Bug 2271337 - luks password shown in plaintext
Summary: luks password shown in plaintext
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: plymouth
Version: 40
Hardware: Unspecified
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Ray Strode [halfline]
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 2276832 2277518 2278985 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-03-24 23:18 UTC by Pablo Greco
Modified: 2024-05-27 21:43 UTC (History)
8 users (show)

Fixed In Version: plymouth-24.004.60-5.fc40
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2024-05-15 18:55:57 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Pablo Greco 2024-03-24 23:18:28 UTC
Password for unlocking luks2 on boot is shown in plain text instead of asterisk when in text mode.

Reproducible: Always

Steps to Reproduce:
1. Boot to luks2 password prompt
2. If using the graphical mode, press esc to drop to text mode
3. Type in luks password
Actual Results:  
Password is shown on screen while typing

Expected Results:  
Password is shown as asterisks

After pressing enter, a line with the same text as the prompt, but with all the expected asterisk is shown

Comment 1 Pablo Greco 2024-03-31 17:28:37 UTC
Rebuilding the last version from 39 (plymouth-22.02.122-5) makes it work as expected.
Using 23.360.11 changes the font and shows spaces instead of asterisk, but at least it doesn't show the plaintext password

Comment 2 Pablo Greco 2024-03-31 18:50:23 UTC
A bit more info, looks like the space vs asterisk and different font is related to the freetype plugin. If I didn't screw up my bisect, the problem is fully visible after the inclusion of https://gitlab.freedesktop.org/plymouth/plymouth/-/commit/544e62ac41a490f04d8e6b4e85f8b9fa1171b0cc

Tried disabling freetype in the latest build, to make it go back to pango, but that didn't seem to work.

Comment 4 Tad 2024-04-19 13:50:19 UTC
can this please be cherry-picked before f40 ships? thank you

Comment 5 Flo 2024-04-24 10:22:24 UTC
*** Bug 2276832 has been marked as a duplicate of this bug. ***

Comment 6 Flo 2024-04-24 10:32:11 UTC
(In reply to Tad from comment #4)
> can this please be cherry-picked before f40 ships? thank you

For that to happen during Freeze, you would have had to request this bug to be considered a release-blocking bug. https://qa.fedoraproject.org/blockerbugs/propose_bug

Comment 7 Fedora Update System 2024-04-27 00:30:49 UTC
FEDORA-2024-87bcb04540 (plymouth-24.004.60-5.fc40) has been submitted as an update to Fedora 40.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-87bcb04540

Comment 8 Flo 2024-04-27 08:58:12 UTC
just updating the package isn't enough. it requires a manual dracut --force to update initramfs

Comment 9 Fedora Update System 2024-04-28 04:37:50 UTC
FEDORA-2024-87bcb04540 has been pushed to the Fedora 40 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-87bcb04540`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-87bcb04540

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 10 Hans de Goede 2024-05-04 09:39:17 UTC
*** Bug 2278985 has been marked as a duplicate of this bug. ***

Comment 11 Fedora Update System 2024-05-15 18:55:57 UTC
FEDORA-2024-87bcb04540 (plymouth-24.004.60-5.fc40) has been pushed to the Fedora 40 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 12 Pedro Sampaio 2024-05-27 21:43:13 UTC
*** Bug 2277518 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.