diff options
Diffstat (limited to 'system/fscrypt')
| -rw-r--r-- | system/fscrypt/README | 4 | ||||
| -rw-r--r-- | system/fscrypt/fscrypt.SlackBuild | 130 | ||||
| -rw-r--r-- | system/fscrypt/fscrypt.info | 40 | ||||
| -rw-r--r-- | system/fscrypt/modules.txt | 47 | ||||
| -rw-r--r-- | system/fscrypt/pam_config | 3 | ||||
| -rw-r--r-- | system/fscrypt/slack-desc | 19 |
6 files changed, 243 insertions, 0 deletions
diff --git a/system/fscrypt/README b/system/fscrypt/README new file mode 100644 index 0000000000..aa618cd705 --- /dev/null +++ b/system/fscrypt/README @@ -0,0 +1,4 @@ +fscrypt is a high-level tool for the management of Linux native +filesystem encryption. fscrypt manages metadata, key generation, key +wrapping, PAM integration, and provides a uniform interface for creating +and modifying encrypted directories. diff --git a/system/fscrypt/fscrypt.SlackBuild b/system/fscrypt/fscrypt.SlackBuild new file mode 100644 index 0000000000..9c112cb8ea --- /dev/null +++ b/system/fscrypt/fscrypt.SlackBuild @@ -0,0 +1,130 @@ +#!/bin/bash + +# Slackware build script for fscrypt + +# Copyright 2025 Isaac Yu <isaacyu@protonmail.com> +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PRGNAM=fscrypt +VERSION=${VERSION:-0.3.5} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i586" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz +cd $PRGNAM-$VERSION +chown -R root:root . +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +mkdir -p vendor +cat $CWD/modules.txt > vendor/modules.txt +for DIR in $(grep -o "^# .* " vendor/modules.txt | cut -d' ' -f2) +do + NAME=$(echo $DIR | sed 's/[./]v[0-9]\+$//' | xargs basename) + DIR=vendor/$DIR + + # Extract the tarball + if [ $DIR = "vendor/github.com/urfave/cli" ]; then + tar xvf $CWD/cli-1.22.14.tar.gz + elif [ $DIR = "vendor/golang.org/x/exp/typeparams" ]; then + tar xvf $CWD/exp-*.tar.gz + else + tar xvf $CWD/$NAME-*.tar.gz + fi + + # Rename extracted folders + mkdir -p $(dirname $DIR) + if [ $DIR = "vendor/github.com/urfave/cli" ]; then + mv cli-1.22.14 $DIR + elif [ $DIR = "vendor/golang.org/x/exp/typeparams" ]; then + mv exp-* $DIR + else + mv $NAME-* $DIR + fi +done + +# Make sure fscrypt uses the vendor directory for compilation +# It must not download anything during the build process +export GOFLAGS="-mod=vendor" + +# Prevent creation of cache files in /root/.cache/go-build +export GOCACHE="${GOCACHE:-$TMP/$PRGNAM-$VERSION/go-cache}" +export GOMODCACHE="${GOMODCACHE:-$TMP/$PRGNAM-$VERSION/go}" + +make +make install DESTDIR=$PKG PREFIX=/usr PAM_MODULE_DIR=/lib${LIBDIRSUFFIX}/security + +# Allow fscrypt to check login passphrase when creating a login protector +install -Dm644 $CWD/pam_config $PKG/etc/pam.d/fscrypt + +# Remove Ubuntu-specific PAM file +rm -r $PKG/usr/share/pam-configs + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a CODE_OF_CONDUCT.md CONTRIBUTING.md LICENSE NEWS.md README.md $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/system/fscrypt/fscrypt.info b/system/fscrypt/fscrypt.info new file mode 100644 index 0000000000..01e54a2d40 --- /dev/null +++ b/system/fscrypt/fscrypt.info @@ -0,0 +1,40 @@ +PRGNAM="fscrypt" +VERSION="0.3.5" +HOMEPAGE="https://github.com/google/fscrypt" +DOWNLOAD="https://github.com/google/fscrypt/archive/v0.3.5/fscrypt-0.3.5.tar.gz \ + https://github.com/client9/misspell/archive/v0.3.4/misspell-0.3.4.tar.gz \ + https://github.com/pkg/errors/archive/v0.9.1/errors-0.9.1.tar.gz \ + https://github.com/urfave/cli/archive/v1.22.14/cli-1.22.14.tar.gz \ + https://github.com/wadey/gocovmerge/archive/b5bfa59/gocovmerge-b5bfa59ec0adc420475f97f89b58045c721d761c.tar.gz \ + https://github.com/golang/crypto/archive/v0.17.0/crypto-0.17.0.tar.gz \ + https://github.com/golang/sys/archive/v0.15.0/sys-0.15.0.tar.gz \ + https://github.com/golang/term/archive/v0.15.0/term-0.15.0.tar.gz \ + https://github.com/golang/tools/archive/v0.13.0/tools-0.13.0.tar.gz \ + https://github.com/protocolbuffers/protobuf-go/archive/v1.33.0/protobuf-go-1.33.0.tar.gz \ + https://github.com/dominikh/go-tools/archive/v0.4.5/go-tools-0.4.5.tar.gz \ + https://github.com/BurntSushi/toml/archive/v1.3.2/toml-1.3.2.tar.gz \ + https://github.com/cpuguy83/go-md2man/archive/v2.0.2/go-md2man-2.0.2.tar.gz \ + https://github.com/russross/blackfriday/archive/v2.1.0/blackfriday-2.1.0.tar.gz \ + https://github.com/golang/exp/archive/732eee0/exp-732eee02a75a571a8347fdf60af8c8b9e3ca9254.tar.gz \ + https://github.com/golang/mod/archive/v0.12.0/mod-0.12.0.tar.gz" +MD5SUM="999170fa267755e413268fde4a6900a7 \ + e63dbac31070aa8df4c8b12afade5f02 \ + 0951216925c98fda75a484a528b06af6 \ + 3435f277c01592e31902d899e1b80a0e \ + ea06b396710e3d6f535e549c32a14cc2 \ + 074993fdf4a9e2697eb3e05e79549cec \ + 7cf52d1bd6c6977d0b7a2a4c57e876d9 \ + 96d50cf5392716166089e16370b6f9a2 \ + 957ea5f49b2d8769ac6b44e3f56dc723 \ + 7de0737359c575dcaa2c58cbc27cf93e \ + 8858bb2bae49d8965a2e57c802116ecf \ + d1265832f013b25d21fa42c68f1b6ab3 \ + afd343ecba3ad16ee7261d4a95869894 \ + 59acda02d26209540970ad339d071f6a \ + 484abe66234235dd9c3b6e2ee7984b5c \ + e4a2608688778d3698035d6dc2bb1fe3" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +REQUIRES="google-go-lang" +MAINTAINER="Isaac Yu" +EMAIL="isaacyu@protonmail.com" diff --git a/system/fscrypt/modules.txt b/system/fscrypt/modules.txt new file mode 100644 index 0000000000..86d0069793 --- /dev/null +++ b/system/fscrypt/modules.txt @@ -0,0 +1,47 @@ +# github.com/client9/misspell v0.3.4 +## explicit +github.com/client9/misspell/cmd/misspell +# github.com/pkg/errors v0.9.1 +## explicit +github.com/pkg/errors +# github.com/urfave/cli v1.22.14 +## explicit +github.com/urfave/cli +# github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad +## explicit +github.com/wadey/gocovmerge +# golang.org/x/crypto v0.17.0 +## explicit +golang.org/x/crypto/argon2 +golang.org/x/crypto/hkdf +# golang.org/x/sys v0.15.0 +## explicit; go 1.17 +golang.org/x/sys/unix +# golang.org/x/term v0.15.0 +## explicit +golang.org/x/term +# golang.org/x/tools v0.13.0 +## explicit +golang.org/x/tools/cmd/goimports +# google.golang.org/protobuf v1.33.0 +## explicit +google.golang.org/protobuf/proto +google.golang.org/protobuf/encoding/protojson +# honnef.co/go/tools v0.4.5 +## explicit +honnef.co/go/tools/cmd/staticcheck +# github.com/BurntSushi/toml v1.3.2 +## explicit +github.com/BurntSushi/toml +# github.com/cpuguy83/go-md2man/v2 v2.0.2 +## explicit +github.com/cpuguy83/go-md2man/v2/md2man +# github.com/russross/blackfriday/v2 v2.1.0 +## explicit +github.com/russross/blackfriday/v2 +# golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a +## explicit +golang.org/x/exp/typeparams +# golang.org/x/mod v0.12.0 +## explicit +golang.org/x/mod diff --git a/system/fscrypt/pam_config b/system/fscrypt/pam_config new file mode 100644 index 0000000000..cfcd602864 --- /dev/null +++ b/system/fscrypt/pam_config @@ -0,0 +1,3 @@ +# Allow fscrypt to check your login passphrase when you create a login protector +# See https://github.com/google/fscrypt/issues/130#issuecomment-533955949 +auth required pam_unix.so diff --git a/system/fscrypt/slack-desc b/system/fscrypt/slack-desc new file mode 100644 index 0000000000..3f1f33c3ca --- /dev/null +++ b/system/fscrypt/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +fscrypt: fscrypt (Go tool for managing Linux filesystem encryption) +fscrypt: +fscrypt: fscrypt is a high-level tool for the management of Linux native +fscrypt: filesystem encryption. fscrypt manages metadata, key generation, key +fscrypt: wrapping, PAM integration, and provides a uniform interface for +fscrypt: creating and modifying encrypted directories. +fscrypt: +fscrypt: +fscrypt: +fscrypt: +fscrypt: |