nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-01 07:01:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #56607 from andir/cryptsetup-2.1

Browse Source 
cryptsetup: 2.0.6 -> 2.1.0
This commit is contained in:
Andreas Rammhold 2019-03-06 16:55:26 +01:00 committed by GitHub
commit 219b247e5b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 42 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
nixos/tests/installer.nix
View File

@ -273,6 +273,37 @@ let
}; };
}; };
makeLuksRootTest = name: luksFormatOpts: makeInstallerTest "luksroot-format2"
{ createPartitions = ''
$machine->succeed(
"flock /dev/vda parted --script /dev/vda -- mklabel msdos"
. " mkpart primary ext2 1M 50MB" # /boot
. " mkpart primary linux-swap 50M 1024M"
. " mkpart primary 1024M -1s", # LUKS
"udevadm settle",
"mkswap /dev/vda2 -L swap",
"swapon -L swap",
"modprobe dm_mod dm_crypt",
"echo -n supersecret | cryptsetup luksFormat ${luksFormatOpts} -q /dev/vda3 -",
"echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vda3 cryptroot",
"mkfs.ext3 -L nixos /dev/mapper/cryptroot",
"mount LABEL=nixos /mnt",
"mkfs.ext3 -L boot /dev/vda1",
"mkdir -p /mnt/boot",
"mount LABEL=boot /mnt/boot",
);
'';
extraConfig = ''
boot.kernelParams = lib.mkAfter [ "console=tty0" ];
'';
enableOCR = true;
preBootCommands = ''
$machine->start;
$machine->waitForText(qr/Passphrase for/);
$machine->sendChars("supersecret\n");
'';
};
in { in {
@ -446,37 +477,14 @@ in {
''; '';
}; };
# Boot off an encrypted root partition # Boot off an encrypted root partition with the default LUKS header format
luksroot = makeInstallerTest "luksroot" luksroot = makeLuksRootTest "luksroot-format1" "";
{ createPartitions = ''
$machine->succeed( # Boot off an encrypted root partition with LUKS1 format
"flock /dev/vda parted --script /dev/vda -- mklabel msdos" luksroot-format1 = makeLuksRootTest "luksroot-format1" "--type=LUKS1";
. " mkpart primary ext2 1M 50MB" # /boot
. " mkpart primary linux-swap 50M 1024M" # Boot off an encrypted root partition with LUKS2 format
. " mkpart primary 1024M -1s", # LUKS luksroot-format2 = makeLuksRootTest "luksroot-format2" "--type=LUKS2";
"udevadm settle",
"mkswap /dev/vda2 -L swap",
"swapon -L swap",
"modprobe dm_mod dm_crypt",
"echo -n supersecret | cryptsetup luksFormat -q /dev/vda3 -",
"echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vda3 cryptroot",
"mkfs.ext3 -L nixos /dev/mapper/cryptroot",
"mount LABEL=nixos /mnt",
"mkfs.ext3 -L boot /dev/vda1",
"mkdir -p /mnt/boot",
"mount LABEL=boot /mnt/boot",
);
'';
extraConfig = ''
boot.kernelParams = lib.mkAfter [ "console=tty0" ];
'';
enableOCR = true;
preBootCommands = ''
$machine->start;
$machine->waitForText(qr/Passphrase for/);
$machine->sendChars("supersecret\n");
'';
};
# Test whether opening encrypted filesystem with keyfile # Test whether opening encrypted filesystem with keyfile
# Checks for regression of missing cryptsetup, when no luks device without # Checks for regression of missing cryptsetup, when no luks device without

6
pkgs/os-specific/linux/cryptsetup/default.nix
View File

@ -5,13 +5,13 @@
assert enablePython -> python2 != null; assert enablePython -> python2 != null;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "cryptsetup-2.0.6"; name = "cryptsetup-2.1.0";
outputs = [ "out" "dev" "man" ]; outputs = [ "out" "dev" "man" ];
src = fetchurl { src = fetchurl {
url = "mirror://kernel/linux/utils/cryptsetup/v2.0/${name}.tar.xz"; url = "mirror://kernel/linux/utils/cryptsetup/v2.1/${name}.tar.xz";
sha256 = "0c1x125s7p4ps13spsqrcsd9dclz01vsrchmypq9msp7y3hgllbw"; sha256 = "15y8n547garz0x5kqv09gscdsrz0c0y1y6c5cp8pccwg3xsb5vm3";
}; };
# Disable 4 test cases that fail in a sandbox # Disable 4 test cases that fail in a sandbox