quantal includes plymouth 0.8.4, which has the upstream changes to
support locking the terminal.
** Changed in: plymouth (Ubuntu Quantal)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://b
This bug was fixed in the package upstart - 1.3-0ubuntu12
---
upstart (1.3-0ubuntu12) oneiric-proposed; urgency=low
* init/main.c: restore the fix for bug #540256; we know the console setup
is taken care of by plymouth in Ubuntu, so upstart changing the console
settings just
This bug was fixed in the package upstart - 1.5-0ubuntu7
---
upstart (1.5-0ubuntu7) precise-proposed; urgency=low
* Correct a build failure from the previous upload.
upstart (1.5-0ubuntu6) precise-proposed; urgency=low
* debian/upstart.logrotate: don't create empty files after r
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
The proposed fix does resolve the issue for me on precise.
Many thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
Is someone able to test the upstart package in precise-proposed now that
a fix is available?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echo
This bug was fixed in the package upstart - 1.5-0ubuntu7
---
upstart (1.5-0ubuntu7) precise-proposed; urgency=low
* Correct a build failure from the previous upload.
upstart (1.5-0ubuntu6) precise-proposed; urgency=low
* debian/upstart.logrotate: don't create empty files after r
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: upstart (Ubuntu Quantal)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Titl
** Changed in: plymouth (Ubuntu Oneiric)
Status: Confirmed => Invalid
** Changed in: plymouth (Ubuntu Precise)
Status: Confirmed => Invalid
** Changed in: plymouth (Ubuntu Quantal)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubun
Hello Holger, or anyone else affected,
Accepted upstart into precise-proposed. The package will build now and
be available in a few hours. Please test and give feedback here. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Thank you in advance!
** Description changed:
+ [Impact]
+ This bug makes cryptsetup unusable in select configurations because passwords
are exposed on the console.
+
+ [Development Fix]
+ Package will be copied to quantal when the archive opens.
+
+ [Test Case]
+ 1. cat > /etc/init/plymouth-testing.conf
+ start on
I do not have any oneiric environment left, but using upstart
1.3-0ubuntu12 and udev 173-0ubuntu4.2 on precise does not echo for me.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unloc
Hello Holger, or anyone else affected,
Accepted upstart into oneiric-proposed. The package will build now and
be available in a few hours. Please test and give feedback here. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Thank you in advance!
** Branch linked: lp:~vorlon/ubuntu/precise/upstart/lp.876626
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To manag
Thanks for finally looking into this.
While on this, please also look at #778659.
I do not agree with Comment #33 that "[obscuring] the entered passphrase and
[displaying] asterisks" is "correct". It should not display any input, as
cryptsetup(8), cryptdisks_start(8), passwd(1), gpg(1) and all o
On Tue, Apr 24, 2012 at 06:11:48PM -, Scott James Remnant wrote:
> The correct upstream fix obviously would be to conditionally set up the
> system console in some manner, dependent on whether or not it's already
> "owned" by a running process or whether init is truly the first process
> to be
-c1326 doesn't change the console handling, it merely changed the error
case:
- if (system_setup_console (CONSOLE_OUTPUT, (! restart)) < 0)
+ if (system_setup_console (CONSOLE_OUTPUT, (! restart)) < 0) {
The Plymouth-safe console behavior was never committed upstream,
Hi Steve,
Since Plymouth is a 'long-running process' wrt the boot and since it is
attaching to the console (a shared device), I really don't think it should be
making any assumptions -- particularly before requesting a password: it should
set a 'secure' terminal environment immediately before p
Hi James,
On Mon, Apr 23, 2012 at 07:42:08PM -, James Hunt wrote:
> The real problem here is plymouth: when prompting for a password, it is
> unsafe to assume the terminal it is connected to is still in the state
> it was put into when the device was first opened. The fix is to set the
> termi
This issue does appear to have been exposed by a change to Upstart:
Upstart now resets the terminal attributes for /dev/console to ensure a
sane environment for Upstart itself to operate in. It does this (and
*should* do this) since it cannot know what state the initramfs left the
console in (in fa
@Steve Langesek: An encrypted data partition on an Ubuntu server meets
all your criteria, but is by no means a "corner case".
Thank you for targeting this for Precise. I am happy to see this is
being addressed. Hope the fix makes it in SRU sooner than later.
--
You received this bug notification
Note to self: Encryption of data volumes on a headless system is a
"corner case".
"Ubuntu is designed with security in mind." https://wiki.ubuntu.com/LTS
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bu
ilf, this bug is a corner case. It only affects users who are using
encryption on a volume *other* than the one containing their root
filesystem, only when these filesystems are mounted at boot time, and
only when they are opting not to use the default plymouth splash
interface. I have been using
** Changed in: upstart (Ubuntu Precise)
Assignee: Adam Conrad (adconrad) => James Hunt (jamesodhunt)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk
@ilf -please be assured that we are still working on this issue. There
are a lot of variables to consider here and the problem is providing
difficult to isolate. Please can I ask those affected by this issue to
be patient.
As an update on the issue itself, we believe the problem is not actually
re
Are you shitting me? Half a year and one release later, you're delaying
this again? You're shipping this on a production LTS?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking th
** Changed in: upstart (Ubuntu Precise)
Milestone: None => ubuntu-12.04.1
** Tags added: rls-p-tracking
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto d
The workaround is getting harder to pull off since udev has a dependency
on upstart version. Natty upstart and Oneiric udev now.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking
Quite true, ilf. My indifferentiometer reads over 30 kiloyawns/sec for
this bug. Guess it's more important to have pretty CSS and alpha-
channeld menus in Unity than to have an actual usable system. Thumbs up
for eyecandy!
--
You received this bug notification because you are a member of Ubuntu
B
Still present in current Beta 2, three days until FinalFreeze. Way to go
for LTS!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password
This bug still happens with 12.04 beta2
IMO, this is a showstopper for LTS upgrade.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos passwo
** Tags added: rls-mgr-p-tracking
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To manage notifications about this b
** Tags added: css-sponsored-p
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To manage notifications about this bug
** Changed in: upstart (Ubuntu Precise)
Assignee: Stéphane Graber (stgraber) => Adam Conrad (adconrad)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto di
** Changed in: upstart (Ubuntu Oneiric)
Importance: Undecided => Medium
** Changed in: upstart (Ubuntu Oneiric)
Importance: Medium => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
T
** Changed in: upstart (Ubuntu Precise)
Assignee: James Hunt (jamesodhunt) => Stéphane Graber (stgraber)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto
So far natty upstart still works with precise, without echoing, I can only hope
it continues to work while this is unresolved.
I keep the 'upgrade' out with this in /etc/apt/preferences:
Package: upstart
Pin: version 0.0
Pin-Priority: -1
I attempted a bisection of upstart a while ago. But betwee
@Benjamin: I am grateful for general FLOSS development, but I am totally
pissed at the way Ubuntu is handling passphrase input for crypto disks
at boot.
It started almost two years ago with bug 566818.
Then it became a security issue last year with bug 778659.
Now this on has been idling for four
Well, apparently if nobody comments on this issue, it just keeps getting
ignored. So I can fully understand ilf's sarcasm. It's just annoying
that Ubuntu focuses on making "pretty" GUIs (which look IMHO like
disgustingly cheap Mac OSX clones) and a security vulnerability just
sits there for MONTHS
@ilf: I would suggest a bit less sarcasm and a bit more encouragement
for hard-working volunteer programmers!
Is it possible that some other process is receiving the keyboard inputs
and echoing them back? I'm thinking this because typing in a password
for the swap partition only echoes *s -- but l
Yeah, it's not like this should be a priority, so taking four months
without progress is completely ok.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (
On Tue, Feb 07, 2012 at 10:54:08PM -, bwalex wrote:
> is this huge gaping security hole going to be fixed anytime soon?
We have not yet isolated the cause.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can
is this huge gaping security hole going to be fixed anytime soon?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To m
No change with upstart 1.4.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To manage notifications about this bug go
** Changed in: plymouth (Ubuntu Oneiric)
Status: New => Confirmed
** Changed in: upstart (Ubuntu Oneiric)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
T
** Also affects: plymouth (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: upstart (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: plymouth (Ubuntu Precise)
Importance: Undecided
Status: Confirmed
** Also affects: upstart (Ubun
Still a problem on precise, still fixed by downgrading to natty upstart.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on consol
Cybjit, thanks for your investigation into this issue. I'm not sure if
this is a bug on the plymouth or upstart side. James, do you know what
has changed in upstart that would account for this misbehavior?
** Changed in: upstart (Ubuntu)
Importance: Undecided => High
** Changed in: upstart (Ub
** Also affects: upstart (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on c
Downgrading upstart from oneiric 1.3-0ubuntu11 to natty 0.9.7-1 fixes
this for me.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password
I tried doing a selective upgrade from 11.04. And surprisingly upgrading
plymouth did not trigger the bug. After upgrading these packages it appeared:
man-db 2.5.9-4
debianutils 4.0.2
libblkid1 2.19.1-2ubuntu3
libc-bin 2.13-0ubuntu13
doc-base 0.9.5ubuntu2
man-db 2.5.9-4
ureadahead 0.100.0-11
initr
** Attachment added: "Console boot selected, password echoes"
https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/876626/+attachment/2602739/+files/plymouth-debug-console-echoed.log
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubunt
** Attachment added: "Graphical boot OK, password hidden with dots"
https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/876626/+attachment/2602740/+files/plymouth-debug-graphical-hidden.log
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
** Attachment added: "Graphical boot messed up, password echoes"
https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/876626/+attachment/2602738/+files/plymouth-debug-graphical-echoed.log
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
I have been testing this in VirtualBox.
If graphical boot is on and working, a box hiding your password with dots
shows. But if graphical boot messes up (which seems to happen frequently) or
graphical boot is disabled, password echoes.
--
You received this bug notification because you are a mem
** Package changed: cryptsetup (Ubuntu) => plymouth (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To manage
FWIW, this issue seems to be with plymouth, as expected, not with
cryptsetup. It shouldn't be too hard to find the root cause with
plymouth tracing enabled.
Cheers,
Alex
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.lau
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To manage not
This also affects the first prompt, and there are further issues - the
"press s to skip mounting or m for manual recovery" message appears on
top of the password prompt. You can get around it with pressing esc
several times, but you end up with the same issue of it echoing the
passphrase.
See http
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: cryptsetup (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
** Changed in: cryptsetup (Ubuntu)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password on console
To
apport information
** Tags added: apport-collected oneiric
** Description changed:
Boot
1.) Enter crypto phrase for /
2.) ... init things...
3.) Enter crypto phrase for /home
On 3rd the password is echoed as such, only after pressing enter it prints
the passwords again with star
Assigning to cryptsetup for now
** Package changed: ubuntu => cryptsetup (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/876626
Title:
Unlocking the second crypto disk (/home) echos password
Please execute the following command, as it will automatically gather debugging
information, in a terminal:
apport-collect 876626
When reporting bugs in the future please use apport by using 'ubuntu-bug' and
the name of the package affected. You can learn more about this functionality
at https:
64 matches
Mail list logo