summaryrefslogtreecommitdiffstats
path: root/abs
diff options
context:
space:
mode:
Diffstat (limited to 'abs')
-rw-r--r--abs/core/cryptsetup/PKGBUILD50
-rw-r--r--abs/core/cryptsetup/hooks-encrypt (renamed from abs/core/cryptsetup/encrypt_hook)13
-rw-r--r--abs/core/cryptsetup/install-encrypt (renamed from abs/core/cryptsetup/encrypt_install)7
-rw-r--r--abs/core/cryptsetup/install-sd-encrypt (renamed from abs/core/cryptsetup/sd-encrypt)19
4 files changed, 52 insertions, 37 deletions
diff --git a/abs/core/cryptsetup/PKGBUILD b/abs/core/cryptsetup/PKGBUILD
index 238fff9..0e4fbb6 100644
--- a/abs/core/cryptsetup/PKGBUILD
+++ b/abs/core/cryptsetup/PKGBUILD
@@ -1,43 +1,47 @@
# $Id$
-# Maintainer: Thomas Bächler <thomas@archlinux.org>
+# Maintainer: Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
+# Contributor: Thomas Bächler <thomas@archlinux.org>
+
pkgname=cryptsetup
-pkgver=1.7.0
+pkgver=2.0.1
pkgrel=1
-pkgdesc="Userspace setup tool for transparent encryption of block devices using dm-crypt"
-arch=(i686 x86_64)
+pkgdesc='Userspace setup tool for transparent encryption of block devices using dm-crypt'
+arch=(x86_64)
license=('GPL')
-url="http://code.google.com/p/cryptsetup/"
+url='https://gitlab.com/cryptsetup/cryptsetup/'
groups=('base')
-depends=('device-mapper' 'libgcrypt' 'popt' 'libutil-linux')
+depends=('device-mapper' 'libgcrypt' 'popt' 'libutil-linux' 'json-c' 'argon2')
makedepends=('util-linux')
options=('!emptydirs')
-source=(https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/${pkgname}-${pkgver}.tar.xz
- https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/${pkgname}-${pkgver}.tar.sign
- encrypt_hook
- encrypt_install
- sd-encrypt)
validpgpkeys=('2A2918243FDE46648D0686F9D9B0577BD93E98FC') # Milan Broz <gmazyland@gmail.com>
-sha256sums=('075524a7cc0db36d12119fa79116750accb1c6c8825d5faa2534b74b8ce3d148'
+source=("https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/${pkgname}-${pkgver}.tar."{xz,sign}
+ 'hooks-encrypt'
+ 'install-encrypt'
+ 'install-sd-encrypt')
+sha256sums=('41d188092c52e23d576af41cf0cfe0555d8f7efa21598d4c57c56ea1b6d9c975'
'SKIP'
- '4406f8dc83f4f1b408e49d557515f721d91b358355c71fbe51f74ab27e5c84ff'
- 'cfe465bdad3d958bb2332a05e04f2e1e884422a5714dfd1a0a3b9b74bf7dc6ae'
- 'd442304e6a78b3513ebc53be3fe2f1276a7df470c8da701b3ece971d59979bdd')
-
-#prepare() {
-# cd "${srcdir}"/$pkgname-${pkgver}
-#}
+ '416aa179ce3c6a7a5eee0861f1f0a4fafac91b69e84a2aae82b6e5a6140e31e2'
+ '7b8c8a189f1b63cb4a0c0dd93d3452615bdc05f0e33570c78b338446a59ca750'
+ '7891087a588ede7a5b885c439217af325c994471e821fbfbf4f4ccce47679261')
build() {
cd "${srcdir}"/$pkgname-${pkgver}
- ./configure --prefix=/usr --sbindir=/usr/bin --disable-static --enable-cryptsetup-reencrypt
+
+ ./configure \
+ --prefix=/usr \
+ --sbindir=/usr/bin \
+ --enable-libargon2 \
+ --disable-static
make
}
package() {
cd "${srcdir}"/$pkgname-${pkgver}
+
make DESTDIR="${pkgdir}" install
+
# install hook
- install -D -m644 "${srcdir}"/encrypt_hook "${pkgdir}"/usr/lib/initcpio/hooks/encrypt
- install -D -m644 "${srcdir}"/encrypt_install "${pkgdir}"/usr/lib/initcpio/install/encrypt
- install -D -m644 "${srcdir}"/sd-encrypt "${pkgdir}"/usr/lib/initcpio/install/sd-encrypt
+ install -D -m0644 "${srcdir}"/hooks-encrypt "${pkgdir}"/usr/lib/initcpio/hooks/encrypt
+ install -D -m0644 "${srcdir}"/install-encrypt "${pkgdir}"/usr/lib/initcpio/install/encrypt
+ install -D -m0644 "${srcdir}"/install-sd-encrypt "${pkgdir}"/usr/lib/initcpio/install/sd-encrypt
}
diff --git a/abs/core/cryptsetup/encrypt_hook b/abs/core/cryptsetup/hooks-encrypt
index 819c4cf..882d5fb 100644
--- a/abs/core/cryptsetup/encrypt_hook
+++ b/abs/core/cryptsetup/hooks-encrypt
@@ -44,6 +44,12 @@ EOF
cryptname="root"
fi
+ # This may happen if third party hooks do the crypt setup
+ if [ -b "/dev/mapper/${cryptname}" ]; then
+ echo "Device ${cryptname} already exists, not doing any crypt setup."
+ return 0
+ fi
+
warn_deprecated() {
echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
@@ -88,7 +94,7 @@ EOF
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
- exit 1
+ return 1
fi
elif [ -n "${crypto}" ]; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
@@ -110,7 +116,6 @@ EOF
if [ -f "$ckeyfile" ]; then
exe="$exe --key-file $ckeyfile"
else
- exe="$exe --verify-passphrase"
echo ""
echo "A password is required to access the ${cryptname} volume:"
fi
@@ -119,7 +124,7 @@ EOF
if [ $? -ne 0 ]; then
err "Non-LUKS device decryption failed. verify format: "
err " crypto=hash:cipher:keysize:offset:skip"
- exit 1
+ return 1
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
@@ -127,7 +132,7 @@ EOF
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
- exit 1
+ return 1
fi
else
err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
diff --git a/abs/core/cryptsetup/encrypt_install b/abs/core/cryptsetup/install-encrypt
index 38e5ddc..017ba00 100644
--- a/abs/core/cryptsetup/encrypt_install
+++ b/abs/core/cryptsetup/install-encrypt
@@ -3,13 +3,13 @@
build() {
local mod
- add_module dm-crypt
+ add_module "dm-crypt"
if [[ $CRYPTO_MODULES ]]; then
for mod in $CRYPTO_MODULES; do
add_module "$mod"
done
else
- add_all_modules '/crypto/'
+ add_all_modules "/crypto/"
fi
add_binary "cryptsetup"
@@ -19,6 +19,9 @@ build() {
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
+ # cryptsetup calls pthread_create(), which dlopen()s libgcc_s.so.1
+ add_binary "/usr/lib/libgcc_s.so.1"
+
add_runscript
}
diff --git a/abs/core/cryptsetup/sd-encrypt b/abs/core/cryptsetup/install-sd-encrypt
index c18fd2f..08d83d6 100644
--- a/abs/core/cryptsetup/sd-encrypt
+++ b/abs/core/cryptsetup/install-sd-encrypt
@@ -3,13 +3,13 @@
build() {
local mod
- add_module dm-crypt
+ add_module "dm-crypt"
if [[ $CRYPTO_MODULES ]]; then
for mod in $CRYPTO_MODULES; do
add_module "$mod"
done
else
- add_all_modules '/crypto/'
+ add_all_modules "/crypto/"
fi
add_binary "dmsetup"
@@ -18,14 +18,17 @@ build() {
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
- add_systemd_unit cryptsetup.target
- add_binary /usr/lib/systemd/system-generators/systemd-cryptsetup-generator
- add_binary /usr/lib/systemd/systemd-cryptsetup
+ add_systemd_unit "cryptsetup.target"
+ add_binary "/usr/lib/systemd/system-generators/systemd-cryptsetup-generator"
+ add_binary "/usr/lib/systemd/systemd-cryptsetup"
- add_systemd_unit systemd-ask-password-console.path
- add_systemd_unit systemd-ask-password-console.service
+ add_systemd_unit "systemd-ask-password-console.path"
+ add_systemd_unit "systemd-ask-password-console.service"
- [[ -f /etc/crypttab.initramfs ]] && add_file /etc/crypttab.initramfs /etc/crypttab
+ # cryptsetup calls pthread_create(), which dlopen()s libgcc_s.so.1
+ add_binary "/usr/lib/libgcc_s.so.1"
+
+ [[ -f /etc/crypttab.initramfs ]] && add_file "/etc/crypttab.initramfs" "/etc/crypttab"
}
help() {