[pkg-cryptsetup-devel] Bug#551540: cryptsetup fails when EUID != UID

Martin Orr martin at martinorr.name
Sat Oct 24 21:28:11 UTC 2009


reassign 551540 cryptsetup 2:1.1.0~rc2-1
thanks

It seems that "cryptsetup luksOpen" fails when EUID != UID.  In 
particular, this happens when it is run by pmount which is suid (I 
assume that the reporters above ran pmount as non-root).  If cryptsetup 
is run directly, then it works, because necessarily you become root 
before running cryptsetup; if I become root before running pmount, then 
also everything works.

Much stracing reveals the following:
getuid()                                = 1000
mlock(0x7f573b2c3000, 16384)            = 0
geteuid()                               = 0
setuid(1000)                            = 0
getuid()                                = 1000
geteuid()                               = 1000

It seems that libgcrypt doesn't like EUID != UID, and therefore drops 
root privileges, preventing cryptsetup from doing its work later on.

Since cryptsetup links statically to libgcrypt, I have no idea whether 
this is due to a change in cryptsetup between 1.0.7-2 and 1.1.0~rc2-1, 
or a change in the linked version of libgcrypt.

-- 
Martin Orr




More information about the pkg-cryptsetup-devel mailing list