SHA256
1
0
forked from pool/cryptsetup
cryptsetup/cryptsetup.spec
Ludwig Nussel 2469c1380b Accepting request 145274 from home:lnussel:branches:security
ATTENTION: wait for cryptsetup-mkinitrd before checkin, otherwise installation
with root on crypto no longer boot

- version 1.5.1:
  * Added keyslot checker
  * Add crypt_keyslot_area() API call.
  * Optimize seek to keyfile-offset (Issue #135, thx to dreisner).
  * Fix luksHeaderBackup for very old v1.0 unaligned LUKS headers.
  * Allocate loop device late (only when real block device needed).
  * Rework underlying device/file access functions.
  * Create hash image if doesn't exist in veritysetup format.
  * Provide better error message if running as non-root user (device-mapper, loop).
- split off hashalot and boot.crypto
- move to /usr

OBS-URL: https://build.opensuse.org/request/show/145274
OBS-URL: https://build.opensuse.org/package/show/security/cryptsetup?expand=0&rev=97
2012-12-13 13:06:34 +00:00

155 lines
5.0 KiB
RPMSpec

#
# spec file for package cryptsetup
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
#define beta rc1
%define ver %version%{?beta:-%beta}
Name: cryptsetup
Url: http://code.google.com/p/cryptsetup/
BuildRequires: device-mapper-devel
BuildRequires: e2fsprogs-devel
BuildRequires: gpg-offline
BuildRequires: libgcrypt-devel
BuildRequires: libselinux-devel
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: popt-devel
Version: 1.5.1
Release: 0
#Release: %{?beta:0.}<CI_CNT>.<B_CNT>%{?beta:.}%{?beta}
Summary: Set Up dm-crypt Based Encrypted Block Devices
License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
Group: System/Base
Source: http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2
Source1: http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2.asc
Source2: baselibs.conf
Source3: %{name}.keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
%package -n libcryptsetup4
Summary: Set Up dm-crypt Based Encrypted Block Devices
Group: System/Base
%description -n libcryptsetup4
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
%package -n libcryptsetup-devel
Summary: Set Up dm-crypt Based Encrypted Block Devices
Group: Development/Libraries/C and C++
# cryptsetup-devel last used 11.1
Provides: cryptsetup-devel = %{version}
Obsoletes: cryptsetup-devel < %{version}
Requires: device-mapper-devel
Requires: e2fsprogs-devel
Requires: glibc-devel
Requires: libcryptsetup4 = %{version}
Requires: libgcrypt-devel
Requires: libgpg-error-devel
%description -n libcryptsetup-devel
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
%prep
%gpg_verify %{S:1}
%setup -n %name-%ver -q
%build
# cryptsetup build
%{?suse_update_config:%{suse_update_config}}
autoreconf -f -i
test -e po/Makevars || cp po/Makevars.template po/Makevars
%configure \
--disable-static --enable-shared \
--enable-cryptsetup-reencrypt \
--enable-selinux
make %{?_smp_mflags}
%install
make install DESTDIR=$RPM_BUILD_ROOT
install -d -m 755 $RPM_BUILD_ROOT/sbin
ln -s ..%{_sbindir}/cryptsetup $RPM_BUILD_ROOT/sbin
# don't want this file in /lib (FHS compat check), and can't move it to /usr/lib
rm -f $RPM_BUILD_ROOT/%_libdir/*.la
#
%find_lang %name --all-name
%pre
%post
test -n "$FIRST_ARG" || FIRST_ARG="$1"
#
# convert noauto to nofail and turn on fsck (bnc#724113)
#
marker="/var/adm/crypsetup.fstab.noauto_converted"
if [ "$FIRST_ARG" -gt 1 -a ! -e "$marker" ]; then
echo "updating /etc/fstab ... "
tmpfstab="/etc/fstab.cryptsetup.$$"
sed -e '/^\/dev\/mapper\/cr_.*,noauto\s/{s/,noauto\(\s\)/,nofail\1/;s/ 0 0$/ 0 2/}' < /etc/fstab > "$tmpfstab"
if diff -u0 /etc/fstab "$tmpfstab"; then
echo "no change"
rm -f "$tmpfstab"
> "$marker"
else
cp "$tmpfstab" "$marker"
mv "$tmpfstab" /etc/fstab
fi
fi
%post -n libcryptsetup4 -p /sbin/ldconfig
%postun -n libcryptsetup4 -p /sbin/ldconfig
%files -f %name.lang
%defattr(-,root,root)
#ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/crypttab
#ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/cryptotab
/sbin/cryptsetup
%{_sbindir}/cryptsetup
%{_sbindir}/veritysetup
%{_sbindir}/cryptsetup-reencrypt
%_mandir/man8/cryptsetup.8.gz
%_mandir/man8/cryptsetup-reencrypt.8.gz
%_mandir/man8/veritysetup.8.gz
%files -n libcryptsetup4
%defattr(-,root,root)
/%{_libdir}/libcryptsetup.so.4*
%files -n libcryptsetup-devel
%defattr(-,root,root)
%_includedir/libcryptsetup.h
%{_libdir}/libcryptsetup.so
%{_libdir}/pkgconfig/*
%changelog