From 6f6ce15938107f33b8c5cc1b6e1cdff8d7d78fdc Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Thu, 4 Feb 2021 13:34:07 +0100
Subject: fscryptctl-experimental: 2017-10-23 -> 0.1.0

Version 0.1.0 is based on the last commit that included support for V1
encryption policies. Version 1.0 is about to be released and will
include a PR which removes V1 policy support and adds V2 policy support.
Source: https://github.com/google/fscryptctl/issues/12#issuecomment-772888154

When version 1.0 is released we'll likely package it as fscryptctl and
mark fscryptctl-experimental as broken (referring to fscryptctl).
---
 pkgs/os-specific/linux/fscryptctl/default.nix | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/pkgs/os-specific/linux/fscryptctl/default.nix b/pkgs/os-specific/linux/fscryptctl/default.nix
index 204ce6bf992..ae89cd43f25 100644
--- a/pkgs/os-specific/linux/fscryptctl/default.nix
+++ b/pkgs/os-specific/linux/fscryptctl/default.nix
@@ -3,24 +3,35 @@
 # Don't use this for anything important yet!
 
 stdenv.mkDerivation rec {
-  pname = "fscryptctl-unstable";
-  version = "2017-10-23";
+  pname = "fscryptctl";
+  version = "0.1.0";
 
   goPackagePath = "github.com/google/fscrypt";
 
   src = fetchFromGitHub {
     owner = "google";
     repo = "fscryptctl";
-    rev = "142326810eb19d6794793db6d24d0775a15aa8e5";
+    rev = "v${version}";
     sha256 = "1853hlpklisbqnkb7a921dsf0vp2nr2im26zpmrs592cnpsvk3hb";
   };
 
   makeFlags = [ "DESTDIR=$(out)/bin" ];
 
   meta = with lib; {
-    description = ''
-      A low-level tool that handles raw keys and manages policies for Linux
-      filesystem encryption
+    description = "Small C tool for Linux filesystem encryption";
+    longDescription = ''
+      fscryptctl is a low-level tool written in C that handles raw keys and
+      manages policies for Linux filesystem encryption, specifically the
+      "fscrypt" kernel interface which is supported by the ext4, f2fs, and
+      UBIFS filesystems.
+      fscryptctl is mainly intended for embedded systems which can't use the
+      full-featured fscrypt tool, or for testing or experimenting with the
+      kernel interface to Linux filesystem encryption. fscryptctl does not
+      handle key generation, key stretching, key wrapping, or PAM integration.
+      Most users should use the fscrypt tool instead, which supports these
+      features and generally is much easier to use.
+      As fscryptctl is intended for advanced users, you should read the kernel
+      documentation for filesystem encryption before using fscryptctl.
     '';
     inherit (src.meta) homepage;
     license = licenses.asl20;
-- 
cgit 1.4.1