.opt-1.pycenv.cpython-36.pycalembic.inienv.pyversions1ac1513ef2a1_fix_mb_and_ima_column_types.py257fe0f0c039_add_fields_for_revocation_context_to_.py63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.py7d5db1a6ffb0_add_agentstates_columns.py8a44a4364f5a_initial_database_migration.py8da20383f6e1_extend_ip_field.py9169f80345ed_add_supported_version_to_verifiermain_.py__init__.py__pycache__1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.opt-1.pyc1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.pyc257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.opt-1.pyc257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.pyc63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.opt-1.pyc63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.pyc7d5db1a6ffb0_add_agentstates_columns.cpython-36.opt-1.pyc7d5db1a6ffb0_add_agentstates_columns.cpython-36.pyc8a44a4364f5a_initial_database_migration.cpython-36.opt-1.pyc8a44a4364f5a_initial_database_migration.cpython-36.pyc8da20383f6e1_extend_ip_field.cpython-36.opt-1.pyc8da20383f6e1_extend_ip_field.cpython-36.pyc9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.opt-1.pyc9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.pyc__init__.cpython-36.opt-1.pyc__init__.cpython-36.pyca79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.opt-1.pyca79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.pyca7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.opt-1.pyca7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.pycae898986c6e9_add_mb_refstate_column.cpython-36.opt-1.pycae898986c6e9_add_mb_refstate_column.cpython-36.pycb4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.opt-1.pycb4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.pycc3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.opt-1.pycc3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.pyccc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.opt-1.pyccc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.pyceb869a77abd1_create_allowlist_table.cpython-36.opt-1.pyceb869a77abd1_create_allowlist_table.cpython-36.pyceeb702f77d7d_allowlist_rename.cpython-36.opt-1.pyceeb702f77d7d_allowlist_rename.cpython-36.pycf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.opt-1.pycf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.pycf82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.opt-1.pycf82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.pyca79c27ec1054_add_mtls_cert_field_to_registrar.pya7a64155ab3a_add_ima_filesigning_keys_column.pyae898986c6e9_add_mb_refstate_column.pyb4d024197413_add_verfier_id_to_verifiermain_table.pyc3842cc9ee69_store_keyrings_learned_from_ima_log.pycc2630851a1f_receive_the_aik_tpm_from_the_agent.pyeb869a77abd1_create_allowlist_table.pyeeb702f77d7d_allowlist_rename.pyf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.pyf82c4252bc4f_add_ip_and_port_to_registrar.pyregistrar_client.pyregistrar_common.pyrequests_client.pyrevocation_actions__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycprint_metadata.cpython-36.opt-1.pycprint_metadata.cpython-36.pycupdate_crl.cpython-36.opt-1.pycupdate_crl.cpython-36.pycprint_metadata.pyupdate_crl.pyrevocation_notifier.pysecure_mount.pysigning.pystaticcsswebapp.cssiconsICON-LICENSEREADME.mdpngban-2x.pngban-3x.pngban-4x.pngban-6x.pngban-8x.pngban.pngbug-2x.pngbug-3x.pngbug-4x.pngbug-6x.pngbug-8x.pngbug.pngkeylime.pngplus-2x.pngplus-3x.pngplus-4x.pngplus-6x.pngplus-8x.pngplus.pngtrash-2x.pngtrash-3x.pngtrash-4x.pngtrash-6x.pngtrash-8x.pngtrash.pngjswebapp.jstenant.pytenant_webapp.pytornado_requests.pytpm__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyctpm2_objects.cpython-36.opt-1.pyctpm2_objects.cpython-36.pyctpm2_objects_test.cpython-36.opt-1.pyctpm2_objects_test.cpython-36.pyctpm_abstract.cpython-36.opt-1.pyctpm_abstract.cpython-36.pyctpm_main.cpython-36.opt-1.pyctpm_main.cpython-36.pyctpm2_objects.pytpm2_objects_test.pytpm_abstract.pytpm_main.pytpm_bootlog_enrich.pytpm_ek_ca.pyuser_utils.pyuser_utils_test.pyweb_util.pypython3-keylimeREADME.mdpython3-keylimeICON-LICENSELICENSE/etc/alternatives//usr/bin//usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info//usr/lib/python3.6/site-packages/keylime//usr/lib/python3.6/site-packages/keylime/__pycache__//usr/lib/python3.6/site-packages/keylime/cmd//usr/lib/python3.6/site-packages/keylime/cmd/__pycache__//usr/lib/python3.6/site-packages/keylime/common//usr/lib/python3.6/site-packages/keylime/common/__pycache__//usr/lib/python3.6/site-packages/keylime/db//usr/lib/python3.6/site-packages/keylime/db/__pycache__//usr/lib/python3.6/site-packages/keylime/elchecking//usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__//usr/lib/python3.6/site-packages/keylime/migrations//usr/lib/python3.6/site-packages/keylime/migrations/__pycache__//usr/lib/python3.6/site-packages/keylime/migrations/versions//usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__//usr/lib/python3.6/site-packages/keylime/revocation_actions//usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__//usr/lib/python3.6/site-packages/keylime/static//usr/lib/python3.6/site-packages/keylime/static/css//usr/lib/python3.6/site-packages/keylime/static/icons//usr/lib/python3.6/site-packages/keylime/static/icons/png//usr/lib/python3.6/site-packages/keylime/static/js//usr/lib/python3.6/site-packages/keylime/tpm//usr/lib/python3.6/site-packages/keylime/tpm/__pycache__//usr/share/doc/packages//usr/share/doc/packages/python3-keylime//usr/share/licenses//usr/share/licenses/python3-keylime/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30338/SUSE_SLE-15-SP4_Update/81e57dc32c24dfe133a8899c9581ff6d-keylime.SUSE_SLE-15-SP4_Updatedrpmxz5noarch-suse-linux    emptyPython script, ASCII text executabledirectoryASCII text, with very long linesASCII textpython 3.6 byte-compiledassembler source, ASCII textUTF-8 Unicode textPNG image data, 16 x 16, 8-bit/color RGBA, non-interlacedPNG image data, 24 x 24, 8-bit/color RGBA, non-interlacedPNG image data, 32 x 32, 8-bit/color RGBA, non-interlacedPNG image data, 48 x 48, 8-bit/color RGBA, non-interlacedPNG image data, 64 x 64, 8-bit/color RGBA, non-interlacedPNG image data, 8 x 8, 8-bit/color RGBA, non-interlacedPNG image data, 721 x 720, 8-bit/color RGBA, non-interlacedPython script, ASCII text executable, with very long lines  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~     RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRqj{N"Nvsutf-8fbaf0cd5190bcfe5d512226dc638430a28a4b5c13095fda74b98a27b49cfb543?7zXZ !t/#>]"k%4Pa Ìv,̋uNZrtO4f? ]JZ@]:ǒFMwWǚsZ6d¼;^iS /]ɇV Dx2 0{ s5hV545噀Pda KSŜCT,2%@"݌ BL%"MJ~!ȧj[c; M{<%AVl}'k{X ݨ2gů?ϋRǩ3hwKX3,t@)JgV=UOzUWk^~;3mdK{+Z9=FlMt1"<^4'TJ:#tKI,k2V b ٴ9-aL*R{^b~U&c6ܪJAL{@ BK 9*d;l e> z\Sah.4 2`cʞ3evZw!q݋q%^Tw=i8#a[Ɵ.{/dg. n@lN6/k8-K.q,LGp d@`˿ @VGc{DwZV}:`~{ʙe}h}MQOțUZOB7u8aY͔ލiUQrtd`Nz ,J-)phЕ圍ylN.LLe'n (xj,+|bYUͨOUg s*f`B'zv{ dLnkȊGBl(t6b'|"[[x׭r0Ȉd ݣ2 Gk} oex0j=V2)V< S2gEBKQ谼S*sߋL! ZD"O?!%1nQZ݄ Z%Ii.$2d޵ _o ظ܍uU98K-رsפ|"CG36+xn:;r55!n},.O똶͉9Wߴ,NCħߵE]#"JonXIXc>sNDԱAWӵ_9@+TR⁗ F`|4ϚRĩ~q-fCtC3Y*143]Rb-:FVp6s@6pn-NL%,KQ}bVpi ~L_<,# {_IO=u[ Z[>%{ `%*PjIѫ*g˴&A[u̲ gLi%ꥍ(2D,=pB@$ 2GDdKsN(W'aX{F@h]dO:UFf>pGPu\8 :qPB9b OƏ9CpEvfi#B% ;Y" gwq?𱘖\9Cz0$_(T3kcͳRGk`BNG({MB/tV9? ٷZxC9n?*x1]qdm42RhYm#^ {<Ռ=Jj6Q]a `ܮrh`!W.)^ :llsƇJ9sQev_nx{UoݫMfhn ץBycr'p( רj4Rh1rҢD(U81# ީ)RTȚ=?Fu+2 xn$*i7ⷍX+$0m/id&D5*=W pa B7Uh^R_>ޣOʉYG܁ cv5TΨ5ŏD7\R< 4slt2s~juv]vljArM8bpޚW:":7*s2U r#{BGk?Z?ɜ đ[Y}~R xU^ڬP_l4Mf !ESn*5+辊x_ӍgMMw?}i}60JDeZK$t={-.Ս܂4u*E'۽- ٶJK`?E0KcvtS4߁G+xxGO[&E;?--MoufLXwXXpEQ