Bug 182658 - Latest cryptsetup-1.0.3-0.rc1 appears to be broken
Summary: Latest cryptsetup-1.0.3-0.rc1 appears to be broken
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Peter Jones
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: FC5Blocker
TreeView+ depends on / blocked
 
Reported: 2006-02-23 21:33 UTC by David Zeuthen
Modified: 2013-03-06 03:45 UTC (History)
3 users (show)

Fixed In Version: 1.0.3-0.rc2
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-02-27 19:18:53 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description David Zeuthen 2006-02-23 21:33:26 UTC 
# echo <secret> |/sbin/cryptsetup luksOpen /dev/sda1 foo
Failed to setup dm-crypt key mapping.
Check kernel for support for the aes-cbc-plain cipher spec and verify that
/dev/sda1 contains at least 133 sectors.
Failed to read from key storage
Command failed: No key available with this passphrase.

Reverting back to 1.0.1-4.2.1 fixed the problem. Adding Bill as he touched the
package last... Marking this as FC5 blocker...
Comment 1 Clemens Fruhwirth 2006-02-24 17:00:20 UTC 
Check http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/1416

As said, I'm unable to reproduce your problem. Device mapper version?
Comment 2 Clemens Fruhwirth 2006-02-25 19:15:43 UTC 
http://luks.endorphin.org/source/cryptsetup-luks-1.0.3-rc2.tar.bz2 should do it.
Comment 3 bkyoung 2006-02-27 02:00:11 UTC 
The following worked for me:
cryptsetup-luks-1.0.3-0.rc2.bky
kernel-smp-2.6.15-1.1975_FC5

However, should selinux-policy-targeted allow all actions by default (avoiding
restorecon problems)? If not, and the file contexts must be adjusted manually to
some specific context, could you place a note in the man page about it (similar
to httpd_selinux)?

BEGIN LISTING
[root@flood bkyoung]# cd /var/tmp
[root@flood tmp]# dd if=/dev/zero of=/var/tmp/secret bs=1M count=11
11+0 records in
11+0 records out
11534336 bytes (12 MB) copied, 0.200437 seconds, 57.5 MB/s
[root@flood tmp]# losetup -f
/dev/loop0
[root@flood tmp]# losetup /dev/loop0 /var/tmp/secret
/var/tmp/secret: Permission denied
[root@flood tmp]# setenforce permissive
[root@flood tmp]# losetup /dev/loop0 /var/tmp/secret
[root@flood tmp]# modprobe dm-crypt aes des
[root@flood tmp]# cryptsetup -c aes -y create secret /dev/loop0
Enter passphrase: a

Verify passphrase: a

[root@flood tmp]# mke2fs /dev/mapper/secret
mke2fs 1.38 (30-Jun-2005)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
2816 inodes, 11264 blocks
563 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=11534336
2 block groups
8192 blocks per group, 8192 fragments per group
1408 inodes per group
Superblock backups stored on blocks: 
	8193

Writing inode tables: done                            
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 21 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.
[root@flood tmp]# mkdir -p /mnt/secret
[root@flood tmp]# mount /dev/mapper/secret /mnt/secret
[root@flood tmp]# ls /mnt/secret
lost+found
[root@flood tmp]# touch /mnt/secret/test.txt
[root@flood tmp]# ls /mnt/secret
lost+found  test.txt
[root@flood tmp]# umount /mnt/secret
[root@flood tmp]# cryptsetup remove secret
[root@flood tmp]# losetup -d /dev/loop0
[root@flood tmp]# rm secret
rm: remove regular file `secret'? y
[root@flood tmp]# losetup -f
/dev/loop0
[root@flood tmp]# setenforce enforcing
[root@flood tmp]# exit
END LISTING
Comment 4 David Zeuthen 2006-02-27 13:29:22 UTC 
Yay, 1.0.3-rc2 works for me again. Thanks!

Bill, I guess we should put this in FC5?
Comment 5 Bill Nottingham 2006-02-27 19:18:53 UTC 
Building.
Note You need to log in before you can comment on or make changes to this bug.