From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([209.51.188.92]:36326) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gthOK-0001cw-7N for guix-patches@gnu.org; Tue, 12 Feb 2019 18:23:05 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gthOI-00064U-RG for guix-patches@gnu.org; Tue, 12 Feb 2019 18:23:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:46161) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gthOI-00063m-GO for guix-patches@gnu.org; Tue, 12 Feb 2019 18:23:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1gthOI-0001W6-7h for guix-patches@gnu.org; Tue, 12 Feb 2019 18:23:02 -0500 Subject: [bug#34366] [PATCH] gnu: cryptsetup: Update to 2.0.6. Resent-Message-ID: From: Marius Bakke In-Reply-To: <20190212230843.GB31074@jasmine.lan> References: <20190207111902.36bd0753@mykolab.com> <20190209102400.19d8fa94@mykolab.com> <20190212230843.GB31074@jasmine.lan> Date: Wed, 13 Feb 2019 00:22:23 +0100 Message-ID: <87k1i4wq1c.fsf@fastmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Leo Famulari , Rutger Helling Cc: 34366@debbugs.gnu.org --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Leo Famulari writes: > On Sat, Feb 09, 2019 at 10:24:00AM +0100, Rutger Helling wrote: >> I just tested reconfiguring and rebooting. Everything still works for >> me, including the initramfs. >>=20 >> On Thu, 7 Feb 2019 11:19:02 +0100 >> Rutger Helling wrote: >>=20 >> > Hey Guix, >> >=20 >> > here's an update for cryptsetup. Note that although it seems to run >> > fine I haven't been able to test it with an initramfs (yet). > > Thanks! > > Are you able to incorporate the changes suggested in > to cryptsetup-static? Let us know either > way. Note that, when testing #30974 on my machine, it caused severe file system corruption and I had to reinstall. So I recommend taking a full backup before trying this on real hardware! That said, I have tested a more recent version of that patch (attached) in a VM and it appears to works fine. Did not get around to trying it on an already encrypted disk yet though. --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-gnu-cryptsetup-Update-to-2.0.6.patch Content-Transfer-Encoding: quoted-printable From=2049d8c2519c05403c6a4ffb992b49f64a772eeecb Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Fri, 1 Feb 2019 00:27:45 +0100 Subject: [PATCH] gnu: cryptsetup: Update to 2.0.6. * gnu/packages/cryptsetup.scm (cryptsetup): Update to 2.0.6. [source](snippet): Delete bundled argon2. [arguments]: Add #:configure-flags to use system argon2. [inputs]: Add ARGON2 and JSON-C. [native-inputs]: Add PKG-CONFIG. (cryptsetup-static)[inputs]: Add ARGON2 and JSON-C. [arguments]: Add "--enable-libargon2" and "BLKID_LIBS" to #:configure-flags. [inputs]: Distinguish the static output of UTIL-LINUX. =2D-- gnu/packages/cryptsetup.scm | 43 ++++++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 8 deletions(-) diff --git a/gnu/packages/cryptsetup.scm b/gnu/packages/cryptsetup.scm index be60ef072d..c1aafc3bbc 100644 =2D-- a/gnu/packages/cryptsetup.scm +++ b/gnu/packages/cryptsetup.scm @@ -25,14 +25,17 @@ #:use-module (guix utils) #:use-module (gnu packages) #:use-module (gnu packages gnupg) + #:use-module (gnu packages linux) + #:use-module (gnu packages password-utils) + #:use-module (gnu packages pkg-config) #:use-module (gnu packages popt) #:use-module (gnu packages python) =2D #:use-module (gnu packages linux)) + #:use-module (gnu packages web)) =20 (define-public cryptsetup (package (name "cryptsetup") =2D (version "1.7.5") + (version "2.0.6") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/linux/utils/cryptsetu= p/v" @@ -40,15 +43,30 @@ "/" name "-" version ".tar.xz")) (sha256 (base32 =2D "1gail831j826lmpdx2gsc83lp3br6wfnwh3vqwxaa1nn1lfwsc1b")))) + "0c1x125s7p4ps13spsqrcsd9dclz01vsrchmypq9msp7y3hgllbw")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete bundled argon2 library. Preserve the build files + ;; so that we don't trigger 'autoreconf'. + (for-each (lambda (file) + (delete-file file)) + (find-files "lib/crypto_backend/argon2" + "(README|LICENSE|\\.[ch])$")) + #t)))) (build-system gnu-build-system) + (arguments + `(#:configure-flags '("--enable-libargon2"))) (inputs =2D `(("libgcrypt" ,libgcrypt) + `(("argon2" ,argon2) + ("json-c" ,json-c) + ("libgcrypt" ,libgcrypt) ("lvm2" ,lvm2) ("util-linux" ,util-linux) ("popt" ,popt))) (native-inputs =2D `(("python" ,python-wrapper))) + `(("pkg-config" ,pkg-config) + ("python" ,python-wrapper))) (synopsis "Hard disk encryption tool") (description "LUKS (Linux Unified Key Setup)/Cryptsetup provides a standard on-disk @@ -78,8 +96,15 @@ files). This assumes LIBRARY uses Libtool." (inherit cryptsetup) (name "cryptsetup-static") (arguments =2D '(#:configure-flags '("--disable-shared" + '(#:configure-flags `("--disable-shared" "--enable-static-cryptsetup" + "--enable-libargon2" + + ;; Link against the statically built blkid libr= ary instead + ;; of the shared one guessed by pkg-config. + ,(string-append "BLKID_LIBS=3D-L" + (assoc-ref %build-inputs "util-= linux:static") + " -lblkid") =20 ;; 'libdevmapper.a' pulls in libpthread, libude= v and libm. "LIBS=3D-ludev -pthread -lm") @@ -117,9 +142,11 @@ files). This assumes LIBRARY uses Libtool." (inherit (static-library libgcrypt)) (propagated-inputs `(("libgpg-error-host" ,(static-library libgpg-error))))))) =2D `(("libgcrypt" ,libgcrypt-static) + `(("argon2" ,argon2) + ("json-c" ,json-c) + ("libgcrypt" ,libgcrypt-static) ("lvm2" ,lvm2-static) =2D ("util-linux" ,util-linux "static") + ("util-linux:static" ,util-linux "static") ("util-linux" ,util-linux) ("popt" ,popt)))) (synopsis "Hard disk encryption tool (statically linked)"))) =2D-=20 2.20.1 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlxjVS8ACgkQoqBt8qM6 VPqOIAgApxTz+UwqjDnoM45ti/JekgOgp37YCj0bvaHSlqsVpcIEn7zE1PrHzAsV SKxxR9JjgsE4soB1WBLHjM+CxxKRPKs3rOeBWGxaupq59mj50DXHeQHBgqMcfSYc gbjOtQoDuz1CLQMpR+j3VqbDGuYIcbGA+bOB79XuRFRFAZL4AM5XD8wih6liJhEY pyHBJfhRD3Ld+CqlZ19qReanM60QgcazGF9xXYZcKH6Vt2qigWUVonF/PIOGVE5U a1Uje00tq5ybLEknDVhY1VJsc36c5SmKCpNQLcLYED5zCpfQj3abjpf34LDKp4D7 +o4FwoD4GFwr+ubkCjRjwjIB3DC3Mg== =xDv+ -----END PGP SIGNATURE----- --==-=-=--