Bug 441494
Summary: | passwd_file does not work for key=passphrase | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Jan Tluka <jtluka> |
Component: | ecryptfs-utils | Assignee: | Karsten Hopp <karsten> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 5.2 | CC: | mhalcrow, mnowak |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-01-20 21:59:57 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jan Tluka
2008-04-08 13:36:53 UTC
There is also difference between content of password files. In case of passfile the content has to be: #cat .my_password secret_password # In case of passwd_file the content has to be: # cat .my_password passwd=secret_password # Please ignore my comment #1. The password file in both cases has to be: # cat .my_password passwd=secret_password # Looks like a simple fix. Proposing for RHEL-5.3 and granting Devel ACK. Read ya, Phil Proposing bug for RHEL-5.3 FasTrack. Read ya, Phil Upstream answer: passfile and passwd_file are two separate and distinct parameters that apply to two different key modules (passphrase and openssl, respectively). There is an obvious namespace problem with the key modules that I would like to fix for RHEL 5.3. My original approach was to qualify module parameters by evaluating them in module parameter list context. Given that parameters can be given in any order in a configuration file, that does not work out very well. It would probably make more sense to explicitly indicate which key modules which parameters apply to by prefixing the parameter with the key module alias (i.e., "openssl_passwd_file" and "passphrase_passwd_file"). Any objections to making this change for RHEL 5.3? approved comp, clearing fast flag Version 56 has upstream fixes for the namespace problems. The testcase in the description now needs to be written as: mount -t ecryptfs .secret .secret -o key=passphrase:passphrase_passwd_file=/root/.my_password,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,verbosity=0 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0203.html |