| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Enforce that all the cli-test scripts pass 'shellcheck'.
|
|
Add a framework for writing automated tests of the fscrypt command-line
tool. See cli-tests/README.md for details.
|
|
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
Passing -trimpath makes the build entirely reproducible.
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
There's no need to include the build time, author, and copyright info
in the output of "fscrypt --version". This information is:
- Overly complex (the current string is hard to parse)
- Inaccurate (there are other authors than just me)
- Unnecessary (the Apache 2 license is for Source Code)
- Makes reproducible builds impossible
The default version string is just fine.
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
Improve the documentation for the installation-related Makefile
variables, and update the commands to remove the forward slash after
$(DESTDIR) in order to remove a duplicate forward slash and match the
recommended usage.
|
|
DESTDIR has a well established purpose
https://www.gnu.org/prep/standards/html_node/DESTDIR.html
It is a suffix for all the files to be installed. And it is used by
package managers who installs the files into some $tmpdir before
creating a package.
Change the build commands to follow this convention.
Add BINDIR that does the same what previous did $DESTDIR.
|
|
* Release version v0.2.6
Fixes #195
Also, update the encrypted API key.
My person access token had expired, this one should work now.
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
See: https://github.com/golang/go/wiki/Modules#how-can-i-track-tool-dependencies-for-a-module
The tool code is never actually built, but the versions are still lock
in `go.mod` and `go.sum`. We can also simplify the Makefile.
|
|
As the Go community transitions to using the modules ecosystem,
we want to only support one way of managing dependencies.
So this change moves to only using Go modules for dependency management.
This means that our effective minimum Go version increases to Go 1.11.
To account for this, we also update:
- the documentation
- Makefile
- CI scripts
|
|
Also add go version attrubute to go.mod
|
|
Due to a goimports update, 'make format' is now changing metadata.pb.go.
But this fix can't be committed because this file is generated by
'make gen'.
Fix this by not formatting generated files.
|
|
Fixes CI issues
|
|
Per the FHS, manually installed programs should go under /usr/local.
This change also makes it easier to change the global installation
prefix. For example, package managers should set PREFIX=/usr
|
|
This fixes travis issues as well as moving us off of deprecated tooling
|
|
'make gen' no longer works because it uses the git version of
protoc-gen-go, which is no longer compatible with the latest released
version of github.com/golang/protobuf/proto, which we're using. Freeze
the protoc-gen-go version so that it keeps working.
|
|
* Remove spelling mistakes in the repository
* Add travis script to check for typos.
* Add command to Makefile to check for typos.
* Fixes #71
|
|
|
|
|
|
|
|
|
|
According to:
https://www.gnu.org/software/coreutils/manual/html_node/arch-invocation.html
the arch command isn't portable, so we switch to uname.
|
|
Protoc: https://github.com/google/protobuf/blob/a711e3d5b4ee1dd7f9d21197dca8432a5819a64e/protoc-artifacts/build-protoc.sh#L82-L83
Go: https://github.com/golang/sys/blob/37707fdb30a5b38865cfb95e5aab41707daec7fd/unix/linux/mkall.go#L43-L79
|
|
Using "arch" instead of "go env GOARCH" is more standard and doesn't
generate a warning on "sudo make install".
|
|
|
|
|
|
This change is a complete rewrite of fscrypt's Makefile.
The new build rules can be roughly divided into secions:
Build - bin/fscrypt and bin/pam_fscrypt
Linting - gen (for .proto files), format, lint
Test - test, test-{setup|teardown}, coverage.out
Install - install, uninstall, install-{bin|pam}
Tools - tools and other bin/* needed for the other rules
As before, "make" builds the binary and pam_module, while "make all"
builds and tests everything (except for integration tests), and "make
clean" removes any generated files.
Also note that this new build system:
- Doesn't require input_fail.py
- Properly falis on linter errors
- Builds everything into the bin/ directory (customizable)
- Builds all the vendored tools
|
|
|
|
Add dep instalation, remove govendor from go tools, and add a check for
dependancies.
|
|
Moves from goimports to [goreturns](https://github.com/sqs/goreturns).
This should not effect any code that already compiles as goreturns only
adds zero return values, then runs goimports.
This is mainly to help improve ergonomics when dealing with multiple
return types.
|
|
|
|
|
|
Changes to the keyrings interface, corresponding UI changes, and misc changes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The commit reorganizes the Makefile, so that "make check" can run on
each PR to detect any errors.
|
|
|
|
This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.
Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).
Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280
|
|
This commit updates the README and Makefile to get them ready for
external release. This includes adding some common pitfalls, including
example usage, and allowing for tarball creation.
Change-Id: I442338c7aff613a14bae449dbf091bfcaf73ed9d
|
|
This commit adds in the fscrypt/pam package. This package will hold all
functionality related to Linux Pluggable Authentication Modules (PAM).
Right now this package uses cgo to mock a PAM conversation, allowing the
function to check if a provided passphrase actually belongs to a user.
Due to the nature of cgo callbacks, global state of the key to check is
necessary for this function. This commit also addresses some issues
about building the cgo components. Now, only the minimal linking flags
are included in the go files. Additional linker flags may now be
necessary to build a static binary of fscrypt. This is addressed in the
Makefile and README.
Finally, this commit fixes a bug where the tests would not run correctly
due to shared global state on the testing filesystem. Fixed, by having
all the tests run sequentially.
Change-Id: Ia43636801da984b505d2f43dd14127b7cfbf2c48
|
|
This commit moves most of the documentation about contributing to
fscrypt into CONTRIBUTING.md and updates the legal disclaimer.
It also updates the README.md to include all of fscrypt's planned
functionality and dependencies. Finally, the makefile is updated to
include more documentation, versioning support, and a different location
for the output file.
Change-Id: Ib7be98d41bc06dd12b02e42addf06e12a940235a
|
|
This commit adds in the ability to get and set policy data from go using
the GetPolicy and SetPolicy functions. This is done via a patch of the
x/sys/unix package that exposes the filesystem encryption structures.
Note that not all the fields of the PolicyData protocol buffer are
needed to get and set policies. The wrapped_policy_keys are not used and
will be written and read by other components of fscrypt.
To run the policy tests, the environment variable BASE_TEST_DIR must be
set to a directory for testing on a filesystem that supports encryption.
Change-Id: I13b1d983356845f3ffc1945cedf53234218f32e5
|
