From: Brendan Tildesley <mail@brendan.scot>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: "50428@debbugs.gnu.org" <50428@debbugs.gnu.org>
Subject: [bug#50428] [PATCH] gnu: Add cryfs
Date: Tue, 14 Sep 2021 14:13:11 +0200 (CEST) [thread overview]
Message-ID: <1201589804.62472.1631621592628@office.mailbox.org> (raw)
In-Reply-To: <87tuin5vvs.fsf@gnu.org>
[-- Attachment #1: Type: text/plain, Size: 1751 bytes --]
Update attached.
> On 09/14/2021 11:50 AM Ludovic Courtès <ludo@gnu.org> wrote:
>
>
> Hi,
>
> Brendan Tildesley <mail@brendan.scot> skribis:
>
> > * gnu/packages/crypto.scm (cryfs): New variable.
>
> Overall LGTM modulo the minor issues below:
>
> > + '(#:configure-flags
> > + `("-DCRYFS_UPDATE_CHECKS=OFF" ;; Note: This also disables checking for security issues.
> > + "-DCMAKE_BUILD_TYPE=Release" ;; Build man pages.
>
> Normally this is set by #:build-type. It defaults to “RelWithDebInfo”,
> which is nice because then you get debugging symbols if you pass
> ‘--with-debug-info=cryfs’. So I’d suggest removing this second flag.
>
I found a way to build man pages without it.
> > + (replace 'check
> > + (lambda* (#:key tests? outputs #:allow-other-keys)
> > + (use-modules (srfi srfi-1))
>
> Please use #:modules ((srfi srfi-1) …) instead of this non-top-level
> ‘use-modules’ form.
>
done.
> > + (when tests?
> > + (with-directory-excursion "/tmp/build/test"
> > + (let ((tests (find-files "." "-test$"))
> > + (tests-output (assoc-ref outputs "tests")))
> > + ;; Install tests to a separate output so users can run them.
> > + (copy-recursively "." tests-output)
>
> Installing tests is unusual. Do you really think it’s going to be
> useful?
Not sure. I felt since the cryfs is for encrypting peoples files, they may want to run the tests themselves
to see if there any nasty issues. Most of the tests fail due to FUSE not being available, which works outside
the chroot. Anyways I removed installing them.
[-- Attachment #2: 0001-gnu-Add-cryfs.patch --]
[-- Type: text/x-patch, Size: 5139 bytes --]
From 6604ab84de9a38907ca6d930dcb5c0d79de28d88 Mon Sep 17 00:00:00 2001
From: Brendan Tildesley <mail@brendan.scot>
Date: Sat, 4 Sep 2021 16:52:23 +1000
Subject: [PATCH] gnu: Add cryfs.
* gnu/packages/crypto.scm (cryfs): New variable.
---
gnu/packages/crypto.scm | 77 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 77 insertions(+)
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index c511d0a711..af1412c44e 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -21,6 +21,7 @@
;;; Copyright © 2020 pukkamustard <pukkamustard@posteo.net>
;;; Copyright © 2021 Ellis Kenyő <me@elken.dev>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2021 Brendan Tildesley <mail@brendan.scot>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -46,8 +47,10 @@
#:use-module (gnu packages boost)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages cpp)
#:use-module (gnu packages crates-io)
#:use-module (gnu packages cryptsetup)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages documentation)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
@@ -58,6 +61,7 @@
#:use-module (gnu packages libbsd)
#:use-module (gnu packages libffi)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages logging)
#:use-module (gnu packages lsof)
#:use-module (gnu packages man)
#:use-module (gnu packages multiprecision)
@@ -1385,3 +1389,76 @@ them out. The process will degrade gracefully, so even people without your
encryption password can safely commit changes to the repository's
non-encrypted files.")
(license license:expat)))
+
+(define-public cryfs
+ (package
+ (name "cryfs")
+ (version "0.11.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/cryfs/cryfs/releases/download/"
+ version "/cryfs-" version ".tar.xz"))
+ (sha256
+ (base32 "0dxphbj5sssm82rkkdb71algrcki16qlpzlvrjyvvm6b7x7zi0sm"))))
+ (build-system cmake-build-system)
+ (arguments
+ '(#:modules ((guix build cmake-build-system)
+ (guix build utils)
+ (srfi srfi-1))
+ #:configure-flags
+ ;; Note: This also disables checking for security issues.
+ `("-DCRYFS_UPDATE_CHECKS=OFF"
+ ;; This helps us use some dependencies from Guix instead of conan.
+ ;; crypto++ is still bundled: https://github.com/cryfs/cryfs/issues/369
+ ;; Googletest is also since I wasn't sure how to unbundle that.
+ ,(string-append "-DDEPENDENCY_CONFIG=" (getcwd)
+ "/cmake-utils/DependenciesFromLocalSystem.cmake"))
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'fix-configure
+ (lambda* (#:key tests? #:allow-other-keys)
+ ;; Remove junk directory that breaks the build
+ (chdir "..") (delete-file-recursively ".circleci")
+ ;; Install documentation with Guix defaults.
+ (substitute* "doc/CMakeLists.txt"
+ (("CONFIGURATIONS Release")
+ "CONFIGURATIONS Release RelWithDebInfo"))
+ (when tests?
+ (substitute* "CMakeLists.txt"
+ (("option.BUILD_TESTING .build test cases. OFF.")
+ "option(BUILD_TESTING \"build test cases\" ON)")))))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (let ((tests (find-files "." "-test$")))
+ ;; XXX: Disable failing tests. Unfortunately there are a
+ ;; few. Some only fail in the build environment due to
+ ;; FUSE not being available.
+ (for-each invoke
+ (lset-difference string-contains
+ tests
+ '("cpp-utils-test"
+ "cryfs-cli-test"
+ "blobstore-test"
+ "fspp-test")))))
+ #t)))))
+ (native-inputs
+ `(("python" ,python-wrapper)
+ ("pkg-config" ,pkg-config)))
+ (inputs
+ `(("boost" ,boost)
+ ("curl" ,curl)
+ ("fuse" ,fuse)
+ ("range-v3" ,range-v3)
+ ("spdlog" ,spdlog)))
+ (home-page "https://www.cryfs.org/")
+ (synopsis "Encrypted FUSE filesystem for the cloud")
+ (description "CryFS encrypts your files, so you can safely store them anywhere.
+It works well together with cloud services like Dropbox, iCloud, OneDrive and
+others. CryFS creates an encrypted userspace filesystem that can be mounted
+via FUSE without root permissions. It is similar to EncFS, but provides
+additional security and privacy measures such as hiding file sizes and directory
+structure. However CryFS is not considered stable yet by the developers.")
+ (license license:lgpl3+)))
--
2.33.0
next prev parent reply other threads:[~2021-09-14 12:14 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-06 13:34 [bug#50428] [PATCH] gnu: Add cryfs Brendan Tildesley
2021-09-14 9:50 ` bug#50428: " Ludovic Courtès
2021-09-14 12:13 ` Brendan Tildesley [this message]
2021-09-16 19:56 ` [bug#50428] " Ludovic Courtès
2021-09-16 9:42 ` bug#50428: " Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1201589804.62472.1631621592628@office.mailbox.org \
--to=mail@brendan.scot \
--cc=50428@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).