SHA256
1
0
forked from pool/cryptsetup
cryptsetup/cryptsetup.spec

239 lines
7.3 KiB
RPMSpec
Raw Normal View History

#
# spec file for package cryptsetup
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
#define beta rc1
%define ver %version%{?beta:-%beta}
Name: cryptsetup
Url: http://code.google.com/p/cryptsetup/
BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel
BuildRequires: libselinux-devel pkgconfig
# hashalot version
%define haver 0.3
# boot.crypto version
%define bcver 0_201105271519
License: GPLv2+
Group: System/Base
AutoReqProv: on
Version: 1.3.1
Release: 1
#Release: %{?beta:0.}<CI_CNT>.<B_CNT>%{?beta:.}%{?beta}
Summary: Set Up dm-crypt Based Encrypted Block Devices
Source: http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2
Source1: http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2.asc
Source2: baselibs.conf
Source10: hashalot-%haver.tar.bz2
# git://gitorious.org/opensuse/boot_crypto.git
Source20: boot.crypto-%{bcver}.tar.bz2
# use this to create the tarball from svn
Source99: cryptsetup-mktar
#Patch0: cryptsetup-svn131-noascii.diff
Patch10: hashalot-fixes.diff
Patch11: hashalot-libgcrypt.diff
Patch12: hashalot-ctrl-d.diff
Patch13: hashalot-timeout.diff
Patch14: hashalot-manpage.diff
Patch15: bug-476290_hashalot-hashlen.diff
Patch16: hashalot-glibc210.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Provides: aaa_base:/etc/init.d/boot.crypto
Obsoletes: util-linux-crypto <= 2.12r
# we need losetup
Requires: util-linux
PreReq: %fillup_prereq %insserv_prereq
%description
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
Authors:
--------
Clemens Fruhwirth <clemens@endorphin.org>
Christophe Saout <christophe@saout.de>
Ben Slusky <sluskyb@paranoiacs.org>
%package -n libcryptsetup1
License: GPLv2+
Summary: Set Up dm-crypt Based Encrypted Block Devices
Group: System/Base
%description -n libcryptsetup1
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
Authors:
--------
Clemens Fruhwirth <clemens@endorphin.org>
Christophe Saout <christophe@saout.de>
Ben Slusky <sluskyb@paranoiacs.org>
%package -n libcryptsetup-devel
License: GPLv2+
Summary: Set Up dm-crypt Based Encrypted Block Devices
Group: Development/Libraries/C and C++
# cryptsetup-devel last used 11.1
Provides: cryptsetup-devel = %{version}
Obsoletes: cryptsetup-devel < %{version}
Requires: libcryptsetup1 = %{version}
Requires: device-mapper-devel libgcrypt-devel libgpg-error-devel e2fsprogs-devel glibc-devel
%description -n libcryptsetup-devel
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
Authors:
--------
Clemens Fruhwirth <clemens@endorphin.org>
Christophe Saout <christophe@saout.de>
Ben Slusky <sluskyb@paranoiacs.org>
%prep
%setup -n %name-%ver -q -b 10 -b 20
#patch0 -p1
pushd ../hashalot-%haver
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
popd
pushd ../boot.crypto-%bcver
#patch20 -p1
popd
%build
# cryptsetup build
%{?suse_update_config:%{suse_update_config}}
autoreconf -f -i
test -e po/Makevars || cp po/Makevars.template po/Makevars
CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%_prefix --mandir=%_mandir \
--libdir=/%_lib \
--bindir=/sbin --sbindir=/sbin \
--disable-static --enable-shared \
--enable-selinux
make %{?_smp_mflags}
#
# hashalot build
pushd ../hashalot-%haver
autoreconf -f -i
%{?suse_update_config:%{suse_update_config}}
CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%_prefix --sbindir=/sbin --mandir=%_mandir
make %{?_smp_mflags}
popd
%install
make install DESTDIR=$RPM_BUILD_ROOT
- new version 1.2.0 * Add selection of random/urandom number generator for luksFormat (option --use-random and --use-urandom). * Fix luksRemoveKey to not ask for remaining keyslot passphrase, only for removed one. * No longer support luksDelKey (replaced with luksKillSlot). * if you want to remove particular passphrase, use luksKeyRemove * if you want to remove particular keyslot, use luksKillSlot Note that in batch mode luksKillSlot allows removing of any keyslot without question, in normal mode requires passphrase or keyfile from other keyslot. * Default alignment for device (if not overridden by topology info) is now (multiple of) *1MiB*. This reflects trends in storage technologies and aligns to the same defaults for partitions and volume management. * Allow explicit UUID setting in luksFormat and allow change it later in luksUUID (--uuid parameter). * All commands using key file now allows limited read from keyfile using --keyfile-size and --new-keyfile-size parameters (in bytes). This change also disallows overloading of --key-size parameter which is now exclusively used for key size specification (in bits.) * luksFormat using pre-generated master key now properly allows using key file (only passphrase was allowed prior to this update). * Add --dump-master-key option for luksDump to perform volume (master) key dump. Note that printed information allows accessing device without passphrase so it must be stored encrypted. This operation is useful for simple Key Escrow function (volume key and encryption parameters printed on paper on safe place). This operation requires passphrase or key file. OBS-URL: https://build.opensuse.org/package/show/security/cryptsetup?expand=0&rev=58
2010-12-20 14:44:02 +01:00
# move devel stuff to %%{libdir}
rm -f $RPM_BUILD_ROOT/%{_lib}/libcryptsetup.so
mkdir -p $RPM_BUILD_ROOT%{_libdir}
ln -s /%{_lib}/libcryptsetup.so.1 $RPM_BUILD_ROOT%{_libdir}/libcryptsetup.so
mv $RPM_BUILD_ROOT/%_lib/pkgconfig $RPM_BUILD_ROOT/%_libdir
# don't want this file in /lib (FHS compat check), and can't move it to /usr/lib
rm -f $RPM_BUILD_ROOT/%_lib/*.la
#
# hashalot install
pushd ../hashalot-%haver
make install DESTDIR=$RPM_BUILD_ROOT
popd
# remove unwanted symlinks
rm -f $RPM_BUILD_ROOT/sbin/{rmd160,sha256,sha384,sha512}
#
# boot.crypto
make -C ../boot.crypto-* install DESTDIR=$RPM_BUILD_ROOT
ln -s /etc/init.d/boot.crypto $RPM_BUILD_ROOT/sbin/rccrypto
#
%find_lang %name --all-name
%pre
# hack to catch update case from aaa_base/util-linux-crypto
if [ -f /etc/init.d/boot.d/S??boot.crypto ]; then
touch /var/run/cryptsetup.boot.crypto.enabled
fi
%post
[ -x /sbin/mkinitrd_setup ] && mkinitrd_setup
%{fillup_and_insserv boot.crypto}
if [ -e /var/run/cryptsetup.boot.crypto.enabled ]; then
rm -f /var/run/cryptsetup.boot.crypto.enabled
%{fillup_and_insserv -fY boot.crypto}
fi
%{fillup_and_insserv boot.crypto-early}
%postun
[ -x /sbin/mkinitrd_setup ] && mkinitrd_setup
%{insserv_cleanup}
%post -n libcryptsetup1 -p /sbin/ldconfig
%postun -n libcryptsetup1 -p /sbin/ldconfig
%clean
rm -rf $RPM_BUILD_ROOT
%files -f %name.lang
%defattr(-,root,root)
%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/crypttab
%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/cryptotab
/etc/init.d/boot.crypto
/etc/init.d/boot.crypto-early
%dir /lib/mkinitrd
%dir /lib/mkinitrd/scripts
/lib/mkinitrd/scripts/setup-luks.sh
/lib/mkinitrd/scripts/boot-luks.sh
/lib/mkinitrd/scripts/setup-luks2.sh
/lib/mkinitrd/scripts/setup-luks_final.sh
/usr/sbin/convert_cryptotab
/sbin/cryptsetup
/sbin/hashalot
/sbin/rccrypto
%_mandir/man1/hashalot.1.gz
%_mandir/man8/cryptsetup.8.gz
%_mandir/man5/crypttab.5.gz
%_mandir/man5/cryptotab.5.gz
/lib/cryptsetup
%files -n libcryptsetup1
%defattr(-,root,root)
- new version 1.2.0 * Add selection of random/urandom number generator for luksFormat (option --use-random and --use-urandom). * Fix luksRemoveKey to not ask for remaining keyslot passphrase, only for removed one. * No longer support luksDelKey (replaced with luksKillSlot). * if you want to remove particular passphrase, use luksKeyRemove * if you want to remove particular keyslot, use luksKillSlot Note that in batch mode luksKillSlot allows removing of any keyslot without question, in normal mode requires passphrase or keyfile from other keyslot. * Default alignment for device (if not overridden by topology info) is now (multiple of) *1MiB*. This reflects trends in storage technologies and aligns to the same defaults for partitions and volume management. * Allow explicit UUID setting in luksFormat and allow change it later in luksUUID (--uuid parameter). * All commands using key file now allows limited read from keyfile using --keyfile-size and --new-keyfile-size parameters (in bytes). This change also disallows overloading of --key-size parameter which is now exclusively used for key size specification (in bits.) * luksFormat using pre-generated master key now properly allows using key file (only passphrase was allowed prior to this update). * Add --dump-master-key option for luksDump to perform volume (master) key dump. Note that printed information allows accessing device without passphrase so it must be stored encrypted. This operation is useful for simple Key Escrow function (volume key and encryption parameters printed on paper on safe place). This operation requires passphrase or key file. OBS-URL: https://build.opensuse.org/package/show/security/cryptsetup?expand=0&rev=58
2010-12-20 14:44:02 +01:00
/%_lib/libcryptsetup.so.1*
%files -n libcryptsetup-devel
%defattr(-,root,root)
%_includedir/libcryptsetup.h
%{_libdir}/libcryptsetup.so
%{_libdir}/pkgconfig/*
%changelog