[pkg-cryptsetup-devel] Bug#619249: cryptsetup: --key-size used instead of --keyfile-size
Martin Kourim
martin.kourim at gmail.com
Tue Mar 22 13:37:39 UTC 2011
Package: cryptsetup
Version: 2:1.2.0-2
Severity: important
Tags: patch
Hello,
I have part of my /home on an encrypted partition and I'm entering the passphrase during boot.
After upgading to version 2:1.2.0-2 I'm not able to open the encrypted partition. Instead of the passphrase prompt, something like the f
ollowing is printed out:
Enter passphrase: Usage: cryptsetup [-?vyrq] [-?|--help] [--usage] [--version] [-v|--verbose] [--debug] [-c|--cipher=STRING]
[-h|--hash=STRING] [-y|--verify-passphrase] [-d|--key-file=STRING] [--master-key-file=STRING]
[--dump-master-key] [-s|--key-size=BITS] [-l|--keyfile-size=bytes] [--new-keyfile-size=bytes]
[-S|--key-slot=INT] [-b|--size=SECTORS] [-o|--offset=SECTORS] [-p|--skip=SECTORS] [-r|--readonly]
[-i|--iter-time=msecs] [-q|--batch-mode] [-t|--timeout=secs] [-T|--tries=INT] [--align-payload=SECTORS]
[--header-backup-file=STRING] [--use-random] [--use-urandom] [--uuid=STRING]
[OPTION...] <action> <action-specific>]
cryptsetup: Option --key-size is allowed only for luksFormat and create.
To limit read from keyfile use --keyfile-size=(bytes).
(the output above is from cryptdisks_start which has the same problem)
As a result the partition is not mapped, mounted, I'm left with part of my /home missing and cannot login properly.
According to the crypsetup man page, the --key-size option (or -s) can be used only for "create" and "luksFormat" (i.e. not luksOpen). For luksOpen, the --keyfile-size (or -d) should be used instead.
In the /lib/cryptsetup/cryptdisks.functions in the parse_opts function (the one that parses the /etc/crypttab), the -s is used for "size" instead of -d. After changing this everything works again.
Thanks,
Martin Kourim
-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-2.6.36-ck2-2-686 root=UUID=955a5cb1-6a25-42a8-a6ea-2e5195ebf1a6 ro clocksource=hpet quiet
-- /etc/crypttab
# <target name> <source device> <key file> <options>
data /dev/sda8 none luks,checkargs=ext3,crypt=aes-cbc-essiv:sha256,size=128
-- /etc/fstab
# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/sda1 / ext3 noatime,errors=remount-ro 0 1
/dev/sda7 /home ext3 noatime,data=writeback,commit=360 0 2
/dev/sda5 /usr ext3 noatime,data=writeback,commit=360 0 2
/dev/sda6 /var ext3 noatime,data=writeback,commit=360 0 2
/dev/sda9 none swap sw 0 0
/dev/cdrom /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/mapper/data /mnt/data ext3 noatime,data=writeback,commit=360 0 2
/usr/local/opt /opt none bind 0 0
-- lsmod
Module Size Used by
ext2 52731 0
sha256_generic 9913 2
aes_i586 6836 3
aes_generic 25854 1 aes_i586
cbc 1959 1
mperf 827 0
cpufreq_stats 1801 0
cpufreq_ondemand 6162 0
freq_table 1815 2 cpufreq_stats,cpufreq_ondemand
cpufreq_conservative 6732 0
cpufreq_powersave 602 0
cpufreq_userspace 1248 0
i915 250552 3
drm_kms_helper 23735 1 i915
drm 128817 3 i915,drm_kms_helper
i2c_algo_bit 3919 1 i915
i2c_core 13628 4 i915,drm_kms_helper,drm,i2c_algo_bit
video 15742 1 i915
output 1136 1 video
ipv6 215353 16
uinput 5344 1
xt_DSCP 1407 4
iptable_mangle 916 1
ipt_MASQUERADE 1094 1
iptable_nat 2895 1
nf_nat 11319 2 ipt_MASQUERADE,iptable_nat
iptable_raw 715 0
ipt_REJECT 1757 1
xt_tcpudp 1611 15
ipt_LOG 4335 1
xt_limit 1080 2
xt_pkttype 671 2
nf_conntrack_ipv4 8043 5 iptable_nat,nf_nat
nf_defrag_ipv4 783 1 nf_conntrack_ipv4
xt_state 827 2
nf_conntrack 40115 5 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state
iptable_filter 820 1
ip_tables 8453 4 iptable_mangle,iptable_nat,iptable_raw,iptable_filter
x_tables 9782 13 xt_DSCP,iptable_mangle,ipt_MASQUERADE,iptable_nat,iptable_raw,ipt_REJECT,xt_tcpudp,ipt_LOG,xt_limit,xt_pkttype,xt_state,iptable_filter,ip_tables
fuse 51639 1
sbp2 16707 0
loop 10203 0
dm_crypt 9443 1
dm_mod 49212 3 dm_crypt
snd_hda_codec_analog 48470 1
snd_hda_intel 17613 2
snd_hda_codec 56249 2 snd_hda_codec_analog,snd_hda_intel
snd_hwdep 4226 1 snd_hda_codec
snd_pcm_oss 30301 0
snd_mixer_oss 11279 1 snd_pcm_oss
snd_pcm 53270 3 snd_hda_intel,snd_hda_codec,snd_pcm_oss
snd_seq_dummy 927 0
snd_seq_oss 21140 0
snd_seq_midi 3528 0
pcmcia 27779 0
snd_rawmidi 14088 1 snd_seq_midi
arc4 982 2
ecb 1405 2
b43 146473 0
mac80211 140859 1 b43
snd_seq_midi_event 4056 2 snd_seq_oss,snd_seq_midi
cfg80211 114197 2 b43,mac80211
rfkill 11480 1 cfg80211
snd_seq 34978 6 snd_seq_dummy,snd_seq_oss,snd_seq_midi,snd_seq_midi_event
snd_timer 14430 2 snd_pcm,snd_seq
snd_seq_device 3853 5 snd_seq_dummy,snd_seq_oss,snd_seq_midi,snd_rawmidi,snd_seq
led_class 1627 1 b43
snd 36969 16 snd_hda_codec_analog,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_seq_oss,snd_rawmidi,snd_seq,snd_timer,snd_seq_device
soundcore 4239 1 snd
psmouse 29205 0
rtc_cmos 7454 0
yenta_socket 17746 0
pcmcia_rsrc 8064 1 yenta_socket
pcmcia_core 9013 3 pcmcia,yenta_socket,pcmcia_rsrc
rtc_core 9681 1 rtc_cmos
shpchp 20811 0
wmi 6479 0
snd_page_alloc 5093 2 snd_hda_intel,snd_pcm
serio_raw 3128 0
evdev 6301 18
intel_agp 22452 2 i915
pci_hotplug 19582 1 shpchp
ac 2243 0
agpgart 20172 2 drm,intel_agp
rtc_lib 1469 1 rtc_core
container 1857 0
button 3626 1 i915
battery 7540 0
processor 23928 1
ext3 105241 5
jbd 35290 1 ext3
mbcache 4030 2 ext2,ext3
ide_cd_mod 22604 0
sd_mod 24522 7
cdrom 28259 1 ide_cd_mod
ata_generic 2191 0
usbhid 21435 0
pata_acpi 2028 0
ata_piix 17836 0
ide_pci_generic 1996 0
ahci 17401 6
libahci 14739 1 ahci
ohci_hcd 20077 0
ohci1394 23871 0
libata 133195 5 ata_generic,pata_acpi,ata_piix,ahci,libahci
ieee1394 57604 2 sbp2,ohci1394
b44 20570 0
fan 2394 0
uhci_hcd 18120 0
scsi_mod 116457 3 sbp2,sd_mod,libata
piix 3912 0
mii 2918 1 b44
ehci_hcd 31016 0
ide_core 71087 3 ide_cd_mod,ide_pci_generic,piix
ssb 25935 3 b43,ohci_hcd,b44
usbcore 107866 5 usbhid,ohci_hcd,uhci_hcd,ehci_hcd
thermal 10207 0
thermal_sys 10458 4 video,processor,fan,thermal
-- System Information:
Debian Release: wheezy/sid
APT prefers testing-proposed-updates
APT policy: (990, 'testing-proposed-updates'), (990, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.36-ck2-2-686 (PREEMPT)
Locale: LANG=cs_CZ, LC_CTYPE=cs_CZ (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)
Shell: /bin/sh linked to /bin/dash
Versions of packages cryptsetup depends on:
ii dmsetup 2:1.02.63-2 The Linux Kernel Device Mapper use
ii libc6 2.11.2-11 Embedded GNU C Library: Shared lib
ii libcryptsetup1 2:1.2.0-2 libcryptsetup shared library
ii libpopt0 1.16-1 lib for parsing cmdline parameters
cryptsetup recommends no packages.
Versions of packages cryptsetup suggests:
ii busybox 1:1.17.1-10 Tiny utilities for small and embed
ii dosfstools 3.0.9-1 utilities for making and checking
ii initramfs-tools [linux-initr 0.98.8 tools for generating an initramfs
ii udev 166-1 /dev/ and hotplug management daemo
-- no debconf information
-------------- next part --------------
--- cryptdisks.functions.orig 2011-03-08 02:32:11.000000000 +0100
+++ cryptdisks.functions 2011-03-21 02:29:04.000000000 +0100
@@ -60,7 +60,7 @@ parse_opts () {
;;
size)
if [ -z "$VALUE" ] || echo "$VALUE" | grep -q "^[[:digit:]]\+$" && [ "$VALUE" -gt 0 ]; then
- PARAMS="$PARAMS -s $VALUE"
+ PARAMS="$PARAMS -d $VALUE"
else
log_warning_msg "$dst: option size used with an incorrect argument, skipping"
return 1
More information about the pkg-cryptsetup-devel
mailing list