summaryrefslogtreecommitdiff
path: root/sys-fs/cryptsetup/files
diff options
context:
space:
mode:
Diffstat (limited to 'sys-fs/cryptsetup/files')
-rw-r--r--sys-fs/cryptsetup/files/1.6.7-dmcrypt.confd100
-rw-r--r--sys-fs/cryptsetup/files/cryptsetup-2.0.4-fix-static-pwquality-build.patch18
-rw-r--r--sys-fs/cryptsetup/files/setup-1.7.0.py21
3 files changed, 118 insertions, 21 deletions
diff --git a/sys-fs/cryptsetup/files/1.6.7-dmcrypt.confd b/sys-fs/cryptsetup/files/1.6.7-dmcrypt.confd
index 699d7e75..642ff087 100644
--- a/sys-fs/cryptsetup/files/1.6.7-dmcrypt.confd
+++ b/sys-fs/cryptsetup/files/1.6.7-dmcrypt.confd
@@ -1,5 +1,31 @@
# /etc/conf.d/dmcrypt
+# For people who run dmcrypt on top of some other layer (like raid),
+# use rc_need to specify that requirement. See the runscript(8) man
+# page for more information.
+
+#--------------------
+# Instructions
+#--------------------
+
+# Note regarding the syntax of this file. This file is *almost* bash,
+# but each line is evaluated separately. Separate swaps/targets can be
+# specified. The init-script which reads this file assumes that a
+# swap= or target= line starts a new section, similar to lilo or grub
+# configuration.
+
+# Note when using gpg keys and /usr on a separate partition, you will
+# have to copy /usr/bin/gpg to /bin/gpg so that it will work properly
+# and ensure that gpg has been compiled statically.
+# See http://bugs.gentoo.org/90482 for more information.
+
+# Note that the init-script which reads this file detects whether your
+# partition is LUKS or not. No mkfs is run unless you specify a makefs
+# option.
+
+# Global options:
+#----------------
+
# How long to wait for each timeout (in seconds).
dmcrypt_key_timeout=1
@@ -9,3 +35,77 @@ dmcrypt_key_timeout=1
# Number of password retries.
dmcrypt_retries=5
+# Arguments:
+#-----------
+# target=<name> == Mapping name for partition.
+# swap=<name> == Mapping name for swap partition.
+# source='<dev>' == Real device for partition.
+# Note: You can (and should) specify a tag like UUID
+# for blkid (see -t option). This is safer than using
+# the full path to the device.
+# key='</path/to/keyfile>[:<mode>]' == Fullpath from / or from inside removable media.
+# remdev='<dev>' == Device that will be assigned to removable media.
+# gpg_options='<opts>' == Default are --quiet --decrypt
+# options='<opts>' == cryptsetup, for LUKS you can only use --readonly
+# loop_file='<file>' == Loopback file.
+# Note: If you omit $source, then a free loopback will
+# be looked up automatically.
+# pre_mount='cmds' == commands to execute before mounting partition.
+# post_mount='cmds' == commands to execute after mounting partition.
+#-----------
+# Supported Modes
+# gpg == decrypt and pipe key into cryptsetup.
+# Note: new-line character must not be part of key.
+# Command to erase \n char: 'cat key | tr -d '\n' > cleanKey'
+
+#--------------------
+# dm-crypt examples
+#--------------------
+
+## swap
+# Swap partitions. These should come first so that no keys make their
+# way into unencrypted swap.
+# If no options are given, they will default to: -c aes -h sha1 -d /dev/urandom
+# If no makefs is given then mkswap will be assumed
+#swap=crypt-swap
+#source='/dev/hda2'
+
+## /home with passphrase
+#target=crypt-home
+#source='/dev/hda5'
+
+## /home with regular keyfile
+#target=crypt-home
+#source='/dev/hda5'
+#key='/full/path/to/homekey'
+
+## /home with gpg protected key
+#target=crypt-home
+#source='/dev/hda5'
+#key='/full/path/to/homekey:gpg'
+
+## /home with regular keyfile on removable media(such as usb-stick)
+#target=crypt-home
+#source='/dev/hda5'
+#key='/full/path/to/homekey'
+#remdev='/dev/sda1'
+
+## /home with gpg protected key on removable media(such as usb-stick)
+#target=crypt-home
+#source='/dev/hda5'
+#key='/full/path/to/homekey:gpg'
+#remdev='/dev/sda1'
+
+## /tmp with regular keyfile
+#target=crypt-tmp
+#source='/dev/hda6'
+#key='/full/path/to/tmpkey'
+#pre_mount='/sbin/mkreiserfs -f -f ${dev}'
+#post_mount='chown root:root ${mount_point}; chmod 1777 ${mount_point}'
+
+## Loopback file example
+#target='crypt-loop-home'
+#source='/dev/loop0'
+#loop_file='/mnt/crypt/home'
+
+# The file must be terminated by a newline. Or leave this comment last.
diff --git a/sys-fs/cryptsetup/files/cryptsetup-2.0.4-fix-static-pwquality-build.patch b/sys-fs/cryptsetup/files/cryptsetup-2.0.4-fix-static-pwquality-build.patch
new file mode 100644
index 00000000..39524ec3
--- /dev/null
+++ b/sys-fs/cryptsetup/files/cryptsetup-2.0.4-fix-static-pwquality-build.patch
@@ -0,0 +1,18 @@
+--- a/src/Makemodule.am 2018-07-31 14:32:46.000000000 +0200
++++ b/src/Makemodule.am 2018-08-12 17:13:26.000000000 +0200
+@@ -64,6 +64,7 @@
+ $(veritysetup_LDADD) \
+ @CRYPTO_STATIC_LIBS@ \
+ @DEVMAPPER_STATIC_LIBS@ \
++ @PWQUALITY_STATIC_LIBS@ \
+ @UUID_LIBS@
+ endif
+ endif
+@@ -93,6 +94,7 @@
+ $(integritysetup_LDADD) \
+ @CRYPTO_STATIC_LIBS@ \
+ @DEVMAPPER_STATIC_LIBS@ \
++ @PWQUALITY_STATIC_LIBS@ \
+ @UUID_LIBS@
+ endif
+ endif
diff --git a/sys-fs/cryptsetup/files/setup-1.7.0.py b/sys-fs/cryptsetup/files/setup-1.7.0.py
deleted file mode 100644
index 0da063c0..00000000
--- a/sys-fs/cryptsetup/files/setup-1.7.0.py
+++ /dev/null
@@ -1,21 +0,0 @@
-import os
-from distutils.core import setup, Extension
-
-top_srcdir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
-
-def get_ver():
- with open(os.path.join(top_srcdir, 'configure')) as f:
- for line in f:
- if line.startswith('PACKAGE_VERSION='):
- return line.split('=')[1].replace("'", '').strip()
-
-module = Extension('pycryptsetup',
- include_dirs=[os.path.join(top_srcdir, 'lib')],
- extra_compile_args=['-include', os.path.join(top_srcdir, 'config.h')],
- library_dirs=[os.path.join(top_srcdir, 'lib', '.libs')],
- libraries=['cryptsetup'],
- sources=['pycryptsetup.c'])
-
-setup(name='pycryptsetup',
- version=get_ver(),
- ext_modules=[module])