siemens / libuta

Unified Trust Anchor Library
Other
22 stars 4 forks source link

Build separate Debian package for libuta provisioning tools #12

Open zeschg opened 2 years ago

zeschg commented 2 years ago

Currently the TPM implementation needs the installation of further tools and helper scripts for key provisioning. After the provisioning step, these tools are not needed anymore. We should consider to implement an option to uninstall the provisioning tools.

To avoid the installation of the Debian package "tss2", we could implement our own provisioning tool based on libtss0 instead of using the shell script.

StefanSchroeder commented 2 years ago

An alternative would be to split up the package into the deployment-package and the persistent package. The deployment package would have the required dependencies for installation and it would have the persistent package as a dependency. After the installation, the obsolete deployment package could then be garbage-collected.

ralisi commented 2 years ago

Such maneuvers would cover a rather broad area of the current debian packaging, which is currently using the non-standard debian/configure script. It seems that the same task could also be done through DEB_BUILD_PROFILES.