[pkg-cryptsetup-devel] Bug#602501: cryptsetup: /etc/init.d/cryptdisks{, -early} objects to tries=0
Kapil Hari Paranjape
kapil at imsc.res.in
Fri Nov 5 10:51:12 UTC 2010
Package: cryptsetup
Version: 2:1.1.3-3
Severity: wishlist
Hello,
I have a system with LUKS encrypted swap which is sometimes resumed
after hibernation.
Today I got bitten by the default "tries=3" when I mistyped my LUKS
passphrase three times and the system booted corrupting the
filesystem! (Nothing too bad though!)
I then found the "tries=0" possibility in crypttab which would
prevent this from biting me again.
Unfortunately, the startup scripts /etc/init.d/cryptdisks* object to
(issue a warning for) this value of "tries".
I was wondering why this was so and whether it can be a " -ge "
instead of " -gt " in /lib/crypsetup/cryptdisks.functions".
Thanks for all the good work,
Kapil.
-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=/dev/mapper/kone-root64 ro quiet
-- /etc/crypttab
# <tgt name> <src dev> <key file> <options>
home /dev/kone/chome none luks
# We put infinitely many tries for swap since it needs to be set up by initrd.
swap /dev/mapper/kone-cswap none luks,tries=0
-- /etc/fstab
# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
# Virtual file systems
proc /proc proc defaults 0 0
/dev/kone/root64 / ext4 defaults,errors=remount-ro 0 1
/dev/mapper/swap none swap sw 0 0
/dev/mapper/home /home ext4 defaults 0 2
# Control groups
cgroup /var/local/cgroup cgroup defaults 0 0
-- lsmod
Module Size Used by
tun 10844 2
dummy 1584 0
bridge 39646 0
stp 1440 1 bridge
powernow_k8 10978 1
cpufreq_conservative 5162 0
cpufreq_powersave 902 0
cpufreq_stats 2659 0
cpufreq_userspace 1992 0
parport_pc 18855 0
ppdev 5030 0
lp 7462 0
parport 27954 3 parport_pc,ppdev,lp
ipt_REJECT 1953 1
ipt_LOG 4518 5
xt_limit 1782 7
xt_tcpudp 2319 7
ipt_addrtype 1769 4
xt_state 1303 7
fuse 50273 1
ip6table_filter 2384 1
ip6_tables 15075 1 ip6table_filter
nf_nat_irc 1366 0
nf_conntrack_irc 3347 1 nf_nat_irc
nf_nat_ftp 2047 0
nf_nat 13388 2 nf_nat_irc,nf_nat_ftp
nf_conntrack_ipv4 9833 9 nf_nat
nf_defrag_ipv4 1139 1 nf_conntrack_ipv4
nf_conntrack_ftp 5537 1 nf_nat_ftp
nf_conntrack 46535 7 xt_state,nf_nat_irc,nf_conntrack_irc,nf_nat_ftp,nf_nat,nf_conntrack_ipv4,nf_conntrack_ftp
iptable_filter 2258 1
ip_tables 13899 1 iptable_filter
x_tables 12845 8 ipt_REJECT,ipt_LOG,xt_limit,xt_tcpudp,ipt_addrtype,xt_state,ip6_tables,ip_tables
snd_hda_codec_atihdmi 2251 1
snd_hda_codec_conexant 21869 1
snd_hda_intel 19987 0
snd_hda_codec 54244 3 snd_hda_codec_atihdmi,snd_hda_codec_conexant,snd_hda_intel
uvcvideo 51887 0
snd_seq_midi 4400 0
videodev 29993 1 uvcvideo
snd_rawmidi 15515 1 snd_seq_midi
snd_hwdep 5380 1 snd_hda_codec
btusb 9817 0
v4l1_compat 11442 2 uvcvideo,videodev
snd_seq_midi_event 4628 1 snd_seq_midi
snd_pcm_oss 32591 0
snd_mixer_oss 12606 1 snd_pcm_oss
bluetooth 41827 1 btusb
joydev 8459 0
v4l2_compat_ioctl32 8474 1 videodev
snd_pcm 60503 3 snd_hda_intel,snd_hda_codec,snd_pcm_oss
snd_seq 42881 2 snd_seq_midi,snd_seq_midi_event
r8192se_pci 489625 0
cfg80211 101512 1 r8192se_pci
rfkill 13044 2 bluetooth,cfg80211
snd_timer 15582 2 snd_pcm,snd_seq
radeon 573612 2
snd_seq_device 4493 3 snd_seq_midi,snd_rawmidi,snd_seq
led_class 2433 0
ttm 40002 1 radeon
i2c_piix4 8328 0
drm_kms_helper 20065 1 radeon
edac_core 29261 0
drm 142375 4 radeon,ttm,drm_kms_helper
i2c_algo_bit 4225 1 radeon
shpchp 26264 0
edac_mce_amd 6433 0
pci_hotplug 21203 1 shpchp
k8temp 3283 0
i2c_core 15712 6 videodev,radeon,i2c_piix4,drm_kms_helper,drm,i2c_algo_bit
psmouse 49777 0
snd 46446 11 snd_hda_codec_conexant,snd_hda_intel,snd_hda_codec,snd_rawmidi,snd_hwdep,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_seq,snd_timer,snd_seq_device
soundcore 4598 1 snd
video 17445 0
serio_raw 3752 0
wmi 4323 0
evdev 7352 13
output 1692 1 video
snd_page_alloc 6249 2 snd_hda_intel,snd_pcm
nvram 5077 0
battery 4998 0
ac 2192 0
button 4650 0
processor 29951 1 powernow_k8
ext4 289097 4
mbcache 5050 1 ext4
jbd2 67015 1 ext4
crc16 1319 1 ext4
sha256_generic 8692 4
aes_x86_64 7340 7
aes_generic 25714 1 aes_x86_64
cbc 2539 2
dm_crypt 10664 2
dm_mod 53786 34 dm_crypt
sd_mod 29777 2
crc_t10dif 1276 1 sd_mod
usb_storage 39577 0
ahci 32374 1
ohci_hcd 19212 0
libata 133616 1 ahci
thermal 11674 0
r8169 28925 0
mii 3210 1 r8169
thermal_sys 11942 3 video,processor,thermal
ehci_hcd 31135 0
usbcore 121954 6 uvcvideo,btusb,usb_storage,ohci_hcd,ehci_hcd
nls_base 6377 1 usbcore
scsi_mod 122117 3 sd_mod,usb_storage,libata
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages cryptsetup depends on:
ii dmsetup 2:1.02.48-3 The Linux Kernel Device Mapper use
ii libc6 2.11.2-6+squeeze1 Embedded GNU C Library: Shared lib
ii libdevmapper1.02.1 2:1.02.48-3 The Linux Kernel Device Mapper use
ii libpopt0 1.16-1 lib for parsing cmdline parameters
ii libuuid1 2.17.2-3.3 Universally Unique ID library
cryptsetup recommends no packages.
Versions of packages cryptsetup suggests:
ii busybox 1:1.17.1-6 Tiny utilities for small and embed
ii dosfstools 3.0.9-1 utilities for making and checking
ii initramfs-tools [linux-initra 0.98.5 tools for generating an initramfs
ii udev 163-2 /dev/ and hotplug management daemo
-- no debconf information
More information about the pkg-cryptsetup-devel
mailing list