diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount')
3 files changed, 125 insertions, 0 deletions
diff --git a/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/default.nix b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/default.nix new file mode 100644 index 000000000000..ebfd896555ae --- /dev/null +++ b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/default.nix @@ -0,0 +1,48 @@ +{ stdenv, fetchurl, autoreconfHook, pkgconfig, libtool, pam, libHX, libxml2, pcre, perl, openssl, cryptsetup, util-linux }: + +stdenv.mkDerivation rec { + pname = "pam_mount"; + version = "2.16"; + + src = fetchurl { + url = "mirror://sourceforge/pam-mount/pam_mount/${version}/${pname}-${version}.tar.xz"; + sha256 = "1rvi4irb7ylsbhvx1cr6islm2xxw1a4b19q6z4a9864ndkm0f0mf"; + }; + + patches = [ + ./insert_utillinux_path_hooks.patch + ./support_luks2.patch + ]; + + postPatch = '' + substituteInPlace src/mtcrypt.c \ + --replace @@NIX_UTILLINUX@@ ${util-linux}/bin + ''; + + nativeBuildInputs = [ autoreconfHook libtool pkgconfig ]; + + buildInputs = [ pam libHX util-linux libxml2 pcre perl openssl cryptsetup ]; + + enableParallelBuilding = true; + + configureFlags = [ + "--prefix=${placeholder "out"}" + "--localstatedir=${placeholder "out"}/var" + "--sbindir=${placeholder "out"}/bin" + "--sysconfdir=${placeholder "out"}/etc" + "--with-slibdir=${placeholder "out"}/lib" + "--with-ssbindir=${placeholder "out"}/bin" + ]; + + postInstall = '' + rm -r $out/var + ''; + + meta = with stdenv.lib; { + description = "PAM module to mount volumes for a user session"; + homepage = "https://pam-mount.sourceforge.net/"; + license = with licenses; [ gpl2 gpl3 lgpl21 lgpl3 ]; + maintainers = with maintainers; [ tstrobel ]; + platforms = platforms.linux; + }; +} diff --git a/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/insert_utillinux_path_hooks.patch b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/insert_utillinux_path_hooks.patch new file mode 100644 index 000000000000..6d9da05da295 --- /dev/null +++ b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/insert_utillinux_path_hooks.patch @@ -0,0 +1,30 @@ +diff -uNr pam_mount-2.15_old/src/mtcrypt.c pam_mount-2.15/src/mtcrypt.c +--- pam_mount-2.15_old/src/mtcrypt.c 2015-07-04 16:00:12.917943336 +0200 ++++ pam_mount-2.15/src/mtcrypt.c 2015-07-04 16:03:45.685302493 +0200 +@@ -534,7 +534,7 @@ + + /* candidate for replacement by some libmount calls, I guess. */ + argk = 0; +- mount_args[argk++] = "mount"; ++ mount_args[argk++] = "@@NIX_UTILLINUX@@/mount"; + if (opt->fstype != NULL) { + mount_args[argk++] = "-t"; + mount_args[argk++] = opt->fstype; +@@ -668,7 +668,7 @@ + + if (!opt->no_update) + pmt_smtab_remove(mntpt, SMTABF_MOUNTPOINT); +- rmt_args[argk++] = "mount"; ++ rmt_args[argk++] = "@@NIX_UTILLINUX@@/mount"; + rmt_args[argk++] = "-o"; + rmt_args[argk++] = opt->extra_opts; + rmt_args[argk++] = mntpt; +@@ -749,7 +749,7 @@ + pmt_smtab_remove(mountpoint, SMTABF_MOUNTPOINT); + pmt_cmtab_remove(mountpoint); + +- umount_args[argk++] = "umount"; ++ umount_args[argk++] = "@@NIX_UTILLINUX@@/umount"; + umount_args[argk++] = "-i"; + umount_args[argk++] = mountpoint; + umount_args[argk] = NULL; diff --git a/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/support_luks2.patch b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/support_luks2.patch new file mode 100644 index 000000000000..0b8557f1bae0 --- /dev/null +++ b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/pam_mount/support_luks2.patch @@ -0,0 +1,47 @@ +commit d4434c05e7c0cf05d87089404cfa2deedc60811a +Author: Ingo Franzki <ifranzki@linux.ibm.com> +Date: Mon Oct 29 16:47:40 2018 +0100 + + crypto: Add support for LUKS2 + + Cryptsetup version 2.0 added support for LUKS2. + This patch adds support for mounting LUKS2 volumes with + pam_mount. + + Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> + +diff --git a/src/crypto-dmc.c b/src/crypto-dmc.c +index d0ab6ca..abd0358 100644 +--- a/src/crypto-dmc.c ++++ b/src/crypto-dmc.c +@@ -21,6 +21,12 @@ + #include "libcryptmount.h" + #include "pam_mount.h" + ++#ifndef CRYPT_LUKS ++ #define CRYPT_LUKS NULL /* Passing NULL to crypt_load will ++ default to LUKS(1) on older ++ libcryptsetup versions. */ ++#endif ++ + /** + * dmc_is_luks - check if @path points to a LUKS volume (cf. normal dm-crypt) + * @path: path to the crypto container +@@ -48,7 +54,7 @@ EXPORT_SYMBOL int ehd_is_luks(const char *path, bool blkdev) + + ret = crypt_init(&cd, device); + if (ret == 0) { +- ret = crypt_load(cd, CRYPT_LUKS1, NULL); ++ ret = crypt_load(cd, CRYPT_LUKS, NULL); + if (ret == -EINVAL) + ret = false; + else if (ret == 0) +@@ -106,7 +112,7 @@ static bool dmc_run(const struct ehd_mount_request *req, + #endif + } + +- ret = crypt_load(cd, CRYPT_LUKS1, NULL); ++ ret = crypt_load(cd, CRYPT_LUKS, NULL); + if (ret == 0) { + ret = crypt_activate_by_passphrase(cd, mt->crypto_name, + CRYPT_ANY_SLOT, req->key_data, req->key_size, flags); |