Blame ecryptfs-utils.spec

Michal Hlavinka 0f50b0
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Michal Hlavinka 0f50b0
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
Michal Hlavinka 7ddd80
%global _libdir /%{_lib}
Michal Hlavinka 7ddd80
%global _sbindir /sbin
Michal Hlavinka 0f50b0
Michael Halcrow fc3966
Name: ecryptfs-utils
7d5fb1
Version: 100
538c2f
Release: 1%{?dist}
Michael Halcrow fc3966
Summary: The eCryptfs mount helper and support libraries
Michael Halcrow fc3966
Group: System Environment/Base
Tom Callaway d2d5d1
License: GPLv2+
Michal Hlavinka 0f50b0
URL: https://launchpad.net/ecryptfs
Michal Hlavinka a225d8
Source0: http://launchpad.net/ecryptfs/trunk/%{version}/+download/%{name}_%{version}.orig.tar.gz
Michal Hlavinka e10600
Source1: ecryptfs-mount-private.png
Michal Hlavinka a225d8
Michal Hlavinka 7ddd80
# rhbz#500829, do not use ubuntu/debian only service
Michal Hlavinka 7ddd80
Patch2: ecryptfs-utils-75-nocryptdisks.patch
Michal Hlavinka 7beee0
Michal Hlavinka d69e53
# rhbz#553629, fix usage of salt together with file_passwd
Michal Hlavinka d69e53
Patch3: ecryptfs-utils-83-fixsalt.patch
Michal Hlavinka d69e53
Michal Hlavinka 14f1a4
# fedora/rhel specific, rhbz#486139, remove nss dependency from umount.ecryptfs
Michal Hlavinka 14f1a4
Patch4: ecryptfs-utils-83-splitnss.patch
Michal Hlavinka 14f1a4
9f5906
# rhbz#664474, fix unsigned < 0 test
9f5906
Patch5: ecryptfs-utils-84-fixsigness.patch
9f5906
ade735
# fix man pages
ade735
Patch8: ecryptfs-utils-86-manpage.patch
ade735
2c1ecd
# autoload ecryptfs module in ecryptfs-setup-private when needed, rhbz#707608
2c1ecd
Patch9: ecryptfs-utils-87-autoload.patch
2c1ecd
b49868
# fedora/rhel specific, check for pam ecryptfs module before home migration
b49868
Patch11: ecryptfs-utils-87-authconfig.patch
b49868
bbbcbd
# memcpy can't be used on overlaping areas
bbbcbd
Patch12: ecryptfs-utils-87-memcpyfix.patch
bbbcbd
8813d2
# allow building with -Werror
8813d2
Patch999: ecryptfs-utils-75-werror.patch
8813d2
be2a3c
# using return after fork() in pam module has some nasty side effects, rhbz#722445
25e938
Patch14: ecryptfs-utils-87-fixpamfork.patch
be2a3c
be2a3c
# we need gid==ecryptfs in pam module before mount.ecryptfs_private execution
25e938
Patch15: ecryptfs-utils-87-fixexecgid.patch
be2a3c
be2a3c
# do not use zombie process, it causes lock ups at least for ssh login
25e938
Patch16: ecryptfs-utils-87-nozombies.patch
bbbcbd
8b5695
# if we do not use zombies, we have to store passphrase in pam_data and init keyring later
25e938
Patch17: ecryptfs-utils-87-pamdata.patch
8b5695
25e938
# patch17 needs propper const on some places
25e938
Patch18: ecryptfs-utils-87-fixconst.patch
8b5695
25e938
Patch19: ecryptfs-utils-87-syslog.patch
7a13e7
16d05b
# if e-m-p fails, check if user is member of ecryptfs group
16d05b
Patch21: ecryptfs-utils-96-groupcheck.patch
538c2f
Patch22: ecryptfs-utils-99-selinux.patch
538c2f
16d05b
Michal Hlavinka e12eec
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
Peter Robinson 0b8b80
Requires: keyutils, cryptsetup-luks, util-linux, gettext
Michael Halcrow fc3966
BuildRequires: libgcrypt-devel keyutils-libs-devel openssl-devel pam-devel
Michal Hlavinka d79558
BuildRequires: trousers-devel nss-devel desktop-file-utils intltool
Michal Hlavinka 79c27c
BuildRequires: pkcs11-helper-devel
Michal Hlavinka 14f1a4
BuildRequires: automake autoconf libtool glib2-devel gettext-devel
Michael Halcrow fc3966
Michael Halcrow fc3966
%description
Michael Halcrow fc3966
eCryptfs is a stacked cryptographic filesystem that ships in Linux
Michael Halcrow fc3966
kernel versions 2.6.19 and above. This package provides the mount
Michael Halcrow fc3966
helper and supporting libraries to perform key management and mount
Michael Halcrow fc3966
functions.
Michael Halcrow fc3966
Michael Halcrow fc3966
Install ecryptfs-utils if you would like to mount eCryptfs.
Michael Halcrow fc3966
Michael Halcrow fc3966
%package devel
Michael Halcrow fc3966
Summary: The eCryptfs userspace development package
Michael Halcrow fc3966
Group: System Environment/Base
Michael Halcrow fc3966
Requires: keyutils-libs-devel %{name} = %{version}-%{release}
Michal Hlavinka a225d8
Requires: pkgconfig
Michael Halcrow fc3966
Michael Halcrow fc3966
%description devel
Michael Halcrow fc3966
Userspace development files for eCryptfs.
Michael Halcrow fc3966
Michal Hlavinka 0f50b0
%package python
Michal Hlavinka 0f50b0
Summary: Python bindings for the eCryptfs utils
Michal Hlavinka 0f50b0
Group: System Environment/Base
Michal Hlavinka 0f50b0
Requires: ecryptfs-utils %{name} = %{version}-%{release}
Michal Hlavinka a225d8
BuildRequires: python python-devel swig >= 1.3.31
Michal Hlavinka 0f50b0
Michal Hlavinka 0f50b0
%description python
Michal Hlavinka 0f50b0
The ecryptfs-utils-python package contains a module that permits 
Michal Hlavinka 0f50b0
applications written in the Python programming language to use 
Michal Hlavinka 0f50b0
the interface supplied by the ecryptfs-utils library.
Michal Hlavinka 0f50b0
Michael Halcrow fc3966
%prep
Michal Hlavinka a938f8
%setup -q
Michal Hlavinka 7ddd80
%patch2 -p1 -b .nocryptdisks
Michal Hlavinka d69e53
%patch3 -p1 -b .fixsalt
Michal Hlavinka 14f1a4
%patch4 -p1 -b .splitnss
9f5906
%patch5 -p1 -b .fixsigness
ade735
%patch8 -p1 -b .manfix
2c1ecd
%patch9 -p1 -b .autoload
b49868
%patch11 -p1 -b .authconfig
bbbcbd
%patch12 -p1 -b .memcpyfix
8813d2
%patch999 -p1 -b .werror
25e938
%patch14 -p1 -b .fixpamfork
25e938
%patch15 -p1 -b .fixexecgid
25e938
%patch16 -p1 -b .nozombies
25e938
%patch17 -p1 -b .pamdata
25e938
%patch18 -p1 -b .fixconst
25e938
%patch19 -p1 -b .syslog
16d05b
%patch21 -p1 -b .groupcheck
538c2f
%patch22 -p1 -b .selinux
Michael Halcrow fc3966
Michael Halcrow fc3966
%build
9b69d7
export CFLAGS="$RPM_OPT_FLAGS -Werror -Wtype-limits"
Michal Hlavinka 14f1a4
#we're modifing Makefile.am
Michal Hlavinka 14f1a4
autoreconf -fiv
a7b4e2
%configure --disable-rpath --enable-tspi --enable-nss --enable-pkcs11-helper --enable-tests
Michal Hlavinka a225d8
make clean
Michal Hlavinka 0f50b0
#disable rpath
Michal Hlavinka 0f50b0
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
Michal Hlavinka 0f50b0
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
Michal Hlavinka a225d8
Michael Halcrow fc3966
make %{?_smp_mflags}
Michael Halcrow fc3966
Michael Halcrow fc3966
%install
Michael Halcrow fc3966
rm -rf $RPM_BUILD_ROOT
Michael Halcrow fc3966
make install DESTDIR=$RPM_BUILD_ROOT
Michal Hlavinka 7ddd80
find $RPM_BUILD_ROOT/ -name '*.la' | xargs rm -f
Michal Hlavinka 609177
rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}
Michal Hlavinka a225d8
#install files Makefile forgot install
Michal Hlavinka 7beee0
install -m644 %{SOURCE1} $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-mount-private.png
Michal Hlavinka a225d8
printf "Encoding=UTF-8\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka a225d8
printf "Encoding=UTF-8\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-setup-private.desktop
Michal Hlavinka 7beee0
printf "Icon=%{_datadir}/%{name}/ecryptfs-mount-private.png\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka 7beee0
printf "Icon=%{_datadir}/%{name}/ecryptfs-mount-private.png\n" >>$RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-setup-private.desktop
Michal Hlavinka c7231a
sed -i 's|^_||' $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka c7231a
sed -i 's|^_||' $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-setup-private.desktop
Michal Hlavinka a225d8
desktop-file-validate $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka a225d8
desktop-file-validate $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-setup-private.desktop
Michal Hlavinka 7beee0
chmod +x $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka 7beee0
chmod +x $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-setup-private.desktop
Michal Hlavinka a225d8
touch -r src/desktop/ecryptfs-mount-private.desktop \
Michal Hlavinka a225d8
     $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka a225d8
touch -r src/desktop/ecryptfs-setup-private.desktop \
Michal Hlavinka a225d8
     $RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka a225d8
rm -f $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-record-passphrase
Michal Hlavinka a225d8
f3d79b
#we need ecryptfs kernel module
f3d79b
mkdir -p $RPM_BUILD_ROOT/usr/lib/modules-load.d/
f3d79b
echo -e "# ecryptfs module is needed before ecryptfs mount, so mount helper can \n# check for file name encryption support\necryptfs" >$RPM_BUILD_ROOT/usr/lib/modules-load.d/ecryptfs.conf
f3d79b
Michal Hlavinka c7231a
%find_lang %{name}
Michal Hlavinka c7231a
Michal Hlavinka 14f1a4
%check
Michal Hlavinka 14f1a4
if ldd $RPM_BUILD_ROOT%{_sbindir}/umount.ecryptfs | grep -q '/usr/'
Michal Hlavinka 14f1a4
then
Michal Hlavinka 14f1a4
  exit 1
Michal Hlavinka 14f1a4
fi
c18027
export LD_LIBRARY_PATH=$(pwd)/src/libecryptfs/.libs
a7b4e2
make check
Michal Hlavinka 14f1a4
Michal Hlavinka a225d8
%pre
Michal Hlavinka a225d8
groupadd -r -f ecryptfs
Michael Halcrow 2fbd99
6e2ee9
%post 
6e2ee9
/sbin/ldconfig
6e2ee9
if [ $1 -eq 1 ] ; then 
6e2ee9
    # Initial installation 
6e2ee9
    authconfig --enableecryptfs --update
6e2ee9
fi
Michael Halcrow fc3966
6e2ee9
%postun 
6e2ee9
/sbin/ldconfig
6e2ee9
if [ $1 -eq 0 ] ; then
6e2ee9
    # Package removal, not upgrade
6e2ee9
    authconfig --disableecryptfs --update
6e2ee9
fi
Michael Halcrow fc3966
Michael Halcrow fc3966
%clean
Michael Halcrow fc3966
rm -rf $RPM_BUILD_ROOT
Michael Halcrow fc3966
Michal Hlavinka c7231a
%files -f %{name}.lang
Michael Halcrow fc3966
%defattr(-,root,root,-)
Michael Halcrow fc3966
%doc README COPYING AUTHORS NEWS THANKS
538c2f
%doc doc/ecryptfs-faq.html
Eric Sandeen f74772
%doc doc/ecryptfs-pkcs11-helper-doc.txt
Michal Hlavinka 7ddd80
%{_sbindir}/mount.ecryptfs
Michal Hlavinka 7ddd80
%{_sbindir}/umount.ecryptfs
Michal Hlavinka 7ddd80
%attr(4750,root,ecryptfs) %{_sbindir}/mount.ecryptfs_private
Michal Hlavinka 7ddd80
%{_sbindir}/umount.ecryptfs_private
Michael Halcrow cf6427
%{_bindir}/ecryptfs-add-passphrase
Eric Sandeen 3e7fc5
%{_bindir}/ecryptfs-generate-tpm-key
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-insert-wrapped-passphrase-into-keyring
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-manager
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-migrate-home
Eric Sandeen bf23fd
%{_bindir}/ecryptfs-mount-private
71d537
%{_bindir}/ecryptfs-recover-private
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-rewrap-passphrase
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-rewrite-file
Eric Sandeen bf23fd
%{_bindir}/ecryptfs-setup-private
Michal Hlavinka 609177
%{_bindir}/ecryptfs-setup-swap
Eric Sandeen bf23fd
%{_bindir}/ecryptfs-stat
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-umount-private
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-unwrap-passphrase
7731a0
%{_bindir}/ecryptfs-verify
Michal Hlavinka c7231a
%{_bindir}/ecryptfs-wrap-passphrase
Michael Halcrow fc3966
%{_bindir}/ecryptfsd
Michael Halcrow fc3966
%{_libdir}/ecryptfs
Michal Hlavinka 7ddd80
%{_libdir}/libecryptfs.so.*
Michal Hlavinka 7ddd80
%{_libdir}/security/pam_ecryptfs.so
f3d79b
/usr/lib/modules-load.d/ecryptfs.conf
Michal Hlavinka e12eec
%dir %{_datadir}/%{name}
Michal Hlavinka e12eec
%{_datadir}/%{name}/ecryptfs-mount-private.txt
Michal Hlavinka e12eec
%{_datadir}/%{name}/ecryptfs-mount-private.desktop
Michal Hlavinka 7beee0
%{_datadir}/%{name}/ecryptfs-mount-private.png
Michal Hlavinka a225d8
%{_datadir}/%{name}/ecryptfs-setup-private.desktop
88dca2
%{_datadir}/%{name}/ecryptfs-find
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-add-passphrase.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-generate-tpm-key.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-insert-wrapped-passphrase-into-keyring.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-mount-private.1.gz
71d537
%{_mandir}/man1/ecryptfs-recover-private.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-rewrap-passphrase.1.gz
Michal Hlavinka e12eec
%{_mandir}/man1/ecryptfs-rewrite-file.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-setup-private.1.gz
Michal Hlavinka c3bb6c
%{_mandir}/man1/ecryptfs-setup-swap.1.gz
Michal Hlavinka c3bb6c
%{_mandir}/man1/ecryptfs-stat.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-umount-private.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-unwrap-passphrase.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/ecryptfs-wrap-passphrase.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/mount.ecryptfs_private.1.gz
Eric Sandeen bf23fd
%{_mandir}/man1/umount.ecryptfs_private.1.gz
Michael Halcrow fc3966
%{_mandir}/man7/ecryptfs.7.gz
Michael Halcrow cf6427
%{_mandir}/man8/ecryptfs-manager.8.gz
Michael Halcrow cf6427
%{_mandir}/man8/ecryptfsd.8.gz
Michael Halcrow cf6427
%{_mandir}/man8/mount.ecryptfs.8.gz
Eric Sandeen bf23fd
%{_mandir}/man8/pam_ecryptfs.8.gz
Michal Hlavinka c3bb6c
%{_mandir}/man8/umount.ecryptfs.8.gz
Michael Halcrow fc3966
Michael Halcrow fc3966
%files devel
Michael Halcrow fc3966
%defattr(-,root,root,-)
Michal Hlavinka a225d8
%{_libdir}/libecryptfs.so
Michael Halcrow c4a46e
%{_libdir}/pkgconfig/libecryptfs.pc
Michael Halcrow fc3966
%{_includedir}/ecryptfs.h
Michael Halcrow fc3966
Michal Hlavinka 0f50b0
%files python
Michal Hlavinka 0f50b0
%defattr(-,root,root,-)
Michal Hlavinka 585602
%dir %{python_sitelib}/ecryptfs-utils
Michal Hlavinka 0f50b0
%{python_sitelib}/ecryptfs-utils/libecryptfs.py
Michal Hlavinka 0f50b0
%{python_sitelib}/ecryptfs-utils/libecryptfs.pyc
Michal Hlavinka 0f50b0
%{python_sitelib}/ecryptfs-utils/libecryptfs.pyo
Michal Hlavinka 585602
%dir %{python_sitearch}/ecryptfs-utils
Michal Hlavinka 0f50b0
%{python_sitearch}/ecryptfs-utils/_libecryptfs.so.0
Michal Hlavinka 0f50b0
%{python_sitearch}/ecryptfs-utils/_libecryptfs.so.0.0.0
Michal Hlavinka 0f50b0
%{python_sitearch}/ecryptfs-utils/_libecryptfs.so
Michal Hlavinka 0f50b0
Michael Halcrow fc3966
%changelog
7d5fb1
* Fri Aug 03 2012 Michal Hlavinka <mhlavink@redhat.com> - 100-1
7d5fb1
- ecryptfs-utils updated to 100
7d5fb1
538c2f
* Tue Jul 24 2012 Michal Hlavinka <mhlavink@redhat.com> - 99-1
538c2f
- ecryptfs-utils updated to 99
538c2f
- fixes: suid helper does not restrict mounting filesystems with 
538c2f
  nosuid, nodev leading to possible privilege escalation (CVE-2012-3409)
538c2f
7df93d
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 97-2
7df93d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
7df93d
6154d2
* Mon Jun 25 2012 Michal Hlavinka <mhlavink@redhat.com> - 97-1
6154d2
- ecryptfs-utils updated to 97
6154d2
f3d79b
* Mon Jun 04 2012 Michal Hlavinka <mhlavink@redhat.com> - 96-3
f3d79b
- for file name encryption support check, module must be loaded already
f3d79b
16d05b
* Mon Apr 16 2012 Michal Hlavinka <mhlavink@redhat.com> - 96-2
16d05b
- when ecryptfs-mount-fails, check if user is member of ecryptfs group
16d05b
35f512
* Mon Feb 20 2012 Michal Hlavinka <mhlavink@redhat.com> - 96-1
35f512
- ecryptfs-utils updated to 96
35f512
d7098f
* Mon Feb 13 2012 Michal Hlavinka <mhlavink@redhat.com> - 95-3
d7098f
- blowfish and twofish support check did not work with on 3.2.x kernels (#785036)
d7098f
8ad703
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 95-2
8ad703
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
8ad703
1b6268
* Fri Dec 16 2011 Michal Hlavinka <mhlavink@redhat.com> - 95-1
1b6268
- updated to v. 95
1b6268
6e2ee9
* Wed Dec 07 2011 Michal Hlavinka <mhlavink@redhat.com> - 93-2
6e2ee9
- update pam config in post install phase
6e2ee9
7731a0
* Mon Oct 31 2011 Michal Hlavinka <mhlavink@redhat.com> - 93-1
7731a0
- updated to v. 93
7731a0
25e938
* Wed Aug 31 2011 Michal Hlavinka <mhlavink@redhat.com> - 90-2
25e938
- set the group id in mount.ecryptfs_private (CVE-2011-3145)
25e938
88dca2
* Thu Aug 11 2011 Michal Hlavinka <mhlavink@redhat.com> - 90-1
88dca2
- security fixes:
88dca2
- privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832)
88dca2
- race condition when checking source during mount (CVE-2011-1833)
88dca2
- mtab corruption via improper handling (CVE-2011-1834)
88dca2
- key poisoning via insecure temp directory handling (CVE-2011-1835)
88dca2
- information disclosure via recovery mount in /tmp (CVE-2011-1836)
88dca2
- arbitrary file overwrite via lock counter race (CVE-2011-1837)
88dca2
7a13e7
* Tue Aug 09 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-9
7a13e7
- improve logging messages of ecryptfs pam module
7a13e7
- keep own copy of passphrase, pam clears it too early
7a13e7
8b5695
* Wed Aug 03 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-8
8b5695
- keyring from auth stack does not survive, use pam_data and delayed 
8b5695
  keyring initialization
8b5695
be2a3c
* Thu Jul 21 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-7
be2a3c
- fix pam module to set ecryptfs gid before mount helper execution
be2a3c
- do not use zombie process, it causes lock ups in ssh
be2a3c
bbbcbd
* Tue Jul 19 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-6
bbbcbd
- do not use memcpy for overlaping areas
bbbcbd
- fix broken pam module resulting in session with wrong gid
bbbcbd
9b69d7
* Mon Jul 11 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-5
9b69d7
- fix mtab handling everywhere
9b69d7
b49868
* Thu Jun 09 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-4
b49868
- check for ecryptfs pam module before home dir migration
b49868
4a4073
* Tue Jun 07 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-3
4a4073
- update of mtab does not work if it's a symlink (#706911)
4a4073
2c1ecd
* Thu May 26 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-2
2c1ecd
- auto-load ecryptfs module in ecryptfs-setup-private
2c1ecd
1a4de5
* Tue May 24 2011 Michal Hlavinka <mhlavink@redhat.com> - 87-1
7731a0
- updated to v. 87
1a4de5
ade735
* Fri Mar 11 2011 Michal Hlavinka <mhlavink@redhat.com> - 86-3
ade735
- fix man pages
ade735
420259
* Wed Mar 02 2011 Michal Hlavinka <mhlavink@redhat.com> - 86-2
420259
- fix selinux context
420259
8813d2
* Fri Feb 25 2011 Michal Hlavinka <mhlavink@redhat.com> - 86-1
8813d2
- updated to v. 86
8813d2
f7f42a
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 85-2
f7f42a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
f7f42a
09b6cf
* Tue Feb 01 2011 Michal Hlavinka <mhlavink@redhat.com> - 85-1
09b6cf
- ecryptfs-utils updated to 85
09b6cf
Dan Horák 3c8e7c
* Tue Jan 11 2011 Dan Horák <dan[at]danny.cz> - 84-3
Dan Horák 3c8e7c
- fix build on arches where char is unsigned by default
Dan Horák 3c8e7c
577ad2
* Tue Jan 04 2011 Michal Hlavinka <mhlavink@redhat.com> - 84-2
9f5906
- fix unsigned < 0 test (#664474)
9f5906
904ef1
* Mon Dec 20 2010 Michal Hlavinka <mhlavink@redhat.com> - 84-1
904ef1
- ecryptfs-utils updated to 84
904ef1
Jesse Keating f2fe15
* Wed Sep 29 2010 jkeating - 83-9
Jesse Keating f2fe15
- Rebuilt for gcc bug 634757
Jesse Keating f2fe15
e10d43
* Wed Sep 22 2010 Michal Hlavinka <mhlavink@redhat.com> - 83-8
e10d43
- add missing gettext require (#630212)
e10d43
Michal Hlavinka beb646
* Mon Jul 26 2010 Michal Hlavinka <mhlavink@redhat.com> - 83-7
Michal Hlavinka beb646
- fix ftbfs for python mass rebuild
Michal Hlavinka beb646
dmalcolm 73e843
* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 83-6
dmalcolm 73e843
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
dmalcolm 73e843
Michal Hlavinka 14f1a4
* Tue May 04 2010 Michal Hlavinka <mhlavink@redhat.com> - 83-5
Michal Hlavinka 14f1a4
- remove nss dependency from umount.ecryptfs
Michal Hlavinka 14f1a4
Michal Hlavinka d69e53
* Fri Apr 16 2010 Michal Hlavinka <mhlavink@redhat.com> - 83-4
Michal Hlavinka d69e53
- make salt working together with passwd_file
Michal Hlavinka d69e53
Michal Hlavinka 79c27c
* Mon Mar 22 2010 Michal Hlavinka <mhlavink@redhat.com> - 83-3
Michal Hlavinka 79c27c
- enable PKCS#11 support
Michal Hlavinka 79c27c
Michal Hlavinka cab871
* Wed Mar 10 2010 Michal Hlavinka <mhlavink@redhat.com> - 83-2
Michal Hlavinka cab871
- blkid moved from e2fsprogs to util-linux-ng, follow the change (#569996)
Michal Hlavinka cab871
Michal Hlavinka cab871
* Thu Feb 18 2010 Michal Hlavinka <mhlavink@redhat.com> - 83-1
Michal Hlavinka c7231a
- updated to v. 83
Michal Hlavinka c7231a
Michal Hlavinka 7ddd80
* Wed Jan 27 2010 Michal Hlavinka <mhlavink@redhat.com> - 82-2
Michal Hlavinka 7ddd80
- better fix for (#486139)
Michal Hlavinka 7ddd80
Michal Hlavinka 4da807
* Wed Nov 11 2009 Michal Hlavinka <mhlavink@redhat.com> - 82-1
Michal Hlavinka 4da807
- updated to 82
Michal Hlavinka 4da807
Michal Hlavinka 6ae9dc
* Mon Nov 09 2009 Michal Hlavinka <mhlavink@redhat.com> - 81-2
Michal Hlavinka 6ae9dc
- fix getext typos (#532732)
Michal Hlavinka 6ae9dc
Michal Hlavinka db6652
* Tue Sep 29 2009 Michal Hlavinka <mhlavink@redhat.com> - 81-1
Michal Hlavinka db6652
- updated to 81
Michal Hlavinka db6652
Tomáš Mráz 18e0c3
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 79-2
Tomáš Mráz 18e0c3
- rebuilt with new openssl
Tomáš Mráz 18e0c3
Michal Hlavinka c3bb6c
* Tue Aug 18 2009 Michal Hlavinka <mhlavink@redhat.com> - 79-1
Michal Hlavinka c3bb6c
- updated to 79
Michal Hlavinka c3bb6c
Michal Hlavinka b7546c
* Wed Jul 29 2009 Michal Hlavinka <mhlavink@redhat.com> - 78-2
Michal Hlavinka b7546c
- ecryptfs-dot-private is no longer used
Michal Hlavinka b7546c
Michal Hlavinka a938f8
* Wed Jul 29 2009 Michal Hlavinka <mhlavink@redhat.com> - 78-1
Michal Hlavinka a938f8
- updated to 78
Michal Hlavinka a938f8
Jesse Keating 571274
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 76-2
Jesse Keating 571274
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
Jesse Keating 571274
Michal Hlavinka 538613
* Mon Jul 20 2009 Michal Hlavinka <mhlavink@redhat.com> 76-1
Michal Hlavinka 538613
- updated to 76
Michal Hlavinka 538613
Michal Hlavinka 7beee0
* Thu May 21 2009 Michal Hlavinka <mhlavink@redhat.com> 75-1
Michal Hlavinka 7beee0
- removed executable permission from ecryptfs-dot-private (#500817)
Michal Hlavinka 7beee0
- require cryptsetup-luks for encrypted swap (#500824)
Michal Hlavinka 7beee0
- use blkid instead of vol_id (#500820)
Michal Hlavinka 7beee0
- don't rely on cryptdisks service (#500829)
Michal Hlavinka 7beee0
- add icon for Access-Your-Private-Data.desktop file
Michal Hlavinka 7beee0
Michal Hlavinka a225d8
* Mon May 04 2009 Michal Hlavinka <mhlavink@redhat.com> 75-1
Michal Hlavinka a225d8
- updated to 75
Michal Hlavinka a225d8
- restrict mount.ecryptfs_private to ecryptfs group members only
Michal Hlavinka a225d8
Michal Hlavinka a225d8
* Thu Apr 23 2009 Michal Hlavinka <mhlavink@redhat.com> 74-1
Michal Hlavinka a225d8
- updated to 74
Michal Hlavinka a225d8
Michal Hlavinka e12eec
* Sat Mar 21 2009 Michal Hlavinka <mhlavink@redhat.com> 73-1
Michal Hlavinka e12eec
- updated to 73
Michal Hlavinka e12eec
- move libs from /usr/lib to /lib (#486139)
Michal Hlavinka e12eec
- fix symlinks created by ecryptfs-setup-private (#486146)
Michal Hlavinka e12eec
Michal Hlavinka 609177
* Mon Feb 24 2009 Michal Hlavinka <mhlavink@redhat.com> 71-1
Michal Hlavinka 609177
- updated to 71
Michal Hlavinka 609177
- remove .la files
Michal Hlavinka 609177
Michal Hlavinka 3b73d0
* Mon Feb 16 2009 Michal Hlavinka <mhlavink@redhat.com> 70-1
Michal Hlavinka 3b73d0
- updated to 70
Michal Hlavinka 3b73d0
- fix: #479762 - ecryptfsecryptfs-setup-private broken
Michal Hlavinka 3b73d0
- added umount option to clear per-user keyring
Michal Hlavinka 3b73d0
Michal Hlavinka 585602
* Mon Feb 02 2009 Michal Hlavinka <mhlavink@redhat.com> 69-4
Michal Hlavinka 585602
- fix list of onwed directories
Michal Hlavinka 585602
Michal Hlavinka 3d86b1
* Tue Jan 27 2009 Michal Hlavinka <mhlavink@redhat.com> 69-3
Michal Hlavinka 3d86b1
- add missing requires: keyutils
Michal Hlavinka 3d86b1
Michal Hlavinka 2ee3b7
* Tue Jan 27 2009 Michal Hlavinka <mhlavink@redhat.com> 69-2
Michal Hlavinka 2ee3b7
- bump release for rebuild
Michal Hlavinka 2ee3b7
Michal Hlavinka 3099b4
* Tue Jan 27 2009 Michal Hlavinka <mhlavink@redhat.com> 69-1
Michal Hlavinka 686bb7
- updated to 69
Tomáš Mráz bbebf8
Michal Hlavinka aefcf6
* Mon Jan 12 2009 Michal Hlavinka <mhlavink@redhat.com> 68-0
Michal Hlavinka aefcf6
- updated to 68
Michal Hlavinka aefcf6
- fix #478464 - /usr/bin/ecryptfs-setup-private errors out
Michal Hlavinka aefcf6
Michal Hlavinka 56ac97
* Mon Dec 29 2008 Michal Hlavinka <mhlavink@redhat.com> 67-1
Michal Hlavinka 56ac97
- bump release for rebuild
Michal Hlavinka 56ac97
Michal Hlavinka 0f50b0
* Mon Dec 29 2008 Michal Hlavinka <mhlavink@redhat.com> 67-0
Michal Hlavinka 0f50b0
- updated to 67
Michal Hlavinka 0f50b0
Michael Halcrow 94b9e4
* Wed Oct 22 2008 Mike Halcrow <mhalcrow@us.ibm.com> 61-0
Michael Halcrow 94b9e4
- Add support for filename encryption enablement (future kernel feature)
Michael Halcrow 94b9e4
- Replace uint32_t with size_t for x86_64 compatibility (patch by Eric Sandeen)
Michael Halcrow 94b9e4
Eric Sandeen e6f8a9
* Fri Oct 17 2008 Eric Sandeen <sandeen@redhat.com> 59-2
Eric Sandeen e6f8a9
- Remove duplicate doc files from rpm
Eric Sandeen e6f8a9
Michael Halcrow edef76
* Tue Oct 07 2008 Mike Halcrow <mhalcrow@us.ibm.com> 59-1
Michael Halcrow edef76
- Put attr declaration in the right spot
Michael Halcrow edef76
Michael Halcrow 543e83
* Tue Oct 07 2008 Mike Halcrow <mhalcrow@us.ibm.com> 59-0
Michael Halcrow 543e83
- Make /sbin/*ecryptfs* files setuid
Michael Halcrow 543e83
- Add /sbin path to ecryptfs-setup-private
Michael Halcrow 543e83
Michael Halcrow 564f4d
* Mon Oct 06 2008 Mike Halcrow <mhalcrow@us.ibm.com> 58-0
Michael Halcrow 564f4d
- TSPI key module update to avoid flooding TrouSerS library with requests
Michael Halcrow 564f4d
- OpenSSL key module parameter fixes
Michael Halcrow 564f4d
- Updates to mount-on-login utilities
Michael Halcrow 564f4d
Michael Halcrow 46cf03
* Wed Aug 13 2008 Mike Halcrow <mhalcrow@us.ibm.com> 56-0
Michael Halcrow 46cf03
- Namespace fixes for the key module parameter aliases
Michael Halcrow 46cf03
- Updates to the man page and the README
Michael Halcrow 46cf03
Eric Sandeen bf23fd
* Wed Jul 30 2008 Eric Sandeen <sandeen@redhat.com> 53-0
Eric Sandeen bf23fd
- New upstream version
Eric Sandeen bf23fd
- Many new manpages, new ecryptfs-stat util
Eric Sandeen bf23fd
Tom Callaway d2d5d1
* Thu Jul 17 2008 Tom "spot" Callaway <tcallawa@redhat.com> 50-1
Tom Callaway d2d5d1
- fix license tag
Tom Callaway d2d5d1
Michael Halcrow 4e3694
* Fri Jun 27 2008 Mike Halcrow <mhalcrow@us.ibm.com> 50-0
Michael Halcrow 4e3694
- Add umount.ecryptfs_private symlink
Michael Halcrow 4e3694
- Add pam_mount session hooks for mount and unmount
Michael Halcrow 4e3694
Michael Halcrow 4e3694
* Fri Jun 27 2008 Eric Sandeen <sandeen@redhat.com> 49-1
Eric Sandeen 35849e
- build with TrouSerS key module
Eric Sandeen 35849e
Michael Halcrow 4e3694
* Fri Jun 27 2008 Eric Sandeen <sandeen@redhat.com> 49-0
Eric Sandeen f74772
- New upstream version
Eric Sandeen f74772
Eric Sandeen 081353
* Tue Jun 03 2008 Eric Sandeen <sandeen@redhat.com> 46-0
Eric Sandeen 071d03
- New upstream version
Eric Sandeen 071d03
Michael Halcrow d33da1
* Mon Feb 18 2008 Mike Halcrow <mhalcrow@us.ibm.com> 40-0
Michael Halcrow d33da1
- Enable passwd_file option in openssl key module
Michael Halcrow d33da1
Michael Halcrow 40f1de
* Wed Feb 13 2008 Mike Halcrow <mhalcrow@us.ibm.com> 39-0
Michael Halcrow 40f1de
- Fix include upstream
Michael Halcrow 40f1de
Karsten Hopp a3da3d
* Wed Feb 13 2008 Karsten Hopp <karsten@redhat.com> 38-1
Karsten Hopp a3da3d
- fix includes
Karsten Hopp a3da3d
Michael Halcrow 61692c
* Tue Jan 8 2008 Mike Halcrow <mhalcrow@us.ibm.com> 38-0
Michael Halcrow 61692c
 - Fix passthrough mount option prompt
Michael Halcrow 61692c
 - Clarify man page
Michael Halcrow 61692c
 - Add HMAC option (for future kernel versions)
Michael Halcrow 61692c
 - Bump to version 38
Michael Halcrow 61692c
Michael Halcrow cc0778
* Wed Dec 19 2007 Mike Halcrow <mhalcrow@us.ibm.com> 37-0
Michael Halcrow cc0778
- Remove unsupported ciphers; bump to version 37
Michael Halcrow cc0778
Michael Halcrow 02c342
* Tue Dec 18 2007 Mike Halcrow <mhalcrow@us.ibm.com> 36-0
Michael Halcrow 02c342
- Cipher selection detects .gz ko files; bump to version 36
Michael Halcrow 02c342
Michael Halcrow 43e590
* Mon Dec 17 2007 Mike Halcrow <mhalcrow@us.ibm.com> 35-0
Michael Halcrow 43e590
- Cleanups to cipher selection; bump to version 35
Michael Halcrow 43e590
Michael Halcrow 8bc134
* Mon Dec 17 2007 Mike Halcrow <mhalcrow@us.ibm.com> 34-0
Michael Halcrow 8bc134
- Fix OpenSSL key module; bump to version 34
Michael Halcrow 8bc134
Michael Halcrow 916d76
* Fri Dec 14 2007 Mike Halcrow <mhalcrow@us.ibm.com> 33-1
Michael Halcrow 916d76
- Add files to package
Michael Halcrow 916d76
Michael Halcrow d95d2d
* Fri Dec 14 2007 Mike Halcrow <mhalcrow@us.ibm.com> 33-0
Michael Halcrow 2fbd99
- update to version 33
Michael Halcrow 2fbd99
Michael Halcrow 2fbd99
* Thu Dec 13 2007 Karsten Hopp <karsten@redhat.com> 32-1
Michael Halcrow 2fbd99
- update to version 32
Michael Halcrow d95d2d
Michael Halcrow 2fbd99
* Thu Nov 29 2007 Karsten Hopp <karsten@redhat.com> 30-2
Michael Halcrow 2fbd99
- fix ia64 libdir
Michael Halcrow 2fbd99
- build initial RHEL-5 version
Karsten Hopp eff64e
Karsten Hopp 039625
* Thu Nov 29 2007 Karsten Hopp <karsten@redhat.com> 30-1
Karsten Hopp 039625
- build version 30
Karsten Hopp 039625
Michael Halcrow cf6427
* Fri Oct 05 2007 Mike Halcrow <mhalcrow@us.ibm.com> - 30-0
Michael Halcrow cf6427
- Bump to version 30. Several bugfixes. Key modules are overhauled
Michael Halcrow cf6427
  with a more sane API.
Jesse Keating 0bb6f9
* Wed Aug 29 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 18-1
Jesse Keating 0bb6f9
- Rebuild for selinux ppc32 issue.
Jesse Keating 0bb6f9
Michael Halcrow fc3966
* Thu Jun 28 2007 Mike Halcrow <mhalcrow@us.ibm.com> - 18-0
Michael Halcrow fc3966
- Bump to version 18 with an OpenSSL key module fix
Michael Halcrow fc3966
* Thu Jun 21 2007 Kevin Fenzi <kevin@tummy.com> - 17-1
Michael Halcrow fc3966
- Change kernel Requires to Conflicts
Michael Halcrow fc3966
- Remove un-needed devel buildrequires
Michael Halcrow fc3966
* Wed Jun 20 2007 Mike Halcrow <mhalcrow@us.ibm.com>  - 17-0
Michael Halcrow fc3966
- Provide built-in fallback passphrase key module. Remove keyutils,
Michael Halcrow fc3966
  openssl, and pam requirements (library dependencies take care of
Michael Halcrow fc3966
  this). Include wrapped passphrase executables in file set.
Michael Halcrow fc3966
* Fri Apr 20 2007 Mike Halcrow <mhalcrow@us.ibm.com>  - 15-1
Michael Halcrow fc3966
- Change permission of pam_ecryptfs.so from 644 to 755.
Michael Halcrow fc3966
* Thu Apr 19 2007 Mike Halcrow <mhalcrow@us.ibm.com>  - 15-0
Michael Halcrow fc3966
- Fix mount option parse segfault. Fix pam_ecryptfs.so semaphore
Michael Halcrow fc3966
  issue when logging in via ssh.
Michael Halcrow fc3966
* Thu Mar 01 2007 Mike Halcrow <mhalcrow@us.ibm.com>  - 10-0
Michael Halcrow fc3966
- Remove verbose syslog() calls; change key module build to allow
Michael Halcrow fc3966
  OpenSSL module to be disabled from build; add AUTHORS, NEWS, and
Michael Halcrow fc3966
  THANKS to docs; update Requires with variables instead of hardcoded
Michael Halcrow fc3966
  name and version.
Michael Halcrow fc3966
* Tue Feb 06 2007 Mike Halcrow <mhalcrow@us.ibm.com>  - 9-1
Michael Halcrow fc3966
- Minor update in README, add dist tag to Release, add --disable-rpath
Michael Halcrow fc3966
  to configure step, and remove keyutils-libs from Requires.
Michael Halcrow fc3966
* Tue Jan 09 2007 Mike Halcrow <mhalcrow@us.ibm.com>  - 9-0
Michael Halcrow fc3966
- Correct install directories for 64-bit; add support for xattr and
Michael Halcrow fc3966
  encrypted_view mount options
Michael Halcrow fc3966
* Tue Jan 02 2007 Mike Halcrow <mhalcrow@us.ibm.com>  - 8-0
Michael Halcrow fc3966
- Introduce build support for openCryptoki key module.  Fix -dev build
Michael Halcrow fc3966
  dependencies for devel package
Michael Halcrow fc3966
* Mon Dec 11 2006 Mike Halcrow <mhalcrow@us.ibm.com>  - 7-0
Michael Halcrow fc3966
- Initial package creation