#
# Conditonal build:
-%bcond_without initrd # don't build initrd version
-#
-%define realname cryptsetup
+%bcond_with initrd # don't build initrd version
+%bcond_with dietlibc # build initrd version with static glibc instead of dietlibc
+%bcond_with gcrypt # use gcrypt for crypto (instead of openssl)
+%bcond_with passwdqc # password quality checking via libpasswdqc [conflicts with pwquality]
+%bcond_with pwquality # password quality checking via libpwquality [conflicts with passwdqc]
+%bcond_without tests # "make check" run
+
Summary: LUKS for dm-crypt implemented in cryptsetup
Summary(pl.UTF-8): LUKS dla dm-crypta zaimplementowany w cryptsetup
-Name: cryptsetup-luks
-Version: 1.0.6
-Release: 7
+Name: cryptsetup
+Version: 2.7.0
+Release: 1
License: GPL v2
Group: Base
-Source0: http://luks.endorphin.org/source/%{realname}-%{version}.tar.bz2
-# Source0-md5: 00d452eb7a76e39f5749545d48934a10
-Patch1: %{name}-nostatic.patch
-Patch2: %{name}-udev.patch
-URL: http://luks.endorphin.org/
-BuildRequires: autoconf
-BuildRequires: automake
-BuildRequires: device-mapper-devel
-BuildRequires: gettext-devel
-BuildRequires: libgcrypt-devel >= 1.1.42
+Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/%{name}-%{version}.tar.xz
+# Source0-md5: 7210d45a19703bca547e8ba190278cb0
+Patch0: diet.patch
+Patch1: no_pty_tests.patch
+URL: https://gitlab.com/cryptsetup/cryptsetup
+BuildRequires: autoconf >= 2.67
+BuildRequires: automake >= 1:1.12
+BuildRequires: device-mapper-devel >= 1.02.27
+BuildRequires: gettext-tools >= 0.21
+BuildRequires: json-c-devel
+BuildRequires: libargon2-devel >= 20171227
+BuildRequires: libblkid-devel
+%{?with_gcrypt:BuildRequires: libgcrypt-devel >= 1.6.1}
+BuildRequires: libgpg-error-devel
+%{?with_pwquality:BuildRequires: libpwquality-devel >= 1.0.0}
BuildRequires: libselinux-devel
BuildRequires: libsepol-devel
-BuildRequires: libtool
+BuildRequires: libssh-devel
+BuildRequires: libtool >= 2:2.0
BuildRequires: libuuid-devel
-BuildRequires: popt-devel
+BuildRequires: linux-libc-headers >= 7:6.4
+%{!?with_gcrypt:BuildRequires: openssl-devel >= 0.9.8}
+%{?with_passwdqc:BuildRequires: passwdqc-devel}
+BuildRequires: pkgconfig
+BuildRequires: popt-devel >= 1.7
+BuildRequires: ruby-asciidoctor
+BuildRequires: tar >= 1:1.22
+BuildRequires: xz
%if %{with initrd}
-BuildRequires: device-mapper-static >= 1.02.07
-BuildRequires: libgcrypt-static >= 1.1.42
BuildRequires: libgpg-error-static
+ %if %{with dietlibc}
+BuildRequires: device-mapper-dietlibc >= 1.02.27
+BuildRequires: dietlibc-static
+BuildRequires: libgcrypt-dietlibc >= 1.6.1
+BuildRequires: libuuid-dietlibc
+BuildRequires: popt-dietlibc
+ %else
+BuildRequires: device-mapper-static >= 1.02.27
+BuildRequires: libgcrypt-static >= 1.6.1
BuildRequires: libselinux-static
BuildRequires: libsepol-static
BuildRequires: libuuid-static
BuildRequires: popt-static
+BuildRequires: udev-static
+ %endif
%endif
-Provides: cryptsetup = %{version}
-Obsoletes: cryptsetup
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+Requires: device-mapper >= 1.02.27
+%{?with_gcrypt:Requires: libgcrypt >= 1.6.1}
+%{?with_pwquality:Requires: libpwquality >= 1.0.0}
+Requires: popt >= 1.7
+Provides: cryptsetup-luks = %{version}-%{release}
+Obsoletes: cryptsetup-luks < 1.4.1-2
+%{!?with_initrd:Obsoletes: cryptsetup-initrd < %{version}-%{release}}
+Obsoletes: python-pycryptsetup < 2.1.0
Conflicts: udev < 1:118-1
Conflicts: udev-core < 1:115
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sbindir /sbin
-%define _noautoreqdep libcryptsetup.so.0
%description
LUKS is the upcoming standard for Linux hard disk encryption. By
Ten pakiet zawiera implementację LUKS dla dm-crytpa zaimplementowaną w
cryptsetup.
+%package libs
+Summary: cryptsetup shared library
+Summary(pl.UTF-8): Biblioteka współdzielona cryptsetup
+Group: Libraries
+
+%description libs
+cryptsetup shared library.
+
+%description libs -l pl.UTF-8
+Biblioteka współdzielona cryptsetup.
+
%package devel
Summary: Header files for cryptsetup library
Summary(pl.UTF-8): Pliki nagłówkowe biblioteki cryptsetup
Group: Development/Libraries
-Requires: %{name} = %{version}-%{release}
-Requires: device-mapper-devel
-Requires: libgcrypt-devel >= 1.1.42
-Obsoletes: cryptsetup-devel
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+Requires: device-mapper-devel >= 1.02.27
+Requires: json-c-devel
+Requires: libargon2-devel >= 20171227
+Requires: libblkid-devel
+%{?with_gcrypt:Requires: libgcrypt-devel >= 1.6.1}
+Requires: libuuid-devel
+%{!?with_gcrypt:Requires: openssl-devel >= 0.9.8}
+Provides: cryptsetup-luks-devel = %{version}-%{release}
+Obsoletes: cryptsetup-luks-devel < 1.4.1-2
%description devel
Header files for cryptsetup library.
Summary(pl.UTF-8): Statyczna biblioteka cryptsetup
Group: Development/Libraries
Requires: %{name}-devel = %{version}-%{release}
-Obsoletes: cryptsetup-static
+Provides: cryptsetup-luks-static = %{version}-%{release}
+Obsoletes: cryptsetup-luks-static < 1.4.1-2
%description static
Static version of cryptsetup library.
%package initrd
Summary: LUKS for dm-crypt implemented in cryptsetup - initrd version
+Summary(pl.UTF-8): LUKS dla dm-crypta zaimplementowany w cryptsetup - wersja initrd
Group: Base
Requires: udev-initrd >= 1:115
+Provides: cryptsetup-luks-initrd = %{version}-%{release}
+Obsoletes: cryptsetup-luks-initrd < 1.4.1-2
+Conflicts: geninitrd < 10000.10
%description initrd
This package contains implementation of LUKS for dm-crypt implemented
-in cryptsetup - staticaly linked for initrd.
+in cryptsetup - statically linked for initrd.
+
+%description initrd -l pl.UTF-8
+Ten pakiet zawiera implementację LUKS dla dm-crypta zaimplementowaną w
+cryptsetup - wersję statycznie zlinkowaną dla initrd.
%prep
-%setup -q -n %{realname}-%{version}
+%setup -q
+%{?with_diet:%patch0 -p1}
%patch1 -p1
-%patch2 -p1
+
+%{__rm} po/stamp-po
%build
%{__gettextize}
%{__automake}
%if %{with initrd}
+CC="%{__cc}"
%configure \
- --disable-shared-library \
+%if %{with dietlibc}
+ CC="diet ${CC#ccache } %{rpmcppflags} %{rpmcflags} %{rpmldflags} -Os" \
+ LIBS="-lcompat" \
+ ac_cv_lib_popt_poptConfigFileToString=yes \
+ ac_cv_lib_sepol_sepol_bool_set=no \
+ ac_cv_lib_selinux_is_selinux_enabled=no \
+%endif
+%if "%{?configure_cache}" == "1"
+ --cache-file=%{?configure_cache_file}%{!?configure_cache_file:configure}-initrd.cache \
+%endif
+ --disable-nls \
+ --disable-shared \
+ --disable-silent-rules \
--enable-static \
--enable-static-cryptsetup \
- --disable-nls
-%{__make}
-mv src/cryptsetup cryptsetup-initrd
+ --with-crypto-backend=gcrypt \
+ --with-luks2-lock-path=/var/run/%{name} \
+ --with-tmpfilesdir=%{systemdtmpfilesdir}
+
+%{__make} -C lib
+
+%if %{with dietlibc}
+# we have to do it by hand cause libtool "know better" and forces
+# static libs from /usr/lib
+CC="%{__cc}"
+diet ${CC#ccache } %{rpmcppflags} %{rpmcflags} %{rpmldflags} -Os -I. -I./lib -static \
+ -o cryptsetup-initrd src/cryptsetup.c ./lib/.libs/libcryptsetup.a \
+ -lpopt -lgcrypt -lgpg-error -ldevmapper -luuid -lcompat
+%else
+%{__make} -C src
+%{__mv} src/cryptsetup cryptsetup-initrd
+%endif
+
%{__make} clean
%endif
%configure \
- --enable-static
+ --enable-libargon2 \
+ %{?with_passwdqc:--enable-passwdqc=/etc/passwdqc.conf} \
+ %{?with_pwquality:--enable-pwquality} \
+ --disable-silent-rules \
+ --enable-static \
+ --enable-udev \
+ %{?with_gcrypt:--with-crypto-backend=gcrypt} \
+ --with-luks2-lock-path=/var/run/%{name} \
+ --with-tmpfilesdir=%{systemdtmpfilesdir}
%{__make}
+%{?with_tests:%{__make} check}
+
%install
rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT/var/run/cryptsetup
+
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT/%{_lib}
-mv -f $RPM_BUILD_ROOT%{_libdir}/libcryptsetup.so.* $RPM_BUILD_ROOT/%{_lib}
+%{__mv} $RPM_BUILD_ROOT%{_libdir}/libcryptsetup.so.* $RPM_BUILD_ROOT/%{_lib}
ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libcryptsetup.so.*.*.*) \
$RPM_BUILD_ROOT%{_libdir}/libcryptsetup.so
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/cryptsetup/libcryptsetup-*.{la,a}
+
%if %{with initrd}
-install cryptsetup-initrd $RPM_BUILD_ROOT%{_sbindir}
+install -d $RPM_BUILD_ROOT%{_libdir}/initrd
+install -p cryptsetup-initrd $RPM_BUILD_ROOT%{_libdir}/initrd/cryptsetup
%endif
-%find_lang %{realname}
+%find_lang %{name}
%clean
rm -rf $RPM_BUILD_ROOT
-%post -p /sbin/ldconfig
-%postun -p /sbin/ldconfig
+%post libs -p /sbin/ldconfig
+%postun libs -p /sbin/ldconfig
-%files -f %{realname}.lang
+%files -f %{name}.lang
%defattr(644,root,root,755)
-%doc AUTHORS ChangeLog TODO
+%doc AUTHORS FAQ.md README.md docs/{ChangeLog.old,v*-ReleaseNotes,on-disk-format.pdf}
%attr(755,root,root) %{_sbindir}/cryptsetup
-%attr(755,root,root) /%{_lib}/libcryptsetup.so.*.*.*
-%attr(755,root,root) %ghost /%{_lib}/libcryptsetup.so.0
+%attr(755,root,root) %{_sbindir}/cryptsetup-ssh
+%attr(755,root,root) %{_sbindir}/integritysetup
+%attr(755,root,root) %{_sbindir}/veritysetup
+%dir %{_libdir}/cryptsetup
+%attr(755,root,root) %{_libdir}/cryptsetup/libcryptsetup-token-ssh.so
%{_mandir}/man8/cryptsetup.8*
+%{_mandir}/man8/cryptsetup-*.8*
+%{_mandir}/man8/integritysetup.8*
+%{_mandir}/man8/veritysetup.8*
+%{systemdtmpfilesdir}/cryptsetup.conf
+%attr(700,root,root) %dir /var/run/cryptsetup
+
+%files libs
+%defattr(644,root,root,755)
+%attr(755,root,root) /%{_lib}/libcryptsetup.so.*.*.*
+%attr(755,root,root) %ghost /%{_lib}/libcryptsetup.so.12
%files devel
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/libcryptsetup.so
%{_libdir}/libcryptsetup.la
%{_includedir}/libcryptsetup.h
+%{_pkgconfigdir}/libcryptsetup.pc
%files static
%defattr(644,root,root,755)
%if %{with initrd}
%files initrd
%defattr(644,root,root,755)
-%attr(755,root,root) %{_sbindir}/cryptsetup-initrd
+%attr(755,root,root) %{_libdir}/initrd/cryptsetup
%endif