Bug 182658 - Latest cryptsetup-1.0.3-0.rc1 appears to be broken
Summary: Latest cryptsetup-1.0.3-0.rc1 appears to be broken
Alias: None
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Peter Jones
QA Contact:
Depends On:
Blocks: FC5Blocker
TreeView+ depends on / blocked
Reported: 2006-02-23 21:33 UTC by David Zeuthen
Modified: 2013-03-06 03:45 UTC (History)
3 users (show)

Fixed In Version: 1.0.3-0.rc2
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2006-02-27 19:18:53 UTC
Type: ---

Attachments (Terms of Use)

Description David Zeuthen 2006-02-23 21:33:26 UTC
# echo <secret> |/sbin/cryptsetup luksOpen /dev/sda1 foo
Failed to setup dm-crypt key mapping.
Check kernel for support for the aes-cbc-plain cipher spec and verify that
/dev/sda1 contains at least 133 sectors.
Failed to read from key storage
Command failed: No key available with this passphrase.

Reverting back to 1.0.1-4.2.1 fixed the problem. Adding Bill as he touched the
package last... Marking this as FC5 blocker...

Comment 1 Clemens Fruhwirth 2006-02-24 17:00:20 UTC
Check http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/1416

As said, I'm unable to reproduce your problem. Device mapper version?

Comment 2 Clemens Fruhwirth 2006-02-25 19:15:43 UTC
http://luks.endorphin.org/source/cryptsetup-luks-1.0.3-rc2.tar.bz2 should do it.

Comment 3 bkyoung 2006-02-27 02:00:11 UTC
The following worked for me:

However, should selinux-policy-targeted allow all actions by default (avoiding
restorecon problems)? If not, and the file contexts must be adjusted manually to
some specific context, could you place a note in the man page about it (similar
to httpd_selinux)?

[root@flood bkyoung]# cd /var/tmp
[root@flood tmp]# dd if=/dev/zero of=/var/tmp/secret bs=1M count=11
11+0 records in
11+0 records out
11534336 bytes (12 MB) copied, 0.200437 seconds, 57.5 MB/s
[root@flood tmp]# losetup -f
[root@flood tmp]# losetup /dev/loop0 /var/tmp/secret
/var/tmp/secret: Permission denied
[root@flood tmp]# setenforce permissive
[root@flood tmp]# losetup /dev/loop0 /var/tmp/secret
[root@flood tmp]# modprobe dm-crypt aes des
[root@flood tmp]# cryptsetup -c aes -y create secret /dev/loop0
Enter passphrase: a

Verify passphrase: a

[root@flood tmp]# mke2fs /dev/mapper/secret
mke2fs 1.38 (30-Jun-2005)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
2816 inodes, 11264 blocks
563 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=11534336
2 block groups
8192 blocks per group, 8192 fragments per group
1408 inodes per group
Superblock backups stored on blocks: 

Writing inode tables: done                            
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 21 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.
[root@flood tmp]# mkdir -p /mnt/secret
[root@flood tmp]# mount /dev/mapper/secret /mnt/secret
[root@flood tmp]# ls /mnt/secret
[root@flood tmp]# touch /mnt/secret/test.txt
[root@flood tmp]# ls /mnt/secret
lost+found  test.txt
[root@flood tmp]# umount /mnt/secret
[root@flood tmp]# cryptsetup remove secret
[root@flood tmp]# losetup -d /dev/loop0
[root@flood tmp]# rm secret
rm: remove regular file `secret'? y
[root@flood tmp]# losetup -f
[root@flood tmp]# setenforce enforcing
[root@flood tmp]# exit

Comment 4 David Zeuthen 2006-02-27 13:29:22 UTC
Yay, 1.0.3-rc2 works for me again. Thanks!

Bill, I guess we should put this in FC5? 

Comment 5 Bill Nottingham 2006-02-27 19:18:53 UTC

Note You need to log in before you can comment on or make changes to this bug.