bb93042c8b
Fixes <https://bugs.gnu.org/37732>. Reported by Diego Nicola Barbato <dnbarbato@posteo.de>. * gnu/packages/linux.scm (util-linux)[outputs]: Add "lib". [arguments]: Update #:configure-flags and the "move-static-libraries" phase accordingly. Add phases "patch-build-scripts" and "adjust-pkg-config-files". (e2fsprogs, psm, mtd-utils, f2fs-tools, f2fs-tools-1.7, eudev, xfsprogs)[inputs]: Change to the "lib" output of UTIL-LINUX. (btrfs-progs)[inputs]: Remove duplicate UTIL-LINUX inputs and change to use the "lib" output. * gnu/packages/admin.scm (pam-mount)[inputs]: Add UTIL-LINUX:LIB. (testdisk)[inputs]: Change to the "lib" output of UTIL-LINUX. * gnu/packages/android.scm (abootimg)[inputs]: Likewise. * gnu/packages/audio.scm (jack-1)[propagated-inputs]: Likewise. * gnu/packages/bootloaders.scm (syslinux, vboot-utils)[inputs]: Likewise. * gnu/packages/chez.scm (chez-scheme)[inputs]: Likewise. * gnu/packages/cryptsetup.scm (cryptsetup, cryptsetup-static)[inputs]: Likewise. * gnu/packages/databases.scm (postgresql, 4store)[inputs]: Likewise. * gnu/packages/disk.scm (ndctl, gptfdisk, fdisk, gparted, rmlint, volume-key)[inputs]: Likewise. (parted)[inputs]: Likewise. [native-inputs]: Add UTIL-LINUX. * gnu/packages/efi.scm (sbsigntools)[inputs]: Add UTIL-LINUX:LIB. * gnu/packages/engineering.scm (lib3mf)[inputs]: Change to the "lib" output of UTIL-LINUX. * gnu/packages/enlightenment.scm (efl)[propagated-inputs]: Likewise. * gnu/packages/file-systems.scm (glusterfs, jfsutils, zfs)[inputs]: Likewise. * gnu/packages/firmware.scm (ovmf)[inputs]: Likewise. * gnu/packages/fontutils.scm (fontconfig)[propagated-inputs]: Likewise. * gnu/packages/freedesktop.scm (localed)[inputs]: Likewise. * gnu/packages/glib.scm (glib, appstream-glib)[propagated-inputs]: Likewise. * gnu/packages/gnome.scm (tracker, gnome-terminal)[inputs]: Likewise. * gnu/packages/jupyter.scm (xeus)[inputs]: Likewise. * gnu/packages/kde.scm (kpmcore)[inputs]: Likewise. * gnu/packages/kodi.scm (crossguid)[inputs]: Likewise. * gnu/packages/lighting.scm (ola)[inputs]: Likewise. * gnu/packages/music.scm (libgig)[inputs]: Likewise. * gnu/packages/nfs.scm (nfs-utils)[inputs]: Likewise. * gnu/packages/opencog.scm (opencog)[inputs]: Likewise. * gnu/packages/package-management.scm (msitools)[inputs]: Change to the "lib" output of UTIL-LINUX. * gnu/packages/password-utils.scm (pwsafe)[inputs]: Likewise. * gnu/packages/telephony.scm (pjproject)[propagated-inputs]: Likewise. * gnu/packages/rdf.scm (rasqal)[inputs]: Likewise. * gnu/packages/search.scm (xapian)[inputs]: Likewise. * gnu/packages/sssd.scm (sssd)[native-inputs]: Likewise. * gnu/packages/storage.scm (ceph)[inputs]: Add UTIL-LINUX:LIB. * gnu/packages/task-management.scm (taskwarrior)[inputs]: Change to the "lib" output of UTIL-LINUX. * gnu/packages/virtualization.scm (libvirt, xen)[inputs]: Likewise. * gnu/packages/xorg.scm (libsm)[inputs]: Likewise.
147 lines
6.1 KiB
Scheme
147 lines
6.1 KiB
Scheme
;;; GNU Guix --- Functional package management for GNU
|
|
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
|
|
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
|
|
;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr>
|
|
;;;
|
|
;;; This file is part of GNU Guix.
|
|
;;;
|
|
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
|
;;; under the terms of the GNU General Public License as published by
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
;;; your option) any later version.
|
|
;;;
|
|
;;; GNU Guix is distributed in the hope that it will be useful, but
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
;;; GNU General Public License for more details.
|
|
;;;
|
|
;;; You should have received a copy of the GNU General Public License
|
|
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
(define-module (gnu packages cryptsetup)
|
|
#:use-module ((guix licenses) #:prefix license:)
|
|
#:use-module (guix packages)
|
|
#:use-module (guix download)
|
|
#:use-module (guix build-system gnu)
|
|
#:use-module (guix utils)
|
|
#:use-module (gnu packages)
|
|
#:use-module (gnu packages gnupg)
|
|
#:use-module (gnu packages password-utils)
|
|
#:use-module (gnu packages pkg-config)
|
|
#:use-module (gnu packages popt)
|
|
#:use-module (gnu packages linux)
|
|
#:use-module (gnu packages web))
|
|
|
|
(define-public cryptsetup
|
|
(package
|
|
(name "cryptsetup")
|
|
(version "2.2.2")
|
|
(source (origin
|
|
(method url-fetch)
|
|
(uri (string-append "mirror://kernel.org/linux/utils/cryptsetup/v"
|
|
(version-major+minor version)
|
|
"/cryptsetup-" version ".tar.xz"))
|
|
(sha256
|
|
(base32
|
|
"0ija889kfhg4n2fshpq9yh2b1jl2ipvd7sfafh08g75ba6ayrw1a"))))
|
|
(build-system gnu-build-system)
|
|
(arguments
|
|
`(#:configure-flags
|
|
(list
|
|
;; Argon2 is always enabled, this just selects the (faster) full version.
|
|
"--enable-libargon2"
|
|
;; The default is OpenSSL which provides better PBKDF performance.
|
|
"--with-crypto_backend=gcrypt"
|
|
;; GRUB as of 2.04 still can't read LUKS2 containers.
|
|
"--with-default-luks-format=LUKS1")))
|
|
(native-inputs
|
|
`(("pkg-config" ,pkg-config)))
|
|
(inputs
|
|
`(("argon2" ,argon2)
|
|
("json-c" ,json-c)
|
|
("libgcrypt" ,libgcrypt)
|
|
("lvm2" ,lvm2) ; device-mapper
|
|
("popt" ,popt)
|
|
("util-linux" ,util-linux "lib"))) ;libuuid
|
|
(synopsis "Hard disk encryption tool")
|
|
(description
|
|
"LUKS (Linux Unified Key Setup)/Cryptsetup provides a standard on-disk
|
|
encryption format, which does not only facilitate compatibility among
|
|
distributions, but which also provides secure management of multiple user
|
|
passwords. In contrast to existing solutions, LUKS stores all setup necessary
|
|
setup information in the partition header, enabling the users to transport
|
|
or migrate their data seamlessly.")
|
|
(license license:gpl2)
|
|
(home-page "https://gitlab.com/cryptsetup/cryptsetup")))
|
|
|
|
(define (static-library library)
|
|
"Return a variant of package LIBRARY that provides static libraries ('.a'
|
|
files). This assumes LIBRARY uses Libtool."
|
|
(package
|
|
(inherit library)
|
|
(name (string-append (package-name library) "-static"))
|
|
(arguments
|
|
(substitute-keyword-arguments (package-arguments library)
|
|
((#:configure-flags flags ''())
|
|
`(append '("--disable-shared" "--enable-static")
|
|
,flags))))))
|
|
|
|
(define-public cryptsetup-static
|
|
;; Stripped-down statically-linked 'cryptsetup' command for use in initrds.
|
|
(package
|
|
(inherit cryptsetup)
|
|
(name "cryptsetup-static")
|
|
(arguments
|
|
'(#:configure-flags '("--disable-shared"
|
|
"--enable-static-cryptsetup"
|
|
|
|
"--disable-veritysetup"
|
|
"--disable-cryptsetup-reencrypt"
|
|
"--disable-integritysetup"
|
|
|
|
;; The default is OpenSSL which provides better PBKDF performance.
|
|
"--with-crypto_backend=gcrypt"
|
|
|
|
"--disable-blkid"
|
|
;; 'libdevmapper.a' pulls in libpthread, libudev and libm.
|
|
"LIBS=-ludev -pthread -lm")
|
|
|
|
#:allowed-references () ;this should be self-contained
|
|
|
|
#:modules ((ice-9 ftw)
|
|
(ice-9 match)
|
|
(guix build utils)
|
|
(guix build gnu-build-system))
|
|
|
|
#:phases (modify-phases %standard-phases
|
|
(add-after 'install 'remove-cruft
|
|
(lambda* (#:key outputs #:allow-other-keys)
|
|
;; Remove everything except the 'cryptsetup' command.
|
|
(let ((out (assoc-ref outputs "out")))
|
|
(with-directory-excursion out
|
|
(let ((dirs (scandir "."
|
|
(match-lambda
|
|
((or "." "..") #f)
|
|
(_ #t)))))
|
|
(for-each delete-file-recursively
|
|
(delete "sbin" dirs))
|
|
(for-each (lambda (file)
|
|
(rename-file (string-append file
|
|
".static")
|
|
file)
|
|
(remove-store-references file))
|
|
'("sbin/cryptsetup"))
|
|
#t))))))))
|
|
(inputs
|
|
(let ((libgcrypt-static
|
|
(package
|
|
(inherit (static-library libgcrypt))
|
|
(propagated-inputs
|
|
`(("libgpg-error-host" ,(static-library libgpg-error)))))))
|
|
`(("json-c" ,json-c)
|
|
("libgcrypt" ,libgcrypt-static)
|
|
("lvm2" ,lvm2-static)
|
|
("util-linux" ,util-linux "static")
|
|
("util-linux" ,util-linux "lib")
|
|
("popt" ,popt))))
|
|
(synopsis "Hard disk encryption tool (statically linked)")))
|