[pkg-cryptsetup-devel] Bug#551540: cryptsetup fails when EUID != UID
Martin Orr
martin at martinorr.name
Sat Oct 24 21:28:11 UTC 2009
reassign 551540 cryptsetup 2:1.1.0~rc2-1
thanks
It seems that "cryptsetup luksOpen" fails when EUID != UID. In
particular, this happens when it is run by pmount which is suid (I
assume that the reporters above ran pmount as non-root). If cryptsetup
is run directly, then it works, because necessarily you become root
before running cryptsetup; if I become root before running pmount, then
also everything works.
Much stracing reveals the following:
getuid() = 1000
mlock(0x7f573b2c3000, 16384) = 0
geteuid() = 0
setuid(1000) = 0
getuid() = 1000
geteuid() = 1000
It seems that libgcrypt doesn't like EUID != UID, and therefore drops
root privileges, preventing cryptsetup from doing its work later on.
Since cryptsetup links statically to libgcrypt, I have no idea whether
this is due to a change in cryptsetup between 1.0.7-2 and 1.1.0~rc2-1,
or a change in the linked version of libgcrypt.
--
Martin Orr
More information about the pkg-cryptsetup-devel
mailing list