|
|
79c0bd |
Summary: Utility for setting up encrypted disks
|
|
|
79c0bd |
Name: cryptsetup
|
|
|
79c0bd |
Version: 2.4.0
|
|
|
79c0bd |
Release: 2%{?dist}
|
|
|
79c0bd |
License: GPLv2+ and LGPLv2+
|
|
|
79c0bd |
URL: https://gitlab.com/cryptsetup/cryptsetup
|
|
|
79c0bd |
BuildRequires: openssl-devel, popt-devel, device-mapper-devel
|
|
|
79c0bd |
BuildRequires: libuuid-devel, gcc, json-c-devel
|
|
|
79c0bd |
BuildRequires: libpwquality-devel, libblkid-devel
|
|
|
79c0bd |
BuildRequires: make
|
|
|
79c0bd |
Requires: cryptsetup-libs = %{version}-%{release}
|
|
|
79c0bd |
Requires: libpwquality >= 1.2.0
|
|
|
79c0bd |
|
|
|
79c0bd |
%global upstream_version %{version}
|
|
|
79c0bd |
Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.4/cryptsetup-%{upstream_version}.tar.xz
|
|
|
79c0bd |
# Following patch has to applied last
|
|
|
79c0bd |
Patch0000: %{name}-2.4.1-Adapt-crypto-backend-to-openssl3-lib-context.patch
|
|
|
79c0bd |
Patch0001: %{name}-2.4.1-OpenSSL-backend-make-legacy-for-OpenSSL3-optional-an.patch
|
|
|
79c0bd |
Patch0002: %{name}-2.4.1-Do-not-load-own-OpenSSL-backend-context-in-FIPS-mode.patch
|
|
|
79c0bd |
Patch0003: %{name}-2.4.1-Cache-FIPS-mode-check.patch
|
|
|
79c0bd |
Patch9999: %{name}-add-system-library-paths.patch
|
|
|
79c0bd |
|
|
|
79c0bd |
%description
|
|
|
79c0bd |
The cryptsetup package contains a utility for setting up
|
|
|
79c0bd |
disk encryption using dm-crypt kernel module.
|
|
|
79c0bd |
|
|
|
79c0bd |
%package devel
|
|
|
79c0bd |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
79c0bd |
Requires: pkgconfig
|
|
|
79c0bd |
Summary: Headers and libraries for using encrypted file systems
|
|
|
79c0bd |
|
|
|
79c0bd |
%description devel
|
|
|
79c0bd |
The cryptsetup-devel package contains libraries and header files
|
|
|
79c0bd |
used for writing code that makes use of disk encryption.
|
|
|
79c0bd |
|
|
|
79c0bd |
%package libs
|
|
|
79c0bd |
Summary: Cryptsetup shared library
|
|
|
79c0bd |
|
|
|
79c0bd |
%description libs
|
|
|
79c0bd |
This package contains the cryptsetup shared library, libcryptsetup.
|
|
|
79c0bd |
|
|
|
79c0bd |
%package -n veritysetup
|
|
|
79c0bd |
Summary: A utility for setting up dm-verity volumes
|
|
|
79c0bd |
Requires: cryptsetup-libs = %{version}-%{release}
|
|
|
79c0bd |
|
|
|
79c0bd |
%description -n veritysetup
|
|
|
79c0bd |
The veritysetup package contains a utility for setting up
|
|
|
79c0bd |
disk verification using dm-verity kernel module.
|
|
|
79c0bd |
|
|
|
79c0bd |
%package -n integritysetup
|
|
|
79c0bd |
Summary: A utility for setting up dm-integrity volumes
|
|
|
79c0bd |
Requires: cryptsetup-libs = %{version}-%{release}
|
|
|
79c0bd |
|
|
|
79c0bd |
%description -n integritysetup
|
|
|
79c0bd |
The integritysetup package contains a utility for setting up
|
|
|
79c0bd |
disk integrity protection using dm-integrity kernel module.
|
|
|
79c0bd |
|
|
|
79c0bd |
%package reencrypt
|
|
|
79c0bd |
Summary: A utility for offline reencryption of LUKS encrypted disks
|
|
|
79c0bd |
Requires: cryptsetup-libs = %{version}-%{release}
|
|
|
79c0bd |
|
|
|
79c0bd |
%description reencrypt
|
|
|
79c0bd |
This package contains cryptsetup-reencrypt utility which
|
|
|
79c0bd |
can be used for offline reencryption of disk in situ.
|
|
|
79c0bd |
|
|
|
79c0bd |
%prep
|
|
|
79c0bd |
%autosetup -n cryptsetup-%{upstream_version} -p 1
|
|
|
79c0bd |
chmod -x misc/dracut_90reencrypt/*
|
|
|
79c0bd |
|
|
|
79c0bd |
%build
|
|
|
79c0bd |
%configure --enable-fips --enable-pwquality --enable-internal-sse-argon2 --disable-ssh-token
|
|
|
79c0bd |
%make_build
|
|
|
79c0bd |
|
|
|
79c0bd |
%install
|
|
|
79c0bd |
%make_install
|
|
|
79c0bd |
rm -rf %{buildroot}%{_libdir}/*.la
|
|
|
79c0bd |
|
|
|
79c0bd |
%find_lang cryptsetup
|
|
|
79c0bd |
|
|
|
79c0bd |
%ldconfig_scriptlets -n cryptsetup-libs
|
|
|
79c0bd |
|
|
|
79c0bd |
%files
|
|
|
79c0bd |
%license COPYING
|
|
|
79c0bd |
%doc AUTHORS FAQ docs/*ReleaseNotes
|
|
|
79c0bd |
%{_mandir}/man8/cryptsetup.8.gz
|
|
|
79c0bd |
%{_sbindir}/cryptsetup
|
|
|
79c0bd |
|
|
|
79c0bd |
%files -n veritysetup
|
|
|
79c0bd |
%license COPYING
|
|
|
79c0bd |
%{_mandir}/man8/veritysetup.8.gz
|
|
|
79c0bd |
%{_sbindir}/veritysetup
|
|
|
79c0bd |
|
|
|
79c0bd |
%files -n integritysetup
|
|
|
79c0bd |
%license COPYING
|
|
|
79c0bd |
%{_mandir}/man8/integritysetup.8.gz
|
|
|
79c0bd |
%{_sbindir}/integritysetup
|
|
|
79c0bd |
|
|
|
79c0bd |
%files reencrypt
|
|
|
79c0bd |
%license COPYING
|
|
|
79c0bd |
%doc misc/dracut_90reencrypt
|
|
|
79c0bd |
%{_mandir}/man8/cryptsetup-reencrypt.8.gz
|
|
|
79c0bd |
%{_sbindir}/cryptsetup-reencrypt
|
|
|
79c0bd |
|
|
|
79c0bd |
%files devel
|
|
|
79c0bd |
%doc docs/examples/*
|
|
|
79c0bd |
%{_includedir}/libcryptsetup.h
|
|
|
79c0bd |
%{_libdir}/libcryptsetup.so
|
|
|
79c0bd |
%{_libdir}/pkgconfig/libcryptsetup.pc
|
|
|
79c0bd |
|
|
|
79c0bd |
%files libs -f cryptsetup.lang
|
|
|
79c0bd |
%license COPYING COPYING.LGPL
|
|
|
79c0bd |
%{_libdir}/libcryptsetup.so.*
|
|
|
79c0bd |
%dir %{_libdir}/%{name}/
|
|
|
79c0bd |
%{_tmpfilesdir}/cryptsetup.conf
|
|
|
79c0bd |
%ghost %attr(700, -, -) %dir /run/cryptsetup
|
|
|
79c0bd |
|
|
|
79c0bd |
%changelog
|
|
|
79c0bd |
* Thu Sep 09 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.0-2
|
|
|
79c0bd |
- Fix openssl crypto backend teardown in library destructor
|
|
|
79c0bd |
Resolves: #1998921
|
|
|
79c0bd |
|
|
|
79c0bd |
* Thu Aug 19 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.0-1
|
|
|
79c0bd |
- Update to cryptsetup 2.4.0.
|
|
|
79c0bd |
Resolves: #1869553 #1972722 #1974271 #1975799
|
|
|
79c0bd |
|
|
|
79c0bd |
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.6-3
|
|
|
79c0bd |
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
|
|
79c0bd |
Related: rhbz#1991688
|
|
|
79c0bd |
|
|
|
79c0bd |
* Thu Jun 17 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.6-2
|
|
|
79c0bd |
- Specbump for openssl 3.0
|
|
|
79c0bd |
Related: rhbz#1971065
|
|
|
79c0bd |
|
|
|
79c0bd |
* Wed Jun 16 2021 Ondrej Kozina <okozina@redhat.com> - 2.3.6-1
|
|
|
79c0bd |
- Update to cryptsetup 2.3.6.
|
|
|
79c0bd |
- Resolves: #1961291 #1970932
|
|
|
79c0bd |
|
|
|
79c0bd |
* Tue Jun 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.5-5
|
|
|
79c0bd |
- Rebuilt for RHEL 9 BETA for openssl 3.0
|
|
|
79c0bd |
|
|
|
79c0bd |
Related: rhbz#1971065
|
|
|
79c0bd |
|
|
|
79c0bd |
* Tue Apr 27 2021 Ondrej Kozina <okozina@redhat.com> - 2.3.5-4
|
|
|
79c0bd |
- Drop dependency on libargon2
|
|
|
79c0bd |
- Resolves: #1936959
|
|
|
79c0bd |
|
|
|
79c0bd |
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.5-3
|
|
|
79c0bd |
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
|
|
79c0bd |
|
|
|
79c0bd |
* Thu Mar 11 2021 Milan Broz <gmazyland@gmail.com> - 2.3.5-1
|
|
|
79c0bd |
- Update to cryptsetup 2.3.5.
|
|
|
79c0bd |
|
|
|
79c0bd |
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-2
|
|
|
79c0bd |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
|
79c0bd |
|
|
|
79c0bd |
* Thu Sep 03 2020 Milan Broz <gmazyland@gmail.com> - 2.3.4-1
|
|
|
79c0bd |
- Update to cryptsetup 2.3.4.
|
|
|
79c0bd |
- Fix for CVE-2020-14382 (#1874712)
|