pkgs/os-specific/linux/fscryptctl/default.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / pkgs / os-specific / linux / fscryptctl / default.nix

at 24.11-pre 41 lines 1.6 kB view raw

 1{ lib, stdenv, fetchFromGitHub }:
 2
 3stdenv.mkDerivation rec {
 4  pname = "fscryptctl";
 5  version = "1.0.0";
 6
 7  goPackagePath = "github.com/google/fscrypt";
 8
 9  src = fetchFromGitHub {
10    owner = "google";
11    repo = "fscryptctl";
12    rev = "v${version}";
13    sha256 = "1hwj726mm0yhlcf6523n07h0yq1rvkv4km64h3ydpjcrcxklhw6l";
14  };
15
16  makeFlags = [ "PREFIX=${placeholder "out"}" ];
17
18  meta = with lib; {
19    description = "Small C tool for Linux filesystem encryption";
20    mainProgram = "fscryptctl";
21    longDescription = ''
22      fscryptctl is a low-level tool written in C that handles raw keys and
23      manages policies for Linux filesystem encryption, specifically the
24      "fscrypt" kernel interface which is supported by the ext4, f2fs, and
25      UBIFS filesystems.
26      fscryptctl is mainly intended for embedded systems which can't use the
27      full-featured fscrypt tool, or for testing or experimenting with the
28      kernel interface to Linux filesystem encryption. fscryptctl does not
29      handle key generation, key stretching, key wrapping, or PAM integration.
30      Most users should use the fscrypt tool instead, which supports these
31      features and generally is much easier to use.
32      As fscryptctl is intended for advanced users, you should read the kernel
33      documentation for filesystem encryption before using fscryptctl.
34    '';
35    inherit (src.meta) homepage;
36    changelog = "https://github.com/google/fscryptctl/releases/tag/v${version}";
37    license = licenses.asl20;
38    platforms = platforms.linux;
39    maintainers = with maintainers; [ primeos ];
40  };
41}