Bug 182658 - Latest cryptsetup-1.0.3-0.rc1 appears to be broken
Latest cryptsetup-1.0.3-0.rc1 appears to be broken
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Jones
:
Depends On:
Blocks: FC5Blocker
  Show dependency treegraph
 
Reported: 2006-02-23 16:33 EST by David Zeuthen
Modified: 2013-03-05 22:45 EST (History)
3 users (show)

See Also:
Fixed In Version: 1.0.3-0.rc2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-27 14:18:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description David Zeuthen 2006-02-23 16:33:26 EST
# echo <secret> |/sbin/cryptsetup luksOpen /dev/sda1 foo
Failed to setup dm-crypt key mapping.
Check kernel for support for the aes-cbc-plain cipher spec and verify that
/dev/sda1 contains at least 133 sectors.
Failed to read from key storage
Command failed: No key available with this passphrase.

Reverting back to 1.0.1-4.2.1 fixed the problem. Adding Bill as he touched the
package last... Marking this as FC5 blocker...
Comment 1 Clemens Fruhwirth 2006-02-24 12:00:20 EST
Check http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/1416

As said, I'm unable to reproduce your problem. Device mapper version?
Comment 2 Clemens Fruhwirth 2006-02-25 14:15:43 EST
http://luks.endorphin.org/source/cryptsetup-luks-1.0.3-rc2.tar.bz2 should do it.
Comment 3 bkyoung 2006-02-26 21:00:11 EST
The following worked for me:
cryptsetup-luks-1.0.3-0.rc2.bky
kernel-smp-2.6.15-1.1975_FC5

However, should selinux-policy-targeted allow all actions by default (avoiding
restorecon problems)? If not, and the file contexts must be adjusted manually to
some specific context, could you place a note in the man page about it (similar
to httpd_selinux)?

BEGIN LISTING
[root@flood bkyoung]# cd /var/tmp
[root@flood tmp]# dd if=/dev/zero of=/var/tmp/secret bs=1M count=11
11+0 records in
11+0 records out
11534336 bytes (12 MB) copied, 0.200437 seconds, 57.5 MB/s
[root@flood tmp]# losetup -f
/dev/loop0
[root@flood tmp]# losetup /dev/loop0 /var/tmp/secret
/var/tmp/secret: Permission denied
[root@flood tmp]# setenforce permissive
[root@flood tmp]# losetup /dev/loop0 /var/tmp/secret
[root@flood tmp]# modprobe dm-crypt aes des
[root@flood tmp]# cryptsetup -c aes -y create secret /dev/loop0
Enter passphrase: a

Verify passphrase: a

[root@flood tmp]# mke2fs /dev/mapper/secret
mke2fs 1.38 (30-Jun-2005)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
2816 inodes, 11264 blocks
563 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=11534336
2 block groups
8192 blocks per group, 8192 fragments per group
1408 inodes per group
Superblock backups stored on blocks: 
	8193

Writing inode tables: done                            
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 21 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.
[root@flood tmp]# mkdir -p /mnt/secret
[root@flood tmp]# mount /dev/mapper/secret /mnt/secret
[root@flood tmp]# ls /mnt/secret
lost+found
[root@flood tmp]# touch /mnt/secret/test.txt
[root@flood tmp]# ls /mnt/secret
lost+found  test.txt
[root@flood tmp]# umount /mnt/secret
[root@flood tmp]# cryptsetup remove secret
[root@flood tmp]# losetup -d /dev/loop0
[root@flood tmp]# rm secret
rm: remove regular file `secret'? y
[root@flood tmp]# losetup -f
/dev/loop0
[root@flood tmp]# setenforce enforcing
[root@flood tmp]# exit
END LISTING
Comment 4 David Zeuthen 2006-02-27 08:29:22 EST
Yay, 1.0.3-rc2 works for me again. Thanks!

Bill, I guess we should put this in FC5? 
Comment 5 Bill Nottingham 2006-02-27 14:18:53 EST
Building.

Note You need to log in before you can comment on or make changes to this bug.