** Description changed: When libcryptsetup tries to activate a signed dm-verity volume, and the key is not in the kernel keyring, libdevicemapper does not return the appropriate ENOKEY, so the failure cannot be distinguished from other generic issues. + + This is a problem when software like systemd via libcryptsetup try to + open a volume, and get an unrecognizable error out of it. With the fix + in libdm and libcryptsetup, there is a clear ENOKEY returned when a key + is missing and activation fails for that reason. This allows systemd + (and other applications) to make the right decision depending on the + failure case. Without this, the same generic error is returned in any + case. + + For more details, see: + + https://gitlab.com/cryptsetup/cryptsetup/-/issues/841 + + libcryptsetup 2.7.0, now available in debian stable, and systemd v255, + shipped in Noble, make use of this error code. This is fixed in the lvm2 version 2.03.23 upstream release. Please consider backporting this patch for Noble. Upstream PR: https://gitlab.com/lvmteam/lvm2/-/merge_requests/3 Upstream commit: 25ef7a7b1a876f491bd361369423d7309358f6c1
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054620 Title: libdm returns wrong error code when dm-verity key cannot be found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/2054620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs