ry, so the hash=ripemd160 line should be included in the
/etc/crypttab setup.
Changing the defaults is not a good solution since that would break the
setup for others, so I'll add a line about this to the documentation and
consider the BR closed with that.
--
David Härdeman
ce
the suspend signature still is there (and it has overwritten the swap
signature, if the resume had succeeded, the swap signature would have
been written back ontop of the suspend signature).
--
David Härdeman
On Sun, Jan 07, 2007 at 01:53:08PM +0100, Marcus Better wrote:
David Härdeman wrote:
That would mean that the fstype binary from klibc-utils doesn't
recognize the decrypted device as a suspend image. Could you please
follow the steps in bugs.debian.org/398302
Ok, I played a little with i
current Etch release timeframe.
--
David Härdeman
g/398302 to get a copy of the first
128K or so of the decrypted swap device so that I can do some testing
why the image is not recognized?
--
David Härdeman
On Sat, Dec 30, 2006 at 04:46:27AM +0100, Jonas Meurer wrote:
Hello,
I need some advice regarding this bug. Unforuntately i don't know
nothing about initramfs, and David Härdeman, the one who usually does
all the cryptsetup initramfs stuff, is unavailable currently.
Could somebody comme
onas will have time to add this fix and
release a new version.
Later it would probably be good to add checks too make sure that the
device argument is a block device and not something else, in order to
provide more helpful messages to the user. That can be implemented later
though.
--
David Hä
d you then provide me with the exact steps that you took to
reproduce it cause so far I haven't managed to do so.
--
David Härdeman
FYI, it seems likely that #402511 is due to the same problem as
described in #401393 (with further details)
--
David Härdeman
Hi Martin,
the fixed klibc-utils version is in unstable now and it works for me
(i.e. it recognizes suspend images).
Could you please test it and verify that it works for you as well?
(remember to regenerate the initramfs after the updated klibc-utils
1.4.30-2 has been installed)
--
David
I'm sorry but I can't reproduce this.
In the initramfs shell during boot after doing "s2disk":
(initramfs) fstype < /dev/mapper/corevg-swaplv
FSTYPE=suspend
FSSIZE=0
(initramfs)
Did you regenerate your initramfs after installing the new klibc-utils
package?
--
David Härdeman
cryptsetup that
is currently in unstable?
--
David Härdeman
tput do you get from fstype in the initramfs image? That is, what
output does "fstype < /dev/" give?
--
David Härdeman
se:
key slot 0 unlocked.
Command successful.
# ls -al /dev/mapper/footmp
brw-rw 1 root disk 254, 3 2006-12-14 19:14 /dev/mapper/footmp
# cryptsetup remove footmp
# losetup -d /dev/loop0
--
David Härdeman
Vagrant Cascadian wrote:
> i'm not sure this bug is really fixed, or fixed completely...
>...
> APT policy: (500, 'testing')
The fixed version is not in testing yet.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscr
On Tue, Dec 12, 2006 at 11:04:07PM +0100, Enrico Gatto wrote:
Il giorno Tue, 12 Dec 2006 17:35:30 +0100
David Härdeman <[EMAIL PROTECTED]> ha scritto:
How can you know that these modules are included? What adds them
to the initramfs image?
The evms hook includes them in initrd. The pi
On Tue, Dec 12, 2006 at 09:07:18PM +0100, David Härdeman wrote:
The attached patch is my first stab at allowing a more complete removal
of configured device-mapper devices (crypto / lvm). It will work in a
recursive manner so even crazy setups like
crypto-on-lvm-on-crypto-on-something should
lates | 28 +
partman-base/choose_partition/partition_tree/do_option | 16 +
5 files changed, 252 insertions(+), 55 deletions(-)
--
David Härdeman
Index: partman-auto/debian/partman-auto.templates
===
--- partman-auto/d
;)"
> + device=/dev/mapper/"$VG_dev"-"$LV_dev"
>
> dirname=$(echo "$device" | sed "s:/:=:g")
> dev=$DEVICES/$dirname
>
Yes, that's the right idea. I don't know whether more changes are necessary.
If needed, I c
On Mon, December 11, 2006 19:40, Frans Pop said:
> I need some help here.
>
> According to the test that David Härdeman introduced recently, a hyphen
> _is_ a valid character for VG and LV names.
>
> So what is the actual bug here:
> - a hyphen is not a valid character aft
On Mon, December 11, 2006 18:14, Enrico Gatto said:
> On Mon, 11 Dec 2006 10:59:24 +0100 (CET)
> David Härdeman <[EMAIL PROTECTED]> wrote:
>
>> could you please provide me with
>> ..
>> /etc/fstab,
>
> /dev/mapper/croot / ext3 defaults
I assume you use a
combination of evms and crypto?)
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I solved this problem (the non-posix command) by replacing:
err = os.system("mv linux*/* linux*/.[^.]* ..; rmdir linux*")
with
err = os.system("find linux* -maxdepth 1 -mindepth 1 -print0 | xargs -0 -iREF mv REF
../; rmdir linux*")
--
David Härdeman
Package: refpolicy
Severity: normal
qemu needs execmem permissions, so (I guess that) a file_context like the
following is necessary:
/usr/bin/qemu -- system_u:object_r:unconfined_execmem_exec_t
At least that fixed the audit messages for me
--
David Härdeman
On Fri, December 8, 2006 10:31, Loïc Minier said:
> On Fri, Dec 08, 2006, David Härdeman wrote:
>> Don't mix up boot-on-raid and boot-on-device-mapper, they are two
>> different things using different kernel subsystems (md and dm).
>
> Err, md is dm based, right?
month or two ago, they just say you can't use Grub for
> boot-on-raid, but that Lilo works (that's how I got my system set up).
Don't mix up boot-on-raid and boot-on-device-mapper, they are two
different things using different kernel subsystems (md and dm).
boot-on-raid(1) wor
db_go || return 30
db_get partman-auto-lvm/no_boot || true
[ "$RET" = true ] || return 30
fi
--
David Härdeman
been autodetected but it wasn't due to a variable naming
error in the initramfs hook. I've fixed both issues in SVN. Thanks for
the report.
--
David Härdeman
k together.
Why? If the cryptdisks.functions script is missing even though you haven't
removed the cryptsetup package from your system something is seriously
broken.
--
David Härdeman
On Thu, Nov 23, 2006 at 02:48:13PM +0100, Frans Pop wrote:
On Friday 17 November 2006 11:28, David Härdeman wrote:
On Fri, November 17, 2006 10:21, Frans Pop said:
> Because the method is not a question as such when using preseeding.
> We should handle the situation where partman-auto/d
g.
> We should handle the situation where partman-auto/disk is preseeded but
> partman-auto/method is not more gracefully though.
>
How would you like it to work?
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
onfigured, etc) better too much information than too
little.
And please keep the bug report addresses CC:ed when replying with more
information :)
Thanks for your efforts in debugging and testing the installer.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Fri, November 17, 2006 9:47, [EMAIL PROTECTED] said:
> David Härdeman wrote:
>> Your recipies are missing the "partman-auto/method" entry which you need
>> in addition to "partman-auto/disk" (and forget what I said about
>> "partman-auto/select_di
On Thu, November 16, 2006 20:54, Olaf van der Spek said:
> David Härdeman wrote:
>> On Thu, Nov 16, 2006 at 07:50:11PM +0100, Olaf van der Spek wrote:
>>> Olaf van der Spek wrote:
>>>> David Härdeman wrote:
>>>>> Dennis, Olaf...could you try ch
On Thu, November 16, 2006 20:54, Olaf van der Spek said:
> David Härdeman wrote:
>> On Thu, Nov 16, 2006 at 07:50:11PM +0100, Olaf van der Spek wrote:
>>>
>>> CPU usage appears to be 100%, so I suspect an infinite loop.
>>
>> Could you change to VT2 (alt +
On Thu, November 16, 2006 23:07, Joey Hess said:
> David Härdeman wrote:
>> The attached patch changes partman-md to keep the settings of the md
>> partitions when partman restarts which is enough to allow crypto-on-raid
>> setups to work again, thus fixing #393728, #397872
On Thu, Nov 16, 2006 at 07:50:11PM +0100, Olaf van der Spek wrote:
Olaf van der Spek wrote:
David Härdeman wrote:
Dennis, Olaf...could you try changing the "partman-auto/disk" entry to
"partman-auto/select_disk" in your preseed files and see if that fixes
things
After a
quot; in the preseed file
posted to the bug report.
If that fixes things, the template either needs a name change or the
manual needs an update.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
, I've implemented it so that most of it only applies when the
md-device is used for crypto.
Tested with crypto-on-md and with regular fs-on-md.
Would it be ok to commit this?
And this time...with patch included :)
--
David Härdeman
Index: debian/chan
of the patch this close to the Etch
release, I've implemented it so that most of it only applies when the
md-device is used for crypto.
Tested with crypto-on-md and with regular fs-on-md.
Would it be ok to commit this?
--
David Härdeman
rtman-md should be changed to behave like all other partman components
post-etch. I'm posting this bug as a reminder (a targeted fix will
hopefully go in for the above mentioned bugs though, but the fix
should be made generally applicable).
--
David Härdeman
> This would be great. Tell me, if I can help. E.g. Testing it.
I'll let you know when some progress has been made. Please keep
[EMAIL PROTECTED] CC:ed on any further mails you send regarding this
problem so that others are also kept up-to-date.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
. The problem is a disagreement between partman-md and
partman-crypto which results in a bogus /etc/fstab on the target fs and
after that everything goes downhill (see #393728 for more details).
Hopefully I'll have time to look into this soon or we'll have to mention
that crypto and md are no
) has been fixed with the changes that'll go into the next
upload. The remainder is of lower severity.
--
David Härdeman
On Mon, November 13, 2006 10:39, martin f krafft said:
> also sprach David Härdeman <[EMAIL PROTECTED]> [2006.11.13.0014 +0100]:
>> So that means that suspend2disk actually removes the swap signature from
>> disk when you suspend. I seemed to recall that the suspend solutions
On Sun, Nov 12, 2006 at 11:24:53PM +0100, martin f krafft wrote:
also sprach David Härdeman <[EMAIL PROTECTED]> [2006.11.12.2308 +0100]:
>created/setup correctly, /bin/fstype returns unknown for FSTYPE,
>and thus the cryptroot script thinks that something went wrong
>and loops
Package: klibc-utils
Version: 1.4.30-1
Severity: normal
Tags: patch
Hi,
the attached patch adds swsusp, suspend2 and uswsusp image detection
to fstype.
Signed-off-by: David Härdeman <[EMAIL PROTECTED]>
--
fstype.c | 15 +++
swap_fs.h |7 +++
2 files chang
On Sun, Nov 12, 2006 at 09:48:16PM +0100, martin f krafft wrote:
also sprach David Härdeman <[EMAIL PROTECTED]> [2006.11.12.1645 +0100]:
Then, provided that the swap entry is configured in /etc/crypttab, run
"/etc/init.d/cryptdisks start" and it'll do the setup for you.
On Sat, Nov 11, 2006 at 05:09:44PM +0100, martin f krafft wrote:
also sprach David Härdeman <[EMAIL PROTECTED]> [2006.11.11.1239 +0100]:
Ok, I've committed fixes for both your bugs to the SVN repo. Could you
please test the package? Either by downloading it from:
http://www.hardema
On Sat, Nov 11, 2006 at 05:52:35PM +0100, martin f krafft wrote:
also sprach David Härdeman <[EMAIL PROTECTED]> [2006.11.11.1239 +0100]:
cryptswap /dev/hda2 cryptroot
keyscript=/root/decrypt_derived,hash=sha256,size=256,cipher=aes-cbc-essiv:sha256
So how do I initialise /dev/hda2 for t
On Fri, Nov 10, 2006 at 01:43:05PM +0100, martin f krafft wrote:
also sprach David Härdeman <[EMAIL PROTECTED]> [2006.11.10.1331 +0100]:
The hook should warn about these situations though and then skip
adding the resume partition details to the initramfs image...I'll
fix that
Th
ustom built usplash).
--
David Härdeman
ill like to see this change applied, I suggest you discuss
it directly with the upstream author - Clemens Fruhwirth
(<[EMAIL PROTECTED]>, http://clemens.endorphin.org/)
--
David Härdeman
en into a state where major surgery is needed to get it back? :-/
That was based on Max's analysis of the underlying problems, so not
first-hand knowledge. There might be a simpler root cause though.
I'm not sure when I'll have time to investigate this further...
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Fri, November 10, 2006 15:28, Thomas Hühn said:
> David Härdeman wrote:
>> On Fri, November 10, 2006 12:02, Thomas Hühn said:
>>> - I was surprised to see crypto support in the partitioning phase.
>>> First
>>> I thought Debian now supports encrypted pa
ke that (can't check the exact naming right now). If you choose that
option, it will automatically partition the harddrive using a regular boot
partition and encrypted LVM devices for the rest.
Is this not what you requested?
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTEC
On Fri, November 10, 2006 12:10, David Härdeman said:
> On Fri, November 10, 2006 10:34, martin f krafft said:
>> As of late, cryptsetup figures out what swap device I need to resume
>> from disk and tells initramfs to also initialise that device even
>> before root is
stead and
which will work without any further changes)
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
he format of the latter two?
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Perhaps we need to disable crypto-on-md for Etch...(as Max said in #393728)
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, Nov 08, 2006 at 10:33:22PM +0100, Loïc Minier wrote:
On Wed, Nov 08, 2006, David Härdeman wrote:
Would you be willing to test the attached patch? It should solve both
bugs you reported today.
I read the patch, and I believe it resolves the issues. I wonder why
you prefer ignoring all
some bugs crept in...sorry
about that.
Would you be willing to test the attached patch? It should solve both
bugs you reported today.
--
David Härdeman
Index: initramfs-cryptroot-hook
===
--- initramfs-cryptroot-hook(revi
build/config/common and set "EXTRAFILES" to something like
"EXTRAFILES = /usr/bin/strace" which will also add the extra binary (and
all libraries that it uses)
--
David Härdeman
-boots, there shouldn't be any differences.
--
David Härdeman
diff -ur ./udev-0.100.orig/debian/udev.init ./udev-0.100/debian/udev.init
--- ./udev-0.100.orig/debian/udev.init 2006-11-08 00:05:12.0 +0100
+++ ./udev-0.100/debian/udev.init 2006-11-08 00:09:30.0 +0100
@@ -
Package: lvm-common
Version: 1.5.20
Severity: minor
Tags: patch
Hi,
the attached patch changes the lvm-common init.d script(s) to give the
newly created devices (if any) their proper SELinux contexts. On a
non-SELinux system, nothing is changed by the one-line patch.
--
David Härdeman
diff
later.
I must admit though that I didn't really understand why the fd9 trick
was used in the first place?
--
David Härdeman
diff -ur ./sysvinit-2.86.ds1.orig/debian/initscripts/etc/init.d/mtab.sh
./sysvinit-2.86.ds1/debian/initscripts/etc/init.d/mtab.sh
--- ./sysvinit-2.86.ds1.orig/debian/in
set (if a initramfs image built using initramfs-tools is
used).
--
David Härdeman
diff -ur ./udev-0.100.orig/extra/initramfs.bottom
./udev-0.100/extra/initramfs.bottom
--- ./udev-0.100.orig/extra/initramfs.bottom2006-11-07 18:06:39.0
+0100
+++ ./udev-0.100/extra/initramfs.bottom
, the init.d scripts check for readability of the key and refuses
to try to setup the mapping if it's not readable.
I will commit a fix for this later today, updated package should be
included in Etch.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "u
sical volume for several LVM vg's so no additional setup is necessary
for the second device.
I will commit a fix for this later today, updated package should be
included in Etch.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe&quo
to
> warn people about the presence of unsupported file systems.
Ok, seems reasonable. Feel free to close this BR.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
1.8-1 Python bindings for SELinux polic
Versions of packages policycoreutils recommends:
ii selinux-policy-refpolicy- 0.0.20061018-1 Targeted variant of the SELinux re
-- no debconf information
--
David Härdeman
1.8-1 Python bindings for SELinux polic
Versions of packages policycoreutils recommends:
ii selinux-policy-refpolicy- 0.0.20061018-1 Targeted variant of the SELinux re
-- no debconf information
--
David Härdeman
tion instead of manipulating selinux_mnt).
Thus I'll close the bug as fixed in sysvinit 2.86.ds1-34.
I still suspect that #344471 is a dupe of this bug, but I'll leave that
up to the maintainers to deal with.
--
David Härdeman
and commit it to SVN this evening. Since a new
upload is necessary for d-i RC1, and since it fixes two RC bugs, I'll ask
Frans Pop to do a NMU upload unless you've told me by then that you have
time to do the upload.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTE
nux by default (I doubt
> it ever did though).
>
> * SELinux used to try and load a policy even if one has not been
> configured/installed.
* One of the libraries that init depends on had a bug which has been
fixed
--
David Härdeman
--
To UNSUBSCRIBE, emai
Hmm,
perhaps bugs #344471 and #330592 describe the same issue (i.e. one which
is no longer reproducible)?
Edwin, are you still able to reproduce the init GPF that you reported in
http://bugs.debian.org/344471 ?
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
mehow).
I'd still like to trace down what *is* causing the glibc warnings though,
just to be sure. I'll try to fiddle with the rcS scripts next to see if I
can find the offender.
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
might be a sufficient check...
--
David Härdeman
ting the stack and leading to
interesting crashes in unrelated places later.
I'm not familiar enough with the LUKS code to suggest a fix...Clemens?
--
David Härdeman
I've attached a patch which replaces the loops with more direct access
methods. I've done one install run with it and it seems to work as
expected.
The patch is fairly large though, not sure whether it would be a good
idea to apply it before Etch?
--
David Härdeman
Index: aut
fbno desc; do
mknod /dev/fb$fbno c 29 $fbno
done < /proc/fb
if [ ! -e /dev/fb0 ]; then
mknod /dev/fb0 c 29 0
fi
for i in 0 1 2 3 4 5 6 7 8; do
mknod /dev/tty$i c 4 $i
done
fi
--
David Härdeman
unrelated bug which has now been fixed. Could you retry your
installation using a recent daily d-i image?
--
David Härdeman
e GCC, same options, etc) as the
kernel itself. This doesn't sound like a cryptsetup problem...
What kernel are you using? Are you sure the dm-crypt module is ok? Are
you able to manually insmod dm-crypt?
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of &q
reassign 394136 cryptsetup
retitle 394136 Add support for multiple device setup in initramfs
tags 394136 +d-i
thanks
On Fri, October 20, 2006 12:32, Miroslav Kure said:
> On Fri, Oct 20, 2006 at 10:50:34AM +0200, David Härdeman wrote:
>>
>> I'm fairly certain this is a b
suggested in #388871.
Thanks for the help and sorry for the cock-up :)
--
David Härdeman
to indicate progress
(so right now the "Debian" text gradually appears as the boot progresses).
Just plopping in a new SVG/PNG should be enough to change the looks (you
may have to change the parameters in theme.h also).
It should be easy to change the package so that it builds several the
fail, the script would
> (correctly) fail and the error would be seen. With your version,
> dmsetup info is guaranteed to fail in some setups (like mine), and the
> errors are always discarded.
Which setup do you have that fails?
--
David Härdeman
--
To UNSUBSCRIBE, email to [EMAIL
ot;d", instead it's an
> UTF-8 sequence which looks very alike to a d. (If you're using vim,
> type "ga" to see the hex sequence of the first and the second "d".
Again, my fault. The UTF8 sequence must have looked to similar to a real
"d"
you post the contents of /conf/conf.d/cryptroot in the initramfs
image? (boot with the "break" argument and you'll be dropped into a
shell so you can inspect the contents of the initramfs image).
--
David Härdeman
David Härdeman wrote:
> I can think of two solutions:
>
> 1) Redirect kernel messages to another vt during passphrase entry
>
> 2) Change to another "clean" vt, deal with passphrase, switch back
And here are two more solutions:
3) I've written some patches for usp
Hi,
the decrypt_old_ssl and decrypt_ssl scripts should have been fixed now
in SVN and will be included in the next cryptsetup upload which should
be available in a couple of days.
--
David Härdeman
I've attached a patch which should implement the proposed solution.
--
David Härdeman
Index: debian/partman-auto-lvm.templates
===
--- debian/partman-auto-lvm.templates (revision 41740)
+++ debian/partman-auto-lvm.temp
foil hat
scenarios.
--
David Härdeman
On Thu, Oct 12, 2006 at 07:22:08PM +0100, James Westby wrote:
Attached is a sort of tested patch for this. It works for me, but it
tries to do more that I can test.
Thanks, I'll take a look at it during the weekend
--
David Härdeman
ow if there is any other
way to get this info?
"dmsetup deps "
--
David Härdeman
quot;
the full freedom of choice trough the manual partitioning.
Cluttering up the guided partitioning choices with several confusingly
similar choices would just reduce the value of the guided partitioning
and bring it closer to the manual one.
--
David Härdeman
Package: compiz
Version: 0.0.13+git20060928-2
Severity: normal
When using the middle-mouse-button to scroll feature in Firefox, the
cursor leaves trailing marks behind as you scroll.
This is the same bug as reported here:
https://launchpad.net/bugs/58622
--
David Härdeman
which should be visible to the user but not to stdout should
normally be written to /dev/console or /dev/tty
--
David Härdeman
artitioned.
I'll try to find time this week to look into it.
--
David Härdeman
on as a usplash with my tiny patch is in the
archive.
The source package can be downloaded from:
http://www.hardeman.nu/~david/files/misc/usplash-theme-etch.tar.gz
--
David Härdeman
[0] http://wiki.debian.org/DebianDesktopArtwork/UsplashEtch
=== modified file 'usplash-theme.h'
301 - 400 of 621 matches
Mail list logo
