Bug 120487 - add cryptsetup to distribution
add cryptsetup to distribution
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: distribution (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
:
Depends On: 120488
Blocks:
  Show dependency treegraph
 
Reported: 2004-04-09 06:51 EDT by James Ralston
Modified: 2014-03-16 22:44 EDT (History)
9 users (show)

See Also:
Fixed In Version: 0.1-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-16 03:30:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description James Ralston 2004-04-09 06:51:46 EDT
As of kernel 2.6.4, the cryptoloop interface has been deprecated in
favor of using dm-crypt:

http://www.andrew.cmu.edu/user/qralston/dev/
http://www.saout.de/misc/dm-crypt/

From playing with FC2 test2, the only missing piece is Christophe's
cryptsetup program.  Please consider adding cryptsetup to FC2.

(In the meantime, I will maintain the necessary RPMs myself, as I
absolutely must have encrypted filesystem support.)
Comment 1 Chen Nan 2004-04-10 01:20:14 EDT
I would really like to have encrypted file system support in Fedora
Core. It has always been on my wishlist for RedHat Linux. It is a
important feature, especially for Notebook users. Mandarake Linux has
this feature for years.

After reading the emails at http://kerneltrap.org/node/view/2433, it
seems the "cryptsetup" script was created as a temporary tool to fill
the gap until a proper tool is created to setup encrypted file system.
Furthermore, FC2 is already at its final phase of development. I can
understand if the Fedora developers choose not to include it in FC2
release. 

However, I would really appreciate if the "cryptsetup" script can be
added into the official apt/yum depository as a developement package,
and later possibly in the next release of Fedora Core.
Comment 2 Alessandro Polverini 2004-04-10 08:48:55 EDT
I also would like encrypted file system, it's one of the things I miss
most.

It would be great to find it on next test release.
Comment 3 Brian G. Anderson 2004-04-10 09:15:07 EDT
I really hope some semi-formal support for encrypted filesystems goes
into FC2.  In today's world of increased security, how can fedora
*not* have had this for so very long?  Waiting again until FC3 would
be frustrating to say the least.
Comment 4 Phil Schaffner 2004-04-11 13:55:04 EDT
I very strongly encourage you to add encrypted filesystem support to
Fedora Core 2.
Comment 5 James Ralston 2004-04-12 05:14:09 EDT
In response to Chen Nan in comment 1, please note that the
cryptsetup-0.1 is NOT a script; it is a compiled C program.  (It
replaced the old cryptsetup.sh shell script.)  You can check this by
pulling my RPMs.

The cryptsetup package is not a temporary solution; it's the preferred
solution.

(And unlike the cryptoloop interface in FC2 test2, it actually works. ;)
Comment 6 Chen Nan 2004-04-12 10:09:29 EDT
In response to James Ralston in Comment #5:

Thanks for the info. I did't know that you have created a proper tool
with the same name as the script created by Christophe Saout.

I really hope that it will make it into FC2. :)
Comment 7 James Ralston 2004-04-12 10:19:01 EDT
I didn't; Christophe Saout created both the shell script and then the
C program which replaced it.  (I just packaged the latter.)
Comment 8 Bill Nottingham 2004-04-13 00:24:03 EDT
The problem is pulling in new libgcrypt at this point, which changes
the ABI....
Comment 9 Kaj J. Niemi 2004-04-13 04:36:56 EDT
Is libgcrypt being used by something special (so that it would matter
that the ABI changed between FC2t2 and FC2t3 or FC2 FCS)?
Comment 10 James Ralston 2004-04-13 08:19:32 EDT
Actually, I checked that first, and as far as I can tell, libgcrypt
isn't being used by *anything*: cryptsetup is that first package that
depends on it.

(Caveat: I haven't finished applying all of the updates I just pulled
down.  It's possible that some new package now requires libgcrypt.)
Comment 11 Julio Sanchez Fernandez 2004-04-13 09:45:38 EDT
It is important for me to have easy setup of encrypted disks.  On FC1,
it even needs a kernel patch.

It seems now just a tool would be enough, but it would be great if it
was just there from the beginning.
Comment 12 W. Michael Petullo 2004-04-14 18:56:38 EDT
Given that I entered "Losetup and util-linux are not crypto aware
(#56698)" into Red Hat's bugzilla late in 2001, I am also very
interested in seeing this resolved in Fedora!  I would like to see Red
Hat adopt the standard that emerges from cryptoloop and dm_crypt.
Comment 13 Bill Nottingham 2004-04-16 03:30:16 EDT
Added.
Comment 14 Chen Nan 2004-04-16 12:51:39 EDT
Just tried it with the following rpms from rawhide.

cryptsetup-0.1-1.i386.rpm    
libgcrypt-1.1.94-1.i386.rpm  
libgpg-error-0.7-1.i386.rpm
libgpg-error-devel-0.7-1.i386.rpm

It worked. Thanks.
Comment 15 James Ralston 2004-04-20 01:40:50 EDT
Excellent!  Finally, cryptographic filesystem support out-of-the-box.
 Thanks much.

I'll bang on this thoroughly in test3.
Comment 16 Michael Althoff 2004-10-28 19:15:38 EDT
Dear all.
Since few time I use cryptosetup in FC2 final. 
libgpg-error-0.7-1
libgcrypt-1.2.0-1
cryptsetup-0.1-1
kernel 2.6.8-1.521
At first it look's working well. But I have much more trouble with
ziped and rar files on the encrypted partition. Many crc-errors make
it impossible to decrompressed the files.
The same files on the non-crypted partition works well.
Any ideas whats happen ?

Note You need to log in before you can comment on or make changes to this bug.