2022-08-14 09:40:43 +00:00
|
|
|
{ lib, stdenv, fetchurl, lvm2, json_c, asciidoctor
|
2022-09-23 14:08:35 +00:00
|
|
|
, openssl, libuuid, pkg-config, popt, nixosTests
|
2022-09-23 13:59:16 +00:00
|
|
|
|
|
|
|
# The release tarballs contain precomputed manpage files, so we don't need
|
|
|
|
# to run asciidoctor on the man sources. By avoiding asciidoctor, we make
|
|
|
|
# the bare NixOS build hash independent of changes to the ruby ecosystem,
|
|
|
|
# saving mass-rebuilds.
|
|
|
|
, rebuildMan ? false
|
|
|
|
}:
|
2009-03-01 11:11:21 +00:00
|
|
|
|
2011-12-28 21:48:58 +00:00
|
|
|
stdenv.mkDerivation rec {
|
2020-06-17 23:54:43 +00:00
|
|
|
pname = "cryptsetup";
|
2022-08-14 09:40:43 +00:00
|
|
|
version = "2.5.0";
|
2012-08-10 20:42:29 +00:00
|
|
|
|
2022-01-24 12:53:19 +00:00
|
|
|
outputs = [ "bin" "out" "dev" "man" ];
|
2022-01-24 12:57:15 +00:00
|
|
|
separateDebugInfo = true;
|
2018-08-20 14:43:48 +00:00
|
|
|
|
2009-03-01 11:11:21 +00:00
|
|
|
src = fetchurl {
|
2022-08-14 09:40:43 +00:00
|
|
|
url = "mirror://kernel/linux/utils/cryptsetup/v2.5/${pname}-${version}.tar.xz";
|
|
|
|
sha256 = "sha256-kYSm672c5+shEVLn90GmyC8tHMDiSoTsnFKTnu4PBUI=";
|
2009-03-01 11:11:21 +00:00
|
|
|
};
|
|
|
|
|
2022-09-23 21:47:05 +00:00
|
|
|
patches = [
|
|
|
|
# Allow reading tokens from a relative path, see #167994
|
|
|
|
./relative-token-path.patch
|
|
|
|
];
|
|
|
|
|
2018-08-08 21:18:19 +00:00
|
|
|
postPatch = ''
|
|
|
|
patchShebangs tests
|
2018-09-08 19:24:15 +00:00
|
|
|
|
|
|
|
# O_DIRECT is filesystem dependent and fails in a sandbox (on tmpfs)
|
|
|
|
# and on several filesystem types (btrfs, zfs) without sandboxing.
|
|
|
|
# Remove it, see discussion in #46151
|
|
|
|
substituteInPlace tests/unit-utils-io.c --replace "| O_DIRECT" ""
|
2018-08-08 21:18:19 +00:00
|
|
|
'';
|
|
|
|
|
2022-01-24 10:20:24 +00:00
|
|
|
NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) "-lgcc_s";
|
2018-06-15 23:20:53 +00:00
|
|
|
|
|
|
|
configureFlags = [
|
|
|
|
"--enable-cryptsetup-reencrypt"
|
|
|
|
"--with-crypto_backend=openssl"
|
2021-09-01 16:57:13 +00:00
|
|
|
"--disable-ssh-token"
|
2022-09-23 13:59:16 +00:00
|
|
|
] ++ lib.optionals (!rebuildMan) [
|
|
|
|
"--disable-asciidoc"
|
2022-01-24 12:53:19 +00:00
|
|
|
] ++ lib.optionals stdenv.hostPlatform.isStatic [
|
|
|
|
"--disable-external-tokens"
|
|
|
|
# We have to override this even though we're removing token
|
|
|
|
# support, because the path still gets included in the binary even
|
|
|
|
# though it isn't used.
|
|
|
|
"--with-luks2-external-tokens-path=/"
|
2020-06-17 23:54:43 +00:00
|
|
|
];
|
2012-08-10 20:42:29 +00:00
|
|
|
|
2022-09-23 13:59:16 +00:00
|
|
|
nativeBuildInputs = [ pkg-config ] ++ lib.optionals rebuildMan [ asciidoctor ];
|
2020-06-17 23:54:43 +00:00
|
|
|
buildInputs = [ lvm2 json_c openssl libuuid popt ];
|
2009-03-01 11:11:21 +00:00
|
|
|
|
2022-08-13 12:34:25 +00:00
|
|
|
# The test [7] header backup in compat-test fails with a mysterious
|
|
|
|
# "out of memory" error, even though tons of memory is available.
|
|
|
|
# Issue filed upstream: https://gitlab.com/cryptsetup/cryptsetup/-/issues/763
|
|
|
|
doCheck = !stdenv.hostPlatform.isMusl;
|
2018-09-08 19:24:15 +00:00
|
|
|
|
2022-09-23 14:08:35 +00:00
|
|
|
passthru = {
|
|
|
|
tests = {
|
|
|
|
nixos =
|
|
|
|
lib.optionalAttrs stdenv.hostPlatform.isLinux (
|
|
|
|
lib.recurseIntoAttrs (
|
|
|
|
lib.filterAttrs
|
|
|
|
(name: _value: lib.hasPrefix "luks" name)
|
|
|
|
nixosTests.installer
|
|
|
|
)
|
|
|
|
);
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2009-03-01 11:11:21 +00:00
|
|
|
meta = {
|
2020-04-01 01:11:51 +00:00
|
|
|
homepage = "https://gitlab.com/cryptsetup/cryptsetup/";
|
2009-03-01 11:11:21 +00:00
|
|
|
description = "LUKS for dm-crypt";
|
2021-01-15 14:45:37 +00:00
|
|
|
license = lib.licenses.gpl2;
|
|
|
|
maintainers = with lib.maintainers; [ ];
|
|
|
|
platforms = with lib.platforms; linux;
|
2009-03-01 11:11:21 +00:00
|
|
|
};
|
|
|
|
}
|