Summary: | sys-fs/cryptsetup-1.0.6-r2 - dmcrypt fails to open multiple passphrase luksvolumes | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | fabian |
Component: | [OLD] Core system | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | RESOLVED DUPLICATE | ||
Severity: | major | CC: | anesth, ikelos, johannes, mschiff, nikoli, scy-bugs-gentoo, shrdlu, vmatare+gbug |
Priority: | High | Keywords: | REGRESSION |
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 259253 |
Description
fabian
2008-11-02 11:55:51 UTC
the error seems to originate in /lib/rcscripts/addons. cryptsetup is invoked before the source parameter is eval-ed. No. The error occurs in /lib/rcscripts/addons/dm-crypt-start.sh, but not because of an empty source parameter. The main "while read targetline" loop has its stdin redirected from /etc/conf.d/dmcrypt (see the "done" line). This will read each config line and look for "swap=" or "target=" lines. If the current line is none of these, the variable it defines will be set. If it _is_ a "swap" or "target" line, the dm_crypt_execute_dmcrypt() function will be called with all of the variables that are set, _before_ the last line that has been read is evaluated. This is a kind of queueing mechanism: Before starting to read a new section, all data that has been read will be evaluated. Finally, after all lines have been read, a last evaluation run will be started. There's nothing wrong with this, except for one thing: If the current dmcrypt volume isn't the last one defined, dm_crypt_execute_dmcrypt() will be called from _within_ the while loop, and stdin will not be the keyboard, but /etc/conf.d/dmcrypt, and it's rather unlikely that the rest of the file will correspond to your passphrase. ;) This also explains the second error message where no source has been set: cryptsetup reads all of stdin, i.e. everything after the "target" line of the last section. Now stdin has been read completely, the while loop terminates, and dm_crypt_execute_dmcrypt() is called without any of the variables that would follow the "target" line are set. So. That's the _problem_. Let's talk about solving it. I'll try hacking around on the script in a moment. Downgrading to sys-fs/cryptsetup-1.0.6-r1 works, because there cryptsetup will be fed /dev/console explicitly. However, as mentioned in the ChangeLog, this will probably cause trouble when e.g. running under X, so a more elaborate solution is needed. Since I currently don't have X installed on the machine I use cryptsetup on, I'm afraid I can't work on one, though. ok. I see. I'll downgrade for now, as I don't need it working with X either. Thanks a lot. well if we talk about X, that redirecting-stdin thingy becomes quite messy. I say there cannot be any stdin redirections when cryptsetup is called. Everything else is bogus&bloat. That means we'll have to fix the config parser. Maybe just use a different FD than stdin. I'll try that once I find the time (next week or so). please also see #257556 If I add a commect line between the target and the source line all is fine.... so I do not know if this bug really is dup of #257556 *** This bug has been marked as a duplicate of bug 243216 *** |