[pkg-cryptsetup-devel] Bug#945463: cryptsetup-initramfs: cryptkeyctl initramfs hook fails if /var/tmp is mounted non-executable

[Vlad]

Package: cryptsetup-initramfs
Version: 2:2.1.0-5+deb10u2
Severity: important

Dear Maintainer,

the `cryptkeyctl` hook of cryptsetup-initramfs package is supposed to 
install
/bin/keyctl into initramfs IF decrypt_keyctl cryptsetup script is 
present (and
it's installed by the `cryptroot` hook if decrypt_keyctl keyscript is 
given in
crypttab). Currently the tests checks with -x (that file is present AND
executable).

Problem is that update-initramfs sets up the initramfs tree in /var/tmp 
which,
if mounted without exec, will render the test performed by `cryptkeyctl` 
hook
FALSE, and thus it will not install the needed keyctl, even though it 
should.

Please alter the test to check for -e or -f instead of -x as it is now.
There is really no reason to test if the script is executable, its mere
presence in initramfs is enough of a trigger to install keyctl binary.

Thanks.


-- Package-specific info:

-- System Information:
Debian Release: 10.2
   APT prefers stable-updates
   APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages cryptsetup-initramfs depends on:
ii  busybox                                 1:1.30.1-4
ii  cryptsetup-run                          2:2.1.0-5+deb10u2
ii  initramfs-tools [linux-initramfs-tool]  0.133+deb10u1

Versions of packages cryptsetup-initramfs recommends:
ii  console-setup  1.193~deb10u1
ii  kbd            2.0.4-4

cryptsetup-initramfs suggests no packages.

-- no debconf information


-- 
Vlad