While sys-auth/pam_mount-2.1 is able to mount a LUKS partition via key slot 0, it silently fails when a passphrase for any other slot is supplied. Reproducible: Always Steps to Reproduce: 1. Create a LUKS partition dd if=/dev/zero of=test-dev bs=1M count=10 losetup /dev/loop4 test-dev cryptsetup luksFormat /dev/loop4 cryptsetup luksOpen /dev/loop4 crypt4 mkfs -t ext2 /dev/mapper/crypt4 cryptsetup luksClose crypt4 2. Assign a passphrase to key slot 1 cryptsetup luksAddKey --key-slot 1 /dev/loop4 3. Try to mount the LUKS partition using that passphrase mount.crypt /dev/loop4 /mnt Actual Results: The LUKS partition is not mounted. mount.crypt does not display an error message, but returns exit status 1. Expected Results: The LUKS partition is mounted. This bug has been reported upstream (http://sourceforge.net/tracker/?func=detail&aid=2997885&group_id=41452&atid=430593) and the current changelog of pam_mount shows that it has been fixed in version 2.2: v2.2 (May 16 2010) ================== Fixes: - mount.crypt: fix memory scribble crash when crypto device could not be initialized - mount.crypt: do not fail when unlocking key slot other than #0
Seems that this can be easily solved with a bump, though I'd ask you to wait for that, as we're currently in the process of stabilizing 2.1 and I think this is not an important enough issue to delay that. You can easily create a local bump yourself by renaming the ebuild to pam_mount-2.4.ebuild.
(In reply to comment #1) > Seems that this can be easily solved with a bump, though I'd ask you to wait > for that, as we're currently in the process of stabilizing 2.1 and I think this > is not an important enough issue to delay that. You can easily create a local > bump yourself by renaming the ebuild to pam_mount-2.4.ebuild. Why isn't pam_mount-2.{2,3,4} in the tree already?
I can confirm that renaming 2.1->2.4 compiles and works on amd64 and solves the mentioned issue (which cost me 3 evenings to find out the reason, btw). So please bump up the "official" version as soon as 2.1 has been stabilized on all platforms.
done