e28c5cd7ac
--enable-static-cryptsetup adds binaries suffixed with .static, e.g. cryptsetup.static, and those binaries have extra flags set to enable them to be built statically. It doesn't change how the main binaries are built — they're compiled correctly because pkgsStatic sets up all the necessary compiler flag anyway. So as far as I can tell, all --enable-static-cryptsetup gets us is duplicate binaries that take up disk space unnecessarily.
48 lines
1.3 KiB
Nix
48 lines
1.3 KiB
Nix
{ lib, stdenv, fetchurl, lvm2, json_c
|
|
, openssl, libuuid, pkg-config, popt }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "cryptsetup";
|
|
version = "2.4.3";
|
|
|
|
outputs = [ "out" "dev" "man" ];
|
|
separateDebugInfo = true;
|
|
|
|
src = fetchurl {
|
|
url = "mirror://kernel/linux/utils/cryptsetup/v2.4/${pname}-${version}.tar.xz";
|
|
sha256 = "sha256-/A35RRiBciZOxb8dC9oIJk+tyKP4VtR+upHzH+NUtQc=";
|
|
};
|
|
|
|
# Disable 4 test cases that fail in a sandbox
|
|
patches = [ ./disable-failing-tests.patch ];
|
|
|
|
postPatch = ''
|
|
patchShebangs tests
|
|
|
|
# O_DIRECT is filesystem dependent and fails in a sandbox (on tmpfs)
|
|
# and on several filesystem types (btrfs, zfs) without sandboxing.
|
|
# Remove it, see discussion in #46151
|
|
substituteInPlace tests/unit-utils-io.c --replace "| O_DIRECT" ""
|
|
'';
|
|
|
|
NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) "-lgcc_s";
|
|
|
|
configureFlags = [
|
|
"--enable-cryptsetup-reencrypt"
|
|
"--with-crypto_backend=openssl"
|
|
"--disable-ssh-token"
|
|
];
|
|
|
|
nativeBuildInputs = [ pkg-config ];
|
|
buildInputs = [ lvm2 json_c openssl libuuid popt ];
|
|
|
|
doCheck = true;
|
|
|
|
meta = {
|
|
homepage = "https://gitlab.com/cryptsetup/cryptsetup/";
|
|
description = "LUKS for dm-crypt";
|
|
license = lib.licenses.gpl2;
|
|
maintainers = with lib.maintainers; [ ];
|
|
platforms = with lib.platforms; linux;
|
|
};
|
|
}
|