349 lines
12 KiB
RPMSpec
349 lines
12 KiB
RPMSpec
#
|
|
# spec file for package cryptsetup (Version 1.0.5_SVNr46)
|
|
#
|
|
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
# norootforbuild
|
|
|
|
|
|
Name: cryptsetup
|
|
Url: http://luks.endorphin.org/dm-crypt
|
|
BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel
|
|
# hashalot version
|
|
%define haver 0.3
|
|
# boot.crypto version
|
|
%define bcver 0_200808081124
|
|
License: BSD 3-Clause; GPL v2 or later
|
|
Group: System/Base
|
|
AutoReqProv: on
|
|
Version: 1.0.5_SVNr46
|
|
Release: 36
|
|
Summary: Set Up dm-crypt Based Encrypted Block Devices
|
|
Source: cryptsetup-%{version}.tar.bz2
|
|
Source1: hashalot-%haver.tar.bz2
|
|
# http://www.suse.de/~lnussel/boot.crypto.git
|
|
Source2: boot.crypto-%{bcver}.tar.bz2
|
|
Source3: mkinitrd-setup.sh
|
|
Source4: mkinitrd-boot.sh
|
|
# use this to create the tarball from svn
|
|
Source99: cryptsetup-mktar
|
|
Patch1: cryptsetup-1.0.5-udevadm.patch
|
|
Patch10: hashalot-fixes.diff
|
|
Patch11: hashalot-libgcrypt.diff
|
|
Patch12: hashalot-ctrl-d.diff
|
|
Patch13: hashalot-timeout.diff
|
|
Patch14: hashalot-manpage.diff
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
Provides: aaa_base:/etc/init.d/boot.crypto
|
|
Obsoletes: util-linux-crypto <= 2.12r
|
|
# we need losetup
|
|
Requires: util-linux
|
|
PreReq: %fillup_prereq %insserv_prereq
|
|
|
|
%description
|
|
cryptsetup is used to conveniently set up dm-crypt based device-mapper
|
|
targets. It allows to set up targets to read cryptoloop compatible
|
|
volumes as well as LUKS formatted ones. The package additionally
|
|
includes support for automatically setting up encrypted volumes at boot
|
|
time via the config file /etc/crypttab.
|
|
|
|
|
|
|
|
Authors:
|
|
--------
|
|
Clemens Fruhwirth <clemens@endorphin.org>
|
|
Christophe Saout <christophe@saout.de>
|
|
Ben Slusky <sluskyb@paranoiacs.org>
|
|
|
|
%package devel
|
|
License: BSD 3-Clause; GPL v2 or later
|
|
Summary: Set Up dm-crypt Based Encrypted Block Devices
|
|
Group: System/Base
|
|
Requires: %name = %version
|
|
Requires: device-mapper-devel libgcrypt-devel libgpg-error-devel e2fsprogs-devel glibc-devel
|
|
|
|
%description devel
|
|
cryptsetup is used to conveniently set up dm-crypt based device-mapper
|
|
targets. It allows to set up targets to read cryptoloop compatible
|
|
volumes as well as LUKS formatted ones. The package additionally
|
|
includes support for automatically setting up encrypted volumes at boot
|
|
time via the config file /etc/crypttab.
|
|
|
|
|
|
|
|
Authors:
|
|
--------
|
|
Clemens Fruhwirth <clemens@endorphin.org>
|
|
Christophe Saout <christophe@saout.de>
|
|
Ben Slusky <sluskyb@paranoiacs.org>
|
|
|
|
%prep
|
|
%setup -q -b 1 -b 2
|
|
%patch1 -p1
|
|
pushd ../hashalot-%haver
|
|
%patch10 -p1
|
|
%patch11 -p1
|
|
%patch12 -p1
|
|
%patch13 -p1
|
|
%patch14 -p1
|
|
popd
|
|
|
|
%build
|
|
# cryptsetup build
|
|
%{?suse_update_config:%{suse_update_config}}
|
|
autoreconf -f -i
|
|
CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%_prefix --mandir=%_mandir \
|
|
--libdir=/%_lib \
|
|
--bindir=/sbin --sbindir=/sbin \
|
|
--disable-static --enable-shared
|
|
make
|
|
#
|
|
# hashalot build
|
|
pushd ../hashalot-%haver
|
|
autoreconf -f -i
|
|
%{?suse_update_config:%{suse_update_config}}
|
|
CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%_prefix --sbindir=/sbin --mandir=%_mandir
|
|
make
|
|
popd
|
|
|
|
%install
|
|
make install DESTDIR=$RPM_BUILD_ROOT
|
|
# move devel .so link to %{libdir}
|
|
rm -f $RPM_BUILD_ROOT/%{_lib}/libcryptsetup.so
|
|
mkdir -p $RPM_BUILD_ROOT%{_libdir}
|
|
ln -s /%{_lib}/libcryptsetup.so.0.0.0 $RPM_BUILD_ROOT%{_libdir}/libcryptsetup.so
|
|
# don't want this file in /lib (FHS compat check), and can't move it to /usr/lib
|
|
rm -f $RPM_BUILD_ROOT/%_lib/*.la
|
|
#
|
|
# hashalot install
|
|
pushd ../hashalot-%haver
|
|
make install DESTDIR=$RPM_BUILD_ROOT
|
|
popd
|
|
# remove unwanted symlinks
|
|
rm -f $RPM_BUILD_ROOT/sbin/{rmd160,sha256,sha384,sha512}
|
|
# mkinitrd scriptlets
|
|
install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts
|
|
install -m 755 %{SOURCE3} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-luks.sh
|
|
install -m 755 %{SOURCE4} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-luks.sh
|
|
#
|
|
# boot.crypto
|
|
make -C ../boot.crypto-* install DESTDIR=$RPM_BUILD_ROOT
|
|
#
|
|
%find_lang %name --all-name
|
|
|
|
%pre
|
|
# hack to catch update case from aaa_base/util-linux-crypto
|
|
if [ -f /etc/init.d/boot.d/S??boot.crypto ]; then
|
|
touch /var/run/cryptsetup.boot.crypto.enabled
|
|
fi
|
|
|
|
%post
|
|
/sbin/ldconfig
|
|
%{fillup_and_insserv boot.crypto}
|
|
if [ -e /var/run/cryptsetup.boot.crypto.enabled ]; then
|
|
rm -f /var/run/cryptsetup.boot.crypto.enabled
|
|
%{fillup_and_insserv -fY boot.crypto}
|
|
fi
|
|
%{fillup_and_insserv boot.crypto-early}
|
|
|
|
%postun
|
|
/sbin/ldconfig
|
|
%{insserv_cleanup}
|
|
|
|
%clean
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
%files -f %name.lang
|
|
%defattr(-,root,root)
|
|
%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/crypttab
|
|
%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/cryptotab
|
|
/etc/init.d/boot.crypto
|
|
/etc/init.d/boot.crypto-early
|
|
%dir /lib/mkinitrd
|
|
%dir /lib/mkinitrd/scripts
|
|
/lib/mkinitrd/scripts/setup-luks.sh
|
|
/lib/mkinitrd/scripts/boot-luks.sh
|
|
/sbin/cryptsetup
|
|
/sbin/hashalot
|
|
%_mandir/man1/hashalot.1.gz
|
|
%_mandir/man8/cryptsetup.8.gz
|
|
%_mandir/man5/crypttab.5.gz
|
|
%_mandir/man5/cryptotab.5.gz
|
|
/%_lib/libcryptsetup.so.0
|
|
/%_lib/libcryptsetup.so.0.0.0
|
|
/lib/cryptsetup
|
|
|
|
%files devel
|
|
%defattr(-,root,root)
|
|
%_includedir/libcryptsetup.h
|
|
%{_libdir}/libcryptsetup.so
|
|
|
|
%changelog
|
|
* Fri Aug 08 2008 mkoenig@suse.de
|
|
- boot.crypto:
|
|
* Provide some reasonable exit status [bnc#409502]
|
|
* Wed Jul 23 2008 hare@suse.de
|
|
- Include mkinitrd scriptlets.
|
|
* Wed Jul 23 2008 mkoenig@suse.de
|
|
- use /sbin/udevadm settle instead of /sbin/udevsettle [bnc#404875]
|
|
* Tue May 06 2008 mkoenig@suse.de
|
|
- load loop module in boot.crypto-early as it might be needed.
|
|
It is previously initially loaded by boot.localfs.
|
|
* Wed Apr 09 2008 mkoenig@suse.de
|
|
- add support for boot.crypto-early [#355824]
|
|
needed to encrypt block devices for usage with LVM or MD
|
|
adds a new option 'noearly' for crypttab, which will skip
|
|
the device in boot.crypto-early.
|
|
* Wed Feb 27 2008 mkoenig@suse.de
|
|
- update to svn revision 46:
|
|
* fix out of bound for key index in delKey [bnc#360041]
|
|
* Add typo fixes to the cryptsetup.8 manpage
|
|
* Add key-slot patch
|
|
* Remove O_EXCL requirement for certain LUKS operations
|
|
* mention luksKillSlot in the manpage
|
|
* Mon Feb 04 2008 lnussel@suse.de
|
|
- boot.crypto:
|
|
* check for columns of terminal (bnc#337614)
|
|
* enhance crypttab manpage (#351061)
|
|
* check for fs_passno (#345339)
|
|
* Wed Jan 09 2008 lnussel@suse.de
|
|
- upgrade to svn revision 42 which includes previous patches
|
|
- boot.crypto:
|
|
* don't mount read-only as safety check (#345338)
|
|
* implement precheck scripts
|
|
* allow restarting of single volumes (#345605)
|
|
* status query of individual devices (#345605)
|
|
* add vol_id check script
|
|
* maintain boot.crypto stuff in revision control and use tarball
|
|
snapshots of it
|
|
* Thu Nov 29 2007 lnussel@suse.de
|
|
- upgrade to svn revision 38
|
|
* Wed Nov 07 2007 mkoenig@suse.de
|
|
- add %%fillup_prereq and %%insserv_prereq to PreReq
|
|
* Tue Oct 16 2007 lnussel@suse.de
|
|
- upgrade to svn revision 31
|
|
* Rename luksDelKey into luksKillSlot
|
|
* Add luksRemoveKey that queries a given key before removal
|
|
* Fix segfault in luksOpen.
|
|
* Add LUKS_device_ready check for most LUKS calls, so that
|
|
cryptsetup dies before password querying in case a blockdev is
|
|
unavailable
|
|
* For LUKS key material access require exclusive access to the
|
|
underlying device. This will prevent multiple mappings onto a
|
|
single LUKS device. dm*crypt doesn't feature any syncing
|
|
capabilities, hence there is no real application for this as it
|
|
will likely lead to disk corruption.
|
|
* Add signal handler to keyencryption to free the temporary
|
|
mapping in case the user hits ctrl-c.
|
|
* Mon Aug 27 2007 lnussel@suse.de
|
|
- remove /var/run/keymap from previous boot to make /etc/init.d/kbd
|
|
work (#296409)
|
|
* Mon Aug 27 2007 lnussel@suse.de
|
|
- run fsck with progressbar (#304750)
|
|
* Thu Jun 21 2007 mkoenig@suse.de
|
|
- run udevsettle to avoid problems with busy temporary
|
|
device mapper devices [#285478]
|
|
* Mon Jun 11 2007 lnussel@suse.de
|
|
- rephrase error message (#279169)
|
|
* Fri Jun 01 2007 lnussel@suse.de
|
|
- rename util-linux-crypto to cryptsetup
|
|
- remove dmconvert
|
|
- replace svn snapshot with official 1.0.5 release
|
|
- don't enable boot.crypto by default
|
|
* Tue May 29 2007 lnussel@suse.de
|
|
- fix segfault when trying to open a non existing device
|
|
- fix gcc warnings
|
|
- add Short-Description to boot.crypto
|
|
- use %%find_lang
|
|
* Wed May 09 2007 lnussel@suse.de
|
|
- boot.crypto: implement 'status'
|
|
- boot.crypto: accept argument to start/stop single devices
|
|
* Wed May 09 2007 lnussel@suse.de
|
|
- hashalot: add timeout option
|
|
* Wed May 09 2007 lnussel@suse.de
|
|
- fix build
|
|
* Tue May 08 2007 lnussel@suse.de
|
|
- boot.crypto: switch off splash screen only when needed
|
|
- boot.crypto: report status for individual volumes instead of using one global
|
|
exit status
|
|
- hashalot: exit unsucessfully on empty passphrase
|
|
* Tue May 08 2007 lnussel@suse.de
|
|
- boot.crypto: sleep a bit longer before overwriting the prompt
|
|
- boot.crypto: add support for pseed and itercountk options
|
|
- boot.crypto: skip entries with unsupported/unknown options
|
|
- hashalot: add support for itercountk
|
|
* Fri May 04 2007 lnussel@suse.de
|
|
- upgrade cryptsetup to current svn revision 30 which includes
|
|
previous patches.
|
|
- fix background prompt process not getting killed on ctrl-d in
|
|
boot.crypto
|
|
* Fri Apr 27 2007 lnussel@suse.de
|
|
- upgrade cryptsetup to current svn revision 26. Does no longer hang
|
|
when a file is specified instead of a device.
|
|
- remove obsolete cryptsetup.sh script
|
|
- boot.crypto:
|
|
* drop support for cryptoloop, use cryptsetup also for cryptotab
|
|
* refactor code and create reusable components for use in cryptotab
|
|
and crypttab code path
|
|
* run sulogin only during boot if fsck failed
|
|
* support crypttab's 'tries' option
|
|
- add crypttab manpage based on Debian one
|
|
* Tue Apr 24 2007 lnussel@suse.de
|
|
- add boot.crypto (#257884)
|
|
- add crypttab and cryptotab as %%ghost to filelist
|
|
* Tue Mar 27 2007 mkoenig@suse.de
|
|
- move devel .so link to %%{libdir}
|
|
- run ldconfig, since we have now a shared lib installed
|
|
* Fri Mar 23 2007 dmueller@suse.de
|
|
- cryptsetup can now link shared since libpopt is
|
|
no longer under /usr
|
|
* Fri Mar 09 2007 lnussel@suse.de
|
|
- add patch to support old loop_fish2 key hash method
|
|
* Thu Dec 07 2006 mkoenig@suse.de
|
|
- update cryptsetup to version 1.0.4:
|
|
* added terminal timeout rewrite
|
|
* allow user selection of key slot
|
|
* reading binary keys from stdin using the "-" as key file
|
|
* fix 64 bit compiler warning issues.
|
|
* fix getline problem for 64-bit archs.
|
|
* Fri Oct 13 2006 mkoenig@suse.de
|
|
- fix build failure due to missing pthreads
|
|
* Wed Sep 13 2006 hvogel@suse.de
|
|
- use the LUKS version of cryptsetup
|
|
- split -devel subpackage for libcryptsetup
|
|
- remove patches because they are in the new cryptsetup
|
|
* cryptsetup-0.1-static.patch
|
|
* cryptsetup-0.1-retval.patch
|
|
* cryptsetup-0.1-dmi.exists.patch
|
|
* cryptsetup-0.1-timeout.patch
|
|
- use man page from the new cryptsetup
|
|
* Tue May 16 2006 hvogel@suse.de
|
|
- Fix cryptsetup to work when the device does not exist yet
|
|
[#175931]
|
|
* Wed Jan 25 2006 mls@suse.de
|
|
- converted neededforbuild to BuildRequires
|
|
* Mon Dec 19 2005 mmj@suse.de
|
|
- Remove symlinks to hashalot we don't want
|
|
* Thu Oct 13 2005 hvogel@suse.de
|
|
- Fix uninitialized var in dmconvert. Add
|
|
* dmconvert-0.2-uninitialized.patch
|
|
- Fix return value in cryptsetup. Add
|
|
* cryptsetup-0.1-retval.patch
|
|
* Wed Jun 29 2005 hvogel@suse.de
|
|
- Link cryptsetup static so it can be in /sbin and you can get
|
|
/usr over nfs or even crypted
|
|
* Mon May 09 2005 hvogel@suse.de
|
|
- New package, Version 2.12q
|