Your message dated Tue, 11 Jan 2005 13:02:11 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#266137: fixed in cryptsetup 20050111-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at maintonly) by bugs.debian.org; 16 Aug 2004 20:32:33 +0000
>From [EMAIL PROTECTED] Mon Aug 16 13:32:33 2004
Return-path: <[EMAIL PROTECTED]>
Received: from moutng.kundenserver.de [212.227.126.176]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Bwo9h-0000OP-00; Mon, 16 Aug 2004 13:32:33 -0700
Received: from [212.227.126.161] (helo=mrelayng.kundenserver.de)
by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
id 1Bwo9g-0005Qk-00
for [EMAIL PROTECTED]; Mon, 16 Aug 2004 22:32:32 +0200
Received: from [217.238.241.172] (helo=renfield-outbound.olurdix.intra)
by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1)
id 1Bwo9f-0006tG-00
for [EMAIL PROTECTED]; Mon, 16 Aug 2004 22:32:31 +0200
Received: from renfield.olurdix.intra (localhost [127.0.0.1])
by renfield-outbound.olurdix.intra (Postfix) with ESMTP id 38D0D2BB34
for <[EMAIL PROTECTED]>; Mon, 16 Aug 2004 22:32:25 +0200 (CEST)
Received: from orlok.olurdix.intra (orlok.olurdix.intra [192.168.1.100])
by renfield.olurdix.intra (Postfix) with SMTP id D2BA85B1CD
for <[EMAIL PROTECTED]>; Mon, 16 Aug 2004 22:32:23 +0200 (CEST)
Received: by orlok.olurdix.intra (sSMTP sendmail emulation); Mon, 16 Aug 2004
20:32:23 +0000
Date: Mon, 16 Aug 2004 20:32:23 +0000
From: Stephan A Suerken <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: cryptsetup: Wrong "insecure owner" warning in init.d/cryptdisks
X-Debbugs-CC: Stephan A Suerken <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
X-Provags-ID: kundenserver.de [EMAIL PROTECTED]
auth:cd8d003625f33c240752ee13f0972098
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: cryptsetup
Version: 0.1-3
Severity: minor
Hi,
the part in init.d/cryptdisk that tries to get the owner of the keyfile
does not work as expected; e.g.:
--
# root? ls -l /etc/hostkeys/westenra | sed 's/^.\{16\}\(.\{8\}\).*/\1/'
ot root
--
This also runs into a "test" syntax error later. I have replaced the
sed part with a much simpler "cut" version, which works fine for me:
--- cryptdisks 2004-08-06 17:24:30.000000000 +0000
+++ /etc/init.d/cryptdisks 2004-08-16 18:59:00.000000000 +0000
@@ -26,15 +26,15 @@
if [ "x$key" != "x" ] && [ "x$key" != "xnone" ]; then
INTERACTIVE="no"
if test -e "$key" ; then
- MODE=`ls -l $key | sed
's/^....\(......\).*/\1/'`
- OWNER=`ls -l $key | sed
's/^.\{16\}\(.\{8\}\).*/\1/'`
+ MODE=`ls -l $key | cut -b4-9`
+ OWNER=`ls -l $key | cut -b15-18`
if test "$MODE" != "------" && \
test "$key" != "/dev/urandom" && \
test "$key" != "/dev/hwrandom" && \
test "$key" != "/dev/random"; then
echo " - INSECURE MODE FOR
$key" >&2
fi
- if test $OWNER != root; then
+ if test "$OWNER" != "root"; then
echo " - INSECURE OWNER FOR
$key" >&2
fi
else
---
Btw, thanks for cryptsetup. I was finally able to use crypto root on
my laptop ;).
FWIW, it would be nice (don't want to create another wishlist bug for
that) if there would be some examples scripts for usb key support. I
am currently using the attached "usbenckey" script, which mounts an
_encrypted_ stick partition on boot, and then uses the plain keys
stored there.
<#part type="application/octet-stream"
filename="/mnt/host/home/absurd/usbenckey" disposition=attachment>
<#/part>
Thanks,
Stephan
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.22-custom-adkm-pentiumiii
Locale: LANG=C, LC_CTYPE=C
Versions of packages cryptsetup depends on:
ii dmsetup 2:1.00.19-2 The Linux Kernel Device Mapper use
ii libc6 2.3.2.ds1-16 GNU C Library: Shared libraries an
ii libdevmapper1.00 2:1.00.19-2 The Linux Kernel Device Mapper use
ii libpopt0 1.7-4 lib for parsing cmdline parameters
-- no debconf information
---------------------------------------
Received: (at 266137-close) by bugs.debian.org; 11 Jan 2005 18:09:02 +0000
>From [EMAIL PROTECTED] Tue Jan 11 10:09:02 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CoQRy-0001cq-00; Tue, 11 Jan 2005 10:09:02 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1CoQLL-0006hm-00; Tue, 11 Jan 2005 13:02:11 -0500
From: [EMAIL PROTECTED] (Wesley W. Terpstra (Debian))
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.54 $
Subject: Bug#266137: fixed in cryptsetup 20050111-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Tue, 11 Jan 2005 13:02:11 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: cryptsetup
Source-Version: 20050111-1
We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive:
cryptsetup_20050111-1.diff.gz
to pool/main/c/cryptsetup/cryptsetup_20050111-1.diff.gz
cryptsetup_20050111-1.dsc
to pool/main/c/cryptsetup/cryptsetup_20050111-1.dsc
cryptsetup_20050111-1_i386.deb
to pool/main/c/cryptsetup/cryptsetup_20050111-1_i386.deb
cryptsetup_20050111.orig.tar.gz
to pool/main/c/cryptsetup/cryptsetup_20050111.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Wesley W. Terpstra (Debian) <[EMAIL PROTECTED]> (supplier of updated cryptsetup
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 11 Jan 2005 16:24:49 +0100
Source: cryptsetup
Binary: cryptsetup
Architecture: source i386
Version: 20050111-1
Distribution: unstable
Urgency: low
Maintainer: Wesley W. Terpstra (Debian) <[EMAIL PROTECTED]>
Changed-By: Wesley W. Terpstra (Debian) <[EMAIL PROTECTED]>
Description:
cryptsetup - configures encrypted block devices
Closes: 266137 271475 274666 277078 279015 287676 287689
Changes:
cryptsetup (20050111-1) unstable; urgency=low
.
* Switched to using CVS
- important new option '-r' supports read-only media (eg: dvds)
- requires a new cryptdisks option: readonly
- use install rule instead of manual cp
- relink cryptsetup manually
- install the library and header (small)
* using autogen.sh
- no longer need to patch broken config*
- depends on autoconf, automake1.8, libtool, gettext
- attempt to clean all files produced by autogen.sh
* Applied patches from Bastian Kleineidam <[EMAIL PROTECTED]>
- CryptoSwap.HowTo (closes: #287689)
- fix web page links (closes: #271475)
- accept more comments (closes: #287676)
- added manpage for crypttab (closes: #279015)
- improved manpage for cryptsetup (closes: #274666)
- also thanks to Thorsten Gunkel for an earlier version
- thanks for all the improvements!
* Applied startup script help patch from Marco Bertorello (closes: #277078)
* Included Volker Sauer's hotplug script for automounting an encrypted
volume once the keys are plugged in via a usb stick (usbcrypto.hotplug)
* Included script for booting using keys on a usbstick (closes: #266137)
* Included another usb script from Stephan A Suerken
Files:
439b1bdc23ecfa0d5d7c66a3a32a9c00 705 admin optional cryptsetup_20050111-1.dsc
956bd7f7d0572341f83c0d8f68bbb095 16690 admin optional
cryptsetup_20050111.orig.tar.gz
4149a30639f8ee7c209d43925f77b821 19893 admin optional
cryptsetup_20050111-1.diff.gz
eb49ca4dd741a6d60ee6bcc1338c11a9 194644 admin optional
cryptsetup_20050111-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB5BO5vLvElXGKklYRAs8pAJ4ntX4Z1KBjb9ISd75NTuYHJWCEQACfXgFi
XFL0/kg7QJVG2ZT/I53Izec=
=Brm3
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
