Copyright 2006-2008
Patrick R. McDonald <marlowe@antagonism.org> (GPG key)This document last modified (none)
I developed the directions on this page using Fedora. However they should work with any RPM based Linux distro. Please note, the section regarding the patches are specific to Fedora and may not apply to your particular distribution. I divided the instructions into two distinct sections, those for Truerypt 5.1a and those for TrueCrypt 6.0a. I highly recommend you follow the instructions for TrueCrypt 6.0a.
Note: The following instructions should be completed by a non-root user, except for a few specific commands as noted in the text. These instructions apply to both installs.
If you have not already done so, configure your home directory so that you can build RPM files without needing root privileges. This involves two steps:
Create an RPM build directory structure in your home directory. I call mine "rpm", you may want to call yours "rpmbuild" or whatever... but choose a name which doesn't already exist. The example assumes you are using "rpm" as the name:
% cd
% mkdir -m 755 rpm
% cd rpm
% mkdir -m 755 BUILD RPMS SOURCES SPECS SRPMS
Create a .rpmmacros file in your home directory
which contains a pointer to the directory structure you just created. I use a
second line which marks any RPM packages I build with my own name and email
address- while not strictly required, it is a good idea. My file looks like
this:
%_topdir /home/marlowe/rpm
%packager Patrick R McDonald <marlowe@antagonism.org>
Obviously you need to substitute the full path to the "rpm" directory within your home directory, as well as your own name and email address.
Build the RPM file
Download TrueCrypt 5.1a source tarball and WX patch to your ~/rpm/SOURCES directory. If you use Fedora Core 9 or later, you will also need to download gcc-4.3 patch. Due to changes in gcc 4.3, TrueCrypt will not successfully compile without it. You will need to download the truecrypt spec file to your ~/rpm/SPECS directory. The below example covers the commands for a Fedora Core 9 system.
% cd ~/rpm/SOURCES If you are not running Fedora Core 9 or later, you need to comment out the following lines in the spec file.
Patch2: %{name}-%{version}-gcc-4.3.patch Build the RPM from the spec file. The below example covers the command to build the RPM.
% cd ~/rpm/SPECS (The below section is taken almost verbatim from the following page by John Simpson. This should go through the process of configuring and compiling the truecrypt software according to the truecrypt.spec file. It will then "install" the software to a temporary working directory, and then scan that directory to build a list of the files which were installed. It then compares that list to a checklist in the spec file to make sure you aren't missing anything, and you aren't forgetting to include any files which are installed from the source, and then builds the binary RPM files. If it complains about missing dependencies, read the error message carefully. In many cases the message will tell you the name of the package or library it needs, and a simple "yum install" command as root will be all you need in order to install what it needs (and then try the "rpmbuild" command again.) |
Download TrueCrypt 6.0a source tarball and WX patch to your ~/rpm/SOURCES directory. You will need to download the truecrypt spec file to your ~/rpm/SPECS directory. The below example covers the commands for a Fedora Core 9 system.
% cd ~/rpm/SOURCES Build the RPM from the spec file. The below example covers the command to build the RPM.
% cd ~/rpm/SPECS (The below section is taken almost verbatim from the following page by John Simpson. This should go through the process of configuring and compiling the truecrypt software according to the truecrypt.spec file. It will then "install" the software to a temporary working directory, and then scan that directory to build a list of the files which were installed. It then compares that list to a checklist in the spec file to make sure you aren't missing anything, and you aren't forgetting to include any files which are installed from the source, and then builds the binary RPM files. If it complains about missing dependencies, read the error message carefully. In many cases the message will tell you the name of the package or library it needs, and a simple "yum install" command as root will be all you need in order to install what it needs (and then try the "rpmbuild" command again.) |
Install the truecrypt software.
% su -
Password:
# cd ~userid/rpm/RPMS/i386
# rpm -ivh truecrypt-*
# exit
TrueCrypt requires root privileges to mount a TrueCrypt volume. To allow this, you can configure your system in one of two ways. The first way is to add the user to the wheel group. The issue with this is you may merely want the user to mount and unmount TrueCrypt volumes, rather than executing any and all commands with root privileges. Thus the second way, adding a user to a specific group which is only able to execute the truecrypt command with root privileges. The example below details the commands necessary to configure the second method.
First you need to create a truecrypt group.
# groupadd truecrypt
Next you need to add the user to the truecrypt group as a secondary group. The below example demonstrates this with the user marlowe. Make sure to change the command accordingly.
# usermod -G truecrypt marlowe
The last item is make the appropriate changes to the /etc/sudoers file. The first change is to add the line specifying the truecrypt may run only the command, /usr/bin/truecrypt. The second change is to comment the line, "Default requiretty". Below demonstrates the first line to be added.
## Allows members of the truecrypt group to mount and unmount
## devices in truecrypt
%truecrypt ALL=(root) /usr/bin/truecrypt
When a user goes to mount a TrueCrypt volume, truecrypt will show a dialog box stating "Administrator privileges required" and requesting the user to enter a password. The password requested is the user's password. Once user enters the password, truecrypt will mount the volume.
|
||||||||||||||
|
||||||||||||||
|
||||||||||||||
|
||||||||||||||
|
||||||||||||||
|
||||||||||||||
|
2008-07-14 Updated the page to include instructions for TrueCrypt 6.0a. A special thanks to Alec T. Habig who verified for me the instructions for TrueCrypt 6.0a.
2008-07-16 Corrected the version in truecrypt-6.spec. Thanks again, Alec.
Copyright 2006-2008
Patrick R. McDonald <marlowe@antagonism.org> (GPG key)