File ecryptfs-utils.spec of Package ecryptfs-utils.1844

#
# spec file for package ecryptfs-utils
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           ecryptfs-utils
Url:            https://launchpad.net/ecryptfs
Summary:        Userspace Utilities for ecryptfs
License:        GPL-2.0+
Group:          Productivity/Security
Version:        103
Release:        0
Source0:        http://launchpad.net/ecryptfs/trunk/%version/+download/ecryptfs-utils_%version.orig.tar.gz
Source1:        baselibs.conf
Source2:        ecryptfs-mount-private.png
# PATCH-FIX-OPENSUSE fix for systemd and no UUID in fstab
Patch0:         ecryptfs-setup-swap-SuSE.patch
# PATCH-FIX-OPENSUSE build with -fpie/-pie
Patch1:         ecryptfs-utils-src-utils-Makefile.patch
# PATCH-FIX-UPSTREAM validate-mount-destination-fs-type.patch bsc#962052 CVE-2016-1572
Patch2:         validate-mount-destination-fs-type.patch
# PATCH-FIX-UPSTREAM ecryptfs-utils-CVE-2014-9687.patch bsc#920160 CVE-2014-9687
Patch3:         ecryptfs-utils-CVE-2014-9687.patch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildRequires:  gtk2-devel
BuildRequires:  intltool
BuildRequires:  keyutils-devel
BuildRequires:  keyutils-libs
BuildRequires:  libgcrypt-devel
BuildRequires:  libtool
BuildRequires:  mozilla-nss-devel
BuildRequires:  openssl-devel
BuildRequires:  pam-config
BuildRequires:  pam-devel
BuildRequires:  pkcs11-helper-devel
BuildRequires:  python-devel
BuildRequires:  swig
BuildRequires:  trousers-devel
BuildRequires:  update-desktop-files
Requires(pre):  pam-config
PreReq:         permissions

%description
A stacked cryptographic filesystem for Linux.

%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p0
chmod ugo+x tests/userspace/v1-to-v2-wrapped-passphrase.sh

%build
export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
autoreconf -i -f
%configure \
	--docdir=%_defaultdocdir/%{name} \
	--disable-static \
	--enable-tspi \
	--enable-pkcs11-helper \
	--with-pamdir=/%_lib/security
make %{?_smp_mflags}

%check
make check

%install
%makeinstall
mkdir -p $RPM_BUILD_ROOT/%{_datadir}/applications
install -m644 %{SOURCE2} $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-mount-private.png
printf "Encoding=UTF-8\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-mount-private.desktop
printf "Encoding=UTF-8\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-setup-private.desktop
printf "Icon=%{_datadir}/%{name}/ecryptfs-mount-private.png\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-mount-private.desktop
printf "Icon=%{_datadir}/%{name}/ecryptfs-mount-private.png\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-setup-private.desktop
sed -i 's|^_||' $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-mount-private.desktop
sed -i 's|^_||' $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-setup-private.desktop
mv $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-setup-private.desktop $RPM_BUILD_ROOT/%{_datadir}/applications
%suse_update_desktop_file $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-mount-private.desktop
%suse_update_desktop_file -r ecryptfs-setup-private System Security
%find_lang %{name}

#we need ecryptfs kernel module
mkdir -p $RPM_BUILD_ROOT/usr/lib/modules-load.d/
echo -e "# ecryptfs module is needed before ecryptfs mount, so mount helper can \n# check for file name encryption support\necryptfs" >$RPM_BUILD_ROOT/usr/lib/modules-load.d/ecryptfs.conf

%verifyscript
%verify_permissions -e /sbin/mount.ecryptfs_private

%post
/sbin/ldconfig
%set_permissions /sbin/mount.ecryptfs_private
/usr/sbin/pam-config -a --ecryptfs

%postun
/sbin/ldconfig
if [ "$1" -eq 0 ]; then
	/usr/sbin/pam-config -d --ecryptfs
fi

%files -f %{name}.lang
%defattr(-, root, root)
%doc COPYING NEWS README THANKS doc/ecryptfs-faq.html
/usr/include/ecryptfs.h
%{_prefix}/bin/*
/sbin/mount.ecryptfs
/sbin/umount.ecryptfs
/sbin/umount.ecryptfs_private
%verify(not mode) /sbin/mount.ecryptfs_private
%{_libdir}/libecryptfs*
%{_libdir}/pkgconfig/libecryptfs.pc
%{_mandir}/man1/*ecryptfs*
%{_mandir}/man7/ecryptfs*
%{_mandir}/man8/*ecryptfs*
%{_libdir}/ecryptfs*
%{_datadir}/ecryptfs-utils
/%_lib/security/pam_ecryptfs.so
%{python_sitelib}/ecryptfs-utils
%{python_sitearch}/ecryptfs-utils
%{_datadir}/applications/*.desktop
/usr/lib/modules-load.d

%changelog
openSUSE Build Service is sponsored by