cryptsetup/SPECS/cryptsetup.spec

%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}

%if 0%{?fedora}
%if 0%{?fedora} >= 29
Obsoletes: python2-cryptsetup
Obsoletes: cryptsetup-python3
%global python2_enable 0
%global python3_enable 0
%else
%global python2_enable 1
%global python3_enable 1
%endif
%else
Obsoletes: cryptsetup-python3
%global python3_enable 0
%if 0%{?rhel} == 7
%global python2_enable 1
%else
Obsoletes: cryptsetup-python
Obsoletes: python2-cryptsetup
%global python2_enable 0
%endif
%endif

Summary: A utility for setting up encrypted disks
Name: cryptsetup
Version: 2.0.6
Release: 1%{?dist}
License: GPLv2+ and LGPLv2+
Group: Applications/System
URL: https://gitlab.com/cryptsetup/cryptsetup
BuildRequires: openssl-devel, popt-devel, device-mapper-devel
BuildRequires: libuuid-devel, gcc, libblkid-devel
%if %{python2_enable}
BuildRequires: python2-devel
%endif
%if %{python3_enable}
BuildRequires: python3-devel
%endif
BuildRequires: libpwquality-devel, json-c-devel
Provides: cryptsetup-luks = %{version}-%{release}
Obsoletes: cryptsetup-luks < 1.4.0
Requires: cryptsetup-libs = %{version}-%{release}
Requires: libpwquality >= 1.2.0

%global upstream_version %{version}
Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{upstream_version}.tar.xz
Patch0:  %{name}-make-api-test-2-default-LUKS2-hdr-size-aware.patch
Patch1:  %{name}-make-reencryption-compat-test2-ready-for-different-L.patch
Patch2:  %{name}-disable-luks2-integrity-test-until-next-usptream-rel.patch
Patch3:  %{name}-increase-default-LUKS2-header-size-to-8MiBs.patch
Patch4:  %{name}-make-align-test-ready-for-larger-LUKS2-hdr.patch
# Following patch has to applied last
Patch5:  %{name}-add-system-library-paths.patch

%description
The cryptsetup package contains a utility for setting up
disk encryption using dm-crypt kernel module.

%package devel
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: pkgconfig
Summary: Headers and libraries for using encrypted file systems
Provides: cryptsetup-luks-devel = %{version}-%{release}
Obsoletes: cryptsetup-luks-devel < 1.4.0

%description devel
The cryptsetup-devel package contains libraries and header files
used for writing code that makes use of disk encryption.

%package libs
Group: System Environment/Libraries
Summary: Cryptsetup shared library
Provides: cryptsetup-luks-libs = %{version}-%{release}
Obsoletes: cryptsetup-luks-libs < 1.4.0

%description libs
This package contains the cryptsetup shared library, libcryptsetup.

%package -n veritysetup
Group: Applications/System
Summary: A utility for setting up dm-verity volumes
Requires: cryptsetup-libs = %{version}-%{release}

%description -n veritysetup
The veritysetup package contains a utility for setting up
disk verification using dm-verity kernel module.

%package -n integritysetup
Group: Applications/System
Summary: A utility for setting up dm-integrity volumes
Requires: cryptsetup-libs = %{version}-%{release}

%description -n integritysetup
The integritysetup package contains a utility for setting up
disk integrity protection using dm-integrity kernel module.

%package reencrypt
Group: Applications/System
Summary: A utility for offline reencryption of LUKS encrypted disks.
Requires: cryptsetup-libs = %{version}-%{release}

%description reencrypt
This package contains cryptsetup-reencrypt utility which
can be used for offline reencryption of disk in situ.

%if %{python2_enable}
%package -n python2-cryptsetup
Group: System Environment/Libraries
Summary: Python bindings for libcryptsetup
Requires: %{name}-libs = %{version}-%{release}
%{?python_provide:%python_provide python2-cryptsetup}
# Remove before F30
Provides: %{name}-python = %{version}-%{release}
Provides: %{name}-python%{?_isa} = %{version}-%{release}
Obsoletes: %{name}-python < %{version}-%{release}
Obsoletes: python-cryptsetup < 1.4.0

%description -n python2-cryptsetup
This package provides Python bindings for libcryptsetup, a library
for setting up disk encryption using dm-crypt kernel module.
%endif

%if %{python3_enable}
%package python3
Group: System Environment/Libraries
Summary: Python3 bindings for libcryptsetup
Requires: %{name}-libs = %{version}-%{release}
Provides: python3-cryptsetup = %{version}-%{release}

%description python3
This package provides Python bindings for libcryptsetup, a library
for setting up disk encryption using dm-crypt kernel module.
%endif

%prep
%setup -q -n cryptsetup-%{upstream_version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
chmod -x python/pycryptsetup-test.py
chmod -x misc/dracut_90reencrypt/*

# copy the whole directory for the python3 build
%if %{python3_enable}
cp -a . %{py3dir}
%endif

%build
%if %{python2_enable} || %{python3_enable}
%configure --enable-python --enable-fips --enable-pwquality --enable-internal-sse-argon2 --with-crypto_backend=openssl --with-default-luks-format=LUKS2
%else
%configure --enable-fips --enable-pwquality --enable-internal-sse-argon2 --with-crypto_backend=openssl --with-default-luks-format=LUKS2
%endif
make %{?_smp_mflags}

%if %{python3_enable}
pushd %{py3dir}
%configure --enable-python --with-python_version=3 --enable-fips --enable-pwquality --enable-internal-sse-argon2 --with-crypto_backend=openssl --with-default-luks-format=LUKS2
make %{?_smp_mflags}
popd
%endif

%install
make install DESTDIR=%{buildroot}
rm -rf %{buildroot}/%{_libdir}/*.la

%if %{python3_enable}
pushd %{py3dir}
make install DESTDIR=%{buildroot}
rm -rf %{buildroot}/%{_libdir}/*.la
popd
%endif
%find_lang cryptsetup

%post -n cryptsetup-libs -p /sbin/ldconfig

%postun -n cryptsetup-libs -p /sbin/ldconfig

%files
%{!?_licensedir:%global license %%doc}
%license COPYING
%doc AUTHORS FAQ docs/*ReleaseNotes
%{_mandir}/man8/cryptsetup.8.gz
%{_sbindir}/cryptsetup

%files -n veritysetup
%{!?_licensedir:%global license %%doc}
%license COPYING
%{_mandir}/man8/veritysetup.8.gz
%{_sbindir}/veritysetup

%files -n integritysetup
%{!?_licensedir:%global license %%doc}
%license COPYING
%{_mandir}/man8/integritysetup.8.gz
%{_sbindir}/integritysetup

%files reencrypt
%{!?_licensedir:%global license %%doc}
%license COPYING
%doc misc/dracut_90reencrypt
%{_mandir}/man8/cryptsetup-reencrypt.8.gz
%{_sbindir}/cryptsetup-reencrypt

%files devel
%doc docs/examples/*
%{_includedir}/libcryptsetup.h
%{_libdir}/libcryptsetup.so
%{_libdir}/pkgconfig/libcryptsetup.pc

%files libs -f cryptsetup.lang
%{!?_licensedir:%global license %%doc}
%license COPYING COPYING.LGPL
%{_libdir}/libcryptsetup.so.*
%{_tmpfilesdir}/cryptsetup.conf
%ghost %attr(700, -, -) %dir /run/cryptsetup

%if %{python2_enable}
%files -n python2-cryptsetup
%{!?_licensedir:%global license %%doc}
%license COPYING.LGPL
%doc python/pycryptsetup-test.py
%exclude %{python_sitearch}/pycryptsetup.la
%{python_sitearch}/pycryptsetup.so
%endif

%if %{python3_enable}
%files python3
%{!?_licensedir:%global license %%doc}
%license COPYING.LGPL
%doc python/pycryptsetup-test.py
%exclude %{python3_sitearch}/pycryptsetup.la
%{python3_sitearch}/pycryptsetup.so
%endif

%clean

%changelog
* Mon Dec 03 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.6-1
- Update to cryptsetup 2.0.6
- Enables all supported metadata sizes in LUKS2 validation code.
- Resolves: #1653383

* Fri Aug 10 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.4-2
- patch: fix device alignment bug when processing hinted
  value by device topology info.
- Resolves: #1614219

* Wed Aug 08 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.4-1
- Update to cryptsetup 2.0.4.
- patch: Add RHEL system library paths in configure.
- patch: Increase default LUKS2 header size to 8 MiBs.
- patch: update tests to be compatible with larger headers.
- Set default format to LUKS2.
- Cleanup changelog.
- Resolves: #1564540 #1595257 #1595266 #1595881 #1600164

* Fri May 04 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.3-1
- Update to cryptsetup 2.0.3.

* Tue Mar 27 2018 Björn Esser <besser82@fedoraproject.org> - 2.0.2-2
- Rebuilt for libjson-c.so.4 (json-c v0.13.1) on fc28

* Wed Mar 07 2018 Milan Broz <gmazyland@gmail.com> - 2.0.2-1
- Update to cryptsetup 2.0.2.
import cryptsetup-2.0.6-1.el8 2019-05-07 10:22:45 +00:00			`%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}`

			`%if 0%{?fedora}`
			`%if 0%{?fedora} >= 29`
			`Obsoletes: python2-cryptsetup`
			`Obsoletes: cryptsetup-python3`
			`%global python2_enable 0`
			`%global python3_enable 0`
			`%else`
			`%global python2_enable 1`
			`%global python3_enable 1`
			`%endif`
			`%else`
			`Obsoletes: cryptsetup-python3`
			`%global python3_enable 0`
			`%if 0%{?rhel} == 7`
			`%global python2_enable 1`
			`%else`
			`Obsoletes: cryptsetup-python`
			`Obsoletes: python2-cryptsetup`
			`%global python2_enable 0`
			`%endif`
			`%endif`

			`Summary: A utility for setting up encrypted disks`
			`Name: cryptsetup`
			`Version: 2.0.6`
			`Release: 1%{?dist}`
			`License: GPLv2+ and LGPLv2+`
			`Group: Applications/System`
			`URL: https://gitlab.com/cryptsetup/cryptsetup`
			`BuildRequires: openssl-devel, popt-devel, device-mapper-devel`
			`BuildRequires: libuuid-devel, gcc, libblkid-devel`
			`%if %{python2_enable}`
			`BuildRequires: python2-devel`
			`%endif`
			`%if %{python3_enable}`
			`BuildRequires: python3-devel`
			`%endif`
			`BuildRequires: libpwquality-devel, json-c-devel`
			`Provides: cryptsetup-luks = %{version}-%{release}`
			`Obsoletes: cryptsetup-luks < 1.4.0`
			`Requires: cryptsetup-libs = %{version}-%{release}`
			`Requires: libpwquality >= 1.2.0`

			`%global upstream_version %{version}`
			`Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{upstream_version}.tar.xz`
			`Patch0: %{name}-make-api-test-2-default-LUKS2-hdr-size-aware.patch`
			`Patch1: %{name}-make-reencryption-compat-test2-ready-for-different-L.patch`
			`Patch2: %{name}-disable-luks2-integrity-test-until-next-usptream-rel.patch`
			`Patch3: %{name}-increase-default-LUKS2-header-size-to-8MiBs.patch`
			`Patch4: %{name}-make-align-test-ready-for-larger-LUKS2-hdr.patch`
			`# Following patch has to applied last`
			`Patch5: %{name}-add-system-library-paths.patch`

			`%description`
			`The cryptsetup package contains a utility for setting up`
			`disk encryption using dm-crypt kernel module.`

			`%package devel`
			`Group: Development/Libraries`
			`Requires: %{name} = %{version}-%{release}`
			`Requires: pkgconfig`
			`Summary: Headers and libraries for using encrypted file systems`
			`Provides: cryptsetup-luks-devel = %{version}-%{release}`
			`Obsoletes: cryptsetup-luks-devel < 1.4.0`

			`%description devel`
			`The cryptsetup-devel package contains libraries and header files`
			`used for writing code that makes use of disk encryption.`

			`%package libs`
			`Group: System Environment/Libraries`
			`Summary: Cryptsetup shared library`
			`Provides: cryptsetup-luks-libs = %{version}-%{release}`
			`Obsoletes: cryptsetup-luks-libs < 1.4.0`

			`%description libs`
			`This package contains the cryptsetup shared library, libcryptsetup.`

			`%package -n veritysetup`
			`Group: Applications/System`
			`Summary: A utility for setting up dm-verity volumes`
			`Requires: cryptsetup-libs = %{version}-%{release}`

			`%description -n veritysetup`
			`The veritysetup package contains a utility for setting up`
			`disk verification using dm-verity kernel module.`

			`%package -n integritysetup`
			`Group: Applications/System`
			`Summary: A utility for setting up dm-integrity volumes`
			`Requires: cryptsetup-libs = %{version}-%{release}`

			`%description -n integritysetup`
			`The integritysetup package contains a utility for setting up`
			`disk integrity protection using dm-integrity kernel module.`

			`%package reencrypt`
			`Group: Applications/System`
			`Summary: A utility for offline reencryption of LUKS encrypted disks.`
			`Requires: cryptsetup-libs = %{version}-%{release}`

			`%description reencrypt`
			`This package contains cryptsetup-reencrypt utility which`
			`can be used for offline reencryption of disk in situ.`

			`%if %{python2_enable}`
			`%package -n python2-cryptsetup`
			`Group: System Environment/Libraries`
			`Summary: Python bindings for libcryptsetup`
			`Requires: %{name}-libs = %{version}-%{release}`
			`%{?python_provide:%python_provide python2-cryptsetup}`
			`# Remove before F30`
			`Provides: %{name}-python = %{version}-%{release}`
			`Provides: %{name}-python%{?_isa} = %{version}-%{release}`
			`Obsoletes: %{name}-python < %{version}-%{release}`
			`Obsoletes: python-cryptsetup < 1.4.0`

			`%description -n python2-cryptsetup`
			`This package provides Python bindings for libcryptsetup, a library`
			`for setting up disk encryption using dm-crypt kernel module.`
			`%endif`

			`%if %{python3_enable}`
			`%package python3`
			`Group: System Environment/Libraries`
			`Summary: Python3 bindings for libcryptsetup`
			`Requires: %{name}-libs = %{version}-%{release}`
			`Provides: python3-cryptsetup = %{version}-%{release}`

			`%description python3`
			`This package provides Python bindings for libcryptsetup, a library`
			`for setting up disk encryption using dm-crypt kernel module.`
			`%endif`

			`%prep`
			`%setup -q -n cryptsetup-%{upstream_version}`
			`%patch0 -p1`
			`%patch1 -p1`
			`%patch2 -p1`
			`%patch3 -p1`
			`%patch4 -p1`
			`%patch5 -p1`
			`chmod -x python/pycryptsetup-test.py`
			`chmod -x misc/dracut_90reencrypt/*`

			`# copy the whole directory for the python3 build`
			`%if %{python3_enable}`
			`cp -a . %{py3dir}`
			`%endif`

			`%build`
			`%if %{python2_enable} \|\| %{python3_enable}`
			`%configure --enable-python --enable-fips --enable-pwquality --enable-internal-sse-argon2 --with-crypto_backend=openssl --with-default-luks-format=LUKS2`
			`%else`
			`%configure --enable-fips --enable-pwquality --enable-internal-sse-argon2 --with-crypto_backend=openssl --with-default-luks-format=LUKS2`
			`%endif`
			`make %{?_smp_mflags}`

			`%if %{python3_enable}`
			`pushd %{py3dir}`
			`%configure --enable-python --with-python_version=3 --enable-fips --enable-pwquality --enable-internal-sse-argon2 --with-crypto_backend=openssl --with-default-luks-format=LUKS2`
			`make %{?_smp_mflags}`
			`popd`
			`%endif`

			`%install`
			`make install DESTDIR=%{buildroot}`
			`rm -rf %{buildroot}/%{_libdir}/*.la`

			`%if %{python3_enable}`
			`pushd %{py3dir}`
			`make install DESTDIR=%{buildroot}`
			`rm -rf %{buildroot}/%{_libdir}/*.la`
			`popd`
			`%endif`
			`%find_lang cryptsetup`

			`%post -n cryptsetup-libs -p /sbin/ldconfig`

			`%postun -n cryptsetup-libs -p /sbin/ldconfig`

			`%files`
			`%{!?_licensedir:%global license %%doc}`
			`%license COPYING`
			`%doc AUTHORS FAQ docs/*ReleaseNotes`
			`%{_mandir}/man8/cryptsetup.8.gz`
			`%{_sbindir}/cryptsetup`

			`%files -n veritysetup`
			`%{!?_licensedir:%global license %%doc}`
			`%license COPYING`
			`%{_mandir}/man8/veritysetup.8.gz`
			`%{_sbindir}/veritysetup`

			`%files -n integritysetup`
			`%{!?_licensedir:%global license %%doc}`
			`%license COPYING`
			`%{_mandir}/man8/integritysetup.8.gz`
			`%{_sbindir}/integritysetup`

			`%files reencrypt`
			`%{!?_licensedir:%global license %%doc}`
			`%license COPYING`
			`%doc misc/dracut_90reencrypt`
			`%{_mandir}/man8/cryptsetup-reencrypt.8.gz`
			`%{_sbindir}/cryptsetup-reencrypt`

			`%files devel`
			`%doc docs/examples/*`
			`%{_includedir}/libcryptsetup.h`
			`%{_libdir}/libcryptsetup.so`
			`%{_libdir}/pkgconfig/libcryptsetup.pc`

			`%files libs -f cryptsetup.lang`
			`%{!?_licensedir:%global license %%doc}`
			`%license COPYING COPYING.LGPL`
			`%{_libdir}/libcryptsetup.so.*`
			`%{_tmpfilesdir}/cryptsetup.conf`
			`%ghost %attr(700, -, -) %dir /run/cryptsetup`

			`%if %{python2_enable}`
			`%files -n python2-cryptsetup`
			`%{!?_licensedir:%global license %%doc}`
			`%license COPYING.LGPL`
			`%doc python/pycryptsetup-test.py`
			`%exclude %{python_sitearch}/pycryptsetup.la`
			`%{python_sitearch}/pycryptsetup.so`
			`%endif`

			`%if %{python3_enable}`
			`%files python3`
			`%{!?_licensedir:%global license %%doc}`
			`%license COPYING.LGPL`
			`%doc python/pycryptsetup-test.py`
			`%exclude %{python3_sitearch}/pycryptsetup.la`
			`%{python3_sitearch}/pycryptsetup.so`
			`%endif`

			`%clean`

			`%changelog`
			`* Mon Dec 03 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.6-1`
			`- Update to cryptsetup 2.0.6`
			`- Enables all supported metadata sizes in LUKS2 validation code.`
			`- Resolves: #1653383`

			`* Fri Aug 10 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.4-2`
			`- patch: fix device alignment bug when processing hinted`
			`value by device topology info.`
			`- Resolves: #1614219`

			`* Wed Aug 08 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.4-1`
			`- Update to cryptsetup 2.0.4.`
			`- patch: Add RHEL system library paths in configure.`
			`- patch: Increase default LUKS2 header size to 8 MiBs.`
			`- patch: update tests to be compatible with larger headers.`
			`- Set default format to LUKS2.`
			`- Cleanup changelog.`
			`- Resolves: #1564540 #1595257 #1595266 #1595881 #1600164`

			`* Fri May 04 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.3-1`
			`- Update to cryptsetup 2.0.3.`

			`* Tue Mar 27 2018 Björn Esser <besser82@fedoraproject.org> - 2.0.2-2`
			`- Rebuilt for libjson-c.so.4 (json-c v0.13.1) on fc28`

			`* Wed Mar 07 2018 Milan Broz <gmazyland@gmail.com> - 2.0.2-1`
			`- Update to cryptsetup 2.0.2.`