329895 – sys-auth/pam_mount-2.1 fails to mount a LUKS partition via a key slot > 0

Bug 329895 - sys-auth/pam_mount-2.1 fails to mount a LUKS partition via a key slot > 0

Summary: sys-auth/pam_mount-2.1 fails to mount a LUKS partition via a key slot > 0

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	x86 Linux

Importance:	High normal (vote)
Assignee:	Hanno Böck

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2010-07-26 10:57 UTC by Dirk Sondermann
Modified:	2010-07-31 14:51 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dirk Sondermann 2010-07-26 10:57:52 UTC

While sys-auth/pam_mount-2.1 is able to mount a LUKS partition via key slot 0, it silently fails when a passphrase for any other slot is supplied.

Reproducible: Always

Steps to Reproduce:
1. Create a LUKS partition
   dd if=/dev/zero of=test-dev bs=1M count=10
   losetup /dev/loop4 test-dev
   cryptsetup luksFormat /dev/loop4
   cryptsetup luksOpen /dev/loop4 crypt4
   mkfs -t ext2 /dev/mapper/crypt4
   cryptsetup luksClose crypt4
2. Assign a passphrase to key slot 1
   cryptsetup luksAddKey --key-slot 1 /dev/loop4
3. Try to mount the LUKS partition using that passphrase
   mount.crypt /dev/loop4 /mnt

Actual Results:  
The LUKS partition is not mounted.
mount.crypt does not display an error message, but returns exit status 1.

Expected Results:  
The LUKS partition is mounted.

This bug has been reported upstream (http://sourceforge.net/tracker/?func=detail&aid=2997885&group_id=41452&atid=430593) and the current changelog of pam_mount shows that it has been fixed in version 2.2:

v2.2 (May 16 2010)
==================
Fixes:
- mount.crypt: fix memory scribble crash when crypto device could
  not be initialized
- mount.crypt: do not fail when unlocking key slot other than #0

Comment 1 Hanno Böck gentoo-dev

2010-07-26 11:51:27 UTC

Seems that this can be easily solved with a bump, though I'd ask you to wait for that, as we're currently in the process of stabilizing 2.1 and I think this is not an important enough issue to delay that. You can easily create a local bump yourself by renaming the ebuild to pam_mount-2.4.ebuild.

Comment 2 Matt Turner gentoo-dev

2010-07-29 18:12:46 UTC

(In reply to comment #1)
> Seems that this can be easily solved with a bump, though I'd ask you to wait
> for that, as we're currently in the process of stabilizing 2.1 and I think this
> is not an important enough issue to delay that. You can easily create a local
> bump yourself by renaming the ebuild to pam_mount-2.4.ebuild.

Why isn't pam_mount-2.{2,3,4} in the tree already?

Comment 3 quazgar 2010-07-30 23:32:42 UTC

I can confirm that renaming 2.1->2.4 compiles and works on amd64 and solves the mentioned issue (which cost me 3 evenings to find out the reason, btw).

So please bump up the "official" version as soon as 2.1 has been stabilized on all platforms.

Comment 4 Hanno Böck gentoo-dev

2010-07-31 14:51:10 UTC

done