the crypto-loop init script uses a syntax for losetup which the later doesn't support (namely the -k flag) Reproducible: Always Steps to Reproduce: 1. /sbin/losetup -e serpent -k 256 /dev/loop0 test 2. 3. Actual Results: /sbin/losetup: invalid option -- k usage: /sbin/losetup loop_device # give info /sbin/losetup -d loop_device # delete /sbin/losetup [ -e encryption ] [ -o offset ] loop_device file # setup Expected Results: normal behaviour Portage 2.0.50 (default-x86-1.4, gcc-3.3.2, glibc-2.3.3_pre20040117-r0, 2.4.24-xfs-r1) ================================================================= System uname: 2.4.24-xfs-r1 i686 Celeron (Coppermine) Gentoo Base System version 1.4.3.12 Autoconf: sys-devel/autoconf-2.59 Automake: sys-devel/automake-1.8.2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=pentium3 -O3 -pipe -mcpu=pentium3 -mmmx -msse -fforce-addr -fomit-frame-pointer -funroll-loops -frerun-cse-after-loop -frerun-loop-opt -falign-functions=4 -fstack-protector" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d" CXXFLAGS="-march=pentium3 -O3 -pipe -mcpu=pentium3 -mmmx -msse -fforce-addr -fomit-frame-pointer -funroll-loops -frerun-cse-after-loop -frerun-loop-opt -falign-functions=4 -fstack-protector" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox strict userpriv" GENTOO_MIRRORS="http://sunsite.cnlab-switch.ch/ftp/mirror/gentoo ftp://sunsite.cnlab-switch.ch/mirror/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X acl alsa apm avi berkdb clamav crypt dga doc dvd encode esd foomaticdb gdbm gif gphoto2 gpm gtk gtk2 gtkhtml imap imlib ipv6 java jikes jpeg kerberos libg++ libwww lufsusermount mad mbox mldonkeypango motif mozcalendar mozilla mozxmlterm mpeg ncurses nls oggvorbis opengl oss pam pcmcia pdflib perl png python readline scanner sdl slang spell sse ssl tcltk tcpd tetex tiff truetype x86 xface xfs xml2 xmms xv zlib"
Same issue here.
This might be useful: http://clemens.endorphin.org/Cryptoloop_Migration_Guide.html It appears util-linux-2.12 is broken, either downgrade or wait for a fixed version...
A quick solution would be to mask sys-apps/util-linux/util-linux-2.12* until this gets fixed, or to subst util-linux-2.12 losetup with the 2.11z one, which should work.
Shameless bump...
Hello? Anybody home?
still valid with: sys-apps/baselayout=1.10.1-r1 sys-apps/util-linux=2.12-r4 It seems the correct syntax changed to /sbin/losetup -e ${cipher}-${keysize} ${loop} ${device} Also, on the enhancement sector, any chance for an option that would allow me to mount a device with a random key? (useful for automated swap mounts) Something like this, for instance, (inspired from the way Mandrake does it): dd if=/dev/urandom bs=1024 2>/dev/null | mcookie -f /dev/stdin | losetup -p 0 -e {cipher}-${keysize} ${loop} ${device} &>/dev/null if [[ $? == 0 ]] ; then mkswap ${loop} fi
This actually works. Adding a modified cryptoloop init script that solves the issue.
Created attachment 34811 [details] Fixed init sctipt for crypto-loop
Also, it would be a nice enhancement to add a stop() section to the init script that scanf for active crypto-loops and runs 'losetup -d /dev/loop<number>' on them.
you mean something like this? for loop in $(echo /dev/loop[0-9]); do losetup ${loop} &>/dev/null if [[ $? == 0 ]]; then umount ${loop} &>/dev/null /sbin/losetup -d ${loop} &>/dev/null fi done
Exactly, only maybe with some more checks: local status="0" for loop in $(echo /dev/loop[0-9]); do losetup ${loop} &>/dev/null if [[ $? == 0 ]]; then umount ${loop} &>/dev/null if ! /sbin/losetup -d ${loop} &>/dev/null then ewarn "Failure deconfiguring ${loop}." status=1 fi fi done ewend ${status}
Created attachment 34862 [details] New init script for crypto-loop
Uh, hello? We got the fix, we got an enhancement, we got a shiny new init script already done, what about closing this one?
This was assigned to the wrong component so I hadn't seen it until now.
Ping...
can someone please attach a patch that will work with at least baselayout-1.11.8 and util-linux-2.12i-r1 ?
Will see to that in a few days, if nobody else beats me on time...
btw, the current initscript doesnt support hashed passwords. Previous Version of losetup hashed password with RMD160OLD. losetup included in util-linux >= 2.12 doesn't support hashing of password anymore. Instead hashing should be done via hashalot. See: http://clemens.endorphin.org/Cryptoloop_Migration_Guide To read my encrypted RedHat-9 CD-Images, i use: loop=/dev/loop0 cipher=aes keysize=256 device=/dev/cdrom other='' hash=rmd160compat in /etc/conf.d/crypto-loop and the attached init-script.
Created attachment 47339 [details] New init-script using password hashing
added new script to cvs, thanks
