Bug#923513: marked as done (Argon2i/d benchmark doesn't honor `getrlimit(RLIMIT_MEMLOCK,)`)

Mon, 28 Nov 2022 17:51:17 -0800 

Your message dated Tue, 29 Nov 2022 01:49:40 +0000
with message-id <[email protected]>
and subject line Bug#923513: fixed in cryptsetup 2:2.6.0-1
has caused the Debian Bug report #923513,
regarding Argon2i/d benchmark doesn't honor `getrlimit(RLIMIT_MEMLOCK,)`
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
923513: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923513
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: cryptsetup-bin
Version: 2:2.1.0-2
Severity: normal

Dear Maintainer,

it's no longer possible to create a container using cryptsetup
luksFormat as non-root.

Step to reproduce:

    $ dd if=/dev/zero bs=16M count=1 of=/tmp/blob
    $ /sbin/cryptsetup luksFormat /tmp/blob
    ... and an arbitrary passphrase, or shorter:
    $ echo foo | /sbin/cryptsetup luksFormat /tmp/blob -

Error message:
    Not compatible PBKDF options.

Running as root still succeeds - and I haven't compared the strace
output yet for time constraints, sorry.

Workaround:

Declare usage of format 1 like in

    $ echo -n foo | cryptsetup luksFormat --type luks1 /tmp/blob -

and possibly some other ways.


This broke the luksmeta test suite, I've fixed that locally for the time
being but this might affect other people. I don't know whether
there's another situation where you would luksFormat as non-root (some
containerization perhaps?), so this might be release notice material as
well.

Kind regards,

    Christoph


-- Package-specific info:

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.21 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages cryptsetup-bin depends on:
ii  libblkid1        2.33.1-0.1
ii  libc6            2.28-8
ii  libcryptsetup12  2:2.1.0-2
ii  libpopt0         1.16-12
ii  libuuid1         2.33.1-0.1

cryptsetup-bin recommends no packages.

cryptsetup-bin suggests no packages.

-- no debconf information

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Source: cryptsetup
Source-Version: 2:2.6.0-1
Done: Guilhem Moulin <[email protected]>

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guilhem Moulin <[email protected]> (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Nov 2022 01:20:38 +0100
Source: cryptsetup
Architecture: source
Version: 2:2.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Cryptsetup Team 
<[email protected]>
Changed-By: Guilhem Moulin <[email protected]>
Closes: 923513
Changes:
 cryptsetup (2:2.6.0-1) unstable; urgency=low
 .
   * New upstream release 2.6.0.
 .
 cryptsetup (2:2.6.0~rc0-1) experimental; urgency=medium
 .
   * New upstream release candidate 2.6.0, introducing support for handling
     macOS FileVault2 devices (FVAULT2).  The new version of FileVault based on
     the APFS filesystem used in recent macOS versions is currently not
     supported: only the (legacy) FileVault2 format based on Core Storage and
     HFS+ filesystem (introduced in MacOS X 10.7 Lion) is supported.  Moreover
     header formatting and changes are not supported; cryptsetup never changes
     the metadata on the device.
     Closes: #923513.
   * Update d/copyright for 2:2.6.0~rc0-1.
   * Ship cryptsetup-fvault2Dump(8) and cryptsetup-fvault2Open(8) to
     cryptsetup-bin binary package.
   * Update d/libcryptsetup12.symbols for 2:2.6.0~rc0-1.
   * Add 'fvault2' flag to crypttab(5) to force detection of Apple's FileVault2
     volumes.
   * d/rules: Add new target execute_before_dh_auto_test so blhc ignores
     compilations of tests/*.c.
   * d/u/metadata: Set 'Security-Contact' upstream metadata field.
Checksums-Sha1:
 43792e4743a0edb2149db753d33d34701bdf3df5 3610 cryptsetup_2.6.0-1.dsc
 ec3c98c9ab84de80dfbeef2fbc6c2a6472899681 11589680 cryptsetup_2.6.0.orig.tar.gz
 bd0b4133a53c3e6a52765bd6424cd6e8db8e93c7 153616 
cryptsetup_2.6.0-1.debian.tar.xz
 f90a4dd4592ee28193e981932a8c3da455602495 11674 
cryptsetup_2.6.0-1_amd64.buildinfo
Checksums-Sha256:
 985cbdfd6d2b84c736b2c726d00306a9620edc5526b7109106e2269e301b8d40 3610 
cryptsetup_2.6.0-1.dsc
 5f371c7590430c08194b4602808ba2e70862c5ca64207036cc7f8a30a02b6f5b 11589680 
cryptsetup_2.6.0.orig.tar.gz
 76561feb57fa4380973c6dd8b8f6ea2ab528cff80151614250fa56f7672ca8b6 153616 
cryptsetup_2.6.0-1.debian.tar.xz
 95238ca40d8f31e422aabeca764175f792e3d5747df55b7f670733ae66f36e60 11674 
cryptsetup_2.6.0-1_amd64.buildinfo
Files:
 d0bc4aa0d5a447f8fc933f5a0eb70b95 3610 admin optional cryptsetup_2.6.0-1.dsc
 9bfa82c4ca1e819afe13decb4a4e6fab 11589680 admin optional 
cryptsetup_2.6.0.orig.tar.gz
 ea187e18562d3eb10c0d86c6fab771c8 153616 admin optional 
cryptsetup_2.6.0-1.debian.tar.xz
 2e418fb9f8f695fe71eb7472b0217b8e 11674 admin optional 
cryptsetup_2.6.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmOFU5YACgkQ05pJnDwh
pVKikg/8DvwAKkYVeO1uudTjm16Ql8WJsg/k9xQPzEyqhpMTWisx/E1uWIyocwBP
AhwkSc8sAT76lR630gAUVrUGB0GOlZzGnES5RFj9fGRTCbvXLJt5y8US+HCt8B+k
ZUu/vx6wmuoiKt6c6ZXtir2w26hQJbBwojyCVKA05+T+zJXcinblCcroxcr49iD/
43xjgUWivYAtNeO/dEb3Ysue/hDZ2KgtT+jv1GtrhKe8FT94r7xb8iSYx69yYmZI
YrHjWiN++N5Pfo4td0Z8m/Rl3m46F6iLDSgcB9Mo7Kiy5G3a3WDdtnrHufatT0kN
THAxBDajo8mFd1fEqdNR6/ThjLbaVH+pzzKQRV3EwDO+qoIjS4kqsvgaaDeCU71a
Uq2H81TUoci9oXli57wcfMxgccmoAzt5+U87kzoWmmaM8QCD0z1+DeeIHoHhkq3W
CWCd0RNqpDiCoOGfNVaJHFF5/QyIubjBrjge8lBIbeWWxJm51ZbZFBiwoaUPfpv6
Q2CjD0JEo+Rz51N3PqvRW+rZs5PE8khQpfEKtG0b3LZggaMMSiCioXktD4s6Q+GC
enrED5wqKMiOXyf9vwkOYueyM5Nf3dirgnW5coEevQBS0yhJz/NMvelldRt9tfNc
hToriROfybgc17aI8gRpHxpQm+kiXDp/WDXL6iIbDl6OSjMikds=
=nLM/
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to