pkgs/os-specific/linux/cryptsetup/default.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / os-specific / linux / cryptsetup / default.nix
at 23.05-pre 81 lines 2.6 kB view raw
 1{ lib, stdenv, fetchurl, lvm2, json_c, asciidoctor
 2, openssl, libuuid, pkg-config, popt, nixosTests
 3
 4  # The release tarballs contain precomputed manpage files, so we don't need
 5  # to run asciidoctor on the man sources. By avoiding asciidoctor, we make
 6  # the bare NixOS build hash independent of changes to the ruby ecosystem,
 7  # saving mass-rebuilds.
 8, rebuildMan ? false
 9}:
10
11stdenv.mkDerivation rec {
12  pname = "cryptsetup";
13  version = "2.5.0";
14
15  outputs = [ "bin" "out" "dev" "man" ];
16  separateDebugInfo = true;
17
18  src = fetchurl {
19    url = "mirror://kernel/linux/utils/cryptsetup/v2.5/${pname}-${version}.tar.xz";
20    sha256 = "sha256-kYSm672c5+shEVLn90GmyC8tHMDiSoTsnFKTnu4PBUI=";
21  };
22
23  patches = [
24    # Allow reading tokens from a relative path, see #167994
25    ./relative-token-path.patch
26  ];
27
28  postPatch = ''
29    patchShebangs tests
30
31    # O_DIRECT is filesystem dependent and fails in a sandbox (on tmpfs)
32    # and on several filesystem types (btrfs, zfs) without sandboxing.
33    # Remove it, see discussion in #46151
34    substituteInPlace tests/unit-utils-io.c --replace "| O_DIRECT" ""
35  '';
36
37  NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) "-lgcc_s";
38
39  configureFlags = [
40    "--enable-cryptsetup-reencrypt"
41    "--with-crypto_backend=openssl"
42    "--disable-ssh-token"
43  ] ++ lib.optionals (!rebuildMan) [
44    "--disable-asciidoc"
45  ] ++ lib.optionals stdenv.hostPlatform.isStatic [
46    "--disable-external-tokens"
47    # We have to override this even though we're removing token
48    # support, because the path still gets included in the binary even
49    # though it isn't used.
50    "--with-luks2-external-tokens-path=/"
51  ];
52
53  nativeBuildInputs = [ pkg-config ] ++ lib.optionals rebuildMan [ asciidoctor ];
54  buildInputs = [ lvm2 json_c openssl libuuid popt ];
55
56  # The test [7] header backup in compat-test fails with a mysterious
57  # "out of memory" error, even though tons of memory is available.
58  # Issue filed upstream: https://gitlab.com/cryptsetup/cryptsetup/-/issues/763
59  doCheck = !stdenv.hostPlatform.isMusl;
60
61  passthru = {
62    tests = {
63      nixos =
64        lib.optionalAttrs stdenv.hostPlatform.isLinux (
65          lib.recurseIntoAttrs (
66            lib.filterAttrs
67              (name: _value: lib.hasPrefix "luks" name)
68              nixosTests.installer
69          )
70        );
71    };
72  };
73
74  meta = {
75    homepage = "https://gitlab.com/cryptsetup/cryptsetup/";
76    description = "LUKS for dm-crypt";
77    license = lib.licenses.gpl2;
78    maintainers = with lib.maintainers; [ ];
79    platforms = with lib.platforms; linux;
80  };
81}