Bug#406317: marked as done (cryptsetup and initramfs should use same default hash function)

Debian Bug Tracking System Sat, 02 Feb 2008 17:37:39 -0800

Your message dated Sun, 03 Feb 2008 00:35:33 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#406317: fixed in cryptsetup 2:1.0.6~pre1+svn45-1
has caused the attached Bug report to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

Package: cryptsetup
Version: 2:1.0.4-4
Severity: important

As of late, cryptsetup figures out what swap device I need to resume
from disk and tells initramfs to also initialise that device even
before root is brought up.

The problem is quite simply that some of us have previously
configured the swap device with a random passphrase, or a keyfile
stored somewhere in /etc. Now, all of a sudden, we're expected to
enter the key during initramfs? I am sorry, I cannot remember 2048
bytes of key material, nor would I remember what random string the
kernel used to set up the swap device before the latest cryptsetup
upgrade.

My crypttab says

  cr_hda2 /dev/hda2 /etc/keys/hda2.luks luks

cryptsetup should ensure that /etc/keys/hda2.luks is available as
such during initramfs. If the key is specified as /dev/urandom,
cryptsetup must react differently and prompt the user for a new,
static passphrase.

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (750, 'unstable'), (500, 'testing'), (250, 'stable'), (1, 
'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.17-2-686
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages cryptsetup depends on:
ii  dmsetup  2:1.02.08-1                     The Linux Kernel Device Mapper use
ii  libc6    2.3.6.ds1-8                     GNU C Library: Shared libraries
ii  libdevma 2:1.02.08-1                     The Linux Kernel Device Mapper use
ii  libgcryp 1.2.3-2                         LGPL Crypto library - runtime libr
ii  libgpg-e 1.4-1                           library for common error values an
ii  libpopt0 1.10-3                          lib for parsing cmdline parameters
ii  libuuid1 1.39+1.40-WIP-2006.10.02+dfsg-2 universally unique id library

cryptsetup recommends no packages.

-- no debconf information

-- 
 .''`.   martin f. krafft <[EMAIL PROTECTED]>
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems

signature.asc
Description: Digital signature (GPG/PGP)

--- End Message ---

--- Begin Message ---

Source: cryptsetup
Source-Version: 2:1.0.6~pre1+svn45-1

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive:

cryptsetup-udeb_1.0.6~pre1+svn45-1_amd64.udeb
  to pool/main/c/cryptsetup/cryptsetup-udeb_1.0.6~pre1+svn45-1_amd64.udeb
cryptsetup_1.0.6~pre1+svn45-1.diff.gz
  to pool/main/c/cryptsetup/cryptsetup_1.0.6~pre1+svn45-1.diff.gz
cryptsetup_1.0.6~pre1+svn45-1.dsc
  to pool/main/c/cryptsetup/cryptsetup_1.0.6~pre1+svn45-1.dsc
cryptsetup_1.0.6~pre1+svn45-1_amd64.deb
  to pool/main/c/cryptsetup/cryptsetup_1.0.6~pre1+svn45-1_amd64.deb
cryptsetup_1.0.6~pre1+svn45.orig.tar.gz
  to pool/main/c/cryptsetup/cryptsetup_1.0.6~pre1+svn45.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Meurer <[EMAIL PROTECTED]> (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 30 Jan 2008 09:01:52 +0100
Source: cryptsetup
Binary: cryptsetup cryptsetup-udeb
Architecture: source amd64
Version: 2:1.0.6~pre1+svn45-1
Distribution: unstable
Urgency: low
Maintainer: Jonas Meurer <[EMAIL PROTECTED]>
Changed-By: Jonas Meurer <[EMAIL PROTECTED]>
Description: 
 cryptsetup - configures encrypted block devices
 cryptsetup-udeb - configures encrypted block devices (udeb)
Closes: 406317 423591 458944 459206 459832 460409 460994 461548
Changes: 
 cryptsetup (2:1.0.6~pre1+svn45-1) unstable; urgency=low
 .
   * New upstream svn snapshot:
     - Adds typo fixes by Justin Pryzby <[EMAIL PROTECTED]> to cryptsetup.8
       manpage.
     - Mentions luksKillSlot in the manpage. Thanks to Alexander Heinlein
       <[EMAIL PROTECTED]>. (closes: #459206)
     - Adds the patch by U Kuehn <[EMAIL PROTECTED]> to support explicit key 
slots
       for luksFormat, luksAddKey.
     - Supports adding new keys to active devices again. Thanks to Tobias Frost
       <[EMAIL PROTECTED]> for the bugreport. (closes: #460409)
   * Add support for a custom filesystem for /tmp. Patch provided by
     Hans-Peter Oeri <[EMAIL PROTECTED]>.
   * Add X-Start-Before headers to cryptdisks and cryptdisks-early initscripts.
     Thanks to Petter Reinholdtsen <[EMAIL PROTECTED]> for report and patch.
     (closes: #458944)
   * Add support for a noauto option to cryptdisks. Thanks to U Kuehn
     <[EMAIL PROTECTED]> for the idea.
   * Add typo fixes by Justin Pryzby <[EMAIL PROTECTED]> to crypttab.5
     manpage. (closes: #460994)
   * Add a cryptdisks_stop script, corresponding to cryptdisks_start. Thanks to
     Joachim Breitner <[EMAIL PROTECTED]> for the idea. (closes: #459832)
   * Change log_progress_msg to log_action_msg in cryptdisks.functions. That
     way a newline is printed after the start of every device. Thanks to Frans
     Pop <[EMAIL PROTECTED]> for the bugreport. (closes: #461548)
   * Add bash_completition script provided by Kevin Locke <[EMAIL PROTECTED]>.
     (closes: #423591)
   * Fix a spelling error in the package description: linux -> Linux.
   * Fix bashisms in cryptdisks_{start,stop} found by Raphael Geissert
     <[EMAIL PROTECTED]>.
   * Change the default hash in initramfs scripts from sha256 to ripemd160 for
     consistency with cryptsetup default. Add information about that to
     NEWS.Debian. Thanks to martin f krafft <[EMAIL PROTECTED]>.
     (closes: #406317)
Files: 
 823f6b8965c74f3434bd33a494ce292f 1053 admin optional 
cryptsetup_1.0.6~pre1+svn45-1.dsc
 b842cbf8b7642ed92613c5a0ab3f3932 271335 admin optional 
cryptsetup_1.0.6~pre1+svn45.orig.tar.gz
 64c16301c994ae572a12bf6cc0b8ddc3 47058 admin optional 
cryptsetup_1.0.6~pre1+svn45-1.diff.gz
 533e9cda7b92478845bc09853d78f09b 297518 admin optional 
cryptsetup_1.0.6~pre1+svn45-1_amd64.deb
 c60812fbfedb2c4295906e14dd449711 239028 debian-installer optional 
cryptsetup-udeb_1.0.6~pre1+svn45-1_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHpMALd6lUs+JfIQIRAljBAJ9WhMWAiJAxKj1CCqqSQCJ/kF7eSACfeyfL
C9oMPFHExMZ7Rg6WgIwlNhc=
=+9R8
-----END PGP SIGNATURE-----

--- End Message ---

Bug#406317: marked as done (cryptsetup and initramfs should use same default hash function)

Reply via email to