[pkg-cryptsetup-devel] Bug#939357: cryptsetup-run: invoking "sudo cryptdisks_start" with "decrypt_keyctl" in crypttab fails
Guilhem Moulin
guilhem at debian.org
Thu Sep 5 01:36:35 BST 2019
Control: reassign -1 sudo 1.8.27-1
Control: affects -1 cryptsetup
Control: merge -1 906752
On Thu, 05 Sep 2019 at 02:03:34 +0200, Guilhem Moulin wrote:
> Perhaps keyctl(1) could provide a wrapper using thread-keyring(7) as
> temporary keyring, like the attached PoC.
Of course I forgot the attachment :-P That said I'm not sure that
using a temporary keyring and changing ownership is the way to go, it
adds complexity and not having a reachable user-keyring(7) might cause
other problems.
I was about to reassign that to sudo but noticed there is already a bug
open: https://bugs.debian.org/906752
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: add_key.c
Type: text/x-csrc
Size: 751 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20190905/b5df1b7d/attachment.c>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20190905/b5df1b7d/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list