[pkg-cryptsetup-devel] Bug#850756: cryptsetup: Please save password to kernel keyring
Laurent Bigonville
bigon at debian.org
Mon Jan 9 22:58:11 UTC 2017
Package: cryptsetup
Version: 2:1.7.3-3
Severity: wishlist
Hi,
Since gdm 3.22, there is a new pam module that unlock the gnome-keyring
using the keyring using the password of the luks partition.
The idea is that on a single user laptop, the user uses the same
password for his encrypted root and user in addition to autologin.
Tje pam module read the kernel keyring to find that password with the
followin code:
serial = find_key_by_type_and_desc ("user", "cryptsetup", 0);
if (serial == 0)
return PAM_AUTHINFO_UNAVAIL;
r = keyctl_read_alloc (serial, &cached_password);
So it would be nice if cryptsetup could store that password in the
keyring after opening successfully the main luks partition.
Regards,
Laurent Bigonville
-- Package-specific info:
-- System Information:
Debian Release: stretch/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages cryptsetup depends on:
ii cryptsetup-bin 2:1.7.3-3
ii debconf [debconf-2.0] 1.5.59
ii dmsetup 2:1.02.137-1
ii libc6 2.24-8
Versions of packages cryptsetup recommends:
ii busybox 1:1.22.0-19+b1
ii console-setup 1.156
ii initramfs-tools [linux-initramfs-tool] 0.126
ii kbd 2.0.3-2
Versions of packages cryptsetup suggests:
ii dosfstools 4.0-2
ii keyutils 1.5.9-9
ii liblocale-gettext-perl 1.07-3+b1
-- debconf information excluded
More information about the pkg-cryptsetup-devel
mailing list