Description of problem: pmount is not able to mount a partition encrypted by LUKS. It fails before it asks for a password with following message. "Internal error: cryptsetup luksOpen failed" Version-Release number of selected component (if applicable): pmount.0.9.20-1.fc12.x86_64 cryptsetup-luks-1.1.0-0.4.fc12.x86_64 How reproducible: Always. Steps to Reproduce: 1. Plug in a removable device foo_dev with LUKS encrypted partition 2. Execute pmount /dev/foo_dev Actual results: pmount fails with an error message. Expected results: pount asks for password key and, if successfully unlocked, the partition is mounted in /media/foo directory Additional info: This is related to libgcrypt and libcap libraries, precisely holding of UID and EID. See explanation at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552273. Workaround already exists in pmount Git repository and binary compiled from there works just fine.
Could you please execute pmount with option -d to enable debug messages? I have an idea what's going on, but I need some more information.
As I said, I'm convinced this is the same error as the one found in Debian. Anyway, there's the output of pmount -d /dev/sdb2. resolved /dev/sdb2 to device /dev/sdb2 Checking for device '/dev/sdb2' in '/etc/fstab' -> not found mount point to be used: /media/sdb2 no iocharset given, current locale encoding is UTF-8 locale encoding uses UTF-8, setting iocharset to 'utf8' locale encoding uses UTF-8: will mount FAT with utf8 optionCleaning lock directory /var/lock/pmount_dev_sdb2 Checking for device '/dev/sdb2' in '/etc/mtab' -> not found Checking for device '/dev/sdb2' in '/proc/mounts' -> not found device_whitelist: checking /etc/pmount.allow... device_whitlisted(): nothing matched, returning 0 find_sysfs_device: looking for sysfs directory for device 8:18 found block subsystem at: /sys/class/block find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram0 (1:0) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram1 (1:1) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram2 (1:2) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram3 (1:3) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram4 (1:4) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram5 (1:5) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram6 (1:6) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram7 (1:7) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram8 (1:8) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram9 (1:9) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram10 (1:10) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram11 (1:11) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram12 (1:12) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram13 (1:13) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram14 (1:14) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/ram15 (1:15) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop0 (7:0) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop1 (7:1) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop2 (7:2) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop3 (7:3) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop4 (7:4) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop5 (7:5) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop6 (7:6) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/loop7 (7:7) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/sda (8:0) find_sysfs_device: major device numbers match find_sysfs_device: minor device numbers do not match, checking partitions... find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:0 find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:1 find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:2 find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/sda1 (8:1) find_sysfs_device: major device numbers match find_sysfs_device: minor device numbers do not match, checking partitions... find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:1 find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:0 find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/sda2 (8:2) find_sysfs_device: major device numbers match find_sysfs_device: minor device numbers do not match, checking partitions... find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:2 find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:0 find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/sr0 (11:0) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-0 (253:0) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-1 (253:1) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-2 (253:2) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-3 (253:3) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-4 (253:4) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-5 (253:5) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-6 (253:6) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-7 (253:7) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/dm-8 (253:8) find_sysfs_device: checking whether /dev/sdb2 is on /sys/class/block/sdb (8:16) find_sysfs_device: major device numbers match find_sysfs_device: minor device numbers do not match, checking partitions... find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:16 find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:17 find_sysfs_device: checking whether device /dev/sdb2 matches partition 8:18 find_sysfs_device: -> partition matches, belongs to block device /sys/class/block/sdb device_removable: corresponding block device for /dev/sdb2 is /sys/class/block/sdb is_blockdev_attr_true: value of /sys/class/block/sdb/removable == 0 can't open bus/devicedir: /sys/bus/ieee1394/devices can't open bus/devicedir: /sys/bus/ieee1394/devices can't open bus/devicedir: /sys/bus/ieee1394/devices can't open bus/devicedir: /sys/bus/ieee1394/devices can't open bus/devicedir: /sys/bus/ieee1394/devices Found bus usb for device /sys/devices/pci0000:00/0000:00:1a.7/usb1/1-1/1-1:1.0 Found that device /sys/class/block/sdb belong to whitelisted bus usb policy check passed spawnv(): executing /sbin/cryptsetup '/sbin/cryptsetup' 'isLuks' '/dev/sdb2' spawn(): /sbin/cryptsetup terminated with status 0 spawnv(): executing /sbin/cryptsetup '/sbin/cryptsetup' 'luksOpen' '/dev/sdb2' '_dev_sdb2' spawn(): /sbin/cryptsetup terminated with status 234
You were most likely right, but then I don't understand why this bug is opened for pmount, it should have been opened either for libgcrypt or cryptsetup. I'm reassigning it to the latter one, since it is closer to pmount.
I think I already explained it there. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552273#73 [And pmount is not clever idea how to run code designed to run root only by user btw.] We tried to fix source of problem - libgcrypt, but it is not possible seems (see https://bugs.g10code.com/gnupg/issue1181 ) You can only fix pmount the same way like in Debian (set EUID/UID to 0).
Ok, thanks for the tip, I'll give it a shot.
So pmount is rebased to 0.9.22 - it should handle the whole situation, please test and confirm. Updates will be issued in a few minutes.
pmount-0.9.22-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/pmount-0.9.22-1.fc13
pmount-0.9.22-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/pmount-0.9.22-1.fc12
pmount-0.9.22-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update pmount'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pmount-0.9.22-1.fc13
pmount-0.9.22-1.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update pmount'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/pmount-0.9.22-1.fc12
pmount-0.9.22-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
pmount-0.9.22-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.