[Pkg-cryptsetup-devel] Bug#460409: [dm-crypt] Re: [tobi at coldtobi.de: Bug#460409: cryptsetup: Cannot add Key to LUKS partition]

Jonas Meurer jonas at freesources.org
Mon Jan 21 18:17:36 UTC 2008


On 21/01/2008 Clemens Fruhwirth wrote:
> Jonas Meurer wrote:
> 
> > We got a bugreport against cryptsetup 1.0.6~pre1-1 (which is identical
> > to the current svn repository) which claims that luksAddKey does not
> > work on active LUKS devices anymore. The submitter added later, that it
> > still worked with cryptsetup 1.0.5-1, so this bug must have been
> > introduced after that release.
> 
> Most likely this behaviour is part of the new 'sanity' checking I
> introduced before certain operations. The most visible change is that
> luksOpen for instance fails early -- that is -- fails before asking
> for a password, instead of complaining about an unaccessible device
> later.
> 
> [...]
> 
> My main intention was to prevent multiple luksOpen'd devices, as this
> (in my opinion) is usually not neccessary and most likely an
> error. But using luksAddKey on an opened partition seems reasonable.

so do you plan to fix this in future releases?

> For the moment, one can either close the partition before using
> luksAddKey or use losetup redirect /dev/loop/X to the original device,
> so that /dev/loop/X can be accessed with O_EXCL.

The former (close the partition) is not an option if the partition in
question keeps the root filesystem. The latter indeed is ;-)

greetings,
 jonas





More information about the Pkg-cryptsetup-devel mailing list