Created
March 9, 2021 23:21
-
-
Save williamcroberts/cd5dce68ff3c8d6608a0b336b968da79 to your computer and use it in GitHub Desktop.
Building tpm2-abrmd from source on ubuntu-16.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # On a docker ubuntu:16.04 base image, to build tpm2-abrmd I perform the following commands | |
| sudo apt-get update | |
| # The dependency list is fat here, because its deps for all the various projects, I trimmed it a little bit. | |
| # but know you're getting more than you need. | |
| sudo apt-get install -y \ | |
| autoconf-archive \ | |
| curl \ | |
| libcmocka0 \ | |
| libcmocka-dev \ | |
| net-tools \ | |
| build-essential \ | |
| git \ | |
| pkg-config \ | |
| gcc \ | |
| g++ \ | |
| m4 \ | |
| libtool \ | |
| automake \ | |
| libgcrypt20-dev \ | |
| libssl-dev \ | |
| autoconf \ | |
| gnulib \ | |
| wget \ | |
| doxygen \ | |
| libdbus-1-dev \ | |
| libglib2.0-dev \ | |
| clang-6.0 \ | |
| clang-tools-6.0 \ | |
| pandoc \ | |
| lcov \ | |
| libcurl4-openssl-dev \ | |
| dbus-x11 \ | |
| vim-common \ | |
| libsqlite3-dev \ | |
| libengine-pkcs11-openssl \ | |
| libtasn1-6-dev \ | |
| socat \ | |
| libseccomp-dev \ | |
| expect \ | |
| gawk \ | |
| libyaml-dev \ | |
| opensc \ | |
| libjson-c-dev \ | |
| default-jre \ | |
| default-jdk \ | |
| libnss3-tools \ | |
| uuid-dev \ | |
| gnutls-bin | |
| # If you want clang to be clang-6 and not the super ancient version that comes default | |
| update-alternatives --install /usr/bin/clang clang /usr/bin/clang-6.0 100 | |
| update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-6.0 100 | |
| update-alternatives --install /usr/bin/scan-build scan-build /usr/bin/scan-build-6.0 100 | |
| autoconf_archive=autoconf-archive-2018.03.13 | |
| wget "http://mirror.kumi.systems/gnu/autoconf-archive/$autoconf_archive.tar.xz" | |
| tar -xf $autoconf_archive.tar.xz | |
| pushd $autoconf_archive | |
| ./configure --prefix=/usr | |
| make -j $(nproc) | |
| sudo make install | |
| popd | |
| uthash="2.1.0" | |
| wget "https://github.com/troydhanson/uthash/archive/v${uthash}.tar.gz" | |
| tar -xf v${uthash}.tar.gz | |
| sudo cp uthash-${uthash}/src/*.h /usr/include/ | |
| # Get tpm2-tss | |
| git clone --depth=1 --branch 3.0.3 https://github.com/tpm2-software/tpm2-tss.git | |
| pushd tpm2-tss | |
| ./bootstrap | |
| ./configure --disable-doxygen-doc | |
| make -j$(nproc) | |
| sudo make install | |
| popd | |
| # get tpm2-abrmd | |
| git clone --depth=1 --branch 2.4.0 https://github.com/tpm2-software/tpm2-abrmd.git | |
| pushd tpm2-abrmd | |
| ./bootstrap | |
| ./configure --with-dbuspolicydir=/etc/dbus-1/system.d | |
| make -j$(nproc) | |
| sudo make install | |
| popd | |
| # edit your conf file to add your user | |
| sudo vim /etc/dbus-1/system.d/tpm2-abrmd.conf | |
| # add, replacing USER with your username | |
| # <policy user="USER"> | |
| # <allow own="com.intel.tss2.Tabrmd"/> | |
| # </policy> | |
| # | |
| # Have dbus reload its config as instructed in tpm2-abrmd INSTALL file | |
| pkill -HUP dbus-daemon | |
| # get the tools | |
| git clone --depth=1 --branch 5.0 https://github.com/tpm2-software/tpm2-tools.git | |
| pushd tpm2-tools | |
| ./bootstrap | |
| ./configure | |
| make -j$(nproc) | |
| sudo make install | |
| popd | |
| # I am assuming you have tpm_server installed | |
| tpm_server & | |
| # now this is where it gets weird, in a container, I don't have a *system* dbus running, perhaps the WSL things don't either. | |
| # this creates me a shell with a *session* bus | |
| dbus-launch bash | |
| tpm2-abrmd --allow-root --session --tcti=mssim & | |
| # Since we used a non-standard TCTI config, tell the tools to use the right one | |
| tpm2_getrandom --tcti=tabrmd:bus_type=session --hex 4 | |
| 86275bc5 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment