Rebased against release 6.1 (fd0b4a89)

rwpenney · Oct 9, 2022 · 22827f3 · 22827f3
1 parent fca4faa
commit 22827f3
Show file tree

Hide file tree

Showing 17 changed files with 114 additions and 44 deletions.
diff --git a/.gitignore b/.gitignore
@@ -33,6 +33,8 @@ man/cmtab.5
 man/cryptmount.8
 man/cryptmount-setup.8
 man/Makefile
+man/*/cryptmount.8
+man/*/cmtab.5
 man/*/Makefile
 
 po/Makefile
@@ -41,7 +43,10 @@ po/POTFILES
 po/stamp-po
 po/*.gmo
 
+sysinit/cryptmount.service
+sysinit/initscript
 sysinit/Makefile.in
+sysinit/setupscript
 
 testing/keys/3.1.2_luks_md5_blowfish_0
 testing/keys/4.1_luks_ripemd160_twofish_0

diff --git a/ChangeLog b/ChangeLog
@@ -1,5 +1,7 @@
 ChangeLog for cryptmount (http://cryptmount.sourceforge.net)
 
+08Oct22	- *** cryptmount-6.1 released
+
 01Oct22	- Improved udev settling schedule and filesystem syncs
 	Added partial support for compiling against libgcrypt-1.7
 

diff --git a/INSTALL.md b/INSTALL.md
@@ -1,5 +1,5 @@
-Installing "cryptmount"
-=======================
+Installing cryptmount
+=====================
 
 There are three main routes by which cryptmount can be installed
 on a Linux-based system:
@@ -12,7 +12,7 @@ All of these options will, at some stage, require root-level permissions,
 such as "sudo".
 
 
-Vendor-provided packages
+Distro-provided packages
 ------------------------
 
 A variety of flavours of Linux provide official pre-built cryptmount packages,

diff --git a/Makefile.am b/Makefile.am
@@ -35,7 +35,7 @@ SUBDIRS = man po sysinit testing
 
 
 install-exec-hook:	install-etcdir
-	chown root.root $(DESTDIR)$(bindir)/cryptmount$(EXEEXT)
+	chown root:root $(DESTDIR)$(bindir)/cryptmount$(EXEEXT)
 	chmod u+srwx,go-w,go+r $(DESTDIR)$(bindir)/cryptmount$(EXEEXT)
 	@if test -z "$(DESTDIR)" -o "$(DESTDIR)" = "/"; then \
 		modprobe -a loop dm-crypt || true; \

diff --git a/README.md b/README.md
@@ -49,7 +49,7 @@ For example, an entry of the form:
         keyformat=luks
     }
 ```
-Describes a LUKS-encrypted filesystem to be contained in an ordinary file,
+describes a LUKS-encrypted filesystem to be contained in an ordinary file,
 and which will be mounted beneath `/mnt/crypt`.
 
 Such a filesystem could be initialized as follows:

diff --git a/RELNOTES b/RELNOTES
@@ -1,4 +1,4 @@
-		    Release notes for cryptmount-6.0
+		    Release notes for cryptmount-6.1
 
 			RW Penney, October 2022
 
@@ -29,14 +29,28 @@ especially within system start-up scripts.
 Summary of new features in cryptmount-6.1
 =========================================
 
-This (beta) release is still under development
+This (stable) release offers the following improvements:
+
+  * Improved deconfliction when operating simultaneously with other device-mapper tools
+
+  * Revised installation instructions, now in markdown format
 
 It has been tested on the following systems:
 
-  * Debian GNU/Linux 11.4 ("bullseye") (amd64)
+  * Alma Linux 9.0 (x86_64, lacking libcryptsetup headers)
+
+  * Arch Linux (early-Oct-2022) (x86_64)
+
+  * Debian GNU/Linux 12.x ("bookworm"/"testing", early-Oct-2022) (amd64)
+
+  * Debian GNU/Linux 11.5 ("bullseye") (amd64)
+
+  * Debian GNU/Linux 10.13 ("buster") (x86)
 
   * Fedora 36 (x86_64)
 
+  * Ubuntu 22.04 ("jammy") (x86_64)
+
 
 Summary of new features in cryptmount-6.0
 =========================================
@@ -51,11 +65,11 @@ It has been tested on the following systems:
 
   * Arch Linux (mid-Aug-2022) (x86_64)
 
-  * Debian GNU/Linux 12.x ("bookworm"/"testing", early-Sep-2020) (amd64)
+  * Debian GNU/Linux 12.x ("bookworm"/"testing", early-Sep-2022) (amd64)
 
   * Debian GNU/Linux 11.4 ("bullseye") (amd64)
 
-  * Debian GNU/Linux 10.12 ("buster") (amd64)
+  * Debian GNU/Linux 10.12 ("buster") (x86)
 
   * Fedora 36 (x86_64)
 

diff --git a/armour-builtin.c b/armour-builtin.c
@@ -42,7 +42,7 @@
 
 
 typedef struct {
-    unsigned fversion;
+    unsigned fversion;    /*!< File-format version, default==1 since version 4.0 */
 } blti_overrides_t;
 
 

diff --git a/cmtab.example b/cmtab.example
@@ -31,7 +31,7 @@ crypt_sdb63 {
     cipher=serpent      # filesystem encryption
 
     # information about file used to store decryption key:
-    keyfile=/usr/local/etc/cryptmount/crypt_sdb63.key
+    keyfile=/etc/cryptmount/crypt_sdb63.key
     keyformat=openssl-compat keyhash=md5 keycipher=bf-cbc
 }
 

diff --git a/configure.ac b/configure.ac
@@ -3,7 +3,7 @@ dnl (C)Copyright 2005-2022, RW Penney
 
 dnl run 'aclocal; autoconf; automake -a -c -i; ./configure; make'
 
-AC_INIT(cryptmount, 6.1-beta, cryptmount@rwpenney.uk)
+AC_INIT(cryptmount, 6.1.0, cryptmount@rwpenney.uk)
 AC_PREREQ(2.59)
 
 test "$sysconfdir" = '${prefix}/etc' && sysconfdir=/etc

diff --git a/cryptmount.spec b/cryptmount.spec
@@ -4,7 +4,7 @@
 #
 Summary:	Let ordinary users mount an encrypted file system
 Name:		cryptmount
-Version: 	6.1-beta
+Version: 	6.1.0
 Release:	1%{?dist}
 License:	GPL
 URL:		http://cryptmount.sourceforge.net
@@ -100,6 +100,8 @@ fi
 
 
 %changelog
+* Sat Oct 08 2022 RW Penney <cryptmount@rwpenney.uk> - 6.1
+    -- Refreshed installation documentation and inter-process locking
 * Sat Sep 03 2022 RW Penney <cryptmount@rwpenney.uk> - 6.0
     -- Refreshed default ciphers and keymanager
 * Wed Feb 07 2018 RW Penney <cryptmount@rwpenney.uk> - 5.3

diff --git a/debian/changelog b/debian/changelog
@@ -1,3 +1,12 @@
+cryptmount (6.1.0-1) unstable; urgency=low
+
+  * New upstream release
+    - updated German translations (Closes: bug#1019550)
+    - resolved missing French translations
+    - improved inter-process deconfliction
+
+ -- RW Penney <rwpenney@users.sourceforge.net>  Sat, 08 Oct 2022 16:45:00 +0000
+
 cryptmount (6.0-1) unstable; urgency=low
 
   * New upstream release

diff --git a/debian/docs b/debian/docs
@@ -1,4 +1,3 @@
-INSTALL.md
 README.md
 README.sshfs
 RELNOTES
diff --git a/debian/mkDebPkg b/debian/mkDebPkg
@@ -10,6 +10,14 @@ UPSDIR=..
 # $VERSION refers to the true version number associated with a *.tar.gz file
 # $PSEUDO_VERSION is the stable release number for which a .deb should be generated
 
+printHelp() {
+    cat <<EOF
+Syntax: $0 [-d|--upstream-dir DIR] [--pseudo-version N] [-u|--upstream-version]
+Upstream-version: ${VERSION}
+Upstream-directory: `realpath ${UPSDIR}`
+EOF
+}
+
 while [ $# -gt 0 ]; do
     case "$1" in
         -d|--upstream-dir)
@@ -21,8 +29,11 @@ while [ $# -gt 0 ]; do
         -u|--upstream-version)
             VERSION="$2"
             shift ;;
+        -h|--help)
+            printHelp; exit 0 ;;
         -*)
-            echo "Unrecognized option \"$1\"" ;;
+            echo "Unrecognized option \"$1\""
+            printHelp; exit 1 ;;
     esac
     shift
 done

diff --git a/debian/rules b/debian/rules
@@ -22,7 +22,7 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all
 %:
 	dh $@
 
-.PHONY:	override_dh_auto_configure override_dh_fixperms
+.PHONY:	override_dh_auto_configure override dh_auto_test override_dh_fixperms
 
 # debmake generated override targets
 override_dh_auto_configure:
@@ -32,5 +32,9 @@ override_dh_auto_configure:
 		--enable-delegation --enable-fsck \
 		--enable-cswap --enable-openssl-compat
 
+override_dh_auto_test:
+	true
+	# disable "make test" stage because of strong dependence on system devices
+
 override_dh_fixperms:
 	dh_fixperms --exclude usr/bin/cryptmount
diff --git a/man/cmtab.5.in b/man/cmtab.5.in
@@ -73,13 +73,13 @@ can contain references to environmental variables of the form $(HOME).
 The following variables are recognized,
 all based on the characteristics of the user currently running
 .B cryptmount :
-.NF
-  * $(HOME) - the home directory, as obtained from /etc/passwd
-  * $(UID) - the numerical identifier of the user
-  * $(USERNAME) - the printable name of the user
-  * $(GID) - the numerical identifier of the user's current group
-  * $(GROUPNAME) - the printable name of the user's current group
-.FI
+.EX
+    $(HOME)         # the home directory, as obtained from /etc/passwd
+    $(UID)          # the numerical identifier of the user
+    $(USERNAME)     # the printable name of the user
+    $(GID)          # the numerical identifier of the user's current group
+    $(GROUPNAME)    # the printable name of the user's current group
+.EE
 
 
 .\" --------------------------------
@@ -111,16 +111,23 @@ are added to the system, etc.
 .TP
 .B flags=FLAG,FLAG,...
 sets configuration switches, such as
-.NF
+.br
   * "user" (any user can mount),
+.br
   * "nouser" (only root can mount),
+.br
   * "fsck" (automatically check filesystem before mounting),
+.br
   * "nofsck" (don't check filesystem before mounting),
+.br
   * "mkswap" (format swap partition before use),
+.br
   * "nomkswap" (don't format swap partition)
+.br
   * "trim" (enable TRIM/discard support on solid-state disks),
+.br
   * "notrim" (disable SSD TRIM/discard support)
-.FI
+.br
 This parameter is optional and defaults to "user,fsck,nomkswap,notrim".
 .\" ----
 .TP
@@ -348,13 +355,17 @@ Ideally @CM_SYSCONF_DIR@/cmtab should be managed only by the system administrato
 makes basic checks on the security of @CM_SYSCONF_DIR@/cmtab
 each time it runs, and will refuse to operate
 unless the following conditions are met:
-.NF
+.br
   * cmtab must be owned by root
+.br
   * cmtab must be a regular file
+.br
   * cmtab must not be globally writable
+.br
   * the directory containing cmtab must be owned by root
+.br
   * the directory containing cmtab must not be globally writable
-.FI
+.br
 In addition, for each target within @CM_SYSCONF_DIR@/cmtab,
 all paths must be absolute (i.e. starting with '/').